> j_M007 (Contributor I) posted a new reply in Welcome on 08-01-2018 05:27 PM in

>     It appears ambiguities lurk deeply in the English lexicon; and
> what of Ethics?   Ambiguities lurk there, too. What may seem deontologically
> unethical to one person may be perfectly acceptable to someone else.

Usually teleologically 🙂

>   Moreover, would it be ethical or unethical for a CISSP in the
> employ of an Agency, acting under authority, to use knowledge to degrade the
> infrastructure of an adversary, whether non-state or state? After all, we are to
> "Protect society, the common good, necessary public trust and confidence, and
> the infrastructure"

Actually, I am currently working (with a colleague) on a presentation on exactly
that issue: the ethics of active defence. (I'm pretty sure I have a solid argument
that yes, in some cases you can degrade the infrastructure of an adversary, and
argue that it is for the good of society.)

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Every old idea will be proposed again with a different name and
a different presentation, regardless of whether it works.
- RFC 1925 #11
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade

"Actually, I am currently working (with a colleague) on a presentation on exactly that issue: the ethics of active defence. (I'm pretty sure I have a solid argument that yes, in some cases you can degrade the infrastructure of an adversary, and argue that it is for the good of society.)"

 

By the same token, the adversary could use the same argument, notions like "society" and "good" are very broad ranging.

 

I suppose the test is that of the legal challenge - if the adversary's society is relying on electricity to power its hospitals, as well as its centrifuges for more nefarious purposes, then the principle of "Do No Harm (or As Little Harm As Possible)" or would have to be applied -- launch DDoS against the installation, degrade its capacities, but spare the grid to which the hospital is attached. Easier said than done, though.

 

So when the inevitable discussions arrive, "the Degrader" can argue in an international tribunal that he exercised due diligence and due care.

Thank you for tagging me @denbesten.  Apologies for the delay here, I was out of the office yesterday. I will forward this along to our team. 

Just a quick update - this is now fixed. Thank you for letting us know! 

 

 

     This is an interesting topic but hardly a new one. The ethics philosophy has been discussed throughout history by all sorts of “deep thinkers.” The only true novelty of this discussion is that we are now applying it to the “cyber” world but otherwise, it’s a one-for-one swap of the same conversation.

 

     I think, at its most basic form, ethics defines what is good for individuals AND society. To be more specific, it is what determines right or wrong as agreed upon by the majority of the collective group of people that are impacted – stakeholders if you will.

 

     The hacktivist example is clearly unethical behavior no matter how strongly that one individual’s, or group’s, feelings are. Why? Because there is legislation on the record that states it is illegal (aka wrong). Those laws have been proposed through an accepted process, negotiated by representatives elected by the people (usually), and ratified for the good of the society. There is also a legal method to challenge and change laws that doesn’t include “taking the law into your own hands.”

 

     Problems arise when individuals or small groups, whose views are often borne from limited personal experience, bias, and a narrow view of the world, think they are somehow smarter or better suited to decide what is right and wrong than the larger collective or those in a position to see the big picture.

 

     I would argue that ethics is only complex if you choose to make it so. Do what is right and legal in the society you live, respect others, don’t take what’s not yours, and live by the Golden Rule. Of course, there are questionable situations but if you know the law then at least there is a framework to guide your decisions.

> DAlexander (Newcomer III) posted a new reply in Welcome on 08-03-2018 02:26 AM

>   I think, at its most basic form, ethics
> defines what is good for individuals AND society. To be more specific, it is
> what determines right or wrong as agreed upon by the majority of the collective
> group of people that are impacted stakeholders if you will.

My stakeholders, right or wrong!

> Because there is legislation on
> the record that states it is illegal (aka wrong).

Frequently the attitude of LE-only groups. "Orders! I vas only following orders!"

> Those laws have been proposed through an accepted process, negotiated by
> representatives elected by the people (usually), and ratified for the good of
> the society.

The tyranny of the majority 🙂

>   I would argue that ethics is only complex if
> you choose to make it so.

"There is always a well-known solution to every human problem — neat,
plausible, and wrong."

"The Divine Afflatus," H. L. Mencken

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
In answer to the question of why it happened, I offer the modest
proposal that our Universe is simply one of those things which
happen from time to time. - Edward P. Tryon
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade