June 2017 archive

Building Our New Website: A video about the user experience of multilingual websites

How do you build a multilingual website? What are the things you should be thinking about? In my last post in this series, I wrote about our need for a multilingual editor (and we now have some GREAT candidates!). But there's obviously much more to a site than just having a person on board. This week, Joly MacFie of our New York Chapter pointed me to this excellent video from the recent WordCamp Helsinki 2017 event titled "The User Experience Perspective of Multilingual and Multi-regional Websites":

Dan York

Building Our New Website: A video about the user experience of multilingual websites

How do you build a multilingual website? What are the things you should be thinking about? In my last post in this series, I wrote about our need for a multilingual editor (and we now have some GREAT candidates!). But there’s obviously much more to a site than just having a person on board. This week, Joly MacFie of our New York Chapter pointed me to this excellent video from the recent WordCamp Helsinki 2017 event titled “The User Experience Perspective of Multilingual and Multi-regional Websites“:

What I like about this is how the speaker, Thomas Hurd, lays out the different options in how to build a multilingual site and explores the overall strategy you need to think about for a multilingual site. The video does not dive into the technology as much as it raises the larger issues you need to consider. It’s easy to understand even if you don’t know much at all about WordPress or multilingual sites in general.

For the record, right now we’re pursuing the option he calls “Non-specific content, Multiple languages”. We are also planning to continue what we are doing today with using directories off of the URL for each language. In other words, we’ll have:

  • www.internetsociety.org   – the English pages
  • www.internetsociety.org/es/  – the Spanish pages
  • www.internetsociety.org/fr/   – the French pages

We agree with Thomas Hurd that this is one of the best methods for the user experience.

From a technical perspective, we are planning to implement the multilingual aspects of the site using the WPML plugin for WordPress.

Oh, and we’re NOT using flags!

If you are interested in helping us build this new multilingual site, consider applying for the Multilingual Editor position. I’m already interviewing people who have applied, but new candidates are welcome.

P.S. This article is part of our series on our website redesign in 2017. Please do follow along on our journey!

The post Building Our New Website: A video about the user experience of multilingual websites appeared first on Internet Society.

New Petyawrap Ransomware Attack Again Highlights Critical Need For Security Processes

Whenever there's a new attack on a global scale, the world trusts the Internet a little less. Today we are concerned with the many reports about this new ransomware attack called "Petyawrap", "Petrwrap" or an older name of "Petya."

The sad fact is: this new attack exploits the same vulnerabilities in Windows systems as last month's WannaCry attack. 

Fixes have been available for most Windows systems since March 2017!

The same tips Niel Harper provided last month to protect against ransomware also apply here.

Dan York

New Petyawrap Ransomware Attack Again Highlights Critical Need For Security Processes

Whenever there’s a new attack on a global scale, the world trusts the Internet a little less. Today we are concerned with the many reports about this new ransomware attack called “Petyawrap”, “Petrwrap” or an older name of “Petya.”

The sad fact is: this new attack exploits the same vulnerabilities in Windows systems as last month’s WannaCry attack. 

Fixes have been available for most Windows systems since March 2017!

The same tips Niel Harper provided last month to protect against ransomware also apply here.

Why haven’t the updates been applied? Often, smaller organizations may not have the needed IT staff. Enterprises may not fully embrace the level of business continuity planning they need. Companies may have legacy systems that are hard to patch.

Many organizations may have thought they were “safe” when they weren’t hit by WannaCry. They may have breathed a sigh of relief – and moved on to other critical needs.

The bad news is that this new attack gets nastier after the initial penetration of a network. Dan Goodin at ArsTechnia relays that the attack payload includes tools to extract user passwords. It can then infect other systems on your network using those credentials. Microsoft has more technical details. Unlike WannaCry, there seems to be no “kill switch” to stop the infections. (See update below.)

As Olaf Kolkman wrote last month in response to the WannaCry ransomware:

“When you are connected to the Internet, you are part of the Internet, and you have a responsibility to do your part.”

But yet as Brian Krebs reports at the end of his excellent piece, a recent ISACA survey found that:

  • 62 percent of organizations surveyed recently reported experiencing ransomware in 2016
  • only 53 percent said they had a formal process in place to address it

These attacks cause significant economic losses. They erode trust in the Internet. They limit the opportunities we all have online.

Collaborative security is a shared responsibility. We all have a part to play. We need to put the security processes in place to reduce these threats. In our companies and organizations. In nonprofits, schools, and community groups. In our homes. In our own actions.

We have the opportunity to shape tomorrow and build a stronger, more trusted Internet. One where ransomware no longer hits on a global scale. 

Read Niel’s 6 tips. Promote the approach of “Collaborative Security“. Develop and implement security management strategies. Ask strong questions inside your organization.

Take action.

The time is now.

——

UPDATE #1 – There are now reports of a “vaccine” in the form of a file you can create on a Windows system to prevent the ransomware from running. This is not a “kill switch” that can apply globally, but it is something that can be done on individual PCs. If the ransomware finds that this read-only file exists, it will not perform its attack on that machine.

——

See also our past articles about the WannaCry attacks:

The post New Petyawrap Ransomware Attack Again Highlights Critical Need For Security Processes appeared first on Internet Society.

Watch LIVE: ICANN 59 DNSSEC Workshop – June 26 at 7:00am UTC (Featured Blog)

Want to learn more about DNSSEC deployment challenges? Interested in learning about a DANE middlebox for HTTPS? Curious about how the upcoming DNSSEC Root Key Rollover will affect systems? And have you heard about the CDS and CDNSKEY records for DNS? What are they -- and what impact will they have on ICANN policies? More...

Watch LIVE – ICANN 59 DNSSEC Workshop – June 26 at 7:00am UTC

ICANN 59 logoWant to learn more about DNSSEC deployment challenges? Interested in learning about a DANE middlebox for HTTPS? Curious about how the upcoming DNSSEC Root Key Rollover will affect systems? And have you heard about the CDS and CDNSKEY records for DNS? What are they – and what impact will they have on ICANN policies?

If you answered yes to any of the above, you can tune in live to the ICANN 59 DNSSEC Workshop streaming out of Johannesburg, South Africa, on:

Monday, June 26, 2017 at 9:00am local time (UTC+2)

The schedule, which includes links to slides, is at:

The direct live stream link using Adobe Connect is:

THE SESSION WILL BE RECORDED if you are unable to watch live. (Which will include me, as I’m not at this event and 3:00am US Eastern time is a bit too early for me to get up to watch!)

The talks from 9:00 – 12 noon SAST (UTC+2) include:

  • Introduction, Program, Deployment Around the World – Counts, Counts, Counts
  • Panel Discussion: DNSSEC Deployment Challenges
  • Middlebox DANE for HTTPS
  • Tutorial/Panel Discussion: Root Key Signing Key Rollover Test Bed
  • Panel Discussion: CDS and CNS Implementation – What are the policy impacts?
  • DNSSEC: How Can I Help?
  • The Great DNS/DNSSEC Quiz

It should be a great event filled with DNSSEC and DANE education and information. The Workshop will be followed by a lunch sponsored by Afilias, CIRA and SIDN and then the “Tech Day” presentations in the afternoon.

Meanwhile, if you are interested in learning more about how to begin using DNSSEC for a higher level of security, please visit our Start Here page to get started!

The post Watch LIVE – ICANN 59 DNSSEC Workshop – June 26 at 7:00am UTC appeared first on Internet Society.

Watch LIVE – ICANN 59 DNSSEC Workshop – June 26 at 7:00am UTC

ICANN 59 logoWant to learn more about DNSSEC deployment challenges? Interested in learning about a DANE middlebox for HTTPS? Curious about how the upcoming DNSSEC Root Key Rollover will affect systems? And have you heard about the CDS and CDNSKEY records for DNS? What are they – and what impact will they have on ICANN policies?

If you answered yes to any of the above, you can tune in live to the ICANN 59 DNSSEC Workshop streaming out of Johannesburg, South Africa, on:

Monday, June 26, 2017 at 9:00am local time (UTC+2)

The schedule, which includes links to slides, is at:

The direct live stream link using Adobe Connect is:

THE SESSION WILL BE RECORDED if you are unable to watch live. (Which will include me, as I’m not at this event and 3:00am US Eastern time is a bit too early for me to get up to watch!)

The talks from 9:00 – 12 noon SAST (UTC+2) include:

  • Introduction, Program, Deployment Around the World – Counts, Counts, Counts
  • Panel Discussion: DNSSEC Deployment Challenges
  • Middlebox DANE for HTTPS
  • Tutorial/Panel Discussion: Root Key Signing Key Rollover Test Bed
  • Panel Discussion: CDS and CNS Implementation – What are the policy impacts?
  • DNSSEC: How Can I Help?
  • The Great DNS/DNSSEC Quiz

It should be a great event filled with DNSSEC and DANE education and information. The Workshop will be followed by a lunch sponsored by Afilias, CIRA and SIDN and then the “Tech Day” presentations in the afternoon.

Meanwhile, if you are interested in learning more about how to begin using DNSSEC for a higher level of security, please visit our Start Here page to get started!

Building Our New Website: Seeking a Multilingual Editor to help us speak more globally

Our current website is a multilingual embarrassment.

Have you looked at our French home page lately? Or Spanish? Or Russian? Chinese? Arabic?

You probably haven't, according to our website statistics, and for a good reason: those home pages haven't changed in 2 years! 

Dan York

Building Our New Website: Seeking a Multilingual Editor to help us speak more globally

Our current website is a multilingual embarrassment.

Have you looked at our French home page lately? Or Spanish? Or Russian? Chinese? Arabic?

You probably haven’t, according to our website statistics, and for a good reason: those home pages have not changed much in 2 years! 

They all still show an image that we used on our English-language home page two years ago. The events are outdated. The feature boxes are old. The “news” is old. The menus are no longer synchronized with the main English home page.

And if you follow links from those home pages, you will find that you soon run out of pages in those languages. What we have is more of a “facade” for each language.

In truth we should just take those pages down – and I may do that soon.

The original intent was an excellent one: make our website content available in all six United Nations languages.

But the result we have today shows a fundamental truth about multilingual websites:

  • One-time translation is simple – maintaining the translated content over time is the challenging part!

It’s relatively “easy” to translate a page or a set of pages once. We can send them to a translation firm. We can ask staff to help. In our case we can ask our Chapters in a particular region to help.

And this can work for individual reports. Or tutorials. Or other static pages.

But it does NOT work for a dynamic website where we are publishing new content on a daily basis.

Stepping Back – and Doing It Right

As a global organization with 120+ chapters and tens of thousands of individual members scattered around the world, we know that our website content must be available in more than just English.

To deliver on the vision of our new website having global impact, we have had to step back and take a hard look at how we support multiple languages on our main site.

The critical point is that we must deliver more than a “facade.” The versions of the site in other languages need to be strong and in sync with the English site as much as possible.

Early on in the website redesign process, we realized that to do this right we need at least one person dedicated to ensuring synchronization between the languages. Someone who makes sure the home pages and menus are updated. Someone who can ensure that when we publish news in English, we also publish information in other languages.

More than that, we need a person who is bringing in content from other languages. Our site cannot just be English content translated into, say, Spanish. It should also include Spanish content that is translated into English.

Starting Slowly

Adding a person (or multiple people) like this into our communications team and editorial workflow is something new. We need to prove to ourselves that this model will work.

And so we’re starting slowly. As we bring the new website online over the next few months, we are going to start with French and Spanish. These two languages cover significant areas of the world where we have members and chapters. I also believe there is a high probability we can find someone who is fluent in BOTH French and Spanish, as well as English.

If you think you are a good fit for this role, or you know someone who might be, our Multilingual Editor job description is now posted online with more details. We’re accepting applications now and will continue until we fill the role.

Please note – this is a 12-month contract position. We want to prove that this model of working on a multilingual site will work.

In the best case, we’ll find that this model works and we’ll look to continue it. And, if it works, we will probably want to add additional Multilingual Editors in 2018 and beyond to cover more languages.

However, we may find that the model doesn’t work and that we need to try a different approach. This position may end at that time.

So we’re looking for someone willing to join us on this adventure and help us find a good path forward.

Apply Now

To learn more about the responsibilites and qualifications, please read the listing for the 12-month Multilingual Editor position. Do note that we are building our new site on WordPress and using the WPML plugin. Experience with WPML would be a huge plus.

We are looking, too, for someone excited to work in a fast-paced environment. When we have news that needs to go out, we’ll be looking for this person to help us get that news out in French and Spanish. Sometimes we will have plenty of lead time – other times we are publishing right in the moment. The ability to work quickly and with the rest of the team will be critical.

Instructions on how to apply can be found in the position description.  We’re eager to get started – and we need someone on board soon to help with our website redesign over the next few months.

Please do me a favor, though. If you are not fluent in all three languages (English, French and Spanish), in both written and spoken communication, please do not bother applying. Someday we might be in a position to have editors for each language, but that is not today.

I’m excited to try this new model for a multilingual website. Please help us reach more people in more languages by either applying yourself – or sharing this information with others who might be a good fit. Thank you!

P.S. This article is part of our series on our website redesign in 2017. Please do follow along on our journey!

The post Building Our New Website: Seeking a Multilingual Editor to help us speak more globally appeared first on Internet Society.

Building Our New Website: A vision for the new site

In the early stages of our process to build a new Internet Society website, we developed a "vision" for what we wanted the new website to be. Last year we spoke with many people throughout the larger Internet Society community. We spoke with staff, with Chapter leaders, with partner organizations, with individual members and many more.  

As we launch the "beta" of the new website this week, I want to share with you the vision that emerged out of all of those aspirations:

Dan York