Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment Re:Hasn't even begun to begin yet (Score 1) 49 49

As so often before, Henry Baker sums up the issue to perfection:

"Once again, in our asymmetric world, people who live in glass houses shouldn't be throwing rocks—especially at those who don't live in glass houses". http://catless.ncl.ac.uk/Risks...

It's quite certain that, of all the nations in the world, the USA has far more to lose from "cyberwar" than any other.

Comment Re:You don't fight "cyberbattles". (Score 1) 49 49

I'm not convinced. History is full of instances to the contrary: cases in which a general failed because his army was too big for him to control. Indeed, there is a well-known story about a war in which the leading general of Nation A was warned that Nation B's commander-in-chief had 50,000 soldiers whereas Nation A had only 20,000. Nation A's general smiled and relaxed. "Why are you acting so pleased to hear that you are outnumbered two-and-a-half to one?" asked his alarmed subordinates. "Ah, I know General X," he replied. Given 10,000 men he is very competent. I think he could just about handle 20,000. But given 50,000 he will spend all his time trying to keep track and get organized. While he is doing that, we shall move in quickly and defeat him. It will be easy".

Comment Hasn't even begun to begin yet (Score 1) 49 49

Disclaimer: Like many other, I abhor and reject all terms including "cyber" except "cyberspace" in its proper meaning (see William Gibson's novel "Neuromancer") which has very little in common with the Internet or any other present-day technology.

That said, yes - "cyberwar" is entirely possible and would be immensely harmful. But no, we have not seen anything even slightly related to full-blown "cyberwar". If it happened, we would notice: trust me. It would blow the doors off computer systems most people have no idea exist: systems that give them power, light, water, network access (of course), banking, medical services, education, food, etc. etc. Our present posture in this respect is basically that of a person camping in the woods who has been told there are grizzly bears around, and whose response has been to tie himself up stark naked and hang himself from a tree at convenient nibbling height.

It must have been about 20 years ago that I began lecturing and writing about the security risks of software systems. I always kept it as short and simple as I could, since I realize that security is not only very counter-intuitive but (to most people) appallingly boring. But I usually wound up with a warning: there were many threats, ranging from the trivial to the extremely serious; there was hardly any defence; and hardly anyone was taking the trouble or investing the resources to put up any defence at all. The only good news, I added, was that so far criminals had made no real efforts to exploit all the juicy vulnerabilities spread out before them. That wouldn't necessarily last, I warned.

The same remarks, mutatis mutandis, apply to "cyberwar". It would cause far more harm than criminal exploitation, because the objective of war is to bring about complete defenselessness and unconditional surrender. Look at Iraq after the second Gulf war, and imagine that happening to all the IT infrastructure you know about (and that you don't know about). And, due to the design of the Internet and the amazingly insouciant carelessness of governments and corporations, our infrastructure is almost completely unprotected. What we have seen so far is analogous to a few spies and skirmishers probing the most obvious weaknesses. They have deliberately refrained from even hinting at what they could really do, because (as Sun Tzu pointed out)

"Speed is the essence of war. Take advantage of the enemy's unpreparedness; travel by unexpected routes and strike him where he has taken no precautions".

Comment Re:Why? (Score 1) 166 166

"And like I love, like, when a 16 year old, like, writes articles about stuff, like, they don't fully understand, like now. like dude".

That's rather funny, in view of some of the comments here about MUMPS' technical features. Criticizing a programming language and database management system based on a few lines of remarks made by someone who may not know much about it either... doesn't make a lot of sense.

What cuts a bit more ice with me is that MUMPS is still being used - by the people who are responsible for getting the work done.

Comment We need accountability (Score 2) 128 128

Whatever your political disposition, it must surely be obvious that - just as in the world of banking and finance - the incentives are dangerously skewed. The arguments in favour of private enterprise focus on efficiency and the profit motive. So far, so good: but how are we to guarantee the quality of work done by private enterprise? It's surprisingly easy to enter the low bid, and then use weasel methods to deliver far less than was required and promised.

Take the analogy of big banks. They gamble dangerously, so dangerously in fact that they are almost certain to fail after a fairly short time. Because they gamble so riskily, they make big profits. Then, when they step on a mine and get blown up, instead of being allowed to go bankrupt, they are bailed out by government using taxpayers' money. This has been described as "social security for the rich". The obvious solution is to forbid the creation of banks "too big to fail", and then allow nature to take its course. Also, no doubt, to enforce the separation between everyday consumer banking and legalised gambling.

When it comes to government contracts, especially for potentially very dangerous projects such as nuclear power stations, we need to demand a far greater degree of accountability from the contractors. The Romans are said to have required that, whenever a new bridge or aqueduct was built, the designers and architects should stand underneath it. That gave them a powerful personal interest in safety; and they built in such adequate safety factors that much of their work is still standing (and even usable) today.

What is the modern day equivalent of making an engineer stand underneath an aqueduct as it fills with water? If an industrial accident of any kind happens, possibly causing great harm, all those responsible should have to answer for their actions. Maybe the death penalty would be excessive, but certainly very long jail sentences would be in order. For a corporation, perhaps a fine equal to twice its annual profits coupled to prison sentences for all executives involved...

It will be objected that this would raise the cost of such projects excessively. So be it: if there is a serious element of danger, the cost of avoiding that danger must be factored in. If we can't afford the project, again so be it.

Comment Re:"It's all about perception" (Score 2) 371 371

My, what a long comment! And all based on a misunderstanding. Of course I do know that "Hill Street Blues" is fiction. But one of the reasons I enjoy it is that it appears to be accurate, realistic fiction. Regardless of the many details, the basic plot idea I mentioned - a political boss who is willing and eager to throw a subordinate to the wolves "for the look of it", regardless of the facts - is something that is common in real life.

Comment Re:"It's all about perception" (Score 1) 371 371

Actually I do think about these things before I write. The Daily Mail story is something quite unusual nowadays: a well-researched, fully documented, professional piece of journalism. We already knew that Sir Tim Hunt was a distinguished scientist who has made great contributions to his field. After reading the story, it's clear that his accuser is not quite what she pretends to be - to say the very least.

In short, my reaction might sound "pretty kneejerk" to you - but it's not.

Comment "It's all about perception" (Score 4, Interesting) 371 371

We see this kind of outcome all over the place nowadays. It's mostly because those in positions of power are far too worried about public perception. (Of course, their almost complete lack of any firmly held moral principles leaves them adrift, and very much at the mercy of popular sentiment). Obviously Sir Tim Hunt is of infinitely more value to society than Connie St Louis - a glance at the Daily Mail story referred to in the summary makes that clear. So why was he forced to resign as a kneejerk reaction to a wave of ephemeral indignation, which will be forgotten by next week (and it's Saturday as I write)?

Recently I have been glued to a box set of the complete "Hill Street Blues" - yes, I know that telegraphs my age and unadventurous taste in TV. It was only the other night that I got quite angry at the spectacle of the police chief twisting Captain Furillo's arm to get him to abandon his defence of an apparently "bad cop". This guy, a narcotics agent, had shot and killed a young black man while interrupting some suspicious activity in the small hours. The cop claimed that he had given due warning, and fired only after being fired on - all of which was true. Also, the group he tried to apprehend were in fact committing crimes. Nevertheless, the police chief tells Furillo that it's vital for the department to be seen to throw this "bad cop" to the wolves. It's all about perception, he explains. The facts don't matter at all; all that counts is that this is a good time to throw someone to the wolves.

University College London (UCL) has indeed stained its reputation. Its refusal even to consider reinstating Professor Hunt makes matters worse. And Britain, which seems to prefer Ms St Louis to Professor Hunt, will get what it has chosen. Not to its advantage.

Like punning, programming is a play on words.

Working...