Dear colleagues, Happy to inform you that the PC has accepted our proposal to organise another BoF during RIPE 74 in Budapest. Unfortunately the exact time slot has not been decided yet, but we hope to get this cleared up in the coming weeks. Regardless, we can start our preparation for this and maybe already discuss some of the elements on this list. In this BoF we would like to focus on the relation between access providers, gateway devices (CPE) and IoT security. In particular the fact that often the provider is the sole entity who can quarantine or disconnect devices or networks that have been compromised (I am attaching the whole abstract below). The key questions we hope to address are: - Is there a role for the access provider in controlling/limiting access of compromised devices to the infrastructure? - Are there technical means to detect and contain devices that form a potential threat? - Would it be feasible to limit connectivity for such unsafe devices? - Are there feasible alternative means to mitigate the threat that these compromised devices form to our systems? I hope to run the BoF in a similar open fashion as the one in Madrid, with a minimum of slides and lots of time for a dialogue between the participants. But if you are doing relevant work or have an idea, I am open to suggestions for discussion starters or projects that would be relevant to the questions above. Hope to see you all in Budapest. Regards, Marco Hogewoning -- External Relations - RIPE NCC ***Security BoF: On the Linkage Between Device and Infrastructure*** Whatever the definition of the Internet of Things, one thing is for sure: the number of devices connected to the Internet is constantly growing. Even the traditional access markets continue to expand their number of end users and, importantly, the bandwidth available to them. As a follow-up to the RIPE 73 IoT BoF, we plan to explore the effects of this ever-expanding network in terms of infrastructure stability and security. Botnets, including the ones made up from relatively dumb devices such as the Mirai botnet, pose a substantial threat to the very infrastructure those devices depend on for their connectivity. Not only does the phenomenal growth in the number of poorly maintained devices increase the attack surface, but with more bandwidth available to them, the threat becomes even bigger. Can we prevent the Internet from collapsing under its own weight? Aside from the ongoing discussions on the need to secure these devices, with options ranging from capacity building to regulation, this BoF will explore the role of access providers in the ecosystem. As the natural gatekeepers between the local networks and the global infrastructure, what are their options to protect their own and other networks from these attacks? This BoF will tackle the following questions: - Is there a role for the access provider in controlling/limiting access of compromised devices to the infrastructure? - Are there technical means to detect and contain devices that form a potential threat? - Would it be feasible to limit connectivity for such unsafe devices? - Are there feasible alternative means to mitigate the threat that these compromised devices form to our systems?