RISKS-LIST: RISKS-FORUM Digest Friday, 8 January 1988 Volume 6 : Issue 6 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Engines Of Creation, Engines of Destruction (Eric S. Raymond) An Israeli virus (Mike Linnig) Getting into ATM rooms (Bob Larson, Fuat C. Baran) Power lines (Prentiss Riddle) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM. > > > > > > > > > PLEASE LIST SUBJECT in SUBJECT: LINE. < < < < < < < < < For Vol i issue j, FTP SRI.COM, CD STRIPE:, GET RISKS-i.j. Volume summaries in (i, max j) = (1,46),(2,57),(3,92),(4,97),(5,85). ---------------------------------------------------------------------- Date: 6 Jan 88 15:09:03 GMT From: cbmvax!snark!eric@RUTGERS.EDU (Eric S. Raymond) Subject: Engines Of Creation, Engines of Destruction I've just finished K. Eric Drexler's _Engines_Of_Creation_ and my brain-pan is bubbling with peculiar and fascinating thoughts. I'll list a few of them here, hoping to start off discussions in the appropriate newsgroups. People on USENET and the institutions they represent are likely to be at the leading edge of the nanotechnology revolution. If Drexler's estimates are anywhere near correct it's none too soon to start thinking about benefits, risks, costs and strategies. In arranging the questions below I have tried to order them by increasing 'softness', i.e. the extent to which answers must involve social and ethical judgement as opposed to matters of hard technical fact. I have cross-posted to many groups because the potentials and pitfalls of nanotechnology are so sweeping that multi-disciplinary thinking will be not only appropriate but utterly necessary. For some of the points below, I have indicated individual newsgroups where discussion may end up. 0. Is Drexler or the the Foresight Institute on the net? 1. Drexler claims that there are no fundamental physical limitations in the way of nanotechnology. He points at life itself as a feasibility proof. Is this appropriate? Might his smaller, "harder" nanosystems be critically vulnerable to thermal noise, quantum effects, background radiation? Can we estimate the mean frequency of disruptive events as a function of feature size, perhaps using data from soft errors in ICs as a baseline? 2. (comp.ai) Is his vision of the near-term potential of AI too sanguine? Without reopening the perennial theological debates on strong AI, what is the sense of experts in the field on the feasibility of the intelligent engineering assistants he sees as important for nanotechnology? Does an expert system for engineering design need the elusive "common sense"? What, if anything, can we say in advance about special problems or helpful structure of nanotechnology as a design problem domain? 3. (comp.risks) Drexler discusses countermeasures to the "Gray Goo" threat (i.e. the possibility of nanomachines programmed or misprogrammed to make copies of themselves without limit). In doing so, he picks what is perhaps the easiest disaster case to guard against, because it would become obvious very quickly, they aren't likely to be invulnerable to atomic weapons, and there would be few reasons not to nuke an expanding blob of the stuff. It seems that "invisible" nanoplagues would be far more dangerous (imagine a "vampire" replicator programmed to seek and destroy hemoglobin molecules, replicating only for some fixed period of time after finding one, and then seeking another host). What countermeasures against invisible nanoplagues can we imagine? Might analogies from biological warfare be helpful? 4. (comp.risks) Along the same lines: Drexler talks about "sealed labs" as development environments, advancing one concept design for a tiny nanolab surrounded by shells of diamond, explosives, thermite, etc. primed to destruct on tampering. What about tampering from the *inside*? Can we imagine trigger mechanisms that are reliable in the face of attacks by programmable nanomachines directed by someone who wants to crack the lab? (perhaps something could be done with isotopic abundances and dead-man sensors?). 5. Do combinations of nanoassemblers and disassemblers imply a practical capacity for matter duplication at the molecular level? If so, what of the possibilities for counterfeiting? 'teleportation' of complex objects? Might the duplicatable objects eventually include human beings? 6. Even with only partial matter-duplication, nanotechnology implies economic dislocations that will make the First Industrial Revolution (steam and steel) and the Second (computers) look like garden parties. It looks as though the valuables of the future will be human attention, design information, and elemental raw materials. Can we project the kind of economy this implies? How should we expect the stages of transition to it depend on plateaux of duplication capacity? 7. Even if economic change did not generally force social change, mature nanotechnology would imply some novel problems -- for example, might the huge increase in the Earth's carrying capacity due to assembler/disassembler technology lead to a Malthusian population explosion and the cannibalization and collapse of the natural biosphere? Or can we expect the explosion to take place into the rest of the Solar System? In view of our poor past record at protecting irreplaceable biomes against destructive development once it became economically feasible, is there reason to think we can solve the problem with social and legal controls this time? Do the special characteristics of nanotechnology suggest any technological fix? 8. What social changes can we project for coping with the huge increases in personal wealth (= power to manipulate matter and energy to taste) implied by nanotechnology? What do the effects of past increases suggest? Are these suggestions really applicable? 9. (talk.politics.theory) In theory, individuals owning self-repairing nanotechnological molecular fabricators could opt out of what remains of the material economy. Is this a recipe for a non-Marxian withering-away of the State? What happens to politics when 'redistribution of wealth' is as dead as high feudalism? Is this a recipe for anarcho-libertarian utopia? 10. What can we do *here* and *now* to accelerate and guide the development of nanotechnology (so that, for example, as many of us as possible can use nanomachine-based medical technology to choose to live healthy lives until accident or our own choices kill us). I hope to begin a continuing discussion of these issues. If volume is high enough to warrant it, I will volunteer to manage a mailing list and/or moderate a newsgroup. For the moment, I suggest that articles be cross-posted to misc.misc. Eric S. Raymond UUCP: {{seismo,ihnp4,rutgers}!cbmvax,sdcrdcf!burdvax,vu-vlsi}!snark!eric Post: 22 South Warren Avenue, Malvern, PA 19355 Phone: (215)-296-5718 [I have a feeling that responses might best go to Eric, letting him try to exert a little discipine over the discussion. PGN] ------------------------------ Date: Thu, 7 Jan 88 19:38 CDT From: Mike Linnig Subject: An Israeli virus From The Fort Worth Star Telegram's Startext Information Service: ( 1/07/88- 1:31 pm) Hebrew University computers sabotaged by electronic "virus' JERUSALEM (AP) -- A saboteur infected Hebrew University computers with an electronic "virus" that threatens to destroy thousands of files and wipe out years of research, a university employee said Thursday. "It is the most devastating thing we've ever come across," said Yisrael Radai, a senior programmer at the university's computer center. A "virus" is computer jargon for a self-propagating set of orders devised by a saboteur that spreads from one computer disk to another to cause mischief or harm. Radai said that soon after the virus was discovered last week, university computer experts developed an antidote to diagnose and treat it. But there is still a danger that many users will not learn they have been affected until it is too late. The virus threatened to wipe out research data, financial statements, ledgers, lists of students and other vital information compiled by administrators, teachers, and students. Radai said other institutions and individuals in Israel have been contaminated. In fact, anyone using a contaminated disk in an IBM or IBM-compatible computer was a potential victim, he said. The virus was devised and introduced several months ago by "an evidently mentally ill person who wanted to wield power over others and didn't care how he did it," Radai said. He said the saboteur "had to be very clever because he knew how to write directly into the disk controller and evade the computer's ordinary safeguards." The saboteur exploited a standard programming technique to insert the virus into the computer's memory, said Radai. The computer infected all disk files exposed to it and they, in turn, contaminated healthy computers and disks. Radai said the saboteur's target date to wipe out the files was Friday, May 13, 1988. Unless computer users apply the antidote developed by the university, they will lose disks afflicted with the virus on that day. Meanwhile, the saboteur decided to wreak some minor havoc. His virus ordered contaminated programs to slow down on Fridays and the 13th day of the month. But the prank was the first obvious indication something was wrong with apparently healthy computer disks, said Shai Bushinski, a self-employed computer expert knowledgeable about the virus. Another clue was derived from a flaw in the virus itself. Instead of infecting each program or data file once, the malignant orders copied themselves over and over, consuming increasing amounts of memory space. Computer experts noticed that supposedly static programs were inexplicably growing in size and launched a search for the cause. Bushinsky said experts isolated the malignant commands, which appeared in easily decipherable assembly language. Within a few hours three university computer experts devised a two-phased program, called "immune" and "unvirus," which tells users whether their disks have been infected and applies an antidote to those that have. Bushinsky said the computer virus was a new and dangerous development in the computer world that could penetrate military, industrial and commercial data systems. "It might do to computers what AIDS has done to sex," said Bushinsky. "The current free flow of information will stop. Everyone will be very careful who they come into contact with and with whom they share their information." [Also noted by Gene Spafford, spaf@purdue.edu, who read it in the 8 Jan 88 Lafayette Journal and Courier, under the title "Computer virus' potential horrifies experts.] ------------------------------ From: blarson%skat.usc.edu@oberon.usc.edu (Bob Larson) Subject: Re: getting into ATM rooms -- Play-Safe: it could save your life Date: 8 Jan 88 03:51:50 GMT Organization: USC AIS, Los Angeles USC uses similar card readers to control access to restricted parking areas. Frequently, any card can be used to open them. (They just fixed most of them again.) I've also heard that quarters no longer work in place of tokens as the other way of getting in. (The tokens are for delivery men, etc.) Bob Larson blarson@skat.usc.edu Uucp: {sdcrdcf,cit-vax}!oberon!skat!blarson Prime: info-prime-request%fns1@ecla.usc.edu oberon!fns1!info-prime-request ------------------------------ Date: Fri, 8 Jan 88 14:20:23 EST From: Fuat C. Baran Subject: Re: getting into ATM rooms -- Play-Safe: it could save your life In New York, Citibank's doors at their banking centers will only open if you have a valid Citicard. There is a noticeable delay between the time when you insert the card and when the door buzzes open. On the other hand, all NY banks that are a member of NYCE (New York Cash Exchange), Cirrus, etc. have card readers in their doors that will accept practically any card with a magnetic stripe on it. --Fuat ------------------------------ Date: Thu, 7 Jan 88 23:36:21 cst From: woton!riddle@im4u.utexas.edu To: im4u!risks@csl.sri.com Subject: Power lines Although the more prominent health controversy these days is indeed about high-voltage long-distance power lines, there are also wild stories circulating in what might be called "New Age" circles about the risks to health posed by ordinary household AC. The last person to lecture me on the subject claimed that AC disrupted the body's natural "electromagnetic system," a system which is ignored by Western medicine but on which acupuncture is based. She also claimed that the problem is only found in the U.S., since in Europe they use DC, not AC (sic!). The solution she offered was to live in the country in a house with minimal electrical appliances and to sleep with your body pointing north (?) in order to be in line with the earth's "electromagnetic fields." I have no idea whether or not there might be some actual basis in fact for these concerns, but the people raising them usually wrap them in such mumbo-jumbo that it's hard to take them seriously. This is sad, since I am a firm believer in the possibility that there are risks which become ubiquitous in industrial civilization before we pay them much attention. (For instance, can anybody tell me what my eyesight will be like when I'm sixty-five and have been squinting at CRTs on a daily basis for 50 years? And I expect that future generations will scarcely believe our stupidity in dealing with toxic and nuclear wastes and the immense quantities of plastics and other less toxic but non-biodegradable waste which we churn out every day.) Unfortunately the people who raise such concerns sometimes seem to be those who will believe *anything*. Prentiss Riddle Opinions expressed are not necessarily those of Shriners Burns Institute. riddle@woton.UUCP {ihnp4,harvard}!ut-sally!im4u!woton!riddle ------------------------------ End of RISKS-FORUM Digest ************************