Friday, April 21, 2017

A "Digital Geneva Convention" won't be a reality without reliable cyber attribution

Microsoft released their idea of a “Digital Geneva Convention” to help normalize behavior on the cyber battlefield.  The document, linked here, is generally well written and documents the need for a document of its type.

While the idea of regulating the cyber domain is not a bad one, the proposal depends on attribution, a field that is sorely lacking in reliability and repeatability.  I've outlined some of those problems here.