New Book Announcement: Click Here to Kill Everybody

I am pleased to announce the publication of my latest book: Click Here to Kill Everybody: Security and Survival in a Hyper-connected World. In it, I examine how our new immersive world of physically capable computers affects our security.

I argue that this changes everything about security. Attacks are no longer just about data, they now affect life and property: cars, medical devices, thermostats, power plants, drones, and so on. All of our security assumptions assume that computers are fundamentally benign. That, no matter how bad the breach or vulnerability is, it's just data. That's simply not true anymore. As automation, autonomy, and physical agency become more prevalent, the trade-offs we made for things like authentication, patching, and supply chain security no longer make any sense. The things we've done before will no longer work in the future.

This is a book about technology, and it's also a book about policy. The regulation-free Internet that we've enjoyed for the past decades will not survive this new, more dangerous, world. I fear that our choice is no longer between government regulation and no government regulation; it's between smart government regulation and stupid regulation. My aim is to discuss what a regulated Internet might look like before one is thrust upon us after a disaster.

Click Here to Kill Everybody is available starting today. You can order a copy from Amazon, Barnes & Noble, Books-a-Million, Norton's webpage, or anyplace else books are sold. If you're going to buy it, please do so this week. First-week sales matter in this business.

Reviews so far from the Financial Times, Nature, and Kirkus.

Posted on September 4, 2018 at 6:20 AM • 53 Comments

Comments

KevinSeptember 4, 2018 8:02 AM

Interesting topic. Ill buy it if your release it on audible. Would be even better if it is dictated by you.

Andrew GSeptember 4, 2018 8:14 AM

Well, I wouldn't say I've "enjoyed" the regulation-free Internet. The laissez-faire environment has created the toxic privacy and security climate we experience today. Regulation is long overdue.

mbSeptember 4, 2018 9:30 AM

Congratulations on the book. I know you probably did not choose the hyperbolic title, but I would be reluctant to buy the book based on this blurb and the title. 9/11 changed everything about security, and most of the regulations put in place afterward was not "smart regulation". I see this book creating or fanning a crisis, that no good politician will let go to waste. I have been disappointed lately with the political tone of this blog, I fear you are being far too influenced by your Harvard environment, a little skepticism about the ability of government is due.

Impossibly StupidSeptember 4, 2018 10:10 AM

The biggest problem with regulation, or any sort of government intervention, is that it is state-sponsored attacks that are already the most threatening. You have to expect there will be a "back door" exception carved out so that they can continue to benefit from access to less secure systems. Given that the tech industry itself is not acting in unison to remove insecure networks from the global Internet, I have zero expectation that anyone is going to be eager to act just because some know-nothing politicians start writing new rules.

bttbSeptember 4, 2018 10:56 AM

ps. about 30 minutes, live broadcast over, direct link, https://the1a.org/shows/2018-09-04/click-here-to-kill-everybody :

"Bruce Schneier says that everything, basically, is a computer with some extra stuff attached.

When he wrote for New York Magazine, he described it this way:

"Your modern refrigerator is a computer that keeps things cold. Your oven, similarly, is a computer that makes things hot. An ATM is a computer with money inside. Your car is no longer a mechanical device with some computers inside; it’s a computer with four wheels and an engine. Actually, it’s a distributed system of over 100 computers with four wheels and an engine. And, of course, your phones became full-power general-purpose computers in 2007, when the iPhone was introduced.

We wear computers: fitness trackers and computer-enabled medical devices — and, of course, we carry our smartphones everywhere. Our homes have smart thermostats, smart appliances, smart door locks, even smart light bulbs. At work, many of those same smart devices are networked together with CCTV cameras, sensors that detect customer movements, and everything else. Cities are starting to embed smart sensors in roads, streetlights, and sidewalk squares, also smart energy grids and smart transportation networks. A nuclear power plant is really just a computer that produces electricity, and — like everything else we’ve just listed — it’s on the internet.

The internet is no longer a web that we connect to. Instead, it’s a computerized, networked, and interconnected world that we live in. This is the future, and what we’re calling the Internet of Things."

What’s the potential for an Internet of Things? More pressingly, what are the dangers?"

Clive RobinsonSeptember 4, 2018 12:47 PM

@ Andrew G,

The [Internet] laissez-faire environment has created the toxic privacy and security climate we experience today. Regulation is long overdue.

Be careful what you wish for.

Regulation has already started in the UK and soon Australia, and with that all right of privacy.

So with the fact that the industry is forcing you down the third party storage and processing route. It will soon be a crime to have private thoughts you keep from any interfering Government Entity such as that annoying clerk who "has to see your papers" for driving medical aid, through those who believe you owe more than you are paying through any jumped up traffic cop all the way through to those you vote for. But unfortunatly in the process every big company will have access to not just your thoughts but your emotional state and state of health through the rythms of not just what you type but how you type it. And as the US is a place where your data belongs to who ever collects it, and they can do what they like with it, your employer can watch you 24x365.25 and demand that you be available at their whim under the company "Say No to... " policy.

That is what you have comming to you within a decade at most, if you do not fight the continuous fight to stop such behaviours.

But even if you do fight they will get through a little something at each and every battle, skirmish or even contact. Inch by inch a foot will be gained, then a yard and soon a mile you will give ground untill you have none left to stand on.

The "online gig economy" will drive wages and standards down to the point where "burger flipping" will look better. Then the "knowledge jobs" will go down various AI paths. Only a few jobs will survive and unlike those behind the throne you will not be alowed to be an "asset owner" just a "Rent Payer". Thus life will eventually become compleatly undemocratic as only asset owners will have the right to vote. Thus life in surfdom to Kings, Barons, and Lords of the Mannor will be your lot.

That is where the wrong type of legislation will take you. And the legislation you are going to get currently will be bought and payed for by vested interests you have no say over. Those Govetnment entities and the Corporate entities who will buy what they want and disgrace those who do not comply into the mass work camps that prisons will steadily grow to become.

You might think it distopian, but history shows us that freedom is fleeting for those who do not fight for it everyday.

Thus before you wish for Intetnet Regulation you should demand regulation on the limits of power that those Government and Corporate entities can have. The original founding fathers tried to stop what they saw as tyranny but in the process alowed those protections to be bought away for mear drops of cash to those in Government both elected and otherwise by those they had not envisaged we now call corporations that strangely have many right and no responsabilities and who can not be punished, such inequality can only have one of two endings serfdom or war, unless the corporates themselves are put into surfdom to the wishes of the people in ways that can not be taken away.

Clive RobinsonSeptember 4, 2018 1:25 PM

@ Bruce,

[T]he trade-offs we made for things like authentication, patching, and supply chain security no longer make any sense.

They never did, they were "convenient lies" always based on false assumptions and faux premises.

The things we've done before will no longer work in the future.

Whilst self evident, it raises the questions not of "What?" but "If?" and "Will we?".

That is "If there is anything that can be done?" and if so "Will we be alowed to use it?"

History shows that "If there are things that can be done" the short term gain of a very few gives rise to tyranny and that the new can be powerless in the face of the old.

Eventually the new can prevail but only if the old can be defeated in some way.

But as Cicero noted,

    Inter arma enim silent leges

Oft incorrectly translated as "in times of war, the law falls silent".

The actual Latin meaning has a little more subtlety,

    For among arms, the laws fall mute

That is for those that control the "arms" or as we would now call them "guard labour", the law does not apply. In effect They are not just above the law, but their whims and wishes are the law, administered at the point of a gun that others are thus forced to obay. But worse by the same principle the excesses of the guard labour also go unpunished as it serves a usefull purpose to instill fear in those that are forced to obay.

We already see the excesses of guard labour excused on the flimsiest of excuses, and there are those alive that saw what struggles were required to get acknowledgment not just very short lived change.

Rights only exist for those who can and do fight for them.

CiceroSeptember 4, 2018 3:01 PM

I'm quite sure I actually wrote,

Silent enim leges inter arma

instead of the decidedly inferior,

Inter arma enim silent leges

that is so often incorrectly attributed to me. O tempora, o errores!

HmmSeptember 4, 2018 3:24 PM

He addressed it specifically.

"I fear that our choice is no longer between government regulation and no government regulation; it's between smart government regulation and stupid regulation. My aim is to discuss what a regulated Internet might look like before one is thrust upon us after a disaster."

If a quorum of the public don't talk about what sensible regulation would look like ahead of time, you can expect insensible regulation instead. You can see this playing out in the 5-eyes backdoor "ultimatums" being made now or the Net Neutrality vs undermined corpo-controlled internet debates; these major changes are in the pipe NOW and are being decided NOW, and we may notice that we'll likely be stuck with them indefinitely. We need to get the debate out ahead of that as our technological mitigations are provably no longer sufficient, and it's a far too dangerous world to leave on this thoughtless track of under-regulation and overreach at once.

To all the people who say "regulation never solved anything" or those types of libertarian arguments, I'd say that backwards-illustrates the point directly - if you DON'T design these details into regulation up front, you WILL be stuck with something you don't want. That's inevitably true as we've seen. The only way we have to influence or defend ourselves from bad precedents writ in law is to regulate and codify rights of the public ahead of attempts to restrict or sell them off to corporate lobbying campaigns. The reason we have seatbelts and potable water is because we have regulations. Sure, governments can and do overreach. How will we even be able to call them out on that if we don't as a global community decide which rights are inviolable first?

Fearing government is not a good enough excuse for failure to to regulate sufficiently.

echoSeptember 4, 2018 4:57 PM

Given the UK state only pays lip service to professionalism and duties of care and public policy below the level of statute is usually the codification of ignorance and discriminations and habits and lack of skill and understanding I have given up expecting "justice" in the UK. One tiny mistake, one fault, one exploit, one loophole can lead to a whole life ecnompassing disaster. This is all the pwoer crazed and criminals and abusers need.

What I am saying is exactly the same as Bruce and Clive. The problem is the job titles and media and financiers are too compromised and dishonest and too close to the problem to solve anything.

@Clive

Rights only exist for those who can and do fight for them.

I am afraid this is the truth along with everything else you said.

@Hmm

f a quorum of the public don't talk about what sensible regulation would look like ahead of time, you can expect insensible regulation instead. [...] To all the people who say "regulation never solved anything" or those types of libertarian arguments, I'd say that backwards-illustrates the point directly - if you DON'T design these details into regulation up front, you WILL be stuck with something you don't want.

This too.

I have tried to break my story and had to turn down 2-3 newspapers already. This month I was offered a documentary by a media company. The problem is this won't be a serious Snowden style documentary or serious investigative journalism but a patronising lurid tabloid fantasy where I'm just the Stormy Daniels style eyecandy. I'm not leaping at the offer.

HmmSeptember 4, 2018 5:25 PM

"a patronising lurid tabloid fantasy where I'm just the Stormy Daniels style eyecandy."

Remember, no such thing as bad PR... and if you want to sell publications, well.. :p

*(She also had an undeniable hand in a pending regime change. I think her stock went UP!)

ErikSeptember 4, 2018 6:11 PM

A regulation-free Internet? If only we knew what one looked like. Around here at home, like most Americans, I have my government-apportioned carrier duopoly. Sure, I have other choices as long as I'm willing to pay $$$$$ for a private loop back to a POP. But if another carrier wanted to run fiber or coax to my neighborhood? Sorry, that's against the law, written by the same class of Wise Overlords who would be writing any other Internet regulations. We're stuck with a "two (almost identical) sizes fits all" approach for bandwidth offerings, traffic filtering, etc.

Financial security problems? From the same people who gave all of us a nine-digit number, outlawed its use for anything other than government benefits, and then just let that bleed out into dead letter. What could possibly go wrong? Government regulation are enforced when it's profitable for the government and its sponsors to do so, except when they throw out a little bone here and there to quell some outrage - and even then the bone is almost always some sort of scam. Like the post-2008 financial regulations that were supposed to limit the power and danger of Wall Street megabanks and instead wound up eliminating almost all of their smaller competition, followed by running us straight up into another credit bubble. "Whoopsie. Guess we slipped up there. Sorry, I can't hear your complaints over the cash-register-till sounds my campaign contribution stats are making."

Better router and IoT security? From the people who can't even bother to plan to secure their own networks, let alone actually implement it? I mean, I know they have regulations requiring them to make plans to figure out better ways to regulate their IT security planning and then expend gigatons of additional CO2 and hot air with endless lip service. Oh wait... actually doing something useful? We're the government. You must be new here. Wasn't there an article out the other month about how the NSA - the one agency you would think would actually move on this stuff - hadn't actually implemented their post-Snowden security upgrade recommendations? Guess they're too busy ginning up new "evidence" to start another war. Gotta keep the important people (defense contractors) fed!

Thankfully, "content fairness" is still unregulated. I mean, few people like to be exposed contrary viewpoints. 90-something% of "fake news" gripes are really just "stuff I disagree with," to the point where even if it actually is an absurdly stupid story it's almost always being complained about by somebody with an even more ridiculous outlook. If you think "fake news" is a problem now, just wait until the Trump Administration (or his hard-left successor, whoever that will be) is in charge of setting that straight. Remember: eventually somebody you loathe will have their hands on this steering wheel, and it will be a Thelma-and-Louise-like run straight off the cliff of "Free press? I remember those ++ungood days."

I could go on and on and on, but somehow I just don't see the wisdom of putting a bunch of greedy idiots who have virtually no adverse affects from their mistakes in charge of another bunch of greedy idiots who can actually be punished by market forces for bad behavior when the befuddled masses eventually maybe get around to giving a shit. If they don't give a shit, then that's not exactly democracy or representative government or whatever - it's just nannying executed in the most expensive, inflexible, and lowest-quality manner possible.

echoSeptember 4, 2018 11:20 PM

@Hmm

I don't want to detract from Bruces new book launch. What he says (and Clive's and other peoples critical observations) are too important.

@Erik

Yes. This too.

HmmSeptember 5, 2018 12:45 AM

@echo

I don't mean to make light of your situation, however that came across.

Bruce needs scarier cover art for the second edition. The reviews seem pretty good!

Now we all need to buy a few and shame relatives into reading it via gifting and hints.


David HoweSeptember 5, 2018 4:58 AM

Book seems good so far, but I do note the first url referenced (https://www.schneier.com/ch2ke.html) doesn't seem to work :)

Bruce SchneierSeptember 5, 2018 7:05 AM

@ Eric S.

"Are you releasing an audio book version... If so when may it release?"

There will be an audio version. I don't know when it will be released, but I know it won't be soon.

Bruce SchneierSeptember 5, 2018 7:06 AM

@ Kevin

"Interesting topic. Ill buy it if your release it on audible. Would be even better if it is dictated by you."

I don't think I would be a good person to read the book. Dramatic reading it not my forte.

Bruce SchneierSeptember 5, 2018 7:11 AM

@mb

"I know you probably did not choose the hyperbolic title, but I would be reluctant to buy the book based on this blurb and the title. 9/11 changed everything about security, and most of the regulations put in place afterward was not "smart regulation". I see this book creating or fanning a crisis, that no good politician will let go to waste. I have been disappointed lately with the political tone of this blog, I fear you are being far too influenced by your Harvard environment, a little skepticism about the ability of government is due."

I actually did choose the title, deliberately to be hyperbole. I explain my reasoning in the book's introduction. Of course I immediately back off from the hyperbole.

Don't blame Harvard for anything I write. It's not their fault. I have long believed that the only way to reign in corporate power is through government power, and the best way to get security is to have multiple power sources watching each other. Of course I have "a little skepticism about the ability of government," but most of my criticism comes from people who have this almost magical belief that government can't do anything.

Government is what's missing in Internet governance right now. We don't need it to replace what's exists, but we do need more of it.

Anyway, it's a complex argument and I hope you'll be open to reading it.

Bruce SchneierSeptember 5, 2018 7:12 AM

@Impossibly Stupid

"The biggest problem with regulation, or any sort of government intervention, is that it is state-sponsored attacks that are already the most threatening. You have to expect there will be a "back door" exception carved out so that they can continue to benefit from access to less secure systems. Given that the tech industry itself is not acting in unison to remove insecure networks from the global Internet, I have zero expectation that anyone is going to be eager to act just because some know-nothing politicians start writing new rules."

I agree. This problem is going to get a lot worse before it gets better.

Bruce SchneierSeptember 5, 2018 7:14 AM

@Clive Robinson

"Rights only exist for those who can and do fight for them."

That sounds like a horrible world. I want rights to exist for everyone, regardless of their ability or willingness to fight.

Bruce SchneierSeptember 5, 2018 7:15 AM

@David Howe

"Book seems good so far, but I do note the first url referenced (https://www.schneier.com/ch2ke.html) doesn't seem to work :)"

Ouch. Thank you for noticing that.

I will fix.

echoSeptember 5, 2018 10:54 AM

@Hmm

That's ok. It's complex and on average you need a fairly steep understanding to discuss the issues. It's one of those things people get or don't get. I rebuffed the documemtary company with a high fee and terms and conditions. I pretty much burned this bridge and then some. I'm keeping my mouth pretty zipped to avoid clogging up Bruce's topic.

bttbSeptember 5, 2018 12:25 PM

Re: Optimal government size and optimal amounts of regulation

Two things, paraphrased, from a dead relative:

1) It may take big government to effectively deal with, for example, big business or big organized crime, in a meaningful way. In other words, if you have a small government, good luck with that.

OT 2) Capitalism, of course, has financial losers as well as financial winners. Governments can help provide a safety net for financial losers.

HumbaHumbaSeptember 5, 2018 1:32 PM

This is from the Kirkus review linked to above.

With due pessimism, the author argues that individuals must do their best to harden their own security even as governments battle against encryption, anonymity, and other security measures...

How curious. My own observation is that over the last decade @bruce has moved away from the technical side of security and has instead spent much of his time and focus on the cultural, social, and even....dare I say it...philosophical side of security.

If individuals have to do their best to harden their own security I can honestly say that at this point in time Schneier On Security is not the first place I would turn to accomplish that goal. In fact, I don't even think it would be on the radar. To put it simply @bruce has spent most of his time developing grand strategy rather than battlefield tactics. There is nothing wrong with that, of course, someone has to be the general but I can't help be feel that the general too often leaves the troops unguided and forlorn in their battlefield preparation.

echoSeptember 5, 2018 2:35 PM

@HumbaHumba

My kneejerk view is Bruce has put in the hard work and lived through the political battles and made the arguments. I believe folding in cultural and social (and philosophical) aspects into the core mission is absolutely correct. The issue really is having reached the top of the mountain and looking back there is a huge vacuum left by extremly poor policy implementationa and lack of education. I believe a large part of this is government and society and supporting structures can be extremely slow to change.

I have expeienced this myself from the other side of the fence. Bruce is lucky to be the go to guy for a lot of things. To be fair he has earned this. The best I could manage was being eyecandy on car crash television. It's not my thing and I didn't feel I was being respected so I declined.

One problem I have noticed much more lately is too many younger people have no experience or much of a clue. As an example one youngish man half my age was trying to get into the security industry and on a fairly through course teaching the basics. I'm interested in what he knows from this and chatted about security stuff including some basics including data security and opsec whcih he was familiar with on the surface. He was obviously nodding along and not really invested in the conversation because the next thing is he's trying to get me back to his hotel room and pulled every trick in the book to attempt it. I don't personally believe he was up to the security job to any serious level and wouldn't date anyone that dumb. On the other hand a former audio engineer whose current job was electronic verification was intelligent and I enjoyed our conversation and learned a few things too even if it took a while for the penny to drop about analogue to digital convertors. The verification work is similar to work Clive has done so I suggested he may wish to explore security work one day when he has acquired more experience. As things turned out no we didn't date, and I didn't fancy him that much to be over the moon about the prospects, but he was a decent man and had a brain in his head. I need to be a bit careful what I say because they (or their boss) may be reading this blog because I have a nasty habit of recommending it to anyone half interested in the topic.

Clive RobinsonSeptember 5, 2018 3:45 PM

@ Bruce,

That sounds like a horrible world. I want rights to exist for everyone, regardless of their ability or willingness to fight.

I personaly want rights for people where there is no need or reason to fight. However that is not the world we live in.

The number of real democratic governments are absolutly tiny and they are becoming less by the day.

We think we have democracy when we talk about "representational democracy" but it is not even a pale shadow of democracy. What you get is a hierarchy of people making the laws and decisions and they are far from accountable to the citizens of a nation. Just about every nation in the world has a corrupt government in one way or another, some even recognise the corruption in their legislation.

With hierarchies corruption is built in, that is the higher you are the more power you have thus the higher the price your vote is worth to those who wish to have the vote go their way.

As has been noted "Every man has his price" and it works both ways, they can be bought with baubles or they can be sold down the river. The Intelligence Community know that people have failings and these can be used for leverage. Thugs also know that some of those failings are fears for loved ones etc.

These are all levers that those without conscience or morals will employ to get there way. We have names for such people we call them psychopaths, and there are tests that show to what degree people have psychopathic traits. Testing has shown that those who run various corporations have these traits rather more than the norm.

Thus it is not to difficult to see how they will eventually prevail unless they and their sources of power are prevented from having influance on the legislators and other policy makers.

The problem is as once noted "evil people scheme" whilst others do not want responsability thus they leave things to those who scheme... It appears to be part of the human condition.

The question is thus how do you stop the psychopathic schemers gaining power to gain influence over those at the top of social hierarchies? The simple answer is I don't think anybody knows yet...

What I do know is we need to find out fast, because technology agnostic as it is appears to aid the schemers more than the citizens currently.

You can see this in the basic right to "privacy" it is being destroyed in front of our eyes, yet we appear powerless to stop it, when citizens stop giving their privacy away freely or for baubles, we find governments as we currently do passing legislation to ensure there is no right to privacy and worse you are assumed guilty of crimes if you try to maintain your privacy.

This is not currently a world where rights are tolerated let alone respected. Thus the question of can we realistically get them back without having to fight in some way?

Being eternaly vigilante is insufficient on it's own, it requires eternal action as well.

Impossibly StupidSeptember 5, 2018 5:05 PM

@HumbaHumba

That's why I'm happy Bruce allows commenting on his blog. That way he's free to focus on the high-level aspects of security and we all can discuss how to best implement the ideas being discussed. Of course, that still requires people to stay on topic, which does not happen as much as it should . . .

MercantileSeptember 5, 2018 5:13 PM

" yet we appear powerless to stop it "

The EU seems to be doing something about it. Why not build on that?

Alyer Babtu September 6, 2018 12:04 AM

@Clive Robinson

rights for people

Rights seem always to be spoken of as if they were a starting point, but rights are secondary. Rights follow upon responsibilities, only granted so that responsibility can be fulfilled. How can anything be sorted out, how can the rational proportion between the individual and society be recognized, until responsibilities are clarified and understood ?

echoSeptember 6, 2018 4:34 AM

I finally read through some reviews. They don't say much but seem very favourable. I liked the FT review especially.

Stephen Pinker tweeted a link to a review.

https://twitter.com/sapinker/status/1037329791324770305

One thing I read a few years ago about publishing is authors tend to be verycooperative and encouage anyone to read anythign they want rather than trying to build walled gardens. The basic idea is there is enough to go around for everyone and that reading generates more interest in reading which is good for everyone.

@Alyer Babtu

Fundamental hum rights are assumed to exist universally. The principles of the European Convention are one example as is the Human Rights act which brings this into UK law. One persons rights may not be used as defence to impose on another persons rights. Beyond this I would veiw responsibilities as a more a contracttype of thing. The reason for this is if you begin treating human rights as a thing which is earned they are no longer human rights. They become negotiable depending on who has the biggest stick or incluence or control of resources which defeats the object.

Dave HoweSeptember 6, 2018 5:14 AM

Ok, on the bright side https://www.schneier.com/ch2ke.html now does /something/ - it redirects to https://www.schneier.com/books/click_here/ saying where you can buy a copy of the book you already have :)

Not the clickable copies of the urls the book said would be there, but better than a 404 I guess.

Was slightly amused by the irony of reading the chapter on the evils of DRM restriction - on a kindle, with an copy that is locked to that one, individual device and can't be read on any other :)

Clive RobinsonSeptember 6, 2018 5:44 AM

@ Alyer Babtu,

Rights follow upon responsibilities, only granted so that responsibility can be fulfilled.

Actually it's chicken and egg.

In the US they talk about "Inalienable Rights".

The definition of this is,

    Rights not subject to being taken away from or given away by the possessor.

That is the responsability lies not with the individual to be responsible for maintaining their rights, but with those who would seek to detract or nullify those rights.

The problem is that some types of rights do require responsability of both parties. The usuall example of this is where excercising your right may bring or be likely to bring harm to others. The two examples are "shouting fire in a crowded place when there is no reason to do so" and that of "attractive nuisance" where you fail to secure say a swiming pool on your property to prevent local children getting into it and potentially drowning.

What is less talked about is your rights and responsabilities under the genocide legislation. That is do you have or even are you required to neutralize a threat like a nuclear device in the hands of someone who has made it clear their intention is to destroy a city etc remotely. That is when you are not actively involved with your own self defence...

It is a slipper slope because it is that argument the US Govenment uses to excuse drone attacks in far away places that frequently kill many uninvolved people.

You can logic chop it any which way you like, but there can be no "set rules of engagement" with regards this. One of the failings the UK made was to prosecute soldiers in civilian courts. Put simply a cleaver lawyer will logic chop and cheese pare any which way they can to get a result including lying to a jury that has absolutly no concept of what it is like to be under fire etc.

Thus the UK Government willingly breached a fundemental human right, that is "To be judged by your peers". There is no way a jury of civilians who have never experienced combat can be the peer of someone who has been subject to it's preasures, stresses, and strains, day in and day out for months on end, without sufficient support or equipment.

HmmSeptember 6, 2018 1:57 PM

@Clive

Yes there are stresses of combat. But a competent jury can understand rules of engagement.

A soldier understands their orders. As far as deciding what is factual, a jury can accomplish that.

Your pretense that nobody in the civilian world understands combat may have some basis but regardless they can determine whether orders were followed, disregarded, or crimes committed. Yes they can and do.

echoSeptember 6, 2018 3:28 PM

@Clive

Sorry Clive I don't buy your argument. I can understand why you are saying this but this is the same line high ranking officers with access to the foghorn of the media have claimed in different words. If you put it around the other way that the old and helpless and women and children and others with no military experience find themselves on the receiving end of too much testosterone with no way out things begin to look different.

Understanding operates at different levels. Some of this is logical and some of it is emotional. In many cases this kind of thing is abused by people with power who bulldoze a person who is trying to grasp their own understanding, or used as a counter argument which again adds little to understanding just reinforces bully stick behaviour in the other direction.

Within the formality of courts alwyers will put these things over in their own way. This does lack somewhat so the deep background fo psychology and sociologyand philosophy, and other specialities and sub-specialities can be lost to the causual observer.

The fact that with these cases military action impacts civilians is on balance the reason and justification for these issues to be held within civilian not military courts.

If I were you I would also turn your attention to the lawyers essay quoted on this blog about AI and social systems. My sense is the writer is a lawyer who was overplaying his hand as lawyers are prone to do. I'm not eprsonally convicned he understood the issue of power versus ecosystem. Nor am I convinced he was saying wha the wanted us to believehe said. My sense was he was hedging his bets. If you were critical of his essay then I would be happier. The thing is I believe your criticism is misdirected because you should be looking deeper at what a lawyer is saying and how this effects things rather than the courts and body of law and cases which are being brought.

This needs explaining to the military including and especially the likes of Guthrie who in a military sense may be accomplished but has a narrow perspective and a brain on rails. He couldn't see the wood for the trees and the second he believed Brexit was an issue affecting the wellbeing of the military in his terms he became anti-Brexit. In contrast another officer, also ex SAS, had a different and broader perspectiveas I have indicated and without stepping beyond the boundaries of his military role took the view that leaving the EU was a bad idea.

Men can be very egocentric in love and war. Men's brains can also shut down for lots of reasons, usually because of emotional stress in one direction or the other direction. I think this is why a lot of men don't listen to women.

Anyway... I know what I'm saying.

JaimeSeptember 7, 2018 3:14 AM

Congratulations!

How come the Kindle edition is more expensive than the printed copy?!?

vas pupSeptember 7, 2018 9:54 AM

@Bruce: all three related to the subject
Could AI robots develop prejudice on their own?

https://www.sciencedaily.com/releases/2018/09/180906123325.htm

"Computer science and psychology experts from Cardiff University and MIT have shown that groups of autonomous machines could demonstrate prejudice by simply identifying, copying and learning this behaviour from one another.

It may seem that prejudice is a human-specific phenomenon that requires human cognition to form an opinion of, or to stereotype, a certain person or group.

Though some types of computer algorithms have already exhibited prejudice, such as racism and sexism, based on learning from public records and other data generated by humans, this new work demonstrates the possibility of AI evolving prejudicial groups on their own.

The new findings, which have been published in the journal Scientific Reports, are based on computer simulations of how similarly prejudiced individuals, or virtual agents, can form a group and interact with each other."
***

Machine ethics researchers help develop prototypes for animal-friendly machines:
https://www.sciencedaily.com/releases/2018/09/180906123357.htm

Semi-autonomous and autonomous machines and robots can become moral machines using annotated decision trees containing ethical assumptions or justifications for interactions with animals.

E.g. "Programming advanced driver assistance systems (ADAS) in terms of decisions they can make with respect to animals is the main focus of the Robocar design study. The study posits that ADAS should recognize warning signs for toad migration, hedgehog populations or deer crossings and adapt the car's reactions (emergency brake, reduced speed, etc) accordingly. In short, ADAS systems should identify such animals and animal species directly and react appropriately.

"Both robotics and computer science must be sensitized to animal protection and advocates for animal ethics should follow developments in robotics and artificial intelligences and should be involved in both," said Professor Bendel."

***
A tiny neuro-controller could provide more precise control of futuristic biobots such as cyborg cockroaches that are already being tested for use in search and rescue missions inside collapsed buildings.

https://www.sciencedaily.com/releases/2018/09/180906123302.htm

"The neuro-controller micocircuit developed at UConn is part of a tiny electronic 'backpack' that can be attached to the insect with its wires connected to the insect's antennae lobes. By sending slight electrical charges to neural tissue in either the insect's left or right antenna lobe, operators can trick the insect into thinking it has detected an obstacle, causing it to move in another direction. A charge sent to the right antenna makes a cockroach move left. Likewise, a charge to the left antenna makes it move right."

Clive RobinsonSeptember 7, 2018 11:26 AM

@ vas pup,

From the first article,

    Computer science and psychology experts from Cardiff University and MIT have shown that groups of autonomous machines could demonstrate prejudice by simply identifying, copying and learning this behaviour from one another.

It's actually kind of what you would expect a weighted goal seeking system with biased input to do.

In essence it's looking for the "clipped butterfly wings" solution which is almost always over sensitive to it's input differentials and thus needs to be artificially damped towards the output to gain stability, not oscillatory or "rail crashing" output.

echoSeptember 7, 2018 7:29 PM

@Clive, @vas pup

Instititional discrimination and other issues are fairly well known and difficult to prove. This resonates with some things I have heard about or exprienced. In some cases this definately is known but results are forced and the statistical outputs aren't questions as long as they meet expected averages. This puts a few clais of success of the system in doubt if the ins and outs are never questioned but used as evidence to justify the system when other external numbers not measured within the system suggest otherwise.

I'm sorry I'm being a bit vague and cryptic. #reasons.

Impossibly StupidSeptember 8, 2018 10:18 AM

@echo
"Instititional discrimination and other issues are fairly well known and difficult to prove."

Honestly, there should be no need to prove that; that should be the null hypothesis. There's nothing "human-specific" about statistically overfitting an incomplete data set, or finding a correlation without establishing a mechanism for causation.

That's why the whole idea of "click to kill" is so dangerous. It's bad enough to live in a world where algorithms get things wrong like that. Now we live in a world where those errors can automatically be pushed out into the real world at scale.

A Nonny BunnySeptember 8, 2018 2:38 PM

If you're going to buy it, please do so this week. First-week sales matter in this business.
I'll probably pre-order the paperback-version when it's announced, but this price is a bit too steep for me.

echoSeptember 9, 2018 5:58 AM

@Impossible Stupid

Yes, this "design pattern" of danerous objectbeing scaled up is a known known at every level. Success is additive and mistakes multiply. There are many bureaucratic and techncial examples, not to mention studies and reports yet this keeps happening especially where critical sign off is "political".

bureaucratic systems and the law can be very stupid attimes. One reason many miss for this stupidityis the system is, oddly enough, designed to be idiot proof. When you aredealign with a hugenumber of random people of different levels of skillsets and points of view the "standard" in theory is a minimum performance which, statistically, means everythign should even out predicatably. This "works"in many ways but comes with a huge number of disadvantages such as the inablity to manage exceptions or failures gracefully.

It is a fair guess many people on this blog know this from software development or engineering. Can you tell a lawyer, a doctor, a politician, and administrative official?

Thereare now very very few engoneers in the UK parliament and nobody I am aware of with software development experience.Since the decline of manufacturing the available pool of engineers has shrunk and the software industry traditionally has no involvement with election. The absense of these skillsets must have a qualitativeefect on governance for the worse.

WaelSeptember 10, 2018 9:13 PM

Kindle edition on my device(s) now. Hopefully I got it in time to count for the first week sales.

JG4September 11, 2018 7:26 AM


@Bruce - Sorry that I didn't make it yesterday. Any chance that the discussion was captured on video? It would make a nice link for their website.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.