Having reread your BH presentation, and read the white paper (which I, frankly, somehow didn't find at the time) I have to say: you're right and I'm wrong! I do have a caveat, but first: some public self-flagellation.
I honestly don't recall how I could have missed the final few slides of your presentation, where you indeed answer the questions that I posed in my SF article, i.e. you set limits on what should be done. I have to say that my paper was way too harsh considering that fact.
If it seemed like I was suggesting that your idea was to create a self-propagating countermeasure, then I am sorry for that. I can see now how you might think that from my sloppy wording, but that was not my intent, and I was aware that you were not suggesting that.
I did read the Blackhat presentation, but I was unable to attend Blackhat because the company I worked for at the time couldn't pay the high fees.
As far as not having read the book yet, I did say that up front--the only reason I decided to comment before reading the book was because (a) your BH presentation was cited as inspiration for the book and (b) Slashdot posts have a limited life, and commenting much later would have been pretty much useless. Since I have now embarassed myself more than you, I am sure you'll forgive me for speaking hastily.
However, while your proposed method is indeed more "moral" than I suggested (amounting only to a host-specific network DoS rather than the more malicious options I listed), I think you still end up blurring the lines of acceptable behavior in a way that can be utilized by malicious parties. It makes it difficult to differentiate between those attacks which are authorized/acceptable and those which are not. Having a policy that _any_ unauthorized use is illegal is much simpler to enforce.
In any case, I did indeed overlook some essential points of your argument when writing the SF article, and I'm sorry for that. That was inexcusably sloppy of me.
I wrote an article back in 2002 (http://www.securityfocus.com/guest/16531), which was published on SecurityFocus, in response to Mullen's initial SecurityFocus article.
Not having read the book, I can't be sure, but according to the review there didn't seem to be much of a dissenting opinion in the book on the question of whether aggressive tactics are desirable (or effective).
That's unfortunate, since as you'll see in my article, I think a good argument can be made that aggressive network defense is both morally bankrupt and ultimately ineffective.
Unfortunately, the situation was worse than this.
The article did, in fact, get published, and in
a peer-reviewed journal, no less. The problem
was that the normal peer-review process was
short-circuited because the authors were insistent
about the urgency of their results. Therefore,
the article was not reviewed carefully.
Also,
I think (although I'm not sure about this),
that the article was only reviewed by other
chemists, and not anyone who was more familiar
nuclear detector systems.
The result was that
the peak shown in the article actually has a width
less than the theoretically possible minimum
width of a peak from the detector they were using.
This meant that they were doing some kind of
weird data shaping that ended up just showing
an artifact as a peak. A nuclear physicist
(or a nuclear chemist) would have noticed this
problem during peer review...
The question is moot, as the universe is not deterministic. This view is according to the Copenhagen interpretation of Quantum Mechanics, which, while it has its critics (most notably Einstein), is accepted by the vast majority of Physicists, and is consistent with every test performed to date.
I'm afraid I have to agree that this is too much of a pipe dream. When you ask a nanotech scientist about the things that Drexler claims nanotech is about, the response you generally get is: "Huh?"
There are three reasons why I think that nanites will not create a paradise on earth:
(1) Conservation of Energy, and Entropy. In other words, you don't get something for nothing. You _must_ use energy to do useful work (just because you're at nanoscale doesn't get you around this, the effect of a large number of nanites working will still follow the 2nd Law of Thermodynamics exactly).
(2) Human reality. Scarcity of food is currently primarily created. The U.S. Government buys surplus food to keep prices artificially high (at the behest of Archer Daniels Midland, primarily, and in the name of "saving the family farm", which doesn't really exist any more anyway). It would be possible, given the political will, to feed everyone in the world right now. So why doesn't it happen? Why does any increase in agricultural efficiency translate into increased profits, not an increase in the number of people being fed?
In short, it's because the goal of a capitalistic system is not to feed everyone, but instead to make money. Whether or not one believes that it is possible for capitalism to do so, it manifestly does not at present, and there is no reason to believe that would change in the future, nanotechnology or no. If scarcity does not exist, it must be enforced to ensure the ability to make a profit.
(3) Technology always has problems. As something created by fallible humans in a largely unpredictable universe, no technology is capable of perfect functioning. In particular, if you have devices that are very small, then they become susceptible to very small perturbations, akin to mutations in biological systems. Cosmic rays would be able to knock out components and/or change structural and program elements in unpredictable ways. If the devices are self-replicating, then the whole system would act very much like a population of microorganisms which can mutate into unexpected forms, and therefore start eating things they're not supposed to, or engage in other negative behaviors, as others have already suggested below.
Nanotechnology will undoubtedly create many magnificent and fascinating things, and I will be looking forward to announcements of them here on Slashdot. But let's not forget that reality has some rules that can't be broken (physical laws) as well as some that seem resistant to change (human social patterns).
Keep your eyes on the legitimate nanotech literature (i.e. refereed publications rather than hyperoptmistic puff pieces in the lay press) for the truly fascinating stuff going on, and beware of snake oil salesman! -Slendro
Slashdot Mirror
Having reread your BH presentation, and read the white paper (which I, frankly, somehow didn't find at the time) I have to say: you're right and I'm wrong! I do have a caveat, but first: some public self-flagellation.
I honestly don't recall how I could have missed the final few slides of your presentation, where you indeed answer the questions that I posed in my SF article, i.e. you set limits on what should be done. I have to say that my paper was way too harsh considering that fact.
If it seemed like I was suggesting that your idea was to create a self-propagating countermeasure, then I am sorry for that. I can see now how you might think that from my sloppy wording, but that was not my intent, and I was aware that you were not suggesting that.
I did read the Blackhat presentation, but I was unable to attend Blackhat because the company I worked for at the time couldn't pay the high fees.
As far as not having read the book yet, I did say that up front--the only reason I decided to comment before reading the book was because (a) your BH presentation was cited as inspiration for the book and (b) Slashdot posts have a limited life, and commenting much later would have been pretty much useless. Since I have now embarassed myself more than you, I am sure you'll forgive me for speaking hastily.
However, while your proposed method is indeed more "moral" than I suggested (amounting only to a host-specific network DoS rather than the more malicious options I listed), I think you still end up blurring the lines of acceptable behavior in a way that can be utilized by malicious parties. It makes it difficult to differentiate between those attacks which are authorized/acceptable and those which are not. Having a policy that _any_ unauthorized use is illegal is much simpler to enforce.
In any case, I did indeed overlook some essential points of your argument when writing the SF article, and I'm sorry for that. That was inexcusably sloppy of me.
I wrote an article back in 2002 (http://www.securityfocus.com/guest/16531), which was published on SecurityFocus, in response to Mullen's initial SecurityFocus article.
Not having read the book, I can't be sure, but according to the review there didn't seem to be much of a dissenting opinion in the book on the question of whether aggressive tactics are desirable (or effective).
That's unfortunate, since as you'll see in my article, I think a good argument can be made that aggressive network defense is both morally bankrupt and ultimately ineffective.
We eat ham and jam and spam a lot!
I hope that Brooks pokes a little fun at Lucas
by showing a scene from the first Spaceballs with
tons of excessive CGI characters inserted...
Don't touch them! These mice have been infected
with RAGE....
Don't you mean "retuttle"?
heh heh.
Also, I think (although I'm not sure about this), that the article was only reviewed by other chemists, and not anyone who was more familiar nuclear detector systems.
The result was that the peak shown in the article actually has a width less than the theoretically possible minimum width of a peak from the detector they were using. This meant that they were doing some kind of weird data shaping that ended up just showing an artifact as a peak. A nuclear physicist (or a nuclear chemist) would have noticed this problem during peer review...
--
--
There are three reasons why I think that nanites will not create a paradise on earth:
(1) Conservation of Energy, and Entropy. In other words, you don't get something for nothing. You _must_ use energy to do useful work (just because you're at nanoscale doesn't get you around this, the effect of a large number of nanites working will still follow the 2nd Law of Thermodynamics exactly).
(2) Human reality. Scarcity of food is currently primarily created. The U.S. Government buys surplus food to keep prices artificially high (at the behest of Archer Daniels Midland, primarily, and in the name of "saving the family farm", which doesn't really exist any more anyway). It would be possible, given the political will, to feed everyone in the world right now. So why doesn't it happen? Why does any increase in agricultural efficiency translate into increased profits, not an increase in the number of people being fed?
In short, it's because the goal of a capitalistic system is not to feed everyone, but instead to make money. Whether or not one believes that it is possible for capitalism to do so, it manifestly does not at present, and there is no reason to believe that would change in the future, nanotechnology or no. If scarcity does not exist, it must be enforced to ensure the ability to make a profit.
(3) Technology always has problems. As something created by fallible humans in a largely unpredictable universe, no technology is capable of perfect functioning. In particular, if you have devices that are very small, then they become susceptible to very small perturbations, akin to mutations in biological systems. Cosmic rays would be able to knock out components and/or change structural and program elements in unpredictable ways. If the devices are self-replicating, then the whole system would act very much like a population of microorganisms which can mutate into unexpected forms, and therefore start eating things they're not supposed to, or engage in other negative behaviors, as others have already suggested below.
Nanotechnology will undoubtedly create many magnificent and fascinating things, and I will be looking forward to announcements of them here on Slashdot. But let's not forget that reality has some rules that can't be broken (physical laws) as well as some that seem resistant to change (human social patterns).
Keep your eyes on the legitimate nanotech literature (i.e. refereed publications rather than hyperoptmistic puff pieces in the lay press) for the truly fascinating stuff going on, and beware of snake oil salesman! -Slendro
--