Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is SETI a Security Risk?

Posted by Hemos on from the a-whole-new-level-of-paranoia dept.

Dotnaught writes "Richard Carrigan, a particle physicist at the US Fermi National Accelerator Laboratory in Illinois, fears the Search for Extra-Terrestrial Intelligence (SETI) may be putting the earth at risk. As reported in the Guardian, Carrigan frets that alien radio signals could pose a security risk. The report cites a 2003 paper entitled "Do potential Seti signals need to be decontaminated?" but Carrigan's website has more details. Basically, he's calling for isolation of SETI computers and additional security measures. He writes, "To paraphrase Cocconi and Morrison for the possibility of a malevolent SETI signal ...the probability of a contaminated SETI signal is difficult to estimate; but if we never consider it the chance of infection is not zero."" Frankly, I'm more worried about some phishing malcontent then I am about the Grays, but maybe that's just me.

27 of 527 comments (clear)

  1. Chicken and Egg. by FalconZero · · Score: 5, Insightful
    From TFA:
    1. Raw signal in memory must bootstrap to status of operating program
    2. Program must then untangle the inner workings of the host. (Is it possible to now build a diagnosis program to determine the operating set of an unfamiliar computer?)
    I'm not a software engineer but... no, wait, I AM a software engineer, so I'm curious, how does this 'virus' execute step 1 [Buffer Overrun & Privilage Escalation] without doing step 2 first [Determine instruction set for system] (Which incidentally requires step one to have been performed first.)
    As far as I see it, theres as much chance of data in the recieve buffer created by background radiation being a viable 'virus' as there is a deliberate chunk of data will be

    This sounds suspiciously like :
    1) Send malicious code
    2) ...
    3) Infect universe (and profit)
    --
    Windows in 6 Bytes (IA-32) : 90 90 90 90 CD 19
    1. Re:Chicken and Egg. by a_nonamiss · · Score: 5, Insightful

      You're using the mindset that these ET's are of similar intelligience to humans. We tend to do that as a species. But imagine, if you will, a civilization that is only 2000+ years more advanced that us. And realistically, and civilization advanced enough to receive our radio waves and respond is likely greater than 2000 years more advanced than us. Consider how very short 2000 years is in a universal timescale. To this advanced civilization, our advanced code is nothing more than a toddler's plaything. We can't even begin to fathom the ways in which they could potentially expolit our security.

      It's like if the Romans built a huge wall and said "That will keep out anyone. It's not possible to breach it." Using our technology, which is 2000 years more advanced, (less, actually) we could fly an B2 bomber over the city and drop a couple 2000 pound bombs. The pinnalce of their most advanced security would last less than 10 seconds against the most basic of our assaults.

      I know this is a little different when talking about computer security, but just as the Romans couldn't even imagine in their wildest dreams a B2 bomber, let alone how it could possible get past their impenetrable wall, we can't conceive of the technology that could be used to "infect" our computers. In 2000 years, who knows what kind of power we would have to defeat such a system? We can't know because it's beyond even our wildest imagination.

      --
      -Arthur
      Cave ne ante ullas catapultas ambules
    2. Re:Chicken and Egg. by Ihlosi · · Score: 5, Insightful
      we can't conceive of the technology that could be used to "infect" our computers.



      And that's the flaw in your B2-Bomber-argument. The aliens would be stuck with using our (extremely primitive) technology. We know pretty well how our computers work, and can figure out most ways to break/hack/crack them ourselves in a short timespan.



      It's a bit like using the tools and technologies the Romans had at that time and trying build that B2 bomber.

    3. Re:Chicken and Egg. by tomhudson · · Score: 2, Insightful

      It's worse than that - its some stupid nuge who is trying to create a name for themselves by pointing out "potential risks."

      We've seen this behaviour before with the whole y2k problem, people using it as an avenue for self-promotion. There were some risks, but they were being addressed; at the same time, people were going ape-shit. Supposedly, planes would fall out of the sky, elevators, water systems, and electrical plants would all stop, etc, and we were told that no amount of work would find enough of the problems to prevent a global catastrophe.

      In actual fact, the biggest problem turned out to be all these people who had stocked up with a years' supply of stuff, and who then didn't need to buy shit for the next 6 months, causing a dip in consumer spending.

      Hello, my name is Zaphod and I am the vice-regal advisor to His Imperial Majesty, XnthE 439, Supreme Ruler of the Galazy. I have access to the royal galactic accounts, and have found that the sum of 34 bazillion galactic credits lying dormant in one such account. If youy could send me your banking details, I am sure we could work out a most generous arrangement to our mutual benefit.

      Never mind that, after 50 millenia of inflation, even at 1%, 34 bazillion galactic credits is about $0.93.

      I'm sure aliens have better things to do than infect our computers. Bill Gates does a good enough job of that by himself. (Hey, maybe Gates is a pod person).

    4. Re:Chicken and Egg. by FalconZero · · Score: 4, Insightful

      Good post, but incorrect. It doesn't matter if the civilisation is a million years more advanced than our, for them to deliberatly write a virus using the SETI recieve buffer as a vector is simply impossible. The systems are ours, any infection via this method MUST comply with out systems operating parameters (IE Instruction sets etc...). The code MUST execute on our systems, for which it MUST contain vaild opcodes. Even then, it relies on security flaws in OUR software (which may or may not exist).

      To use your analogy, its like assaulting a Roman wall in a place where the laws of physics prevent flight.

      --
      Windows in 6 Bytes (IA-32) : 90 90 90 90 CD 19
    5. Re:Chicken and Egg. by yakovlev · · Score: 2, Insightful

      What makes you think any signal capable of that kind of breakage won't simply attack all of the OTHER radio receivers on the planet and blow up the power grid? Better yet send a subliminal message that says: please proceed to the nearest body of water and drown yourself. That way the aliens get to take advantage of the existing infrastructure, if desired.

      The problem with trying to protect the SETI computers from some kind of extraterrestrial signal is that either

      1.) The attack will be one similar to those we've already seen, in which case attacks from terrestrial sources are much more likely, and pose a much greater risk

      OR

      2.) The attack will be something we can't even conceive of, in which case there's no reason to believe it will specifically target the SETI computers, or that whatever security precautions we take to defend against such an attack will be effective.

    6. Re:Chicken and Egg. by s20451 · · Score: 3, Insightful

      The basic argument is this:

      If it were possible, within the limits of human technology, to take over the world with a computer virus, we would have seen some indication of it by now.

      However, if the aliens had some kind of magic technology that overcame human limitations, using it to take over the world via a computer virus is kind of ridiculous. They could just take over the world directly.

      And assuming that there are malicious aliens with technology far beyond ours, we're screwed anyway. So there is really no point in worrying about SETI security holes, or even about aliens in general.

      --
      Toronto-area transit rider? Rate your ride.
    7. Re:Chicken and Egg. by molarmass192 · · Score: 1, Insightful

      You're thinking too far outside the box! Think of some bored geeky alien kid picking up the SETI signal and simply wanting to show his/her/it's alien pals what a 133t h4x0r he/she/it is by pwning a prehistoric (to them) civilization.

      --

      Good people do not need laws to tell them to act responsibly, while bad people will find a way around the laws-Plato
  2. Hmm... Is it just me or is this guy... by beh · · Score: 4, Insightful

    ...completely out of his mind?

    Granted - once we had contact any alien civilisation could also get into a situation where they could potentially send malware to Earth.

    But - isn't Seti right now looking at data from stars a good number of lightyears away? How likely is it that aliens on the off chance of infecting a computer would send out virusses and/or worms that would run on current CPUs and chipsets, using security holes that are current NOW? (Remember - if aliens 10 lightyears away would get hold of enough Earth signals to decode Intel assembly language and to understand Windows security holes, even if they could decipher all that overnight and write a terminal computer virus in another hour - it still took them 10 years to receive the signals from us and it would take another 10 years for them to come back). How likely is it that a virus working on 20 year old hard-/software (including OS and everything) would still work on a large portion of critical infrastructure today?

    Given that Seti only checks data, but doesn't try to execute it, shields us even further from the whole thing...

    Or - is Mr. Carrigan now assuming that there is an imminent threat of an attack by Bin Laden against the Internet - through Seti@home ?
    Now that would make even Bush sound perfectly sane... ;-)

    1. Re:Hmm... Is it just me or is this guy... by EarlW · · Score: 2, Insightful

      "Given that Seti only checks data, but doesn't try to execute it, shields us even further from the whole thing..."
      Correct. Substitute SETI for fax (or television) and you can see how ridiculous this is. The data is analysed for patterns, just as a fax machine converts the dots into an image. Are aliens sending faxes or TV shows? Is there a chance of getting a virus from a fax? No.

  3. I'm really worried by $RANDOMLUSER · · Score: 4, Insightful

    Because, of course, the aliens use binary Von Neumann machines with register/accumulator architectures, and instruction sets we're familiar with.

    --
    No folly is more costly than the folly of intolerant idealism. - Winston Churchill
  4. A classic example ... by Daniel+Dvorkin · · Score: 5, Insightful

    ... of someone who's very knowledgeable in one technical field (in this case, particle physics) assuming that this knowledge carries over into another, almost unrelated technical field (in this case, computer science.) I'm sure that Dr. Carrigan is a very, very smart guy, but odds are he uses his computer as a tool without a whole lot more understanding of its inner workings than that possessed by the typical business user.

    --
    The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
  5. Movie-plot threat by Proaxiom · · Score: 5, Insightful
    A perfect example of what Schneier calls movie-plot security.

    It's pretty sad that they're actually wasting brain cycles thinking about threats like this. No, the risk of infection isn't zero. But it's damn close to zero. It isn't zero if you 'secure' SETI systems, either. It isn't even zero if you dismantle the SETI telescopes.

    But money spent on this is money better spent elsewhere, practically no matter where else you spend it. This should have been in the 'It's Funny, Laugh' topic.

    (Prediction: this will appear on Schneier's blog by end of day tomorrow)

    1. Re:Movie-plot threat by argStyopa · · Score: 2, Insightful

      Indeed.
      And if one felt the need to continue the movie-plot security hypothesizing, one would further recognize that such a sufficiently-advanced civilization, if we're assuming such hostility, poses threats in other contexts that are multiple orders of magnitude more likely:
      - We've been broadcasting our location clearly to the universe since Marconi first threw the switch, if not earlier.
      - Any sufficiently hostile, technologically capable civilization could wipe us out with a large, well-aimed ROCK.
      - If they wanted to make it nearly un-interceptable they'd accelerate it to a high fraction of c.
      - If they REALLY were ticked off (say, they watched Gilligan's Island or something) they'd lob a small singularity at us, or heck, into our sun.

      Let's just recognize that IF we're postulating sci-fi threats, it doesn't take a Ph.D to realize that this isn't even a very credible one. Any sufficiently advanced society, capable of this sort of insidious assault, would have so many multiple ways of wrecking us it's illogical to waste resources trying to stop any of them.

      Reading an Iain Banks novel, while entertaining, shouldn't really guide policy.

      --
      -Styopa
  6. Nut job central by squoozer · · Score: 2, Insightful

    Has /. become a focal point for all the worlds nut jobs today or something? What with this and the guy asking to move porn onto another port all we need now is one of the monty python crew to do us a silly walk. How do these people get to take control of my pixels?

    What's most scary though is that there is a small percentage of people who will believe him. I think those people scare me more now I come to think about it. At least this guy is just trying for his 15 minutes of fame.

    --
    I used to have a better sig but it broke.
  7. His worst fear has probably already happened by Aging_Newbie · · Score: 5, Insightful

    SETI data is pretty much indistinguishable from random numbers. In fact, the extremely rare patterned sequences of data are the holy grail of the pursuit.

    So .... most likely lots of virus code has already been processed because random noise will eventually produce every virus, just like monkeys and keyboards will produce Shakespeare. One could, I guess, hold the position that by processing random data we are putting ourselves at risk and that rings more true than some civilization producing intentional sequences with malicious intent.

  8. Oh but of course! by Billosaur · · Score: 2, Insightful
    The concern is raised in the next issue of the journal Acta Astronautica by Richard Carrigan, a particle physicist at the US Fermi National Accelerator Laboratory in Illinois.

    And he is after all, one of the most reputable names in the computing field today.

    Computer scientists argue that to hack a computer, or write a virus that will infect it, requires a knowledge of how the computer and the software it is running work: a computer on Earth is going to be as alien to the aliens as they would be to us. But Dr Carrigan says there is still a risk.

    There most certainly is a risk: a risk that someone in the government might actually take a particle physicist's word that aliens are trying to hack the Internet (which, given the speed of light, most enlightened civilizations in the galaxy won't find out about for about 200 years, assuming they are listening in the first place).

    On the one hand, I don't know why this is a story. This guy is out of his element, and no one should be taking him too seriously (Independence Day buffs notwithstanding). On the other hand, the chance that people in positions of power with less than two neurons to rub together might take this guy seriously, thereby jeopardizing peaceful scientific research (see Contact) has me just a bit concerned.

    --
    GetOuttaMySpace - The Anti-Social Network
  9. A far greater risk... by stox · · Score: 5, Insightful

    is sending signals out. Although we may think we are saying hello, the receiver may be thinking, "Hmmm, I do need more meat in my diet."

    --
    "To those who are overly cautious, everything is impossible. "
  10. Re:Another type of risk from SETI by khendron · · Score: 2, Insightful

    I suspect that since our species has been blasting out so much noise (radio, TV broadcast, radar) in the past 50 years or so that our presence can hardly be overlooked. That is, if anybody is looking.

    --
    Life is like a web application. Sometime you need cookies just to get by.
  11. Sounds like bad Sci-Fi... by nweaver · · Score: 2, Insightful

    Sounds like such bad Sci-Fi that he could become a writer for Threshold.

    --
    Test your net with Netalyzr
  12. It's just you ;) by headkase · · Score: 3, Insightful

    I belive he's talking about those pesky abstractions we all use without a thought everyday. Basically, the scenario unfolds in this way: you recieve information from a entity and the ideas contained within said information can be helpful (like Universal Cure) to harmful or disruptive (something along the lines of a memetic virus).
    It would be a nasty trick for an alien civilization to give us the most destructive weapon possible without giving us accompaning social skill's as well. Or we could figuratively be on the 'beads' end in some initial contact scenario.
    To quote Morris Berman, "An idea is something you have, an ideology is something that has you.". An old alien civilization out there could just be very good at constructing ideologies. I'm not saying now is the time to consider this chance, rather that it should be considered when alien contact occurs.

    --
    Shh.
    1. Re:It's just you ;) by Ihlosi · · Score: 2, Insightful
      It would be a nasty trick for an alien civilization to give us the most destructive weapon possible without giving us accompaning social skill's as well.

      Don't worry, humanity absolutely does not need any help from alien civilizations for this scenario. "Inventing and using destructive devices (aka weapons)" is something humans are amazingly good at.

      An old alien civilization out there could just be very good at constructing ideologies.

      See above. If humanity was any better at constructing destructive ideologies, it would have bombed itself into extinction by now. I am fairly sure we could easily compete with about any alien civilization. On the other hand, maybe we aren't and all this crap is really the aliens' fault ! Let's go kill them all !

  13. Somebody read Snow Crash and took it too seriously by Anonymous Coward · · Score: 1, Insightful

    Neal Stephenson is a very good writer of science fiction, but in the case of the metavirus from outer space, the emphasis is on the word "fiction", not the word "science".

  14. Re:Is SETI a Security Risk? for EARTH by blincoln · · Score: 2, Insightful

    What if aliens are listning us and preparing for something big!

    Then there's absolutely nothing we can do.

    The chances of a nearby extraterrestrial race inventing radio at or near the same time as us are so small that we can discount them entirely for purposes of a thought experiment. They would be thousands or millions of years more advanced - or more primitive. If they're more primitive, we'll probably never know about them. If they're that much more advanced, then they could wipe us out without any significant effort.

    Better hope there aren't any Berserkers, Staircase Gods, or Inhibitors out there, eh?

    --
    "...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
  15. Wow, just wow. by andreyw · · Score: 2, Insightful

    The author of TFA clearly neither has a clue about SETI, nor about computers.

    Malicious signal carrying malicious data? The best SETI can hope to "detect" is a short burst of CW, a narrowband signal. That's like detecting someone talking but not actually hearing any of the talking.

    Never minding the whole "aliens hacking our boxen without knowing how they work". I bet this dude takes ``Independence Day'' as a plausible scenario too. What a tool.

  16. Radio SETI is an obsolete concept by bradbury · · Score: 2, Insightful
    As suggested in this paper "Galactic Gradients, Postbiological Evolution and the Apparent Failure of SETI" there are unlikely to be any really advanced civilizations in our galactic vicinity. As pointed out in Ray Kurzweil's recent The Singularity is Near civilizations advance very rapidly (within decades) from our current state to an extremely advanced state we only barely envision. One doesn't communicate (by radio -- or perhaps at all[!]) across interstellar distances because the bandwidth is too low for the information content and thought capacity of advanced civilizations. So the probabilities are that most, if not all, civilizations which are capable of listening to us are thousands of light years away and they have no reason to infect us because it serves no useful purpose. (One would presume that "script kiddies" don't exist in advanced civilizations.)

    It is a highly anthropomorphic point of view that traditional space colonization or info-colonization are the paths that will be taken by advanced civilizations. These are concepts based on the relatively limited perspective of a few thousand years of human civilization and even shorter periods of infotech environments. It seems (to me) much more likely that advanced civilizations will replicate through a process similar to the self-replication process one sees in single cells (e.g. bacteria) and not the infectious parasite process one sees with viruses. The problem is that self-replication of advanced civilizations requires extremely close encounters between the developed resource (presumably a solar system, mega-ship or mega-intelligence like a Matrioshka Brain) with a resource of similar or greater mass & energy capacity. Such a resource should be largely undeveloped (like our solar system but much more likely regions of space where new stars are being created). This allows for self-replication over sub-light-year distances. Given the high energy/mass cost of navigating entire solar systems or mega-ships/intelligences as well as the common trajectories of natural objects in our galaxy such "close encounters" are very infrequent (occuring only over millions to billions of years).

    (And for those of you who doubt navigating solar systems is feasible you need to go read related papers by Dyson or Criswell.)

  17. too much Sci Fi by idlake · · Score: 2, Insightful

    Richard Carrigan, a particle physicist at the US Fermi National Accelerator Laboratory in Illinois

    The notion that a SETI signal needs to be "decontaminated" is plausible only to people who watch too much Independence Day or Star Trek(where the most implausible feature, contrary to popular opinion, is not FTL travel, but the fact that all the computer systems in the galaxy seem to be more or less compatible).

    To put it bluntly: there is no way in hell that a SETI signal is going to infect anything.

    Even if it did, what would it do? Transfer thousands of dollars to Alpha Centauri? Dial galactic 1-900 numbers? Cause vacation snapshots to be transmitted via Arecibo into space? Cause Windows machines to reboot all over the nation? Kill us all by finally revealing in public Monty Python's killer joke?

    What I can't figure out is whether Carrigan is merely incredibly stupid, or whether he knows that his statements are nonsense and is opportunistic. Is he perhaps annoyed at the success of efforts like SETI and wants to create FUD? Is he trying to kill funding for other branches of physics? Or is he trying to get funding for his own pet project? My money is still on "stupid and arrogant", but I'm willing to be convinced of the other possibility.