472 research outputs found
A principled approach to network neutrality
The issue of regulation for mandated network neutrality is currently live in both the United States and the European Union. Traditionally the models applied have been of the command and control or market regulation variety. Both approaches have been extensively criticised and both have suffered setbacks in recent years. This paper suggests it is time to abandon our experiments with traditional business regulation models and move to a principled approach for network neutrality. This principled approach based upon the rights to privacy, expression and freedom to carry on a business identifies the Internet as a public good which requires to be protected from interference if we are to fully realise its democratic potential. The proposed principled, or rights-based, approach to net neutrality would see regulations for network neutrality based in principles of fundamental rights and not business or market regulation principles. We believe this would be a radical new model for network neutrality regulation
Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments
Decentralized systems are a subset of distributed systems where multiple
authorities control different components and no authority is fully trusted by
all. This implies that any component in a decentralized system is potentially
adversarial. We revise fifteen years of research on decentralization and
privacy, and provide an overview of key systems, as well as key insights for
designers of future systems. We show that decentralized designs can enhance
privacy, integrity, and availability but also require careful trade-offs in
terms of system complexity, properties provided, and degree of
decentralization. These trade-offs need to be understood and navigated by
designers. We argue that a combination of insights from cryptography,
distributed systems, and mechanism design, aligned with the development of
adequate incentives, are necessary to build scalable and successful
privacy-preserving decentralized systems
Lawful Hacking: Using Existing Vulnerabilities for Wiretapping on the Internet
For years, legal wiretapping was straightforward: the officer doing the intercept connected a tape recorder or the like to a single pair of wires. By the 1990s, however, the changing structure of telecommunicationsâthere was no longer just âMa Bellâ to talk toâand new technologies such as ISDN and cellular telephony made executing a wiretap more complicated for law enforcement. Simple technologies would no longer suffice. In response, Congress passed the Communications Assistance for Law Enforcement Act (CALEA) which mandated a standardized lawful intercept interface on all local phone switches. Since its passage, technology has continued to progress, and in the face of new forms of communicationâSkype, voice chat during multiplayer online games, instant messaging, etc.âlaw enforcement is again experiencing problems. The FBI has called this âGoing Darkâ: their loss of access to suspectsâ communication. According to news reports, law enforcement wants changes to the wiretap laws to require a CALEA-like interface in Internet software.
CALEA, though, has its own issues: it is complex software specifically intended to create a security holeâeavesdropping capabilityâin the already-complex environment of a phone switch. It has unfortunately made wiretapping easier for everyone, not just law enforcement. Congress failed to heed expertsâ warnings of the danger posed by this mandated vulnerability, and time has proven the experts right. The so-called âAthens Affair,â where someone used the built-in lawful intercept mechanism to listen to the cell phone calls of high Greek officials, including the Prime Minister, is but one example. In an earlier work, we showed why extending CALEA to the Internet would create very serious problems, including the security problems it has visited on the phone system.
In this paper, we explore the viability and implications of an alternative method for addressing law enforcements need to access communications: legalized hacking of target devices through existing vulnerabilities in end-user software and platforms. The FBI already uses this approach on a small scale; we expect that its use will increase, especially as centralized wiretapping capabilities become less viable.
Relying on vulnerabilities and hacking poses a large set of legal and policy questions, some practical and some normative. Among these are:
(1) Will it create disincentives to patching?
(2) Will there be a negative effect on innovation? (Lessons from the so-called âCrypto Warsâ of the 1990s, and in particular the debate over export controls on cryptography, are instructive here.)
(3) Will law enforcementâs participation in vulnerabilities purchasing skew the market?
(4) Do local and even state law enforcement agencies have the technical sophistication to develop and use exploits? If not, how should this be handled? A larger FBI role?
(5) Should law enforcement even be participating in a market where many of the sellers and other buyers are themselves criminals?
(6) What happens if these tools are captured and repurposed by miscreants?
(7) Should we sanction otherwise illegal network activity to aid law enforcement?
(8) Is the probability of success from such an approach too low for it to be useful?
As we will show, these issues are indeed challenging. We regard the issues raised by using vulnerabilities as, on balance, preferable to adding more complexity and insecurity to online systems
Net Neutrality
This book is available as open access through the Bloomsbury Open Access programme and is available on www.bloomsburycollections.com. Chris Marsden maneuvers through the hype articulated by Netwrok Neutrality advocates and opponents. He offers a clear-headed analysis of the high stakes in this debate about the Internet's future, and fearlessly refutes the misinformation and misconceptions that about' Professor Rob Freiden, Penn State University Net Neutrality is a very heated and contested policy principle regarding access for content providers to the Internet end-user, and potential discrimination in that access where the end-user's ISP (or another ISP) blocks that access in part or whole. The suggestion has been that the problem can be resolved by either introducing greater competition, or closely policing conditions for vertically integrated service, such as VOIP. However, that is not the whole story, and ISPs as a whole have incentives to discriminate between content for matters such as network management of spam, to secure and maintain customer experience at current levels, and for economic benefit from new Quality of Service standards. This includes offering a âpriority lane' on the network for premium content types such as video and voice service. The author considers market developments and policy responses in Europe and the United States, draws conclusions and proposes regulatory recommendations
Convergence and next generation networks
Convergence and next generation networks and their potential impact on policies and regulations is the subject of this report, covering issues of competition in the new fibre environment, convergence of video, voice and data services, the rapid growth of new technologies, such as HDTV and mobile television, and the related demand for spectrum, as well as new possible "divides" between urban and rural areas created by the uneven development of high-speed fibre networks
- âŠ