Artificial Intelligence

cralkhi wrote:

Tenshinai wrote:The point i was making was much simpler though, how many nasty people would think that it´s a LOVELY idea to make copies of themselves? Clone an heir? Henchmen?

Problem is that clones are not really "copies" of oneself. A clone would be a different person, like an identical twin raised by different parents.

As for henchmen, I'm not sure what you gain by having them be clones.

Oh i can think of a few already, but the important part isn´t what WE think about it, but what the person who thinks it´s a GREAT idea for his/her idea to rule the world(or something suitably sized for their ego).

Tenshinai wrote:
You haven´t thought it through enough. Having the face emulation software allowed internally is an enabling technology. You don´t need any kind of special access to exploit it.

Absolutely correct. If your operating environment is one MickeySoft Winblows. Stop dicking around and being screwed by MickeySoft. Move up to the most secure environment in the world. I have no doubt that Manticore's OS is Unix based. Where Haven's was, cough, blowing in the Win-blows.

Being a Linux guru. I assure you, I can lock the system down tighter than a witches cat. And I ain't talking about her feline.) And it wouldn't matter whether the program was installed "internally" or "externally." And I caution, that I am attempting to use the phrases 'internal' and 'external' in the sense that you do, admitting that I have absolutely no idea what you mean. I can intuit it, but that requires assumptions. In my world, regarding security, 'internal' and 'external' are ideas describing the nature and source of threats. For instance, an attacker originating from inside the company/environment (employees, officers, guests...) or an 'external' cyber attack (foreign terrorists, hackers). What I 'assume' you mean is what the security industry calls open and closed. Open/closed in a security sense, and not in the physical design sense. These are two very different concepts.

All of my important personal computer data, or my system, never becomes exposed to this type threat, because it is a completely closed system. What can be achieved from the inside is quite limited, lest 'physical' access.

Worse however, is that if someone is using a more advanced emulator, or something similar, the person on the receiving end cannot nearly as easily realise something is being used for spoofing rather than for convenience, if it´s "ok" to use it for convenience.

I am not quite sure I know what you mean here. Vulnerability to spoofing is possible from an open or closed system if at any point the systems are connected. Soft or hard connected. The software that we are discussing is already onboard ship. If security can be compromised 'externally' then you've already lost the game (if at any point (widely encompassing) your external system communicates with your internal system)

If it´s not "ok" to use it at all internally, then instantly if someone see that something like that IS being used, it will cause alarms to go off, personal or tech-based or both.

These same alarms can be implemented on your internal system as well, if someone other than those with proper clearance, or in Linux-ese, permissions, initiate the program.

But alas, I think I know what you are considering. Being fooled by the emulation software is a real possibility. Even in the Honorverse it is often referenced that you don't know if someone is sending you real imagery. Remember Cerberrus?

This is why you NEVER EVER install certain types of software in a secure environment.

Tenshinai, you and I both know that there is no such animal existing with the nomenclature of 'secure environment,' unless it's closed, except to a single user.

And on a Windows system, any program can easily be exploited. But, as a part of your secure system, you only install software that was designed, in-house, from the outset as part of this secure system. vs third party software.

The problem with a program like this is that the normal use of the program by itself is a security risk, it doesn´t matter if in itself it has zero vulnerabilities.

Again, that's a limitation of both your OS, SA and system design.

If you were to use this in "your" ships, ok, then i aquire a copy. Then make an alternate version of that which mimics the original software enough that internal comm software wont see the difference, then i either need a few moles or someone to stuff some extra automated software onboard, doesn´t need to be in any of the high security areas of the systems even.

After that, i can wreak havoc in your fleets.
At least once, and probably a few times.
I don´t need more than that.

And that´s just the most blatant exploit.

What if i had those programs "fixed" to suddenly start switching people with uniforms out for nude pornstars(many options for various replacements here)? Set to do it at the right time and action, the amount of annoyance and/or temporary confusion it could cause is quite major.

Or it could be used for personal attacks on the most competent enemy leaders.


I also have a fair idea how such a program could be used for transmitting information covertly. I´ll keep the "how" for that to myself though.


And i already know that it´s "not that easy", but the point here isn´t that it easy, but that YOU are making it POSSIBLE for your enemies to exploit your own software.

Granted, I saw the possibility of miscreant use. Circumventing the effects of the emulator and Honor is appearing as she really is...naked. However, you only employ on a secure line, and others with proper clearance have more of an opportunity to circumvent, but that same clearance allows that possibility regardless of any installed program.


If you've got moles, you've got rats. And any one particular piece of software would be your least worry.

Now, there are limitations to my knowledge regarding the ship's systems because obviously I do not know the ship's overall system design. And I would really enjoy discussing this with you, but not in a public forum. I feel quite uncomfortable talking security in a public forum. It seems you do too...

I also have a fair idea how such a program could be used for transmitting information covertly. I´ll keep the "how" for that to myself though.

You have quite a few ideas of how it can be done! I won't say that I do too.

Let me say one thing: two thousand years.

A large part of today's problems are due to widespread use of a language that's insecure by design (pointer arithmetic that has unrestricted access to memory) and an operating system that violates the most basic principles of security (superuser, anyone?)

Both of these problems can be fixed. I'm not even going to claim any hidden expertise - I'm sure there are hundreds, if not thousands, of professionals who could tell you how to fix the first one, and hundreds who could tell you how to fix the second.

What none of these people have is the hundred million or so dollars needed to do the job, and the authority of a nation-state required to make sure it gets done and implemented.

This won't fix everything, of course. There are other problems than buffer overruns, use-after-free exploits and similar that are due to using C and C++, as well as giving users too much authority (almost every system in existence). Solve the most prevelant problems first, and then there will be plenty of time and energy to address the next set.

Rinse, lather, repeat for 2 thousand years.

We have literally no idea of what systems in the Honorverse look like, how they are programmed or what weaknesses exist.

There is extensive use of this kind of technology in Echoes Of Honor, and its weakness is well pointed out. One has to hope that the "doctored" transmission isn't put under scrutiny. Which always left me to wonder why a certain very important "doctored" video wasn't put under heavy scrutiny.

Tenshinai wrote:Oh i can think of a few already, but the important part isn´t what WE think about it, but what the person who thinks it´s a GREAT idea for his/her idea to rule the world(or something suitably sized for their ego).

Oh, yeah, once in a while you'd get rich and powerful people cloning themselves, sure.

It's just not likely to get much "traction" or make much difference to society as a whole since clones will be indistinguishable from naturally born people (I don't think you'd necessarily even recognize it if you saw a person and their 30 or 40 years younger clone side by side, due to the age difference).

And I think it would tend to become looked-down-upon as egotistical by most people, which would probably discourage it further.

cralkhi wrote:Oh, yeah, once in a while you'd get rich and powerful people cloning themselves, sure.

It's just not likely to get much "traction" or make much difference to society as a whole since clones will be indistinguishable from naturally born people (I don't think you'd necessarily even recognize it if you saw a person and their 30 or 40 years younger clone side by side, due to the age difference).

And I think it would tend to become looked-down-upon as egotistical by most people, which would probably discourage it further.

You´re not thinking creatively enough.

Think about the kind of people that have grown up in "doctored" environments, nicely brainwashed... And how some of them have been used.

Normally, this is an issue limited in numbers because for someone to manage largescale, they either have to breed like rabbits, or start snatching babies from other people.
The second would get police pulled in quickly, and the first, far harder than it might sound.

Like i said, there´s a lot of possible ways to use it, and we wont like most of them.

So, would any of you smart code monkies care to comment on the use of the ON/OFF switch in regards to AI?

The best, most logical, most probable treatment of AI is found in the book ARIEL, by Jack Bickham.

I can see Humans developing an AI system that can "Find a cure for cancer" but I do not see any reason to build a system that can "Chose a research problem and solve it."

The first is the kind of AI that can make a return on the investment required to build it, and the second is just as likely to keep dividing 1 by 3 to find an end point.

And in any case of any level of AI system, I cannot see how it would be of the "SKYNET" type and even in that case, it will have few ways to keep Humans from turning off the power switch. An AI inside a Positronic brain inside a robot body is way far in the tried and tested future of AI, I mean, like really! Susan Calvin would be vital in the early stages of AI, when the machine was locked up in a lab, but by the time AI was mobile, Susan would be unemployed for a long time.

Dieu_Le_Fera wrote:There is extensive use of this kind of technology in Echoes Of Honor, and its weakness is well pointed out. One has to hope that the "doctored" transmission isn't put under scrutiny. Which always left me to wonder why a certain very important "doctored" video wasn't put under heavy scrutiny.

This question was actually addressed in the text. The video was carefully designed to be realistic, with the CGI Honor acting in a way consistent with the real one's character.

cthia wrote:Tenshinai, you and I both know that there is no such animal existing with the nomenclature of 'secure environment,' unless it's closed, except to a single user.

Funny you should mention that...

Seriously though, someone i know is responsible for keeping a network secure and constantly running, as it maintains servers doing stuff that needs to be reliably up, ALL the time.

So, something like 20000 computers, a crapload of servers and maybe 5000 users, with part of the network requiring the ability for easy access from the outside or via internet...

Since the person in question took over in the 90s, there has been exactly zero intrusions that did anything beyond banging their heads uselessly into the security programs.

The network originally ran on Windows, Unix, VAX/VMS and at least 2 other OS i don´t have even the slightest clue what they were.

Total downtime for critical services in over 15 years?
A single outage of a couple of hours after a freak powersurge managed to cripple some redundant systems at the same time as main system was offline AND parts in the primary and secondary backup managed to reach end of their lifetimes within a few hours of each other(years early, turned out to be a hidden defect right out from factory). Yeah, one of those one in a trillion events.


And now for the relevant part... One of his basic rules are that no programs are allowed outside of the virtual machines if they allow ANYONE to do ANYTHING that could potentially be used to mess with either the network, OR with the work of those using the network.

And allowing the use of morphing/emulation software would fall strongly into the 2nd category there. Because it COULD be used, even without any modifications, to mess with the internal communications.

In the network of my friend, it would be something like the equal of allowing internal emails to have a spoofed origin adress.

cthia wrote:These same alarms can be implemented on your internal system as well, if someone other than those with proper clearance, or in Linux-ese, permissions, initiate the program.

If the program isn´t there at all, noone can even try to abuse it.

cthia wrote:I am not quite sure I know what you mean here. Vulnerability to spoofing is possible from an open or closed system if at any point the systems are connected. Soft or hard connected. The software that we are discussing is already onboard ship. If security can be compromised 'externally' then you've already lost the game (if at any point (widely encompassing) your external system communicates with your internal system)

Spoofing in this case not in regards to where it comes from, but mainly who it comes from.

Essentially, again it is about the problem that you have put software into place that can be used for "alternative uses" and given it ANY permissions at all as well as integrated it into the systems overall.

If anyone tried to use something like this on a ship that does not have anything like it, it would set off a shitstorm of alarms because it would instantly be noticed as a program breaking a lot of security rules.

But if the ship uses such software as part of normal routines, then for example a heuristic "security check" has no reason to not accept such a program as "ok" unless specifically told not to.

You create security holes and enable others exploiting your network.

cthia wrote:Being a Linux guru. I assure you, I can lock the system down tighter than a witches cat. And I ain't talking about her feline.) And it wouldn't matter whether the program was installed "internally" or "externally." And I caution, that I am attempting to use the phrases 'internal' and 'external' in the sense that you do, admitting that I have absolutely no idea what you mean. I can intuit it, but that requires assumptions.

Using face emulation software to try to fake a message to a nonowned ship would be external use.
Using it inside your own ship is internally, using it between your own ships, well that can be counted as either depending on how suitably paranoid you are.

cthia wrote:I feel quite uncomfortable talking security in a public forum. It seems you do too...

Well that, and that i´m not a pro in this regard, and even less so a pro when it comes to speaking of it in English.

My brother might, but he´s mr hardware guy mostly. And my good friend that can do some hacking is mostly a programmer with some extra skills and none of them in English (except for the programming languages hehe).

I know enough to know what can be done under some circumstances and with some tools and i have a nasty streak of creativity adding to that.

JohnRoth wrote:Let me say one thing: two thousand years.

A large part of today's problems are due to widespread use of a language that's insecure by design (pointer arithmetic that has unrestricted access to memory) and an operating system that violates the most basic principles of security (superuser, anyone?)

Forgive me John but this cracks me up. I am ROTF. You see, I remember a time. I was not much more than a kid, when the masses screamed "Give us more access to the machine!" Personal computers were not personal computers if the person owning the computer had limited access to the capabilities of the machine. There were loads of professional as well as hobbyist programmers early on in the computer industry, but their potential genius was hampered, even thwarted with limited access to the true capabilities of the hardware. Enter Atari. The power placed into the hands of the end user was unprecedented. Albeit through machine language, total access was given to the system. The Atari featured an Amy chip. A synthesizer chip which allowed, by direct manipulation of pointers, total access to the chip. The industry saw Ataris flying off the shelves. I got one too! Atari's marked the beginning of incredible musical composition programs. Artists, musical groups, composers had Ataris center stage driving their creativity, rivaling systems costing thousands of dollars. Companies wanted to license the chip. Other personal computers followed suit (Commodore) by allowing access to more and more memory locations. Although some methods employed were cumbersome at best. i.e. Peeks and pokes, because of an unavailability of low-level machine languages/compilers.

Realize that pointer arithmetic is directly related to computer design. Can we say 'registers?'

Also, one can virtually disavow the use of pointer arithmetic within programming projects but doing so would add complexity and size to efforts. 'Loop unwinding' comes to mind.

As far as superuser advantages/disadvantages. First off, the superuser program in a Windows vs. Linux environment are completely different beasts. Superuser capability was something added on to Windows as an afterthought. It was designed with Linux from the outset. SU is a significant part of the reason that Linux is so secure. Without it, many capabilities of the environment as well as security itself would be little more than a pipe dream. The problem comes with less than knowledgeable use of su. You have no idea how many people log in to the su account just to play games, surf, etc.