In this talk, presented in June 2016 at KAIST, I argue that it is time for the next generation of cybersecurity strategies. These must have a governance focus, and be based on international laws, declarations and agreements, basic internet rights and public good provisions.
Safe way in investment through the digital platform Ery Hw
This slides cover about the investment that could be done using digital platform especially in Indonesia context. It cover from common investment instruments and also new digital investment just like Blockchain and Crypto Assets.
DISCLAIMER : All investment strategies and investments involve risk of loss. Nothing contained in this presentation should be construed as investment advice. Any reference to an investment's past or potential performance is not, and should not be construed as, a recommendation or as a guarantee of any specific outcome or profit
Blockchain in Europe: Closing the Strategy GapCognizant
According to our recent research, European businesses need to break through old mental models of company boundaries and markets to grasp the full potential of blockchain and how it will shift entrenched views of institutional power.
Safe way in investment through the digital platform Ery Hw
This slides cover about the investment that could be done using digital platform especially in Indonesia context. It cover from common investment instruments and also new digital investment just like Blockchain and Crypto Assets.
DISCLAIMER : All investment strategies and investments involve risk of loss. Nothing contained in this presentation should be construed as investment advice. Any reference to an investment's past or potential performance is not, and should not be construed as, a recommendation or as a guarantee of any specific outcome or profit
Blockchain in Europe: Closing the Strategy GapCognizant
According to our recent research, European businesses need to break through old mental models of company boundaries and markets to grasp the full potential of blockchain and how it will shift entrenched views of institutional power.
Hacking the DNA of humanity with Blockchain and AI by Dinis GuardaDinis Guarda
Hacking the dna of humanity with blockchain and AI
What is the biggest challenge humanity faces now?
DNA OF OUR TIME = TECH - DATA + BLOCKCHAIN + AI
Humanity data code = DNA!
What happens when we can hack this code?
(This is Now?)
Tom Carlson of Weston, CT and financial professional with a wide background in business turnaround focuses on an interview that Mark Andreessen had with Bloomberg Market magazine. The interview focused on Andreessen's view on how the financial market can change and adopt new policies and ways of operation.
How Businesses & Governments can prosper with Blockchain + AI by Dinis Guarda Dinis Guarda
How Businesses Governments can prosper with Blockchain and AI?
The conjunction between digital transformation, industry 4.0 Blockchain and Artificial Intelligence technology & how governments and enterprises can benefit from embracing these technologies.
By Dinis Guarda, founder and CEO ztudium
Mastering the demons of our own designTim O'Reilly
My talk about lessons for government from high tech algorithmic systems, given as part of the Harvard Science and Democracy lecture series on April 21, 2021. Download ppt for speaker's notes.
4IR AI Blockchain Fintech IoT book presentation by Dinis GuardaDinis Guarda
4IR - AI Blockchain Fintech IoT
- Reinventing a Nation
- Book by Dinis Guarda and Rais Hussin, presentation by Dinis Guarda
Governments need to make sure society benefits from 4IR technological innovations and that these are led and harnessed by them, and not by big tech global titans or minimum work side by side in meaningful ways.
Let now be a new dawn on this front. Let this be our joint responsibility focus and pledge for a new era and create a new drive that uses, manages and controls this powerful set of 4IR Blockchain AI Fintech IoT technologies for our good. For, by, managed and controlled by Nations cooperating with each other, and the people.
Don’t fear the transformative power of 4IR change.
Embrace it, use its power to your own benefit.
Lessons from Software for Synthetic BiologyTim O'Reilly
In my November 4, 2015 keynote at the SynBioBeta conference, I talk about lessons from open source software and the internet that should shape our thinking about the bio revolution. Licenses are only part of the open source story. The architecture of interoperability may matter even more.
Big Data and the Future of Journalism (Futurist Keynote Speaker Gerd Leonhard...Gerd Leonhard
This is a slightly edited version of my slides presented in London on June 7, 2013 and the Reuters Institute see https://reutersinstitute.politics.ox.ac.uk/research/conferences/forthcoming-conferences/big-data-big-ideas-for-media.html
BTW: You can download ALL of my slideshows, free books and other stuff at http://futuristgerd.com/downloads/
"Data stockpiles are growing exponentially...consumer profiles, media content usage patterns, Twitter and Facebook posts, online purchases, public records, real-time media user behavior and much more. The Big Ideas conference speakers will inspire tactics and strategies to harness these data.
The media industry's leading edge experts from journalism and business disciplines will detail their own case studies, outlining their challenges and triumphs using tools to understand complex data sets. They will outline how these experiences have paved the way to prize-winning journalism, audience insights and growing revenues..."
The following document was elaborated by InPeople Consulting & UpsideRisks as a consecuence of the participation at the Conference Exponential Finance and their own research.
Global Goals: Every Achievement Counts (Section 5: Resource Management)Koh How Tze
There has never been problem with the resources. The problems lie within distribution.
We have an abundance stream of resources available to sustain our living.
It is how we organize and distribute these resources that matters.
ABCDE The World is the way moving forward.
In brief, ABCDE is building an AI driven, Blockchain based Cognitive resources management system powered by Data, Ethically.
To enable and ensure shared prosperity, true wealth must be produced in the first place.
Without resources, there can’t be distribution. Taking care of people should be the priority in cities preservation and development.
In this section, we shall explore the availability of technology, the creation and distribution of true wealth, and the options we have marching towards our future.
- ABCDE The World?
- True Wealth: Food, Education, Energy, Shelter, Healthcare, Entertainment
- A Post-Scarcity Society
Making Better Internet Policy: An Analysis of the National Information Infras...Jeremy Pesner
My Masters Thesis mapped diversity of stakeholder involvement to policy outcomes of the National Information Infrastructure. I reviewed many archival documents from the era and interviewed nearly twenty different stakeholders who were involved at the time.
Thesis Committee: D. Linda Garcia, David Ribes, Michael R. Nelson
Hacking the DNA of humanity with Blockchain and AI by Dinis GuardaDinis Guarda
Hacking the dna of humanity with blockchain and AI
What is the biggest challenge humanity faces now?
DNA OF OUR TIME = TECH - DATA + BLOCKCHAIN + AI
Humanity data code = DNA!
What happens when we can hack this code?
(This is Now?)
Tom Carlson of Weston, CT and financial professional with a wide background in business turnaround focuses on an interview that Mark Andreessen had with Bloomberg Market magazine. The interview focused on Andreessen's view on how the financial market can change and adopt new policies and ways of operation.
How Businesses & Governments can prosper with Blockchain + AI by Dinis Guarda Dinis Guarda
How Businesses Governments can prosper with Blockchain and AI?
The conjunction between digital transformation, industry 4.0 Blockchain and Artificial Intelligence technology & how governments and enterprises can benefit from embracing these technologies.
By Dinis Guarda, founder and CEO ztudium
Mastering the demons of our own designTim O'Reilly
My talk about lessons for government from high tech algorithmic systems, given as part of the Harvard Science and Democracy lecture series on April 21, 2021. Download ppt for speaker's notes.
4IR AI Blockchain Fintech IoT book presentation by Dinis GuardaDinis Guarda
4IR - AI Blockchain Fintech IoT
- Reinventing a Nation
- Book by Dinis Guarda and Rais Hussin, presentation by Dinis Guarda
Governments need to make sure society benefits from 4IR technological innovations and that these are led and harnessed by them, and not by big tech global titans or minimum work side by side in meaningful ways.
Let now be a new dawn on this front. Let this be our joint responsibility focus and pledge for a new era and create a new drive that uses, manages and controls this powerful set of 4IR Blockchain AI Fintech IoT technologies for our good. For, by, managed and controlled by Nations cooperating with each other, and the people.
Don’t fear the transformative power of 4IR change.
Embrace it, use its power to your own benefit.
Lessons from Software for Synthetic BiologyTim O'Reilly
In my November 4, 2015 keynote at the SynBioBeta conference, I talk about lessons from open source software and the internet that should shape our thinking about the bio revolution. Licenses are only part of the open source story. The architecture of interoperability may matter even more.
Big Data and the Future of Journalism (Futurist Keynote Speaker Gerd Leonhard...Gerd Leonhard
This is a slightly edited version of my slides presented in London on June 7, 2013 and the Reuters Institute see https://reutersinstitute.politics.ox.ac.uk/research/conferences/forthcoming-conferences/big-data-big-ideas-for-media.html
BTW: You can download ALL of my slideshows, free books and other stuff at http://futuristgerd.com/downloads/
"Data stockpiles are growing exponentially...consumer profiles, media content usage patterns, Twitter and Facebook posts, online purchases, public records, real-time media user behavior and much more. The Big Ideas conference speakers will inspire tactics and strategies to harness these data.
The media industry's leading edge experts from journalism and business disciplines will detail their own case studies, outlining their challenges and triumphs using tools to understand complex data sets. They will outline how these experiences have paved the way to prize-winning journalism, audience insights and growing revenues..."
The following document was elaborated by InPeople Consulting & UpsideRisks as a consecuence of the participation at the Conference Exponential Finance and their own research.
Global Goals: Every Achievement Counts (Section 5: Resource Management)Koh How Tze
There has never been problem with the resources. The problems lie within distribution.
We have an abundance stream of resources available to sustain our living.
It is how we organize and distribute these resources that matters.
ABCDE The World is the way moving forward.
In brief, ABCDE is building an AI driven, Blockchain based Cognitive resources management system powered by Data, Ethically.
To enable and ensure shared prosperity, true wealth must be produced in the first place.
Without resources, there can’t be distribution. Taking care of people should be the priority in cities preservation and development.
In this section, we shall explore the availability of technology, the creation and distribution of true wealth, and the options we have marching towards our future.
- ABCDE The World?
- True Wealth: Food, Education, Energy, Shelter, Healthcare, Entertainment
- A Post-Scarcity Society
Making Better Internet Policy: An Analysis of the National Information Infras...Jeremy Pesner
My Masters Thesis mapped diversity of stakeholder involvement to policy outcomes of the National Information Infrastructure. I reviewed many archival documents from the era and interviewed nearly twenty different stakeholders who were involved at the time.
Thesis Committee: D. Linda Garcia, David Ribes, Michael R. Nelson
Forging Self-Sovereign Identity in the Age of the Blockchain - Christopher Al...Christopher Allen
Presentation by Christopher Allen of Blockstream on self-sovereign decentralized identity, confidentiality, privacy, and human rights at Milan Bitcoin Meetup on April 11, 2017. Video at https://www.youtube.com/watch?v=p0-oXpp6yrM&t=5m7s
Tutorial for ACM Multimedia 2016, given together with Gerald Friedland, with contributions from Julia Bernd and Yiannis Kompatsiaris. The presentation covered an introduction to the problem of disclosing personal information through multimedia sharing, the associated security risks, methods for conducting multimodla inferences and technical frameworks that could help alleviate such risks.
The internet of things..perspectives for the Nigerian legal systemSimon Aderinlola
The ability for everyday devices to connect with each other and with people is a hot topic.
The Nigerian Communications Commission identified a need for the Nigerian legal system to be aware of present and future possibilities, grey areas and learnings from other countries that have taken proactive steps to prepare for this inevitable future.
Learnings from the EU, USA, China etc are considered. It is comforting to know that no country claims to have its legislation ahead of the tech innovations curve, but the catchup game needs to be at a pace that dragnets the present effectively and constantly repositions for the unknown future.
Regulation should also be smart. Rather than get bogged down regulating aluminium weight for car use, fuel grades for combustion, rather regulate speed (protect lives) and drive regulation by principles that outlive wherever tech wants to go next.
The session was eye-opening for a good number of the aged and candid judges, but it was gladdening to see the mindset: mobile tech is not "that thing", it has to be used, understood and admitted as evidence.
The nerds and more tech savvy should help these 'learned ones' to better embrace tech and help them do their work better for joint good!
Attendee/delegate feedback was candid and NCC hopes to build on this in the coming years.
Legal Research in the Age of Cloud ComputingNeal Axton
This presentation discusses the impact of the mass communication technologies including the Internet and Cloud Computing on the practice of law and legal research. This presentation was given the Advanced Legal Research class at William Mitchell College of Law in St. Paul, Minnesota of August 23, 2013 by Neal R. Axton, JD, MLIS.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
# Internet Security: Safeguarding Your Digital World
In the contemporary digital age, the internet is a cornerstone of our daily lives. It connects us to vast amounts of information, provides platforms for communication, enables commerce, and offers endless entertainment. However, with these conveniences come significant security challenges. Internet security is essential to protect our digital identities, sensitive data, and overall online experience. This comprehensive guide explores the multifaceted world of internet security, providing insights into its importance, common threats, and effective strategies to safeguard your digital world.
## Understanding Internet Security
Internet security encompasses the measures and protocols used to protect information, devices, and networks from unauthorized access, attacks, and damage. It involves a wide range of practices designed to safeguard data confidentiality, integrity, and availability. Effective internet security is crucial for individuals, businesses, and governments alike, as cyber threats continue to evolve in complexity and scale.
### Key Components of Internet Security
1. **Confidentiality**: Ensuring that information is accessible only to those authorized to access it.
2. **Integrity**: Protecting information from being altered or tampered with by unauthorized parties.
3. **Availability**: Ensuring that authorized users have reliable access to information and resources when needed.
## Common Internet Security Threats
Cyber threats are numerous and constantly evolving. Understanding these threats is the first step in protecting against them. Some of the most common internet security threats include:
### Malware
Malware, or malicious software, is designed to harm, exploit, or otherwise compromise a device, network, or service. Common types of malware include:
- **Viruses**: Programs that attach themselves to legitimate software and replicate, spreading to other programs and files.
- **Worms**: Standalone malware that replicates itself to spread to other computers.
- **Trojan Horses**: Malicious software disguised as legitimate software.
- **Ransomware**: Malware that encrypts a user's files and demands a ransom for the decryption key.
- **Spyware**: Software that secretly monitors and collects user information.
### Phishing
Phishing is a social engineering attack that aims to steal sensitive information such as usernames, passwords, and credit card details. Attackers often masquerade as trusted entities in email or other communication channels, tricking victims into providing their information.
### Man-in-the-Middle (MitM) Attacks
MitM attacks occur when an attacker intercepts and potentially alters communication between two parties without their knowledge. This can lead to the unauthorized acquisition of sensitive information.
### Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
2. root@myops:~# whoami
• Theoretical chemist and philosopher by training (PhD 1993 and 2012)
• Wrote DALTON program code [in FORTRAN]
• Played with supercomputers such as Cray Y-MP
• First got hacked in 1991
• Worked 15 years as IT Infrastructure architect for various NZ
companies
• Now lead the IT Security team @UoA by day
• Lecture in cyber security at Unitec and UoA
• Present at technical cyber security conferences
4. Security trainwreck: tech pre-conditions
Eternal economic disincentives to build better security in:
1. Rapid consumerisation, hence feature driven development
2. Time and Cost driven market model (lowering quality)
3. Rapid development cycles and an ‘unstable’ (i.e. rapidly evolving
and incompatible between versions) technology stack requiring
rapid re-engineering of key components
With IoT, to make it worse, these disincentives are meeting:
4. Long expected lifetimes
5. Examples: Why this is important
How secure is your tech? What does that mean exactly?
How secure is your data in Google, Facebook, LinkedIn, WhatsApp and
others?
Does the NZ prime minister really understand the difference between
bulk collection (which he admits) and mass surveillance (which he
denies)?
Can Donald Trump really ‘fix the internet’ by calling Bill Gates for advice
on how to ‘close some parts off’?
7. Contents
1. Nations, states, security, cyber security, privacy and the stacks
2. The Snowden effect and the Snowden paradox
3. Why raw ‘freedom’ fails
4. At what level should the cyber [in]security problem be tackled?
5. A social philosophy of cyber security
6. A national cyber security strategy
9. What is a ‘nation’?
There are many dimensions
• Economic
• Social
• Legal
• Historical
• Geopolitical
• Population
10. Origin of nationhood
Crisis of the Seventeenth century
• Thirty year war in Germany
(1618-1648)
• Dutch revolt (1568- 1648)
• Military revolution
Treaty of Westphalia (1648)
Social philosophy (Hobbes, Locke)
https://en.wikipedia.org/wiki/Les_Grandes_Miseres_de_la_guerre
11. Westphalian principles of nationhood
Westphalian sovereignty
• Territorial authority
• Religious tolerance
• Non-interference in another
state’s internal affairs
• Equality on the international
scene
http://www.britannica.com/event/Thirty-Years-War
12. A new player in nationhood
At Webstock 2013 Bruce Sterling
defined what he calls ‘The Stacks’
A new type of corporation that
uses lock-tight integration of
hardware and software in order to
form a branded ecosystem
http://vimeo.com/63012862
http://www.theguardian.com/commentisfree/2013/may/22/google-information-tax-new-state
13. ‘Stacks’: GOOG, AAPL, FB, MSFT, TWTR
• Size: very large, both in terms of employees and users
• Vertically integrated global software structures used by millions
• Proprietary OS’s AND devices AND large server farms AND loyal user
base AND proprietary revenue stream AND (sometimes) own money
• The internet of old had users, the stacks have livestock
• Advertising as a revenue model depends on surveillance
• Stacks have social networks and buy IOT / VR companies
• Livestock security can be detrimental to revenue models
14. Are the ‘stacks’ nations?
• Google, Apple, Facebook now larger in turnover than GDP of many
small nations
• Each has their own ‘cloud’ – i.e. ‘informational territory’
• The military now talk about ‘cyber’ as the ‘fifth domain’ (i.e. theatre
of war) after land, water, air and space
• You usually sign a EULA and privacy statement – some kind of
fundamental human right as a citizen of that ‘state’?
• They buy hardware companies at rapid clip: Nest, Oculus Rift, Kinetic
16. ‘Snowden effect’
Increase in public concern about surveillance, data privacy and
information security resulting from the Snowden revelations
Some comments
• Most security professionals suspected this sort of capability in our
agencies all along, we just had no proof
• Laws are now being changed around the globe (which is a good thing
and a bad thing)
• Change of how some of the major cloud providers implement security
http://www.whoishostingthis.com/blog/2015/05/20/snowdens-global-impact/
17. Snowden effect
An illustration: as a result of this most
famous PostIt note ever, Google now
encrypts its data centre traffic
18. The Snowden paradox
The public professes to be worried about issues of privacy and security,
yet signs up en masse for services that
1. Are built upon surveillance as a business model, rather than an
incidental feature
2. Have a EULA subject to unilateral change as a basic protection of
‘human rights’
3. Practice widespread censorship and tax evasion
4. Are predicated on a business model where their users are the
product
20. What is freedom?
Different interpretations in different domains
Roosevelt’s four freedoms could be seen as what is required of a nation:
1. Freedom of speech and expression
2. Freedom of [religion]
3. Freedom from want
4. Freedom from fear
F. D. Roosevelt, State of the Union Address to the Congress, January 6, 1941
21. Typical ‘NSA spies on us’ talk
• Telephone system was designed to be intercepted – this was bad
• Then the internet created freedom – this was good
• Then the NSA was afraid of the internet ‘going dark’
• And started listening to everything
• Then we were freed by Snowden
• And encrypted everything
• The progress of encrypted communications is now generating wider
political crisis
• Last words of the NSA: I’ll be back
22. It makes for nice quotes
“Whatever else, history will record of them that they didn't think long
before acting. Presented with a national calamity which also
constituted a political opportunity, nothing stood between them and all
the mistakes that haste can make for history to repent at leisure. And
what they did, of course—in secret, with the assistance of judges
chosen by a single man operating in secrecy, and with the connivance
of many decent people who believed themselves to be doing the only
thing that would save the society—was to unchain the listeners from
law.”
http://www.snowdenandthefuture.info/PartI.html
23. But…there is more at stake
Surveillance and espionage have always been a legitimate, though
somewhat murky, state function
• Subject to political control and governance
• With generally a separation between intelligence and counter-
intelligence
With the ‘stacks’ we now get the first ‘states’ whose model is entirely
predicated on mass surveillance and monetisation of that data
• Without such controls and separations
• And a EULA as your basic human rights
24. Example: There is more at stake
• Tapping the phone system required a warrant, which needed to be
acquired by a legal process
• Bulk collection of data (i.e. actual conversations) will never get a
warrant
• Bulk collection of metadata doesn’t need one
• Our politicians have a poor understanding of the issues
• ‘States’ based explicitly on monetisation of surveillance data do not
have any policies and controls on the data they hoover up
• And these ‘states’ like a monopoly on that data
25. Raw ‘freedom’ and freedom
• Of the ‘four freedoms’ only two are provided by the stacks and then
in limited form (‘speech and expression’ and ‘religion’)
• Some stacks now have censorship
• Their international practices have the effect that the stacks are
detrimental to the remaining two freedoms
• Tax evasion erodes ‘freedom from want’ in many nations
• Secret backroom deals (though not called ‘diplomacy’) erode freedom
from ‘fear’ in many others
26. A sense of the problems
• States cannot just help themselves indiscriminately to data
• Disruptive changes to data environments make legal overhaul
inevitable
• Politicians are incapable of exerting effective governance and controls
on the ‘stacks’, though they can do local deals
• The ‘stacks’ should be included in such discussion, but how?
• Of the ‘four freedoms’ only two are provided by the stacks (‘speech
and expression’ and ‘religion’)
• Can philosophers help? Yes, but they haven’t been very helpful so far
27. At what level should the cyber
[in]security problem be tackled?
28. Where philosophers go wrong…
• In philosophy education, general disconnect between history and
philosophy
• We see ‘bad behaviour’ as a personal problem, not as a systemic
problem (lack a sociological point of view)
Hence
• Cyber security is seen as a problem of ‘hackers’ lacking ethical
behaviour
29. Is cyber insecurity an ethical problem?
Let’s suppose cyber insecurity is a primarily an issue of failing personal
ethics.
Then we have three very big problems. They are
1. The principles problem
2. The actor / attribution problem
3. The implementation problem
31. What principles?
Two unsatisfactory answers:
Answer 1: Turn the question around
• What sort of principles would make ‘hacking’ wrong?
• Are these the right ones?
Answer 2: Look at ‘environmental ethics’
• (e.g. Floridi) All binary data has inherent rights
32. What makes ‘hacking’ ‘wrong’
Why do people hack? Are all these motivations ‘wrong’?
• Curiosity
• Intellectual property
• Defacements and activism
• Thieving
• Scamming
• Spying
• Sabotage
• The ‘Fifth Domain’ (i.e. ‘war’)
33. ‘Environmental’ ethics [Floridi]
Information ‘environment’ with global principles
• entropy ought not to be caused in the infosphere (null law);
• entropy ought to be prevented in the infosphere;
• entropy ought to be removed from the infosphere;
• the flourishing of informational entities as well as of the whole
infosphere ought to be promoted by preserving, cultivating and
enriching their properties.
Where ‘entropy’ is information destruction or corruption
34. A cyber basic set of rights?
• Could we define an ‘ethical actor’ – i.e. an entity with duties,
obligations and ethical demands?
For that we need a basic set of rights
• The problem with EULAs
• The price we pay for insisting on more privacy
35. The EULA
Is a EULA sufficient protection?
One AV company (F-Secure) decided to find
out. They let people sign the EULA on the left
to get free WiFi
Spot the ‘Herod clause’
Six people signed up
https://www.theguardian.com/technology/2
014/sep/29/londoners-wi-fi-security-herod-
clause
36. The Google ‘opt out’ village (The Onion)
https://www.youtube.com/watch?v=lMChO0qNbkY
37.
38. 2. The actor / attribution problem
In many / most cases of digital evil, ‘whodunit’ is difficult or
fundamentally impossible
Secrecy and security requirements a large barrier to open
communication
Thomas Rid: Attribution “is what states make of it” – i.e. a complex
political process of negotiation
Example: Did NORK hack Sony and SWIFT?
39. Attribution example 1
Who did this?
This is the well-known
‘CryptoLocker’ ransomware
Encrypts your files, then
asks for a ransom
Payment instructions on an
onion routed website
Payment is in bitcoin
41. Assumptions of the cyber attribution
problem
Three assumptions (all limited and insufficient)
1. Attribution is one of the most intractable problems of an emerging
field, created by the underlying technical architecture and
geography of the Internet
2. A binary view on attribution: for any given case, the problem can
either be solved, or not be solved
3. Attributive evidence is readily comprehensible, the main challenge
is finding the evidence itself, not analysing, enriching, and
presenting it
Thomas Rid (The Journal of Strategic Studies, 2015, 38(1–2), 4–37)
43. The attribution problem (Bruce Schneier)
Is attribution intractable? Not really, but there is a difference between
1. I know you did it
2. I can prove to you that I know you did it
3. I can prove publicly that I know you did it
4. I can prove in a court of law that you did it
The scope and size of attribution depends on what you want from it
44. Attribution is an intelligence problem
• Intelligence (or INTEL) is someone’s interpreted view of the world
• Intelligence gathering follows an intelligence cycle
• Intelligence is information which is analysed, enriched, and presented
• Where does that ‘intelligence’ sit on the ladder of Schneier’s four
escalating questions?
• What does the data look like?
45. Threat Intel Cycle / Pyramid of Pain
Direction
Collection
CollationAnalysis
Reporting
http://detect-respond.blogspot.co.nz/2013/03/the-pyramid-of-pain.html
46. 3. The implementation problem
• How do we enforce our cyber security in practice?
• Governance models on the internet?
47. Who is responsible? Roles of the state
Market
oversight
Law
Enforcement
National
Security
National
Defence
Regulators Police and
prosecutors
Civil protection
authorities
Military and
intelligence
agencies
Correcting
market failures
Fighting
cybercrime
Protecting
critical
infrastructures
Executing
military and
intelligence
operations
48. My terrorist, your
freedom fighter, and a
government as well
]Hacking Team[ was a somewhat odious
outfit supplying surveillanceware to dubious
governments around the globe
They were comprehensively hacked and all
their data stolen
49. Cyber insecurity is not an ethical problem
• No broadly supported principles
• No actor
• No implementation
What about criminals then?
• Criminals are unethical because they display criminal behaviour (i.e.
stealing, lying, cheating), not because they are hackers
51. Social Philosophy of cyber security
More big problems, but ones we can solve more readily
• Is a cyber social contract possible?
• If so, what would make it up?
• Should cyber security be a public good? [i.e. open to all if it’s provided
for any members of a group]
• Should ‘stacks’ be regulated?
Note and comment: at the moment nation states can’t even get stacks to pay
their taxes, so good luck with the rest
52. Social Contract theory [general structure]
Look at it as a philosopher of science would
Go from ‘atomic’ to ‘aggregate’ state
1. Postulate a ‘state of nature’ (hypothetical but not always)
2. Postulate a set of atomic and universal rights and obligations
3. Stipulate the conditions for a contract discussion [discursive model]
4. Stipulate participant trade-offs [game theory or other]
5. Simulate the discussion
6. Formulate the outcome: a ‘just’ arrangement
53. Social Contract theory [historical structure]
• Hobbes and the Civil War / Restoration
• Locke and the Glorious Revolution
• Rawls and the welfare state
Contract modelling is influenced by historical conditions
54. The ‘original hacker’ contract?
1. ‘State of nature’ A large unregulated internet
2. Rights and obligations The four freedoms of open source
3. Rationality model Make it work
4. Trade-off Let’s share everything
5. Simulate Information wants to be free
6. Outcome Privacy is evil, the ‘Circle’
55. Minimal ‘stacks’ contract
1. ‘State of nature’ Collection of walled gardens
2. Rights and obligations Sign some EULA / privacy statement
3. Rationality model It ‘just works’
4. Trade-off Convenience for me, data for you
5. Simulate Convenience is noticeable, surveillance
invisible
(i) I like convenience
(ii) I ignore what I can’t see
6. Outcome Welcome to ‘our community’
56. A (perhaps) desirable contract
1. ‘State of nature’ A large open internet
2. Rights and obligations Rights of basic protocols
Distributed trust anchors
3. Rationality model Interoperability
4. Trade-off Privacy and integrity over convenience
5. Simulate Iteration of trust anchors
6. Outcome ‘Aware digital presence’
57. A brief word on distributed trust anchors
• Tracers and tethers
• Tether is a verifiable trust anchor
• Tracer is its ongoing certification
• Blockchain and others
Technical solutions to a political problem: the
risk at the moment is that states look at the
internet from the starting point of national
security and are willing to trade network public
health for national security
http://www.wrr.nl/fileadmin/en/publicaties/PDF-Rapporten/The_public_core_of_the_internet_Web.pdf
59. With all of this
• It’s no surprise that national cyber security strategies are a bit of a
muddle
• In most countries, strategies are now in their second generation
• First generation acknowledged the existence of the problem
• Second generation has some sort of remediation / resilience focus
• We need a third generation which has a governance focus
60. First generation of strategies
Generally recognise the existence of the problem and try to raise
awareness
Example: New Zealand’s policy from 2011. Objectives are to
• raise the cyber security awareness and understanding of individuals
and small businesses;
• improve the level of cyber security across government; and
• build strategic relationships to improve cyber security for critical
national infrastructure and other businesses.
61. Second generation of strategies
What usually gets addressed (NZ, UK, NL) is
1. National resilience
2. Crime
3. Diplomatic relations and cooperation
4. Capability
What is usually not explicitly addressed is the tension between the
nation and the ‘stacks’
62. Example
The Dutch Cyber Security Assessment does a very good job of reporting
against a ‘second generation’ cyber security strategy on an ongoing
basis
It is available in Dutch and English
Reports have been produced every year since 2012
https://www.ncsc.nl/english/current-topics/Cyber+Security+Assessment+Netherlands
63. Third generation of strategies
Without wanting to run ahead, a third generation is needed, which has
a governance focus, possibly with binding laws, basic internet rights
and public good provisions
We have a precedent: Grotius’ Mare Liberum (1609) covered
governance of the ‘second domain’ in an era of rapid naval expansion
of Western Europe
For us as philosophers: ‘ethics’ is not going to solve the governance
problem, we need an alternative!
64. Conclusions
• We have built a new domain of ‘faulty tech’
• This domain is a social domain, not a personal domain
• Exploits of faulty tech are not necessarily an ethical failure
• Philosophical thinking on the issue should be based on a social
philosophy, not on ethics
• Most countries now have second generation strategies
• We need a third generation based on governance, fundamental rights
and public good provisions which includes the large tech companies
as states of their own – i.e. as diplomatic efforts
Many insurance companies are now offering discounts to customers who agree to wear a fitness tracking device and whose data shows an active lifestyle. Unfit bits are basically a way of fooling this.