September 2014 archive

Yesterday I wrote a piece about “The Importance of The ‘Known’ Publishing Platform And The Rise Of The Indie Web” – at the end I

Yesterday I wrote a piece about "The Importance of The 'Known' Publishing Platform And The Rise Of The Indie Web" - at the end I also had a brief commentary on the difference between Known and Ello - http://www.disruptiveconversations.com/2014/09/the-importance-of-the-known-publishing-platform-and-the-rise-of-the-indie-web.html

3 Quick Tips About Getting Started With Ello

Ello smileAs I've started playing with Ello, the new social network that many early adopters are experimenting with (and you can find me at https://ello.co/danyork), I've learned a few things that I thought I'd share in case they can help others who are getting started:

1. ELLO SUPPORTS MARKDOWN FOR TEXT FORMATTING

Ello allows you to do some formatting to your text using a subset of John Gruber's Markdown syntax. It's not the full Markdown syntax, but a good bit of it. You can read more at:

https://ello.co/wtf/post/using-ello-markdown-to-format-text

You can see some of my Markdown experiments in an Ello post.

2. ELLO SUPPORTS A WIDE RANGE OF EMOJI

You can use a wide range of emoji in your Ello posts. You may want to bookmark:

http://www.emoji-cheat-sheet.com/

To use an emoji you just type the text in your Ello post, for example ":smile:" will give you a smile. I've seen many different emoji being used in posts.

3. GIVING A "BREAD" EMOJI IS A "LIKE" OR "+1"

C.C. Chapman clued me in that while Ello doesn't have a "Like" or a "+1" (yet, anyway), apparently the convention has developed that people will leave you a "bread" emoji in a reply to say they like this. So if you suddenly see comments with bread emoticons, that's what is going on. To leave one yourself, just type ":bread:" in the comments.

(And I'd love it if someone on Ello could explain how that convention came about...)
UPDATE 28 Sep 2014: @brdr on Ello says the 'bread' emoji usage originated with German Ello users and spread throughout the network.

Those are just a few of the things I've discovered in my playing around with the site. If there are other tips you've learned, please feel free to leave them here as comments... or leave them in response to the link to this post on Ello.


If you found this post interesting or useful, please consider either:


The Importance of The ‘Known’ Publishing Platform And The Rise Of The Indie Web

Known logoHow do we retain control of our content? How can we make sure what we write and create online remains online? How do we make it so that we can post our content in one place and distribute it out to social networks? And the bring the conversations that happen out on social networks back into your own site?

In a time when Facebook, Google, Apple and others seem to be intent on owning and controlling all our data and content, how do we regain control over our presence online? How do we stop being the product?

These are questions of focus for the "IndieWeb" movement that are perhaps best stated by this text on the top of indiewebcamp.com:

Your content is yours
When you post something on the web, it should belong to you, not a corporation. Too many companies have gone out of business and lost all of their users’ data. By joining the IndieWeb, your content stays yours and in your control.

You are better connected
Your articles and status messages can go to all services, not just one, allowing you to engage with everyone. Even replies and likes on other services can come back to your site so they’re all in one place.

You are in control
You can post anything you want, in any format you want, with no one monitoring you. In addition, you share simple readable links such as example.com/ideas. These links are permanent and will always work.

As well as in greater detail on the IndieWeb principles page. A key point is what is called "POSSE":

POSSE = Publish (on your) Own Site, Syndicate Elsewhere

The idea being, again, that you own your own content and then share it out to the other services where people can engage with that content.

Another way to think of this is that the IndieWeb is distributed and decentralized ... kind of like the "Web" used to be before people increasingly started using centralized platforms such as Facebook and Google's properties.

The "IndieWeb" has been around for several years now, but this month it gained some momentum with the launch of Known, a new blogging platform built on IndieWeb principles. Mathew Ingram introduced it on GigaOm with:

The Known software is available in two forms:

And yes, this is very similar to WordPress with the hosted version at WordPress.com and the standalone version at WordPress.org. (And in fact, WordPress can support many of the IndieWeb principles through various plugins.)

One of the interesting aspects is that your instance of Known can use some of the IndieWeb protocols such as Webmention to communicate with other instances of Known - as well as other sites that support the IndieWeb protocols.

The Known software is also "responsive" so that it works well on mobile devices - and the entire code base is open source so that anyone can see what it is all about and modify or extend it. On For Immediate Release (FIR) Podcast #773 I devoted most of my report to talking about Known and the Indie Web - and Shel Holtz spoke at some length about the platform, too. And both Shel and I referenced Leo Laporte's This Week in Google 266 where he had Known co-founders Ben Werdmûller and Erin Jo Richey on as guests, as well as Kevin Marks. I would encourage you to listen to them all if you are interested in further discussion.

To me this issue of owning your own content is critical. Perhaps THE most critical question in many ways to me personally.

It goes back to the question of what kind of Internet do we want?

Do we want one in which we are in control - and have control of our own data and content? Or do we want an Internet where the content we create is locked inside of corporate walled gardens? (Even if those gardens let us display it to the world... we still may not be able to easily get it out.)

I don't know if I'll honestly keep using danyork.withknown.com in the long term, or whether I'll install the Known software directly on one of my servers... or whether I'll just look at making my WordPress installations play as nicely as possible with the IndieWeb protocols.

I'm certainly going to continue to experiment for some time... I've been watching the Github repo and their issue tracker and have been quite impressed with the ongoing work of the Known team.

The key point is that wherever I post my intent is that I will not be locked in to closed proprietary systems. Known and the IndieWeb are more tools that we have in our toolbox that let us retain our freedom and control!

P.S. If you want to give Known a try, visit the withknown.com hosted platform to get started! It's free and easy to sign up.


NOTE: Given that Ello has been getting quite a buzz in the last few days (and I can also be found there: ello.co/danyork ), it is worth pointing out the difference:

  • Known is an open source, freely-available blogging/publishing platform that you can either use in a hosted version or on your own site. You can publish your own status updates, blog posts and audio content - and share those posts out to social networks. Think of it as similar to WordPress.
  • Ello is a closed source (proprietary), invite-only (right now) social network where you can follow friends and share status updates, photos, links, etc. It currently has no APIs or method to export your data. Think of it as similar to Facebook.

That's the key difference - Known is a blogging platform while Ello is a social network.


If you found this post interesting or useful, please consider either:


CloudFlare Re-affirms Goal of DNSSEC Support By End of 2014

CloudFlare logoOver on ThreatPost, Dennis Fisher wrote about “Small Signs Of Progress On DNSSEC” reporting on a presentation by CloudFlare’s Nick Sullivan at the Virus Bulletin conference in Seattle this week.  The article didn’t go deeply into DNSSEC (as our tutorial pages do) but did have this point which is key to me:

Sullivan said CloudFlare, one of the larger DNS providers in the world, plans to deploy DNSSEC on its network by the end of the year.

To no surprise, this reaffirms what CloudFlare’s John Graham-Cumming stated back in June at the ICANN 50 DNSSEC Workshop in London where he presented a set of slides that are available for download.  From what Graham-Cumming said in London, the intent was to make DNSSEC available to customers with as simple a switch as CloudFlare has done today with IPv6.

I highlight this because the content distribution networks (CDNs), of which CloudFlare is an example, are one of the major stumbling blocks for many companies to be able to sign their domains with DNSSEC.  Typically this is because of either:

1. The CDN vendor is also providing the DNS hosting for the domain (so that they can use DNS for load balancing and distribution to CDN edge servers) and would therefore be the one to do the DNSSEC signing of the zone; or

2. The CDN vendor is hosting the website via a CNAME, with the issue then that the company can sign their domain, but when DNSSEC validation hits the CNAME it has to restart, and typically the site referenced in the CNAME will not be signed because it is hosted on the CDN.

As John Graham-Cumming presented in his slides, there definitely ARE challenges related to DNSSEC-signing for CDNs and vendors providing global load balancing.  BUT… we as an industry have to figure out solutions so that we can get domains signed that are hosted by CDN vendors.

We’re thrilled that CloudFlare is again indicating that they will enable DNSSEC by the end of 2014 to provide a higher level of trust and security for their customers. We’re looking forward to seeing the nice spike in signed domains that should come from CloudFlare doing this.  And… we do hope to see the other major CDN vendors offering this soon, too!  Working together we can make the DNS part of Internet communication that much more secure!

P.S. Want to get started with DNSSEC?  Visit our Start Here page to find resources targeted for your role or type of organization.

Tracking The Shellshock BASH Vulnerability – News, Tools and Links

shellshockWith all the attention today to the Shellshock vulnerability, I need a place to keep track of it for my own purposes.  If this page or list helps anyone else, that’s great, but this is primarily a tool for me to capture what’s going on.  I intend to be updating it regularly while this is all happening.  Suggestions are of course welcome in comments.

Note that I have links here to discussion threads on Hacker News.  The comment threads are often fully of incredibly useful information.

Security Advisories

Testing Tools

News about actual exploits

News about the Shellshock vulnerability in general

BlackBerry’s New Blend Application Requires IPv6 Networking

BlackBerry BlendYesterday BlackBerry held a series of events announcing their new “Passport” smartphone as well as an application called “BlackBerry Blend” that lets you use your computer or tablet (including iOS and Android tablets) in conjunction with the Passport phone. There was a good bit of media coverage, almost all focusing on the Passport phone itself.

One interesting fact to emerge, though, is that the BlackBerry Blend application requires IPv6 networking in order to function.

NOTE – it does not seem to require IPv6 connectivity, i.e. your network doesn’t have to have actual IPv6 addressing and connectivity to the IPv6 Internet, but your network needs to allow IPv6 networking.

This is stated very clearly under “Step 1″ on Getting Started with BlackBerry Blend and even more clearly in a knowledge base article titled “Unable to connect to BlackBerry Blend due to ipv6 being blocked on the computer“. That support document states:

Overview
BlackBerry Blend is unable to connect to, or communicate with the BlackBerry 10 smartphone when IPv6 traffic is being blocked.

Cause
An item in the network environment such as a VPN connector, firewall, network adapter setting, or anti-virus software is blocking or preventing IPv6 traffic.

Resolution
IPv6 is a requirement for BlackBerry Blend to connect and communicate with the BlackBerry Smartphone. In order to complete the connection, IPv6 traffic will need to be enabled or allowed in the network environment.

So you apparently don’t necessarily have to have actual IPv6 connectivity… but you can’t be blocking IPv6 packets on the WiFi network that Blend is using to communicate with the Passport smartphone.

Similarity to Apple’s Back To My Mac

I can’t yet find any further information on exactly how BlackBerry is using IPv6 to make the connection between your computer or tablet. However, on a certain level it sounds similar to what Apple does with their Back To My Mac (BTMM) function that is now part of their iCloud service. BTMM allows you to connect from one Mac back to another Mac to share files or to “share the screen” and remotely operate that remote Mac. Apple has more info about BTMM in its iCloud support area.

Similarly, BlackBerry Blend lets you connect from your computer or tablet to your Passport smartphone to be able to send and receive messages, view your calendars, transfer files, access internal websites using the Passport’s connection, etc. Effectively you are “remotely” managing the Passport smartphone from the tablet or computer, although unlike Apple’s BTMM you aren’t manipulating the actual desktop of the device but rather using the services and applications on the Passport.

The IPv6 connection comes in through the work of a team from Apple, UCLA and Toyota who documented how Apple’s BTMM service works in RFC 6281 and showed how it essentially creates an IPv6 “tunnel” over IPv4 between the two Macs. It’s well worth a read to understand how Apple did this.

Now, differently from what BlackBerry Blend apparently does, Apple tunnels all their IPv6 packets over IPv4 and so they don’t care about what the local network does with IPv6. Apple’s BTMM is also designed to work anywhere across the entire Internet, while the BlackBerry Blend is designed to only work across the local WiFi network. (The device running the BlackBerry Blend app and the Passport smartphone must both be on the same WiFi network to communicate.)

Still, it sounds like BlackBerry is creating some kind of IPv6 “tunnel” between the Blend app and the Passport device.

BlackBerry Assumes IPv6 Will Be Allowed

However, it seems BlackBerry assumed that IPv6 packets would not be blocked on the local WiFi network or would not be blocked on the computer running the Blend app. That probably is a safe assumption for many or even most networks, but I’ve heard of some enterprise networks who have not yet moved from IPv4 restricting IPv6 to prevent any unknown communication. It is those networks where Blend may have challenges working.

The reality is that the world is moving to IPv6 and so network operators MUST understand IPv6 security so that they can create appropriate IPv6 security policies that securely allow IPv6 traffic, rather than just blindly blocking IPv6.

BlackBerry’s Blend is just one of the first apps we’ll see assuming IPv6 is allowed. I’m sure there will be many more in the years ahead. Network operators who don’t at least allow IPv6 will find themselves with people or customers who are unhappy that they can’t use these new applications and services. Time to make IPv6 happen! (Or at least not block it!)

P.S. If you want to get started with IPv6, please visit our “Start Here” page to find resources targeted at your role or type of organization. And please let us know if you need more information! 

Talko Looks Very Cool, But Needed A Firewall Change To Work

Talko directoryThe big telecom story today certainly seems to the be launch of Ray Ozzie's new "Talko" application for iOS. Tons of attention in the tech media, and many of my friends on social media have been trying it out. There's a brilliant article posted on Medium about the "Brave New Phone Call" along with a great blog post from Ray Ozzie about how this new app will revolutionize the voice experience.

I think Talko has great potential to do so, particularly after using it.

But...

... I had to change my firewall rules in order to make Talko work. :-(

And I don't know how long it will continue to work.

Perhaps worse than that... it wasn't clear initially that I had a firewall problem. Frequent testing partner Jim Courtney sent me a message and after installing the Talko app on my iPhone I tried to talk to him, but all I seemed to be able to do was send him a voice message or a text message.

Subsequently I tried connecting to Tim Panton and again could only send voice messages. It made for a very asynchronous "walkie-talkie" style of communication that clearly seemed to not be what was described in the article.

At that point my many years in VoIP kicked in and I realized the firewall at the edge of my network was probably blocking something. Sure enough, when I pulled up the live firewall log and filtered on my iPhone's IP address I could see blocked connections from my iPhone that were intended for an IP address in Amazon's EC2 cloud. These blocked connections happened when I tried to initiate a voice conversation within Talko.

I first tried to create a firewall rule that would allow specific ports through, just by guessing from the firewall logs what ports Talko might be using. However, they jumped around and what I ultimately had to do was create a rule allowing any connection from inside my network to the specific IPv4 address of what I assume is one of Talko's servers on Amazon EC2.

Once I did this, I was able to have a voice conversation with Tim perfectly fine. It was actually rather cool how it would record the conversation and let me easily go back, listen again, advance through it, etc.

But...

... poking a hole in my firewall to a specific IP address is very definitely NOT the way to have a telecom application work.

And... Talko will only work on my network as long as that destination IP address doesn't change. If they add more servers or change their architecture, it's dead to me. At least... dead on my home WiFi network. Presumably it could still work on my mobile data network (at a cost to me).

Now, to be fair, I'm a bit more security-paranoid than the average home user and so I run a Linux-based firewall/server/gateway on the edge of my home network with a fairly restrictive set of firewall rules. The default policy is to deny outbound connections unless they fit into various rules. I've had to add rules allowing VoIP and IM protocols... and it's not uncommon for me to have to add new rules for applications like this. For instance, I had to do so for Tox when I was playing with it a few months back.

Odds are Talko will probably work fine for the vast majority of connections from WiFi networks with less paranoid firewall rules.

But... for an app like this to really challenge the existing telecom infrastructure, it needs to work from almost anywhere. This is why Skype usage is so ubiquitous - Skype "just works" and has its ways to work around firewalls. Within the SIP and WebRTC communities there are all the STUN / TURN / ICE servers and technologies that enable this kind of transit of a firewall. The technology is out there. And there will certainly be some enterprises and other businesses that set up firewalls at least as restrictive as mine is.

I realize today's news is the initial public launch and that this is early days for the app. I hope the Talko team can figure out a way to make the voice conversation work through firewalls. I really like what I see inside the app.

Meanwhile... I'm just hoping they don't change the IP address of the server with which my app is communicating!


If you found this post interesting or useful, please consider either:


FIR #774 – 9/22/14 – For Immediate Release

Quick News: US consumers don't want to be brands' friends, how media used social media during Scottish independence referendum, Radisson's boost from severing Vikings sponsorship, business inconsistency in speaking up; Ragan promo; News That Fits; the rise of brand journalism, Michael Netzley's Asia Report, is tracking employee moods a good idea?, Media Monitoring Minute from CustomScoop, listener comments, Apple's U2 giveaway turns into a PR disaster, Dan York's Tech Report, Igloo Software promo, the past week on the FIR Podcast Network, rethinking marketing organizations; music from Benevento/Russo; and more.

Three Years At The Internet Society

Internet sign london

Today marks three truly amazing years at the Internet Society.  It was September 19, 2011, when I visited the main office in Reston, Virginia, and began this wonderful journey.  I wrote back then about why I was taking this job to fight for the open Internet - and in truth the reasons haven't changed.

If anything, the situation has only gotten worse.  

There are now far more threats to what I've taken to calling the "Internet of Opportunity" ... the kind of Internet we have today where anyone can start any kind of service or publish any kind of information.  

Within the Internet Society (or "ISOC" as we are often called) we call this "permissionless innovation", not needing to ask permission of anyone to innovate.  If you have a new idea or a new service or product... you can just do it. You don't have to plead with a "gatekeeper" or pay someone in order to launch your service out onto the Internet.

But that could change.

Some of the legacy telecommunications companies who have lost out on revenue as everyone has moved away from phone calls would really like their revenue back.  Some of the entertainment and traditional media companies would like their revenue and control back, too.  And many governments would like to regain some of their control - and tax revenue.

Money and control.

As I wrote in that article three years ago, there is a great quote from the 1992 movie Sneakers:

“There’s a war out there, old friend. A world war. And it’s not about who’s got the most bullets. It’s about who controls the information. What we see and hear, how we work, what we think… it’s all about the information!”

That is definitely the case.  And that war is only gotten stronger... and it's going to get even more fierce in the years ahead.

I'm personally glad that there are a group of organization including the Internet Society that are dedicated to shining the light on the changes that are happening... and arguing for why we need to keep the current "open" nature of the Internet so that we and our children, and their children, can all benefit from the kinds of opportunities we've had to date with the Internet.

Last year I wrote a good bit about how pleased I was to be part of the Internet Society.  That hasn't changed!  My passion for the work that ISOC does around the world has only grown stronger in this past year as I have learned more of the amazing things happening around the world.  I continue to love my own work with the Internet Society Deploy360 Programme - I wake up each morning excited to write more and do more to help people learn how they can deploy new technologies to make the Internet work better, faster and be more secure.  I absolutely love what I do!

But I was reminded this week of how many other things are done by my colleagues all over the world.  I just game back from a 4-day all-staff retreat at a hotel in Virginia.  This was the first time an event like this had been held in over 3 years and we've added so many new staff that many of us had never met each other.  We spent the time talking about what our priorities should be... where did we see the organization going... how could we best help the Internet... what could we do......

It was an amazing time.  VERY intense... although certainly with some time for fun mixed in.   We came out with some great ideas and plans that I'm looking forward to making happen in the weeks and months ahead.

What struck me most is that the people are amazing.  It's truly an honor and privilege for me to serve with them and to do what we do.

The mission of the Internet Society is quite simple:

To promote the open development, evolution, and use of the Internet for the benefit of all people throughout the world.

It's that mission that brought me here... and that's the reason I continue to be as excited as I am about what I do. As I celebrate three years with the Internet Society, I'm very much looking forward to the next three years... and the next beyond that!

P.S. One great way you can help is to join the Internet Society to stay up-to-date on current issues affecting the Internet - membership is free for individuals. You can also subscribe to my infrequent email newsletter where I hit many of these topics.


If you found this post interesting or useful, please consider either:


Watch Live TODAY (Sept 19) – CITI State of Telecom 2014

Citi logoWhat is the future of telecommunications and the Internet? As more entertainment moves to being over the Internet, what are the implications for the media and for the technology?

Today, September 19, 2014, there is an interesting set of presentations happening at the Columbia Club in New York City, organized by the Columbia (University) Institute for Tele-Information (CITI) called the "CITI State of Telecom 2014". Subtitled, "From the Internet of Science to The Internet of Next Generation Entertainment Implications for Content, Technology and Industry Consolidation", the session description states:

The goal of the early Internet was to connect research institutions. Yet today 71% of all Internet traffic consists of video, games, and music, and that number is growing. This transition raises issues for media content, technology, industry consolidation, business strategy, and regulatory policy. Media companies, academics, policy makers, and technologists must think ahead.

You can watch it all live at:

http://new.livestream.com/internetsociety/citisot14

The sessions are being recorded, too, and are available at that address.

The session agenda and list of all the speakers is available on the CITI event page. The quick summary is:

  • 9:00am Welcome and Introduction of Topic
  • 9:15am Session 1- Technology and business drivers of the transformation of the Internet
  • 10:25am Session 2- Emerging business, marketing, and transaction models for Next Generation Video (NGV)
  • 11:35am Coffee Break
  • 11:50am Session 3- Public Interest Dimensions in Next-Generation Video and Networks
  • 12:50pm Lunch
  • 1:50pm Session 4 - Consolidation in the network platform industry: drivers and impacts
  • 3:00pm Coffee Break
  • 3:10pm Session 5 - New TV and (video) OTT issues for telecom and media policy
  • 4:20pm Session 6 - Defining the future: initiatives to lead the next generation of internet video
  • 5:30 Closing remarks and reception

The sessions began 3.5 hours ago at 9:00am US Eastern and will continue for another 5 hours. I've learned a good bit from a number of the sessions - and am listening right now to the discussion around the challenges of getting Internet infrastructure deployed in rural areas of the USA.

Great sessions to listen to!


If you found this post interesting or useful, please consider either: