Geneva Convention
Worked so well for torture and waterboarding...
Microsoft president says the world needs a digital Geneva Convention
Microsoft president Brad Smith appeared before the UN in Geneva to talk about the growing problem of nation-state cyber attacks on Thursday. Smith, also Redmond's chief legal officer, last month publicly accused North Korea of the WannaCry ransomware attack. During the UN session on internet governance challenges, Smith made …
-
-
Friday 10th November 2017 19:25 GMT Mark 85
Re: Geneva Convention
Add in several wars and all the bad crap happening to civilians in Africa and other places that UN says should stop but never do anything to stop it.
I won't get into the corruption and self-centeredness of the delegates to this organization and the amount of time and money spent on the trappings such as banquet food, travel, redecorating, etc.
-
Saturday 11th November 2017 19:38 GMT Trigonoceps occipitalis
Re: Geneva Convention
" ... UN says should stop but never do anything to stop it."
The UN has no way to apply economic or violent power. It has to rely on the member states stepping up. The UN can be many things to many people but has to rely on political influence for all it's actions. Have a go at your government if you have a beef with the efficacy of the UN.
-
-
-
Friday 10th November 2017 18:45 GMT bombastic bob
yet another meaningless symbolic gesture
a "cyber geneva convention" - what, do evil hackers have to SIGN ONTO this before they begin cracking your systems?
It's a meaningless symbolic gesture, like wearing a silly ribbon, or giving a Nobel prize to someone who didn't really do anything [no names here but his initials are B.O.], or half a dozen OTHER "symbolism over substance" things that anyone paying attention could think of [because it happens a LOT].
Usually when _I_ make a symbolic gesture, it has a binary value of 00100, and carries an explicit meaning. I give this "symbolic gesture" to the whole CONCEPT of a "digital Geneva Convention" for the obvious reasons.
Icon because I'm facepalming (another symbolic gesture that is not so meaningless)
/me points out that it's usually not GUMMINTS doing this crap. And if it IS gummints doing it, and people know about it, they've completely *FAILED*.
-
Saturday 11th November 2017 06:27 GMT Teiwaz
Re: yet another meaningless symbolic gesture
[no names here but his initials are B.O.
Jeez Bob, is that only when it came to your attention Nobel prizes were now given out like honorary degrees???
Take a gander at the list of the buttered up well after the N.I. Good Friday agreement....
These days former Presidents with one is practically a formality.
-
-
Friday 10th November 2017 19:12 GMT Anonymous Coward
Instead of more regulation...
... try to get hold of people who actually know what they're doing to get the job done for you.
And also listen to them. If some co-worker warns you about the fact that the IOT stuff you sell is pretty bogus then don't fire them because of bad motivation, but listen to what they have to say so that you can work a middle ground to actually improve on your product.
But as long as money is more important than quality then this is what you get. And when you produce crappy software then it's only a matter of time because someone is going to try and abuse it. No shit sherlock!
-
Friday 10th November 2017 19:16 GMT Anonymous Coward
Microsoft spends $1bn on security innovation a year.
Maybe if they'd coded properly in the first place they wouldn't need to?
So here's a question for Microsoft: How much do you spend per year that isn't fixing flaws in your own code base? I'm guessing not much.
Now subtract the effort spent fixing not the code, but the exploitations, and I'm guessing down to the lowest round number. Assuming "zero" counts as a number. Mathematicians, over to you.
-
Friday 10th November 2017 19:32 GMT Jim-234
Typical pass the blame for bad design
Yet another self serving line of PR garbage. Take the last sentence:
"90 per cent of attacks begin with someone clicking on an email... We need to protect people from their bad habits," he noted. ®"
How about you don't make products that can be totally hijacked by opening up an e-mail or viewing a web page.
Calling garbage insecure design from the get go people's bad habits is a bit self serving.
Asking people nicely to please not hack into your insecure products is about the same as asking the burglars to please not open your door and walk out with all your stuff because a good lock is too hard to make or replace.
-
-
Saturday 11th November 2017 00:49 GMT Chemical Bob
Re: Speaking of Microsoft
Ah, but those nodes are being set up by Paying Customers. If MS did something about that, they'd lose Paying Customers which leads to Not Making Money. And nobody has figured out how to monetize Not Making Money.
On second thought, Uwe Boll has figured out how to monetize that...
-
-
-
Sunday 12th November 2017 23:35 GMT Anonymous Coward
Microsoft on the sorry state of IoT security :]
"Microsoft president Brad Smith .. made the case for a cyber equivalent of the Geneva Convention. He started off by noting the sorry state of IoT security"
Haaaar :]
"If you can hack your way into a thermostats you can hack your way into the electric grid"
Only if you're controlling the grid through SCADA systems running on Microsoft Windows.
-
Monday 13th November 2017 15:28 GMT Gigabob
Well OK then...
If we just trust one another and sit together by the campfire and sing cum bay ya. It worked so well for Donald Trump. When he had an issue with US Electioneering influence - he went right to the source, Vlad Putin and Putin convinced him he had noting to do with it and Russia was not involved. God what I could do with that guy and the great potential for more Florida swamp land.
-
Monday 15th January 2018 16:15 GMT Gigabob
But would the US Sign on?
Note the effort to ban landmine use throughout the world. With 164 UN signatures - there are a few prominent exclusions - the US, Russia, China, India, the Koreas, etc. I expect to see the same exclusions on a Geneva Code of Conduct for Cyber Behavior. That said - it is still a good idea to codify proper cyberspace behavior. The best thing that can come from it is a series of standards on how to protect your organizations, security standards that need to be in place for network and data traffic including encryption.
Biting the hand that feeds IT
