Facebook, Microsoft and others sign anti-cyberattack pledge

Microsoft, Facebook and Cloudflare are among a group of technology firms that have signed a joint pledge committing publicly not to assist offensive government cyberattacks.

The pledge also commits them to work together to enhance security awareness and the resilience of the global tech ecosystem.

The four top-line principles the firms are agreeing to are [ALL CAPS theirs]:

  • 1. WE WILL PROTECT ALL OF OUR USERS AND CUSTOMERS EVERYWHERE.
  • 2. WE WILL OPPOSE CYBERATTACKS ON INNOCENT CITIZENS AND ENTERPRISES FROM ANYWHERE.
  • 3. WE WILL HELP EMPOWER USERS, CUSTOMERS AND DEVELOPERS TO STRENGTHEN CYBERSECURITY PROTECTION.
  • 4. WE WILL PARTNER WITH EACH OTHER AND WITH LIKEMINDED GROUPS TO ENHANCE CYBERSECURITY.

You can read the full Cybersecurity Tech Accord here.

So far 34 companies have signed up to the initiative, which was announced on the eve of the RSA Conference in San Francisco, including ARM, Cloudflare, Facebook, Github, LinkedIn, Microsoft and Telefonica.

In a blog post announcing the initiative Microsoft’s Brad Smith writes that it’s hopeful more will soon follow.

“Protecting our online environment is in everyone’s interest,” says Smith. “The companies that are part of the Cybersecurity Tech Accord promise to defend and advance technology’s benefits for society. And we commit to act responsibly, to protect and empower our users and customers, and help create a safer and more secure online world.”

Notably not on the list are big tech’s other major guns: Amazon, Apple and Google — nor indeed most major mobile carriers (TC’s parent Oath’s parent Verizon is not yet a signee, for example).

And, well, tech giants are often the most visible commercial entities bowing to political pressure to comply with ‘regulations’ that do the opposite of enhance the security of their users living under certain regimes — merely to ensure continued market access for themselves.

But the accord raises more nuanced questions than who has not (yet) spilt ink on it.

What does ‘protect’ mean in this cybersecurity context? Are the companies which have signed up to the accord committing to protect their users from government mass surveillance programs, for example?

What about the problem of exploits being stockpiled by intelligence agencies — which might later leak and wreak havoc on innocent web users — as was apparently the case with the Wannacrypt malware.

Will the undersigned companies fight against (their own and other) governments doing that — in order to reduce security risks for all Internet users?

“We will strive to protect all our users and customers from cyberattacks — whether an individual, organization or government — irrespective of their technical acumen, culture or location, or the motives of the attacker, whether criminal or geopolitical,” sure sounds great in principle.

In practice this stuff gets very muddy and murky, very fast.

Perhaps the best element here is the commitment between the firms to work together for the greater security cause — including “to improve technical collaboration, coordinated vulnerability disclosure, and threat sharing, as well as to minimize the levels of malicious code being introduced into cyberspace”.

That at least may bear some tangible fruit.

Other security issues are far too tightly bound up with geopolitics for even a number of well-intentioned technology firms to be able to do much to shift the needle.

Arm chips with Nvidia AI could change the Internet of Things

Nvidia and Arm today announced a partnership that’s aimed at making it easier for chip makers to incorporate deep learning capabilities into next-generation consumer gadgets, mobile devices and Internet of Things objects. Mostly, thanks to this partnership, artificial intelligence could be coming to doorbell cams or smart speakers soon.

Arm intends to integrate Nvidia’s open-source Deep Learning Accelerator (NVDLA) architecture into its just-announced Project Trillium platform. Nvidia says this should help IoT chip makers incorporate AI into their products.

“Accelerating AI at the edge is critical in enabling Arm’s vision of connecting a trillion IoT devices,” said Rene Haas, EVP, and president of the IP Group, at Arm. “Today we are one step closer to that vision by incorporating NVDLA into the Arm Project Trillium platform, as our entire ecosystem will immediately benefit from the expertise and capabilities our two companies bring in AI and IoT.”

Announced last month, Arm’s Project Trillium is a series of scalable processors designed for machine learning and neural networks. NVDLA open-source nature allows Arm to offer a suite of developers tools on its new platform. Together, with Arm’s scalable chip platforms and Nvidia’s developer’s tools, the two companies feel they’re offering a solution that could result in billions of IoT, mobile and consumers electronic devices gaining access to deep learning.

Deepu Tallam, VP and GM of Autonomous Machines at Nvidia, explained it best with this analogy: “NVDLA is like providing all the ingredients for somebody to make it a dish including the instructions. With Arm [this partnership] is basically like a microwave dish.”

Your next phone may have an ARM machine learning processor

 ARM doesn’t build any chips itself, but its designs are at the core of virtually every CPU in modern smartphones, cameras and IoT devices. So far, the company’s partners have shipped more than 125 billion ARM-based chips. After moving into GPUs in recent years, the company today announced that it will now offer its partners machine learning and dedicated object detection processors. Read More

Former Intel president launches new chip company with backing from Carlyle Group

 Ampere, a new chip company run by former Intel president Renee James, came of stealth today with a brand-new highly efficient Arm-based server chip targeted at hyperscale data centers. The company’s first chip is a custom core Armv8-A 64-bit server operating at up to 3.3 GHz with 1TB of memory at a power envelope of 125 watts. Although James was not ready to share pricing, she promised… Read More

ARM’s CEO Simon Segars on Spectre/Meltdown, IoT security and more

 This year’s CES happened in the shadow of the Spectre and Meltdown disclosures, and virtually every conversation at the show turned to this topic at some point. Because this was CES, we had the ability to talk to quite a few people who are close to this issue, including ARM CEO Simon Segars, who stopped by to talk about security and these recent disclosures and their mitigations. Read More

Apple open-sourced the kernel of iOS and macOS for ARM processors

 Apple has always shared the kernel of macOS after each major release. This kernel also runs on iOS devices as both macOS and iOS are built on the same foundation. This year, Apple also shared the most recent version of the kernel on GitHub. And you can also find ARM versions of the kernel for the first time. But first, it’s time for some computer history. The first version of macOS… Read More