[bourgwaletariat]

That's not the society I want. I don't want stronger doors everywhere. Tougher locks everywhere. Onerous security everywhere.

I prefer a society where passengers are free to chit chat with the pilots when they aren't busy. Where children who might be interested in being a pilot can see a cockpit in the air and how it's done.

I remember reading about the history of security in ancient Rome. The lengths to which normal citizens had to go to to protect their homes. I don't want that. No one wants that. No one wanted that then either.

It's a distraction from productivity. It's a constant worry factor that consumes brain waves that could be spent making all our lives better.

Instead, we have to divert our attention to those who want to make it worse.

[ridethebike]

Do I want security cameras/metal detectors/metal doors and other <s>police state</s> security measures everywhere? No. Do I want to have all that in electrical plants/pipelines/nuclear reactors and other objects of critical infrastructure - yes. If that means employees there would need to spend more time for annoying security checks(additional password prompts, 2FA, metal detectors, etc) - sure, I did all of that when working for one of British banks, mildly annoying but feasible. If that means more taxes - I'm ready to pay.

One can't just tell russians/chinese/iranians "we have open and free society do please don't hack into our electric grid" and expect it to work.

[bourgwaletariat]

Those things already exist in electrical plants/pipelines/nuclear reactors and other objects of critical infrastructure. Eliminating the ability of people to casually enter and access/alter/destroy this infrastructure isn't the issue.

And yeah... we exactly can say that. We do it all the time. We almost blew up the world because Russia sent some missiles to Cuba.

There's no reason the digital war can't have physical repercussions. If a foreign nation invades our digital properties, we drop a bomb on their electric plant.

Simple as that.

[sofixa]

> There's no reason the digital war can't have physical repercussions. If a foreign nation invades our digital properties, we drop a bomb on their electric plant.

> Simple as that.

Do you think people would support a nuclear war ( because if the US bombs Russia or China, the response could very well be nuclear) as a response to hacking? And are you aware that the US is one of the most active countries on the cyber warfare front? ( Snowden, the various NSA toolkit leaks, etc.) Should Iran respond with bombs when Israel and maybe the US sabotage it's nuclear industry? Should Russia respond with nukes when the US disrupts GRU operations?

[bourgwaletariat]

It's already happened. Remember Stuxnet?

[ridethebike]

>> drop a bomb on their electric plant

Not gonna happen. Because: a) that would almost surely mean all-out war (in case of Russia/China - with country that has nukes), started by US b) dropping a bomb on electric plant of country that has at least some air defense (and I think it's safe to assume Russia/China/Iran have plenty of that) is not simple

[bourgwaletariat]

As I said in the cousin post below, it has already happened.

[mindslight]

While I wholeheartedly agree with what you're saying for the physical world, the digital world is completely different. In the physical world, the scope of any action is inherently localized. But with digital systems it takes just one person out of seven billion (or even just the right software bug) to create a global scale problem. The Internet is best treated as a source of malicious noise.

[bourgwaletariat]

The main purpose of government is to protect its citizens from foreign invaders. I don't see any difference here.

[mindslight]

So then you're up against the halting problem at the "digital border" and you've only reduced the problem to say one in 300 million.

There are many differences. I already mentioned locality and scale. Another is that it's possible to make secure software (aka math) that precludes undesirable behavior a priori, whereas such thing is impossible in the real world.

[bourgwaletariat]

A) It's not a halting problem. B) Digital borders exist all over the net. We use them every day to secure all sorts of things.

[mindslight]

> That's not the society I want. I don't want stronger doors everywhere. Tougher locks everywhere. Onerous security everywhere

> Digital borders exist all over the net. We use them every day to secure all sorts of things

Erm, how do you square these two sentences?

I took your first comment to be arguing against software security in general, presumably in favor of more post-facto enforcement when people violated authorization boundaries.

Your response then seemed to focus on mitigating the cross-jurisdictional issues that make post-facto enforcement hard, by having some sort of software-based security enforcement at a "border", and then relying on post-facto enforcement inside of that.

Now you seem to be supporting software-based security in the form of firewalls everywhere?

If we continue along this trend to even more local, we'll get to fewer firewalls (because they aren't that good of a technology), with security pushed out to the edges. Which is where best practices seem to be headed (BeyondCorp, etc), but is directly antithetical to your initial comment.

[bourgwaletariat]

No it isn't. Arguing with people like this is just boring.

Not interested.