Slashdot Mirror
Ethics in Scientific Research
call -151 writes: "There is an interesting NYT article `When Science Inadvertently Aids an Enemy' discussing how some of the "encryption should be free for everyone" attitudes are changing with the WTC attacks. The article makes some interesting points and it is good to see discussions like these in more of the mainstream, even if the tone has definitely changed recently." Well, the questions are being asked again, but most of the researchers dealing with these issues have already answered the questions for themselves.
On the surface it sounds reasonable, but in a day where a file can be transmitted between two different continents in real-time, I'm not sure those old-school rules are even helpful anymore.
If you celebrate Xmas, befriend me (538
Unbreakable codes are a tool.
A tool is not evil. A tool by itself can't fly an airplane into a crowded building.
It depends on the use of the tool.
Evil people will do evil things with it, good people will do good things with it.
-J5K
The libertarian solution to the failures of capitalism is to apply more capitalism til the failures are fixed.
new eula for a hammer:
the end user will not use this hammer
to build anything that would be deemed
uncapitalistic or un democractic!
this would include:
Mosques,
Churches and
Socialist Gathering centers
yes
what im getting at is encryption is a TOOL
if the terrorists we stupid enough to use a
publicly accessible encryption methods
instead of creating an 'in-house' solution
they are just asking for it!
{
IF it was bin Laden
dont you think he could
afford better encryption?
come on!
}
asking everyone else to
throw away freedom for more
security is not an option
in fact it plays into their hands!
back in the day we didnt have no old school
If you could connect the two opinions as originating from the same person, that would be one thing, but still not a valid criticism. Attacking someone's opinion of their own freedom because they advocate a morally shaky interpretation of who owns what when their company folds and leaves them jobless, still doesn't invalidate their views on personal liberty. Do your homework and come up with a logical invalidation of one or the other opinion. Crossing them against each other and claiming that they're "inconsistent" is sloppy and only serves to show that you haven't got much substance to your own argument.
I have learned to detest the clueless who come into this forum and shout "Slashdot is inconsistent in their opinion!" as if there is such a thing as we slashdotters, all carbon copies of one another . . .
Encryption, as an algorithm for crunching numbers, costs nothing. You can't keep it out of the hands of the bad guys simply by keeping it out of the hands of the good guys.
To those who say "tools are just tools, it's people that are good or bad," I'd like to pose this question. (This isn't just rhetorical, I'm really curious what people think.) Isn't it the responsibility of those who create or disseminate tools to understand the context into which they release them?
By analogy, if I give a gun to a criminal, some people would hold me partially accountable for what the criminal does with it, especially if I knew (or should have known) that this was a criminal. If I give a gun to a kid, I'm responsible for evaluating whether the kid's ready to learn about guns, and if so, to teach the kid about safety, etc.
Does the analogy extend to scientists? Do they have some responsibility to take part in social, political, etc. processes to ensure that the world they release their tools into is ready and capable of making ethical and moral use of them? If so, what are the minimum requirements and limits of this responsibility?
2) What if this is more of the same?
But on to original point - while Hellman admits his view of NSA as "Darth Vader" was "human but ... ridiculous" - perhaps he's overlooking the number of people whose lives were saved by strong crypto?
Or perhaps there's nobody in Tibet resisting the Chinese? Or perhaps there was nobody in the former Soviet Union using crypto during the coup? Or perhaps the Berlin Wall came down, in part, because people were able to communicate without Stasi eavesdropping on them.
Or perhaps the women who infiltrated Afghanistan in defence of native women being slaughtered by the Taliban were only able to get their stories out -- stories that have been publicized time and again over the past few years, and that have nothing to do with the present crisis -- because they're able to communicate securely.
If (and in light of the Zimmerman distortions, I see it as a very big "If") Hellman is having second thoughts about public-key crypto, I urge him to look at the good it's brought.
NYC was One Big Atrocity. We'll never know how many Little Personal Attrocities Hellman's tech has prevented, but I'd bet it's in the thousands.
This is sort of silly. It is not like terrorist organizations need high tech crypto to be secure.
They already have ways of diseminating information and money. If they want great security all they will have to do is create a CD with randomness on it and distribute it among their cells.
I'm sure even the lamest coder could write code to do an XOR against a part of that CD and it would be incredibally hard to decode.
i.e.
"We'll meet for coffee thursday at two at Starbucks."
equals
"We attack insert landmark here Wednesday at one."
The people making these laws aren't just trying to maintian heavy handed control over the American poeple (at least not all of them). They have legitimate fears seeded in truth and actual occurances. However they are taking the wrong perspective.
During WW2 the Germans had then very strong encryption with the Enigma machines. The Allies were only able to get a hold of these machines later on in the war, and by several accounts were crucial to the German's defeat.
Our law makers fear another enemy rising and using impossible to crack encryption, and this time using it to win. Most of us here on Slashdot however realise the obvious flaws in this logic. Just as when WWI transformed war into a battle faught with trenches the security of communication on each side will too change the face of war. We would be better to adapt to the changes in war than to expect everyone to play by our rules.
I can't spell or type, but that doesn't mean I'm unusually stupid.
We see the Wright Brothers standing near the first ever airplane, moments before it takes off for the first ever powered flight. As they begin to board the craft, a reporter informs them that their invention will be used to kill thousands of people, destroy a building, and drastically alter the fabric of the nation that they love so much. They also are told about the untold number of deaths caused by warplanes, including dropping the bomb on Hiroshima and Nagasaki, as well as all the other armed conflicts that used this wonderful invention. Finally they are told about the numbers of people that will die as passenger planes crash into hills, oceans, and fields all across the world.
Instead of flying the plane, they decide that the risks are too great, and scrap the whole invention. Upon hearing the details about the possible future of the machine, congress legislates that it is illegal to develop, own, or operate such manned flying machines...
Just imagine.
After about the 4th day I stopped watching the "news" coverage of the WTC disaster. Basically about the same time the talking heads ran out of things to say. Wake me up when the barrage of pseudoinfo-diarrhoea ceases and they've got something new to say.
We don't even know if the terrorists used encryption. We do know that they used American technology against Americans. Technology manufactured by Boeing...gee, don't hear Boeing engineers wailing about the "ethics" of design features of the 767, do we? Besides, smart people in other countries write encryption all the time...how are you going stop that? What they simply used a seemingly innocuous set of phrases with pre-determined meanings?
This article is nothing more than more of the same pseudoinformation (propaganda?) that the American media has been bombarding us with. The corporate propaganda machine is in full cry, preparing Joe-sixpack for the loss of freedom that is soon to come. Herr Goebbels would have been proud.
What about all the technological advances by the Americans that allow them to exert brutal dominion over other parts of the world? A discussion of ethical concerns and science could prove most embarrasing to America.
In any case, scientists should only concern themselves with "is it possible?" not "should we make it available?"
You're using her as bait, Master!
This is really the key point: Terrorists DO NOT need cryptography if they are capable of planning ahead a little in face to face meetings. If you are making it up as you go along, then you have to send lots of detailed messages back and forth. But if you can meet somewhere that CIA agents cannot operate (Afghanistan, for instance), and decide what everyone will be doing in two years (flying airliners into buildings), then the messages requireed as the plan unfolds can all be easily disguised as routine business or family communications.
Of course, if you force banks and other businesses to put back doors into their crypto, then you are giving the more sophisticated terrorists one hell of an opportunity. Why bother blowing up Americans a few thousand at a time when you can foul up the financial system until millions of them are starving? It would be tough to do -- but remember that under our laws, Arab or Afghan origins is no reason to keep a person out of sensitive government positions, like in the key escrow department...
Well, considering that computers are the technology that allow that worm to exist, Do you suggest we ban them? But computers use a lot of refined metals in their manufacture - and so do guns, knives, bullets, and swords. Should we ban metalworking, because it is "the technology that enables a terrorist attack"?
Granted, this is an argument from extremes. However, when I think of a physicist choosing to hide their findings, no matter how revolutionary, no matter the potential for increasing our understanding of the universe, I am reminded of the Catholic Church in the middle ages, where commoners were not allowed to read the Bible because they might not understand it, thus creating heretics. Everything can be used for both good and evil purposes. There is no such thing as a "purely benign" invention or discovery. Physics - nuclear power/nuclear weapons. Electronics - Pacemaker controllers/missle guidance systems. Biology - Vaccines/Viral warfare. Steelworking - Building support beams/Tanks. Blacksmithing - Ploughs/Swords.
There are two sides to every coin
-NOC Monkey (OOK!) Experience is what allows you to recognize a mistake the second time you make it.
Cryptography is based on math formulas. Last time I checked, knowledge of math was not confined to the US. Basic cryptography can be done with very large prime numbers, not a difficult math concept, but hard as hell to factor.
Besides, any idea, over our entire history, was probably not thought up by only one person, even though usually only one person gets the credit for it.
Preventing someone from advancing in ANY technology, only puts them behind. If a US mathematician doesn't think of it and publish it, someone else will. To protect against something, you have to understand how it works first. You have to have guns with bullets to make bullet proof vests. You have to have a virus to find the cure. (I hate bad analogies, but since they're all the rage).
I think the farther cryptographers and mathematicians advance, the more useless the old technology becomes. Remember RSA Labs 56 bit key?
Thoughts and ideas should never be outlawed.
Imagine if physicists were to take the arrogant attitude of today's security developers and say, "If I can build it, I should and also tell everyone else how to do it!"
And what exactly would you consider the supercollider (and more exotic) infrastructure in use by educational instititions then, if not exactly that.
I mean really, smashing atoms and (trying to create) black holes certainly seem to meet the criteria for arrogance. And it has to be those physicists you mentioned since no one else has the expertise to even dream that stuff up much less implement it technologically. But to "tell everyone else how to do it" is exactly what peer-review is all about; the idea is a very fundamental one for safe science, no?
But - would I put a stop to it if I could? No, because the potential benefits to humanity and me personally far outweigh the inherent dangers. I would like to see more control on these types of *things* but definately do not wish an end to them. As someone who considers himself a hacker of the classic definition - I wholeheartedly believe in that old adage. Paraphrasing I think it went something like "you go to school for an education, but to learn you need first-hand experience".
Oh yes. And that is why the only option is to make sure nobody wants to hurt you. From the Russell-Einstein Manifesto:
It's up to you.
Employee of Inrupt, Project Release Manager and Community Manager for Solid
-------------
Dear Senator/Congressman:
This week, you and all other Congressmen are very busy preparing new laws and modifying existing ones to help the United States combat terrorism. Unfortunately, I fear that some of these laws will do more to restrict loyal Americans than actually stop terrorists. I hope you can take a few minutes out of your schedule to read this letter.
To put it bluntly, restrictions on encryption technology are pointless. There have been reports that the terrorist networks responsible for the World Trade Center attack used encryption technology in their communication. Many people, none of whom truly understands technology, believe that if there had been limits on encryption, it would have hampered the terrorists. This assertion is absurd.
Encryption is nothing more than a field of mathematics, where the data to be encrypted is treated as a bunch of numbers. Placing legal limits on encryption is the same as outlawing certain kinds of math. One of the worst ideas being proposed is to force individuals and companies to use encryption technologies for which the government has "back door" access. That is, the government is in possession of secret keys that can decrypt any data which is encrypted using these particular algorithms. Other encryption algorithms which don't allow for back doors would be outlawed.
The flaw in this reasoning is that it is impossible to force terrorists to use "approved" technology. We don't even know who or where they are, so how can we force them to do anything?!? The terrorists will simply use "non-approved" encryption technologies while honest American citizens and businesses are forced to sacrifice their privacy. The worst part is that if other countries were to ever obtain these secret keys, they would have access to every piece of encrypted data from the United States.
The truth is, strong encryption protects Americans. With strong encryption, terrorists won't be able to decrypt sensitive corporate data. They won't be able to spy on American citizens. They won't be able to intercept top secret transmissions.
These terrorists were able to strike not because they used encryption, but because our intelligence organizations are incompetent. The FBI is better known for its blunders (e.g. the Atlanta Olympics bombing, the siege at Waco, the assault at Ruby Ridge, and the 3000 documents in the McVeigh case) than for its successes. In fact, it's been over a week since the attack, and the best our government can say is, "We're pretty sure that Osama bin Ladin is the prime suspect."
Therefore, I am asking you to reject any bills that place limitations on the use of encryption. Instead, I think you should focus on how to improve our intelligence-gathering organizations. Perhaps in exchange for bailing out the airline industry, federal officials from the intelligence organizations should get free flights for the next ten years. The money saved can be used to fund more operations.
And the men who hold high places must be the ones who start
To mold a new reality... closer to the heart
You're making the mistake of thinking the old way, the same as the patent system. Scientist are no longer unique, nor do they do anything unique. Knowledge and research is by now so widely done and so distributed that invention has become an iterative process where there is no longer any question about if something will be solved or invented, but rather who, out of hundreds of scientists and teams, will do it first.
The research and dispersal of information is by now inevitable. Go ahead, keep it silent, and read all about it next month when someone else goes public with it instead.
Hmm. Does this mean that "safeguards" were developed (I cannot imagine what safeguards *could* be developed)? Or does it simply mean that scientists became "comfortable" with the idea, after the passage of some time?
Currently, the big biochem companies like ConAgra and Monsanto are experimenting with our ecosystem, releasing Genetically Modified Organisms into the wild. Forget sabotage or terrorism, we may screw things up by "accident". Anyone else worried about that?
It's common knowledge that the NSA eavsedrops on all communications world wide and passes what it feels is relevant to the CIA. The CIA is notorious for passing what it feels relevant on to American Corporations. By corollary it seems that back doors will give US Corps. an even greater advantage over the rest of the businesses in the world. We all know that US Corps. are too moral to take advantage of this. But still.....
This article is debating the issue of developing a technology if it has the potential to do harm. Due to recent terrorist attacks, there is a lot of discussion going on in regards to cryptography and nanotechnology. The main gist of the article is that we should develop technologies, even if they can be used for harm. If we don't develop the technologies, we may lose the benefits that we can gain from them - also, if we don't develop it, someone else will and we will be unprepared to deal with it.
I am not 100% sure where I stand on this issue. As far as encryption technology goes, I am all for it, regardless of the potential for abuse that it has. Encryption is essential to business operations today - without it we just wouldn't have the economy that we do.
Nanotechnology is interesting, and has the potential to be a great boon to our society. If it can create truly microscopic robots that can be used to save lives, all the better.
What I don't like is the attitude of the statements in the article - if we don't create it, someone else will, and they will use it for harm. It depresses me that human society is like that. It is quite similar to the development of nuclear weapons - we had to do it before someone else did. It's like a race on a pair of treadmills - each one is racing faster and faster yet they are getting nowhere and they will never win.
At least from a European perspective, there doesn't seem to be as much discussion on the opportunity to export REAL weapons. Cryptographic software could be used by enemies to communicate, but some of all the weapons the US exports could be used by them to actually kill and are used daily by governments and regimes to kill innocent people, breeding new legions of terrorists. And while I see many good uses for PGP, my impaired imagination is not able to find any for a missile-launcher. Maybe it's just that RSA corporation can't lobby the US government as effectively as all the weapon makers.
The purpose of the U.S. is to provide a safe place for the people where their liberties are maximized (see the preamble to the U.S. Constitution if you don't believe me). Thus, the purpose of the law in the U.S. is to more clearly define where one person's rights and liberties end and another's rights and liberties begin. It is for this reason that it has been traditionally viewed that laws in the U.S. should be crafted to have as little impact as possible, to restrict the people as little as possible.
This is clearly not how things are in the U.S. today, and that needs to be fixed (can't see how to do it, though, since the government is 0wn3d by the corporations). But in any case, if the purpose of the law is as I state, then morality legislation has no place in U.S. law, because a law is, in the general case, a restriction on a person's freedom. One may use "morality" to help define the boundary between one person's rights and liberties and another's, but pure "morality legislation", i.e. making something illegal simply because the society believes it should be, has no place in a society that values liberty above all else.
Use 'slashdot stuff' in the subject line in any email you send me if you want to get past the spam filter.
Do you remember a few years ago when the US could not export encryption technology. At the same time Europeans were allowed to use equivilent technology and also export it. But, when exported to the US, the Americans could not allow it to ne reexported.
Think about it. Do we really think that US restrictions will really stop the rest of the world?? Are we that arrogant?
There might be the odd mathematician out there!
This is one of the most insightful comments I've read about threats from technology
"We spend a lot of time worrying about extremely sophisticated threats," he said. "But less sophisticated threats can slip under the radar. People who want to hurt you can find a way to do it."
This can only be underlined by the events of September 11, where box cutters were used to destroy the WTC.
Thomas Jefferson said, "The price of liberty is eternal vigilance."
Vigilance is the answer, not locking the barn door after the horse has bolted.
Apologies for mixing quotes and clichés