CodeOfConduct
Latest
Alphabet replaces Google's 'Don't be evil' with 'Do the right thing'
Google has long used the phrase "Don't be evil" as a sort of company motto, including it in the founder's letter for its IPO in 2004, and at the top of its Code of Conduct. The Wall Street Journal noticed that as a part of today's restructuring, Alphabet has exchanged that for something slightly more specific. The corporate code of conduct now entreats employees to "do the right thing – follow the law, act honorably, and treat each other with respect." It is unknown at press time if that includes a required viewing of Spike Lee's 1989 film. For Google employees specifically, the "Don't be evil" phrasing is still in full effect, so it's hard to see anything specifically changing as a result. Of course, some have mocked the giant for how close it does or does not stick to that adage, including when Steve Jobs reportedly called it "bullshit" in 2010. Of course, as the search giant worms its way into our photos, cars and even bodies, maybe being a little more specific about its intentions is a good thing. [Image credit: Moviestore collection Ltd / Alamy]
Major ISPs agree to FCC's code of conduct on botnets, DNS attacks
The FCC's campaign to secure the internet gained new momentum last week, when a group of major ISPs signed on to a new code of conduct aimed at mitigating cybercrime. Adopted by the FCC's Communications, Security, Reliability and Interoperability Council (CSRIC), the new code targets three main security threats: botnets, DNS attacks and internet route hijacking. The Anti-Bot Code of Conduct invites ISPs to adopt sharper detection methods, and to notify and assist consumers whenever their computers are infected. The DNS code, meanwhile, offers a list of best practices by which ISPs can tighten security. Though it doesn't call for a full adoption of DNSSEC technology, the guidelines do represent a "first step" toward implementation, allowing web users to verify the authenticity of their online destinations. As for internet route attacks, the CSRIC calls for a similarly collective approach, asking ISPs to collaborate on new technologies within an industry-wide framework. In a statement, FCC chairman Julius Genachowski said that these practices "identify smart, practical, voluntary solutions that will materially improve the cyber security of commercial networks and bolster the broader endeavors of our federal partners." The industry apparently agrees, as heavyweights like AT&T, CenturyLink, Comcast, Cox, Sprint, Time Warner Cable, T-Mobile and Verizon have already signed on. For the FCC's full statement, check out the source link below.
US government to beat back botnets with a cybersecurity code of conduct
Old Uncle Sam seems determined to crack down on botnets, but he still needs a little help figuring out how to do so. On Wednesday, the Department of Homeland Security and National Institute of Standards and Technology (NIST) published a request for information, inviting companies from internet and IT companies to contribute their ideas to a voluntary "code of conduct" for ISPs to follow when facing a botnet infestation. The move comes as an apparent response to a June "Green Paper" on cybersecurity, in which the Department of Commerce's Internet Policy Task Force called for a unified code of best practices to help ISPs navigate through particularly treacherous waters. At this point, the NIST is still open to suggestions from the public, though Ars Technica reports that it's giving special consideration to two models adopted overseas. Australia's iCode program, for example, calls for providers to reroute requests from shady-looking systems to a site devoted to malware removal. The agency is also taking a hard look at an initiative (diagrammed above) from Japan's Cyber Clean Center, which has installed so-called "honeypot" devices at various ISPs, allowing them to easily detect and source any attacks, while automatically notifying their customers via e-mail. There are, however, some lingering concerns, as the NIST would need to find funding for its forthcoming initiative, whether it comes from the public sector, corporations or some sort of public-private partnership. Plus, some are worried that anti-botnet programs may inadvertently reveal consumers' personal information, while others are openly wondering whether OS-makers should be involved, as well. The code's public comment period will end on November 4th, but you can find more information at the source link, below.
