That is crazy, controlling against knowledge of how computer devices and communication systems work. Let the book burning start, I presume. Time to begin imprisoning software engineers for having a lot of learning. Regulations aren’t going to stop programmers. Regulations will guarantee that there are lacking quantities of software engineers proficient about security vulnerabilities. That will mean defenseless programming at all levels.
Individuals that are as of now carrying out lawful offense, computer law violations aren’t going to make them mind what the law says. It will get less demanding for them. Who will we indict? The underground unlawful software engineers examining security imperfections and publishing the patches for vulnerabilities. That is the thing that regulation means, and that’s all as far as it looks to be. But who is the responsible for speaking up for Internet security that really matters? YOU – the Internet user!
I was advised of the following incidents, which I found despicable, a précis of these are:
- A US citizen was monitored by officials for being critical of the Turkish government.
- An activist from the UAE, Dubai specifically was beaten by thugs as his computer was infected with surveillance software, and
- A journalist from Ethiopia who lived in the USA was spied on by his government.
These are examples of the many persons who were subjected to and not restricted to, beatings, internment, torture and as extreme as death. The harassment didn’t stop there family and friends too became subjects of this outrageous activity.
Questions would arise, as to the range of threats posed to all concerned in the article which is available. Remediation control, accessibility and scope of the diversity of the referred to threats.
The article was originally posted by Katie Moussouris, HackerOne.
I suspect this paper will be highly charged, where opinions will differ. I’m not wishing to state party lines, as these too will differ. As such I’ll play the “devil’s advocate”…..
The length of the introduction into this article is more than I intended to use, but it’s important to set the scene. As such it raised many thought provoking questions, in addition to those already documented. Like you, I too have a myriad of questions racing through my mind.
The common denominator to the opening statements would be that of ‘nation state’ motivation. Obviously an individual has no human rights or the respective nation state are ambivalent to the individual, irrespective of their nationality.
A key aspect here is that, as part of the continuum of security, technology and life in itself, all have moved forward. The ‘risks’ have changed, as such the mitigation factor will have changed.
Alas, in life there will always be winners and losers and this is a fact of life. However, within the context of this article I proffer that it could be the balance of probabilities, allied to risk and the cost factor, and this is not in the monetary sense either.
The cost factor could be to redress the imbalance of human rights. All on this planet has the right and it is worthy to remind ourselves of the following, as depicted under the Human Rights Act 1998:
Article 14 Prohibition of discrimination
The enjoyment of the rights and freedoms set forth in this Convention shall be secured without discrimination on any ground such as sex, race, colour, language, religion, political or other opinion, national or social origin, association with a national minority, property, birth or other status.
In setting the scene, I suggest the aforementioned is most prominent and should be borne in mind throughout.
Ethiopia, UAE and US
These are the 3 countries referred to in the opening statement, ironically they are all members of the United Nations. It’s worthy to note that Article 13 of the United Nations Charter, and I quote:
The General Assembly shall initiate studies and make recommendations for the purpose of: a. promoting international co-operation in the political field and encouraging the progressive development of international law and its codification; b. promoting international co-operation in the economic, social, cultural, educational, and health fields, and assisting in the realization of human rights and fundamental freedoms for all without distinction as to race, sex, language, or religion.
The aforementioned is akin to the principal of the Human Rights act. I’m aware that the United States are keen to follow the principal of ‘Freedom’, or could this be perceived is this a case of ‘not in my back yard’ (NIMBY)!!
I can’t speak for Ethiopia or UAE, as I’m not ‘au fait‘ with the rudiments of these countries.
User presence or not (a slight detour!)
Given the circumstances of each situation of the opening statements, I find that one common denominator would be the ‘user presence’. It’s a known fact that one of the greatest weakness that prevails is that of the ‘User’.
All users of the Internet, email, or wi-fi to name but three, the user has an inherent responsibility, for themselves and others whom they have either interacted with or data is retained.
Everyone must take ownership of what they do and the associated risks, this goes without saying. How they then mitigate the risks is their decision. Simple steps that everyone should be able to employ is the mitigation of:
This is to name but three critical elements of good security, when put in place will ensure that a degree of mitigation has been taken.
Returning to the main article
What has happened has happened, it’s now history and this can’t be changed, this is a fact.
Accepting the reference to the United Nations, I consider that there lies the answer for resolution for all three statements, irrespective of circumstances.
One could consider the following options, in terms of mitigation:
- Do nothing (become the proverbial ostrich);
- Attempt to gain intra-nation resolutions, would lead to fragmentation globally;
- Escalate the problem to the United Nations, for unilateral resolution.
I do consider that the third option is the only viable option to take, it would take time, patience must be applied. As it stands at present, even UN member nations are not upholding the well being of their subjects. It could be argued, they are blatantly ignoring the very ‘Charter’ they have signed up to.
Considering this paragraph once more:
Can this type of specialized intrusion technology be reasonably controlled in terms of who has access to it? Can international agreements on export controls that were created to limit land – mines and nuclear bombs be applied successfully to digital warfare? Would these regulations really be able to curb human rights abuses?
These are key questions, that through collaboration and global ownership by the United nations, is the mechanism to be employed for the right and appropriate remediation.
Though one underlying area of concern I do have, is how can we all contribute to the global control of ‘Cyber crime’?
As the ‘devil’s advocate‘ I lay my findings to the reader. I’ve found this an intriguing article to research and write about. I’ll leave you all with your thoughts, no doubt the continuum will show the answer! And opinions will prevail!