> There are four key implications of this revolution that policymakers in the national security sector will need to address:
> The first is that the unprecedented scale and pace of technological change will outstrip our ability to effectively adapt to it. Second, we will be in a world of ceaseless and pervasive cyberinsecurity and cyberconflict against nation-states, businesses and individuals. Third, the flood of data about human and machine activity will put such extraordinary economic and political power in the hands of the private sector that it will transform the fundamental relationship, at least in the Western world, between government and the private sector. Finally, and perhaps most ominously, the digital revolution has the potential for a pernicious effect on the very legitimacy and thus stability of our governmental and societal structures.
> > The first is that the unprecedented scale and pace of technological change will outstrip our ability to effectively adapt to it. Second, we will be in a world of ceaseless and pervasive cyberinsecurity and cyberconflict against nation-states, businesses and individuals. Third, the flood of data about human and machine activity will put such extraordinary economic and political power in the hands of the private sector that it will transform the fundamental relationship, at least in the Western world, between government and the private sector. Finally, and perhaps most ominously, the digital revolution has the potential for a pernicious effect on the very legitimacy and thus stability of our governmental and societal structures.
Sounds like the cyberpunk dystopia is come to pass. Just waiting on a "Screaming Fist" type incident...
Haven't read any of his books yet. Did he prophesize that all of this cyberpunk bickering will come to an abrupt halt as global warming destabilizes our civilization and kicks the survivors back to medieval age?
After recent stream of climate change articles I just can't read these NSA statements without thinking that they're worrying about the wrong thing.
Isn't worrying about he wrong thing is their historical track record? Whenever they aren't actually measuring something directly intelligence agencies seem to rely on their paranoia, which makes for a poor tool to extrapolate with.
It's a reference to Neuromancer, the book. Screaming Fist was the name of an operation that turned out to be a red herring with lethal consequences for those who believed it was a genuine thing.
edit: I can't tell if parent refers to the red herring or the objectives of the Screaming Fist operation.
For the 3rd and 4th points, we could rather envision a massive decentralization of power, which would be effectively a change in the model, but not necessarily in a bad way.
Telecom, batteries and local energy production will allow much more flexible forms of local auto-organisations and decision-making.
Parts of centralized institutions will be obsolete or further decentralized to better fit local specificities.
The only irreplaceable aspect of the biggest countries is their military army, but we could also imagine a federation of each state's armies through common interests (which would be something like EU : cooperation of local armies toward a common goal). We could imagine that more autonomous regions with more autonomous armies means less single points of (global) failure.
When the NSA says power will move to the private sector, I don't think they're referring to 'the people', but the wealthy who control most of the private sector.
The nobility provides digital “land” to the serfs in exchange for data, time (being an audience), and sometimes money. The serfs choose where to spend their resources, and by doing so they increase the value of the lands while also becoming more reliant on them (less likely to migrate, more likely to come to their defense).
Edit: this focuses on the commoners side, and I agree with what JetSpiegel said regarding the top-level aspect.
>Parts of centralized institutions will be obsolete or further decentralized to better fit local specificities.
I predict something a bit different. ie - Most "centralization" will move to the private sector, and they will become more and more powerful.
Governments will become less and less powerful. Less and less able to check corporate hegemony. More and more decentralized as they weaken and fracture.
Corporations, meanwhile, will consolidate powers. Become more and more independent of weaker decentralized governments that are, naturally, not going to be terribly unified in facing the corporates down.
So, the world will eventually become a high-tech network of city-state corps, each specializing in an industry and engaging in trade? Sounds like a good book.
They won't. They'll build costly surveillance into everything and attack individual liberties for the sake of social control. They'll sap potential for positive disruption, out of paranoia, and ironically ensure the unsteerable inertia of existing institutions takes us all off a cliff.
Or they could say put a limit how big cooperation can be an enforce restrictions on each market. Don't let sprint and t-mobile merge for instance. Force companies over a certain market cap (say $10B) to split.
That way governments could stay in control without stomping on the liberties and freedom of it's citizens.... after all the government is there at the service of the people... right?
It sounds good and I agree, but I think corruption runs too deep. Our government is flush with the money of profiteers and is weak in its collective will to uphold the principles that made it good.
Typically central government favours legislative solutions, it's primarily the gadget agencies that press for technology solutions.
Though I admit sometimes the futurist manage to create a big hype around some technology and everyone pays lip service to the coming technology rapture.
A lot of this information could definitely be framed in a different way to make it sound almost Utopian, I agree, but I think it is hard to argue against the idea that we're relying on technology more and need cybersecurity to scale up. Otherwise its going to be like everyone with access to a computer has a bazooka. Speaking of which, I wonder if there will come a day when the solution to this problem is just heavily restricting access to hardware, background checks before you can buy a laptop/smart phone, etc.
The EU isn't cooperation of armies towards a common goal, or really cooperation of anything towards a common goal. The EU is "cooperation through massive centralization of power under a unified command structure". Nothing decentralised about it.
NATO is decentralised. We can see this clearly because of the bunfights about whether members are spending enough on their own armies to be good contributors to the alliance. Also, NATO has no political goals beyond defending its members against any attack. It's not like the EU which has an expansive ideological vision of the future.
Translates to - We don't know what we are doing or why but please keep funding us.
Henry Kissinger pls talk to Kim Kardashian, and the marketing departments of the world. They will have better ideas on how to fight the next war than anyone who has traditionally fought one. What ever you do don't talk to techies. As Chinese Intelligence is showcasing in Hong Kong, building giant machinery that vacuums up oceans of data does diddly squat.
I mean, as far as I see it, all this scary new data on our lives is mainly useful so companies can show us marginally better ads.
I mean, I'm sure there's a lot more to it and it's more complicated than that, but I think we'll eventually adjust fine to the big-data world we increasingly find ourselves in.
The only thing those two events have in common is immigration? Are you saying that there is a war between people who want immigration and those who do not, or something?
We need all the data there is. Plus enough AI to analyze it, and provide actionable intelligence. So you need to give us lots of money. Really, lots. And trust us. A lot.
not enough appreciation for rising marginal costs of innovation. it's easy to see in biotech and pharmaceuticals (same number of innovations costing more and more). it will eventually happen in every other narrowly scoped field.
That states like China and Russia can recruit the best cybersecurity talent in their respective countries, and force them to work for the government, while the United States can't, is a problem. If I were the president, I would focus on talent recruitment and retention. Google is paying its top cyberstaff 700k? Offer them 1M. Also get rid of archaic hiring practices like drug tests, and streamline the process to obtain a clearance.
Russia also recruits cyber criminals, offering reduced sentences if they work for the government[1]
"The cellmate said that people incarcerated for cybercrimes could get out before trial, in exchange for working for the government. Another inmate had already taken a deal, he said.
“It was an offer to cooperate,” Mr. Artimovich said.
“Why else would you work for the government?” he added. “The salaries are tiny. But if you do something illegal, and go to prison for eight or nine years, the F.S.B. can help you,” he said, using a Russian abbreviation for the Federal Security Service."
You think that's some kind of exception? All kinds of cyber criminals also work for western governments/agencies as consultants. E.g.:
"Since 2000, Mitnick has been a paid security consultant, public speaker and author. He does security consulting for Fortune 500 companies and the FBI, performs penetration testing services for the world's largest companies and teaches Social Engineering classes to dozens of companies and government agencies."
Well, same in the US. You collaborate and agree to work with authorities on this on that, and you get a special deal to be released early (or get a reduced sentence to begin with).
At least according to all these episodes of Law and Order and such I've seen...
In a world with less globalization as today, Mitnick targeted mainly US companies and US government (and not in service of the US government). If he'd targeted Russian companies and Russian government he'd be working for the NSA right now, or at least he'd not have served prison time.
Russians who work for GRU serve Putin. Of course Putin is not going to put those to jail. The USA isn't going to put NSA employees to jail either.
Yeah, but we are almost certainly doing this already as well. So there's no advantage to be gained there. If a cyber criminal is valuable enough, ie-not a script kiddie, we're already making the offers.
We need ideas that are somewhat out of the box. Something that isn't already being done that we can start doing to bolster our capabilities.
AFAIK we aren't doing that. Once you've been caught doing criminal activity, you pretty much have no chance of getting the security clearance required to do cyber work for the government. They're willing to overlook criminal activity if you are up front about it and have never been caught, but any sort of criminal record is a showstopper for cleared government work.
I’m not biased at all, just a patriot, and I think the government should inflate the wages of all software engineers in the entire nation to $1M in the name of national defense.
I am also not biased at all, but I feel strongly that we need to support the deliberative efforts of our nation's software-building infrastructure-protecting heroes by giving them all individual offices with doors that can close and lock, also ensuring that the occupant of the office has a key for it.
And nice, high-backed office chairs. And dual monitors for each workstation, with the computation hardware refreshed at least every three years--to include a real graphics card, that actually works with virtualization, because of 3D mapping.
And the kitchenettes should also be enclosed in their own rooms, so microwaved fish or broccoli smells don't permeate all the offices at lunch time. Not that I definitely know that's a thing that actually happens, but I imagine that if it did, if might break a software developer's concentration. Every. Danged. Time.
For national security!
Should probably recommend these "critical security precautions" to all of our allies, too. And potential allies. And probably the adversaries will copy them, but not much we can do about that.
>That states like China and Russia can recruit the best cybersecurity talent in their respective countries, and force them to work for the government, while the United States can't, is a problem.
Huh? Why the united states couldn't? It's government/military budget is much higher...
As for the "force them", China and Russia don't need to force anyone to work for their cybersecurity teams either (nor it would be wise to have someone do such crucial tasks against their will).
I could be "forced" to do a whole lot of stuff for $200k/year, plus a zero-deductible health plan and fully-matched 401(k), that also doesn't require living in California, NYC, or DC.
I won't compromise my personal ethics, though. Not at that price. I'd need another $300k/year, a real defined-benefit pension, family gym membership, company-leased car, tuition benefits, and a bullshit story that I can tell myself in order to sleep at night.
And in order to set aside my personal vendettas, such as by actually propping up AT&T or Bank of America in some way, I'll need 8 figures and a 30-hour work week. And unrestricted common stock--not so much that the CEOs have to kiss my ass, but enough that I don't get automatically ignored.
Congress sets salaries and benefits for government positions, but most of those jobs are under the executive branch. So the president can't just increase the head of cybersecurity's salary to $1M, that has to be approved by Congress. The DoD and intelligence agencies get around these restrictions by contracting out the technical work, but the problem is the top decision makers still don't make nearly enough to attract real experts in the field.
In the government agency I'm employed with, the cyber security manager for our products has only a logistics management background. The information assurance personnel are contractors, but they don't have much impact on the real decision making.
This isn't a technical issue, but I think that it's important: working for the government comes with less pay, but there was always the idea that you were putting in effort for the benefit of the country. In my opinion the NSA has squandered that and they have somehow ended up in the same category as Palantir and Facebook.
I'm not sure how they can fix this, but I do think it will need to be addressed if they want to hire and retain top talent. They have interesting problems but no one will work on them if they feel they are, in the end, hurting their fellow country-people.
They could start fixing it by not turning their spying tools inward, and enacting strong whistleblower protection laws.
The other half is admitting that the government did something wrong in the first place, which they can do by prosecuting officials who broke the law, retire those that quasi-legally facilitated domestic dragnets, and pardoning Snowden, Winner, etc.
That’s going to take politicians who aren’t jingoistic.
Perhaps if the NSA spun off a white-hat cyber defense organization?
If I knew a 3-letter federal organization was dedicated to defensive tools, white-hat pen testing, and US infrastructure cyber security, I might consider joining. But the NSA has managed to tarnish its name with domestic cyber spying on US citizens, and that should have been the realm of the FBI, which is supposed to follow laws and can be audited.
In fairness, Snowden himself was at the NSA, so that's at least one data point that they were getting what I would call more "patriotic" people. Not necessarily the "best and brightest". I've been to MS Research. Some of my best friends work at Google. I've worked with Carnegie Mellon and MIT post docs. There is a big objective leap in capability between someone like Snowden, and the guys at MS Research.
We can only hope that NSA actually has some of these types of guys and we just don't know about it. But I'd argue that if the NSA was getting any of those types of guys, they weren't getting very many.
Another thing to think about is the athletics analogy. Schools like Stanford and Northwestern can't get the athletes that a place like Alabama can get. However, they do a good job of training up the athletes they can get to the point where these schools have actually been respectable from time to time. It would be interesting to consider the realistic feasibility of hiring "2 stars" or "no stars", so to speak, and then training them up. (Of course, this doesn't always work. Most schools have teams that suck. That's kind of the danger with the "train them up" idea.)
I remember at DefCon 20 Gen. Keith Alexander, the head of the NSA at the time, gave the keynote speech (largely about how we all share the same internet space so we should work together to keep things good for everyone) and the NSA had a recruitment booth set up showing off an enigma engine. Between DefCon 20 and 21 Snowden happened and the NSA was disinvited from future events because of it (of course they come anyway, but people need to earn 'Spot the FED' tshirts somehow). Some thought it put back trust and relations between hacker communities and the NSA by more than 10 years.
Orthogonality thesis 101: intelligence is orthogonal to values. I don't think the NSA has any trouble getting the "best and brightest" in terms of skill.
So first things first: NSA needs to stop abusing its powers so that people can actually be proud to work for it?
Stop spying on and collecting all of "Random Joe's" emails and chats, and start targeting people who are actual threats to national security (and don't misinterpret any random petty crime as "national security issue" to give you an excuse to abuse those powers either).
Economic espionage or to help corporate friends should never happen either. No, it doesn't matter that "China does it, too".
Where is the money going to come from? We cutting something else? Like outdated military infrastructure since we should be ramping up for the cyber future? Or are we instead going to ramp up the deficit spending more to cover the extra expenses?
Have you actually thought your proposed solution through? Have you considered the larger picture?
We're already deficit spending at a level approaching USD1.5T. How do we handle the financial implications of such a shift?
Most of the "best and brightest" in America, are not, in fact, American. How do we get them the necessary security clearances? Should we be giving them that level of clearance?
I won't even go into the fact that the private sector would still be making all of the best tech as they gobbled up intellectual capital from around the globe, and we only have the US to snap people up from. Sure France, Germany, Russia, China etc can only snap people up from their nations too, but they have much better educational systems.
This problem requires more considered thought, and very likely a little bit of creativity, to work through.
>Have you actually thought your proposed solution through? Have you considered the larger picture?
The OP's plan seems like a good one to bolster national security. OP doesn't need to lay out every single step of the solution, all the way down to the US education system, in order to make it a good point.
The security clearance investigation process can already be expedited for urgent cases. However we absolutely should never lower clearance standards. Penetration by foreign agents could be far more damaging than a lack of top cyber security personnel.
We could call this historical period a great dis-integration where the consensus that formed the equilibrium of the last 60 years has been disrupted by tech, and we're looking at a period of volatility before reaching a new equilibrium.
I've argued before that U.S. critical infrastructure vulnerability will prevent it from intervening in Taiwan and Hong Kong. Its lack of a strong homeland defensive posture on infrastructure has emboldened regional powers like China, Russia, and Iran to assert themselves over local NATO allies without fear of US retaliation. e.g. The US isn't going to risk a dam flooding or a long term grid failure over a distant minor ally. Arguably, NATO made sense when partners could defend their infrastructure, but the mutual aid commitment becomes a suicide pact when your cities can be turned into tribal warzones by depriving them of power, payments, and fuel. Nobody wants to get drawn into that by a minor ally.
That's the weakness that creates the power vacuum into which warring parties pile in. We do indeed live in interesting times.
Allowing all of these probably-insecure systems to be built out and connected to the Internet is the problem, end of story.
You're essentially arguing that the US is paralyzed due to the possibility of unknown unknowns. It might make sense to think that way to write a book, or for brainstorming large-scale disaster planning. But every system has someone responsible for it, and that someone needs to be responsible for securing it to best practices.
From a policy perspective, we wouldn't just accept that a power plant's energy handlers hum along unsupervised and so could fail catastrophically due to some latent problems. Rather, there are inspection and maintenance schedules to do the diligence of adhering to best practices. That same diligence needs to be brought to bear on a plant's information systems, and if those information systems are hooked up to a WAN (for which there may not be a choice), then that diligence needs to be applied to handling abstract adversarial attackers.
Not doing that is a grave failure, and what seems to be going on here is a "nobody's fault" because it's not in the plant administrators' or vendors' interest to look down and see that they're already past the edge of the cliff. But allowing it to persist is simply kicking the can down the road in an unsustainable manner.
Vulnerability on cybersecurity for critical infrastructure is a known-known.
Best practices have been and continue to be the lowest common denominator and an abysmal failure. Compliance solves nothing, and it is a make work project for compromised jobsworth consultants who lack the standing to tell anyone they told us so.
What I am arguing is tech and poor management culture in energy and infrastructure companies is the weak link that gave away the empire.
Even if an organized adversary can reliably control whatever infrastructure they choose, it's still being institutionally treated as an unknown - otherwise it would be fixed.
I basically agree with everything you've written here, but saying it already "gave away" basically means giving up. Whereas this "cyberwar" meme is a call to action, and so I think it bears repeating that on the technical side the problems are extremely straightforward. Rather the real problems are organizational/institutional, and that's where blame needs to be directed - so that the call to action doesn't lead to further obtuse top-down measures like more procedure-bound certification-based consultants or a national firewall.
Worthwhile top-down things that could be done would be say a national bug bounty on any critical infrastructure (and indemnification for any incidental damaged "caused" by researchers, rightfully assigning it to plant operators instead), or perhaps even a wholesale repeal of the CFAA to stop papering over the fundamental nature of the Internet being hostile noise. Stop discouraging 12 year olds from playing around with infrastructure for the lulz, and make administrators have to deal with reality rather than continuing to ignore it.
If your cities immediately turn into "tribal warzones" when they lose utilities, you've definitely made some governance failures well before the cyberattack.
Reduce wealth inequality through industrial and fiscal policy, don't stuff cities full of millions of culturally distant immigrants (distant from both each other and the existing population), encourage integration and patriotism instead of ethnic sectarianism via education and cultural pressure.
The 1860's are calling and the Irish would like a word. Are you arguing the Irish shouldn't have been allowed in the U.S.? Or that Americans should have been somehow coerced into accepting them? You think the Irish didn't want to be assimilated or you think Americans didn't want to assimilate them?
The 1860s when the Irish in NYC refused to fight for their new country, killing over 100 people and ethnically cleansing most of Manhattan? Or a few years later when two different subgroups of Irish killed another 100 of each other in the same city? These questions re-litigating history are immaterial to the fact that there is always some point at which putting groups next to each other will cause conflict, modulated by things like population density, culture, religion, tribalism vs. individualism, prosperity, etc.
This is just willful, boastful, ignorance, across the board. There are more examples of human cooperation, and there's more evidence that immigration and multiculturalism leads to long term stability, not the opposite. Next, you're going to tell me how the American Civil War had to do with immigration. Relitigating history is not indicated, but for starters you have to know some history.
That's funny, how do you link multiculturalism to a breakdown of society? If anything you want lots of strong societies overlapping so that everyone can find a group that can support them and each other. The "mosaic" concept has worked out fairly well for Canada, and I just can't get behind denying people their communities.
But you've also made an argument against professional standing armies, and civilian decadence. Turning cities into war zones is not a new strategy. When the U.S. was attacked at Pearl Harbor, the country instantly became motivated to enter the war. What percent of people now would give up their shopping, TV, jobs, family, to defend their country? The U.S. political and military class will avoid exposing how the entire civilian class is grossly unprepared, and unwilling to become prepared.
Is it possible that a US government agency is pushing an inflated threat assessment designed to raise its own budget? Did that ever happen in the past?
I agree, and this may arguably be a good thing. A relatively painless way of rolling back the empire of Team America: World Police. We may be trending back towards a time of strong regional powers rather than global hegemony.
> a time of strong regional powers rather than global hegemony
A.K.A. a time of war, like the ones that rocked Europe and the rest of the world through the 19th and early 20th century, as regional powers struggle to become the new global hegemony.
Those who desire an end to the Pax Americana, be careful what you wish for.
More likely an end to the nation-state, and a return to the more stable city-state. Once a society is on the path to regression, you don't exactly get to choose where the ball stops rolling. It's going to end up at the most stable location, and nation-states have a short history compared to city-states but also more volatile.
>The US isn't going to risk a dam flooding or a long term grid failure over a distant minor ally.
People are irrational. For the sake of transgressing a minor boundary, wars have occurred, even if the boundary has no strategic value. Suppose there are patrols into barren hinterland, that could still cause a war, even though the lands could not support permanent habitation.
It is theorized that Germany started WWI because of growing popular support for the socialist party.
>Its lack of a strong homeland defensive posture on infrastructure has emboldened regional powers like China, Russia, and Iran to assert themselves over local NATO allies without fear of US retaliation.
First, calling these issues "homeland defensive postures" makes no sense.
I don't understand how you can view the current situation as "regional powers asserting themselves." NATO now borders Russia and the US effectively controls two states bordering Iran. The only bold moves any of those states has made was Russia's move into Crimea, but even that was Russia preventing their port from switching over to NATO.
I believe by "homeland defensive postures" the commenter you are replying to was suggesting that, because our infrastructure (electrical, hydro, fuel) is largely controlled by internet-connected security holes, the repercussions of involving ourself abroad would be to face consequences at home - something we are politically and otherwise unprepared for. In other words, our lack of a 'defensive posture' on infrastructure (i.e., a lack of hardening against cyberattack) leads to our lack of countering actions by China or Russia abroad.
This opinion piece is borderline screed and I'm not sure what to make of it.
Part of the piece is "OMG China!" with some pretty dubious assumptions, especially things like their GDP being bigger than the US is an existential threat.
"The world is scary" is not a narrative I will respond to. Of course it is - it's bloody frightening. But have you tried framing the discussion in a way that is not so warfare and zero sum-focused but rather collaborative?
The rest of this piece contains the kind of Cold War logic that, while understandable from someone whose job it is to solve these problems, is also alarming to see in what is supposed to be a "new approach" to preparedness from an agency.
This seems like a backdoor argument to compromising privacy, asking politely for businesses to be friendlier, while at the same time asking for more money than their already astronomical budget.
The obvious first step here is to Fix. Your. Own. House.
Become more transparent about what you are doing. Don't talk about secret bunkers in the first paragraph but instead about what you are going to do in order to share more with industry, and the kinds of investments you are going to make to ensure government can keep up.
Included in that is staffing proposals, workforce management changes, being more lenient with behaviors that are not relevant to your ability to hold a clearance to broaden recruitment, doing more work in the open and possibly a new imperative to focus on privacy and help protect privacy for all Americans despite best attempts of companies to destroy it. Some of that was alluded to but I find it really hard to take this piece seriously.
> have you tried framing the discussion in a way that is not so warfare and zero sum-focused but rather collaborative?
We live in extraordinarily peaceful times. Those have cropped up throughout history. They have never lasted because balances of power shift. We are not at the end of history. We are a footnote in a history book written a thousand years from now.
I'm with you - you prepare for this stuff. You stand ready, but there are two (OK probably more haha) approaches to mitigating the risks in the world:
One approach is to ensure that you have relationships / commonalities / connections tight enough that extensive conflict does not help either party and work on the relationship. This balance has a lot of proxy wars and holds OK...until something upsets the balance. But if you have dialog in place maybe you don't blow up the world.
Another is to invest everything in the thing that will upset the balance: countries racing to the next version of a nuclear weapon - in this piece that is AI / Cyber.
Shifting everything as a society involves a lot of sacrifice that has (historically) also destabilized the society to the point that it collapses as a result.
I think there's wiggle room here, and when I say "collaborative" I don't mean that we're all sharing technology but rather that we are on a single planet and we already are codependent and maybe let's see the obvious benefits instead of immediately jumping to weapons.
In terms of tone I'd also wonder which tone is better for recruitment? "Kill the hun!" or "Build the future"? If they want me to work there, it's the latter.
The way to prepare for changes is by communicating, building alliances, and demanding security standards. Being able to keep secrets is important, but keeping too many things secret and compartmentalized is self-defeating.
You want the US to continue to be globally dominant? Stop over-regulating drones, for one thing. The lack of viable drone business models is a serious setback for training the next generation of aerospace engineers.
Since the NSA and similar agencies don't seem to have the flexibility to evaluate their own influence on developments, I do seriously think they are a greater threat to overall national security compared to some propped up countries that were named here.
So they want to ramp up surveillance again... better get ready for my new side job as insurgent against the state.
Having an agency that sees everything as a threat should not have the competence to determine civil interactions or should be shackled to a more severe degree. The lack of trust in western societies doesn't seem to be a factor in their threat analysis. Maybe not worth it for budget discussions... idiotic...
> in a vast databank of personally identifying information about its citizens, from iris and facial recognition to DNA data. That is antithetical to our values.
I think this is a lie. It is not against their value. On the contrary these are exactly values espoused as per evidence acquired by people currently residing in very dark cells.
> Our innovative and entrepreneurial society affords us a unique advantage in dealing with those implications.
Some people hire whores, some people hire security firms. But it too often is to stick your dick into something.
> our society could consider greater coordination between government and the private sector
to combat unruly citizens...
This would be a great opportunity for the new york times to show some of their critical investigative abilities.
This is plainly painting a threat to the wall to justify spying on citizens. Even if this show deep ineptitude, I fear it might be working
Such a bleak picture of the future where the only solution is for all of us to give up our privacy and allow the government to watch us so they can keep us safe. There are so many rants I could go off on this article I would not even know where to start but I will say this. What about the option of peace building? Why not put 1/3 of your insane military budget towards a new mission of going into the places you have the worst reputation, the places you have wronged the most and start building up their infrastructure like water plants and schools? The only options this article gave was to give up all our freedoms so the government can keep us safe which to any person with half a brain (hint even my kids know this and their vote is coming one day) this only stops the average citizen from remain anonymous.
Link to neat video explaining how to easily encrypt a message on a piece of paper. "Bear in mind if we are talking about banning encryption, we are talking about banning mathematics". I love that line.
> Why not put 1/3 of your insane military budget towards a new mission of going into the places you have the worst reputation, the places you have wronged the most and start building up their infrastructure like water plants and schools?
The critique you refer towards is familiar when we talk about terrorism operations that spin off from less powerful nations, and for many years the "war on terror" has been about detecting such small scale operations that can definitely be traced to all the nasty things the US has done for many decades.
However, this article is mostly referring to Russia and China as the most critical actors in this style of warfare; these are relatively large and powerful nations who have shown to be adversarially aggressive to the US and many other nations so I'm not sure how there would be "peace" with them other than allowing them to continue to wreak havoc in their neighboring nations and territories unchecked, not to mention that they would continue to launch direct attacks on our internal processes, which wouldn't actually prevent a world conflict from occurring, only hasten its arrival. We have already been attacked quite severely in this regard with great success.
Instead of fighting the world we could go around making allies and all stand together against any aggression China and Russia make would be how I envision it but perhaps even that would not work. I just have to believe there is a better future then everyone fighting each other winner take all. Our earth is god damn dying and these people want to convince us the only solution is to get ready for the fight of our life. We are already in it. We need to work together to save the earth not destroy each other.
>"start building up their infrastructure like water plants and schools"
That has been tried. It doesn't work.
TLDR: You can build this stuff. But it's a waste of money without the human resources necessary to keep the infrastructure resources running & maintained.
Who do you think is going to run & maintain schools & infrastructure? Let's delve a little deeper--
If you spend time in a developing country, or research their demographics you'll see why.
Let me give you one example: Mexico.
"While SEP data show that nearly all students who complete lower-secondary education enroll in upper-secondary school, the nationwide graduation rate is currently just 67 percent." https://wenr.wes.org/2019/05/education-in-mexico-2 )
Mexico is doing pretty good actually.
So, let's see about a more relevant example: Afghanistan.
"Afghanistan it has, according publishes UNESCO, an adult literacy rate of 31.74%."
Sure, you can build this stuff. But it's a waste of money without the human resources necessary to keep the infrastructure resources running & maintained.
Take the Hitler / Darwin pill: as long as there are separate entities and limited resources, they will be in conflict. Accept it, it's a part of nature.
https://www.youtube.com/watch?v=-wjMmeNS9wA&t=2m53s
Basically, we are too slow. The contract acquisition process and waterfall development moves at a glacial pace. I have some serious doubts we will ever adapt since it would require a restructuring of the way our defense industry operates.
Part of the NSA's mission (which they have failed at, and an acknowledgment of that failure is conspicuously absent from this article by the NSA's general counsel) is to help secure domestic information infrastructure against attack. They are supposed to lead the way in developing security standards, scanning for vulnerabilities, advising businesses and local governments on how to protect themselves.
In a perfect world, Project Zero would have been based at the NSA.
Instead they have let the wiretapping crew take over everything.
Wouldn't it be possible to build the next generation of technology to be much less hackable? Right now we're all pretty dumb about cybersecurity, but if plays a major hand in shaping human events even stodgy Pentagon types might start taking things like air gaps and not writing your passwords out on a sticky note more seriously.
Mandate that all software - everywhere - is written in Java or Rust with no unsafe blocks (but, oops, you can't realistically do that in Rust).
Make it illegal to use web apps to administer infrastructure. Desktop GUIs all the way (no XSS there ...).
Then mandate that this infrastructure can't be administered from Windows, but only some locked down new OS that required iOS style code signing from top to bottom.
Then forbid the use of passwords for authenticating to anything, no matter how trivial.
Think many geeks would get excited about that? People write insecure software because they can't/won't accept the fact that they enjoy building software in ways that are very insecure. For a lot of coders you'll prise C out of their cold dead hands, and they'll continue making hackable IoT devices until you do.
It seems like then we should be doing all of that already for all military applications since we're considering hackability to be such a huge issue.
People write insecure applications because of all the priorities they are given by management, security usually isn't even on the list. Perhaps we'll get to the point of real maturity and have security experts working in every department, and operations with real security. Maybe.
The tragedy of the mundane reality is that more cyber systems will be put out of commission by things like botched patch tuesdays and techs pulling the wrong cable because they were mislabelled than any hack.
I've often thought about what the next "Great War" would look like. Not researched it or anything but mulled it over.
I honestly think the enemy will take out our power stations via malicious code that may already be sitting there waiting to go off right now.
A few days after that, when people are still in total darkness and the supermarket shelves are empty then we will turn on ourselves and our "leaders" because we are cold, hungry etc: we'll destroy ourselves first.
There are various tiers of leaders, each of which gets their own subset of authority. Perhaps the President and Congress gets their own bunkers, but I sincerely doubt mayor X in Y town in Ohio is getting flown out to a mountainside retreat.
Coincidentally with the increase in military equipment being sold to local police departments these days, said mayors will have some firepower to work with if they ever do decide to convince their townspeople to go rogue and play for keeps.
>There are various tiers of leaders, each of which gets their own subset of authority. Perhaps the President and Congress gets their own bunkers, but I sincerely doubt mayor X in Y town in Ohio is getting flown out to a mountainside retreat.
So people will do what, attach the mayor?
Not really responsible for the mess, and not really such a big shot to be worth it...
I wrote on the subject of cyber warfare and the vulnerability of our nation's utilities first in 2015. At that point, a single malicious actor had gained access to a water treatment plant in Chicago that had no air-gap. They were able to cripple a system by turning a key portion on and off until it burnt out. In 2016, a water treatment plant was targeted in an attack which released high levels of treatment chemicals into the water supply. There is an exceptionally high risk of damage.
It's quite a scary one, drone swarms that outmatch humans by a huge degree might cause the losing side to surrender before a human life is lost, but they could also massacre the losing sides, satellites and communications of all sides are also likely go, then of course there's still nuclear armageddon
I'm not convinced that nuclear weapons will be fired en-mass in anger as it means total annihilation for everyone whether involved directly or not.
Imagine China fired all her nukes at the US and the US retaliated while the Chinese ones were in the air... there would be nothing left of either country within a couple of hours (or however long it takes to reach across the globe).
Anything left would be uninhabitable forever.
I dunno... nukes are messy.
E-warfare is "clean" and costs practically nothing to do.
1: MAD doesn't really work anymore because of the advent of hypersonic cruise missiles and the likes of russia's Burevestnik/Skyfall. There's probably not going to be a 1980s scenario of two sides launching all out against each other and having a few minutes to contemplate the end.
2: Tactical (not strategic) nuclear weapons are very likely to be used on the battlefield in the next major conflict involving the superpowers. The most plausible pathway to a nuclear armageddon is if the number and yield of these tactical weapons keeps escalating until one side finally has enough and launches a strategic strike.
>MAD doesn't really work anymore because of the advent of hypersonic cruise missiles and the likes of russia's Burevestnik/Skyfall.
I'm not sure that's entirely true. Even if DC gets nuked before it can react, I'm pretty sure there are dead man switch-type systems in place and stuff like submarines equipped with nukes away from home so that even if they whole country was glassed there would be some retaliation. These scenarios probably don't reflect the whole arsenal, so the retaliation wouldn't hit every square inch of the enemy's land, but I would still think that threat is enough to make you not want to start anything.
Let me see if I got this: Tactics is using the Queen to take out the opponent's pieces, while strategy is throwing the whole chess board to the floor in a tantrum?
The scariest part about drone warfare is that people are going to not be important anymore.
There's a pretty good argument that democracy is possible because of the existence of guns. In medieval time, a peasant with a pitchfork stood no chance against a knight who'd been training his whole life and had all the tools of warfare.
These days, an angry mob of people with guns can do quite a bit of damage. The US military couldn't even beat the Viet Kong, despite how woefully inept they were at the start of the war, because they were determined not to surrender.
However, if future combat is all automated, we're back to the feudal days where all it takes to win a war is having more money than the next guy. A future Jeff Bezos could buy his own drone army and exert as much power as many national governments.
Sure, but the future (unless we somehow stop it) is all the weapons of war becoming completely autonomous. Maybe little plastic drones won't help, but autonomous tanks, ships, missile launchers... you name it, and at some point they will be far more effective at killing than a machine with a human in it.
Of course, that's already the case now for a lot of weapons. It doesn't fundamentally change the equation of war though. It's always been about machinery and the logistics to support it. There are very few exceptions, such as fighter pilots, where the actual humans are meaningfully expensive.
Now instead of having humans inside machines fighting other humans inside machines, it'll mostly be machines fighting machines. And yes, they'll be devastatingly effective against just humans but that's already the case with non-autonomous machines.
Autonomous weapons are a step on the existing tech advancement = force multiplier curve, I don't think they're fundamentally doctrine-changing. Like someone else commented here before, the actual game changer weapons will probably be biological. Unlike autonomous drones/tanks/whatever, advanced biological weapons will soon become available to just about any two bit state actor. Very little thought has been given towards defending against such attacks.
The car thing is another big one. Almost every car, truck, or SUV made in the past few years has a cellular connection, either for tracking purposes or infotainment. A determined attacker could probably just shut down 10-20% of cars in the country, a number which is increasing every year.
Haha, now that I read it back it looks like we'll be marching on Parliament after a few days :)
I meant that we'll turn to them to get things back up and running and they won't be able to. It will only be a matter of time before people start turning on them... not necessarily shooting them but in terms of trust etc.
I still believe we'll be killing each other long before that though: Once the food starts to run out then neighbours will turn on each other to feed their kids.
Maybe I've read too many comic books and sci-fi as a kid :)
The next great war will likely be a long drawn out low intensity conflict (think proxy war with a lot of direct cyber war on the side) that manages to stay under the threshold for opening a can of nuclear whoop-ass. Big powers aren't gonna get in an over the table shooting war if they can avoid it for fear of the other opening that can. I dunno if that kind of situation meets your definition of "great" though.
Edit: The comment I'm replying to changed substantially since I replied.
No, in my opinion, we need to start working so that wars don't even make sense. A concept of the distant past. A future in which our descendants don't even know what wars are. In my vision there are no legitimate reasons for wars to exist at all. Of course this concept will sound alien and completely nuts for the majority, who are still in the fear based mindset; But then you can ask: So how do we protect ourselves from those that are attacking us ? The day we can answer this question without violence in the mindset is the day we evolve as humanity;
To achieve your goal, you will need to change the very fundamental fabric of humanity and the reality of resource scarcity. Here are some examples that can lead to war: economic gain,territorial gain, religion, nationalism, revenge, civil strife, defensive. Below are a few expressions of what it can look like:
* Actor A burned your crops -> Do nothing (appeasement)
* Actor B disrupted your servers causing economic losses -> Do nothing (appeasement)
* Actor C stole your technology and sold it to everyone by a fraction of your price -> Do nothing (appeasement)
* Actor D manipulated a group within your nation to cause internal conflict -> Do nothing (appeasement)
* Actor E invaded your land and claimed as their -> Do nothing (appeasement)
* Actor F used their position of power to gain concessions from you -> Do nothing (appeasement)
* Actor G defamed you, leading to society admonishing you and potentially imprisonment -> Do nothing (appeasement)
Each Actor can be seen as both individuals or nations that are in existence today. Every one has their own set of interests and rationale for acting in certain ways.
Yeah absolutely. It will happen. In time. But not now. What you think as the fundamental fabric of humanity is but a stage. We will overcome it. Unfortunately until we get there, much suffering will still ensue.
Do you have any justification for this belief that war is just a stage that humanity will get over?
There has always been war. There will always be people who think it's their destiny to rule over you, that you'll really be much happier if you're conquered, and if you don't meekly comply then maybe you just need to be ... liberated.
For as long as some people think they're better than others, there will be wars, and I don't see people not thinking that any time soon, do you?
That discussion is pointless without a definition of war. If you read some of what Moscovite thinktanks/ideologists produce, you'll find very little about guns and arms, but a lot on psychology and influencing.
War to them is total war. There is no difference. Everything can be weaponized and will be used. There is no choice.
Changing that line of thinking is first very different from western lines of thinking. Second, I'd say peace-movements in such environs have yet to take root, let alone produce the progress the West has seen since Vietnam.
The "we" here is not the US government but the wider anti-war movements that helped push for such acts as the League of Nations and the Washington and London Treaties.
Delanda was very interesting in the beginning but didn't quite find or found his community and began talking in an echo chamber that impoverished his thought. Still, "War...", "Intensive science and virtual philosophy" and "A thousand years of nonlinear history" are respectively a very promising start, an impressive peak and an early mature book. Too bad I can't recommend anything from "Philosophy and simulation" forward.
> Finally, and perhaps most ominously, the digital revolution has the potential for a pernicious effect on the very legitimacy and thus stability of our governmental and societal structures.
But they then proceed to say things like
> Will Western liberal democracies, already straining under the combined demands of decaying civil infrastructure, aging populations, upgrading militaries and so on, be able to afford these investments? Given that there is no specific forcing event to require greater resources, but rather a trend, history suggests that we will appreciate the seriousness of the underinvestment only when a crisis has occurred.
Meaning that currently, our system of government is simply not built to deal with modern technology. Yet they state that the fundamental threat of forcing change within societal and governmental structure is 'ominous', while at the same time implying that it is absolutely necessary.
Discarding stability and tradition for the sake of progress is inevitable, and will happen either deliberately, through policy (this rarely happens), or by revolution.
It is possible to make secure operating systems, doing so has been discouraged since the demise of multics.
A sense of futility is now endemic to the Information Technology community, because they think such a thing is impossible, they won't even try, and actively deride anyone who states otherwise.
The security research required to build multi-level secure operating systems was completed in response to information processing requirements during the Vietnam conflict... there are multiple models which work... none of which are implemented.
It doesn't have to be this way... look up capability based security.
Capability based security isn't a panacea by itself. It suffers from the confused deputy problem, for one. If subsystem A has a capability to read every file, and exports an API that takes a file path and opens it, returning the opened fd, then you lose.
"But that's a stupid/buggy app!" you cry. Well yes, but that's a simplified scenario. Confused deputies that can be tricked into using their own privileges on the behalf of others are a common security bug pattern in pure cap systems.
That said, I agree with you it's possible to do vastly better than we do today. Security isn't a priority. If it was nobody would use HTML for user interfaces, but they do because installing apps is inconvenient and HTML is nicely vendor neutral. It's also free. Convenience and price win out over security every time.
I have a lot of trouble taking this guy seriously given the amount of hand-waving and fearmongering in this article, especially around "A.I.". Last time I checked, the NSA did very little to fulfill its mission to help secure existing US assets against cyberattack, much less help improve security in emerging technology. As Snowden showed us, they are far more interested in wiretapping everything.
World wars happened when powers have global reach and means. In the 20th century they had that. In the 21st, even more so.
That said, in the early 20th the old European global powers were demoted from superpowers, and US/USSR emerged in their place.
But at the time the USSR leaders knew it wasn't as strong (to risk a major war with the US) and both sides had nukes, complicating the logistics. So no direct war between them (but plenty of proxy wars globally).
Today there's US, China, India as wannabe big player, Russia (still not as strong, and worse off than USSR), and a few other minor players.
(A single "pan-global" single-"country" or central government also wont stop wars. It will just make all wars civil wars and rebellions).
On a long enough time scale most things that could happen will happen, especially sequentially numbered items of which we already have multiple instances in recent memory.
Unrelated (kind of): do you guys/girls recommend books (especially novels) that cover the subjects of futurism, espionage, cyber warfare and other related topics ? I find the current situation to be very dystopic and would love to read more about it. Thanks in advance !
Maybe the US would do well to obsess a little less about wars? After spending 90%+ of its time existing on being at war, it sure would seem like a good time to take a break and stop attacking other countries maybe.
We just admitted defeat in Afghanistan after 18 years of.. what was the mission again? Build a government? Build the Afghan National Army?
We cut out both of those groups from peace talks with the Taliban this year. We tried to keep the talks secret from the government you're negotiating peace about. I can't imagine a more awkward way to discover that mission has been a failure.
This has turned into a Vietnam-scale boondoggle, and now we're just supposed to accept the utter failure of the DoD and State and NSA and just listen to their demands for resourcing for future boondoggles? Why? How about we try saying no for once instead of rewarding incompetence over and over again?
If we lived in an alternate reality where the State Department had a good track record and today people were posting pictures about their awesome vacations to Tripoli and Kabul and we were talking about new businesses and schools opening that would be one thing, but unfortunately it's just one failure after another with almost nothing to show for it.
> unfortunately it's just one failure after another with almost nothing to show for it.
I really urge you to read Catch-22. It is only a failure until you inspect the books, and then you will realize the genius of it all. Lots of people made out like the bandits they are over this.
People generally disagree with me, but I think the absolute failure of our administrative state to get _anything_ right poured gasoline on the fire that is general distrust in government. It was way too easy for someone like Trump to just repeat "Iraq" on stage to remind everyone that "the experts" have failed us in spectacular ways.
If only however the military industrial complex is to big. I think America is more like a hired gun never at home hence why home is not in best of shape.
We are going to seem to be on top, on the surface, long after we Have lost that position in actual practice.
Right now we are escalating the debt to extreme levels during the longest economic expansion in US history. I.e. we seem to be planning to bankrupt ourselves.
In the meantime, trade differences and trade wars are complex, but the net effect of the tensions with China is it is adapting away from any dependency from us, while are allies are of little help because we dropped our agreements with them.
In the meantime, the US has been falling down the country lists for health, longevity, and education for some time.
And our recent deference to authoritarian regimes over democratic allies is eroding our political power.
The US is undergoing a steep decline and a turnaround in the current divisive hyper-polarized political climate seems very unlikely.
The decline is being accelerated by the current political climate.
I like the US' market's liquidity, that seems unparalleled
I like the US' diversified portfolio of industries and stewardship of resources
Its military seems wasteful and unnecessary, perpetuated by cultural paranoia
and its domestic infrastructure for actually living seems to exist in a parallel world where it is compared to the worst countries in existence whenever challenged, operating with seeming unawareness of what other G20 countries have.
when compared to a mixture of legal frameworks to support human rights across countries that have actively made inroads in this area, US seems to lag. The comparisons being just some mostly European countries in the G20. The US seems to lack consensus on supporting its existing human rights and lacks consensus on expanding what they are.
when people say "on top", and further reflect that in its leaders masqauarading the US as a moral beacon in the world, I find this to be the exact kind of double speak that George Orwell described.
given how many attributes countries have, it further seems like the US is number one in a race only it competes in. At least in this century. The things I like about the US, number one in market liquidity, aren't really what people talk about. Perhaps given that its capital class is so relatively small to its population, their voices aren't what I hear. Deriving confidence from number aircraft carriers around the world just seems to lack perspective, or perhaps this is again related to the size of its working class that required the option of military duty to get by, people that must comply and be a soldier to obtain subsidized schooling, trades, healthcare and housing from the government. The military is a kind of cool technical feat but given the costs and lack of threat its like really? this century? Those are my main thoughts
so by which metrics is the US on top specifically, for you?
Colloquially - as in Im not sure if this is backed by socioeconomic demographic distribution - the military is an option for people with less options, a route for people to choose as much as college is a route for people to choose. Military service being used to defer college and access it cheaper later.
Correct me if Im wrong on this topic, this isnt what people choose in places or circumstances where other opportunities are abundant.
I don't get why Trump gets slammed by the media for talking to Kim Yong and walking back on Iran, or even trying to set up meetings with Taliban this month. Just because he's negociating doesn't mean negociating in itself is wrong, so I find that peculiar.
On the Iran side, he was slammed because there was already a deal, which according to independent observers was working reasonably well.
In terms of North Korea, it might have been a reasonable strategy if there was any evidence of a lasting deal. As it is, it looked like a PR dance by both leaders. Who knows what was going on with the Taliban.
Its very telling of our inability to attribute positives to someone who holds an alternative political ideology. We need to be able to compliment one another somehow if we are ever to bridge the ever increasing gap between political parties.
I think that's a reasonable goal. Of course the current president seems very content to rip up initiatives of the previous president simply because he was the previous president - see the Iran deal, for example.
Its not that he is negotiating that is the issue, its the fact that he is doing it badly. NK wanted to meet with the president of the US in order to gain international recognition for their leader. They got what they wanted in return the US got nothing, and in the mean time NK has produced more nuclear weapons and continued their missile tests. We have also alienated SK our traditional ally.
Regarding Iran, Iran had verifiably held nuclear enrichment to a set level. This was a deal that was working and Trump just pre-emptively left it and re-applied sanctions, and now everyone is mad / surprised that Iran is once again raising its enrichment level. There are essentially no or very limited ongoing negotiations with Iran. The point of the original deal was to prevent a nuclear Iran and it was working. Once Iran gets Nukes the international stage is very different. From an outsider perspective it very much appears that we have stepped back from the deal in order to find a reason to go to war.
What's the problem with that? He's talking about the future, where hypersonic missiles will be a reality. Anti-missile defences like the Phalanx CIWS have a range of only a couple of miles. A theoretical missile flying at Mach 20 will cover that range in less than half a second, making it extremely difficult to shoot down. A Phalanx only fires at 50 rounds per second. We're talking about a few dozen bullets on target which have got to shred or detonate the warhead or else it's going to head.
Granted we are not at mach 20 missiles or even mach 5 missiles yet, but this is an article about the future, after all.
But low altitude? I'd consider that, say, 5 km or even less; why a hypersonic missile would be low-flying cruise missile? Why confront that awful aerodynamic drag?
Mainly for exactly the reason of making the missile too difficult to detect until it's far too late to do anything about it.
IIRC there's also two additional reasons: striking from a low angle means a better chance of damaging the ship at or below the waterline in order to sink it, and because sea-skimming means the sensors have a much easier time picking out the ship from the sea.
I mean, the aerodynamic drag is going to be forbidding high. One can't today make a low flying 20M cruise missile, no such technologies by a long shot.
The article is full of conventional thinking that extrapolates directly from current trends.
Most likely the critical IT need in the Next World War will be bioinformatics to identify pathogens being used in biowarfare and to design, produce and distribute vaccines, drugs, and other countermeasures. The second IT need will be to enable society to function without the movement of or physical contact between people in order to limit contagion.
So you counter their conventional thinking that extrapolates from 2019 trends with conventional thinking extrapolating from 1989 trends. A bit unconventional but sure.
> The first is that the unprecedented scale and pace of technological change will outstrip our ability to effectively adapt to it. Second, we will be in a world of ceaseless and pervasive cyberinsecurity and cyberconflict against nation-states, businesses and individuals. Third, the flood of data about human and machine activity will put such extraordinary economic and political power in the hands of the private sector that it will transform the fundamental relationship, at least in the Western world, between government and the private sector. Finally, and perhaps most ominously, the digital revolution has the potential for a pernicious effect on the very legitimacy and thus stability of our governmental and societal structures.