Lots of 4A searches do not require warrants -- searches incident to arrest, custodial searches, searches with consent, and probably more. The warrant requirement only kicks in when a warrantless search would be "unreasonable" (violate a reasonable expectation of privacy, and such expectation is narrower than most non-lawyers would believe).
The single-session CD is supposed to come from an unsecure network. What good will putting it back there do an attacker?
I am not thinking small, I am thinking rational. You are assuming an "insan[e]" attacker, which is rather silly. I'm not claiming that single-session CDs will make a system unbreachable, or that you should try to. My claim is simply that using single-session CDs (in a controlled, hygenic way) makes the cost to breach a system much higher than the alternatives that were suggested (network and USB) -- not even that single-session CDs are always the right solution.
Do you have any idea what the error rate for manual data entry is? Typically about 0.5% of the entries will be wrong. Retyping information is a very error prone process.
Do you have any idea that there are known good practices for checking entered data before committing to it? And that most people would want to apply this kind of check before kicking off a production run, of just about anything, regardless of how the order was sent to the system?
What is it about this topic that makes people forget basic engineering practices?
If you have a air-gapped system, you don't let people plug either random USB devices or random Ethernet devices into it. You help enforce this by disabling USB ports, MAC-locking switch or router ports, making it clear that only specific authorized people can import data, and making sure those authorized few use hygienic practices. It's IT security, not brain surgery.
1) If you can define the protocol to be simple enough, and 2) if you can be sure that only the intended application will process the data stream on the secure side, and 3) if you actually test that application enough to be confident it is secure, and 4) if you can ensure that sensitive information will not (improperly) leak back down the other direction, and 5) if you use it often enough to pay for that development cost, and 6) if you can resist the pressure to add features or "generality" to the protocol that makes it more costly to ensure secure processing...
then maybe such a protocol makes sense. Maybe somebody somewhere has satisfied all those ifs, but I would suspect not. For your simplified example, it is probably cheaper -- and just as secure -- to have an operator enter the dozen or so keystrokes to order "produce x amount of class y steel" than to design, build, install and support a more automated method. Human involvement has the added bonus of (nominally) intelligent oversight of the intended behavior for the day.
The point of an air gap is to make data transfers much more controlled. Some can be crossed regularly (with appropriate control), and some should not. One should only adopt any security measure after a cost-benefit analysis. The depth and rigor of that analysis should be determined by the expected costs (ongoing/operational) and potential costs (from a successful exploit).
Thus, I said "If I really wanted to reduce exposure", not "Everybody should do this to reduce exposure". If the productivity costs are very high, you had better impose enough oversight to deter or catch any policy violations... or choose a security policy besides "air gap". My basic points stand: much more software regularly talks to a network than regularly reads from CDs, and the protocols involved are much more complex for network communications; and USB sits in between those two.
FWIW, industrial control instructions can be made much more regular than arbitrary data, making it easier to detect a compromise before it reaches its ultimate target. For example, if the usual file size is 1 MB, you had better have a good reason for it to suddenly be 3 MB. If you are really paranoid, you might have a format checker or sanitizer to act like a very application-specific antivirus.
What compels the management to hook the control network up to the Internet? If a vendor told me that their safety-impinging product needed Internet access to run -- for a license check or for any other reason -- I would tell them to go pound sand, and I'd be happy to take my business to a competitor. If Internet access is not mandatory, you are describing "sometimes an air gap is inconvenient", not "sometimes an air gap is impossible".
There are techniques like "Hello my name is Solicitor Darren White, my client has just deceased and left you a sum of $1,000,000,000 (ONE BEEELLION DOLLARS)...". There are also techniques like "Registration is now open for [industry-relevant convention], please visit [malware-infected site] to sign up so you can keep up with new developments." Beyond that are very individualized attempts to gain the target's confidence, perhaps involving apparently independent contacts -- persona A contacts the target over a job board, persona B uses some of that information to ask for a supplier reference, eventually culminating in executable code delivered directly to the target in hopes that it will bypass virus checks and be executed on a sufficiently privileged computer. More sophisticated social engineering techniques will usually be more narrowly tailored and more costly for the attacker to use.
On the one hand, you have to worry about security holes in the USB driver and file system.
On the other hand, you have to worry about security holes in every piece of software that talks to the network.
If I really wanted to reduce exposure for a network, I would probably use single-session CDs to cross the air gap, and make sure to pack any extra space with random data.
Which people do you think I am describing? There certainly are a lot of weirdo extremists in the environmental-activist camp, but I wasn't really thinking about them. If you want me to ignore the weirdo extremists on that side, will you ignore the weirdo extremists on the other side? More significantly, will media and activists stop focusing on the (conveniently distracting) anti-AGW weirdo extremists so that we can pay more attention to what actually can and should be done?
What specific steps do the reasoned thinkers recommend as "what actually needs to be done"? Last I heard, European countries were revising or just rolling back climate agreements because (a) they realized they couldn't achieve their goals without reducing their quality of life, (b) they realized the system was being gamed, and/or (c) they wanted to keep up with the countries who didn't sign up to those agreements.
Lots of people believe in ghosts. Lots of people also believe in people who "think[] that human activities have no impact on climate change". There's about as much hard evidence in one of these beliefs as in the other.
When climate alarmists stop pretending that the dispute is over the degree of human influence on climate, and how much different countries should spend to mitigate anthropogenic climate change (or other kinds!), they might start to get traction with skeptics. Also when they start acting like the situation is as bad as they claim it is.
I know that when I used an electric sous vide cooker to make pork chops for dinner last night, it was worse for the climate than if I ate raw vegetables, and better than if I grilled a slab of steak over a bonfire. I know that living in the suburbs emits more greenhouse gases than living in a tiny apartment in a big city. I am thoroughly unconvinced that forcing most people to live like the alarmists claim we should (but usually don't live themselves) will yield the claimed benefits, or be worth the costs even if the benefits would be as claimed.
I called it cheating because they violated both one of the prime rules of AI: train on a data set that is more or less representative of the data set you will test with, and one of the prime rules of statistics: do not apply a priori statistical analysis when you iterate with feedback based on the thing you estimated. Their test images are intentionally much different from the training images, which is one of the first things an undergraduate course on AI will talk about. They also use what are essentially a priori estimates after they repeatedly tweak the inputs to push those estimates to extremes, which is identified as taboo in decent undergraduate courses on statistics. Both of those are intentional violations of good practices that make the results look worse for the neural networks.
I can't tell from their paper what they mean by "99% confidence". Unless the DNN has max-pooling layers very near the output, none or many of the output units might have high activation levels for a given input. (It sounds like they had classes with low typical activation levels, and did not try to evolve fooling images for those classes.) If that happens -- say, "wheel" gets a score of 0.99, "lizard" gets 0.90, "dog" gets 0.80, and everything else is near zero -- then it is inappropriate to say that the network decided it was a wheel with 99% certainty. You would usually say that the network recognized the image as a wheel, but note it as an ambiguous result.
Why was my characterization of their approach "hardly fair"? Someone -- either the researchers or their press people -- decided to hype it as finding a general failing in DNNs (or "AI" as a whole). The failure mode is known, and their particular failure modes are tailored to one particular network (rather than even just one training set). I think the "hardly fair" part is the original hyperbole, and my response is perfectly appropriate to that. The research is not at all what it is sold as.
Don't multi-class identification networks typically have independent output ANNs, so that several can have high scores? I assumed, perhaps incorrectly, that the 99+% measures they cited were cases where only one output class had a high score, and the rest were low. If they were effectively using single-class identifiers, either in fact or by considering only the maximum score in a multi-class identifier, that makes their findings even less notable.
The researchers also basically cheated by "training" their distractor images on a fixed neural network. People have known for decades that a fixed/known neural network is easy to fool; what varies is exactly how you can fool it. The only novel finding here is their method for finding images that fool DNNs in practice -- but the chances are overwhelmingly high that a different DNN, trained on the same training set, would not make the same mistake (and perhaps not make any mistake, by assigning a low probability for all classes). It is a useful reminder for some security analyses, but not a useful indictment of AI or DNNs as a whole.
The people choosing the training sets are not morons at all. This "research" is almost exactly analogous to finding that this year's SAT can be passed by feeding it a fixed pattern of A, C, D, A, B, and so forth -- and then declaring that this means standardized testing is easy to fake out. They are exploiting the particular structure of a particular instance of a DNN. It is not surprising that they can find odd images that make a DNN answer "yes" when the only question it knows how to answer is "is this a rotary phone dial?"
The last time I frequently used a US bus system -- about 15 years ago, in Pittsburgh -- they used a zone system, with the fare based on your origin and destination zones, and most bus routes crossing at least one zone boundary. The last time I used a public bus -- about 5 years ago, in Japan (Yamanouchi, Nagano Prefecture) -- riders took a numbered ticket when they boarded, and their exact fare to the next stop was displayed on an LCD panel. I would guess that US cities avoid exact metering in order to subsidize their passengers who live far away from their workplace; these are the most frequent riders, and tend to be lower-income.
Yes, and you have effectively described Uber's concept for driverless transport. It won't look anything like today's buses, and the only real similarity is that strangers share road vehicles.
If you go from ten single-occupancy cars to a ten-passenger bus, you've eliminated 90% of the vehicles at the (relatively low) cost of adding one more driver. Eliminating the bus driver gets you from eleven people in the bus to ten, which is probably not as important as other efficiency improvements. Also, buses are awful unless you have quite high population density -- lots of areas don't have enough prospective trip endpoints to justify mass transit.
And in your world, how do you deal with unicorn overpopulation?
When you have one district that breaks down mostly into two significantly different constituencies -- whether they are based on race, class, rural versus suburban, or whatever else -- the way politicians react in reality is that they focus their appeal on one of the constituencies, try to increase turnout for that constituency, and discourage turnout for the other one. It's just gerrymandering of a different kind.
District-drawing very much should recognize communities. If you can avoid it, it does not make sense to have districts that are half suburban and half agricultural, or half high-end gentrified downtown and half working-class and poor. Unfortunately, as you point out, the judgment involved does make it easier to slip in some degree of gerrymandering.
The US is even better in that respect. If our federal government went out to lunch for 18 months (which might be a reduction for some of our Washington politicians...) we would still have 51 governments plus the territories.
Your "status card" is essentially recognition of the marriage by the government by another name. I have also barely scratched the surface of the issues. If the government doesn't recognize a marriage, then presumably it treats a "spouse's" inheritance as taxable income -- the US Supreme Court's first case on the question was over that very point (a lady in NY state died, the federal government's policy was to not recognize her state-recognized marriage to another lady, and thus the IRS wanted to tax the inheritance as income to the second woman). Maybe all inheritances should be tax-free, but a lot of people already seem sensitive over estate taxes now.
Government recognizes marriages for a lot of reasons, many relating to how much the two people are expected to rely on each other in case of hardship, and most of the rest relating to raising children. Even very good roommates are unlikely to share burdens in the same way, so it doesn't seem quite right to extend the current benefits of marriage to simple cohabitants.
So doctors should ask your estranged sister instead of your soul mate about what extreme measures you would approve of? Your retired parents should get all your worldly goods, and the person you made a life with should be left to beg them for money so that he or she can feed your children? In those cases in particular, most people would prefer that a spouse get precedence over blood relatives, and the law currently recognizes that priority.
My last hypo is this: Andi and Sam have a kid. They split up, and are now shacking up with others. Which of the adults are allowed to pick the kid up from school, or authorize field trips, or review medical records? Saying "family" doesn't cut it: there are two parents, who are perhaps unlikely to agree on major decisions, and two other step-parents (except that, in your proposed world, the law doesn't recognize such a relationship because it doesn't recognize either Andi or Sam as being re-married).
Legal recognition of "marriage" includes a lot of useful side effects that make it hard to get government out of recognizing marriages. Who should a hospital consult if a person is incapacitated but needs a medical decision to be made: a roommate, a blood relative, or someone else? Who inherits belongings if the decedent did not leave a will? If the parents of a child no longer live together, should their current cohabitants be regarded as legal guardians of the child?
Slashdot Mirror
Lots of 4A searches do not require warrants -- searches incident to arrest, custodial searches, searches with consent, and probably more. The warrant requirement only kicks in when a warrantless search would be "unreasonable" (violate a reasonable expectation of privacy, and such expectation is narrower than most non-lawyers would believe).
The single-session CD is supposed to come from an unsecure network. What good will putting it back there do an attacker?
I am not thinking small, I am thinking rational. You are assuming an "insan[e]" attacker, which is rather silly. I'm not claiming that single-session CDs will make a system unbreachable, or that you should try to. My claim is simply that using single-session CDs (in a controlled, hygenic way) makes the cost to breach a system much higher than the alternatives that were suggested (network and USB) -- not even that single-session CDs are always the right solution.
Do you have any idea that there are known good practices for checking entered data before committing to it? And that most people would want to apply this kind of check before kicking off a production run, of just about anything, regardless of how the order was sent to the system?
What is it about this topic that makes people forget basic engineering practices?
If you have a air-gapped system, you don't let people plug either random USB devices or random Ethernet devices into it. You help enforce this by disabling USB ports, MAC-locking switch or router ports, making it clear that only specific authorized people can import data, and making sure those authorized few use hygienic practices. It's IT security, not brain surgery.
Sure... if.
1) If you can define the protocol to be simple enough, and
2) if you can be sure that only the intended application will process the data stream on the secure side, and
3) if you actually test that application enough to be confident it is secure, and
4) if you can ensure that sensitive information will not (improperly) leak back down the other direction, and
5) if you use it often enough to pay for that development cost, and
6) if you can resist the pressure to add features or "generality" to the protocol that makes it more costly to ensure secure processing...
then maybe such a protocol makes sense. Maybe somebody somewhere has satisfied all those ifs, but I would suspect not. For your simplified example, it is probably cheaper -- and just as secure -- to have an operator enter the dozen or so keystrokes to order "produce x amount of class y steel" than to design, build, install and support a more automated method. Human involvement has the added bonus of (nominally) intelligent oversight of the intended behavior for the day.
The point of an air gap is to make data transfers much more controlled. Some can be crossed regularly (with appropriate control), and some should not. One should only adopt any security measure after a cost-benefit analysis. The depth and rigor of that analysis should be determined by the expected costs (ongoing/operational) and potential costs (from a successful exploit).
Thus, I said "If I really wanted to reduce exposure", not "Everybody should do this to reduce exposure". If the productivity costs are very high, you had better impose enough oversight to deter or catch any policy violations... or choose a security policy besides "air gap". My basic points stand: much more software regularly talks to a network than regularly reads from CDs, and the protocols involved are much more complex for network communications; and USB sits in between those two.
FWIW, industrial control instructions can be made much more regular than arbitrary data, making it easier to detect a compromise before it reaches its ultimate target. For example, if the usual file size is 1 MB, you had better have a good reason for it to suddenly be 3 MB. If you are really paranoid, you might have a format checker or sanitizer to act like a very application-specific antivirus.
What compels the management to hook the control network up to the Internet? If a vendor told me that their safety-impinging product needed Internet access to run -- for a license check or for any other reason -- I would tell them to go pound sand, and I'd be happy to take my business to a competitor. If Internet access is not mandatory, you are describing "sometimes an air gap is inconvenient", not "sometimes an air gap is impossible".
There are techniques like "Hello my name is Solicitor Darren White, my client has just deceased and left you a sum of $1,000,000,000 (ONE BEEELLION DOLLARS)...". There are also techniques like "Registration is now open for [industry-relevant convention], please visit [malware-infected site] to sign up so you can keep up with new developments." Beyond that are very individualized attempts to gain the target's confidence, perhaps involving apparently independent contacts -- persona A contacts the target over a job board, persona B uses some of that information to ask for a supplier reference, eventually culminating in executable code delivered directly to the target in hopes that it will bypass virus checks and be executed on a sufficiently privileged computer. More sophisticated social engineering techniques will usually be more narrowly tailored and more costly for the attacker to use.
On the one hand, you have to worry about security holes in the USB driver and file system.
On the other hand, you have to worry about security holes in every piece of software that talks to the network.
If I really wanted to reduce exposure for a network, I would probably use single-session CDs to cross the air gap, and make sure to pack any extra space with random data.
Which people do you think I am describing? There certainly are a lot of weirdo extremists in the environmental-activist camp, but I wasn't really thinking about them. If you want me to ignore the weirdo extremists on that side, will you ignore the weirdo extremists on the other side? More significantly, will media and activists stop focusing on the (conveniently distracting) anti-AGW weirdo extremists so that we can pay more attention to what actually can and should be done?
What specific steps do the reasoned thinkers recommend as "what actually needs to be done"? Last I heard, European countries were revising or just rolling back climate agreements because (a) they realized they couldn't achieve their goals without reducing their quality of life, (b) they realized the system was being gamed, and/or (c) they wanted to keep up with the countries who didn't sign up to those agreements.
Lots of people believe in ghosts. Lots of people also believe in people who "think[] that human activities have no impact on climate change". There's about as much hard evidence in one of these beliefs as in the other.
When climate alarmists stop pretending that the dispute is over the degree of human influence on climate, and how much different countries should spend to mitigate anthropogenic climate change (or other kinds!), they might start to get traction with skeptics. Also when they start acting like the situation is as bad as they claim it is.
I know that when I used an electric sous vide cooker to make pork chops for dinner last night, it was worse for the climate than if I ate raw vegetables, and better than if I grilled a slab of steak over a bonfire. I know that living in the suburbs emits more greenhouse gases than living in a tiny apartment in a big city. I am thoroughly unconvinced that forcing most people to live like the alarmists claim we should (but usually don't live themselves) will yield the claimed benefits, or be worth the costs even if the benefits would be as claimed.
I called it cheating because they violated both one of the prime rules of AI: train on a data set that is more or less representative of the data set you will test with, and one of the prime rules of statistics: do not apply a priori statistical analysis when you iterate with feedback based on the thing you estimated. Their test images are intentionally much different from the training images, which is one of the first things an undergraduate course on AI will talk about. They also use what are essentially a priori estimates after they repeatedly tweak the inputs to push those estimates to extremes, which is identified as taboo in decent undergraduate courses on statistics. Both of those are intentional violations of good practices that make the results look worse for the neural networks.
I can't tell from their paper what they mean by "99% confidence". Unless the DNN has max-pooling layers very near the output, none or many of the output units might have high activation levels for a given input. (It sounds like they had classes with low typical activation levels, and did not try to evolve fooling images for those classes.) If that happens -- say, "wheel" gets a score of 0.99, "lizard" gets 0.90, "dog" gets 0.80, and everything else is near zero -- then it is inappropriate to say that the network decided it was a wheel with 99% certainty. You would usually say that the network recognized the image as a wheel, but note it as an ambiguous result.
Why was my characterization of their approach "hardly fair"? Someone -- either the researchers or their press people -- decided to hype it as finding a general failing in DNNs (or "AI" as a whole). The failure mode is known, and their particular failure modes are tailored to one particular network (rather than even just one training set). I think the "hardly fair" part is the original hyperbole, and my response is perfectly appropriate to that. The research is not at all what it is sold as.
Don't multi-class identification networks typically have independent output ANNs, so that several can have high scores? I assumed, perhaps incorrectly, that the 99+% measures they cited were cases where only one output class had a high score, and the rest were low. If they were effectively using single-class identifiers, either in fact or by considering only the maximum score in a multi-class identifier, that makes their findings even less notable.
The neural networks in question were absolutely trained with supervision. Unsupervised learning is a quite different thing.
The researchers also basically cheated by "training" their distractor images on a fixed neural network. People have known for decades that a fixed/known neural network is easy to fool; what varies is exactly how you can fool it. The only novel finding here is their method for finding images that fool DNNs in practice -- but the chances are overwhelmingly high that a different DNN, trained on the same training set, would not make the same mistake (and perhaps not make any mistake, by assigning a low probability for all classes). It is a useful reminder for some security analyses, but not a useful indictment of AI or DNNs as a whole.
The people choosing the training sets are not morons at all. This "research" is almost exactly analogous to finding that this year's SAT can be passed by feeding it a fixed pattern of A, C, D, A, B, and so forth -- and then declaring that this means standardized testing is easy to fake out. They are exploiting the particular structure of a particular instance of a DNN. It is not surprising that they can find odd images that make a DNN answer "yes" when the only question it knows how to answer is "is this a rotary phone dial?"
The last time I frequently used a US bus system -- about 15 years ago, in Pittsburgh -- they used a zone system, with the fare based on your origin and destination zones, and most bus routes crossing at least one zone boundary. The last time I used a public bus -- about 5 years ago, in Japan (Yamanouchi, Nagano Prefecture) -- riders took a numbered ticket when they boarded, and their exact fare to the next stop was displayed on an LCD panel. I would guess that US cities avoid exact metering in order to subsidize their passengers who live far away from their workplace; these are the most frequent riders, and tend to be lower-income.
Yes, and you have effectively described Uber's concept for driverless transport. It won't look anything like today's buses, and the only real similarity is that strangers share road vehicles.
If you go from ten single-occupancy cars to a ten-passenger bus, you've eliminated 90% of the vehicles at the (relatively low) cost of adding one more driver. Eliminating the bus driver gets you from eleven people in the bus to ten, which is probably not as important as other efficiency improvements. Also, buses are awful unless you have quite high population density -- lots of areas don't have enough prospective trip endpoints to justify mass transit.
And in your world, how do you deal with unicorn overpopulation?
When you have one district that breaks down mostly into two significantly different constituencies -- whether they are based on race, class, rural versus suburban, or whatever else -- the way politicians react in reality is that they focus their appeal on one of the constituencies, try to increase turnout for that constituency, and discourage turnout for the other one. It's just gerrymandering of a different kind.
District-drawing very much should recognize communities. If you can avoid it, it does not make sense to have districts that are half suburban and half agricultural, or half high-end gentrified downtown and half working-class and poor. Unfortunately, as you point out, the judgment involved does make it easier to slip in some degree of gerrymandering.
The US is even better in that respect. If our federal government went out to lunch for 18 months (which might be a reduction for some of our Washington politicians...) we would still have 51 governments plus the territories.
Your "status card" is essentially recognition of the marriage by the government by another name. I have also barely scratched the surface of the issues. If the government doesn't recognize a marriage, then presumably it treats a "spouse's" inheritance as taxable income -- the US Supreme Court's first case on the question was over that very point (a lady in NY state died, the federal government's policy was to not recognize her state-recognized marriage to another lady, and thus the IRS wanted to tax the inheritance as income to the second woman). Maybe all inheritances should be tax-free, but a lot of people already seem sensitive over estate taxes now.
Government recognizes marriages for a lot of reasons, many relating to how much the two people are expected to rely on each other in case of hardship, and most of the rest relating to raising children. Even very good roommates are unlikely to share burdens in the same way, so it doesn't seem quite right to extend the current benefits of marriage to simple cohabitants.
So doctors should ask your estranged sister instead of your soul mate about what extreme measures you would approve of? Your retired parents should get all your worldly goods, and the person you made a life with should be left to beg them for money so that he or she can feed your children? In those cases in particular, most people would prefer that a spouse get precedence over blood relatives, and the law currently recognizes that priority.
My last hypo is this: Andi and Sam have a kid. They split up, and are now shacking up with others. Which of the adults are allowed to pick the kid up from school, or authorize field trips, or review medical records? Saying "family" doesn't cut it: there are two parents, who are perhaps unlikely to agree on major decisions, and two other step-parents (except that, in your proposed world, the law doesn't recognize such a relationship because it doesn't recognize either Andi or Sam as being re-married).
Legal recognition of "marriage" includes a lot of useful side effects that make it hard to get government out of recognizing marriages. Who should a hospital consult if a person is incapacitated but needs a medical decision to be made: a roommate, a blood relative, or someone else? Who inherits belongings if the decedent did not leave a will? If the parents of a child no longer live together, should their current cohabitants be regarded as legal guardians of the child?