Just a guy in Vermont trying to connect all the dots...
Dan York
Author's posts
Jun 18
TONIGHT – Live Webcast of "WordPress Security: Fact & Fiction"
D.K. Smith will present a comprehensive range of WordPress security best practices, including: Methods for repairing a hacked site; “Multiple Layers of Security” techniques that keep your site secure. There will also be a preliminary presentation by Austin Gunter on the distinctions between managed, shared and dedicated hosting.
Unfortunately I won't be able to attend live, but I will look to watch the archive of the event.
If any of you are able to watch this live, it will stream out of:
http://www.livestream.com/internetsocietychapters
Looking forward to listening to it...
If you found this post interesting or useful, please consider either:
- following me on Twitter;
- adding me to a circle on Google+;
- subscribing to my email newsletter; or
- subscribing to the RSS feed.
Jun 18
Video: Great WebRTC Tutorial and Demonstrations by Cullen Jennings
The presentation is about an hour and is followed by a question period. Well worth watching if you want to understand the current state of WebRTC and how it may impact telecommunications today.
Note, you can also view the video directly on YouTube to better see it in a larger size or on a mobile device.
P.S. For more information about WebRTC, see the links off of my WebRTC/RTCWEB page.
If you found this post interesting or useful, please consider either:
- following me on Twitter;
- adding me to a circle on Google+;
- following me on App.net
- subscribing to my email newsletter; or
- subscribing to the RSS feed
Jun 18
Google Fiber Shows 77.55% IPv6 Deployment In Latest World IPv6 Launch Statistics
Over on the World IPv6 Launch blog, Mat Ford just announced the most recent set of IPv6 measurements from the 114 network operators participating in the measurements program (and any network operator can join). Mat notes the great news that an ISP in Singapore, Starhub, moved from 0.1% to over 8% deployment in the space of a month. That is outstanding! Congratulations to the crew at Starhub!
What I personally found even more fascinating was that when I went to the World IPv6 Launch measurements page and clicked on the “IPv6 deployment” column header twice to get a list sorted by the highest percentage…
Google Fiber came out as #1 with a staggering 77.55% of all observed traffic being over IPv6:
To be clear, let us remember how these statistics are collected.
Google, Facebook and Yahoo all measure the amount of IPv6 traffic they are seeing coming in to their respective sites and services from all the participating networks. (You can read more about their specific techniques at the bottom of the Measurements page.) That information is then averaged and presented on the Measurements page for each ISP.
In this case 77.55% of the traffic received across those three measurement providers from the Google Fiber network was all over IPv6. Amazing! Congratulations to the Google Fiber team!
P.S. It’s also interesting to note the growth of many networks versus where they were when we last wrote about the statistics in April. For instance, the top 10 networks sorted on observed percentage of IPv6 are now all over 30%.
Jun 18
TDYR #017 – Experimenting With Facebook Hashtags
Today I logged into Facebook and found that I had the hashtag support that was announced last week. In this episode I talk about that support and what I find interesting and useful in the new support.
Jun 18
What IPv6 Migration Questions Would You Like To Know From App Developers?
What questions would you like to ask of developers who have successfully migrated their applications to IPv6? What tips and tricks would you like to learn?
I am planning to update “Migrating Applications to IPv6” this summer to include pointers to some of the newer RFCs and transition tutorials and in doing the update I would like to add in mini-“case studies” of applications that have already made the transition to IPv6. Some of the questions I’m thinking of asking developers include:
- How easy or difficult was the migration to IPv6 for your application?
- What was the most challenging aspect of the migration?
- Were there any specific tools or libraries that proved to be the most helpful?
- Did you encounter any surprises in terms of IP address dependency? i.e. places in your code where you didn’t realize you depended upon an IP address?
- Did you have to make any significant changes to the way you store information? i.e. configuration files, databases, etc.
- How did you test your application in an IPv6 environment?
- Does your app work in both an IPv6-only and dual-stack environment?
- Is there anything you wish you’d known before you started the move to IPv6?
Do you have other questions you would like me to ask? If so, please either leave a message for me here on the site or on one of the social networks where I post this message – or send me an email.
I would also be interested to hear which of these questions above are the most important to you. What are your top 2 or 3 concerns about migrating your app to IPv6?
Also, if you are an application developer who has already ported your application to IPv6 and would be interested in being a case study in the updated book, please contact me as I am looking to get started on these updates soon.
On that note, I’m also thinking about perhaps creating some interviews in video and audio form related to these questions above… so if you would be interested in some multimedia exposure for your application please let me know that, too. (Thanks!)
Jun 18
What IPv6 Migration Questions Would You Like To Know From App Developers?
What questions would you like to ask of developers who have successfully migrated their applications to IPv6? What tips and tricks would you like to learn?
I am planning to update “Migrating Applications to IPv6” this summer to include pointers to some of the newer RFCs and transition tutorials and in doing the update I would like to add in mini-“case studies” of applications that have already made the transition to IPv6. Some of the questions I’m thinking of asking developers include:
- How easy or difficult was the migration to IPv6 for your application?
- What was the most challenging aspect of the migration?
- Were there any specific tools or libraries that proved to be the most helpful?
- Did you encounter any surprises in terms of IP address dependency? i.e. places in your code where you didn’t realize you depended upon an IP address?
- Did you have to make any significant changes to the way you store information? i.e. configuration files, databases, etc.
- How did you test your application in an IPv6 environment?
- Does your app work in both an IPv6-only and dual-stack environment?
- Is there anything you wish you’d known before you started the move to IPv6?
Do you have other questions you would like me to ask? If so, please either leave a message for me here on the site or on one of the social networks where I post this message – or send me an email.
I would also be interested to hear which of these questions above are the most important to you. What are your top 2 or 3 concerns about migrating your app to IPv6?
Also, if you are an application developer who has already ported your application to IPv6 and would be interested in being a case study in the updated book, please contact me as I am looking to get started on these updates soon.
On that note, I’m also thinking about perhaps creating some interviews in video and audio form related to these questions above… so if you would be interested in some multimedia exposure for your application please let me know that, too. (Thanks!)
Jun 17
FIR #708 – 6/17/13 – For Immediate Release
Three new interviews are up, one more and two book reviews coming; Quick News: Upworthy is fastest growing site ever, Line is biggest social network you've never heard of; Ragan promo: News That Fits: IABC update, Michael Netzley's Asia report, Twitter evolves with analytics and FollowMe, the language of social images, Media Monitoring Minute from CustomScoop, listener comments, Deskcamping connects spare desks with freelancers, Dan York's report, WashingtonPost enters sponsored content fray; music from Zac Mac Band; and more.
Jun 14
IPv6hackers Group To Meet In Berlin on July 28, 2013
Interested in IPv6 security? Want to see presentations by people working in the field? If so the members of the “ipv6hackers” mailing list are planning to hold their first face-to-face meeting in Berlin on July 28, 2013, the Sunday prior to IETF 87 in Berlin, Germany. From the announcement email:
We’re planning to have our first in-person meeting on July 28th, 2013, in Berlin (most likely in the afternoon, between lunch and the IETF welcome reception). The venue would be either the IETF venue (InterContinental Berlin), or some nearby hotel/room (to be confirmed soon).
We’re planning to have some presentations (which MUST be accompanied with code
), and might also have an IPv6 mini-hackathon (i.e., work on code, test implementations, try stuff).
Fernando Gont has asked people who are interested in attending to complete a short survey so that he can know how many people are planning to attend.
If you are interested in IPv6 security, I have found the IPv6 hackers mailing list to be a useful list to monitor as a good number of IPv6 security researchers do participate in the list. You can see from the archives some of the topics that are discussed. It is open for anyone to subscribe. There is also a LinkedIn group but as Fernando notes he created the group to help people connect on LinkedIn not as a discussion forum – discussion happens on the email list.
Jun 14
InfoWorld Promotes DNSSEC To Boost Internet Security
We were very pleased to see InfoWorld publishing this week an article by Roger Grimes titled “Boost your Internet security with DNSSec” that lays out the case for implementing DNSSEC and explains the validation side of DNSSEC. Given the large audience that InfoWorld has it is good to see DNSSEC getting this coverage.
I’d suggest another useful resource for people reading that article would be SURFNet’s white paper about enabling DNSSEC validation in DNS resolvers as that paper provides step-by-step guidance to enabling validation in BIND, Unbound and Windows Server 2012.
I’d also note for people wanting to experiment with DNSSEC validation, Google’s Public DNS servers do now support DNSSEC and so you can at least temporarily point your system to Google’s servers to try out validation. As we’ve also noted in the past, anyone who is a Comcast subscriber in North America also has DNSSEC validation happening by default, as do people using many of the ISPs in Sweden, Brazil and the Czech Republic.
As I noted at the beginning, the article covers the validation side of DNSSEC, but for that to really work we also need to get more domains signed with DNSSEC. I would encourage people to look at our tutorials on how to sign your domain using common registrars – and to ask your registrar when they will let you use DNSSEC if they are not on the list of DNSSEC-capable registrars maintained by ICANN.
Again, it’s great to see InfoWorld covering DNSSEC and I do hope they’ll provide more such articles in the future. If we can get DNSSEC deployed more widely we’ll go very far in upgrading the security of the Internet!
P.S. I was also intrigued by Grimes’ link to this video of a DNSSEC app for Android from back in 2011. It looks like a basic browser to check the DNSSEC status of sites. I may have to investigate a bit more..
Jun 13
DNSSEC Test Sites
If you have a new application or service where you want to test how DNSSEC validation works, the sites listed below are ones you can use. If you want to test validation of the DANE protocol, please see our separate page of DANE test sites.
Note that the sites below are domain names and websites with either good or deliberately mis-configured DNSSEC signatures. If you are looking for web sites offering tools or services where you can test the status of DNSSEC, please see our list of DNSSEC tools.
Sites With Good DNSSEC Signatures
Today there are millions of domain names out there with valid DNSSEC signatures and so you have many, many options. Two of the domains you can use to obtain valid signatures are:
- internetsociety.org
- ietf.org
If you are testing web validation, the addresses are:
Sites With Bad DNSSEC Signatures
The more interesting tests to perform are with domains that are bad and will generate an error in your application or service. The following sites have been deliberately mis-configured with bad DNSSEC signatures:
- dnssec-failed.org (operated by Comcast)
- rhybar.cz (operated by CZ.NIC)
On the web, they are:
The DNSSEC Tools site at http://www.dnssec-tools.org/ also provides a test in that if you connect to the site and do not perform DNSSEC validation you will see an image appear on the page telling you that you are connecting insecurely.
Adding More Sites
If you have a site with an interesting DNSSEC configuration you think would be useful for others to use in testing, please contact us so that we can consider adding it to this list.
Please note that our list of DANE test sites includes sites and domains that are also signed with DNSSEC.
