From: Eugen Leitl (eugen@leitl.org)
Date: Fri Dec 27 2002 - 12:22:37 MST
On Fri, 27 Dec 2002, Rafal Smigrodzki wrote:
> The methods you advocate are consistent with a siege mentality.
Regardless what they're consistent with, they are methods *which work*. As
compared to pumping more money and grant special superpowers to the office
of Heimatland Securitate. Which *doesn't work*, except to grant job
security for spooks of any couleur and quell domestic dissent. Wait a bit,
and you'll see it misused exactly for that purpose.
> Constant vigilance, heroic efforts at defense. Being on the lookout
Constant vigilance is what automation is for. There's nothing very heroic
in a distributed society. The defense is purely passive; and hence will
work regardless of whatever you're deploying. As long as you're not
dropping ecovorous nanoplagues, or planet crackers.
Today some 30 people in a government building were blown up in Grozny by
two suicide bombers, driving a jeep, and a truck loaded with explosive.
The entire building has been destroyed.
Now consider eGovernment. No customers, no central office. What is there
to blow up? Nothing. There's even nothing to DoS in a P2P based
infrastructure. You can't even find the physical location of the clerk,
until she reveals it herself. Now here's the cleanest solution ever.
> for unpredictable dangers, rearranging your lifestyle to suit them.
That's the whole point: the dangers are predictable. Somebody will launch
attacks against assemblies of people, or assemblies of hardware. Remove
the target, and there is nothing to attack. Make an audit over the
landscape (not much to audit in Gobi, Serengeti, the Pacific, etc). Look
at concentrations of people, large fluxes, high potential energy, etc. It
isn't rocket science.
> There is another strategy - to boldly go and attack the attacker. The
Yeah, to boldly go, and shoot yourself in the foot.
> choice of the correct strategy, or the mixture of the two, will be
> dictated by an analysis of all relevant information, including the
> physical nature of the threat, available means of social organization,
> and information processing and availability.
Of course. People will still track fissibles and fissible precursors, as
well as the usual suspects in chem and bio production.
It's just it's not going to work. Tracking is never quantitative, and as
such can only be a supportive solution. And tracking has to end where
privacy starts. Because that price tag is a bit too much to afford.
> Somehow, adopting the pure siege mentality you seem to advocate, is
Wrong metaphor. I'm not in the cage, I'm distributed all over the
landscape so that the lion can't even find me. Instead of a herd of gnus,
think of a herd of mice.
> IMO inappropriate in the case of biological and nuclear threats.
> Detecting merely the threats themselves is difficult, and usually
> means acting after the horse left the barn: after a successful aerial
> anthrax attack, or a dirty-bomb explosion in Manhattan, the economic
Consider the monkey factors which make Manhattan Manhattan. Now develop a
technology which will pacify the alpha primates mutually look into their
virtual physiognomies, and keep tabs on beta/gamma/delta ones with the
same technology.
> harm is already accomplished. It's better to be proactive, at least as
> long as you have the means of actually achieving prevention.
As long as it doesn't destroy privacy.
> A network of sensors detecting microbiological threats without the
> network of sensors for detecting their makers is like looking only at
The network of sensors detecting aerosols and pathogen DNA is doing just
that: detecting aerosols and pathogen DNA. A network designed to catch
people will unfortunately require a dragnet approach over the entire
population. Whoever deploys that dragnet has essentially unlimited power.
> the boot that's kicking you: "Ouch, it kicked me on the left flank,
> have to cover the left flank", "Ai, now it kicked me in the ass, need
> one more hand to keep it covered", "I see it's moving towards my
> baAAAAA...".
>
> In real life we can expect that a combination of "blanket realtime
> agent detection and user notification" and universal surveillance will
> be used. Hopefully with enough sousveillance to keep the system from
> turning into an unkillable monstrosity.
How much rope will I give the feds? Zero. Not an inch. Over my cold body.
This archive was generated by hypermail 2.1.5 : Wed Jan 15 2003 - 17:58:55 MST