6 comments

[ 3.5 ms ] story [ 23.4 ms ] thread
"This is not 'espionage as usual,' even in the digital age. Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world. In effect, this is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure in order to advance one nation’s intelligence agency. " Mic drop
We need technological solutions for this problem, not new international laws or, holding nations accountable and so on. Nations, including the US, will always try to exploit weaknesses in computer infrastructure. We need a fundamental rethink of the technical underpinnings of the internet. Such as air-gapped systems, or something that is physically isolated from foreign access.

So for example, in order to access a critical government system you need a dedicated, physical wire running to your computer. This may mean no access from home and that's fine.

> Such as air-gapped systems, or something that is physically isolated from foreign access.

Air-gapped systems are better, but still aren't fully secure (ex. Stuxnet), and are becoming less secure as other technology advances.

> We need technological solutions for this problem, not new international laws or, holding nations accountable and so on.

While I do agree that technological solutions are better, why shouldn't we have international laws that deter this kind of behavior? I'm sure that nations (and private actors) will try to exploit weaknesses regardless, but why not have consequences when they've been caught?

We can't only put blame on inadequate tech, similar to how you can't only put the blame on a bad lock on a front door. Those with malicious intentions should face appropriate consequences for actions that harm others.

> why shouldn't we have international laws that deter this kind of behavior?

Well in that case why not outlaw spying too, while we are at it?

The point is, nations have spied on each other forever, and these cyber methods are just another form of spying.

When companies get hacked they always make it sound like it is a law enforcement problem, as opposed to their lax security policies. No, these companies need to be held accountable; don't let them divert attention away by saying it is a law-and-order type issue.

I would guess that spying is illegal in every country on the planet...

And the sentences are usually very harsh...

And that hasn't stopped spying. Which shows enacting new laws will not stop hacking either. We can't just create new laws and pretend we have solved the problem. The tech industry created the problem; the tech industry should be held accountable to find a durable solution.