0
The movie
Avengers: Age of Ultron has a message for us in cybersec: In our desire to save the world, we are likely to destroy it.
Tony Stark builds "Ultron" to save the world, to bring peace in our time. As a cybernetic creation, Ultron takes this literally, and decides the best way to bring peace is to kill all humans.
The problem, as demonstrated by the movie, isn't that there was a bug in Stark's code. The problem was the hubris thinking that Stark could protect everyone. Inevitably, protecting everyone meant ruling everyone, bringing peace by force. It's the same hubris behind the USA's effort to bring peace to Iraq and Afghanistan.
I mention this because in the cybersecurity industry, there are many who propose to bring security through authority. They want government mandated rules on how to write code, imposed liability requirements, and so on.
This sounds reasonable. After all, nobody wants medical equipment like pacemakers to be hacked. But here's the thing. Computer-controlled devices have the potential to vastly improve health, whether it's Watches monitoring your heart, pacemakers, insulin pumps, and so on. While these devices can be hacked, the practical reality is that if you want
Continue reading