Day 2 Thoughts: Difference between revisions
BerkmanSysop (talk | contribs) m (UTurn to 1267401600) Tag: Manual revert |
|||
(5 intermediate revisions by 5 users not shown) | |||
Line 6: | Line 6: | ||
But that still leaves the hard problems that seem to need quantum solutions. How can we solve the attribution problem when the global network was fundamentally designed to be pretty anonymous? How do we rectify the fact that the Internet carries both regular civilian communications and government transmissions? And how can we guarantee that hardware is secure when the only way to verify that it was built to spec is to take it apart? I'm looking forward to talking more about both kinds of problems, and both kinds of solutions. | But that still leaves the hard problems that seem to need quantum solutions. How can we solve the attribution problem when the global network was fundamentally designed to be pretty anonymous? How do we rectify the fact that the Internet carries both regular civilian communications and government transmissions? And how can we guarantee that hardware is secure when the only way to verify that it was built to spec is to take it apart? I'm looking forward to talking more about both kinds of problems, and both kinds of solutions. | ||
: Tyler: While I agree that it is a serious problem when we can't trust our hardware, I thought it was also a good point brought up in class that there is no reason why we should trust the software that runs on top of the hardware either. Is it possible to write software that we can trust even if we know or assume that it is running on malicious hardware? Are there any out of the box techniques that would allow us to use untrusted software running on untrusted hardware but still have some degree of security? | |||
: Sheel: Professor Goldsmith's comment showed that this is a problem that may have to be solved before law can even come into play: law depends on attribution that Jason mentioned - finding the bad actor. What are we supposed to do if we are only 20% sure an attack came from China? | |||
Sheel: First time that our military/government has critical information (not withstanding the unencrypted info that the government was sending overseas!) being sent over public networks. Am curious to discuss either a) better methods of encrypting information over public networks or b) better ways to build private, government-only networks. Also, the SCADA comment made by Ivan about the problem not being authentication, but old networks/platforms that have an extremely difficult time being changed, show this will require a LOT of incentives for people to be able to make the switch to more powerful networks---if that even is the answer. | |||
Finally, w/ regards to Prof. Zittrain's first 'out of the box' solution on ad hoc mesh networking - I'm having trouble understanding incentives for the guy with the internet on the outskirts of hurricane in the Katrina example to let others access his/her connection. Wouldn't being 'kind' then require a troublesome amount of security and encryption on behalf of the original users part? | |||
Chuck: First of all, my thanks to Prof. Zittrain and to all of you for allowing me to participate (including on your wiki). I hope what I offered was helpful and perhaps even thought-provoking. Second, here are some of the links I mentioned for more on the identity/security issues: http://www.microsoft.com/endtoendtrust and in particular the white paper under the "vision" link. For those inclined for a geekier dive, there is Kim Cameron's excellent blog at http://www.identityblog.com/. Finally, I'd also note our blog post on one of our big projects, the US-China Internet Industry Forum and Craig Mundie's remarks in particular, which touched on these cybersecurity issues in that context. http://bit.ly/8BpJfe | Chuck: First of all, my thanks to Prof. Zittrain and to all of you for allowing me to participate (including on your wiki). I hope what I offered was helpful and perhaps even thought-provoking. Second, here are some of the links I mentioned for more on the identity/security issues: http://www.microsoft.com/endtoendtrust and in particular the white paper under the "vision" link. For those inclined for a geekier dive, there is Kim Cameron's excellent blog at http://www.identityblog.com/. Finally, I'd also note our blog post on one of our big projects, the US-China Internet Industry Forum and Craig Mundie's remarks in particular, which touched on these cybersecurity issues in that context. http://bit.ly/8BpJfe | ||
Line 16: | Line 24: | ||
Jason: I think that the discussion took a bit of steam out of the "Difficult" part of the "Difficult Problems" equation - at least with regard to why Cisco is not participating in GNI and how they make decisions that implicate human rights issues. Mark's explanation of Cisco's position was exceedingly compelling: to my mind, he left little doubt that they really do have a different sort of impact on human rights than companies higher up in the stack; that they face a vastly different competitive landscape and client base than other ICT companies; and that they have well-developed standards and principles going forward. From where I sit, they would be completely crazy to join the GNI - it'd be all potential downside with no upside that I can tell, for either the company or for human rights. (Sadly, Cisco did not pay me to say all that, even if I just completely toed the company line.) | Jason: I think that the discussion took a bit of steam out of the "Difficult" part of the "Difficult Problems" equation - at least with regard to why Cisco is not participating in GNI and how they make decisions that implicate human rights issues. Mark's explanation of Cisco's position was exceedingly compelling: to my mind, he left little doubt that they really do have a different sort of impact on human rights than companies higher up in the stack; that they face a vastly different competitive landscape and client base than other ICT companies; and that they have well-developed standards and principles going forward. From where I sit, they would be completely crazy to join the GNI - it'd be all potential downside with no upside that I can tell, for either the company or for human rights. (Sadly, Cisco did not pay me to say all that, even if I just completely toed the company line.) | ||
: Elisabeth: I generally agree, but I wonder why Cisco doesn't take the lead in starting a GNI-like group (or a subgroup of GNI itself) to deal with hardware issues. That is, GNI could be seen as a standards body for companies in all different parts of the ICT space that want to expand operations abroad. | |||
Elisabeth: after the session, two still-difficult problems jumped out at me. First, how can GNI get smaller companies on board? In the US, I can imagine consumer and government pressure playing a role, but that will only work if the burdens aren't onerous. Second, although Mark did talk about the long-term benefit to Cisco of getting more people online, I was struck by the fact that companies are asked to join GNI partly (mostly?) out of altruism. The discussion about externalities left me wondering if there's a way to ground GNI in economics rather than goodwill. As I understand externalities, they're costs or benefits that aren't internalized. If human rights violations created a cost that appeared in a company's bottom line, presumably there would be more effort to avoid them. In the US, I think consumer outrage after gross human rights violations helps internalize their cost, but I wonder if more of a business case can be made for GNI membership or GNI-like principles. | |||
Chuck: I am also impressed (but not surprised) by your prognostication skills. I'd only add that, in addition to the two points Reuben notes above, GNI has generated a systematic way for companies to make publically credible the steps they take. This, I think, is where companies not in GNI are missing out. When there are these cases (as Mark noted) of public condemnation of companies - which can at times generate more heat than light - it is very helpful to be able to point to the process that GNI creates and demonstrate that your company not only has standards and principles but that these are being followed in practice. I also think GNI is very aware that different business sectors have different needs. Microsoft, like Cisco, sells products and services to governments (servers are in a somewhat similar position to routers as part of network infrastructure) and we stand to benefit from guidance in those areas. Related to that, and on the point about government involvement, I'd also note that the GNI principles are applicable across a company's operations, including in the US, and in that respect it's important that governments address their own practices as well as look for constructive steps to help advance user trust in other markets. I hope that came across in the class, but if not I wanted to note it here too. Thanks again. |
Latest revision as of 14:57, 14 August 2024
Cybersecurity
Daniel: the idea of a "digital driver's license" has been around for some time now. Effective and simple digital signature schemes, outside corporate or governmental control, sound much more promising to me.
Jason: This was a great discussion. To borrow a taxonomy from the philosophy of mind, I particularly liked that we were trying to identify the "hard" problems and the "easy" problems of cybersecurity - even if we didn't always agree about what they are. In theory, though, we might identify a class of easy problems because they seem to have incremental solutions. If your drone transmissions are getting intercepted, use encryption! If you're worried about data loss, generate lots of backups to the cloud or to a mesh network! If you're worried about your credit card being stolen when you buy on Amazon, how about a government-generated user ID system? Or (somewhat more controversially), if your Air Traffic Control system is vulnerable, spend some money and update it - maybe making it more appliancized, maybe adding more points of human control.
But that still leaves the hard problems that seem to need quantum solutions. How can we solve the attribution problem when the global network was fundamentally designed to be pretty anonymous? How do we rectify the fact that the Internet carries both regular civilian communications and government transmissions? And how can we guarantee that hardware is secure when the only way to verify that it was built to spec is to take it apart? I'm looking forward to talking more about both kinds of problems, and both kinds of solutions.
- Tyler: While I agree that it is a serious problem when we can't trust our hardware, I thought it was also a good point brought up in class that there is no reason why we should trust the software that runs on top of the hardware either. Is it possible to write software that we can trust even if we know or assume that it is running on malicious hardware? Are there any out of the box techniques that would allow us to use untrusted software running on untrusted hardware but still have some degree of security?
- Sheel: Professor Goldsmith's comment showed that this is a problem that may have to be solved before law can even come into play: law depends on attribution that Jason mentioned - finding the bad actor. What are we supposed to do if we are only 20% sure an attack came from China?
Sheel: First time that our military/government has critical information (not withstanding the unencrypted info that the government was sending overseas!) being sent over public networks. Am curious to discuss either a) better methods of encrypting information over public networks or b) better ways to build private, government-only networks. Also, the SCADA comment made by Ivan about the problem not being authentication, but old networks/platforms that have an extremely difficult time being changed, show this will require a LOT of incentives for people to be able to make the switch to more powerful networks---if that even is the answer.
Finally, w/ regards to Prof. Zittrain's first 'out of the box' solution on ad hoc mesh networking - I'm having trouble understanding incentives for the guy with the internet on the outskirts of hurricane in the Katrina example to let others access his/her connection. Wouldn't being 'kind' then require a troublesome amount of security and encryption on behalf of the original users part?
Chuck: First of all, my thanks to Prof. Zittrain and to all of you for allowing me to participate (including on your wiki). I hope what I offered was helpful and perhaps even thought-provoking. Second, here are some of the links I mentioned for more on the identity/security issues: http://www.microsoft.com/endtoendtrust and in particular the white paper under the "vision" link. For those inclined for a geekier dive, there is Kim Cameron's excellent blog at http://www.identityblog.com/. Finally, I'd also note our blog post on one of our big projects, the US-China Internet Industry Forum and Craig Mundie's remarks in particular, which touched on these cybersecurity issues in that context. http://bit.ly/8BpJfe
GNI
Reuben: I think we should all congratulate ourselves on our prognostication skills. A lot of our predictions were right on the money. After reviewing my notes, I came away with a few main points. It seems the GNI has had two main benefits for those involved. First, it has helped companies establish processes for how they will handle sticky situations that arise in fields of free expression and privacy where previously those concerns went unrepresented or were dealt with an ad hoc scramble. Secondly, GNI has facilitated relationships between companies and human rights organizations that allow the two sides to work together collaboratively to map out strategies and get more effective results.
While the panelists recognized the effectiveness of the GNI in at least certain situations, I was a bit surprised by the degree to which at least some participants seemed to welcome government involvement in order to force more attention on the activities of smaller companies who don't stand out the same way a Microsoft, Google, Yahoo, or CISCO might.
Jason: I think that the discussion took a bit of steam out of the "Difficult" part of the "Difficult Problems" equation - at least with regard to why Cisco is not participating in GNI and how they make decisions that implicate human rights issues. Mark's explanation of Cisco's position was exceedingly compelling: to my mind, he left little doubt that they really do have a different sort of impact on human rights than companies higher up in the stack; that they face a vastly different competitive landscape and client base than other ICT companies; and that they have well-developed standards and principles going forward. From where I sit, they would be completely crazy to join the GNI - it'd be all potential downside with no upside that I can tell, for either the company or for human rights. (Sadly, Cisco did not pay me to say all that, even if I just completely toed the company line.)
- Elisabeth: I generally agree, but I wonder why Cisco doesn't take the lead in starting a GNI-like group (or a subgroup of GNI itself) to deal with hardware issues. That is, GNI could be seen as a standards body for companies in all different parts of the ICT space that want to expand operations abroad.
Elisabeth: after the session, two still-difficult problems jumped out at me. First, how can GNI get smaller companies on board? In the US, I can imagine consumer and government pressure playing a role, but that will only work if the burdens aren't onerous. Second, although Mark did talk about the long-term benefit to Cisco of getting more people online, I was struck by the fact that companies are asked to join GNI partly (mostly?) out of altruism. The discussion about externalities left me wondering if there's a way to ground GNI in economics rather than goodwill. As I understand externalities, they're costs or benefits that aren't internalized. If human rights violations created a cost that appeared in a company's bottom line, presumably there would be more effort to avoid them. In the US, I think consumer outrage after gross human rights violations helps internalize their cost, but I wonder if more of a business case can be made for GNI membership or GNI-like principles.
Chuck: I am also impressed (but not surprised) by your prognostication skills. I'd only add that, in addition to the two points Reuben notes above, GNI has generated a systematic way for companies to make publically credible the steps they take. This, I think, is where companies not in GNI are missing out. When there are these cases (as Mark noted) of public condemnation of companies - which can at times generate more heat than light - it is very helpful to be able to point to the process that GNI creates and demonstrate that your company not only has standards and principles but that these are being followed in practice. I also think GNI is very aware that different business sectors have different needs. Microsoft, like Cisco, sells products and services to governments (servers are in a somewhat similar position to routers as part of network infrastructure) and we stand to benefit from guidance in those areas. Related to that, and on the point about government involvement, I'd also note that the GNI principles are applicable across a company's operations, including in the US, and in that respect it's important that governments address their own practices as well as look for constructive steps to help advance user trust in other markets. I hope that came across in the class, but if not I wanted to note it here too. Thanks again.