February 05, 2004

(Ab)Using Technology

The NY Times has an article on how computer literate people are imposed upon by their lazy or less competent friends. Read it here , free registration required.

I think the article brings up important points and misses a few other issues. The whole thrust of tech-literate folks tiring of helping seems a little irrelevent, but has the human interest to sell a story. The main underlying theme for me is that technology, when used by people who have no idea at all how it works, is DANGEROUS.

The whole point of technology is that experts in a field of endeavour can produce things that allow non-experts to function in that field, or in ways they could otherwise not. I.e. you should not have to be able to build a car to drive one (though admittably I did build my car).

This tech transfer though must be mitigated, for example you should pass a test of driving skill and safety to drive a car. This is because a car has huge energies associated with it that can and do kill people. I personally think that one should additonally be able to change a wheel in a flat tyre situation and show knowledge of critical fluids etc, but my views might be extreme.

It seems to be the case that for every technology there exists some small (?) percentage of people who will never be able to use it in a safe manner. For an example of this take a Boeing 747, pilots of which have to learn and demonstrate skills beyond the reach of many people. It is of course not very politically correct to discriminate based upon skill and competence in everyday life, but it is done in many situtations. Note that some countries have rules that force chronic failers of driving tests to undergo more rigourous examination and to wait longer before retesting, in addition to having a test that requires real skill to pass.

Coming back to computing technology, it is apparent that people are using these tools without sufficient basic understanding of the technology. The industry itself should share blame as it slants towards feature rich shiny toys and not fundamental tools, and education might also be geared in that direction.

Today, it is possible that opening a virus laden email is one link in an event cascade that knocks out the safety system of a nuclear power plant and this seems much more dangerous than crashing a car to me, though much less likely. Also it is easy to become a victim of ID thefts or scams and to loose important data, all by not applying some simple principles. Hence I think safe and educated use of computer technology is very important and I have tried to educate in formal and informal settings about such issues. I am not sure that a license to operate a computer should be required yet , but present levels of ignorant use are in fact rendering technology dangerous and abusable.

Posted by byers at 02:13 PM | Comments (624)

February 02, 2004

Safire: US Blew Up Soviet Pipeline with Trojan Horse Software

William Safire tells an amazing story in his column in today's New York Times. He says that in the early 1980's, the U.S. government hid malicious code in oil-pipeline-control software that the Soviet Union then stole and used to control a huge trans-Siberia pipeline. The malicious code manipulated the pipelines valves and other controls in a way that caused a huge explosion, ruining the pipeline.

After that, Safire reports, "all the software [the Soviet Union] had stolen for years was suddenly suspect, which stopped or delayed the work of thousands of worried Russian technicians and scientists."

I should emphasize that as of yet there is no corroboration for this story; and the story appears in an editorial-page column and not on the news pages of the Times (where it would presumably be subject to more stringent fact-checking, especially in light of the Times' recent experience).

From a purely technical standpoint, this sort of thing is definitely possible. Any time you rely on somebody else to write your software, especially software that controls dangerous equipment, you're trusting that person not to insert malicious code. Whether it's true or not, Safire's story is instructive.

Posted by Ed Felten at 01:22 PM | Comments (245)