This part contains Winn Schwartau’s summary on what could be done to reduce the destructive impact of technology weaponization and other types of abuse.Swarming and self-organization. Is everybody familiar with John von Neumann’s Automaton theory? Quick brief comments, simple rule set: if I am here, in one second move here, next second, move here – that’s the entire rule set. Now you take 20,000 things pulled together with the same rule set, what happens? Is it predictable? No, unpredictable chaos.
Now, has anybody read Michael Crichton’s book Prey? If you haven’t read it, read it, because it takes this concept very well. It’s a little science fiction-ish, it looks into the future. What happens when we introduce chaos into the systems? Can we actually do it? And using exceedingly simple rule sets, which means one or two lines of code, I can introduce chaos. This is an emerging theory. What happens if I introduce that instead of trying to steal your data? The spam message is hostile and it has an Automaton chaos trigger. What happens? I don’t know the answer because it’s unpredictable – I know it’s not good. How many people are really studying this? Unfortunately, not enough, because it is in the realm of mathematics, it’s in the realm of unpredictability, chaos theory – they all get into this mysterious area that you don’t understand. But we really need to start understanding that there is going to be a problem.
As we approach the singularity more and more, as the technology gets more and more powerful, introducing chaos will be done by accident. How do we know this? Windows 2000 never crashed. Windows 2000 was a fundamental achievement. It was 64 million lines of code, and we, the world, were the beta testers. I remember Microsoft tested it for 10,000 hours. Let me do the math: 50 million users, 1 week, 2 billion hours, and suddenly we’re the beta testers. The same concept is here. Can we pre-beta-test with modeling ahead of time?
Does anybody remember when we actually had real, honest to God, computer security? Is anybody old enough to remember? The only security system in the world that was ever rated A1 was in the early 80s and was called something like “secure operating mainframe protocol”, I don’t remember exactly. The way that security used to be done before it got fizzled down to the world that we’re in of self-organization and chaos in complex systems – was mathematical formalization. There were really massive formulas you could work out proofs, mathematical proofs that all of this stuff was actually going to be secure and was actually going to work. We don’t do that anymore because things had gotten so complex. As complexity increases, security goes down, and chaos is automatically triggered into these systems. We’ve got to really start investigating this stuff.Bio-chem, same concept; my first experiment with my chemistry set when I was 5 was the first thing I built – hydrogen sulfide! It was a bomb – of course. And then my mom was really mad at me. And we’ve all done it. Now, what are we able to do today? Labs have gotten really sophisticated. We have distributed technology. I’m nowhere near this stuff at all, but I do know that we need to be addressing defensive postures against some of the capabilities that are built in the open source arena.
Same thing with the DNA. Chupacabra down in Puerto Rico was obviously made by the NSA as an experiment with alien breeding. When this technology hits open source and becomes a 50-dollar item, what’s going to happen? I don’t know the answer, but I hopefully will see. I don’t want to die by that. It’s probably not going to be pleasant, as we’re seeing more and more of this kind of magic occurring.
Batteries: finally batteries are getting really cool. We can have distributed non-grid, off-the-grid-style power. That’s awesome for us. What about bad guys? When the bad guys get off the grid, looks like they’re going to make our job one hell of a lot harder, because they’re going to have access to the same off-the-grid technologies that we do. It makes building stuff in caves a hell of a lot easier. It’s a fundamental change in how we’re going to have to look at defensive postures by using technologies that the bad guys are going to have access to as well.All sorts of possible answers, and I’m happy to make this slide (see right-hand image) available to anybody. Don’t forget: we, the US, are only 4% of the population. Our laws are like a town sheriff in the South who wants to harass speeders from the North. We are a local board when it comes to legality globally. It’s never going to work at all.
Classifying – that’s always worked in the past too, right? Maybe, some of you guys have actually had technologies picked up by DOD or those guys. I think we need to be completely open source with this entire arena.
Do we turn ourselves into a police state? Again, we’re only 4% of the planet. Are the bad guys going to have access to this stuff? This is the fundamental issue that we have totally ignored until China really came along.
And then coming down scared shitless… Carrington Effect. If you don’t know the Carrington Effect, please google it. What happens if coronal mass ejection actually hits the Earth? All studies on this are absolutely correct: low probability, high impact, the entire planet shuts down for 18 months. For 18 months the planet is off. How do we defend against it? Yes, we can. The defense against it is to have a graceful degradation model, because we have a 7-hour warning. If the CME and the angle of the dangle is correct, turn the planet off. Unload every transformer in the world is the only protection against this. Can it be done? Yes. Will it be done? No, because we’re going to get politicians involved to “help” us.So, my answers: develop offense and defense at the same time, get rid of the existing internet IPv4 and IPv6, build something else. Learn how to turn shit off and still have capability, some level of capability as you turn your shit off. And keep in mind: we’re the ones who fucked this up. We gave the users a hell of a lot more. Would we ever give a user a 777 cockpit to drive down the highway? We’re giving them complex stuff to screw up. We keep blaming the users, but it’s our fault. We’re giving it to them, and it’s our fault for never looking into the bad side of technology before we deploy it, otherwise DoS would never have taken off.
Thank you very much!