Does the ITU get the internet?
World organisation's IP block on lock
The International Telecommunications Union (ITU) is angling for a wider role in running the internet, to the extent that it is hosting the WSIS meeting taking place in Geneva at the moment.
Situated in the United Nations' Palais des Nations and just over the road from the ITU three-building complex, delegates from across the world have been complaining about the low-tech environment featuring unrecordable audio and a severe shortage of power sockets.
However, the one area where the ITU has managed to get its act together is in the provision of wireless internet links for the hundreds of laptops here. There is only one problem: if we were following the strict rules that the ITU would seek to impose on the internet's infrastructure, this network would not exist at all.
The ITU's chunk of the internet - its IP block - is 126.96.36.199. to 188.8.131.52, allowing for over 65,000 individual IP addresses. All of the ITU's internet connections (including the one this laptop is using to file stories) are run through this block. But if you do a search on this IP block at overseers RIPE, you'll see that it is actually locked for failing to comply with regulations.
Why? Because the ITU is using a "NONE" authentication system. That isn't a fancy acronymn, it means that there is no authentication on the system. The internet has changed so significantly in the past five years that RIPE put an end to the ability to run IP blocks without some form of security. It discussed, agreed and put an end to the "none" system back in April 2004.
The ITU however - the foremost communications organisation in the world - remains unauthenticated and as such is on lock.
The one person that can sort this out - the designated technical contact, one Luis Rodrigues - hasn't worked for ITU for years. And only an email to his account can free up the block. Plus we have it on good authority that the ITU was informed directly about this situation a fortnight ago and promised to put someone on the case straight away.
In an under-regulated internet world, this is just the sort of thing that is allowed to continue unpunished. The question is: if the body that wants to regulate such matters is in flagrant breach of its own rules, what confidence can we have that there are people at the heart of it who actually know what they're doing? ®
Sponsored: Becoming a Pragmatic Security Leader