[Barrin92]

it isn't really a great comparison because while land borders are clearly defined and the military can easily march up and repel some invader, that's not the case for digital attack surfaces.

Every company's IT looks different, it's hard to tell whether an attack is private or state sponsored, often where or who it is originating from, and how to defend against it varies from case to case.

So it's hard to imagine what exactly it is that the government is supposed to do at a company level. Of course at an ISP level or when it comes to national infrastructure the government can do things, but I don't see how the government protects a middle-sized business from cyber attacks.

The government could probably do a lot of preventative things like sponsoring and funding security audits of open source software, but when some hackers exploits my broken config or some API it's not clear to me how the government is supposed to prevent that. They can't read every line of source code in the country.

[kenhwang]

Realistically, I'd like to see the government develop software and tooling to mitigate these concerns. They already do at a low level for cryptographic primitives (like SHA and RSA). Maybe they do the next couple abstraction layers up, a secure OS image that's regularly patched, a web server, a programming framework, etc.

Currently those layers are roughly provided by the big tech companies, and the government's involvement in making those more secure is PhD students and curious professors from (public) universities. It would be nice if that was a more directly employed org in the government.

[scottyah]

I could see this happening as the processes mature. The Air Force already has hardened repositories for containers etc and "Factory in a Box" type configurations that the Defense Industry is supposed to start adopting for new programs. It is really neat, though it's so low-level at this point that it won't make sense for small businesses to use it unless their underlying platforms like Shopify, Instagram, and Blogger do.

https://software.af.mil/dsop/services/

[munificent]

> while land borders are clearly defined

I think we take for granted that they are clearly defined now because nation-states worked very hard to define, create, and enforce that concept. As I understand it, for most of human history there was no real notion of a well-bounded state and even today sovereignty is hotly debated in some areas.

So, it's not that enforcing land borders is intrinsically easy. It's that it appears easy because nations adopted it as their responsibility and do the work. Look at how much political energy was expended around Trump's wall between the US and Mexico to get a sense of how complex and effortful land borders are.

I don't see any reason that Internet sovereignty couldn't be equally well-defined and defended... except countries simply aren't doing it.

[Barrin92]

The difference is that the geographical boundaries of nations are (to a large extent) found, not made. So the lines of defense run along natural ones. If you're talking about building one on the internet you're talking effectively about creating the equivalent of the Chinese firewall.

The inter-net as the name suggests is a network, not a perimeter and runs across boundaries. If you want Trump's border wall on the internet you're talking about handing the government sole access and control to all information going in and out.

That's way beyond cyber defense of private business. And looking at some countries engaging in this right now you better be careful what you ask for.

[catlikesshrimp]

Boundaries are established, they are not "found". Algeria, Angola and Namibia. Check the borders of those 3 countries, there is nothing natural about those borders.

Countries try to enforce their borders. And they normally regulate traffic through a custom, the rest is deemed unlawful.

More on the point: the current internet is a mess. Hopefully it collapses and a new network is built, with security in mind this time.

[munificent]

> So the lines of defense run along natural ones.

I think those boundaries are a lot less natural than you think when you take into account things like embassies, extradition treaties, etc.