Slashdot Mirror
Is SETI a Security Risk?
Dotnaught writes "Richard Carrigan, a particle physicist at the US Fermi National Accelerator Laboratory in Illinois, fears the Search for Extra-Terrestrial Intelligence (SETI) may be putting the earth at risk. As reported in the Guardian, Carrigan frets that alien radio signals could pose a security risk. The report cites a 2003 paper entitled "Do potential Seti signals need to be decontaminated?" but Carrigan's website has more details. Basically, he's calling for isolation of SETI computers and additional security measures. He writes, "To paraphrase Cocconi and Morrison for the possibility of a malevolent SETI signal ...the probability of a contaminated SETI signal is difficult to estimate; but if we never consider it the chance of infection is not zero."" Frankly, I'm more worried about some phishing malcontent then I am about the Grays, but maybe that's just me.
- Raw signal in memory must bootstrap to status of operating program
- Program must then untangle the inner workings of the host. (Is it possible to now build a diagnosis program to determine the operating set of an unfamiliar computer?)
I'm not a software engineer but... no, wait, I AM a software engineer, so I'm curious, how does this 'virus' execute step 1 [Buffer Overrun & Privilage Escalation] without doing step 2 first [Determine instruction set for system] (Which incidentally requires step one to have been performed first.)As far as I see it, theres as much chance of data in the recieve buffer created by background radiation being a viable 'virus' as there is a deliberate chunk of data will be
This sounds suspiciously like
1) Send malicious code
2)
3) Infect universe (and profit)
Windows in 6 Bytes (IA-32) : 90 90 90 90 CD 19
...completely out of his mind?
;-)
Granted - once we had contact any alien civilisation could also get into a situation where they could potentially send malware to Earth.
But - isn't Seti right now looking at data from stars a good number of lightyears away? How likely is it that aliens on the off chance of infecting a computer would send out virusses and/or worms that would run on current CPUs and chipsets, using security holes that are current NOW? (Remember - if aliens 10 lightyears away would get hold of enough Earth signals to decode Intel assembly language and to understand Windows security holes, even if they could decipher all that overnight and write a terminal computer virus in another hour - it still took them 10 years to receive the signals from us and it would take another 10 years for them to come back). How likely is it that a virus working on 20 year old hard-/software (including OS and everything) would still work on a large portion of critical infrastructure today?
Given that Seti only checks data, but doesn't try to execute it, shields us even further from the whole thing...
Or - is Mr. Carrigan now assuming that there is an imminent threat of an attack by Bin Laden against the Internet - through Seti@home ?
Now that would make even Bush sound perfectly sane...
Did this guy just watch "Independence Day" or something?
I've seen this movie, but it's the other way around. We're the ones that upload the virus to the aliens, not them to us... don't be silly.
Because, of course, the aliens use binary Von Neumann machines with register/accumulator architectures, and instruction sets we're familiar with.
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
As official Earth contactee for the benevolent Betelgeuse civilization, I have been told to warn you that the evil Andromedans are using the SETI program to keep a fresh list of potential abductees for nefarious experiments.
They also recently developped antitinfoil penetration technology, so those of you who are using this means of protection are now vulnerable.
These beings will stop at nothing to get to the bottom of your colon!
Consider yourselves warned.
I'll read the content of the article after I construct a tin foil hat for my laptop.
Has anyone been 'round to the local galactic administrative office lately? Anyone?
... of someone who's very knowledgeable in one technical field (in this case, particle physics) assuming that this knowledge carries over into another, almost unrelated technical field (in this case, computer science.) I'm sure that Dr. Carrigan is a very, very smart guy, but odds are he uses his computer as a tool without a whole lot more understanding of its inner workings than that possessed by the typical business user.
The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
Does this give new meaning to the phrase: HACK THE PLANET ???
That'll help prevent interstellar buffer overruns 'sploits!
Either that or we'll send them Theo de Raadt.
The "malicious signal" may be of earth origin, just send it to the antennas on the right frequency and make it similar enough in shape to the space noise and it will get processed just the same. Or hijack a DNS and post new "work units" with malicious content acting as SETI.
Thing is you don't need to separate the data, you just need to make the processing software secure, in such a way that data is analysed and never executed, there's no chance of buffer overflow or other potential risks coming from the data. Simple as that.
Anagram("United States of America") == "Dine out, taste a Mac, fries"
Dear Richard Carrigan,
You keep doing particle Physics, and we'll keep doing Computer Science.
Love,
The Computer Scientists
A slightly different concern I have heard expressed in relation to efforts to contact ET relate to the possibility that some unfriendly species will see our signal, take a look at our planet, and decide to enslave us. I know that respected professors at the University of Reading's Cybernetics department, whose names escape me, have expressed such concerns.
Since SETI and other similar programmes are based on the not unreasonable belief that other technologically advanced civilizations exist on distant planets, is it sensible to contact them and alert them to the presence of our resource rich planet? Extremely remote risk, but is there any reason to think that aliens are friendly? If earth discovered life on another planet, and this planet also happened to possess some material which greatly enriched the lives of humans on earth, how would we react?
IANASFB (I am not a science fiction buff) but I presume this type of scenario has been discussed.
Maybe that's why Threshold has been cancelled, so as not to alarm the public. Maybe its already happened...
Some of what I say is fact, some is conjecture, the rest I'm just blowing out my ass...you guess.
It's pretty sad that they're actually wasting brain cycles thinking about threats like this. No, the risk of infection isn't zero. But it's damn close to zero. It isn't zero if you 'secure' SETI systems, either. It isn't even zero if you dismantle the SETI telescopes.
But money spent on this is money better spent elsewhere, practically no matter where else you spend it. This should have been in the 'It's Funny, Laugh' topic.
(Prediction: this will appear on Schneier's blog by end of day tomorrow)
Has /. become a focal point for all the worlds nut jobs today or something? What with this and the guy asking to move porn onto another port all we need now is one of the monty python crew to do us a silly walk. How do these people get to take control of my pixels?
What's most scary though is that there is a small percentage of people who will believe him. I think those people scare me more now I come to think about it. At least this guy is just trying for his 15 minutes of fame.
I used to have a better sig but it broke.
SETI data is pretty much indistinguishable from random numbers. In fact, the extremely rare patterned sequences of data are the holy grail of the pursuit.
.... most likely lots of virus code has already been processed because random noise will eventually produce every virus, just like monkeys and keyboards will produce Shakespeare. One could, I guess, hold the position that by processing random data we are putting ourselves at risk and that rings more true than some civilization producing intentional sequences with malicious intent.
So
And he is after all, one of the most reputable names in the computing field today.
Computer scientists argue that to hack a computer, or write a virus that will infect it, requires a knowledge of how the computer and the software it is running work: a computer on Earth is going to be as alien to the aliens as they would be to us. But Dr Carrigan says there is still a risk.There most certainly is a risk: a risk that someone in the government might actually take a particle physicist's word that aliens are trying to hack the Internet (which, given the speed of light, most enlightened civilizations in the galaxy won't find out about for about 200 years, assuming they are listening in the first place).
On the one hand, I don't know why this is a story. This guy is out of his element, and no one should be taking him too seriously (Independence Day buffs notwithstanding). On the other hand, the chance that people in positions of power with less than two neurons to rub together might take this guy seriously, thereby jeopardizing peaceful scientific research (see Contact) has me just a bit concerned.
GetOuttaMySpace - The Anti-Social Network
is sending signals out. Although we may think we are saying hello, the receiver may be thinking, "Hmmm, I do need more meat in my diet."
"To those who are overly cautious, everything is impossible. "
What we should be worried about is the interstellar equivalent of flashing road sign saying,
"Eat at Earth".
And even if they do not want to eat us, who says we won't want to eat them. If Broccoli based aliens land on Earth, I will become a mass serial killer running around with a jar of cheese whiz!
I only look human.
My mother is a halfling and my dad is an ogre, so that makes me an Ogreling
There really is no need for remote infiltration of the OS, since high school students have been doing it for years. Why would first (acknowledged) contact be to give a virus to Windows users? It is like pouring salt in the ocean.
You are in a maze of little twisting passages, all different.
Since mankind came about through "Intelligent Design", so will the aliens. And hence it's natural that their Intelligent Design also led them to having Windows (completely independently developed - but still the same thing - it's in our eternally unchangeable intelligently designed genes, remember?)
*smile*
Somehow I wouldn't be quite so surprised if it really turned out the guy would be a creationist...
Sounds like such bad Sci-Fi that he could become a writer for Threshold.
Test your net with Netalyzr
I belive he's talking about those pesky abstractions we all use without a thought everyday. Basically, the scenario unfolds in this way: you recieve information from a entity and the ideas contained within said information can be helpful (like Universal Cure) to harmful or disruptive (something along the lines of a memetic virus).
It would be a nasty trick for an alien civilization to give us the most destructive weapon possible without giving us accompaning social skill's as well. Or we could figuratively be on the 'beads' end in some initial contact scenario.
To quote Morris Berman, "An idea is something you have, an ideology is something that has you.". An old alien civilization out there could just be very good at constructing ideologies. I'm not saying now is the time to consider this chance, rather that it should be considered when alien contact occurs.
Shh.
Did anyone else immediately think of Snow Crash when they read this? I'm guessing Neal Stephenson did a lot of acid when he wrote that novel. I'm guessing that this guy did a lot more acid than Neal if he believes there is any truth to it.
The Right Reverend K. Reid Wightman,
I send you greetings from what you know as the smaller magelenic cloud. my name is ortion fleglar, and my father, the late ortion flekgar, left to me a sum of one hundred million kletlons before being pulled into a hyperspace anomoly. Before his untimely demise, he warned me never to trust my hive-mothers, gleblon flamkis and formta gleklar...
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
Frankly, anyone who is 2-3 years ahead of today could lay waste to our entire IT infrastructure anyway. Just look at what some malware can do that's a month or so ahead of current patchlevels.
:)
Any aliens that are 10, 100 or 1000 years ahead of us technologically... well, the 10-year-ahead aliens probably know how to wipe out every computer on earth within 2 minutes. The 100 and 1000 years-ahead aliens almost certainly aren't backwards compatible enough.
Assorted stuff I do sometimes: Lemuria.org
This common misconception shows that although Richard Carrigan may be a fine particle physicist, he doesn't really know much about computer viruses. Please, folks... If you're going to cite someone as an "expert", make sure they've at least got a clue about the topic in question.
To properly debunk this person's fearmongering though, let's remember a little program called "crashme":
- Generate a file full of random bits.
- Try to execute that file.
- Repeat from the beginning.
It was a great way to find flaws in the robustness of user space verses system space, back when Linux was young. (A user program should never be able to crash the whole system.) There are two amazing things about this program:A distant civilization will have no knowledge of our computer systems' machine language and it would be impossible for them to guess. There are so many ways we could have arranged such things. Any information coming from them would essentially be random data as far as computer instructions go, even if it contained enough patterns to show that it came from a sentient source.
Nobody executes raw data! Even SETI wouldn't execute their data. They'd analyze it, plot it, and try to decipher it but they're not going to name it "ALIEN.EXE" and try to run it like a program. But what if they did?
Well, this "crashme" program has been doing just that, for more than a decate and on many machines. No viruses yet.
This "SETI virus" scare is just a plot device for a low budget movie. It's a shame that it even made it onto slashdot.
DEAR SIR,
CONFIDENTIAL BUSINESS PROPOSAL
HAVING CONSULTED WITH MY COLLEAGUES AND BASED ON THE INFORMATION GATHERED FROM THE CENTAURI CHAMBERS OF COMMERCE AND INDUSTRY, I HAVE THE PRIVILEGE TO REQUEST FOR YOUR ASSISTANCE TO TRANSFER THE SUM OF #47,500,000.00 (FORTY SEVEN MILLION, FIVE HUNDRED THOUSAND GEESAK COMMONWEALTH GOLTONS) INTO YOUR ACCOUNTS. THE ABOVE SUM RESULTED FROM AN OVER-INVOICED CONTRACT, EXECUTED COMMISSIONED AND PAID FOR ABOUT FIVE YEARS (5) AGO BY A INTERSTELLAR CONTRACTOR. THIS ACTION WAS HOWEVER INTENTIONAL AND SINCE THEN THE FUND HAS BEEN IN A SUSPENSE ACCOUNT AT THE CENTRAL BANK OF CENTAURI APEX BANK...
What if aliens are listning us and preparing for something big!
Then there's absolutely nothing we can do.
The chances of a nearby extraterrestrial race inventing radio at or near the same time as us are so small that we can discount them entirely for purposes of a thought experiment. They would be thousands or millions of years more advanced - or more primitive. If they're more primitive, we'll probably never know about them. If they're that much more advanced, then they could wipe us out without any significant effort.
Better hope there aren't any Berserkers, Staircase Gods, or Inhibitors out there, eh?
"...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
The author of TFA clearly neither has a clue about SETI, nor about computers.
Malicious signal carrying malicious data? The best SETI can hope to "detect" is a short burst of CW, a narrowband signal. That's like detecting someone talking but not actually hearing any of the talking.
Never minding the whole "aliens hacking our boxen without knowing how they work". I bet this dude takes ``Independence Day'' as a plausible scenario too. What a tool.
It is a highly anthropomorphic point of view that traditional space colonization or info-colonization are the paths that will be taken by advanced civilizations. These are concepts based on the relatively limited perspective of a few thousand years of human civilization and even shorter periods of infotech environments. It seems (to me) much more likely that advanced civilizations will replicate through a process similar to the self-replication process one sees in single cells (e.g. bacteria) and not the infectious parasite process one sees with viruses. The problem is that self-replication of advanced civilizations requires extremely close encounters between the developed resource (presumably a solar system, mega-ship or mega-intelligence like a Matrioshka Brain) with a resource of similar or greater mass & energy capacity. Such a resource should be largely undeveloped (like our solar system but much more likely regions of space where new stars are being created). This allows for self-replication over sub-light-year distances. Given the high energy/mass cost of navigating entire solar systems or mega-ships/intelligences as well as the common trajectories of natural objects in our galaxy such "close encounters" are very infrequent (occuring only over millions to billions of years).
(And for those of you who doubt navigating solar systems is feasible you need to go read related papers by Dyson or Criswell.)
I am Mr. Glorsoid The manager, Bills and exchange At the foreign remittance department of the Martian International bank plc. I am writing this letter to Ask for your support and cooperation to carry out this business opportunity in my department. We discovered an abandoned sum of $15,000,000.00 (fifteen million United States dollars only) in an account that belongs to one of our foreign customers who died along with his entire family of a wife and two children in November 1997 in a saucer crash. Since we heard of his Death, We have been expecting his next of kin to come over and put claims for his money as the Heir. Unfortunately, neither their family member nor distant relative has ever appeared to claim the said Fund. Upon this discovery, I and other officials in my Department have agreed to make business with you and release the total amount into your account as the Heir. Please return an e-mail that encloses your private contact telephone Number, fax number full name and address and your designated bank coordinates to enable us file letter of claim to the appropriate departments for necessary Approvals before the transfer can be made. Note also, this transaction must be kept strictly confidential because of its nature, I look forward to receiving Your prompt response. Regards, Mr. Glorsoid
Ivanova: How much time?
Corwin: Three minutes!
Ivanova: Standing by to transmit.
Sheridan [troubled]: Commander --- the message we got from the probe. What did it promise if we did give all the right answers?
Ivanova: Advanced tech, mainly. Medical information, cures for disease, new jumpgate technology.
Sheridan: But it never gave you the name of the race or where it's from?
Ivanova: I assume we get that information once we pass the test.
Corwin: Two minutes!
Ivanova: Okay, here we go!
Sheridan: No, wait! [Everyone turns to stare.] There's something about this that has been bothering me ever since they made contact! We have been operating under the assumption that whoever sent the probe is deciding whether or not a sentient race is fit to survive based on what they know at the moment of contact. But if that's true, why give them a leg up on more advanced technologies?
Ivanova: Maybe they were feeling generous!
Sheridan: No, if they were feeling generous, they wouldn't be wiping out inferior races based on lack of advancement. No, I don't like it!
Ivanova: Captain, we're down to one minute! I don't see any other options here!
Sheridan: What if it's a berserker --- a probe sent out to find life forms advanced enough to pose a threat to the race that created it? It sends a list of questions backed by a threat. If it gets the right answers back, that proves a certain level of technological advancement, then boom ! You wipe out a potential enemy without leaving any trace of where you came from!
Ivanova: Or it could be exactly what it said! Fifteen seconds, Captain! Send or no send?
Sheridan: No send!
Ivanova: Oh, boy!
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
Richard Carrigan, a particle physicist at the US Fermi National Accelerator Laboratory in Illinois
The notion that a SETI signal needs to be "decontaminated" is plausible only to people who watch too much Independence Day or Star Trek(where the most implausible feature, contrary to popular opinion, is not FTL travel, but the fact that all the computer systems in the galaxy seem to be more or less compatible).
To put it bluntly: there is no way in hell that a SETI signal is going to infect anything.
Even if it did, what would it do? Transfer thousands of dollars to Alpha Centauri? Dial galactic 1-900 numbers? Cause vacation snapshots to be transmitted via Arecibo into space? Cause Windows machines to reboot all over the nation? Kill us all by finally revealing in public Monty Python's killer joke?
What I can't figure out is whether Carrigan is merely incredibly stupid, or whether he knows that his statements are nonsense and is opportunistic. Is he perhaps annoyed at the success of efforts like SETI and wants to create FUD? Is he trying to kill funding for other branches of physics? Or is he trying to get funding for his own pet project? My money is still on "stupid and arrogant", but I'm willing to be convinced of the other possibility.
It's hard to predict the form that such a 'virus' might take. Just making up random stuff off the top of my head: they could leave us a story about such irrelevant subjects like the history of an ancient tribe lost in some desert for 40 years but as a result of reading this story the readers' beheviour might be irrevocably changed so that they are no longer capable of understanding basic biology. You simply wouldn't be able to tell merely by skimming the subject matter as the effect would be embedded within hidden triggers. By leaving enough of these subtle 'viruses' spread out through our culture they could bring our civilization to its knees without us even realizing that we've been the victim of alien attack.
If you're having a problem with your software, our G.I.T.S. are standing by to ask you dumb questions.
...when you're writing a game...tweak the difficulty of "Easy" to something [your mother] can cope with. -- onion2k
If I remember correctly, Jeff Goldblum's character in "Independence Day" was able to pwn the alien mothership by uploading a virus to it from his Macintosh PowerBook. Clearly, computer systems are interoperable galaxy-wide at a fundamental level. Perhaps Windows has even evolved independently on many different planets. In any case, we're clearly in deadly danger.
The big question, of course, is what the aliens will do once they've taken over our PCs. My guess is that they'll use them to send spam. The danger is that by the time our inboxes start filling with tentacle-enlargement spams and three-headed lizard porn, it will be too late for us to do anything.
I hope you're happy.