Friday, March 18, 2011

ISPs defend plan for two-tier net

ISPs have defended their right to operate a two-speed internet, at a key debate into the future of the web.

The debate was organised by the government, which is keen to see the principles of a free and equal net maintained.

ISPs are increasingly looking to prioritise some traffic on their networks and block some.

After the meeting the BBC called for the creation of a broadband content group to represent content providers.

It, along with content providers such as Google, Yahoo, Facebook and Skype, is growing increasingly concerned about how the issue of net neutrality is being dealt with.

Net neutrality - the principle that all net traffic should be treated equally - has been challenged in recent years as ISPs look to make a return on their increasingly expensive networks.

They argue that if content providers want to pay to get their traffic prioritised on the network, then they should be allowed to do so.

But some content owners and digital activists such as Open Rights Group argue that such a policy would do long-term damage to the internet, which was always conceived as a platform for everyone - not just those with deep pockets.

Net neutrality has been a key issue in Europe and a raft of legislation comes into force in May which will force ISPs to be more open about how they manage the traffic on their networks.

Free net

After the debate, Ed Vaizey, communications minister, made his views clear.

"Internet traffic is growing," he said. "Handling that heavier traffic will become an increasingly significant issue so it was important to discuss how to ensure the internet remains an open, innovative and competitive place.

Commenting about a code of practise drawn up by the Broadband Stakeholders' Group earlier in the week, he said the agreement should be guided by three principles.

"The first is users should be able to access all legal content," he said. "Second, there should be no discrimination against content providers on the basis of commercial rivalry and finally traffic management policies should be clear and transparent."

While Mr Vaizey is reluctant to regulate the industry, he has appointed world wide web inventor Sir Tim Berners-Lee to bang heads together.

But he could struggle to persuade ISPs that all the traffic on their networks should be treated equally.

Jim Killock, director of the ORG, said ISPs were in no mood for compromise at the debate.

"They weren't willing to make any concessions on their ability to manage traffic," he said. "BT even said that if people want to block things they should be able to."

"If people are blocking large sections of the internet and promoting a handful of service then they shouldn't be able to claim that they sell internet access," he added.

Enhanced service

A spokesman for ISPA, the body that represents UK internet service providers told the BBC that ISPs "should be free to manage their networks as they see fit".

He added that it would make no sense to throttle popular services such as the iPlayer. "That is just going to annoy your customers and they will leave," he said.

The code of practice drawn up by the BSG this week is aimed at making it easier for consumers to see how traffic is managed on different networks.

The ORG argues that it should go further

"In some countries, such as Norway, ISPs have said that they will only do traffic management to deal with congestionm" said Mr Killock. "But the UK code allows ISPs to prioritise and discriminate as they like as long as they are transparent."

Simon Milner, head of policy at BT, said the ISP had no intention of blocking anything other than illegal traffic, but he defended the right of others to do so.

"In our view if someone wants to offer a service in which things are blocked - for example the Church of England might want to deliver Christian-friendly broadband - then they should be allowed to do that. It is no different from the walled gardens we used to have," he said.

And in the "multi-channelled" internet of the future, he said, firms should be allowed to prioritise certain traffic.

"If someone came to us - for example a Russian TV mogul - and wanted enhanced delivery, then that shouldn't be regulated against. It wouldn't mean that other content would be of low quality," he said.

But, he added, so far "content providers aren't beating down our door" for such a service.

Traffic lights

The BBC has always maintained that it won't pay to have its popular iPlayer service prioritised over other traffic.

John Tate, the BBC's director of policy and strategy said: "People should be able to access the internet without the blocking or throttling of certain content due to commercial rivalry."

The BBC is currently developing a traffic-light system to let users see how different ISPs treat its iPlayer service.

The details of the system, due for release in the spring, are not fully decided but it is likely ISPs will be rated simply: Red for poor, amber for OK, and green for acceptable.

The debate also looked at how mobile operators are managing traffic as more people access the web via mobile devices.

Traffic management in mobile is already routine, said Mr Killock.

"The levels of blocking on phones is enormous," he said. "Most phones block peer-to-peer traffic while most degrade the quality of Skype calls because they don't want Skype to be taking revenue away from them."



Powered By WizardRSS.com | Full Text RSS Feed | WordPress PluginHud 1

Hackers tackle secure ID tokens

Hackers have stolen data about the security tokens used by millions of people to protect access to bank accounts and corporate networks.

RSA Security told customers about the "extremely sophisticated cyber attack" in an open letter posted online.

The company is providing "immediate remediation" advice to customers to limit the impact of the theft

It also recommended customers take steps, such as hardening password policies, to help protect themselves.

Proof positive

In the open letter, written by RSA boss Art Coviello, the company said that the data stolen would not help a "direct" attack on the the SecurID tokens.

It did not disclose exactly what had been purloined and only said that the information "specifically related to RSA's SecurID two-factor authentication products".

RSA's SecurID tokens are used by millions of people alongside passwords to beef up security.

As its name suggests, two-factor authentication involves improving security using two methods of identifying a user. The first factor is usually the traditional login ID and password combination.

The second factor can be a SecurID token that is paired with back-end software that generates a new six digit number every minute.

A token paired with this software generates the same numbers so only the holder will be able to type in the right digits and get access.

RSA said the information stolen could reduce the effectiveness of this two-factor authentication system if a company came under a broader attack by malicious hackers.

This could potentially put a lot of people at risk as RSA claims to have millions of people using its security technology to secure online accounts and access to corporate systems.

RSA recommended that firms monitor social network sites to spot if hackers were trying to capitalise on what they now know about RSA's systems.

This could be because hackers have got information about who has which token and might try to exploit that to trick employees into giving them access.

RSA also recommended reminding users about the dangers of responding to suspicious e-mails, to limit who can access critical infrastructure systems and to reinforce all policies surrounding SecurID token use.

There could be "tremendous repercussions" if criminals piggy-backed on what they know to stealthily get at corporate and other critical systems, said Richard Stiennon, chief research analyst at security firm IT-Harvest.

"You'd never have a sign that you've been breached," he said.



Powered By WizardRSS.com | Full Text RSS Feed | WordPress PluginHud 1