Slashdot Mirror
Ethics in Scientific Research
call -151 writes: "There is an interesting NYT article `When Science Inadvertently Aids an Enemy' discussing how some of the "encryption should be free for everyone" attitudes are changing with the WTC attacks. The article makes some interesting points and it is good to see discussions like these in more of the mainstream, even if the tone has definitely changed recently." Well, the questions are being asked again, but most of the researchers dealing with these issues have already answered the questions for themselves.
On the surface it sounds reasonable, but in a day where a file can be transmitted between two different continents in real-time, I'm not sure those old-school rules are even helpful anymore.
If you celebrate Xmas, befriend me (538
Unbreakable codes are a tool.
A tool is not evil. A tool by itself can't fly an airplane into a crowded building.
It depends on the use of the tool.
Evil people will do evil things with it, good people will do good things with it.
-J5K
The libertarian solution to the failures of capitalism is to apply more capitalism til the failures are fixed.
new eula for a hammer:
the end user will not use this hammer
to build anything that would be deemed
uncapitalistic or un democractic!
this would include:
Mosques,
Churches and
Socialist Gathering centers
yes
what im getting at is encryption is a TOOL
if the terrorists we stupid enough to use a
publicly accessible encryption methods
instead of creating an 'in-house' solution
they are just asking for it!
{
IF it was bin Laden
dont you think he could
afford better encryption?
come on!
}
asking everyone else to
throw away freedom for more
security is not an option
in fact it plays into their hands!
back in the day we didnt have no old school
Encryption, as an algorithm for crunching numbers, costs nothing. You can't keep it out of the hands of the bad guys simply by keeping it out of the hands of the good guys.
To those who say "tools are just tools, it's people that are good or bad," I'd like to pose this question. (This isn't just rhetorical, I'm really curious what people think.) Isn't it the responsibility of those who create or disseminate tools to understand the context into which they release them?
By analogy, if I give a gun to a criminal, some people would hold me partially accountable for what the criminal does with it, especially if I knew (or should have known) that this was a criminal. If I give a gun to a kid, I'm responsible for evaluating whether the kid's ready to learn about guns, and if so, to teach the kid about safety, etc.
Does the analogy extend to scientists? Do they have some responsibility to take part in social, political, etc. processes to ensure that the world they release their tools into is ready and capable of making ethical and moral use of them? If so, what are the minimum requirements and limits of this responsibility?
2) What if this is more of the same?
But on to original point - while Hellman admits his view of NSA as "Darth Vader" was "human but ... ridiculous" - perhaps he's overlooking the number of people whose lives were saved by strong crypto?
Or perhaps there's nobody in Tibet resisting the Chinese? Or perhaps there was nobody in the former Soviet Union using crypto during the coup? Or perhaps the Berlin Wall came down, in part, because people were able to communicate without Stasi eavesdropping on them.
Or perhaps the women who infiltrated Afghanistan in defence of native women being slaughtered by the Taliban were only able to get their stories out -- stories that have been publicized time and again over the past few years, and that have nothing to do with the present crisis -- because they're able to communicate securely.
If (and in light of the Zimmerman distortions, I see it as a very big "If") Hellman is having second thoughts about public-key crypto, I urge him to look at the good it's brought.
NYC was One Big Atrocity. We'll never know how many Little Personal Attrocities Hellman's tech has prevented, but I'd bet it's in the thousands.
We see the Wright Brothers standing near the first ever airplane, moments before it takes off for the first ever powered flight. As they begin to board the craft, a reporter informs them that their invention will be used to kill thousands of people, destroy a building, and drastically alter the fabric of the nation that they love so much. They also are told about the untold number of deaths caused by warplanes, including dropping the bomb on Hiroshima and Nagasaki, as well as all the other armed conflicts that used this wonderful invention. Finally they are told about the numbers of people that will die as passenger planes crash into hills, oceans, and fields all across the world.
Instead of flying the plane, they decide that the risks are too great, and scrap the whole invention. Upon hearing the details about the possible future of the machine, congress legislates that it is illegal to develop, own, or operate such manned flying machines...
Just imagine.
After about the 4th day I stopped watching the "news" coverage of the WTC disaster. Basically about the same time the talking heads ran out of things to say. Wake me up when the barrage of pseudoinfo-diarrhoea ceases and they've got something new to say.
We don't even know if the terrorists used encryption. We do know that they used American technology against Americans. Technology manufactured by Boeing...gee, don't hear Boeing engineers wailing about the "ethics" of design features of the 767, do we? Besides, smart people in other countries write encryption all the time...how are you going stop that? What they simply used a seemingly innocuous set of phrases with pre-determined meanings?
This article is nothing more than more of the same pseudoinformation (propaganda?) that the American media has been bombarding us with. The corporate propaganda machine is in full cry, preparing Joe-sixpack for the loss of freedom that is soon to come. Herr Goebbels would have been proud.
What about all the technological advances by the Americans that allow them to exert brutal dominion over other parts of the world? A discussion of ethical concerns and science could prove most embarrasing to America.
In any case, scientists should only concern themselves with "is it possible?" not "should we make it available?"
You're using her as bait, Master!
This is really the key point: Terrorists DO NOT need cryptography if they are capable of planning ahead a little in face to face meetings. If you are making it up as you go along, then you have to send lots of detailed messages back and forth. But if you can meet somewhere that CIA agents cannot operate (Afghanistan, for instance), and decide what everyone will be doing in two years (flying airliners into buildings), then the messages requireed as the plan unfolds can all be easily disguised as routine business or family communications.
Of course, if you force banks and other businesses to put back doors into their crypto, then you are giving the more sophisticated terrorists one hell of an opportunity. Why bother blowing up Americans a few thousand at a time when you can foul up the financial system until millions of them are starving? It would be tough to do -- but remember that under our laws, Arab or Afghan origins is no reason to keep a person out of sensitive government positions, like in the key escrow department...
Well, considering that computers are the technology that allow that worm to exist, Do you suggest we ban them? But computers use a lot of refined metals in their manufacture - and so do guns, knives, bullets, and swords. Should we ban metalworking, because it is "the technology that enables a terrorist attack"?
Granted, this is an argument from extremes. However, when I think of a physicist choosing to hide their findings, no matter how revolutionary, no matter the potential for increasing our understanding of the universe, I am reminded of the Catholic Church in the middle ages, where commoners were not allowed to read the Bible because they might not understand it, thus creating heretics. Everything can be used for both good and evil purposes. There is no such thing as a "purely benign" invention or discovery. Physics - nuclear power/nuclear weapons. Electronics - Pacemaker controllers/missle guidance systems. Biology - Vaccines/Viral warfare. Steelworking - Building support beams/Tanks. Blacksmithing - Ploughs/Swords.
There are two sides to every coin
-NOC Monkey (OOK!) Experience is what allows you to recognize a mistake the second time you make it.
Cryptography is based on math formulas. Last time I checked, knowledge of math was not confined to the US. Basic cryptography can be done with very large prime numbers, not a difficult math concept, but hard as hell to factor.
Besides, any idea, over our entire history, was probably not thought up by only one person, even though usually only one person gets the credit for it.
Preventing someone from advancing in ANY technology, only puts them behind. If a US mathematician doesn't think of it and publish it, someone else will. To protect against something, you have to understand how it works first. You have to have guns with bullets to make bullet proof vests. You have to have a virus to find the cure. (I hate bad analogies, but since they're all the rage).
I think the farther cryptographers and mathematicians advance, the more useless the old technology becomes. Remember RSA Labs 56 bit key?
Thoughts and ideas should never be outlawed.
Imagine if physicists were to take the arrogant attitude of today's security developers and say, "If I can build it, I should and also tell everyone else how to do it!"
And what exactly would you consider the supercollider (and more exotic) infrastructure in use by educational instititions then, if not exactly that.
I mean really, smashing atoms and (trying to create) black holes certainly seem to meet the criteria for arrogance. And it has to be those physicists you mentioned since no one else has the expertise to even dream that stuff up much less implement it technologically. But to "tell everyone else how to do it" is exactly what peer-review is all about; the idea is a very fundamental one for safe science, no?
But - would I put a stop to it if I could? No, because the potential benefits to humanity and me personally far outweigh the inherent dangers. I would like to see more control on these types of *things* but definately do not wish an end to them. As someone who considers himself a hacker of the classic definition - I wholeheartedly believe in that old adage. Paraphrasing I think it went something like "you go to school for an education, but to learn you need first-hand experience".
Oh yes. And that is why the only option is to make sure nobody wants to hurt you. From the Russell-Einstein Manifesto:
It's up to you.
Employee of Inrupt, Project Release Manager and Community Manager for Solid
-------------
Dear Senator/Congressman:
This week, you and all other Congressmen are very busy preparing new laws and modifying existing ones to help the United States combat terrorism. Unfortunately, I fear that some of these laws will do more to restrict loyal Americans than actually stop terrorists. I hope you can take a few minutes out of your schedule to read this letter.
To put it bluntly, restrictions on encryption technology are pointless. There have been reports that the terrorist networks responsible for the World Trade Center attack used encryption technology in their communication. Many people, none of whom truly understands technology, believe that if there had been limits on encryption, it would have hampered the terrorists. This assertion is absurd.
Encryption is nothing more than a field of mathematics, where the data to be encrypted is treated as a bunch of numbers. Placing legal limits on encryption is the same as outlawing certain kinds of math. One of the worst ideas being proposed is to force individuals and companies to use encryption technologies for which the government has "back door" access. That is, the government is in possession of secret keys that can decrypt any data which is encrypted using these particular algorithms. Other encryption algorithms which don't allow for back doors would be outlawed.
The flaw in this reasoning is that it is impossible to force terrorists to use "approved" technology. We don't even know who or where they are, so how can we force them to do anything?!? The terrorists will simply use "non-approved" encryption technologies while honest American citizens and businesses are forced to sacrifice their privacy. The worst part is that if other countries were to ever obtain these secret keys, they would have access to every piece of encrypted data from the United States.
The truth is, strong encryption protects Americans. With strong encryption, terrorists won't be able to decrypt sensitive corporate data. They won't be able to spy on American citizens. They won't be able to intercept top secret transmissions.
These terrorists were able to strike not because they used encryption, but because our intelligence organizations are incompetent. The FBI is better known for its blunders (e.g. the Atlanta Olympics bombing, the siege at Waco, the assault at Ruby Ridge, and the 3000 documents in the McVeigh case) than for its successes. In fact, it's been over a week since the attack, and the best our government can say is, "We're pretty sure that Osama bin Ladin is the prime suspect."
Therefore, I am asking you to reject any bills that place limitations on the use of encryption. Instead, I think you should focus on how to improve our intelligence-gathering organizations. Perhaps in exchange for bailing out the airline industry, federal officials from the intelligence organizations should get free flights for the next ten years. The money saved can be used to fund more operations.
And the men who hold high places must be the ones who start
To mold a new reality... closer to the heart
You're making the mistake of thinking the old way, the same as the patent system. Scientist are no longer unique, nor do they do anything unique. Knowledge and research is by now so widely done and so distributed that invention has become an iterative process where there is no longer any question about if something will be solved or invented, but rather who, out of hundreds of scientists and teams, will do it first.
The research and dispersal of information is by now inevitable. Go ahead, keep it silent, and read all about it next month when someone else goes public with it instead.
Hmm. Does this mean that "safeguards" were developed (I cannot imagine what safeguards *could* be developed)? Or does it simply mean that scientists became "comfortable" with the idea, after the passage of some time?
Currently, the big biochem companies like ConAgra and Monsanto are experimenting with our ecosystem, releasing Genetically Modified Organisms into the wild. Forget sabotage or terrorism, we may screw things up by "accident". Anyone else worried about that?
This is one of the most insightful comments I've read about threats from technology
"We spend a lot of time worrying about extremely sophisticated threats," he said. "But less sophisticated threats can slip under the radar. People who want to hurt you can find a way to do it."
This can only be underlined by the events of September 11, where box cutters were used to destroy the WTC.
Thomas Jefferson said, "The price of liberty is eternal vigilance."
Vigilance is the answer, not locking the barn door after the horse has bolted.
Apologies for mixing quotes and clichés