Dan York

Just a guy in Vermont trying to connect all the dots...

Author's posts

May 24

Podcast: Talking Data Privacy and GDPR with Todd Tolbert

Let’s raise the bar on data privacy and make the Internet safer.”  With the imminent arrival of the EU’s General Data Protection Regulation (GDPR), this was one of the points raised by Todd Tolbert, our Chief Administrative Officer, in an episode of the Non-Profit Tech Podcast published yesterday. Hosted by fusionSpan’s Justin Burniske, the 35-minute episode covered a wide range of topics, including:

  • the difference between data privacy and data protection
  • Todd’s thinking about the value the GDPR brings in terms of thinking about data
  • mistakes organizations make with regard to handling their data
  • resources for organizations to do more
  • how you can’t be liable for data that you don’t have in the first place
  • asking the question… do you really need to keep those 700 email addresses that no longer work?

And, of course, Todd being who he is, there were some Texan things mixed in to the conversation as well. I very much enjoyed the episode and found it a useful contribution to the ongoing privacy discussions that tomorrow’s GDPR deadline has generated.

Some of the resources Todd shared included:

I would also encourage you to view our articles and resources related to privacy.

Since I can’t seem to find any way to embed the player here, you’ll need to go visit the podcast page to listen – or download it in your favorite podcast app.

FYI, as Todd as written previously, he’s been leading our efforts on GDPR compliance, and also serves as our Data Privacy Office (DPO).

The post Podcast: Talking Data Privacy and GDPR with Todd Tolbert appeared first on Internet Society.

May 02

Test with an embedded tweet

Just doing a test of what happens when I embed a tweet – what other trackers get pulled in:

Apr 25

April 22, 1993 – A Day The Internet Fundamentally Changed (Featured Blog)

25 years ago, on April 22, 1993, a software release happened that fundamentally changed the user experience of the Internet. On that day, version 1.0 of "NCSA Mosaic for the X Window System" was released. You could now have (gasp!) text MIXED WITH IMAGES on the same page! Reading the Mosaic 1.0 release notes from Marc Andreessen is a bit of fun, as it includes gems like "Fixed mysterious stupid coredump that only hits Suns." More...

Apr 20

Call for Participation – ICANN DNSSEC Workshop at ICANN62, Panama City (Featured Blog)

Would you like to share information about how you are using DNSSEC with the wider technical community? Do you have an idea for how to make DNSSEC or DANE work better? Or work with new applications? If so - and if you will be attending ICANN 62 in Panama City, Panama from 25-28 June 2018 - then please consider sending in a proposal to participate as a speaker in the ICANN 62 DNSSEC Workshop! More...

Apr 20

Call for Participation – ICANN DNSSEC Workshop at ICANN62, Panama City

The DNSSEC Deployment Initiative and the Internet Society Deploy360 Programme, in cooperation with the ICANN Security and Stability Advisory Committee (SSAC), are planning a DNSSEC Workshop during the ICANN62 meeting held from 25-28 June 2018 in Panama City, Panama.

If you are interested in participating, please send a brief (1-2 sentence) description of your proposed presentation to  dnssec-panamacity@isoc.org by Friday, 4 May 2018

The DNSSEC Workshop has been a part of ICANN meetings for several years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments.  For reference, the most recent session was held at the ICANN Community Forum in San Juan, Puerto Rico on 14 March 2018. The presentations and transcripts are available at:

As this is the shorter “Policy Forum” format for ICANN meetings, the DNSSEC Workshop Program Committee is developing a 3-hour program.  Proposals will be considered for the following topic areas and included if space permits.  In addition, we welcome suggestions for additional topics either for inclusion in the ICANN62 workshop, or for consideration for future workshops

1. DNSSEC Activities Panel (Regional and global)

For this panel, we are seeking participation from those who have been involved in DNSSEC deployment in the region and also from those who have not deployed DNSSEC but who have a keen interest in the challenges and benefits of deployment, including Root Key Signing Key (KSK) Rollover activities.   Now that DNSSEC has become an operational norm for many registries, registrars, and ISPs, questions of interest include:

  • What have we learned about how we manage DNSSEC?
  • What is the best practice around key rollovers?
  • How often do you review your disaster recovery procedures?
  • Is there operational familiarity within your customer support teams?
  • What operational statistics have we gathered about DNSSEC?
  • Are there experiences being documented in the form of best practices, or something similar, for transfer of signed zones?

If you have a specific concern about the Root Key Rollover, or believe you have a method or solution to help address impacts, we would like to hear from you.

2. DNSSEC Deployment Challenges

The program committee is seeking input from those that are interested in implementation of DNSSEC but have general or particular concerns with DNSSEC.  In particular, we are seeking input from individuals that would be willing to participate in a panel that would discuss questions of the nature:

  • Are there any policies directly or indirectly impeding your DNSSEC deployment? (RRR model, CDS/CDNSKEY automation)
  • What are your most significant concerns with DNSSEC, e.g., complexity, training, implementation, operation or something else?
  • What do you expect DNSSEC to do for you and what doesn’t it do?
  • What do you see as the most important trade-offs with respect to doing or not doing DNSSEC?

We are interested in presentations related to any aspect of DNSSEC such as zone signing, DNS response validation, applications use of DNSSEC, registry/registrar DNSSEC activities, etc.  In addition, we welcome suggestions for additional topics.

If you are interested in participating, please send a brief (1-2 sentence) description of your proposed presentation to  dnssec-panamacity@isoc.org by **Friday, 4 May 2018**

 

Thank you,

The DNSSEC Workshop Program Committee:
Mark Elkins, DNS/ZACR
Ondrej Filip, CZ.NIC
Julie Hedlund, ICANN
Jean Robert Hountomey, AfricaCERT
Jacques Latour, .CA
Xiaodong Lee, Chinese Academy of Sciences (CAS)
Russ Mundy, Parsons
Kathy Schnitt, ICANN
Yoshiro Yoneya, JPRS
Dan York, Internet Society

The post Call for Participation – ICANN DNSSEC Workshop at ICANN62, Panama City appeared first on Internet Society.

Apr 16

At RSA USA 2018 in San Francisco this week? Join the IoT Security conversation on Tuesday, April 17

Are you attending the RSA USA 2018 Conference this week in San Francisco? If so, please plan to join this panel session happening Tuesday, April 17, 2018, from 3:30 – 4:14pm (PDT):

IoT Trust by Design: Lessons Learned in Wearables and Smart Home Products

Moderated by my colleague Jeff Wilbur, Director of the Online Trust Alliance (OTA), the panel abstract is:

The world has awakened to the need for tighter security and privacy in consumer-grade IoT offerings. This panel will present a trust framework for IoT, and wearable and smart home experts will discuss top attack vectors, typical vulnerabilities in devices, apps and systems, common reasons for design compromise, the evolution of security and privacy in IoT and where it needs to go.

They will be discussing the OTA’s IoT Trust Framework, as well as some new mechanisms available to help enterprises understand the risks associated with IoT devices.

If you believe securing the Internet of Things is a critical step to having a secure Internet, please join Jeff and his panelists to learn more.

Unfortunately there appears to be no live stream available but they do seem to be recording many of the sessions. If Jeff’s session is recorded we will update this post and our event page with that information once the recording is published.

We will be posting updates to our blog and our RSA USA 2018 event page. You can follow our updates on Twitter at @InternetSociety. You can also follow the #RSAC hashtag on Twitter for updates about the overall conference.

The post At RSA USA 2018 in San Francisco this week? Join the IoT Security conversation on Tuesday, April 17 appeared first on Internet Society.

Apr 12

TDYR 350 – After Downloading All My Facebook Data, Here is What I Found…

I downloaded all my Facebook data today.... and it was an interesting trip through 11 years of memories - and other data... in this episode I talk about some of what I found, and also note how you can do this, too.

Apr 04

TDYR 349 – Returning From a Hiatus

Tap... tap.. tap... is this thing on? Unbelievably, it has been four months since I last published an episode of The Dan York Report. I am ready to get back behind the microphone and crank out some more episodes... stay tuned!

Apr 02

Deadline TODAY (23:59 UTC) to submit comments to ICANN on 2018 DNSSEC Root KSK Rollover Plan

Do you believe ICANN should go ahead with the plan to roll the Root Key Signing Key (KSK) on 11 October 2018? If so (or if not), the deadline for public comment is TODAY, 2 April 2018, at 23:59 UTC. That’s about 9.5 hours from the time I’m publishing this post.

My colleague Kevin Meynell provided more info about this public comment process when it began in March. At the IETF 101 meeting in London, I spoke with ICANN staff who again stated that they would like to hear from many voices about whether they should go ahead with the Root KSK Rollover on 11 October 2018. It’s very simple to send in comments:

Learn how to submit your comments to ICANN

You can see the current list of comments at: https://mm.icann.org/pipermail/comments-ksk-rollover-restart-01feb18/2018q1/thread.html (All comments are public.)

I would encourage anyone interested to submit comments (even if they are simply “I support the plan.”).

And if you have want more information about how to get started with using DNSSEC, please see our Deploy360 Start page to begin.

Image credit: Bryce Barker on Unsplash

The post Deadline TODAY (23:59 UTC) to submit comments to ICANN on 2018 DNSSEC Root KSK Rollover Plan appeared first on Internet Society.

Mar 28

Building Our New Website: POSSE and Sharing on Facebook, Twitter, LinkedIn, Google+ and More

As we built our new website, one of my own guiding principles was “POSSE“, a content publishing model from the “IndieWeb” movement. The idea is:

Publish on your
Own
Site,
Syndicate
Elsewhere

Essentially, make sure you own your own content – and then share it out onto other sites and services. (See the IndieWeb page about POSSE for more discussion.) Make your own website the “hub” for all your content, and then have spokes going out to all the other places where people might discover and learn about your content.

To me, this model is the best way to support the principles of the open Internet, while engaging people in the places where they already are.

This is part of a series of posts about the evolution of our new site.

Why does this matter?

We aren’t just publishing reports, papers, blog posts and articles for the sake of talking about what we are doing.

We are publishing content to bring about change that ensures the Internet remains open, globally connected, and secure. As we said in our vision statement for the new website:

Our website is a driving force in realizing our mission of an open Internet for everyone. It empowers all who care about a free and safe Internet and inspires action to make a positive difference.

Our website exists in support of our mission, of our 2018 Action Plan, and of our campaigns to shape the Internet of tomorrow.

But of course, once we publish content, the challenge is to get people to actually READ (and share) that content.

Sadly, we’ve not yet been able to convince everyone on the Internet to set www.internetsociety.org as their home page! (Have you done that yet? Would you consider it?)

So…. we need to share / syndicate our content out to the places where people may discover that content.

We need to go where people are.

WordPress and RSS feeds

The good news about the POSSE model is that WordPress brings many advantages. For instance, it has strong support of RSS feeds, allowing our content to be easily used by viewers – and also published on other sites. You simply add “/feed/” to the end of any URL for a category, tag, or author and… ta da… a feed of all the stories. Super easy and simple.

Unfortunately, the use of dedicated RSS readers has fallen out of style. So while this is an awesome feature, fewer and fewer people are using it.

Thankfully, WordPress also supports a variety of plugins that help with sharing our content out to other channels.

Reaching new audiences

As we reach out to those other channels, it is critical for us to reach NEW audiences. If we only talk to the technical community out of which we emerged, or if we only speak to the “Internet governance” community in which we are involved, we will not be able to fully create the change we believe needs to happen.

We need to reach far larger audiences and help them discover what we are writing about. We need to reach the people who don’t know what “IoT” is – and help them understand why we need it secure by default. We need to reach people in areas without Internet connectivity – and help them understand how community networks can help. We need to reach people who can influence policy makers – and help their regulators understand how the Internet works, and how decisions around the Internet need to involve all sectors of society.

We need many people to take action.

Our ongoing work with the news media is a key part of reaching new audiences. We have had great success in this, and we will continue to expand our efforts. This is critical to our work.

Similarly, we also reach new audiences through building relationships with other media sites to get our articles published (or re-published/syndicated) on those sites. This can bring our ideas to whole new audiences that have not seen our site or even heard of the Internet Society.

But there has also been a large shift in how people discover news and content. For example, recent reports from the Pew Research Center found that 67% of Americans get at least some of their news from social media. For some groups and demographics, the percentage is even higher. Similar research from Pew showed a median of 35%  of people globally getting news daily through social media.

Sharing out to social channels

Given these trends, it is critical for us to get our content out into the social channels where it can be found – and shared. Whenever we publish an article or blog post, we typically share it to at least:

  • one or more Twitter accounts
  • our Facebook page(s)
  • our LinkedIn profile
  • our Google+ page

(See our list of social channels.)

If we look a why we use each of these channels:

  • Twitter has consistently been an excellent way to reach people across a very wide range of social segments and industries. We also find news media see our content, as do policy makers, ISOC members and more.
  • Facebook gives us the potential to reach over 2 billion users (per Facebook’s Q4 2017 monthly average users) around the world. It has the largest reach of any of the currently available platforms.
  • LinkedIn has been a way to share out content out to a professional and business-oriented audience.
  • Google+ historically was a way to reach some elements of our technical audience, although we’ve seen the level of engagement drop there significantly over the past year or two.

The sharing aspect is a key element. As the Pew Research study showed, people are more likely to trust news and links they see from their friends and family. So enabling people to share our content with others is critical.

Now, we don’t only “broadcast” out our content into our social channels. These channels are also one way we gather feedback and comments from people about our content.

We also do use other ways to engage with people in those channels. For instance, our recent polls on Twitter related to IoT and consumer rights. But the distribution of published content remains a major reason why we use the channels.

Sharing out to other channels

Beyond these social channels, we also syndicate and share our content out to other channels on a case-by-case basis. Some of those include:

  • Email lists– We have a wide range of email lists available to Internet Society members. (Membership is free – join today!) Some include Chapter leaders or Organization members. Some are for our Special Interest Groups (SIGs). Others are for open discussion such as the “Internetpolicy” list or the Connect Open Forum. Our challenge here is that with the volume of content we publish, we want to share carefully so we don’t overwhelm people’s inboxes.
  • Medium– We sometimes cross-post articles to our Medium account, although increasingly we are developing specific content for the site.
  • CircleID– For many of our technical and policy folks, we have found that re-publishing our posts on CircleID (under individual author’s names) has brought the information strong additional visibility

Occasionally, we will also post content to some of the sites that aggregate links and provide news listings such as:

  • Hacker News – our developer-focused and very technical articles often do well here.
  • Reddit – some of our content fits in well in different sub-reddits.

We also have used our Instagram account for some campaigns, too.

Future channels

We are always watching for future channels where we should be engaging with people. One of the critical threads of the Internet Invariants is:

There are no permanent favourites.

Remember MySpace? or FriendFeed? or Jaiku? or… USENET?

The channels where people discover and engage with content today are not the same channels they used five years ago – and will probably not be the same channels people use five years in the future.

Facebook and Twitter are where a significant amount of people get their social news today – but will they still be the leaders in five years? Will enough people get upset at today’s platforms that they will actually engage in using new, alternative platforms?

As I look around at where people are engaging, I wonder whether we should do more with:

  • Messaging apps– Should we share content out to a WhatsApp group chat? Or into Snapchat’s Discover area? Or WeChat or Line? Or some of the apps like Wire or Telegram focusing on security?
  • News apps– We are seeing that news apps/services from Apple News, Google AMP, and Facebook Instant Articles are all making the mobile user experience more convenient. I’ve avoided doing anything with these because they are more proprietary than I’d like, but should we?
  • WordPress.com– Our use of WordPress enables us to also have our content flow out into the WordPress.com site to be discovered by others. Should we do more with this?

Or … whatever will be next? Will it be some blockchain mechanism? or…?

It’s hard to know. And to engage in new channels – and do it well – also involves some commitment of staff time and resources. But we will continually be watching, and evolving how we share our content.

POSSE for the open Internet

Our commitment continues to be that we will Publish our content on our Own Site in support of the open Internet. And we will Syndicate that content Elsewhere.

We will go where the people are today – and we will keep watching and explore where the people will be tomorrow.

Our goal is to continue to empower people to take action in support of an open, globally connected and secure Internet.

The future of the Internet is up to each of us. We must work together to #ShapeTomorrow.

Image credit: Tom Kelly on Flickr CC BY NC ND

The post Building Our New Website: POSSE and Sharing on Facebook, Twitter, LinkedIn, Google+ and More appeared first on Internet Society.