Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is SETI a Security Risk?

Posted by Hemos on from the a-whole-new-level-of-paranoia dept.

Dotnaught writes "Richard Carrigan, a particle physicist at the US Fermi National Accelerator Laboratory in Illinois, fears the Search for Extra-Terrestrial Intelligence (SETI) may be putting the earth at risk. As reported in the Guardian, Carrigan frets that alien radio signals could pose a security risk. The report cites a 2003 paper entitled "Do potential Seti signals need to be decontaminated?" but Carrigan's website has more details. Basically, he's calling for isolation of SETI computers and additional security measures. He writes, "To paraphrase Cocconi and Morrison for the possibility of a malevolent SETI signal ...the probability of a contaminated SETI signal is difficult to estimate; but if we never consider it the chance of infection is not zero."" Frankly, I'm more worried about some phishing malcontent then I am about the Grays, but maybe that's just me.

38 of 527 comments (clear)

  1. Chicken and Egg. by FalconZero · · Score: 5, Insightful
    From TFA:
    1. Raw signal in memory must bootstrap to status of operating program
    2. Program must then untangle the inner workings of the host. (Is it possible to now build a diagnosis program to determine the operating set of an unfamiliar computer?)
    I'm not a software engineer but... no, wait, I AM a software engineer, so I'm curious, how does this 'virus' execute step 1 [Buffer Overrun & Privilage Escalation] without doing step 2 first [Determine instruction set for system] (Which incidentally requires step one to have been performed first.)
    As far as I see it, theres as much chance of data in the recieve buffer created by background radiation being a viable 'virus' as there is a deliberate chunk of data will be

    This sounds suspiciously like :
    1) Send malicious code
    2) ...
    3) Infect universe (and profit)
    --
    Windows in 6 Bytes (IA-32) : 90 90 90 90 CD 19
    1. Re:Chicken and Egg. by Nos. · · Score: 4, Funny

      They did it in Independance Day!

    2. Re:Chicken and Egg. by Anonymous Coward · · Score: 3, Funny

      No, no, statistical evidence shows that they're most likely to be running Windows - not to mention the lower TCO reduces the running cost of your mothership compared to free alternatives.

      Wait, we all know from Independence Day that the aliens use Mac OS.

    3. Re:Chicken and Egg. by m4dm4n · · Score: 4, Funny
      "the probability of a contaminated SETI signal is difficult to estimate;"

      Is that because his PC couldn't deal with numbers that small?

      --

      No France
    4. Re:Chicken and Egg. by djmurdoch · · Score: 5, Informative

      The possibility that extraterrestrials will take over SETI is pretty remote, but SETI is still a security risk. In decreasing level of probability, I'd say the risks are:

        - someone could hack the server and send out malicious code with the next software update

        - someone could hack the data stream and inject malicious data into it (assuming there really is such a thing as malicious data, which I find hard to believe).

        - someone terrestrial could broadcast malicious data in such a way that the SETI telescopes pick it up and think that it's ET in origin.

        - an ET could broadcast malicious data, after having picked up a copy of the SETI software and analyzing it.

        - an ET could broadcast malicious data without knowing what the receiver is like (the worry describe in TFA).

    5. Re:Chicken and Egg. by a_nonamiss · · Score: 5, Insightful

      You're using the mindset that these ET's are of similar intelligience to humans. We tend to do that as a species. But imagine, if you will, a civilization that is only 2000+ years more advanced that us. And realistically, and civilization advanced enough to receive our radio waves and respond is likely greater than 2000 years more advanced than us. Consider how very short 2000 years is in a universal timescale. To this advanced civilization, our advanced code is nothing more than a toddler's plaything. We can't even begin to fathom the ways in which they could potentially expolit our security.

      It's like if the Romans built a huge wall and said "That will keep out anyone. It's not possible to breach it." Using our technology, which is 2000 years more advanced, (less, actually) we could fly an B2 bomber over the city and drop a couple 2000 pound bombs. The pinnalce of their most advanced security would last less than 10 seconds against the most basic of our assaults.

      I know this is a little different when talking about computer security, but just as the Romans couldn't even imagine in their wildest dreams a B2 bomber, let alone how it could possible get past their impenetrable wall, we can't conceive of the technology that could be used to "infect" our computers. In 2000 years, who knows what kind of power we would have to defeat such a system? We can't know because it's beyond even our wildest imagination.

      --
      -Arthur
      Cave ne ante ullas catapultas ambules
    6. Re:Chicken and Egg. by Ihlosi · · Score: 5, Insightful
      we can't conceive of the technology that could be used to "infect" our computers.



      And that's the flaw in your B2-Bomber-argument. The aliens would be stuck with using our (extremely primitive) technology. We know pretty well how our computers work, and can figure out most ways to break/hack/crack them ourselves in a short timespan.



      It's a bit like using the tools and technologies the Romans had at that time and trying build that B2 bomber.

    7. Re:Chicken and Egg. by FalconZero · · Score: 4, Insightful

      Good post, but incorrect. It doesn't matter if the civilisation is a million years more advanced than our, for them to deliberatly write a virus using the SETI recieve buffer as a vector is simply impossible. The systems are ours, any infection via this method MUST comply with out systems operating parameters (IE Instruction sets etc...). The code MUST execute on our systems, for which it MUST contain vaild opcodes. Even then, it relies on security flaws in OUR software (which may or may not exist).

      To use your analogy, its like assaulting a Roman wall in a place where the laws of physics prevent flight.

      --
      Windows in 6 Bytes (IA-32) : 90 90 90 90 CD 19
    8. Re:Chicken and Egg. by 6*7 · · Score: 5, Funny

      "It's like if the Romans built a huge wall and said "That will keep out anyone. It's not possible to breach it." Using our technology, which is 2000 years more advanced, (less, actually) we could fly an B2 bomber over the city and drop a couple 2000 pound bombs."

      IIRC the Great Wall's effects expires with the discovery of metallurgy.

    9. Re:Chicken and Egg. by s20451 · · Score: 3, Insightful

      The basic argument is this:

      If it were possible, within the limits of human technology, to take over the world with a computer virus, we would have seen some indication of it by now.

      However, if the aliens had some kind of magic technology that overcame human limitations, using it to take over the world via a computer virus is kind of ridiculous. They could just take over the world directly.

      And assuming that there are malicious aliens with technology far beyond ours, we're screwed anyway. So there is really no point in worrying about SETI security holes, or even about aliens in general.

      --
      Toronto-area transit rider? Rate your ride.
    10. Re:Chicken and Egg. by Digi-John · · Score: 3, Informative

      "The technology of the signal", eh? Look, a signal is a signal. A radio wave is a radio wave--it is not also magically a sandwich. If we receive something, whatever it does will be done through our technology. If these ETs have something that allows them to view us instantaneously and manipulate matter over here, they won't be worrying about radio signals, and we'll have bigger problems anyway.

      It's okay to think outside the box, just don't think outside of the laws of physics.

      --
      Klingon programs don't timeshare, they battle for supremacy.
    11. Re:Chicken and Egg. by Taevin · · Score: 4, Funny

      Lower TCO indeed because you get Microsoft's Genuine Intergalactic Technical Support hotline.

      "Thank you for calling Microsoft's Genuine Intergalactic Technical Support. If you are experiencing a problem with a factory installed Windows Galaxy edition, please contact your manufacturer.

      If you are calling about a non-critical issue, please emit one tachyon burst directed at Microsoft's Genuine Advantage Galactic Transmission satellite.

      If you are calling about a security hole that was exploited by the Scourge causing the destruction of half your intergalactic fleet, please wait one (1) business day before targeting Microsoft's campus with your quantum torpedos.

      If you are experiencing a total system failure preventing your navagation computer from function and are on a direct collision course with Earth, please wait on the line for a Microsoft Certified Windows Galaxy edition technician. Please note that we are experiencing a high call volume at this time, and you may be on hold for 12-24 hours.

      Thank you for calling Microsoft's Genuine Intergalactic Technical Support. Microsoft, what planet do you want to go to today?"

    12. Re:Chicken and Egg. by flyingsquid · · Score: 4, Funny
      I have this image of a computer virus taking over every computer on earth, then using our antennas and satellite to repeatedly broadcast the message "ENLARGE your COPULATORY TENTACLES! Tentaculis®, SAND WORM extract, and Dilithium Sulfide, it really works and without a prescription! Pills CHEAP from GalacticPharm@AlphaRegulonV.com" for light years around.

      Then an armada of warships bearing atomizer rays and a bunch of very annnoyed aliens arrives...

    13. Re:Chicken and Egg. by Wellspring · · Score: 4, Interesting
      Didn't L. Bob Rife use SETI to capture the metavirus, which was metaphorically floating around in space?

      Eliminating rivals in space sounds like a flimsy motive-- though of course you're right to examine it as aliens need not have motives that are by our standards rational.

      I don't think that outright trickery is likely, but what about this:

      1. Assume FTL transportation.
      2. Assume that said FTL tech requires a transmitter and receiver. Not necessarily teleportation, merely some kind of equipment required at both the origin and destination.
      3. Assume some motive for interstellar trade (materials, information, art, some reasons that aliens would have something you want).
      4. Therefore, there's a motive for the Hong Kong effect: simply being the nexus of trade provides a massive economic benefit.
      5. At first you can grow your market yourself-- ie building and shipping the infrastructure using STL tech, then using it to establish FTL trade. This is the equivalent of shipping AOL disks to random addresses, hoping that whoever gets the disk is able to add enough revenue to be worth all the disks that were dumped.
      6. That's expensive. And it only works on an acceptable time frame in a local area. If you're trading art or information, furthermore, you need to determine if a system is worth bridging to in the first place.
      7. However, once you're up and running, there's an easier alternative. Broadcast blueprints for your network all over space, designed to obfuscate the underlying technology and only connect to your FTL net. By the time the aliens are sophisticated enough to create a competitor to your network, they will be too deeply bought in to want to do that. Plus, any network they establish will be far smaller than yours-- you can use exclusivity to lock your customer civilizations in.
      8. If you set the system up in a star topology, everything has to go through your civilization to get anywhere else. You'll have the advantage in relationships, cultural knowledge, etc. If the variability of alien psychologies is high enough, this alone could be a massive advantage. By seeing so many cultures, you get an idea of how to pigeonhole new ones and get a relationship going faster.
      9. Now you have a much more lucrative system. You have a network whose nodes are paid for by the endpoint civilizations using their industrial resources and so your only bottleneck is the range of your transmissions (so why not purchase repeaters at the edge of your network), and the ability for alien cultures to receive, digest and implement your blueprints.
      10. If viable trading partner civilizations are rare enough, far enough apart, and hard enough to discover, this could be the only workable way to implement interstellar trade.


      OK so there's one scenario right off the bat. You don't have to assume malevolent aliens, only self-interested ones. Sure, FTL might not exist at all, or may work completely differently. Who cares? When I get a random email with detailed instructions for me to make BIG PROFITS, I don't piece together how exactly it might be scamming me, I just recognize that I have to treat these things with healthy scepticism.

      Much as I respect Carl Sagan, his aliens were a little too idealized for my tastes. Then again, I also don't see our system of describing mathematics as a universal. To paraphrase B5 creator JMS: the only universals in the universe are matter, energy and enlightened self-interest.

      The age when we say that any advanced civilization must be peaceful, noble and altruistic is thankfully over. Instead, if/when we encounter aliens, let's be reasonable, respectful, and aware that our self interests may not perfectly aligned.
  2. Hmm... Is it just me or is this guy... by beh · · Score: 4, Insightful

    ...completely out of his mind?

    Granted - once we had contact any alien civilisation could also get into a situation where they could potentially send malware to Earth.

    But - isn't Seti right now looking at data from stars a good number of lightyears away? How likely is it that aliens on the off chance of infecting a computer would send out virusses and/or worms that would run on current CPUs and chipsets, using security holes that are current NOW? (Remember - if aliens 10 lightyears away would get hold of enough Earth signals to decode Intel assembly language and to understand Windows security holes, even if they could decipher all that overnight and write a terminal computer virus in another hour - it still took them 10 years to receive the signals from us and it would take another 10 years for them to come back). How likely is it that a virus working on 20 year old hard-/software (including OS and everything) would still work on a large portion of critical infrastructure today?

    Given that Seti only checks data, but doesn't try to execute it, shields us even further from the whole thing...

    Or - is Mr. Carrigan now assuming that there is an imminent threat of an attack by Bin Laden against the Internet - through Seti@home ?
    Now that would make even Bush sound perfectly sane... ;-)

  3. This is ridiculous by Stevyn · · Score: 4, Funny

    Did this guy just watch "Independence Day" or something?

  4. They're thinking all wrong. by Phae · · Score: 5, Funny

    I've seen this movie, but it's the other way around. We're the ones that upload the virus to the aliens, not them to us... don't be silly.

  5. I'm really worried by $RANDOMLUSER · · Score: 4, Insightful

    Because, of course, the aliens use binary Von Neumann machines with register/accumulator architectures, and instruction sets we're familiar with.

    --
    No folly is more costly than the folly of intolerant idealism. - Winston Churchill
  6. You can thank me for this information by WormholeFiend · · Score: 5, Funny

    As official Earth contactee for the benevolent Betelgeuse civilization, I have been told to warn you that the evil Andromedans are using the SETI program to keep a fresh list of potential abductees for nefarious experiments.

    They also recently developped antitinfoil penetration technology, so those of you who are using this means of protection are now vulnerable.

    These beings will stop at nothing to get to the bottom of your colon!

    Consider yourselves warned.

  7. WHOA.... by wangotango · · Score: 4, Funny

    I'll read the content of the article after I construct a tin foil hat for my laptop.

  8. A classic example ... by Daniel+Dvorkin · · Score: 5, Insightful

    ... of someone who's very knowledgeable in one technical field (in this case, particle physics) assuming that this knowledge carries over into another, almost unrelated technical field (in this case, computer science.) I'm sure that Dr. Carrigan is a very, very smart guy, but odds are he uses his computer as a tool without a whole lot more understanding of its inner workings than that possessed by the typical business user.

    --
    The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
    1. Re:A classic example ... by Anonymous+MadCoe · · Score: 4, Informative

      A nice story about this, the false authority syndrome: http://www.vmyths.com/fas/fas1.cfm

  9. Does this give new meaning to the phrase.... by isa-kuruption · · Score: 5, Funny

    Does this give new meaning to the phrase: HACK THE PLANET ???

  10. Sounds like a job for OpenBSD. by ettlz · · Score: 4, Funny

    That'll help prevent interstellar buffer overruns 'sploits!

    Either that or we'll send them Theo de Raadt.

  11. Not necessarily from space. by Vo0k · · Score: 3, Informative

    The "malicious signal" may be of earth origin, just send it to the antennas on the right frequency and make it similar enough in shape to the space noise and it will get processed just the same. Or hijack a DNS and post new "work units" with malicious content acting as SETI.
    Thing is you don't need to separate the data, you just need to make the processing software secure, in such a way that data is analysed and never executed, there's no chance of buffer overflow or other potential risks coming from the data. Simple as that.

    --
    Anagram("United States of America") == "Dine out, taste a Mac, fries"
  12. An Open Letter by pete-classic · · Score: 5, Funny

    Dear Richard Carrigan,

    You keep doing particle Physics, and we'll keep doing Computer Science.

    Love,
    The Computer Scientists

  13. Movie-plot threat by Proaxiom · · Score: 5, Insightful
    A perfect example of what Schneier calls movie-plot security.

    It's pretty sad that they're actually wasting brain cycles thinking about threats like this. No, the risk of infection isn't zero. But it's damn close to zero. It isn't zero if you 'secure' SETI systems, either. It isn't even zero if you dismantle the SETI telescopes.

    But money spent on this is money better spent elsewhere, practically no matter where else you spend it. This should have been in the 'It's Funny, Laugh' topic.

    (Prediction: this will appear on Schneier's blog by end of day tomorrow)

    1. Re:Movie-plot threat by Dun+Malg · · Score: 4, Interesting
      A perfect example of what Schneier calls movie-plot security....But money spent on this is money better spent elsewhere, practically no matter where else you spend it

      People are weird like that. As a locksmith, I tell people almost exactly the above when they ask for a SECOND deadbolt, or for an "unpickable" lock on their cheap, hollow core masonite door. They're trying to defeat movie and TV spies, which don't exist in real life. Real life burglars throw a rock through a rear window. And in fact, real life spies aren't even going to pick the lock, but rather throw a rock through the rear window so it looks like a burglary. But no, people have delusions that there are packs of secret agent type thieves with sophisticated alarm disabling blinkenlights tools and lockpick sets. People watch too much TV.

      --
      If a job's not worth doing, it's not worth doing right.
  14. His worst fear has probably already happened by Aging_Newbie · · Score: 5, Insightful

    SETI data is pretty much indistinguishable from random numbers. In fact, the extremely rare patterned sequences of data are the holy grail of the pursuit.

    So .... most likely lots of virus code has already been processed because random noise will eventually produce every virus, just like monkeys and keyboards will produce Shakespeare. One could, I guess, hold the position that by processing random data we are putting ourselves at risk and that rings more true than some civilization producing intentional sequences with malicious intent.

  15. A far greater risk... by stox · · Score: 5, Insightful

    is sending signals out. Although we may think we are saying hello, the receiver may be thinking, "Hmmm, I do need more meat in my diet."

    --
    "To those who are overly cautious, everything is impossible. "
  16. ..and also psychic. by jferris · · Score: 5, Funny
    Assuming attacks on only 32 bit Windows OSes, if an attack would occur today, it could only have originated from within a range of ten light years. An attack from further out would have required that it be launched before Windows 95 was.

    There really is no need for remote infiltration of the OS, since high school students have been doing it for years. Why would first (acknowledged) contact be to give a virus to Windows users? It is like pouring salt in the ocean.

    --
    You are in a maze of little twisting passages, all different.
  17. You forgot the obvious... by beh · · Score: 3, Funny


    Since mankind came about through "Intelligent Design", so will the aliens. And hence it's natural that their Intelligent Design also led them to having Windows (completely independently developed - but still the same thing - it's in our eternally unchangeable intelligently designed genes, remember?)

    *smile*

    Somehow I wouldn't be quite so surprised if it really turned out the guy would be a creationist... ;-)

  18. It's just you ;) by headkase · · Score: 3, Insightful

    I belive he's talking about those pesky abstractions we all use without a thought everyday. Basically, the scenario unfolds in this way: you recieve information from a entity and the ideas contained within said information can be helpful (like Universal Cure) to harmful or disruptive (something along the lines of a memetic virus).
    It would be a nasty trick for an alien civilization to give us the most destructive weapon possible without giving us accompaning social skill's as well. Or we could figuratively be on the 'beads' end in some initial contact scenario.
    To quote Morris Berman, "An idea is something you have, an ideology is something that has you.". An old alien civilization out there could just be very good at constructing ideologies. I'm not saying now is the time to consider this chance, rather that it should be considered when alien contact occurs.

    --
    Shh.
  19. Snow Crash? by giminy · · Score: 3, Funny

    Did anyone else immediately think of Snow Crash when they read this? I'm guessing Neal Stephenson did a lot of acid when he wrote that novel. I'm guessing that this guy did a lot more acid than Neal if he believes there is any truth to it.

    --
    The Right Reverend K. Reid Wightman,
  20. GREETING AND HELLO by $RANDOMLUSER · · Score: 3, Funny

    I send you greetings from what you know as the smaller magelenic cloud. my name is ortion fleglar, and my father, the late ortion flekgar, left to me a sum of one hundred million kletlons before being pulled into a hyperspace anomoly. Before his untimely demise, he warned me never to trust my hive-mothers, gleblon flamkis and formta gleklar...

    --
    No folly is more costly than the folly of intolerant idealism. - Winston Churchill
  21. Who cares? by Tom · · Score: 3, Funny

    Frankly, anyone who is 2-3 years ahead of today could lay waste to our entire IT infrastructure anyway. Just look at what some malware can do that's a month or so ahead of current patchlevels.

    Any aliens that are 10, 100 or 1000 years ahead of us technologically... well, the 10-year-ahead aliens probably know how to wipe out every computer on earth within 2 minutes. The 100 and 1000 years-ahead aliens almost certainly aren't backwards compatible enough. :)

    --
    Assorted stuff I do sometimes: Lemuria.org
  22. Intergalactic Investment Opportunity! by SB9876 · · Score: 4, Funny

    DEAR SIR,

        CONFIDENTIAL BUSINESS PROPOSAL

    HAVING CONSULTED WITH MY COLLEAGUES AND BASED ON THE INFORMATION GATHERED FROM THE CENTAURI CHAMBERS OF COMMERCE AND INDUSTRY, I HAVE THE PRIVILEGE TO REQUEST FOR YOUR ASSISTANCE TO TRANSFER THE SUM OF #47,500,000.00 (FORTY SEVEN MILLION, FIVE HUNDRED THOUSAND GEESAK COMMONWEALTH GOLTONS) INTO YOUR ACCOUNTS. THE ABOVE SUM RESULTED FROM AN OVER-INVOICED CONTRACT, EXECUTED COMMISSIONED AND PAID FOR ABOUT FIVE YEARS (5) AGO BY A INTERSTELLAR CONTRACTOR. THIS ACTION WAS HOWEVER INTENTIONAL AND SINCE THEN THE FUND HAS BEEN IN A SUSPENSE ACCOUNT AT THE CENTRAL BANK OF CENTAURI APEX BANK...

  23. It doesn't have to be a computer virus... by Darius+Jedburgh · · Score: 4, Interesting
    ...it could be a virus for he human brain. An intelligent alien species could reverse engineer the human brain and try to figure out the right 'buttons' to push to make us engage in various types of behavior. Essentially they'd have to use the fact that the human brain isn't a perfect processing machine. For example there are optical illusions which make us see things that aren't really there at all. Similarly there might be thought illusions that arise the moment we are tricked into thinking about certain things. The 'virus' might look like the most innocuous thing but if it had the right triggers embedded in it then it might make humans perform certain prescribed actions that would look completely irrational to those uninfected.

    It's hard to predict the form that such a 'virus' might take. Just making up random stuff off the top of my head: they could leave us a story about such irrelevant subjects like the history of an ancient tribe lost in some desert for 40 years but as a result of reading this story the readers' beheviour might be irrevocably changed so that they are no longer capable of understanding basic biology. You simply wouldn't be able to tell merely by skimming the subject matter as the effect would be embedded within hidden triggers. By leaving enough of these subtle 'viruses' spread out through our culture they could bring our civilization to its knees without us even realizing that we've been the victim of alien attack.