Posted in Pubblica Amministrazione

Who leads Italian Public Administration websites around by the nose?

There is a phenomenal concentration of power in the hands of a few: Internet has seen growing over the top players during the last twenty years. But I think that when it comes to Public bodies, a public interest…

Continue Reading... Who leads Italian Public Administration websites around by the nose?
Posted in Innovazione Pubblica Amministrazione

Email authentication and italian Public Administration: a long way to go

Italian Public Administrations are adopting some e-mail authentication measures like SPF (Sender Policy Framework) and DMARC (Domain-based Message Authentication, Reporting & Conformance) TXT records in their authoritative name servers’ zone file. A little improvement can be…

Continue Reading... Email authentication and italian Public Administration: a long way to go
Posted in Pubblica Amministrazione

Reliability of italian Public Administration’s websites: 2015 report

Is it sufficient that the legislator provides “Appropriate levels of security” to make italian Public Administration’s websites safe? Apparently not, since only in 2015 hundreds of Internet pages belonging to public bodies have been violated. According…

Continue Reading... Reliability of italian Public Administration’s websites: 2015 report
Posted in Pubblica Amministrazione

Internet e censura nella Pubblica Amministrazione

[Scarica il documento in formato PDF: Antonio Prado, Internet e censura nella Pubblica Amministrazione ] Ricerca sulla inibizione della navigazione dei dipendenti pubblici sul posto di lavoro Sommario Nell’ordinamento italiano è stabilito che gli operatori di rete…

Continue Reading... Internet e censura nella Pubblica Amministrazione
Posted in Pubblica Amministrazione

Analysis on poor reputation of the italian Public Administration websites

Websites, spam and blacklists: how do they correlate? Everyone could argue that a broken website can (hacked or not) send junk mail, therefore be marked as spam-sending and as a consequence listed in one or…

Continue Reading... Analysis on poor reputation of the italian Public Administration websites
Posted in Pubblica Amministrazione

Italian Public Administration web sites (in)security: 2014 report

Knowledge is the key. Recently Leandro Gelasi pointed me to an interesting report: 2014 Italian Cyber Security Report about awareness, defense and organization in the Public Sector. That’s mostly a detailed analysis of a 61-questions…

Continue Reading... Italian Public Administration web sites (in)security: 2014 report
Posted in Pubblica Amministrazione

Reverse DNS lookup for Italian Government’s mail exchangers (UPDATES 1-2)

Bleeding edge technology? Definitely not. However, Public Administrations seem to ignore some well known recommendations (RFC 1033, RFC 1912) for their Internet presence and services. This article shows the current status of italian ministries’ (or departments’) mail exchangers: domain,…

Continue Reading... Reverse DNS lookup for Italian Government’s mail exchangers (UPDATES 1-2)
SSL connections
Posted in Pubblica Amministrazione

HTTPS Zombies among Italian Public Administration’s web sites

Tales of terror: SSL nightmare. Despite the fact that confidentiality, integrity and identity play a key role in the modern Internet, Italian Public Administrations seem to understimate how a HTTPS web site is important to…

Continue Reading... HTTPS Zombies among Italian Public Administration’s web sites
Posted in Innovazione Pubblica Amministrazione

Where do italian Public Administration web sites live?

It’s important how we choose our hosting provider and it depends on a lot of aspects. As a Public Administration I first would identify my visitors profile: how many they are, from where they connect…

Continue Reading... Where do italian Public Administration web sites live?
Posted in Innovazione Pubblica Amministrazione

DNSSEC, unidentified flying object in the sky over italian Public Administration

Q: “Are you running DNSSEC?” A: “Pardon, what am I supposed to run?” Ok, DNNSEC (a set of extensions to DNS documented since 2005 by RFCs 4033, 4034, 4035) is not so widely adopted but…

Continue Reading... DNSSEC, unidentified flying object in the sky over italian Public Administration