| |||||||||||||
Doctorow: The coming war on general-purpose computationDoctorow: The coming war on general-purpose computationPosted Dec 31, 2011 20:22 UTC (Sat) by ibukanov (subscriber, #3942)Parent article: Doctorow: The coming war on general-purpose computation
I think that is overreaction to a political development in US. Surely a congress can and will establish stupid laws that would try to scare public against using a general purpose computation devices just to please their corporate sponsors. But those laws would be unenforceable from the day one and would just fail the same way the Prohibition failed.
If anything, the real problem is that we have way too many general purpose computers in unexpected places. Like, for example, a remotely-controlled light switch that can be hacked to induce epilepsy via quick flashes and when the manufacturer has absolutely no responsibility for that as modern laws blame the hacker, not the person how allowed for hacks in the first place.
(Log in to post comments)
Doctorow: The coming war on general-purpose computation Posted Dec 31, 2011 21:26 UTC (Sat) by dlang (✭ supporter ✭, #313) [Link]
> Like, for example, a remotely-controlled light switch that can be hacked to induce epilepsy via quick flashes and when the manufacturer has absolutely no responsibility for that as modern laws blame the hacker, not the person how allowed for hacks in the first place.
I actually think that in this case the hacker is the person who should be blamed and held liable.
blaming the manufacturer for not making it impossible to hack the device is exactly the wrong thing to do.
Doctorow: The coming war on general-purpose computation Posted Dec 31, 2011 21:51 UTC (Sat) by ibukanov (subscriber, #3942) [Link]
If a house that you live in has a hidden backdoor that were put by the builder for convenience (who claimed that he made a safe house) and that was used during a robbery, would you blame only the robber?
Doctorow: The coming war on general-purpose computation Posted Dec 31, 2011 22:06 UTC (Sat) by dlang (✭ supporter ✭, #313) [Link]
if it is a deliberate backdoor designed to allow people to get in the system, and it is kept hidden, then you have malfeasance on the part of the manufacturer.
If the backdoor is not secret, it may be a great thing to have.
but in any case, the criminal act is the exploiting of the backdoor, not the creation of it
and simple flaws in the code that end up being able to be exploited, but were not put there deliberately may be carelessness on the part of the manufacturer, but are not malfeasance
Using a real-world example, the continual flow of flaws in Microsoft products should not make Microsoft liable for hackers, but this sort of track record should make people opt to choose a different OS that does not have this track record.
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 2:30 UTC (Sun) by ibukanov (subscriber, #3942) [Link]
> but in any case, the criminal act is the exploiting of the backdoor, not the creation of it
IMO the creation of the backdoor that the owner of the house is not aware of is bigger ethical problem than the theft itself. But criminal laws almost never follows ethic this days.
> the continual flow of flaws in Microsoft products should not make Microsoft liable for hackers,
Well, there is a difference in expectations. When I buy a light switch I assume that I get just that, a light switch. I presume if I follow instructions and do not do stupid things with it it should just work and do no harm. In particular, I expect that I do not get a backdoor that can be used to kill me.
With MS products at least I know that I get a general purpose computer and formally I must accept those licensing disclaimers of any responsibility. Still I think the current software industry is getting way too easy with those disclaimers in products that cost money.
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 8:34 UTC (Sun) by dlang (✭ supporter ✭, #313) [Link]
what is the difference between a 'backdoor' that is unethical and 'hacker friendly' (in the good term of hacker) that allows the owner of the device to modify it to do useful things that the manufacturer never thought of?
you may only want the light switch to be able to be controlled by the authorized remote, but I may buy the same switch with the intent of controlling it with my computer (for all sorts of reasons)
this is why it's really dangerous to take the attitude that capabilities or functionality is 'evil' and needs to be suppressed instead of going after the people who do bad things with it.
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 12:15 UTC (Sun) by ibukanov (subscriber, #3942) [Link]
> what is the difference between a 'backdoor' that is unethical and 'hacker friendly' (in the good term of hacker)
The difference is simple - when I buy a light switch I expect to get just a light-switch, a device with a clear defined functionality that works just like that - a light switch. If I want a general purpose computer that happens to be able also turn on and off light, I will look for that.
> this is why it's really dangerous to take the attitude that capabilities or functionality is 'evil'
Capabilities are not evil, the failure to state them in clear and ability to completely shred responsibility in case of harm is.
> and needs to be suppressed
I have not suggested to suppress anything, I just want clear statement that a particular device is not a light switch, cannot be advertised as such and that the manufacturer has absolutely no responsibility if the device does something else besides switching the light.
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 22:01 UTC (Sun) by dlang (✭ supporter ✭, #313) [Link]
how do you define what an acceptable level of being locked down is?
the light switches that you are talking about were never intended to be general purpose devices, and arguably are not. but it's impossible to create a remote control switch and then make it impossible for it to be abused.
If you want a disclaimer on products that they may be used for something else and the manufacturer bears now responsibility for the product being abused, all that you will achieve is the addition of one more paragraph of fine print in the product documentation (and are you really sure there isn't such a statement in the product documentation now?)
this is like the California Law that requires that all buildings that contain potential Cancer causing chemicals to have a sign on the doors stating "this building contains chemicals known to cause cancer", every building I have seen contains such a statement, so it's completely worthless
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 22:33 UTC (Sun) by ibukanov (subscriber, #3942) [Link]
> how do you define what an acceptable level of being locked down is?
I do not want to define any such level. But I do want the manufacturer to bear the full responsibility if the device can be hacked remotely and used beyond its stated area of operation. The manufacturer should not be able to waive that responsibility using a trick like of calling a device a general purpose computer that happened to be able to turn life on/off if such devices is marketed as a specialized device.
> (and are you really sure there isn't such a statement in the product documentation now?)
Not in a wireless light switches that are sold here in Norway.
> the California Law that requires that all buildings that contain potential Cancer causing chemicals to have a sign on the doors stating
Those laws are useless indeed. What may work is a law that states that if a building uses materials that have not been on the marked for, say, 50 years, then the builder should be responsible for any health-related problems that they may have caused.
Doctorow: The coming war on general-purpose computation Posted Dec 31, 2011 22:31 UTC (Sat) by drag (subscriber, #31333) [Link]
> But those laws would be unenforceable from the day one and would just fail the same way the Prohibition failed.
No.
I think that such laws would actually be very successful. The same way that the war on drugs is very successful.
The problem here is one of perception. If a person assumes that the the purpose of the war on drugs was to actually stop people from using drugs, then it's a failure.
However if you take the approach that the purpose of the war on drugs is to; erode civil liberties, vastly increase the size and scope of law enforcement, create numerous lucrative opportunities to profit from political corruption, create new and very profitable multi-billion dollar industries funded by involuntary payments from the general public, oppress and restrict minorities, exert political control and pressure on other countries in North and South America, create funding sources for CIA operations abroad, and create new subclass of American citizens without the ability to vote or carry firearms (among other things).... then the war on drugs is incredibly successful on all counts!
Beyond a doubt, then, the 'war on drugs' is one of the most successful government policies in the late 20th century.
Just like the 'war on terrorism' is shaping up to be one of the most successful government policies of the 21st.
The reality is that the true purpose of government laws governing the internet, like SOPA, is that they want to be able to control and monitor then ability for citizens to communicate with one another and control wide-spectrum political speech. Just like how they are able to control it on television and radio.
Doctorow: The coming war on general-purpose computation Posted Dec 31, 2011 22:48 UTC (Sat) by raven667 (subscriber, #5198) [Link]
Wow, that sounds like a lot of mustache twirling. Aside from the lobbying from the prison industry to drive more business, I would call the rest of your points unintended consequences. Of course where these consequences benefit someone they are not likely to work very hard fixing them and the citizenry who is most affected by the negative consequences is not organized enough to fix it. Just because someone figures out how to benefit doesn't mean they caused the conditions.
UN-intended? Posted Jan 1, 2012 12:38 UTC (Sun) by gvy (guest, #11981) [Link] > I would call the rest of your points unintended consequences.You might feel like skimming over Zion's Elders' Protocols (yeah, conspiracy and all that) to have a better guess at "unintended" -- e.g., No. 17 is directly concerning this thread. It's been hastily and then thoroughly disclaimed but the fact is that the text was either written by a genius foreseer -- or was actually an overheard genuine plan. I'm yet to see another workable explanation for the observed correlation being a honest scientist. Still, care for FEMA camps -- the folks unhappy with general purpose computations and communications are unhappy with conscious general public in the first place. It is not the devices who decide but humans.
UN-intended? Posted Jan 1, 2012 19:23 UTC (Sun) by Corkscrew (subscriber, #65853) [Link] Dude, the Protocols of the Elders of Zion are a pastiche of every penny-dreadful villain in existence at the time they were forged. The author did not need to be a "genius foreseer"; he just needed to write a list of everything that could go wrong with a country and then find a way of blaming a hated ethnic minority for it (or simply imply that a link existed - e.g. #17 does not actually give any implementation details). The reason it sounds convincing is a little thing called "confirmation bias": basically, if you throw out enough statements, people will only remember the "hits" and forget the "misses". This is one trick TV psychics use to dupe their audiences. You might as well look at the recent pace of technological progress and blame Syndrome from The Incredibles.
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 17:09 UTC (Sun) by drag (subscriber, #31333) [Link]
>Wow, that sounds like a lot of mustache twirling.
Maybe. But facts are facts.
> Aside from the lobbying from the prison industry to drive more business, I would call the rest of your points unintended consequences.
Whether or not they are unattended consequences is a exercise for academics and historians. But don't fool yourself, they are the consequences and that is what matters. We can't judge laws by what they intended to do, but only what they actually accomplish.
Doctorow: The coming war on general-purpose computation Posted Jan 3, 2012 14:20 UTC (Tue) by Nelson (subscriber, #21712) [Link] We can't judge laws by what they intended to do, but only what they actually accomplish.Actually, you have to judge the intent too. How else do we make better laws in the future? Or are you simply jumping to your logical conclusion by ignoring the intent and that legislation just doesn't work, period, and cannot work. (Maybe it's not your position but there are some anarchists and certain civil lib types that do feel that laws cannot work beyond maybe natural law) That's part of what we want judges to do, interpret the laws. There are bad laws and good laws. There are unintended consequences and then there are intentional loop holes.
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 2:43 UTC (Sun) by ibukanov (subscriber, #3942) [Link]
> The same way that the war on drugs is very successful.
I suspect that the reason that the war on drugs has not failed yet is that the drugs it supposes to fight are not as widespread as alcohol consumption. With the Prohibition the scale of law violation was much bigger. So I would give SOPA max 10 years or so before the tech industry in US finds it such a pain so it would bye the politicians to abolish it.
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 17:34 UTC (Sun) by drag (subscriber, #31333) [Link]
> I suspect that the reason that the war on drugs has not failed yet is that the drugs it supposes to fight are not as widespread as alcohol consumption.
You are probably wrong about that. Most people have no idea how vast illicit drug sales are on a world wide business.
Right now it's _VERY_ safe to say that the international drug trade dwarfs the international trade in steel and textiles.
> So I would give SOPA max 10 years or so before the tech industry in US finds it such a pain so it would bye the politicians to abolish it.
No. This will likely not happen. The only hope we have is that we can apply political pressure right now to prevent SOPA from passing. The way the system is setup is that it's nearly impossible to get rid of laws once they are passed.
One thing you have to keep in mind is that law enforcement for these things is not like email filtering rules or something like that. There is no blanket application of the rules that affects all people and all situations. Laws are very selectively applied and this is done by design. The government would not be able to function properly without it. So you cannot depend on financial damage to internet industries to provide pressure to eliminate the law. The law will be selectively applied in order to avoid this fallout.
This is very common in financial laws. Every time a economic crisis comes along the politicians tend to pass a lot of laws and rules in order to appear that they have the ability to control the situation in some manner. These laws require bureaucratic upkeep... departments need to be financed to check compliance, prosecution and courts need to be financed, etc etc.
So these laws typically have fuses or time limits built into them in the form of budgetary controls. The congress will provide financing for 3 or 5 years and then after that they will need to pass another bill to pay for the enforcement. If at the end of that time period the uproar has died down then congress will just not pass a new bill and the enforcement of the law will die off.
This is VERY common. This is typically how it has worked for about 70 or 80 years now.
In the case of SOPA it will exist as a 'Sword of Damocles' hanging above the head of anybody that runs a popular blog, tries to engage in serious political debate, or engages in competition with a politically connected media corporation.
On the face of it the law is lubricious. The idea that somebody posting in the comments or forums on a website could post a link to a video and have that website shutdown based on a simple accusation is insane. It seems like it's unmanageable and poorly designed.
But the goal of the law is not to punish websites for having stupid users that violate the terms of the website.. it's just a tool that can be used to apply pressure to organizations that want to 'rock the boat'.
Doctorow: The coming war on general-purpose computation Posted Jan 3, 2012 7:37 UTC (Tue) by ekj (guest, #1524) [Link]
Furthermore, selective application moves power from those who in principle should decide law (elected politicians) to others (lobby-groups, private investigators, police-officials).
And that is a major danger of "everyone is guilty but few are prosecuted" type laws. They give those with the power to decide who to investigate enormous power. Afterall, if everyone is guilty, this means the power to decide who is investigated is, essentially, the power to select who is punished.
Copyright law is probably the most grave example currently. I would guess that 80%+ of people in the 15-35 age-bracket are guilty of violating it during the last year, especially in those jurisdictions where there's not even an exemption for copying for private use. Yet a miniscule fraction of these people are ever prosecuted.
The ones who decide who is investigated, can thus more or less choose to point at any random young person, and have excellent odds of ruining that persons life, if they so choose. And that's not a good situation.
It would actually be an advantage if *all* (or atleast a substantial fraction) of copyright-infringement where prosecuted: this would make the craziness visible, and I suspect the end-result would be an adjustment to make the law itself substantially more sane.
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 3:08 UTC (Sun) by JoeBuck (subscriber, #2330) [Link] "I think that is overreaction to a political development in US."If only it were so. Doctorow is a Canadian, and his talk gives many examples of horrible Canadian and European laws, as well as international treaties. It's disappointing how many folks outside the US think that the copyright wars, and the broader wars on computation, are solely an American problem.
Doctorow: The coming war on general-purpose computation Posted Jan 5, 2012 22:43 UTC (Thu) by jmorris42 (subscriber, #2203) [Link]
> But those laws would be unenforceable from the day one and would just fail the same way the Prohibition failed.
Not at all. It could be done. Imagine a requirement that all computers be 'Trusted' environments and that only duly licensed 'Software Engineers' could be permitted access to the signing keys to create software that runs on bare metal. Mere mortals could still be allowed javascript and little VB things in spreadsheets so long as the sandbox didn't allow any interesting things to be done.
Would that work? No in the sense that there are billions of unsecured processors in existance and a lot of C compilers. Yes in the sense that once the Internet would only allow trusted devices to connect those legacy computers would be all but useless. Yes in the sense that while few schools still teach programming to kids now, in that world none would. Yes in the sense that while they probably couldn't outright ban sale or possession of the K&R book to unlicensed programmers, few booksellers would stock it so good luck getting a copy. Worse is that in a generation almost nobody would WANT to obtain a copy because they wouldn't even know why they would want to.
Doctorow: The coming war on general-purpose computation Posted Jan 5, 2012 23:24 UTC (Thu) by ibukanov (subscriber, #3942) [Link]
> No in the sense that there are billions of unsecured processors in existance and a lot of C compilers.
So far the tendency was to get less secure systems, not more. So I am rather "optimistic" that in future there would be more devices that could be hacked and turned into general purpose computers, not less.
> Yes in the sense that while few schools still teach programming to kids now, in that world none would.
Among people I know the best programmers are those who learned programming on their own when they were kids sometime even despite pressure from the parents. Like writing a program on a paper under the blanket with a flash light at night. And if programming would be prohibited for general public, it would give even more reasons for kids to try.
So these days I do not worry that much about SOPA and other stupid and harmful laws that are written by a particular lobby. What really upsets me is that the lawmakers have the power to force such laws on everybody else. I.e. big government and big corporations eroded the free society even in US...
What makes you so optimistic? Posted Jan 6, 2012 0:24 UTC (Fri) by khim (subscriber, #9252) [Link] So far the tendency was to get less secure systems, not more. Not where people are serious about "trusted computing". 15 years ago game consoles protection was circumvented easily and loophole closure was basically impossible without hardware reissue. 10 years ago you needed to periodically update your modchip - but these problems surfaced rarely and you basically had months of "easy" life separated by weeks of "problematic time" where latest and greatest games were uncopyable. Today on PS3 it's more like weeks if "easy" life (where you can play all available titles) and months-long "problematic times". And network play is basically impossible with pirated software on both XBox360 and PS3! So it's quite possible to create working "trusted computing" scenario for network-attached computers... and if you'll not be able to physically attach "untrusted" computers to network... nightmare scenario described above is more real then you think..
What makes you so optimistic? Posted Jan 6, 2012 2:16 UTC (Fri) by ibukanov (subscriber, #3942) [Link]
The trusted computing just shifts the attack focus. Sony could not keep access to PS3 account information secured. I suppose it is only a matter of time when somebody manages either to get access to their master private keys or to replace the firmwire update with a custom code on their central servers.
Besides, there are devices where the business model is not based on selling locked hardware cheaply and provide expensive software. In those cases there is little incentives to keep the hardware secure.
This is where government steps in... Posted Jan 6, 2012 8:24 UTC (Fri) by khim (subscriber, #9252) [Link] I suppose it is only a matter of time when somebody manages either to get access to their master private keys or to replace the firmwire update with a custom code on their central servers. This already happened. SONY promptly sued GeoHot and others and now we are back on square one. Number of people who can crack "trusted computing" is small, but yes, they do exist. If it's just "some company vs everyone" contest then it does not matter: you only need to crack protection once. If law is on your side then you can remove these people from the population (one way or another: physical removal is the last resort, obviously) and then "trusted computing" works. Besides, there are devices where the business model is not based on selling locked hardware cheaply and provide expensive software. In those cases there is little incentives to keep the hardware secure. Again: government can easily change the rules and make these devices unprofitable. "Trusted computing" in a free world can not work - it violates the basic principle: you can fool some of the people all of the time, and all of the people some of the time, but you can not fool all of the people all of the time, but government intervention can make it work. And we are talking about laws here, so...
This is where government steps in... Posted Jan 6, 2012 8:57 UTC (Fri) by ibukanov (subscriber, #3942) [Link]
> Again: government can easily change the rules and make these devices unprofitable.
This nicely allow to repeat my opinion: the Prohibition tried to make selling alcohol unprofitable. It did not work and was reversed. I assume the same will eventually happens with SOPA as the amount of black market for devices that allows unrestricted access to cheap entertainment would be even bigger than the black market for alcohol. Especially given that compared with alcohol people would not see or feel the bad effects of using those devices.
Nope. There are huge difference. Posted Jan 6, 2012 13:54 UTC (Fri) by khim (subscriber, #9252) [Link] This nicely allow to repeat my opinion: the Prohibition tried to make selling alcohol unprofitable. Nope. Prohibition tried something entirely different: it tried to ban it. Alcohol excises are nothing new and they work adequately well - as long as they are not too onerous. Because Prohibition affected millions it was hopeless. I assume the same will eventually happens with SOPA as the amount of black market for devices that allows unrestricted access to cheap entertainment would be even bigger than the black market for alcohol. Oh, SOPA is, of course, fail. This is not a problem. As long as you can watch your illegally gotten entertainment on legally bought hardware it's hopeless. But the next logical step will be to forbid use of any hardware which is not "trusted". And this may work: most people can not do anything about it and you only need to prosecute few oddballs who can actually crack the protection. Especially given that compared with alcohol people would not see or feel the bad effects of using those devices. Sure, but that'll only happen if they will actively seek these devices. Thus yes, you'll need not just a stick but a carrot, too: if you can access enough entertainment legally for adequate price then few people will bother with underground. And then you can start rising prices and watch for the reaction: if people tolerate current prices you can continue to raise them, if too many of them seek illegal devices, then you need increase penalties and if way, way, way too many seek illegal devices then it's time to reduce prices somewhat somewhat. Remember: it's all about money. There are no need to stop all infringers - only enough of them to guarantee that majority of population will pay "fair" (i.e. outrageous) prices. Salt patents show that you can raise prices pretty significantly before the whole scheme will break apart.
Doctorow: The coming war on general-purpose computation Posted Jan 11, 2012 13:24 UTC (Wed) by nix (subscriber, #2304) [Link] and would just fail the same way the Prohibition failedYou mean they'd cause massive damage to ordinary people and create an entire new criminal underclass that would go on to cause trouble for over half a century? Yeah, no trouble at all.
|
|||||||||||||