[ExI] double plus good article by dan geer: the internet is no place for critical infrastructure

Adrian Tymes atymes at gmail.com
Thu May 30 15:58:03 UTC 2013


On Thu, May 30, 2013 at 7:27 AM, spike <spike at rainier66.com> wrote:

> WOW what a GREAT article!****
>
> ** **
>
> http://queue.acm.org/detail.cfm?id=2479677****
>
> ** **
>
> Do check out the summary:****
>
> ** **
>
> *SUMMING UP*
>
> Risk is a consequence of dependence. Because of shared dependence,
> aggregate societal dependence on the Internet is not estimable. If
> dependencies are not estimable, then they will be underestimated. If they
> are underestimated, then they will not be made secure over the long run,
> only over the short. As the risks become increasingly unlikely to appear,
> the interval between events will grow longer. As the latency between events
> grows, the assumption that safety has been achieved will also grow, fueling
> increased dependence in what is now a positive feedback loop…****
>
> ** **
>
> Spike comment:  Any phenomenon described in terms of feedback loops will
> resonate with all controls engineers everywhere.  {8-]  What Geer is
> describing sure as heck looks to me like simultaneously suppressing
> negative feedback and creating positive feedback, a sure path to eventual
> instability and catastrophic failure.
>

Unfortunately, the logic does not hold.

For "the Internet", you could substitute "the weather", "gravity",
"physical security of the US" (9-11 was a classic case of such
an event, when the risk was underestimated), or any of a long
list of things where safety is mostly assumed.  Note that the
above logic dismisses any possibility of an analysis proving
things secure, and instead assumes that if we depend on it,
it's insecure, with logic that does not care which "it" it applies
to.

Seriously.  How do we "know" the sky won't be blanketed with
ash by a supervolcano tomorrow?  Because there has been a
long latency since the last such event.  According to the above
analysis, no other factor is relevant.

Is centralizing authority the answer, or is avoiding further dependence the
> better strategy?
>

No.  That is to say, the optimal strategy is neither of the above.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.extropy.org/pipermail/extropy-chat/attachments/20130530/72c0976a/attachment.html>


More information about the extropy-chat mailing list