Thursday, March 23, 2017

reply to question about US control of its ICBMs and IOT in general

One of my friends had a question about the US control of its ICBMs. Unfortunately, this is not just an academic question, given how various scenarios might play out with North Korea. My reply yesterday:
For about ten days, I am supposed to be in crash mode, thinking of nothing but the future of IT, for service to folks doing planning in Silicon Valley. (I am reminded of how resulted from a similar crash effort to be of service to Chile solar power people. How much did they really benefit? Not yet final.) 

But as I try to wrestle with those issues, I realize how much more sense it would make to be brainstorming WITH someone else capable of following the train of thought. So I am glad you asked a relevant question, but hope you don't mind if I bend it around a bit.

First, I should confess that I have no idea just what the connections are like between US ICBMs and the Internet. Maybe my daughters know more about that kind of thing than I do, but I probably shouldn't ask them. Is wireless any safer than internet? Is there an optimal way to combine the two, so as to enhance security vis-a-vis just one?

For any "thing" attached to internet, there are three main questions I have been asking:
(1) How secure is the operating system? Does it yet obey the impossible-to-recontrol but available-for-proper-observation approach I proposed in The need to forcefully and more perfectly get rid of ALL control back doors is an urgent need now for electric power generators (which I know about much more than ICBMs), but if the same leaks which suddenly now endanger generators also endanger ICBMs... well, that would make my recommendations a whole lot more urgent ... what was a tolerable risk before the leaks no longer is. (And in truth, it's not just leaks; it's the technology and infrastructure which lets people find backdoors.) 
(2) Ditto for the communication system. I have not written a proposal for the communication system parallel to the operating system proposal, for many reasons -- and I have not cogitated on what it would be or even written down notes. It is a huge issue, in part because there are more dimensions to communication system security. Levels of quantum computing and of quantum communication are part of the issue, but certainly not the only part. I certainly remember a hearing on power grid cybersecurity in 2009 at Senate Commerce Committee (probably still posted in video on the committee website) where the guy who runs AT&T wireless said basically "just forget it" if you were considering use of wireless and needed a high level of assurance. (By the way, I also remember how it was unpleasant for me to enter the hearing room, because of how strict the usher was about not letting people in the room who had coffee even with a proper lid; it is funny because that usher turned out to be nonpartisan committee staff, not just an usher, and I later worked with him a little for a few years, until the FBI imprisoned him for the crime of telling people it would help the country if they donated money to Democratic campaigns in Wisconsin.) 
(3) But what of the overall integrative management/control system, the high level cybernetics? Probably that's all a rather fixed algorithm for these particular missiles,
but for the more general case ... there are various types of market model and teleautonomy model which would be better than the new [...] top vision trying to reinvent our stereotypes of the Red Army with one-actor control. But they have problems. Above all, could ANY IT design save us from ourselves when the people themselves go unstable to a hopeless degree? Autonomy and the higher level control structure also become more major issues when we think about autonomous drones, using neural networks to decide who is a proper target. 


So I am struggling to try to think coherently about such things this week. If you have comments, or important points I should keep in mind, please don't hesitate...

No comments:

Post a Comment