Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I can't help but think this sort of issue far outweighs whatever concern we may have when it comes to any sort of bad AI actor. Every time I read about the OTA updates on Tesla cars my spine tingles a bit about the possibility (which I can only conceive is greater than 0) of some bad actor sending out code which turns those cars into ungoverned highway missiles.

If there's one lesson that we can take from all the data breaches from top companies and high-profile government officials is that we are terrible at securing software. The 21st century Ted Kaczyinski isn't going to need the post office; he's got a MBP and SSH.



That's why I love "Black Mirror". They tackled the risk of class breaks in the episode called "Hated in the Nation" (season 3, episode 6) and they did it in such a way that everyone can understand the problem, not just us computer geeks.


They've tackled a number of different social and technological issues very well. Big big fan of their Christmas episode!


> of some bad actor sending out code which turns those cars into ungoverned highway missiles

Yes but think of the probabilities that have to happen are:

a) Knowledgeable person

b) Motivated person

c) Evil or mentally unstable person

d) Determination and ability to overcome adversity.

And the person or person who has to decide that Tesla is what they want to exploit instead of another car manufacturer or another object and so on.

Compare this with someone who simply wants to take their car and drive it into a crowd.


If we're assuming independent hackers that simply have nothing better to do... Simply look at how many hackers do it already.

If we're assuming hackers that realize they can lock down a person's car in exchange for ransom... Simply look at how many hackers do it already.

If we're assuming a broad attack by a foreign entity... Simply look at how many hackers do it already.


> Compare this with someone who simply wants to take their car and drive it into a crowd.

You have to multiply the probability by the harm. Yes, most people will just drive their car into a crowd, killing - let's say - 10 people.

But the man who perseveres and drives EVERY controllable car into a crowd can kill thousands, if not millions.


Yes but it's infinitely easier (which is my point) for multiple people to drive a car into a crowd killing 10 people at different times. The bar to be able to deploy on a large scale (by a single actor, not North Korea) is much higher and the group of people that could potentially pull it off is infinitely smaller for at least the reasons that I mentioned.

Anyone of us could drive into a crowd and kill 10 or many more people. Yet it happens extremely infrequently, compared to at least how many times it could happen.


How many times can one individual crash their car into a crowd vs force a hacked car into a crowd though?


Yes, there are many people in the world fitting all of a, b, c, and d.


There actually aren't. Problem is, it only needs one.


9/11


I call this the cyber terror paradox. Consider:

1. Computer systems that run important things (power, water distribution, logistics, financial networks, communication networks, military systems, air traffic control, individual plane/ship control, etc) are inter-networked and vulnerable.

2. The world is full of evil people that hate the West and want to see it suffer.

3. Nothing has happened.

How can all of these three things simultaneously be true?


You can apply similar logic to terrorism in general.

1. Western countries are full of soft, populated targets with minimal protection.

2. The world is full of evil people that hate the West and want to see it suffer.

3. Very little has happened.

It's not quite as strong, since 3 is a weaker claim, but the attacks we do see are pretty rare relative to what you'd expect.

In both cases, I think the answer is that #2 is wrong. A lot fewer people are out to get us than we're led to believe.


It's weaker overall since "cyber terror" could be continuous. If you wanted to carry out continuous terror attacks you'd need a shitload of dudes to run around with guns and bomb trucks, and you'd need to train, feed, and move them. With computers, none of that is a problem any more. So why don't you see strictly more cyber terror than regular terror, always?


You could just send dudes to the US with a small amount of cash and instructions to buy a gun and shoot up a public place. Terror doesn't have to be sophisticated. We're seeing how bad an attack can be with nothing more than a truck. That it's not happening constantly suggests a marked shortage of dudes willing to do these things.


Before 9/11 I wondered about this: clearly someone smart could do a lot more damage than we'd ever seen, and clearly part of the reason it hadn't happened was that the few, most disaffected people were not the people who had their shit together. But this reason didn't quite reassure me, and, well, now we know that it shouldn't have.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: