[Kunix]

I am surprised by the number of naysayers here.

Question: Do you have something better to suggest? (something that could realistically get implemented)

Conventions like the one suggested here are the baseline on agreeing on common rules. It allows accountability, boundaries, and once accepted open the way to discuss possible sanctions.

I would much rather see positive steps like this one than no progress at all.

[mcbits]

I can't predict if it would actually be better, and I fear you'll say it can't be realistically implemented, but I would suggest the nuclear option: a Manhattan Project level of R&D into decentralization.

Problem is, those with the ability to make it happen are essentially the same people running the massive spy infrastructure while singing platitudes about privacy and security.

[mi100hael]

This particular suggestion is a pie-in-the-sky joke.

> Such a convention should commit governments to avoiding cyber-attacks that target the private sector or critical infrastructure or the use of hacking to steal intellectual property.

That basically translates to "plz don't hack things." It's as though cyber attackers would stop if only someone would think to ask nicely.

[PeterisP]

The baseline for common rules is something that would be desirable by all major players.

Gas attacks and torturing POWs is something where the disadvantage of being on the receiving side is much greater than the practical advantage of being allowed to use such techniques, all major combatants would generally prefer to fight in a war without poison gas or tortured POWs, so they're prohibited.

For at least some "serious players", the practical advantage of being able to use or threaten cyberwarfare (or nuclear attacks) is greater than the disadvantage of potentially being on the receiving side, at least some major combatants would really prefer to fight a war where cyberattacks against civilian networks are used, so they can't and won't be prohibited or meaningfully restricted; the suggestions are simply futile unless they somehow manage to show that all the countries who currently seem to benefit from unrestricted cyberwarfare actually somehow suffer from the status quo.

[odbol_]

Build actual secure software. Build phones that CANNOT be unlocked or backdoored by any government, by design. Unless we protect our data from the ground up, using protocols designed to be resistant to censorship or pressure from centralized authorities, people are going to continue hacking private citizens.

The solution is technological, not political. We've already seen that governments change, fall, and generally avoid laws put in place to curb their power. We can't rely on them to protect free citizens' interests anymore.