Dan Geer on the Dangers of Computer-Only Systems

A good warning, delivered in classic Dan Geer style.

Posted on March 20, 2018 at 6:00 AM • 55 Comments

Comments

keinerMarch 20, 2018 6:22 AM

Sorry, but: Why can't read the linked homepage without allowing trash scripts? I don't want the interweb critics to use all the stuff they criticize...

Ollie JonesMarch 20, 2018 8:00 AM

Here's the 1997 "Children of the Magenta" talk by pilot Warren Vanderburgh. (Magenta is the color used by a flight automation computer to display the course it plans for an airplane.) The talk is by an airliner pilot for pilots so full of professional aviation parlance. Still, it's clear. "We are pilots, not automation managers."

https://dev-videos.com/videos/pN41LvuSz10/Children-of-Magenta

Here's William Langeweische's Vanity Fair article.
https://www.vanityfair.com/news/business/2014/10/air-france-flight-447-crash

Both are worth everyone's time, in my opinion.

asdfMarch 20, 2018 9:18 AM

As a layperson, this is a fun read & his writing style is engaging. I haven't heard of Dan Geer before now but I know I'll be following his work.

DBMarch 20, 2018 9:25 AM

So is the danger of computer-only systems here the danger of having computers write the paper? I found this unintelligible.

phred14March 20, 2018 9:35 AM

I went to the page and noticed that it's at the "Hoover Institution", which is a red flag to me. The abstract was filled with the type of innuendo that I'd expect from a Hooverite, though unusually targeted in this case. However in this case, while his writing is a bit thick, I have to agree with his concerns. I haven't time at the moment to read more than a few pages, but I haven't disagreed with what he's said so far. (Unusual for this site.)

C MeierMarch 20, 2018 9:48 AM

I sorta maybe got the sense of what he might almost have been trying to say in his abstract after about the 4th attempt at reading it. But overly dense buzzword bingo is not a writing style that should be celebrated. I gave up on the 2nd paragraph which I'm pretty sure was stolen from Snoopy'a 2nd paragraph after his classic opening "It was a dark and stormy night..."

MikeMarch 20, 2018 10:03 AM

It's not a good warning if people can't stand reading the words.

To those who understood it, can it be simplified?

ShrumplestiltskinMarch 20, 2018 10:36 AM

The comments about the unintelligible nature of the essay are funny. I can see how some people could have trouble circumnavigating his written thoughts. TBH it helps if you are familiar with his previous work and have seen him read some of his essays publicly.

hermanMarch 20, 2018 11:08 AM

Dan's writing style is tautologic, sounding as if he read too much Cicero: "Neque porro quisquam est qui dolorem ipsum quia dolor sit amet..."

Nevertheless he does manage to make a few points, but I surmise that his main objective was a mental exercise to stave off a bout of boredom on a transatlantic flight.

markMarch 20, 2018 11:34 AM

I went to the page, and (using noScript), only enabled hoover.org.

I've almost never seen so dense a collection of buzzwords and phrases in the one visible paragraph, full of presumably sound and fury, and signifying... well, who can tell?

markMarch 20, 2018 11:35 AM

Oh, and of course, after I hit it struck me that he clearly chews obfuscation (for those who saw, 20+ years ago, "Eschew Obfuscation").

albertMarch 20, 2018 12:14 PM

@Ollie,
I've read a lot about Air France Flight 447, and the Langewiesche article is the best I've seen. Thanks for the link.

@C Meier,
"...But overly dense buzzword bingo is not a writing style that should be celebrated....". I think you meant 'lingo'. Indeed. Something to be avoided. Whatever points he might have made are forever lost on me, and frankly, I don't think I missed anything. 'Classic' style? No, 'outmoded' is more accurate.

. .. . .. --- ....

CallMeLateForSupperMarch 20, 2018 12:52 PM

@mark
"[...] 20+ years ago, 'Eschew Obfuscation'"

It goes back even further than that. To the mid-1970's at least.

The Waltham, MA (Boston-area) radio show "WCRB Saturday Night"[1] encouraged listeners to submit short texts of a glib or racy or nonsensical nature, suitable for bumper stickers. The radio station selected "winners" and had bumper stickers printed. Any listener could request a small number of bumper stickers of their choosing, for free.

Time has erased my memory of all winners except "E=mc^2 +-2db"
"Chopin played with Sand"
"Eschew Obfuscation".


[1] That program provided many hours of free entertainment at a time when university claimed just about all of my money. Sadly, WCRB passed into history a few years after I graduated and left the area.

ChristopherMarch 20, 2018 1:06 PM

I enjoyed reading and thinking about that article very much. I didn't feel bad about having to flex my SAT Verbal at the work either. That itself was a pleasant enough diversion. This is a good bootstrapping article in addition to security.

Clive RobinsonMarch 20, 2018 2:44 PM

I'll be honest, I've read the first couple of pages and I'm not happy with his assumptions.

Dan calls his first assumption an axiom which is perhaps not a good idea. There is no compeling reason why the future of humanity should be conjoined with cybersecurity, unless the meaning of cybersecurity is so watered down it becomes almost meaningless. Further such an idea precludes that of mankind doing something stupid and in effect throwing themselves into a state where cyber has no meaning. That is aftetall how mankind has been for all but the last fifty to eighty years.

Then there is the bold and actually incorect statment of "Time is irreversible". Experiments have shown that "Times Arrow" has exceptions down in the quantum world. Unfortunatly it almost certainly have implications for both Quantum Computing, Quantum Randomness and potentially Quantum Key Distribution / cryptography.

If people want to know a little more about why both P and T symmetry are important then the work of Nobel Prize winning theoretical physicist Frank Wilczek might be of interest,

https://www.wired.com/2016/01/times-arrow-may-point-to-the-universes-missing-mass/

His ideas have already had practical knockon effects,

https://www.nature.com/news/the-quest-to-crystallize-time-1.21595?error=cookies_not_supported&code=12dfdfdd-de0c-4be6-abd7-aceb6ee5b3b2

But I'm not happy with Dan's statment on mittigation, redundancy and behavious in the pressence of inteligent / sentient non random actors / attackers. It's like the issue with times arrow, it's a generalisation that has known exceptions. That is there are circumstances where redundancy actually makes the job of non random actors exceptionaly harder, not moderately easier. I've discussed this at some length in the past on this blog, so if people want to know more it is on this blogs pages (search for my name and mittigation or voting protocols should bring up a chunk of it).

Any way. I'll try to read the rest of Dan's paper later.

RatioMarch 20, 2018 3:03 PM

@Clive Robinson,

Dan calls his first assumption an axiom which is perhaps not a good idea.

Axioms are assumptions.

AnuraMarch 20, 2018 5:58 PM

@justinacolmena

Herbert Hoover, who led America into a huge stock market boom in the late 1920s.

Security SamMarch 20, 2018 6:03 PM

Dan Geer has stated loud and clear
We have now crossed the Rubicon
Dodging digital darts in high gear
While chasing the elusive unicorn.

MountainMarch 20, 2018 6:33 PM

As someone who was closely involved with the AF 447 investigation I have a different take on it than most: I believe that there is nothing to be learned from that accident. We will never invent an airliner with a zero percent accident rate therefore a zero death rate, there will always be losses. It may be that we are at the point of diminishing returns when it comes to training and safety and it is not worth the financial costs to try to alleviate any more risk.

My response to the 'children of the magenta line' problem is a "don't care". If one fatal accident every five million departure is not an acceptable loss figure then there is no acceptable loss figure. At some point in time airline safety, like computer security, can become not a rational endeavor but an obsession. Obsessions are wasteful, if for nothing else than the opportunity costs they impose.

Sancho_PMarch 20, 2018 6:59 PM

Glad I’m not the only one who gave up on reading ("lingo", thanks @albert).
Did he want to say something like “Monopolies endanger nature / society”?
I’d agree then.

Yes, some irregular statements cause additional obstacles for me, like:
”We already know that optimality and efficiency work counter to
robustness and resilience and vice versa.”
a.s.f.
-> I think optimality stands for it’s own, it includes everything,
that other triple as well as security, so … ?

Sancho_PMarch 20, 2018 7:04 PM

@Mountain re AF 447

Although I generally second your “don’t care” as acceptable loss figure I’d love we could learn from such (unnecessary) incidents.
The first is the three (similar, identical?) sensor failure at once. Many of the systems I was involved in had three independent sensors, CPUs and voters, but often the mechanical parts were common - and failed!
Diversity is the solution.
Second, the not sufficiently trained / supervised operator being the week spot is a well known fact, but (if the Langewiesche article is true) was (still is?) handled with gross neglect for pilots.

MaricelaMarch 20, 2018 7:36 PM

@Sofa,

So you don't want the scripts, why not just use google cache and reader mode?
Well, Google Cache bans Tor users... (sometimes?)

Turning off style sheets will make the original link readable. Spoiler: there's nothing there, except for a PDF link and summary. So here's the PDF.

tyrMarch 20, 2018 9:39 PM


I see the Jordan Peterson style has now
entered fairly serious discourse.

In mathematical terms an axiom is what
you cannot prove but have to accept as
a starting point.

Example:

Big Bang = limit test for credulity and
then you can expound further on what has
happened.

Like DesCartes once you accept what the
angel told you 'Understanding is number
and measure' then you can move on to the
easy parts.

If his point was that we have opened our
entire society to second order effects
by putting all the eggs in one basket it
is a fair criticism. Whether it is easy
to fix is a completely different question.

HmmMarch 21, 2018 1:41 AM


" Obsessions are wasteful, if for nothing else than the opportunity costs they impose. "

Science is wasteful. Think of all the failed experiments and null hypotheses, errata.

Think of all the ways your life personally wasn't improved by the wasteful space program,
the wasteful food safety program, wasteful investments in public stability and surety.
Picking among wasteful things, money spent investigating airline safety problems/gremlins?
Not topping my list.


Clive RobinsonMarch 21, 2018 3:28 AM

@ Ratio,

Axioms are assumptions.

Not in a formal or reasoned sense they are not, they are quite different and with good reason.

An axiom is :- A self-evident truth that requires no proof.

An assumption is :- A supposition, or something that is taken for granted without reason, questioning or proof.

That is assumptions are by no means self evident and don't actually have to be truths in the accepted sense of science.

Assumptions do not require to be reasoned or hold outside of a limited range. One example is the instructions for cooking meat in an oven where you are told "twenty five minutes per pound and a pound for the oven", you are then told the twenty five minutes is for "medium" add five for well done or subtract five for rare. The reality is that the formula for cooking meat depends on many things and is actually a power law.

I've remarked on the problem of treating assumptions as axioms in the past when tallking about the tangible physical world we know via our limited senses and the quantum world where many of our assumptions fail ('Times Arrow' being but one). Further I've also mentioned it when talking about the issues of insurance and security, where the acturial assumption is of events like fire and accidents happening randomly, but on mass sufficiently predictibly that margins can be worked out. Further why the acturial assumptions still tend to hold with human agency activities like crime in the tangible physical world, but do not hold in the intangible information world. Thus the physical world security is a subset of information world security, not the other way around (which is why many information security systems fail).

Clive RobinsonMarch 21, 2018 3:55 AM

@ Sancho_P,

Yes, some irregular statements cause additional obstacles for me, like: ”We already know that optimality and efficiency work counter to robustness and resilience and vice versa.”

I've been saying it for years with,

    Security -v- Efficiency

Take your choice as to which you prefere.

However I do caution it is a rule of thumb, or general case. It is quite possible to design a secure system that is efficient etc, but you realy have to know what you are doing in some considerable depth.

The reason the rule of thumb holds in the general case is "lack of knowledge", that is "You can only 'design out' that which you know to be a risk".

Which takes you onto the "Known knowns, unknown knowns and unknown unknowns" of "instances and classes of vulnerabilities". If you design out only "instances" which is what tends to happen with software patching, then the next instance in a class of vulnetabilities will succeed. If however you design out classes of vulnerability if somebody comes up with a new instance in that class of vulnerabilities for say a competitors product it will not work against your product.

That said however if somebody comes up with a new instance which is also a new class of vulnerability then your susceptibility is down to chance, not design.

Not understanding the difference between chance and design gives us the ludicrous issue we see in the ICTsec industry of "best practice". Put simply it's an embarrassment because it highlights that the industry has significantly failed to come up with usable "measurands" by which we can judge security in a reasoned way. Without usable measurands you can not test and reason thus come up with hypothesis that can be tested and refined, which is the way science generaly works. Thus we wallow in a snake oil market frequently throwing good money after bad...

OtterMarch 21, 2018 5:40 AM

He also doesn't understand what "crossing the Rubicon" means (or, I suppose, meant). Which leads me to mistrust what other obsurant phrases might be skewed.

CassandraMarch 21, 2018 5:50 AM

@Clive Robinson , @Ratio

I would underline Clive's caution about not treating axioms as inviolate. There's many a security hole to be found where people have treated an assumption about system behaviour as an axiom e.g. all strings are null terminated, that word-length is the same between two cpus, that all integers can be represented with 32 (or 64, or 128) bits, or that data is not executable, and so on.
Testing your axioms can be very fruitful. For many centuries, geometers and mathematicians regarded Euclid's Fifth postulate as an axiom (although some were not very happy about it), and a great deal of effort was put in to try and demonstrate its truth from his first four. It turned out not to be axiomatic in the sense that different axioms could replace it and produce self-consistent geometries (namely hyperbolic and spherical) that enormously enriched the field.
What I learned from this is that if I believe something cannot be done, it does not mean that it cannot be done by somebody else using a different method unknown to me.
From a security perspective, if I build an unclimbable wall and spend time on perfecting its smoothness, covering the surface with oil, building it vertical and several metres high, it won't stop somebody with a couple of ladders, or digging a tunnel, or driving a tank through it etc. If the axiom was unclimbable = impenetrable, or unclimbable = unbypassable, then my thinking was wrong.
Data security is the same. Using a well-tested encryption technique is insufficient if the key is easily obtainable by other means. You have to develop ways to 'think hinky' and challenge your own assumptions before an attacker does. For me, 'thinking hinky' includes being reasonably sceptical about the solidity of assumptions/axioms - especially the unstated ones.

Cassandra

parabarbarianMarch 21, 2018 9:24 AM

@DB

I got the same impression. It reads like the output of one of those specialized pomo generators. Maybe it is time to take interconnectedness to the next level. It is in blossoming that we are aligned and the Internet will be a gateway to pranic consciousness.

BobMarch 21, 2018 10:32 AM

@Clive

>There is no compeling reason why the future of humanity should be conjoined with cybersecurity

I have to disagree. There's always the possibility that some catastrophic event will prevent the increasing complexity and ubiquity of technology, digital identity, and digital trust. But that only serves to muddy the waters, as such an event renders any discussion of or planning for the future moot.

albertMarch 21, 2018 1:19 PM

@Mountain, @Sancho_P,

No, it's important to learn from Flight 447. Whereas FCS are computers controlling flight systems, the -backups- are the pilots. For better or worse, they need to know how to deal with emergencies, and they need to know that when the computer fails, how to fly the aircraft. When the autopilot disconnects, the pilots must take over. They did not. They failed to analyze the situation correctly. The FCS system did exactly what it was supposed to do. This was -not- a -critical- failure of automation.

This incident demonstrates the critical issue of the human/computer interface in highly automated systems.

1. Over-reliance on automation, to the detriment of the operators skill level.
2. Lack of understanding of the -limitations- of the automation.
3. Lack of proper procedure for taking control of the system by the operator.

Skillful humans are pretty good at dealing with the sort of problems that automation is not programmed (and may never be programmed) to deal with. Sully landing on the Hudson comes to mind.

And we now have the first human casualty from a 'self-driving' car. If this is the future of transportation, then I want no part of it. The lawyers are the only ones who will get lasting benefits from it.

What's the next step, granting 'self-hood' to an automobile?

. .. . .. --- ....

VinnyGMarch 21, 2018 1:40 PM

@keiner @sofa @maricela
There is a much simpler solution, folks. As is the case with quite a number of pages that attempt to block browsers that have js diabled, whoever implemented this "block" is either lazy or incompetent. If you turn off page styles (in FF - "view|page styles|none" - option may differ in other browsers) you get past the image that blocks the unformatted text. If you then scroll down a bit, you will find a link to the pdf for the article, which is completely unprotected. Or if you don't want to try that experiment for some reason, just click on this link:
https://www.hoover.org/sites/default/files/research/docs/geer_webreadypdfupdated2.pdf

Denton ScratchMarch 21, 2018 2:42 PM

@Ratio Damright. I am not happy when someone requires that their very first assertion is to be considered an "axiom" - an axiom is something that is supposed to be self-evident.

I read on for three more paragraphs (without extracting any meaning from them), and gave up, because I have better things to do. Basically, I think (judging from the first four paragraphs) that is a really awful piece of writing. It's just a series of pompous declamations, expressed in language that is so weird that you can't tell what is being declaimed.

Maybe he gets better later on; but making the very first sentence bullshit is a bad sign. To me.

Not sure why Bruce posted this; maybe someone better informed than me (and who bothered to read on) could explain.

ThunderbirdMarch 21, 2018 3:11 PM

I read (okay, skimmed) the entire thing, and I have to say that I too was bother by the "series of pompous declarations." I am always happy to grant a couple of unsupported suppositions for the sake of argument, but there were way too many "self-evident truths" for me. I learned long ago if a proof says "it is obvious that X" it may really mean "I have no idea how to prove X."

I agreed with many of his points, once I figured out what they were. It would be nice if someone went through and condensed it into a three-page essay written in a more commonly-understandable dialect of English. I don't think there are a lot of abstruse concepts in there that can't be expressed more simply. Since Bruce recommended it, maybe he will elaborate on some points he liked.

MarkHMarch 21, 2018 3:51 PM

@Mountain:

I'm surprised by your attitude toward AF447.

Within a few hours of beginning flight instruction, most student pilots learn to put the nose down in response to a stall.

If the establishment and maintenance of airmanship is a waste of resources, then surely it's a far bigger waste to have a cockpit at all.

MountainMarch 21, 2018 5:33 PM

@MarkH

"If the establishment and maintenance of airmanship is a waste of resources, then surely it's a far bigger waste to have a cockpit at all."

Correct and the elimination of the cockpit is a move I fully support. The primary barrier to a fully automated plane is not technological but cultural. People don't like the idea of machines being in control. But the fact remains that we are already seeing some test usage of fully automated planes in the corporate sector.

Trains have long been automated, subways are effectively automated, automoblies are being automated. The planes' turn will come. Commercial piloting is an profession fast on its way to being obsolete. Pilots, of course, don't like it. The romantic dream dies hard....yet it does die.

@albert

No, there is nothing to learn from AF 447. The way I put it to an associate after the final report was done was to ask this question. "Now that the final report is out what exactly is going to change in classroom instruction?" His reply was a wonderful dodge, "Another example of what not to do." Every aspect human factors analysis, every aspect of effective CRM was already known before Af 447 happened. We already knew that fatigue kills. These guys simply didn't do what they had been trained to do and no amount of additional education would have helped them, just like no increase in firearms training would have helped the school security guard who failed to enter a shooting scene and kill the person killing the students.

If you want someone to automatically do what they are trained to do you know what? You build an automation. It's called Fly By Wire. It's time to stop trying to turn humans into machines and just trust the machines.


Sancho_PMarch 21, 2018 6:40 PM

@Clive Robinson

My problem was the word “optimality” in the given context (Dan Geer).
However, Security v. efficiency (or speed, or …) may be an interesting observation, but inherits the difficulty with both terms, security and efficiency.

I think security is in no way connected to efficiency, but if we (have to) involve complexity to achieve security then efficiency could be the loser.

While we all have our own idea what it means, security itself is often used in very ambiguous context, e.g. in “security camera” v. “surveillance camera”.
But that may be my limited understanding as ESL.

Sancho_PMarch 21, 2018 6:42 PM

@albert, @MarkH, (@Mountain)

As you both focus on the training / knowledge part of the pilots only, now I’ll explicitly write what got my blood to the boil (“gross neglect”):
Supervision, respectively the lack of.
It is not only AF but all airlines: These *self-censored* , I’d put them in undecorated grey jump-suits, throw out the cockpit-seats and have them knee the whole flight, but only after a negative drug test. Have you ever heard of similar irresponsible drivers in public transport, with one hour sleep before a 16 hours shift when you can not simply stop the bus?
There is no supervision, as is with our powers.

@Mountain: I think full automation isn’t wiser.

justinacolmenaMarch 21, 2018 6:55 PM

@MarkH, Mountain

If the establishment and maintenance of airmanship is a waste of resources, then surely it's a far bigger waste to have a cockpit at all.

There is a small private aviation problem. Aviation is buried in large quantities of paperwork, airworthiness certification, medical fitness, and lots and lots of money, because you aren't even allowed to hold a wrench without exactly the right mechanic's certificaton.

The real problem, of course, which the "moderates" and liberals in the U.S. refuse to acknowledge, is drugs and drug-dealing. Flying while high on drugs is not O.K. Flying with a cargo of controlled substances is not O.K. "Pranks" or "practical jokes" in the air are not O.K., either.

https://www.adn.com/alaska-news/crime-courts/2018/03/19/pilot-who-buzzed-mat-su-man-with-float-plane-causing-severe-brain-injury-sentenced-for-assault/

The solution, so far, has been to exclude the law-abiding public from the skies, and leave them over to the Mafia and various drug-running cartels. This is well in line with moderate liberal thinking, and in fact exactly how the moderate liberals handle guns.

echoMarch 21, 2018 9:22 PM

Wow. I read the abstract and first page and this essay made my brain feel cross-eyed.

From what little I grasped I'm not sure his observation of interdependency and risks and protection is especially new. I worry about the heavy tilt towards technology and militarisation. The essay is also very US biased which grates.

Caroline A. Jones has a somewhat counter essay.

https://www.edge.org/conversation/caroline_a_jones-a-common-sense

We need to acknowledge our profound ignorance and begin to craft a culture that will be based on some notion of communalism and interspecies symbiosis rather than survival of the fittest. These concepts are available and fully elaborated by, say, a biologist like Lynn Margulis, but they're still not the central paradigm. They’re still not organizing our research or driving our culture and our cultural evolution. That’s what I’m frustrated with. There’s so much good intellectual work, so much good philosophy, so much good biology—how can we make that more central to what we do?

RatioMarch 21, 2018 10:22 PM

@Clive Robinson, @Cassandra,

Not in a formal or reasoned sense [axioms] are not [assumptions], they are quite different and with good reason.

An axiom is :- A self-evident truth that requires no proof.

That definition contains three parts. In reverse order:

  • requires no proof — nor can be proven
  • truth — I don’t know what it means for an axiom to be “true”
  • self-evident — not in modern mathematics (incl. logic, theoretical physics)

On to assumptions:

An assumption is :- A supposition, or something that is taken for granted without reason, questioning or proof.

That is assumptions are by no means self evident and don't actually have to be truths in the accepted sense of science.

If you accept my bullet points above, it should be clear that this is not a description of differences between axioms and assumptions.

Assumptions do not require to be reasoned or hold outside of a limited range.

Nor do axioms. (See the example below.)

There's many a security hole to be found where people have treated an assumption about system behaviour as an axiom e.g. all strings are null terminated, [...]

I don’t even know where to start…

Testing your axioms can be very fruitful.

Testing how? Against what?

For many centuries, geometers and mathematicians regarded Euclid's Fifth postulate as an axiom (although some were not very happy about it), and a great deal of effort was put in to try and demonstrate its truth from his first four.

Had they succeeded, it would have been a theorem, not a postulate (axiom).

It turned out not to be axiomatic in the sense that different axioms could replace it and produce self-consistent geometries (namely hyperbolic and spherical) that enormously enriched the field.

How can that be if axioms are “self-evident” and “true”? Does that mean the parallel postulate is no longer self-evident? Is it no longer “true”, whatever that may mean? Worse: was it never an axiom to begin with?

Or could it be that this example neatly demonstrates that axioms are assumptions? And that sometimes, instead of assuming X and getting a consistent system, you can instead assume Y and end up with another consistent system. (Or you can choose one set of axioms instead of another to produce the same system.)

tyrMarch 22, 2018 1:20 AM


What I found quite puzzling buried in
the verbiage was the use of National
Security and the idea of military
solution to some of his posited points.

Do we really want the military to solve
our problems considering their current
track record (one could be unkind enough
to call it gross failure)?

If you've never been in the military it
might sound good. It's always easier to
pass the buck to imaginary experts rather
than cleaning your own privy.

The aviation discussion overlooks the fact
that most pilots are simulator trained
not learning by flying aircraft that have
very little automated aids. This makes
sense from the economics side but is no
help if you suddenly have to fly the
aircraft by yourself.


CassandraMarch 22, 2018 3:10 AM

@Ratio

...could it be that this example neatly demonstrates that axioms are assumptions? And that sometimes, instead of assuming X and getting a consistent system, you can instead assume Y and end up with another consistent system. (Or you can choose one set of axioms instead of another to produce the same system.)

Well, yes, axioms are assumptions, just a special kind, the meaning of which has changed over time. Wikipedia nails this by saying: "The term has subtle differences in definition when used in the context of different fields of study. As defined in classic philosophy, an axiom is a statement that is so evident or well-established, that it is accepted without controversy or question. As used in modern logic, an axiom is simply a premise or starting point for reasoning."

Often, people use 'axiom' in the classical philosophical sense, sometimes strengthening it to mean 'a self-evident truth', which is why I spoke about challenging axioms and talked about Euclid's Fifth postulate. The search for absolute truth led to Whitehead and Russell's Prinipia Mathematica and Gödel. Thank-you for following the conversation.

Cassandra

Wesley ParishMarch 22, 2018 4:30 AM

I almost choked on the heavy jargon-laden first part, but I survived that and found he got a little easier going on.

But I couldn't make head or tail of his assertion "Time is irreversible. To make something timeless is to make it irreversible." They appear to contradict each other. And nothing he says following that resolves the contradiction.

"We calibrate our inventions’ quality by the imagined time that must elapse before they can be undone, which is to say reversed. The inventions that deliver “You are safe here for a millisecond” and “You are safe here for a millenium” differ in the time constants of their reversibility."
Now that is a valuable insight; but I was almost turned off completely by the gobbledegook of the first two lines in that paragraph.

Likewise his comments on "dependence". FWLIW, I've always thought the first Soviet A-bomb test should be celebrated as Interdependence Day in the former Soviet Union and the United States of America. Because from that day on, politicians in both countries found themselves reacting to their (apparent) foes as to domestic opposition (I found it impossible to visualize the later stages of the Gorbachev-Reagan summitry as anything other than a set of election debates. :) ). It's still going on; Kim Jong-un's great success is that the US MSM have elevated him to such a "lofty" perch. Poor twit.

Perhaps Bucky Fuller's insight that the ends of the US and the Russian power grids should be joined together - ditto the Chinese, Russian, EU etc - should be taken seriously.

Some of his later paragraphs are almost lucid. But he should be more consistent.

(If you want a relatively easy-to-understand explanation of why time's arrow only points in one direction, I recommend Ian Stewart's 17 Equations That Changed the World, ch 12 Law and Disorder Second Law of Thermodynamics.)

VinnyGMarch 22, 2018 8:52 AM

@Bauke Jan Douma re: the NSA, bitcoin, and Tor
I read the redacted NSA paper(s) cited by the Intercept article. The NSA does seem to indicate that the "cooperating" company is headquartered, or has a primary tech center, in Virginia. The Intercept article itself speculates that it is a VPN provider. After trying to match likely suspects to those two criteria, I'm skeptical it is/was a VPN. The requirement would seem to be that it was a service sufficiently ubiquitous as to be able to capture a large fraction of bitcoin traffic, which implies a consumer-grade VPN. None of the top consumer-grade VPNs in 2013 seem to have had HQ in Virginia (I'm still examining that evidence.) The most likely suspects that have an apparent history of sacrificing the interests of their civilian customers in exchange for Fedgov contracts don't seem to have enough reach into the marketplace. Could it have been some service that is even more ubiquitous than even the largest VPN provider? Tor, btw, is not, strictly speaking, a VPN, and, to the best of my knowledge, is not located in Virginia. Fortunately, neither is my provider (that would have been disappointing :) Cringing, I checked up on EFF, but (thankfully) no evident Virginia connection there (DC on a couple of different occasions.) ARIN is in Chantilly, but I don't see how they would have access to the datastream that would allow them to siphon off traffic from a non-US hub to pass on to NSA. AT&T and Verizon do have very large footprints in Virginia. I'm probably indulging in confirmation bias in looking at this, both for outfits that I don't want to be involved, and outfits that I already despise and wouldn't mind seeing sporting additional coatings of hot tar and chicken plumage. Perhaps I'm also missing something fundamental in my assumptions...

echoMarch 22, 2018 3:17 PM

@Wesley Parish

I was curious so searched for articles on Buckminster Fuller's global energy grid idea. Very interesting!

http://www.geni.org/globalenergy/library/newsletters/1995/buckminster-fuller-on-the-global-energy-grid.shtml

I was wondering earlier if cryptomining and other browser techniques which hijack a browser could somehow result in microtransactions which charged the hosting website or perhaps applied an energy tax. I have also wondered about capability bits being applied by the browser or some kind of function whitelisting certification scheme to compartmentalise and limit the potential of security explots or hijacking too. I guess this is all practically unworkable for now but is some kind of scheme using any or all of these methods possible?

NotCliveMarch 23, 2018 3:00 PM

Dan is an acquired taste.

The notions he presents require a decoding table as his terms are generally unique to his writings.

Re time's arrow, etc, his context is cultural not quantum. Re assumptions his axioms are defended in some previous articles. Check his website if you have an afternoon to spend.

The tl;dr is that digitalization, in various ways, is probably undefendable against a lucky or skilled attacker. And at a national scale, rather than merely personal or corporate. And so we need a plan B which is expensive, not immediately useful, hopefully not needed, and is technical yet based on non-pervasive technology. An apt description of "military".

A risk is that while government will make sure to be seen making the motions, they will not be achieving the necessary end goal. I suggest googling "federal reserve cyber" and read the speech. Ask yourself if they expect to actually use their plan in a cyber emergency.

A Nonny BunnyMarch 24, 2018 3:52 PM

@Clive Robinson

@Ratio, Axioms are assumptions.

Not in a formal or reasoned sense they are not, they are quite different and with good reason.
An axiom is :- A self-evident truth that requires no proof.
An assumption is :- A supposition, or something that is taken for granted without reason, questioning or proof.
Many words have multiple usages. So I think you're making it too easy for yourself picking just what you think "axiom" means.


http://www.dictionary.com/browse/axiom
axiom [ak-see-uh m]
noun
1. a self-evident truth that requires no proof.
2. a universally accepted principle or rule.
3. Logic, Mathematics. a proposition that is assumed without proof for the sake of studying the consequences that follow from it.

So, according to definition 3, it's an assumption -- when used in a formal logical/mathematical setting.
In more colloquial use it can be a self-evident truth, or a universally accepted rule.

Clive RobinsonMarch 24, 2018 8:25 PM

@ A Nonny Bunny,

So I think you're making it too easy for yourself picking just what you think "axiom" means.

No I'm not making it easy for myself.

In science "axiom" has a very definate meaning, which I gave.

In more colloquial use it can be a self-evident truth, or a universally accepted rule.

A "universally accepted rule" in science is one that follows on from a "self-evident truth" by definition.

An ordinary everyday assumption has little use in science, for various reasons, not least is it's "testability" or lack there of.

Therefor of the three definitions you quoted. The first (1) is the one I gave. The second (2) as I've indicated follows on from the first.

It's the third that is different and is actually about "testability of a proposition" in some respects it is what William of Ockham's razor is all about. It came to logic and then mathmatics by way of what we call philosophy. You can look up the difference between Sir Issac Newton's inductivism methods and Aristotle's empirical methods, to see why one is prefered over the other.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.