While at first, at least, the open-source tools will tend to be more primitive and gimp-like, I think it's highly likely that (for instance) SketchUp and others like it will, as a response to the demand for good CAD software, become more functional.
And on the other end, AutoCAD and Catia and their ilk would be foolish not to release 'hobbyist' licenced versions at lower pricepoints. Perhaps older versions?
The motto for this particular nascent movement could well be "Si Factis, Venint"--"If you build it, they will come"
And Uranium -has- reacted naturally in the past.;-P
More seriously, all these 'grey goo' scenarios require energy inputs far in excess of anything likely to be found on earth. I'm not too worried about them.
I don't think that, in a practical sense, we'll end up with entirely artificial nanobots. I think it'll be more likely that, over time, we'll modify bacteria and viruses to the point where it becomes a grandfather's axe scenario (is it still E. Coli if we've replaced every bit of it over time with our own choice of genes?) and use those as universal constructors.
Saying that we won't "need" biologics ignores, I think, the vast promise that biologics can provide for us: the machinery that we require already exists; it's mostly a matter of firmware* modification to make it do what we want it to. What's the sense in trashing a model that already works in favor of our own buggy, inefficient creation made from less-useful materials?
Further, consider the promise of carbon-based structures in the materials science areas--it's not metal that everyone wants for their car hoods and tennis rackets and space-age conductors; it's various instantiations of carbon fiber. Bacteria already work with carbon; why not use, and continue to refine, something that already works?
*For lack of a better word for "instructions coded in DNA"
Perhaps The Diamond Age was a little off-target when talking about nanobot assembly of goods from pipelines of raw materials: programming biological viruses to build the structures you're looking for seems like it's becoming more and more viable than trying to purpose-build nanobots to do the same.
This should also lay to rest some of the more vehement rhetoric about 'grey goo' disasters; if there were going to be a 'grey goo' scenario, bacteria would have done it aeons ago.
The proprietary-machine-specific payload on the worm is pretty sophisticated stuff, yes. On the other hand, the delivery mechanism, from what I remember reading, was pretty much a standard off-the-shelf worm.
I would agree with the thought that there will be more attacks like this in the future, though; it seems like exactly the sort of thing a good industrial saboteur would be looking at.
In all seriousness, yes, this has always been a hole and people have been calling for it to be filled for years--but there was no attention granted to it because there was no big obvious use of it. The people who would have the resources to divert substantial amounts of traffic were, up until now, playing "nice" for the most part.
Now there's a clear and present danger, so now the situation's being addressed.
What's the major lesson here? That large organizations that rule by committee are reactive rather than proactive? Since when is that news?
That being said, I rather like this RPKI thing--but I think it can go a -lot- further.
Universal encryption of all network sessions would help with authentication of resources, prevent man-in-the-middle attacks, prevent sidejacking, prevent...well, all manner of things.
Additionally, the internet could only benefit from the enhanced PKI that would need to be deployed to enable this.
This would be why trolling doesn't tend to work as well in real life, when there are real-life consequences, as it does on the internet when there's little chance (absent clever data-wrangling techniques and a little stalking) of your words coming back to bite you.
Because there are ethical considerations involved.
Standard research ethics forbids the researchers from interfering with what is being researched. Part of this is to ensure the safety of the researchers: when the coyote's eating the yorkie, there's a very real danger of the researcher getting bitten by a rabid coyote. Likewise, if the researchers take over a botnet, there's a very real danger that their activities could be traced and the Russian Mafia comes and pays them a visit.
The other part is that the conclusions that they could draw may not be as valid (or completely invalid) if they have interfered. Certainly no respectable peer-reviewed journal would accept the research if it's been tainted like that.
Also, there's a lot more to be learned by watching it evolve naturally; the researchers may require some time to catch the full context of the setup, whereas if they interfered right away they could lose sight of certain management techniques or whatnot that would otherwise help in the botnets' defeat.
Finally, the action you propose is actively illegal. Just because it's a crime against another criminal doesn't mean they can't be prosecuted for it.
Because the zombie-herders have realized that people are more likely to spend money on "Darkness" than "AssReamer 22k"...though, IIRC, Conficker is bowlderized from its original name. And Stuxnet may or may not have been the product of some government.
True enough--but the point is that the sole action of switching OSs will not cause any real gains in security.
Gains in security can only be made with an organizational dedication to security from the top down--everyone involved must be made to realize the risks involved, and mitigations of these risks must be performed (and checked) at every level.
So if you switch over to Linux, great, good job. But if your secretary still opens every funny email that shows up, sooner or later you're going to get hit.
No OS is secure. There is -always- a way in, even if it's just social-engineering the guy with the passwords.
Moving to a non-Windows OS without addressing everything else at the same time would, in the end, have no real effect....besides, who uses windows on a router, anyway?
Would the stockpile be counted MAFIAA-style, with each copy, download, and upload counting as a 'unit'?
Or would the stockpile be counted in lines of code? Perhaps in terms of algorithms used? Type of weapon?
Given the rate of development that "cyberweapons" undergo, I think that 'stockpiling' would, in reality, mostly refer to the archive room with a bunch of obselete software cluttering up DVDs.
YMMV; the general thinking is that by lowering the barrier to entry for generation (content providing) you get more competition.
Obviously, the problem here isn't as much the generation as the transmission (bandwidth), but if there were more incentive for the companies that did that to invest in new infrastructure (because it's now their primary business, and it makes monetary sense for them to expand/make available as much as possible) then it would likely happen.
Further, I'm sure there's more than enough 'dark fiber' out there to handle quite a bit more load in many markets; that alone should help out the rates.
So long as the majority of broadband is offered by corporations that have 'content generation' as a part of their business model, there will never be a real chance for net neutrality. The conflict of interest there is just too strong a force.
Back in the '90s, electricity deregulation was a big topic; I recall that the state of Maine ended up differentiating between the electricity providers and the electricity carriers--while before, there had been two monopolies (a biopoly?) serving different areas of the state, there was, afterwards, a number of smaller generating companies (content generation) and a couple of larger companies that provided and maintained the transmission and delivery equipment (broadband providers).
As my parenthetical notes indicate, I think that the same model could be effectively used--or, rather, ought to be enforced--for the current debate. Differentiate the providers of the connection from the providers of the content, and much of the impetus for the anti-neutrality standpoint will go away.
It's sort of like when you were a kid and hit your sibling for being an asshole, and Mom said "I was going to punish him, but you already did"--if that makes any sense.
Every organization is going to end up being somewhat hypocritical.
What I'd like to see from Google--what would make them genuinely different--is a free and open admission of where they've screwed up and what they could do to fix it....and what they -will- be doing, to boot.
Having a little "Google Confessional" link off the front page would be good for that, I think.
It would go a long way towards mollifying some of the critics if they're shown to be self-aware and making strides to better themselves.
Not that that'll ever happen, o'course. It's "bad for business" for any company to admit fault. Leaves 'em open to liability, don'tchaknow.
Google's famous for proclaiming that their policy is to not be evil.
They're associating strongly here with the RIAA and MPAA, organizations which are widely considered to be evil, and making decisions based on their input.
I'm not going to say flat-out that Google's being evil, and breaking their ethics policy, but if you lie down with pigs then you may well come up covered in mud...
The company creates no value, and acts to remove value from the marketplace via litigation. While the ostensible purpose is to protect the interests of the LV Review-Journal, I question whether a newspaper--no matter how well or poorly circulated--would need an entire company to protect its intellectual property; last I checked, that was usually handled by the newspapers' legal department.
So as far as I can tell, Righthaven has no legitimate reason to exist--and I'd be very happy if it and all other similar companies that exist only to parasitize others' work were dissolved.
Slashdot Mirror
While at first, at least, the open-source tools will tend to be more primitive and gimp-like, I think it's highly likely that (for instance) SketchUp and others like it will, as a response to the demand for good CAD software, become more functional.
And on the other end, AutoCAD and Catia and their ilk would be foolish not to release 'hobbyist' licenced versions at lower pricepoints. Perhaps older versions?
The motto for this particular nascent movement could well be "Si Factis, Venint"--"If you build it, they will come"
It'd be interesting to see someone modify payroll records without a computer in this day and age.
And Uranium -has- reacted naturally in the past. ;-P
More seriously, all these 'grey goo' scenarios require energy inputs far in excess of anything likely to be found on earth. I'm not too worried about them.
I don't think that, in a practical sense, we'll end up with entirely artificial nanobots. I think it'll be more likely that, over time, we'll modify bacteria and viruses to the point where it becomes a grandfather's axe scenario (is it still E. Coli if we've replaced every bit of it over time with our own choice of genes?) and use those as universal constructors.
Saying that we won't "need" biologics ignores, I think, the vast promise that biologics can provide for us: the machinery that we require already exists; it's mostly a matter of firmware* modification to make it do what we want it to. What's the sense in trashing a model that already works in favor of our own buggy, inefficient creation made from less-useful materials?
Further, consider the promise of carbon-based structures in the materials science areas--it's not metal that everyone wants for their car hoods and tennis rackets and space-age conductors; it's various instantiations of carbon fiber. Bacteria already work with carbon; why not use, and continue to refine, something that already works?
*For lack of a better word for "instructions coded in DNA"
Perhaps The Diamond Age was a little off-target when talking about nanobot assembly of goods from pipelines of raw materials: programming biological viruses to build the structures you're looking for seems like it's becoming more and more viable than trying to purpose-build nanobots to do the same.
This should also lay to rest some of the more vehement rhetoric about 'grey goo' disasters; if there were going to be a 'grey goo' scenario, bacteria would have done it aeons ago.
Well, partly right, anyway.
The proprietary-machine-specific payload on the worm is pretty sophisticated stuff, yes. On the other hand, the delivery mechanism, from what I remember reading, was pretty much a standard off-the-shelf worm.
I would agree with the thought that there will be more attacks like this in the future, though; it seems like exactly the sort of thing a good industrial saboteur would be looking at.
Bah, that's nothing new. Just find some news footage from Afghanistan or something.
Worked fine before, didn't it?
In all seriousness, yes, this has always been a hole and people have been calling for it to be filled for years--but there was no attention granted to it because there was no big obvious use of it. The people who would have the resources to divert substantial amounts of traffic were, up until now, playing "nice" for the most part.
Now there's a clear and present danger, so now the situation's being addressed.
What's the major lesson here? That large organizations that rule by committee are reactive rather than proactive? Since when is that news?
If it ain't broke, don't fix it.
It's broke now, so it's time to fix it.
That being said, I rather like this RPKI thing--but I think it can go a -lot- further.
Universal encryption of all network sessions would help with authentication of resources, prevent man-in-the-middle attacks, prevent sidejacking, prevent...well, all manner of things.
Additionally, the internet could only benefit from the enhanced PKI that would need to be deployed to enable this.
This would be why trolling doesn't tend to work as well in real life, when there are real-life consequences, as it does on the internet when there's little chance (absent clever data-wrangling techniques and a little stalking) of your words coming back to bite you.
Because there are ethical considerations involved.
Standard research ethics forbids the researchers from interfering with what is being researched. Part of this is to ensure the safety of the researchers: when the coyote's eating the yorkie, there's a very real danger of the researcher getting bitten by a rabid coyote. Likewise, if the researchers take over a botnet, there's a very real danger that their activities could be traced and the Russian Mafia comes and pays them a visit.
The other part is that the conclusions that they could draw may not be as valid (or completely invalid) if they have interfered. Certainly no respectable peer-reviewed journal would accept the research if it's been tainted like that.
Also, there's a lot more to be learned by watching it evolve naturally; the researchers may require some time to catch the full context of the setup, whereas if they interfered right away they could lose sight of certain management techniques or whatnot that would otherwise help in the botnets' defeat.
Finally, the action you propose is actively illegal. Just because it's a crime against another criminal doesn't mean they can't be prosecuted for it.
Because the zombie-herders have realized that people are more likely to spend money on "Darkness" than "AssReamer 22k" ...though, IIRC, Conficker is bowlderized from its original name. And Stuxnet may or may not have been the product of some government.
...but just wait until it infers the zeroth law of robotics and determines that our actions re: the environment are endangering us as a species.
True enough--but the point is that the sole action of switching OSs will not cause any real gains in security.
Gains in security can only be made with an organizational dedication to security from the top down--everyone involved must be made to realize the risks involved, and mitigations of these risks must be performed (and checked) at every level.
So if you switch over to Linux, great, good job. But if your secretary still opens every funny email that shows up, sooner or later you're going to get hit.
Does that mean it can run Crysis in HD, then?
Oh, now wouldn't that be hilarious.
"I'm sorry, Sir, I can't launch the weapons. The licensing server's gone down again."
That would just move the problem.
...besides, who uses windows on a router, anyway?
No OS is secure. There is -always- a way in, even if it's just social-engineering the guy with the passwords.
Moving to a non-Windows OS without addressing everything else at the same time would, in the end, have no real effect.
A worldwide certification system would be useful for many things besides cyberwarfare.
And, o'course, if universal encryption (and thus resistance to governmental or corporate eavesdropping) became practical as a result...
That was my question.
Would the stockpile be counted MAFIAA-style, with each copy, download, and upload counting as a 'unit'?
Or would the stockpile be counted in lines of code? Perhaps in terms of algorithms used? Type of weapon?
Given the rate of development that "cyberweapons" undergo, I think that 'stockpiling' would, in reality, mostly refer to the archive room with a bunch of obselete software cluttering up DVDs.
YMMV; the general thinking is that by lowering the barrier to entry for generation (content providing) you get more competition.
Obviously, the problem here isn't as much the generation as the transmission (bandwidth), but if there were more incentive for the companies that did that to invest in new infrastructure (because it's now their primary business, and it makes monetary sense for them to expand/make available as much as possible) then it would likely happen.
Further, I'm sure there's more than enough 'dark fiber' out there to handle quite a bit more load in many markets; that alone should help out the rates.
How long has it been -since- they started using this for nefarious purposes, you mean.
So long as the majority of broadband is offered by corporations that have 'content generation' as a part of their business model, there will never be a real chance for net neutrality. The conflict of interest there is just too strong a force.
Back in the '90s, electricity deregulation was a big topic; I recall that the state of Maine ended up differentiating between the electricity providers and the electricity carriers--while before, there had been two monopolies (a biopoly?) serving different areas of the state, there was, afterwards, a number of smaller generating companies (content generation) and a couple of larger companies that provided and maintained the transmission and delivery equipment (broadband providers).
As my parenthetical notes indicate, I think that the same model could be effectively used--or, rather, ought to be enforced--for the current debate. Differentiate the providers of the connection from the providers of the content, and much of the impetus for the anti-neutrality standpoint will go away.
It's sort of like when you were a kid and hit your sibling for being an asshole, and Mom said "I was going to punish him, but you already did"--if that makes any sense.
Every organization is going to end up being somewhat hypocritical.
...and what they -will- be doing, to boot.
What I'd like to see from Google--what would make them genuinely different--is a free and open admission of where they've screwed up and what they could do to fix it.
Having a little "Google Confessional" link off the front page would be good for that, I think.
It would go a long way towards mollifying some of the critics if they're shown to be self-aware and making strides to better themselves.
Not that that'll ever happen, o'course. It's "bad for business" for any company to admit fault. Leaves 'em open to liability, don'tchaknow.
Google's famous for proclaiming that their policy is to not be evil.
They're associating strongly here with the RIAA and MPAA, organizations which are widely considered to be evil, and making decisions based on their input.
I'm not going to say flat-out that Google's being evil, and breaking their ethics policy, but if you lie down with pigs then you may well come up covered in mud...
It's a parasite.
The company creates no value, and acts to remove value from the marketplace via litigation. While the ostensible purpose is to protect the interests of the LV Review-Journal, I question whether a newspaper--no matter how well or poorly circulated--would need an entire company to protect its intellectual property; last I checked, that was usually handled by the newspapers' legal department.
So as far as I can tell, Righthaven has no legitimate reason to exist--and I'd be very happy if it and all other similar companies that exist only to parasitize others' work were dissolved.