The USMCA not such “a terriffic deal for all of us”

We received the following from Maria at OpenMedia a few moments ago. We have removed the call for donations from this message, though if you wish to donate to them you can do so through their website.

Donald Trump says that the new North American Free Trade Agreement (NAFTA), now called the United States Mexico Canada Agreement (USMCA), is “a terrific deal for all of us.”1

But it certainly isn’t a good deal for people in Canada, because it would give corporations sweeping new powers to censor the web, and increase costs for education and lifesaving medicines by tens of millions of dollars.

It’s a copy and paste of some of the worst parts of the Trans-Pacific Partnership (TPP). That’s why we’re asking for your help to post ads like this where members of Parliament will see them, to demand they stand up to Trump and block his unfair, anti-democratic trade agreement.

<http://qb.salsalabs.com/dia/track.jsp?v=2&c=owB4UmFWnI9u2VPSy5ogfA3EAEJH245k>

The new NAFTA rules may as well have been written by Disney. Copyright terms have been extended to 70 years past the death of the author, keeping cultural heritage out of the public domain and lining the pockets of studios for generations after their creation.2

Time and time again, the data shows these copyright terms do nothing to help independent creators.3 But the terms will cost taxpayers millions of dollars, significantly reduce access to Canadian heritage, and have the potential to significantly increase education costs that are already out of reach for most people.4

The U.S. didn’t even consult with Canada on these rules, but instead reached an agreement with Mexico and then threatened to leave us out altogether if we didn’t sign on.

Our trade representative may have folded to the U.S., but Canada’s government still has to sign on and ratify—and we can stop that from happening.

But in order to stop the new NAFTA, we have to make our voices public in an eye-catching way. We’re posting ads where they can’t be ignored by Parliament and Prime Minister Trudeau, and we’re lobbying to get Canada to reject this terrible NAFTA agreement.

Footnotes:

[1] President Trump announces ‘truly historic’ trade deal to replace NAFTA: USA Today <http://qb.salsalabs.com/dia/track.jsp?v=2&c=ldmmO1zEJxZTAe7GMPEsig3EAEJH245k>

[2] New NAFTA could include tough intellectual property laws that Canada fought against in TPP: Global News <http://qb.salsalabs.com/dia/track.jsp?v=2&c=j4dBSEetGtohNWNm9o6IOA3EAEJH245k>

[3] Digital opportunity: review of intellectual property and growth: Gov.Uk <http://qb.salsalabs.com/dia/track.jsp?v=2&c=%2FQM5bc1fHCo%2FxK03AvH13A3EAEJH245k>

[4] NAFTA 2.0 and Digital Rights: The Good, The Bad and The Worst: OpenMedia <http://qb.salsalabs.com/dia/track.jsp?v=2&c=9jOu3yWRtzeyv14tVmi8Pg3EAEJH245k>

We’re Introducing New Auth Code Requirements to Domains

CentralNic, a registry operator, has announced stricter criteria for the authorization codes used to transfer domains in their TLDs, effective July 23, 2018. We expect other registries to follow suit and have decided to apply these same heightened auth code requirements to all other gTLDs as of November 1, 2018.

We view this change as a step towards a smoother, more secure domain transfer process and anticipate the development of an industry-wide solution in which auth codes will be the sole security requirement for transfer completion.

How does this affect me?

By July 23, 2018, we will ensure you are meeting the new requirements (listed below) when updating the auth codes for CentralNic domains. Auth codes must:

  • Be a minimum of 16 characters
  • Be a maximum of 48 characters
  • Contain a mix of upper- and lower-case characters
  • Contain at least one number
  • Contain at least one non-alphanumeric character

When you attempt to transfer your domain away from That Hosting Company; where in the past the domain may have contained up to 10 Characters, letters and symbols; you will receive an authorization code with 16 Characters which will include Letters, both capitol and not, numbers and at minimum one character. This code you would then in turn provide the receiving registrar to complete the transfer process.

Google Chrome 68 and the SSL (TLS) Certificate

Google’s new age of Secure Internet is set to take another giant leap forward this coming July with the launch of Chrome 68.

For the past several years, Google has been increasingly advocating the use of HTTPS by gradually introducing not secure warnings to more and more HTTP pages. But soon, with the release of Chrome 68 due out on July 1st, 2018, Chrome will begin marking all HTTP sites that don’t have an SSL Certificate as “Not Secure”.

Chrome is dedicated to making it as easy as possible to set up HTTPS. Mixed content audits are now available to help developers migrate their sites to HTTPS in the latest Node CLI version of Lighthouse, an automated tool for improving web pages. The new audit in Lighthouse helps developers find which resources a site loads using HTTP, and which of those are ready to be upgraded to HTTPS simply by changing the subresource reference to the HTTPS version.

Additionally, Google has been down-ranking sites that have not been secured with an SSL certificate over the course of the last year quietly. They confirmed doing so over a teleconference with Tucows and a number of their resellers, such as us, during a webinar for SSL certificates.

That being said, That Hosting Company has made efforts to provide a free SSL certificate for all Shared and Managed WordPress website services through our systems. We can show you how to implement the free “Let’s Encrypt” SSL certificates to your Dedicated Servers and VPS so that you can be ready for the changeover. From Google’s perspective, there should be absolutely no reason for your site to not be secure. While we do provide you with the initial “Let’s Encrypt” SSL Certificate for free, it is still highly suggested to purchase an SSL Certificate if you wish to do any selling on your website to protect the transaction.

IPv4 availability has officially been depleted in North America

You may have heard this before, but we are really, really running out of public IPv4 addresses.

This week, the regional internet registry responsible for Latin America and the Caribbean, LACNIC, announced it has moved to “phase 3” of its plan to dispense with the remaining network addresses, meaning that only companies that have not received any IPv4 space are eligible. There is no phase 4.

That means LACNIC is down to its last 4,698,112 public IPv4 addresses(although that may increase as it recovers a little bit of space over time). If you are eligible for more addresses, you’re only going to get a maximum /22, or 1,024 addresses at a time.

So guess what LACNIC suggests people do? That’s right: move to IPv6. YOU HEARD US! MOVE TO IPv6 ALREADY! WHADDAYA MEAN IT’S HARD?! JUST DO IT!

LACNIC has been scraping the bottom of the barrel for some time – it warned back in 2014 that it was running out of space. And it was one of the last: APNIC ran out in 2011; RIPE in 2012 and ARIN said it was done in September 2015 – and it had a massive stash (sorry, we were not meant to mention that?).

The only place left with any public IPv4 numbers is Africa – almost entirely thanks to the continent’s massively under-developed internet. Even AFRINIC is warning that time is running out – its initial assessment that it would run out in 2020 has been reduced to 2019 already.

Of course, there are still many who continue to kid themselves that they can manage without the potentially painful shift to IPv6. And then there are those who decide to just do it – Microsoft for example – and are thoroughly depressed when they figure out even they can’t manage it.

Maybe it really is going to take the complete and absolute lack of new IPv4 addresses – even on the black market – to get people moving.

It you want to watch the slow death of available IPv4, all the tools you could wish for are available at ipv4.potaroo.net.

The problem is that IPv4 and IPv6 aren’t entirely compatible. If you’re on an IPv6 network, you can’t browse a site running on a web server that uses only IPv4—such as WIRED’s site—without some sort of compatibility layer in between. Fortunately, Internet service providers have been working hard to update their infrastructure and support both standards.

Curran says Internet providers are doing a good job of the transition so far. In fact, most smart phones are already using IPv6, he says, and most people never notice. Just today Comcast, the largest Internet provider in the US, said its entire network now supports both IPv4 and IPv6.

That was a report from Wired back in 2015. Good thing we already switched over to IPv6 for all of our services because another report released today from the Register  (https://www.theregister.co.uk/2018/04/18/llast_ipv4_address/) explains the following:

You may have heard this one before, but we have now really run out of public IPv4 address blocks.

The Internet Assigned Numbers Authority – the global overseers of network addresses – said it had run out of new addresses to dish out to regional internet registries (RIRs) in 2011. One of those RIRs, the Asia-Pacific Network Information Centre, said it was out of available IPv4 addresses later that year.

Then Europe’s RIR, Réseaux IP Européens aka RIPE, ran dry in September 2012, followed by the Latin America and Caribbean Network Information Centre (LACNIC) in June 2014. Next, the American Registry for Internet Numbers hit an IPv4 drought in September 2015.

Of course, there was running out and then there was actually running out. It wasn’t until February 2017 that LACNIC moved to “phase 3” when only those companies that did not have any IPv4 space were allowed to get any of the remaining addresses – which will only come in /22 bite-size pieces.

But this week, we have really run out. Despite having run out six years ago, RIPE this week has really, really run out. It has allocated its last /8 block – and you can see from this pretty graph – the dark green has run into the ground.

RIPE IPv4

Following that dark green line all the way… into nothingness

Of course, RIPE still has some other addresses. But it’s not like the old days when people would scoff at anything smaller than a /8. From here on out, it’s just crumbs.

But it’s gonna be OK

The good news is that after 20 years of pleading by internet engineers, who are not at all embarrassed by the fact that they developed a new protocol that is incompatible with the old one, everyone has decided to move over to IPv6 and so it doesn’t matter that we have run out of IPv4.

Only kidding. It’s an absolute mess.

The World IPv6 Launch campaign is still determinedly following and promoting the seemingly endless efforts to get people to move to IPv6: just this week it announced “an exciting new entrant” to its measurement stats. Chunghwa Telecom is the Taiwan’s largest telco and has an incredible IPv6 deployment rate of… 21 per cent.

That has now rocketed to, er, 26.3 per cent. That’s a whole percentage point up from six months ago. Which means that all the biggest websites in the world should be IPv6 ready by May 2021.

Despite the objective reality that a move to IPv6 is going to be necessary and it will be increasingly painful not to do so, it appears that human beings are pretty poor at behaving rationally and seem to be waiting it out until they literally have no other option.

ISPs are in denial; governments are looking for the IPv4 dollar signs and criminals are cashing in.

But with the last IPv4 address block now really, really gone, it’s only a matter of… what’s that? AFRINIC has still got some? Let’s go.

Canada and Data Sovereignty for Compliance

Did you know that certain industries are required to retain all their data within Canada due to Data Sovereignty ?

First thing’s first: what does Data Sovereignty mean, exactly? Data sovereignty is the notion that data and digital information is protected by the laws of the country it is physically stored in. For obvious reasons, this issue has become a hot topic for cloud providers and their customers, since businesses and people relying on cloud technology need assurance that their confidential data will stay that way. In order to assure cloud users that their data is in fact protected by data sovereignty laws, providers must maintain absolute transparency with them.

In Canada, as with other countries, providers must abide by specific rules determined by the host government if they want declare their data protected. Early in 2015, the Canadian government polled industry professionals to weigh in on whether the following strategies were viable in preserving data sovereignty¹:

  • All domestic data traffic should be routed exclusively through Canada
  • All databases in which data is stored on servers are located in Canada

There can be no connections between Canadian data centres and third-party data centres located outside Canadian borders, and there can be no available routes of legal entry to the data from an outside source

  • Data must be encrypted and all encryption keys must be held by Canada
  • Canadian data must be physically segregated as part of the design solution

In simpler terms, data must be held exclusively by a Canadian provider, transferred over a Canadian network, and housed in a Canadian data centre.

The inability of these industries to follow new laws added to PIPEDA on Oct 1, 2016 can net a fine of up to Can$10,000 is available on summary conviction, with a fine of up to Can$100,000 available on indictment for any of the following:

Violation of the provisions related to the retention of information subject to an access request.

Retaliating against an employee for:

  • co-operating with the commissioner;
  1. refusing to violate PIPEDA; or
  2. complying in good faith with the legislative requirements.
  • Obstructing the Commissioner in the investigation of a complaint or audit.

The Federal Court can order an organisation to:

  • Correct its practices.
  • Publish a corrective notice.
  • Pay damages to a complainant, including damages for humiliation.

Sources: