[ExI] double plus good article by dan geer: the internet is no place for critical infrastructure

spike spike at rainier66.com
Thu May 30 14:27:34 UTC 2013

WOW what a GREAT article!




Do check out the summary:



Risk is a consequence of dependence. Because of shared dependence, aggregate
societal dependence on the Internet is not estimable. If dependencies are
not estimable, then they will be underestimated. If they are underestimated,
then they will not be made secure over the long run, only over the short. As
the risks become increasingly unlikely to appear, the interval between
events will grow longer. As the latency between events grows, the assumption
that safety has been achieved will also grow, fueling increased dependence
in what is now a positive feedback loop.


Spike comment:  Any phenomenon described in terms of feedback loops will
resonate with all controls engineers everywhere.  {8-]  What Geer is
describing sure as heck looks to me like simultaneously suppressing negative
feedback and creating positive feedback, a sure path to eventual instability
and catastrophic failure.  Check out the rest of the summary:


.If the critical infrastructures are those physical and cyber-based systems
essential to the minimum operations of the economy and government, and if
leading cyber-security operational management says risk is growing steadily,
then do we divert more of our collective power to forcing security
improvements that will be sharply diseconomic, or do we preserve fallbacks
of various sorts in anticipation of events that seem more likely to happen
as time passes?

Does "use it up, wear it out, make it do, or do without" have any meaning
for us? Is centralizing authority the answer, or is avoiding further
dependence the better strategy? Can we imagine starting over in any real
sense, or is balkanization not just for nations but for critical sectors as
well? Is the creative destruction that is free enterprise now to be focused
on remaking what are normally the steadying flywheels of American society,
by which I mean government and other capital-intensive industries? Do we
celebrate the individual who still prefers to fix things he or she already
has, or are those individuals to be herded into national health information
networks, Smart Grids, and cars that drive themselves?




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.extropy.org/pipermail/extropy-chat/attachments/20130530/2eb2ade6/attachment.html>

More information about the extropy-chat mailing list