Open Source Physical Security
Posted by Jeriaska on November 23rd, 2007
Attempting to take action now to get ready for a world with strong AI is a highly daunting task. In a world of powerful entities, how can individuals be protected? The open source software experience inspires us to look for ways to transfer the advantages of that process to the physical world. At the 2007 Singularity Summit, Christine Peterson, Founder and Vice President of Foresight Nanotech Institute, discussed the prospects for making physical security “bottom-up”, decentralized, collaborative, and transparent.
The following transcript of Christine Peterson’s 2007 Singularity Summit presentation “Preparing for Bizarreness: Open Source Physical Security” has not been approved by the author. An audio recording is also available at the Singularity Institute website.
Preparing for Bizarreness: Open Source Physical Security
Thanks, Tyler. I want to thank you so much, and your whole team, for having me here… although you did put me right after Steve Jurvetson, which is a very hard act to follow. But I’m going to have to do my best. So, “Preparing for Bizarreness,” I think that’s what we’re here to do. I have an idea I’m going to throw out and get your reaction.
First, there’s two things to prepare for. You have to prepare for the benefits and the risks. So, the benefits. That’s the fun part. The most important thing is to stick around, which, for some of us, depending on the schedule for AGI, may mean trying to so some anti-aging. Lot’s of great work being done there. We have Chris Heward here in the audience from Kronos. Also, during this same time period is the conference on Strategies for Engineered Negligible Senescence over in England. I think that’s run by Aubrey de Grey. I’m also really interested in personlal life extension stories. You guys are all really smart. How many of you are doing this stuff, personally? I know a lot of you aren’t, or maybe you’re just kind of floundering around. I’ll give a talk on that some other time, but come to me. I want to help you with that.
But this talk is really about preparing for risks. That’s where we really need to focus. As AGI and nanotechnology develo, the risks that we are feeling are going to be increasing, and they come from smaller and smaller groups. Bill Joy’s right about that. He wasn’t the only one saying that, but whoever is saying that is right. So, we need to be secure in our information technology and in our physical technology: in our physical selves, our person, our bodies, our property. Last year when I spok, it was about IT risk. That talk is up on the conference website. So, we are going to expand it this year, but physical security is dependent on the IT.
In terms of time frames, we can think about three stages. The first stage is traditional threats: explosives, chemical and nuclear. 9-11 was about the discovery that an airplane could be used as an explosive bomb. The next stage will be bio. We have seen examples of that in anthrax, in the Japanese subways. We’ve started stage two already. Eventually, we will get to stage three: nanotechnology risks. Each one of these just gets harder. We don’t know where on this timeline AGI comes in. We don’t know what side it comes in on. Does it come in on the offense or the defense? Does it come in with the bad guys or the good guys? I’m going to look at the question of where it comes in on both. Because if it only comes in on the bad side, we’re screwed. And if it only comes in on the good side, we win. So, let’s look at the harder case.
In any case, when it comes in, it just makes the whole thing more complicated to think about, unless you’re very lucky and it only comes in on the good side. The point is that it’s a very scary world ahead of us. When I was a kid, we never had to go under our desks, but we did go into the steam tunnels to hide from the Soviet Union’s nuclear bombs. So, that was a top-down threat. That’s what our systems are set up to deal with. But that’s not, going forward, what it’s necessarily going to look like. There’s more and more that is going to be bottom-up: dispersed and invisible threats. The question is, Can our response be more like that in style?
What won’t work? Right now in the U.S., the folks whose job it is, who are tasked with solving these problems, would be folks like the Department of Defense. Bottom-down is how they think, and it’s also pretty near-term. That’s not necessarily their preference. I mean, they would like to have the luxury of doing more long-term stuff. I’ve been to some conferences and workshops where they’ve tried, and they just don’t have the luxury of that. They have near-term issues to deal with. They take their responsibilities very seriously. There may be some folks there that have some awareness of bottom-up strategies, but it’s really not what they are set up to do. And it’s also not what they are expected to do by their bosses.
The challenge for us here is, we have somehow to balance security, privacy and freedom. It’s not going very well now. A lot of what we don’t like coming out of D.C. is justified by these security concerns. Presumably, you are all aware about open source style solution, especially in software. Can we take those principles out into the physical world? How would you do that? Does it make sense to do that? We already know the top-down way of security is centralized, it’s mandatory. You will do this, it doesn’t matter if you want to do it. It’s monolithic. You’re all going to do it. And you’re all going to start at this time. It’s limited in input. How do you get ideas into the system? What’s the mechanism? It’s secretive. You can’t find out how this thing works. You can’t get the No Fly List from the airlines. There is chemical detection in the airports now. Is it just explosives, or are they checking for illegal drugs, as well? We have no idea. There are signs at the international baggage claim saying you can’t record. That’s an interesting idea. Maybe I as an individual have a right to record what is happening in my life. How do I protect my rights if I’m not allowed to record. How do I prove what happened to me? What’s going on here? Let’s think about it.
I’m taking airline security as an example. Weapons control in general is this way. What would bottom-up look like? Just the opposite. It would be decentralized. You would make it voluntary and privatized as much as possible. Experimental, so it isn’t all the same everywhere. Collaborative, so you can get ideas into the system. And open and transparent. You can find out how the heck the system works. Today’s open source software is a model. Up to some extent, the fourth 9-11 flight was a model. That was a bunch of bottom-up work. Now, did those folks solve all their problems? They did not solve the basic, original problem of an airline getting hijacked. But they did solve the new problem of an airline being used as a bomb to hit a building. They solved it in a very short period of time. I think from the time the first plane hit the first building to the time when these folks took action, it might have been down to 45 minutes, which is pretty amazing.
How much of that bottom-up action and creative thinking have we seen in the current situation for airline security? The immune system and biology has elements of this style. So this is the inspiration. Do we want to make things voluntary and come up with agreements between jurisdictions? Can we open up these security processes? This is going to be a hugely difficult task. We have to somehow maximize security and liberty simultaneously. This is not going to be done by a small number of folks in one place, no matter how well meaning. This is going to have to be a group activity. And I think the people here in this room are the kind of people who need to participate.
If we test situations, how would it work? I just brought up airline security as one place to put it. Probably we have all gone through it and thought, this is not the right way to do this. This is not making me safe. Then later on we are going to have this issue for biological weapons. As I said, this is already starting. This is very scary. It’s a real issue. Eventually you have advanced nanotechnology, which could be used for offensive weapons. If you are interested in that area, there are conference brochures with a picture of a molecular machine system on the front out in the lobby. You are welcome to join us at that meeting.
That technology could be used offensively, as well. You notice there’s this word “surveillance.” We don’t really like that word. It means observing from above in French. There’s a new term, “sousveillance.” That’s observing from below, which is more of an open source-style concept. So, where are these solutions going to come from? You want to figure out what a threat is going to do and how do you deal with it.
How about doing simulations in gaming? This is from the book Engines of Creation, still a lot of wisdom for us on this issue. We can “turn loose a horde of engineers, computer hackers, biologists, hobbyists, and automated engineering systems” to model these kind of things. Now here is a useful game. I was thrilled to hear that the gentlemen at the Templeton Foundation are interested in funding gaming. Here is a really useful game to fund, and this game never ends. Right? We need whoever is good at World of Warcraft to put down World of Warcraft and come join this game, which really matters a lot.
We’ve been hearing a lot about openness. I was thrilled to hear some of the other speakers say they want an open source singularity, and a call for openness from Josh Hall. The challenge that we face, what the bad guys can do, has a lot to do with what they can get away with in secret before it’s found out. So, the more you have a physical space which you kind of have a feel for what’s going on in, the harder it is for resources to be gathered for negative purposes. This doesn’t mean that we’re collecting information that’s going to go into a D.C. database and kept forever, or some U.N. database in New York City. That’s the top-down way. I don’t think it has to be that way. I think we can come up with better solutions.
I talked about whether AGI is on one side or the other, and that the most complex case is when it’s on both sides. A long term security goal would include automated systems designed to protect without threatening. “Automated” means software. “Non-threatening” means there are limits built into the systems, and you have to, in order not to be threatened, to be able to tell. It’s got to be transparent, both in the software and in the hardware. We have to demand this, just like we have to demand it in our voting machines. What could be more obvious than that voting machines have to be transparent both in the software and the hardware? The idea that you could have proprietary, secret software in the voting machines is ridiculous. How did that even start? It’s our fault, you know. We’re the software people. I’m not a software person – I didn’t want to say it, “It’s your fault.” It’s the software community’s responsibility to get out there and explain to people that it’s just crazy.
Checks and balances is what has gotten us as far as we have gotten so far. And that’s what we need to build into this kind of system. We had one of our earlier speakers talking about the rule of law. That is what we are trying to embody in our hardware and software systems going forward. These issues of securit, privacy, openness, transparency, liberty, who do you know, what communities debate these now? There is really only one that I know of. It’s this community. The software community, and specifically the open source community. They talk about this stuff all the time, very vehemently. Strong views, a lot of theory about how are you going to do this. They talk about this at EFF all the time. The connection to technology, politics, freedom. What other communities even talk about this stuff?
So I would argue that there is no group better qualified than the software community, particularly open source folks, to take this on. This is going to be really awfully hard and really unpleasant. Kind of like the American Revolution, but a lot harder. If you look at Ben Franklin and Thomas Jefferson, they were inventors. And if you go online and look at their inventions, they were the Alpha Geeks of their time. These were hotshot technical guys. But, you know, they held their noses when the time came, and stepped in, and did really a great job. We are all still benefiting from their work to straighten out politics when it became necessary. The old saying: “The Constitution, it’s not perfect, but it’s better than what we’ve got.” They did a great job.
It sounds like a Heinlein novel. She’s trying to convince me I’m in a Heinlein novel, where there is heroic action to take. Well, yes, you are. And you’re the best ones to do it. I hate to tell you that. I know you have other things to do. You want to work on Web 2.0 and get rich, right? But, you know, we’re also going to have to do this. And I know a lot of you personally, and you’re sitting there going, ‘Well, she can’t be talking about me.’ Don’t be too sure. We have people as bright as them today. Some are here at the Summit, and they’re not all the speakers. There’s a lot of you guys out in the audience not speaking this time. I know you personally, and because I know so many of you personally I have a statistical reading on this audience. And I know there’s tons of Alpha Geeks out there. You’re really smart and you hate politics. And the idea of helping in politics just is nauseating. And you would rather go get rich or do technology, but we’re going to have to do this, folks. You’ve got to be alive to do that stuff. And this is going to be a critical thing at some point.
So, I want to thank you all. I am not an Alpha Geek myself, although I try to be helpful to them. I’d like to thank you all in advance for taking this on, because I know they will eventually. And I just want to point out that it’s easier if they start earlier, and say that I would be happy to help. If you are interested in these kind of ideas, I mentioned the book Engines of Creation. It’s available as a book, of course, but also free online at e-drexler.com. We are calling this project for now “Open Source Physical Security.”
The other thing we are doing, and I think Tyler mentioned this, is that we have a conference called the Vision Weekend, which this year is November 3rd and 4th. It’s a combination conference and un-conference. I think a lot of you have been to the un-conference format. It’s really a blast. And it’s at Yahoo headquarters. Special thanks to Yahoo for that donation. And I want to invite you all to that meeting, to explore this and a lot of other topics like life extension, nanotechnology in general, all these kinds of things that we cover at that meeting. I think that on your way out of this room that there will be fliers handed out about this. And I think on that note I will thank you for your attention. Thanks a lot.
I want to read you one last quote. “Only a crisis, actual or perceived, produces real change. When that crisis occurs, the actions that are taken depend on the ideas that are lying around.” That particular quote is from Milton Friedman, but I’ve heard this from other people. We have to make sure that it’s our ideas, and that we have a plan ready when these crises happen. It’s only a matter of time. Thanks.
