Integrity

TURECH (CYAN STARFIRES) – Panic, uncertainty, and rioting gripped the capital of the Ossoric Nomarchy today after the announcement from the Extranet Security department of Bright Shadow, ICC, that it intended to revoke the certificate authority status of, and thereby all user and device certificates issued by, the Ossoric Data Vizjery. This action comes in response to the reports, issued five hours ago, that the Data Vizjery had retained private-key information for the certificates it issued for monitoring and “national security” purposes.

Rosith 0xEED4221A, Chief Security Officer at Bright Shadow, stated “We regret the necessity of this action, but we have a duty to consider the integrity of the overall extranet security infrastructure. An ISOP certificate is a promise of security, issued over our word. By violating their contractual obligations as a certificate authority, the Data Vizjery has broken that promise to all their customers and those who interacted with them across the extranet – and so has broken our word. And no-one can be permitted to do that without consequence.”

In response to further questioning, ve added that the absolute guarantees expected of a certificate authority were long-standing corporate policy and spelled out explicitly in the CA contract, and further cited the 58th century case of the Isliar Primacy as evidence that the Vizjery could not avoid being aware of the nature of their actions and the consequences of their revelation.

A subsequent announcement from Bright Shadow informing those domiciled in the Nomarchy that the constellation CA would be permitting individual user and device recertification at cost-of-supply, as a temporary emergency measure, and advising the Nomarchy not to interfere with residents seeking such certificates, did little to stem the uncertainty following this decision. Ossoric indices fell an average of 12,432 points on local markets before trading was suspended.

More Questions: Security, Reputation Economy, Pattern Identity

Clearing the backlog a little again…

On “Securing Security“:

Specialist290: ‘I’m guessing, though, that in their own courts of law, the Imperials would view the refusal to voluntarily provide access to such a device as an aggravating circumstance in itself?’

Tony Harris: ‘If I’m reading Alastair’s posts right, Imperial society considers ones “stuff,” including one’s personal data, to be as much a part of one’s person as their own limbs.

The right to be to “secure in one’s own person and papers” (including data) is taken VASTLY more seriously in the Empire than anywhere on this planet.’

The latter, in a word.

Specifically, you retain that right unless they can actually indict you for something. A Curial court addressing a criminal matter can subpoena your data after arraignment, but then, it can also subpoena the contents of your brain, so that’s a relatively minor consideration. But you have to be indicted first on the basis of an actual case to answer – law enforcement does not get to go on fishing expeditions through your person, papers, and personalty in the course of an investigation if they can’t muster up the necessary burden of proof to indict you.

But even post-indictment or post-conviction: ordering third parties to create circumvention tools, as uncompensated takings of labor, even? That would violate their contractual obligations? That would weaken everyone‘s security and thereby punish the innocent for the crimes of the guilty? No, no, no, a thousand times, NO.

(Legally speaking, though, the investigators can ask you for access to data, etc., and you can refuse to permit it. The law takes into account that people may have many reasons not to provide such access, and enjoins the courts that they may not consider such evidence, even circumstantial evidence, in favor of guilt, and the courts do so.

…that said, if it turns out later that the reason you refused to provide such access was to cover up someone else’s criminal act, then that’s sufficient to have just got yourself charged with misprision of felony, which in Imperial praxis covers the responsibility of everyone to report any crimes of which they are aware. But that’s a somewhat different issue.)

Also from Specialist290:

Given that the eldrae place immense importance on both everything having a quantifiable exchange value and every sophont having a strong reputation, have there been any groups that have tried to combine the two into a single mechanism (a la Cory Doctorow’s “whuffie”)?

A few undoubtedly have, but so far no-one’s solved the fundamental problem that reputational capital ain’t quite like financial capital: when you spend it, you still have it, or ought to, because obtaining something in exchange for niceness doesn’t make you a worse person while obtaining something in exchange for money does make you poorer. Since the economy isn’t actually post-scarcity, that so far being impossible, this makes those attempts prone to distressing outbreaks of volatility and “reputation runs”. Leaving aside the problem that reputation in different areas isn’t really comparable and may be assessed differently by different people when computing metascores, hence the proliferation of rep-nets and meta-rep-nets with different emphases.

The two are highly intertwingled, of course, with discounts and freebies and exclusive access, etc., offered to people with high appropriate rep , and even the odd case of the opposite (say, the Ephemeral Contract rep-net, used to penalize bad customers as well as bad customer service), but there’s not yet a pure reputation economy out of the experimental phase.

Less of a question and more just some thoughts on a comment, from Zarpaulus:

Your consciousness is only a small part of what makes you, you. How many of your decisions can you fully explain? How many actions do you perform automatically?

When you sleep your consciousness is on minimal power at many points but your subconscious is working the whole time. It’s like putting a computer on “sleep mode”, it’s still running, just with as little power as possible. Even comatose your brain is still functioning.

Maybe it might be more appropriate to say that consciousness isn’t an app, it’s the gestalt of everything your body is doing. There’s no separation of Mind and Body.

Frankly, the idea of “pattern continuity” stinks of Cartesian Dualism. And I thought Descartes’ philosophy sounded like “I can’t accept that the world would be so cruel otherwise, therefore God exists.”

I’m going to come right out and say it: The problem I have with dualism is pretty much matched by the problem I have with what I might call anti-dualism, except that alliteration is fun, so I’m going to call dualism-denial.

I mean, sure, there’s no Cartesian dualism. We’ve refuted that. There is no magical mindstuff, no nonphysical soul plugged into the pineal gland, none of that. The brain is not an antenna sticking into the cognitive realm. So far so good.

The problem is when people then assume that refutes all kinds of dualism, like property dualism or what I would call metalevel dualism, or informational dualism.

Which is to say: there is such a thing as a triangle, not just graphite marks on paper. The Pythagorean Theorem exists in a sense distinct from the molecular vibrations caused by someone expressing it. There are definable things called Microsoft Windows, or Word 2016, or ThatAwesomeNovel.docx that are distinguishable from the pattern of magnetic domains storing them. Likewise, there is a thing called a mind which is distinguishable from three pounds of neuron soup, even though – like all the others – it is expressed in the structure of the neuron soup. (Or of the magnetic domains, or of molecular vibrations, or of graphite marks.)

Specifically, it’s the abstract information encoded in them. Which can’t exist without a substrate, certainly, acknowledging physicalism this far, but is no more identical to that substrate than the concept of arithmetic is identical to a copy of Elements of Arithmetic, Second Edition, 1992.

tl;dr Minds are concepts, information entities. I am my mind, a complex algorithm giving detailed instructions how to meMy brain is the physical instantiation/substrate of that algorithm. The rest of me is that brain’s vehicle, manipulators, and support system.

And pattern identity is no more than saying – well, if you image the hard drive of a computer, extracting all the encoded information, and copy that image onto new hardware (or even into a virtual machine) and then boot it up, and it behaves in exactly the same way and has the same stored data and is in all relevant ways indistinguishable from the original, then in every fundamental sense, it’s the same computer, innit?

Likewise, all copies of the same mind-algorithm are the same mind, ergo the same person. Selah.

(As for the consciousness argument: I’ve seen that a lot, mostly from people claiming that the studies showing that we initiate actions before our narrative thread of consciousness becomes aware of it somehow refutes free will. Which has always struck me as obvious nonsense, unless we’re assuming that the mind constitutes only those bits of it we can look at (from an internal point of view).

…which is to say, my spreadsheet solves mathematical problems. It isn’t not solving problems simply because it only shows me the final results. Likewise my mind – which is to say, I – am not not exercising volition simply because I only output the final result to the narrative-thread-of-consciousness display device.

It’s only a problem if you define “the mind” as “the conscious, self-reflective self and that alone“, but all that proves is that you can get nonsensical results if you pick a suitably silly definition to start with – which is why, to draw this lengthy digression back on topic, is why they reject continuity identity theory. Placing special emphasis on that one subroutine, the narrative thread of consciousness, is mistaking a part for the whole.)

 

Not-a-Fic-a-Day: Securing Security

Remember my last not-a-fic-a-day?

Well, it’s happening again with the world’s latest aggravation, so here, have some less than subtle fictional commentary on that.


ALEPH NULL SYSTEMS, ICC TICKET-TRACKING: CASE 411292

From: Metropolitan Security Bureau, United Viridian States

Subject: Isinglass secure dataplaque
Version:
I.4 series B
Issue: Court order received by us requiring creation of decryption tool
Priority: Urgent

Resolution: WON’T IMPLEMENT / SPECIAL ACTION

Ref: Case 411187 (“Request to decrypt user data”)

Previous:

Customer’s government requested decryption of contents of Isinglass model I.4 secure dataplaque, serial number B1117-1.4-311246, pursuant to a local legal case (see referenced case 411187). As this is not technically possible and against corporate customer data protection policy, standard brush-off sent.

Notes:

We have at this time received a copy of your court order dated 7123-04-02 requiring us to create and deliver a decryption tool capable of replacing the security firmware on Isinglass model I.4 secure dataplaque serial B1117-1.4-311246.

We have the honor to inform you that since so doing would be a clear violation of our corporate customer data protection policy, which is a contractual matter, we must adamantly refuse to do so at this or any other time.

For the avoidance of doubt, however, we also ask you to be advised that we are in any case incapable of creating such a tool. By design, the security firmware of the Isinglass and other secure terminal equipment, along with all cryptographic keys and other data required by said security firmware, resides within a dedicated (“Secure Enclave”) nanocirc, designed not to permit external update, and enclosed in quantum security mesh which will cause immediate hardware self-destruction if the nanocirc shell is penetrated by any device or other instrumentality capable of modification or observation.

(Updates to the security firmware require physical replacement of the dedicated nanocirc which, consequentially, replaces all cryptographic keys and therefore renders unreadable all data stored on the device unless it has previously been transferred to another device under the control of the previous firmware.)

This design, you will note, was specifically chosen to prevent any of our engineers as individuals, or Aleph Null Systems as a corporate entity, from being coerced into bypassing our customers’ security or creating a tool with which this can be done.

Will ye, nil ye, we can offer you nothing but a petabyte of scrambled bits.

Giljen Diasteros
Senior Security Engineer, Aleph Null Systems

Internal:

Per standing company policy, since a court order is involved, forwarded to the Legal Division.

Per special company policy SD/412: Coercive Sovereign Liability Management, also forwarded to the Security Division, copy to the Counterforce Liasion Office.

– gd/SSE

 

 

Trope-a-Day: State Sec

State Sec: Despite the name, Imperial State Security averts this completely; they’re just an intelligence/security organization, and a much more constrained (even the Fifth Directorate), non-autonomous one.  The only military is, well, the Imperial Military Service under a different ministry entirely, the regime protection forces are three entirely separate and relatively small organizations (the Imperial Guard, the Hand of Justice, and the Guardians of the Senate), and that’s about it.

 

Trope-a-Day: What’s Up, King Dude?

What’s Up, King Dude?: Played straightish.

In its straightest form, even the Imperial Couple expect to be able to walk the streets, visit the shops, have lunch or a coffee, etc., outside the Imperial Palace without requiring the closing of streets and the emptying of stores and vast security perimeters, etc., etc. Sure, they do have a discreet member of the Sovereign Protectors on hand and probably some well-disguised Imperial Guards here and there, but even if they had the authority to close down public property and kick people out of private property in the first place, which they don’t, it is generally considered that needing to go to those sorts of lengths to avoid assassination is a pretty sure sign that you’re Doing Things Wrong, which tells you everything you need to know about the sort of people who believe they need to go to those sorts of lengths to avoid assassination…

(And, for that matter, the sheer sense of authoritarian entitlement that lets you repurpose other people’s bits of the world as your own personal mobile bunker. Hell, even the grounds of the Imperial Palace complex are open to the public if they feel like strolling on in.)

In another, it is definitely not considered a good thing for the people running things to be generally out of touch with the citizen-shareholder on the street, and as such part of the job of the Imperial Household’s Office of the Citizenry is to ensure that random selections of citizen-shareholders are invited to dinner at the usual intervals, to hold the equivalent of Big Block of Cheese Day, and so forth.

(The protocol is obvs. not quite as informal as the trope name implies, and people who have specific requests know perfectly well that if it can be dealt with through the proper process, it should be, you will be told to not waste the Imperial time, and it will actually get you quicker results, but the bubble is far, far thinner that we would imagine it to be.)

You’re Not Cleared For This

adjustment: just about any op that doesn’t fit into any more specific category.  Anything from spiking planetary water supplies to curing a pet’s sniffles.

black house: a safe house or other facility so far out-system you can’t find your primary without a gravigraph.

cauterize: to clean up evidence or problems with extreme thoroughness when you’re out of time and options.  Usually involves ambiplasma, hence the term.

collateral budget: how non-surgical your op is allowed to get; alternatively, how much splash you’re permitted to make before Questions are Asked in the Senate, and your career becomes distinctly impaired.

defaulted: an agent, source, or other asset that’s now proven not merely unuseful but opposed; heading for the most severe censure or about to be cauterized.

deniability, minor: they can know we’re looking, as long as they can’t prove it.

deniability, major: they can know someone’s looking, but they can’t know that it’s us.

deniability, complete: they can’t know anyone’s looking, so hope they’re not paying attention.

deniability, perfect: if you know you’re looking, you’re doing it wrong.

the Executive: the shadowy council of the heads of the Directorates and INI that coordinates the Empire’s intelligence and security operations.  So far as you’re concerned, see fuliginous.

friendly silence: the well-concealed self-destruct mechanism given to you to use in the event of rigorous interrogation.

from Heaven: information that’s come down from far above – where, you don’t need to and aren’t cleared to know – and which should be believed absolutely, even where it concerns future events.

fuliginous: blacker than black, i.e., so far above your clearance level you aren’t even cleared to know what its actual clearance level is.  Anything the Fifth Directorate does.

the Game: what the people in it call the intelligence/security business.  It is, but it’s one where lives, wealth, the balance of power, and occasionally major civilizations are the stakes.  Try to play well.  No pressure.

the Ghetto: Nepscia (Galith Waste), the hellhole favored for rough intelligence games because it’s so easy for people to disappear there.  Unfortunately, people also tend to disappear there for reasons that have nothing to do with whatever op they were on.

heliums: those people with that implant, the one that suppresses anything resembling sympathy or conscience, letting them do anything that needs to and shouldn’t be done.  Occasionally useful; always a sign that your op just went prompt critical.

Mother’s garden: any of the major cities on Eilan (Eilish Expanse), whose centrality and neutrality makes it the place everyone prefers to play their friendly intelligence away games.

overwatch: the member of the proxy adhoc in charge for the current op; who you take orders from, who you report to, and who will be dissecting your performance in detail at the back-briefing.

proxy adhoc: the adhocracy beneath the Executive that ops and other directives originate from; your immediate supervisors.  See also overwatch.

[redacted for reasons of state security]: standard you-are-not-cleared-for-this message.  Also, the motto of the Fifth Directorate.  Possibly.

reduce for extraction: to make it easier to extract an agent (who should be prepared for this possibility) or a source (who somehow rarely are) from hostile territory by reducing them to a vector stack/cogence core, and disposing of the body.  Or, if vector stack technology is not in use, locally, by simply decapitating them.

quieting: removal, sometimes by assassination, or by framing, discrediting, or any other reliable means.

serious censure: killing someone reinstantiably by way of sending them a strongly worded message.

(most) serious censure: killing someone non-reinstantiably by way of sending someone else a strongly worded message.

shadow source: a non-dominant personality or agent imprinted into a hostile mind, acting as a source without the conscious awareness of its host.

sniffers: sigint ships hanging around in other people’s systems, listening to passing traffic and trying not to draw attention.  Worst job in the Shadow Fleet.

source-on-a-disk: a ripped copy of an unwilling source’s mind-state.  A clean source-on-a-disk is one where the source doesn’t know that you have it.

static: an op with no purpose but to draw attention to itself, and away from anything else.

the Antique Store: the Conclave Drift, where collateral budgets are always zero, where every fifth person who passes you on the street is in the Game, and where any mistakes will be maximally embarrassing.  But you have to play there, because everyone else does.

– excerpted from Rilial’s Informal Dictionary of Intelligence and Security Terminology

Positive Externalities

All income earned, by individuals other than the Imperial Service or duly contracted security providers where the activities in question are within the scope of their contract, in the course of:

  • Defeating or preventing existential, species-level, or Imperial security threats, whether global or local;
  • Repelling raids or invasions;
  • Preventing acts of terrorism or exceptionary crime;
  • Preventing or ameliorating ongoing natural disasters or technological accidents;
  • Or otherwise engaging in activities falling within a reasonable definition of ‘saving the world’;

And all income deriving from technologies or other intellectual properties or physical properties developed or appropriated (when duly condemned by a prize court) during such activities, for a period of twelve years subsequently;

Shall not be subject to general taxation.

– Imperial Revenue Code, Vol. 2 (Special Exemptions) § 17.