Expanded show notes will be added in soon, but I wanted to throw this in since it was on my mind after listening to the first half of the show. Rym mentioned the "jiff/giff" pronunciation war, segued into the whole GNU/Linux thing, and then asked for comments on whether or not anyone knew what he was talking about. My take on it is that Jif is a peanut butter and the twits at CompuServe shouldn't have bucked standard English pronunciation rules. Besides, PNG and APNG are now superior, so GIF is a dead standard in my eyes. As far as the GNU/Linux thing goes, rms needs to get over his butthurt self, STFU, and accept that if he'd gotten his ass in gear and finished Hurd some time in the SEVEN YEARS before Linus and the Usenet took five months and threw together a kernel then people would be calling the premiere free OS "GNU Hurd" instead of "Linux".
Just listened to this episode. The only lasting thought in my head is that Rym's grunt/yell at the end of the episode instantly made me recall Colossus's special power sound from the classic 6-player X-men arcade game.
That's exactly what he was trying to convey. It's the official yell of MAGFEST.
As far as the GNU/Linux thing goes, rms needs to get over his butthurt self, STFU, and accept that if he'd gotten his ass in gear and finished Hurd some time in the SEVEN YEARS before Linus and the Usenet took five months and threw together a kernel then people would be calling the premiere free OS "GNU Hurd" instead of "Linux".
This is the primarly failure of the FSF. They put ideology as a higher priority than technology. The fact is that better technology always wins, regardless of ideology.
This is why Photoshop is beating GIMP, even though Photoshop costs a ton of money.
This is why Clang/LLVM is starting to kick GCC's ass even though it is BSD while GCC is GPL.
This is why Linux kernel is just fine with GPLv2, and doesn't need GPLv3.
This is why I buy an iPhone 4 even though I hate closedness.
Just listened to this episode. The only lasting thought in my head is that Rym's grunt/yell at the end of the episode instantly made me recall Colossus's special power sound from the classic 6-player X-men arcade game.
That's exactly what he was trying to convey. It's the official yell of MAGFEST.
No F'ing way. That convention sounds even more awesome now.
Ok, now that I've finished the ep (expanded notes on the first page), here's my thoughts:
On the Meta section: Once again Rym forgot the name of the book for book club. I remembered it because I've read it before, but for the love of FSM if you can't remember the title then at least write it on a post-it and stick it on your monitor. Yes, I know it's correct on the site and anyone who is interested in reading it should be looking at the site or willing to Google it on their own, but it makes it sound like you guys don't even give a damn about the book you're suggesting listeners should read. Also the rapid-fire rundown of the "weekend of everything" in October isn't a problem for those of us who have been listening in the last few months, but a new listener's reaction would be along the lines of "whatdafukhejustsay?" Slow it down, or if you don't slow it down then at least stick it in the News or Show Notes on the site.
On the "what if the other side hacks our robots" topic - You've got to remember that these things are likely going to be built by the lowest bidder and are going to have security holes that aren't found until we discover that the enemy has found them. Just look at our Predator UAVs that are in use now - their video feeds were hacked by the enemy using off-the-shelf software because the powers that be didn't think that end-to-end encryption of the stream would be worth the lag it would cause. If the enemy were able to figure out that then they'd damn sure be able to gather the parts of the bots they were able to take down and reverse engineer them. Never underestimate the ability of a less sophisticated fighting force.
Just look at our Predator UAVs that are in use now - their video feeds were hacked by the enemy using off-the-shelf software because the powers that be didn't think that end-to-end encryption of the stream would be worth the lag it would cause. If the enemy were able to figure out that then they'd damn sure be able to gather the parts of the bots they were able to take down and reverse engineer them. Never underestimate the ability of a less sophisticated fighting force.
From what I heard, they knew it was insecure and didn't care. Being able to see the video feed from a drone doesn't really help you all that much. Even if you were to see that it was headed your way, or directly above you, it's not like you really have that much time to do anything.
Also, having any lag at all is really undesirable. Imagine if you are in a commercial jet and the pilot has a few seconds of lag on his controls. That's not going to go so well. Lag only works when controlling things like the Mars Rover, and you have time to calculate the fuck out of your next instruction.
Also, even light encryption on a real-time high definition video stream is very computationally intensive. You're going to put all those extra CPUs on the drone, with the heat they generate and power they use, not really the best idea. If you don't pour on the heavy duty CPU, the lag will be much much greater.
I'm sure they would love to have encryption on there, but the laws of physics make it not really an optimal choice. The military thinks about these things.
From what I heard, they knew it was insecure and didn't care. Being able to see the video feed from a drone doesn't really help you all that much. Even if you were to see that it was headed your way, or directly above you, it's not like you really have that much time to do anything.
It's actually really, really hard to figure any shit out from just a video feed, especially a shaky, mobile point of view video feed, which has a much different frame of reference to what you're used to - ie, an aircraft. It'd be like trying to drive in third person view, in real life, except times ten.
From what I heard, they knew it was insecure and didn't care. Being able to see the video feed from a drone doesn't really help you all that much. Even if you were to see that it was headed your way, or directly above you, it's not like you really have that much time to do anything.
"The potential drone vulnerability lies in an unencrypted downlink between the unmanned craft and ground control. The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said."
It's not that they didn't care - they thought the locals would be too stupid to figure it out.
And while the enemy may not have been able to review the data they were pulling down in realtime, it would let the enemy know where the drones are flying and where we're focusing our searches, which allows them to avoid our search patterns (among other things). Plus it's not like the people snarfing down the signal had to be right under the thing to pull it in.
Also, having any lag at all is really undesirable. Imagine if you are in a commercial jet and the pilot has a few seconds of lag on his controls. That's not going to go so well. Lag only works when controlling things like the Mars Rover, and you have time to calculate the fuck out of your next instruction.
"When a Predator unmanned aerial vehicle, or UAV, is far from its base, terrain prohibits it from transmitting directly to its operator. Instead, it switches to a satellite link. That means an enterprising hacker can use his own satellite dish, a satellite modem, and a copy of the SkyGrabber Windows utility sold by the Russian company SkySoftware to intercept and display the UAV's transmissions."
They're already bouncing it off a satellite back to home base. The wikipedia page on the MQ-9 Reaper notes: "An operator's command takes 1.2 seconds to reach the drone via a satellite link." I'm guessing a few more milliseconds of lag time isn't going to kill the maneuverability of these things, considering these days they're pretty much flying them remotely from Langley or some random AFB after they've been launched.
Also, even light encryption on a real-time high definition video stream is very computationally intensive. You're going to put all those extra CPUs on the drone, with the heat they generate and power they use, not really the best idea. If you don't pour on the heavy duty CPU, the lag will be much much greater. I'm sure they would love to have encryption on there, but the laws of physics make it not really an optimal choice.
Have you seen the video feed from those things? It's not exactly hi-def. The slowness they experienced with the encryption came into play when they had multiple operators viewing the feed simultaneously. Simple solution to that - cut it down to a number of viewers on the live stream that generates the lowest amount of acceptable lag with encryption in place, and then use a substation to feed the stream to the rest of the viewers. If the remote operator needs to react to something then he can still have time to react and if the brass see something they want him to have a look at then he can wheel it around and go for another pass. As for the heat and power generation, bleeding off a bit of usability in the name of security is something that they should have taken into account. The operational endurance for those things ranges from 14 to 36 hours depending on the model and the loadout. If they have to shave an hour or two off the range of it to keep information from falling into the hands of an enemy, I'd call that a fair tradeoff. Besides, the Air Force Times notes that they're already working on getting encryption in place, so apparently it is a viable option.
The military thinks about these things.
Yep. Just like they thought the enemy wasn't sophisticated enough to figure out how to get at the unencrypted streams. There's a reason why George Carlin said "military intelligence" is an oxymoron.
Yep. Just like they thought the enemy wasn't sophisticated enough to figure out how to get at the unencrypted streams. There's a reason why George Carlin said "military intelligence" is an oxymoron.
You are misrepresenting the situation a bit here. It's not that the military "didn't think the enemy wasn't sophisticated enough to figure out how to get at the unencrypted streams", it's that they just didn't care and or think it was worth it. The NSA controls all encryption protocols used overseas, including military uses. The problem is that most of the NSA encryption schemes that would be considered for the predator and similar UAV systems are extremely complex. If you are going to encrypt it, the NSA is going to go full, top tier encryption for the system. We're talking about the shit that was supposed to keep the KGB out of our communications. However, this outlays several problems. One, it will require every single UAV ground station, all the way down to man portable ground stations to carry yet another encryption box. Furthermore, you are going to have to implement a wide spread system of distributing up to date keys while maintaining OPSEC, not an easy problem to say the least.
“Can these feeds be encrypted with 99.5 percent chance of no compromise? Absolutely! Can you guarantee that all the encryption keys make it down to the lowest levels in the Army or USMC [United States Marine Corps]? No way,†adds a second Air Force officer, familiar with the ROVER issue. “Do they trust their soldiers/Marines with these encryption keys? Don’t know that.â€Â
I think Bruce Schneier sums it up very clearly in his blog post on the matter:
The naive reaction is to ridicule the military. Encryption is so easy that HDTVs do it -- just a software routine and you're done -- and the Pentagon has known about this flaw since Bosnia in the 1990s. But encrypting the data is the easiest part; key management is the hard part. Each UAV needs to share a key with the ground station. These keys have to be produced, guarded, transported, used and then destroyed. And the equipment, both the Predators and the ground terminals, needs to be classified and controlled, and all the users need security clearance.
The command and control channel is, and always has been, encrypted -- because that's both more important and easier to manage. UAVs are flown by airmen sitting at comfortable desks on U.S. military bases, where key management is simpler. But the video feed is different. It needs to be available to all sorts of people, of varying nationalities and security clearances, on a variety of field terminals, in a variety of geographical areas, in all sorts of conditions -- with everything constantly changing. Key management in this environment would be a nightmare.
Additionally, how valuable is this video downlink is to the enemy? The primary fear seems to be that the militants watch the video, notice their compound being surveilled and flee before the missiles hit. Or notice a bunch of Marines walking through a recognizable area and attack them. This might make a great movie scene, but it's not very realistic. Without context, and just by peeking at random video streams, the risk caused by eavesdropping is low.
Contrast this with the additional risks if you encrypt: A soldier in the field doesn't have access to the real-time video because of a key management failure; a UAV can't be quickly deployed to a new area because the keys aren't in place; we can't share the video information with our allies because we can't give them the keys; most soldiers can't use this technology because they don't have the right clearances. Given this risk analysis, not encrypting the video is almost certainly the right decision.
Unfortunately, they ignore non-mystical realities of human brains. If our brains are Turing machines, then by this logic we are also excluded from being allowed to kill by our own volition...
Unfortunately, they ignore non-mystical realities of human brains. If our brains are Turing machines, then by this logic we are also excluded from being allowed to kill by our own volition...
The entire thing is laughably stupid.
All they've demonstrated is that any intelligent agent (humans included) cannot be morally perfect, due to computational limitations. Well, duh!
Why does it feel like everyone of these leaks tells us information we already knew? Are they really leaks? Or are these leaks always just confirming what we suspect to be the truth, and we are just smart enough that our suspicions are so accurate?
People act like Snowden was such a big deal, but we were hearing about Carnivore almost 20 years ago. None of these things ever feel like news to me. They feel like reposts. As if some journalist just discovered Doge or some other meme for the first time, and I gotta be like "seen it."
Why does it feel like everyone of these leaks tells us information we already knew? Are they really leaks? Or are these leaks always just confirming what we suspect to be the truth, and we are just smart enough that our suspicions are so accurate?
Did you read the drone leaks?
No, it's not a surprise that we use drones to kill people, or that it's a dodgey process involving collateral damage and civilian deaths.
The leaks are the data and the details. We now know the target-to-bystander ratio of the attacks, and it's not good. We always suspected it was bad, but now we know the number.
We know the actual command chain and process. We have specific and deep case studies now.
So yeah, the broad strokes were "obvious," but warmongers could disagree and it's not like we had any evidence to back up our opinions. Now there is indisputable, real data to cite.
There's no reason to read that. When it comes to something like that, such data is not important. You don't need to know the target to bystander ratio. Killing even one innocent bystander makes you a war criminal, and there was plenty of evidence for well more than one already. No matter what data you have, the war criminals won't be punished, and they won't stop these programs. The only people who benefit from this are journalists and news organizations who can write a long story about things we already know and somehow make money from that.
By your logic, never investigate anything, never report on anything, never seek truth.
Without those data, people who disagree with you and don't think this is a problem have about equal evidence to argue against you.
I don't waste valuable time in my short live arguing with such people. Even if I did, and "won" (which isn't possible) it won't have any effect on the world.
By my logic do seek truth. But don't seek truth we already know! Come at me with something we don't know already.
By my logic do seek truth. But don't seek truth we already know! Come at me with something we don't know already.
You didn't know those things. You assumed those things.
We need to know those things, if for no other reason than to do something about it in the future, or to understand it as history.
I felt like I knew. Where did I learn it from? I was right. How could an assumption be so right if I didn't receive the information somehow? And if I did receive the information before, then it isn't news to report it years after I knew.
No to mention that fact that if I knew, someone who really doesn't give a shit, then people who do give a shit definitely already knew even more.
Comments
This is why Photoshop is beating GIMP, even though Photoshop costs a ton of money.
This is why Clang/LLVM is starting to kick GCC's ass even though it is BSD while GCC is GPL.
This is why Linux kernel is just fine with GPLv2, and doesn't need GPLv3.
This is why I buy an iPhone 4 even though I hate closedness.
On the Meta section: Once again Rym forgot the name of the book for book club. I remembered it because I've read it before, but for the love of FSM if you can't remember the title then at least write it on a post-it and stick it on your monitor. Yes, I know it's correct on the site and anyone who is interested in reading it should be looking at the site or willing to Google it on their own, but it makes it sound like you guys don't even give a damn about the book you're suggesting listeners should read. Also the rapid-fire rundown of the "weekend of everything" in October isn't a problem for those of us who have been listening in the last few months, but a new listener's reaction would be along the lines of "whatdafukhejustsay?" Slow it down, or if you don't slow it down then at least stick it in the News or Show Notes on the site.
On the "what if the other side hacks our robots" topic - You've got to remember that these things are likely going to be built by the lowest bidder and are going to have security holes that aren't found until we discover that the enemy has found them. Just look at our Predator UAVs that are in use now - their video feeds were hacked by the enemy using off-the-shelf software because the powers that be didn't think that end-to-end encryption of the stream would be worth the lag it would cause. If the enemy were able to figure out that then they'd damn sure be able to gather the parts of the bots they were able to take down and reverse engineer them. Never underestimate the ability of a less sophisticated fighting force.
Also, having any lag at all is really undesirable. Imagine if you are in a commercial jet and the pilot has a few seconds of lag on his controls. That's not going to go so well. Lag only works when controlling things like the Mars Rover, and you have time to calculate the fuck out of your next instruction.
Also, even light encryption on a real-time high definition video stream is very computationally intensive. You're going to put all those extra CPUs on the drone, with the heat they generate and power they use, not really the best idea. If you don't pour on the heavy duty CPU, the lag will be much much greater.
I'm sure they would love to have encryption on there, but the laws of physics make it not really an optimal choice. The military thinks about these things.
"It's a tank, chief, it doesn't have tires"
"It's always somethin' with you, lou, isn't it?"
Also - video does exist of the police flat-out shooting the dude. Not close up video, or anything, but it's extremely clear what's happening.
"The potential drone vulnerability lies in an unencrypted downlink between the unmanned craft and ground control. The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said."
It's not that they didn't care - they thought the locals would be too stupid to figure it out.
And while the enemy may not have been able to review the data they were pulling down in realtime, it would let the enemy know where the drones are flying and where we're focusing our searches, which allows them to avoid our search patterns (among other things). Plus it's not like the people snarfing down the signal had to be right under the thing to pull it in. From the CBS news article on the issue:
"When a Predator unmanned aerial vehicle, or UAV, is far from its base, terrain prohibits it from transmitting directly to its operator. Instead, it switches to a satellite link. That means an enterprising hacker can use his own satellite dish, a satellite modem, and a copy of the SkyGrabber Windows utility sold by the Russian company SkySoftware to intercept and display the UAV's transmissions."
They're already bouncing it off a satellite back to home base. The wikipedia page on the MQ-9 Reaper notes: "An operator's command takes 1.2 seconds to reach the drone via a satellite link." I'm guessing a few more milliseconds of lag time isn't going to kill the maneuverability of these things, considering these days they're pretty much flying them remotely from Langley or some random AFB after they've been launched. Have you seen the video feed from those things? It's not exactly hi-def. The slowness they experienced with the encryption came into play when they had multiple operators viewing the feed simultaneously. Simple solution to that - cut it down to a number of viewers on the live stream that generates the lowest amount of acceptable lag with encryption in place, and then use a substation to feed the stream to the rest of the viewers. If the remote operator needs to react to something then he can still have time to react and if the brass see something they want him to have a look at then he can wheel it around and go for another pass. As for the heat and power generation, bleeding off a bit of usability in the name of security is something that they should have taken into account. The operational endurance for those things ranges from 14 to 36 hours depending on the model and the loadout. If they have to shave an hour or two off the range of it to keep information from falling into the hands of an enemy, I'd call that a fair tradeoff. Besides, the Air Force Times notes that they're already working on getting encryption in place, so apparently it is a viable option. Yep. Just like they thought the enemy wasn't sophisticated enough to figure out how to get at the unencrypted streams. There's a reason why George Carlin said "military intelligence" is an oxymoron.
http://hardware.slashdot.org/story/14/11/19/1619207/halting-problem-proves-that-lethal-robots-cannot-correctly-decide-to-kill-humans
Unfortunately, they ignore non-mystical realities of human brains. If our brains are Turing machines, then by this logic we are also excluded from being allowed to kill by our own volition...
All they've demonstrated is that any intelligent agent (humans included) cannot be morally perfect, due to computational limitations. Well, duh!
https://theintercept.com/drone-papers/
People act like Snowden was such a big deal, but we were hearing about Carnivore almost 20 years ago. None of these things ever feel like news to me. They feel like reposts. As if some journalist just discovered Doge or some other meme for the first time, and I gotta be like "seen it."
No, it's not a surprise that we use drones to kill people, or that it's a dodgey process involving collateral damage and civilian deaths.
The leaks are the data and the details. We now know the target-to-bystander ratio of the attacks, and it's not good. We always suspected it was bad, but now we know the number.
We know the actual command chain and process. We have specific and deep case studies now.
So yeah, the broad strokes were "obvious," but warmongers could disagree and it's not like we had any evidence to back up our opinions. Now there is indisputable, real data to cite.
Without those data, people who disagree with you and don't think this is a problem have about equal evidence to argue against you.
By my logic do seek truth. But don't seek truth we already know! Come at me with something we don't know already.
We need to know those things, if for no other reason than to do something about it in the future, or to understand it as history.
No to mention that fact that if I knew, someone who really doesn't give a shit, then people who do give a shit definitely already knew even more.