• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Microsoft calls for a "digital Geneva Convention" at RSA security conference keynote

Status
Not open for further replies.
X

XiaNaphryz

LATIN, MATRIPEDICABUS, DO YOU SPEAK IT
http://www.usatoday.com/story/tech/...rad-smith-digital-geneva-convention/97883896/

SAN FRANCISCO – In a policy speech that puts Microsoft front-and-center in the shifting ground of both politics and nationalism, company president Brad Smith said tech companies must declare themselves neutral when nations go up against nations in cyberspace.

”Let's face it, cyberspace is the new battlefield," he told an overflow audience in the opening keynote at the RSA computer security conference.

Tech must be committed to ”100% defense and zero percent offense," Smith said.

Smith called for a ”digital Geneva Convention," like the one created in the aftermath of World War II which set ground rules for how conduct during wartime, defining basic rights for civilians caught up armed conflicts.
Click to expand...

The world's governments need to pledge that ”they will not engage in cyberattacks that target civilian infrastructure, whether it's the electric grid or the political system," Smith said.

This digital Geneva Convention would establish protocols, norms and international processes for how tech companies would deal with cyber aggression and attacks of nations aimed at civilian targets, which appears to effectively mean anything but military servers.

While Europe and other nations are also experiencing a rise in nationalist feelings, it is no accident that Smith's talk comes just three weeks after Donald Trump was inaugurated the 45th president of the United States. Trump's bellicosity has caught the attention of the world and made tech companies uncomfortably aware that their realm — cyberspace — is also a likely battlefield when hostilities break out.

Smith listed a string of increasingly threatening cross-border cyber incidents, beginning with the North Korean attack on Sony Pictures Entertainment in 2014 to thefts of intellectual property by China in 2015, ending with last year's Russian involvement in the U.S. presidential election.

”We suddenly find ourselves living in a world where nothing seems off limits to nation-state attacks," Smith said.

Technology companies, not armies, are the first responders when cyber attacks occur, he noted. But they cannot and must not, respond in kind, or aid governments in going on the offensive, Smith said.

He called for the creation of an autonomous organization, something like the International Atomic Energy Agency that polices nuclear non-proliferation.

”Even in a world of growing nationalism, when it comes to cybersecurity the global tech sector needs to operate as a neutral Digital Switzerland," Smith said.

”We will not aid in attacking customers anywhere. We need to retain the world's trust."

What this appears to mean in the near term is that tech companies should refuse to aid governments, even the government of the country they are based in, in attacking other nations. That could mean not building backdoors into programs sold in other countries and not taking part in work to create cyberweapons.
Click to expand...

Claudio Neiva, a network security research director with analyst firm Gartner, did note that it's easier for Microsoft and other large companies to commit to taking no offensive cyber action because they have the money and staff to pursue legal action.

”They're being offensive by using legal measures, so it's just a different way of doing things," he said.

Microsoft, which does business in 190 countries, clearly sees itself as an international company responsible to its global customers.

”We need to make clear that there are certain principals for which we stand, that we will assist and protect customers everywhere. We will not aid in attacking customers anywhere, regardless of the government that may ask us to do so," Smith said.
Click to expand...
 
D

Duplolas

Banned
Good. Leave us out of it.

Attacking civilians does nothing but get us more pissed off and involved anyways. Focusing on political and military targets that actually matter makes the most sense.
 
S

Stumpokapow

listen to the mad man
This is a specific prisoner's dilemma. Everyone benefits if we all cooperate (no cyberwarfare), but individual countries benefit more by breaking the rules (offensive attacks), even though they lose if others break the rules too (needing to defend yourself from attacks).

It's an iterated prisoner's dilemma with a time-discount factor and infinite time horizons, in specific. In theory there a lot of positive cooperative equilibria (like single tit-for-tat--i.e. if you are attacked, attack back, but don't retaliate against people who attack back if you attacked them first, and otherwise don't attack--or trembling hand tit-for-tat--i.e. forgive the occasional attack as an accident and don't retaliate, but don't allow many attacks) but there are a lot of negative equilibria, like Grim Trigger (if someone attacks you, attack them repeatedly again and again forever even if it means depleting all your resources and exposing yourself to more attacks), or tit-for-two-tats.

I feel it's much more likely that countries will be stuck in a bad equilibrium, like they are on most arms race issues. The only reason we don't have an out of control arms escalation with nukes is MAD. I don't do much game theory but I'd be interested if any nuclear arms game theorists have any insight on cyberwarfare.
 
X

Xe4

Banned
Hmm, this seems like it will work in times of peace, but not so much in times of war. If a major war were to break out, say WWIII without nuclear weapons, I can't see any way the governments couldn't coerce tech companies into helping cyberattacks in the name of self defense. The Geneva convention worked (mostly) because governments made the laws and they were the ones signing up. A digital treaty convention will only go as far as the respective governments will allow.

This thread is super intresting thanks for posting.
 
A

Arc

Member
Attended this in person. It was strongly worded to say the least, I'd recommend watching it if they put it online.
 
C

CadetMahoney

Member
Stumpokapow said:
It's an iterated prisoner's dilemma with a time-discount factor and infinite time horizons, in specific. In theory there a lot of positive cooperative equilibria (like single tit-for-tat--i.e. if you are attacked, attack back, but don't retaliate against people who attack back if you attacked them first, and otherwise don't attack--or trembling hand tit-for-tat--i.e. forgive the occasional attack as an accident and don't retaliate, but don't allow many attacks) but there are a lot of negative equilibria, like Grim Trigger (if someone attacks you, attack them repeatedly again and again forever even if it means depleting all your resources and exposing yourself to more attacks), or tit-for-two-tats.
Click to expand...

Rachel: Tit for tat.
Chandler: Well I'm not showing you my tat.
 
Status
Not open for further replies.

Similar threads

Financial Times: How Brad Smith used Microsoft’s $1bn law and lobbying machine to win Activision battle
News Drama Business 2 3
127
10K
Topher replied
  • Locked
Microsoft boss changes tune after criticism of UK
Business Hardware
1
853
Topher replied
  • Locked
Elon Musk vs Brazil’s Federal Supreme Court
Social Opinion News
12
2K
AJUMP23 replied
  • Locked
Microsoft president claims Russian intelligence is trying to "penetrate gaming communities"
2 3
114
8K
Cyberpunkd replied
Bobby Kotick, former CEO of Activision, Interested in Buying Tik-Tok
2 3
143
9K
Gameplay Gods Bless replied
Top Bottom