Schneier on Security
A blog covering security and security technology.
« Interdicting Terrorist Funding |
| Missed Cellphone Calls as Bomb Triggers »
November 29, 2005
A Science-Fiction Movie-Plot Threat
This has got to be the most bizarre movie-plot threat to date: alien viruses downloaded via the SETI project:
In his [Richard Carrigan, a particle physicist at the US Fermi National Accelerator Laboratory in Illinois] report, entitled "Do potential Seti signals need to be decontaminated?", he suggests the Seti scientists may be too blase about finding a signal. "In science fiction, all the aliens are bad, but in the world of science, they are all good and simply want to get in touch." His main concern is that, intentionally or otherwise, an extra-terrestrial signal picked up by the Seti team could cause widespread damage to computers if released on to the internet without being checked.
Here's his website.
Although you have to admit, it could make a cool movie
EDITED TO ADD (12/16): Here's a good rebuttal.
Posted on November 29, 2005 at 7:16 AM
• 59 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
There is one redeeming feature about this story - the guy has nothing to do with security
The 1997 movie "Contact" has Jodie Foster as the gung-ho scientist and Tom Skerritt as the White House scientific advisor being all suspicious about the motives of the alien communication (and later on trying to take the credit). Much more of course, but the plot has already been partially addressed.
The plot made not just a good book but a movie as well, it was called "A fro Andromada" and was written by Fred Hoyle who was a very very respected astronomer at the time...
Should have added that the movie "Contact" was based on a book by Carl Sagan, who also acted as a consultant during the making of the film.
The book "Odyssey 3001" by Arthur C. Clarke has a similar plot element. This was also stated as one of the reasons why "Nature" rejected Mr. Carrigan's article on the subject..because it contained no new scientific achievement.
In the movie "Independence Day", as seen from the viewpoint of the Extraterrestrials, their mother ship was taken out by an alien (i.e. Terran) computer virus.
Methinks Carrigan has been looking in the mirror too ;-)
Actually, the embedded into SETI work units is SO bad (A single signal only goes to a few computers anyway), that it sounds like really BAD sci-fi. So bad that he should go write for Threshold.
And don't forget that the Terrans defeated the evil invaders in the movie "Independence Day" by hacking the aliens' mothership's computers.
The current TV series 'Threshold' is actually using this very storyline: If listened to or seen, the alien signal infects anyone and anything in order to propagate.
@Stu and Moshe: Yeah and that was always one of the weakest points of the plot. "Alien" technology is very likely so much different from ours -and vice versa- that they are bound to be more than incompatible.
Another SF version: "The Cassini Divison", by Ken Macleod. In this case, the "aliens" are hyperevolved human/AI composites living in Saturn. They flood the Solar System with viral transmissions so infectious that the rest of the System has to redesign their computing tech to avoid the attacks. (Some techie groaners in there, but whatever, it's a good read anyway.)
The real issue here is the "program/data" distinction. I seriously doubt the SETI analyzers are even eqpuipped to treat the signals as "program code" for anything, let alone the x86 processors running most of those screensavers.
Several mentions of terran computer viruses in Independence Day. Don't forget that in the original War of the Worlds, the Martians were taken out by natural terran viruses. At least in the original. I can't stomache Tom Cruise.
"And don't forget that the Terrans defeated the evil invaders in the movie 'Independence Day' by hacking the aliens' mothership's computers."
Didn't we download a Windows virus?
I certainly wouldn't discount the possibility that there is some bit string out there that could do incredibly evil things. I think that it's highly unlikely, but possible.
However, I would posit that the difference in the probability of finding this evil bit string in alien transmissions versus finding it in random data is infinitesimal. But malicious alien invasions sound so much more interesting.
I guess the answer is to not double-click on anything the aliens send you.
No problemo. Next time we send a spaceship with a disk on it, let's make sure it is rootkit-loaded, a la Sony. Take that!
Yeah, but end-users will never learn. They open everything, and before you know it we'll be getting all sorts of spam from Alpha Centauri. "Click here for hot zz'g'ord action!"
Tangentially related is the television-borne reality distortion field employed by the aliens in "They Live!".
Imagine what could happen if the evildoers' signal came not from outer space, but from our very own critical communications infrastructure!
The ill-protected emergency broadcast system, and the tsunami false alarm that hit the west coast recently prove that IT COULD HAPPEN.
Sorry, hit submit too soon...
It's a horror movie called "Virus", staring Jamie Lee Curtis. A signal from space infects a computer on an abandoned ship. For some reason, it can control tools, like saws (I guess this is the horror part of it). The twist (spoiler alert!) is that the source of the signal considers humans to be the virus, infecting the earth.
"I guess the answer is to not double-click on anything the aliens send you."
Unless you're expecting it, of course.
If I recall correctly, in Independance Day, they (Jeff Goldblum) used a macintosh to transmit the virus!
This is actually most like a reference to Vernor Vinge's "Fire Upon the Deep".
There, a transport ship is carrying a one-third XOR of a one-time pad sufficient for the communication needs of a dozen planets for some time. They are concerned that a beyond human-comprehension space entity has compromised their cargo with a self-describing sentience, which could infect entire communication systems if the cargo were used.
what's the absolute worst thing that can happen here? aliens take over my computer, i'll just get a new one from staples. what are they gonna do, send alien messages to everyone on my contacts list? trade in my brokerage account?
I didn't know aliens used TCP/IP-based network systems.
"If I recall correctly, in Independance Day, they (Jeff Goldblum) used a macintosh to transmit the virus!"
Do the aliens use big-endian or little-endian date formats?
One of Ken McLeod's books had that as a plot element, although the aliens were actually trans-humans.
I'm surprised noone has mentioned 'Species' where an alien DNA sequence was received and encoded. It produces a killer super warrior mommie bent on mayhem and reproduction. Wow, that would make a great study piece for a Womens Studies paper--but a poor security paper.
My impression the last time I looked at the SETI screensaver running was that the downloads were data that it was doing something that looked like FFT's on. It's hard to imagine compromising a computer with some pattern fed into an FFT.
Does anyone know if the SETI downloads might contain interpreted code that tweaks the processing? That might be possible to compromise by earth-borne hackers, though ET's are still awfully far-fetched.
There's also the books by Eric Nylund, starting with "Signal to Noise," which explores what happens when you do indeed double-click on the attachments the aliens send.
@Bruce: "Didn't we download a Windows virus?"
You're being redundant.
Looks like another nut who wants to be the one who said: "I TOLD YOU SO!!"
Interesting how a person can be a technical expert in one field (particle physics, yet) and an absolute fruitcake when it comes to something else.
If the aliens are writing viral code to infect terran based computers, that would mean they've tested the virus. If they have tested the virus on their own machines and they never actually visited Earth, then that means they probably have a pirated copy of windows. bill gates could use his immense money to sue the aliens into insolvency and remove the threat. P2P finally wins!
Of course, the feasibility of these scenarios depends heavily on the aliens knowing which buffer overflows to exploit. Even among us humans, a major intelligence agency could produce some stupendously malicious data packets--things that could completely compromise a system in the blink of an eye.
A malicious SETI signal, though, couldn't count on known security holes or even a known instruction set (unless the aliens had big telescopes at Alpha Centauri). The best bet for successfully compromising a terrestrial network would be to design an attack that worked for "greedy, gullible sentients". If an alien message, for example, contained plans for building Drexlerian nanotechnology, some damn fool would surely try them out.
In other words, until the aliens have a copy of Windows, we only need to worry about interplanetary 419 scams.
(And I strongly recommend Vinge's _A Fire Upon the Deep_, by the way. Not only is a lot of fun, but the computer science is very plausible. A main character once worked as an "archeologist programmer"--a maintainer of a 5,000 year old legacy system. I have nightmares about that...)
"Didn't we download a Windows virus?"
Maybe, but he built it on a Mac ... not that it matters ;-)
While it's good that the public should be made aware of such serious threats to our infrastructure, I'm concerned that Mr. Carrigan's work could serve as a 'roadmap' to potential alien terrorists. He could be inadvertantly putting our planet in grave danger.
So we send a signal out, say 50 light years, the aliens find an exploit in the signal, not the system mind you, then send it back 50 light years, where it finds ancient computers still in use to exploit. Perhaps we just need a decent upgrade cycle on the hardware side?
BTW, Contact was really just a remake of a '50s scifi movie. I saw it on TV in the '70s but haven't been able to track it down. In the '50s version, the "aliens" use social engineering to disrupt the earth.
Scientist receives radio signal from outerspace but can't communicate until his brilliant to be son points out they have to know about PI to have radio. Soon comms are working well. Only the messages send the western nations into turmoil as stock markets crash on news of alien technology and socialism. The government suspects the signal is not from outerspace but from some Russian guy in the Himalayas. Then a message is received of a religious nature, western world calms down, communist world has turmoil. They raid the guy in the Himalayas but his log has no record of the last message they received. Cue the scary music, fade to black.
Doesn't this sound a lot like contact only without the space rollercoaster? Anyone know the name of this movie?
Haha. This does sound absurd, but I don't disagree as strongly as you guys that this is an attack vector.
I agree that an advanced civilization (such as one that knows predicate logic) has not much of a chance manipulating the reality of a primitive civilization by using propositional logic. The system is very limited and closed. I don't think they can hack into computers.
However, execution of code on data has side-effects outside the von Neumann machine such as temperature changes, radiation, etc. We have not proved that all electromagnetic signals under a certain amplitude are safe to humans; we just live and assume that they are ok (remember the cell-phone vs brain cancer debates). There is no theory, just empirical and statistical studies.
So, BIG-IF aliens knew such a low-power waveform that could hurt us with their ultimate science, they could make us emit those signals ourselves by sending us carefully crafted data. I know you are laughing now. I too think that it's extremely-squared unlikely (but my estimates of the likelihood of what science can do is very limited).
"Do the aliens use big-endian or little-endian date formats?"
Neither. Aliens use the superior Windows XP OS, of course. ;)
This plot also occurred in Neal Stephenson's class novel Snow Crash.
SANS has an indicator of how many people visiting their web-site are vulnerable to the latest IE exploit:
it's currently at 42%.
42% of people who are actually interested in security (why else visit SANS) haven't even patched the latest known (terrestrial) bug, and this guy is worried about alien viruses?
* Well, the patch is to replace MSIE with a better browser 8^).
The scenario of extraterrestrial beings doing this is obviously idiotic. But...
Suppose someone finds a flaw in SETI@Home that enables a data packet to get executed as code (i.e., your typical buffer overflow). How would you exploit this? It may be possible to spoof SETI's data server to get clients to download it directly from your fake server. But let's assume they are smart and all packets are signed or something (I have no idea what their data distribution protocol is).
Can you still distribute your malicious data by injecting it into the radio telescopes? Well, because they are so extremely sensitive, and monitor zillions of frequencies simultaneously, this is actually pretty easy. In fact it's quite a challenge to keep out unwanted terrestrial signals: SETI has so far had dozens of false alarms, all of which have turned out to be of terrestrial or satellite origin. It would probably be quite complicated to arrange the signal to be formed into the corrupting bit pattern you wanted after sampling, digitising and encoding, but it is not obviously impossible unless pains are taken to prevent it.
For that matter, who is to say that all SETI staff are trustworthy and all SETI hosts are secure?
In short, anyone who is in the business of distributed computing projects should take pains to ensure that data --> code conversions are impossible at the client end, and that data is tested for malformation before distribution from the server end (as well as, obviously, protected from tampering in transit). It doesn't matter whether the data be about putative alien signals, protein folding, or even anti-virus signatures.
Hmm. As this computational model becomes more popular -- and there are already companies talking about doing this commercially, and paying the PC owner a commission to sell time on his machine to a random unknown -- we probably need to have some clear thoughts about sandboxing these sorts of applications. I suspect the screensaver model may have to go.
Oh, final random thought: aliens good or bad?
Given that we encounter extraterrestrial beings (a rather enormous "if"!), then we know that they are exploring interstellar space (since we aren't). It follows that they are intelligent, inquisitive and exploratory. Therefore by analogy with terrestrial species, they are probably predators (doesn't take much intelligence to catch grass), and territorial, and hence aggressive. Hmm, aggressive territorial predators, just like us.
Extraterrestrial aliens bad. We do not want to meet them on their terms.
"And I strongly recommend Vinge's _A Fire Upon the Deep_, ... A main character once worked as an "archeologist programmer"--a maintainer of a 5,000 year old legacy system. I have nightmares about that..."
On the other hand, one of the characters also works as a combat programmer. Now there's a job where your code has to run right the first time ... with the ultimate incentive.
Agreed, there's no patch yet. I used "patch-ED" loosley meaning "applied patch or workaround", sorry about any confusion.
Good point about the false positives. No idea how they're detecting IE (unless they're downloading something to crash the box and looking for connections that suddenly dropp :-)
I doubt anyone would bother trying to whitelist or blacklist sites, setting different security zones etc. given how many vulnerabilities there are surrounding the security zones.
Also, the site you visit may be trustworthy, but they may be hosting ads from a site that got hacked
BTW, the counter is back up to 41% :-)
@Roger: this is getting silly but...
"Can you still distribute your malicious data by injecting it into the radio telescopes?"
OK, so you do that. It infects the few SETI@home computers which were given that bit of data. Then what?
> Extraterrestrial aliens bad. We do not want to meet them on their terms.
Assuming your terrestrial analysis applies, that's a pretty good point.
Of course, since alien life evolved elsewhere, it may not follow standard terrestrial patterns. It all depends on whether or not life (if it exists anywhere else) follows similiar or divergent evolutionary processes in different environments. Our carbon-based DNA storing version of life might, but who knows if that's the only version :)
"It's life, Captain... but not as we know it"
More than one scientist has guessed that extraterrestrial life would be totally unrecognizable as being "alive" by our current understanding of what constitutes "alive".
Yeah, but remember, they uploaded a *MAC virus* to the alien mothership, and followed it up with a nuclear missile.
Obviously, this has *got* to be false. After all, we all know that there are no Mac viruses ;-)
Global Frequency #3 "Invasive"
one seti@home computer receives transmission and spreads a mind infecting meme that spans army of zombies in NYC - student of memetics and neuroprogramming to rescue ...
Isn't this the plot to Species? Where they transmit the DNA to their hot babe assasin and she escapes from the lab to hump her way to global domination?
Regarding safe distributed computation, Andrea Arcangeli's http://www.cpushare.org/ is an interesting approach. The idea is that the sandbox is a kernel hack which, once the sandboxed process enables it, restricts that process to a tiny set of syscalls --- basically read(), write(), and _exit(); all others return -EPERM. The manager process opens some pipes, loads the potentially hostile code, and then enables the sandbox for that process. No means is provided to disable the sandbox, so all that process can do after that is computation and chattering down its existing pipes (which are probably connected to a data-collection process which uploads them or something like that).
This pretty much restricts the set of security-violating things it can do to exploiting a security hole in the data-collection process, or observing cache effects on hyperthreaded boxes. (And since there's no way for it to tell what other processes are running, the cache 'attack' is pretty harmless.)
When I first read Richards hypothesis on ET hacking a couple of weeks ago, I felt compelled to respond. I'm one of the few security people on this planet who are also part-time researchers in radio astronomy and SETI. I felt that gave me not only the "credentials", but, in some sense, and obligation to respond. If Richard Carrigan were just some harmless old kook it would be different. But he's a retired, and distinguished, particle physicist from Fermilab. Given the U.S. governments willingness to set national policy based on really bad science, it wouldnt' surprise me to find that SETI started to fall into the same bad political place as stem-cell research. Supporting commentary from someone at one of the national labs could easily be interpreted the wrong way by the administration.
So, I wrote a paper, that the SETI League published yesterday.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.