Category Archives: crime

The future of drones – predators. No, not that one.

It is a sad fact of life that companies keep using the most useful terminology for things that don’t deserve it. The Apple retina display, which makes it more difficult to find a suitable name for direct retinal displays that use the retina directly. Why can’t they be the ones called retina displays? Or the LED TV, where the LEDs are typically just LED back-lighting for an LCD display. That makes it hard to name TVs where each pixel is actually an LED. Or the Predator drone, as definitely  not the topic of this blog, where I will talk about predator drones that attack other ones.

I have written several times now on the dangers of drones. My most recent scare was realizing the potential for small drones carrying high-powered lasers and using cloud based face recognition to identify valuable targets in a crowd and blind them, using something like a Raspberry Pi as the main controller. All of that could be done tomorrow with components easily purchased on the net. A while ago I blogged that the Predators and Reapers are not the ones you need to worry about, so much as the little ones which can attack you in swarms.

This morning I was again considering terrorist uses for the micro-drones we’re now seeing. A 5cm drone with a networked camera and control could carry a needle infected with Ebola or aids or carrying a drop of nerve toxin. A small swarm of tiny drones, each with a gram of explosive that detonates when it collides with a forehead, could kill as many people as a bomb.

We will soon have to defend against terrorist drones and the tiniest drones give the most effective terror per dollar so they are the most likely to be the threat. The solution is quite simple. and nature solved it a long time ago. Mosquitos and flies in my back garden get eaten by a range of predators. Frogs might get them if they come too close to the surface, but in the air, dragonflies are expert at catching them. Bats are good too. So to deal with threats from tiny drones, we could use predator drones to seek and destroy them. For bigger drones, we’d need bigger predators and for very big ones, conventional anti-aircraft weapons become useful. In most cases, catching them in nets would work well. Nets are very effective against rotors. The use of nets doesn’t need such sophisticated control systems and if the net can be held a reasonable distance from the predator, it won’t destroy it if the micro-drone explodes. With a little more precise control, spraying solidifying foam onto the target drone could also immobilize it and some foams could help disperse small explosions or contain their lethal payloads. Spiders also provide inspiration here, as many species wrap their victims in silk to immobilize them. A single predator could catch and immobilize many victims. Such a defense system ought to be feasible.

The main problem remains. What do we call predator drones now that the most useful name has been trademarked for a particular model?

 

The Future of IoT – virtual sensors for virtual worlds

I recently acquired a point-and-click thermometer for Futurizon, which gives an instant reading when you point it at something. I will soon know more about the world around me, but any personal discoveries I make are quite likely to be well known to science already. I don’t expect to win a Nobel prize by discovering breeches of the second law of thermodynamics, but that isn’t the point. The thermometer just measures the transmission from a particular point in a particular frequency band, which indicates what temperature it is. It cost about £20, a pretty cheap stimulation tool to help me think about the future by understanding new things about the present. I already discovered that my computer screen doubles as a heater, but I suspected that already. Soon, I’ll know how much my head warms when if think hard, and for the futurology bit, where the best locations are to put thermal IoT stuff.

Now that I am discovering the joys or remote sensing, I want to know so much more though. Sure, you can buy satellites for a billion pounds that will monitor anything anywhere, and for a few tens of thousands you can buy quite sophisticated lab equipment. For a few tens, not so much is available and I doubt the tax man will agree that Futurizon needs a high end oscilloscope or mass spectrometer so I have to set my sights low. The results of this blog justify the R&D tax offset for the thermometer. But the future will see drops in costs for most high technologies so I also expect to get far more interesting kit cheaply soon.

Even starting with the frequent assumption that in the future you can do anything, you still have to think what you want to do. I can get instant temperature readings now. In the future, I may also want a full absorption spectrum, color readings, texture and friction readings, hardness, flexibility, sound absorption characteristics, magnetic field strength, chemical composition, and a full range of biological measurements, just for fun. If Spock can have one, I want one too.

But that only covers reality, and reality will only account for a small proportion of our everyday life in the future. I may also want to check on virtual stuff, and that needs a different kind of sensor. I want to be able to point at things that only exist in virtual worlds. It needs to be able to see virtual worlds that are (at least partly) mapped onto real physical locations, and those that are totally independent and separate from the real world. I guess that is augmented reality ones and virtual reality ones. Then it starts getting tricky because augmented reality and virtual reality are just two members of a cyberspace variants set that runs to more than ten trillion members. I might do another blog soon on what they are, too big a topic to detail here.

People will be most interested in sensors to pick up geographically linked cyberspace. Much of the imaginary stuff is virtual worlds in computer games or similar, and many of those have built-in sensors designed for their spaces. So, my character can detect caves or forts or shrines from about 500m away in the virtual world of Oblivion (yes, it is from ages ago but it is still enjoyable). Most games have some sort of sensors built-in to show you what is nearby and some of its properties.

Geographically linked cyberspace won’t all be augmented reality because some will be there for machines, not people, but you might want to make sensors for it all the same, for many reasons, most likely for navigating it, debugging, or for tracking and identifying digital trespass. The last one is interesting. A rival company might well construct an augmented reality presence that allows you to see their products alongside ones in a physical shop. It doesn’t have to be in a properly virtual environment, a web page is still a location in cyberspace and when loaded, that instance takes on a geographic mapping via that display so it is part of that same trespass. That is legal today, and it started many years ago when people started using Amazon to check for better prices while in a book shop. Today it is pretty ubiquitous. We need sensors that can detect that. It may be accepted today as fair competition, but it might one day be judged as unfair competition by regulators for various reasons, and if so, they’ll need some mechanism to police it. They’ll need to be able to detect it. Not easy if it is just a web page that only exists at that location for a few seconds. Rather easier if it is a fixed augmented reality and you can download a map.

If for some reason a court does rule that digital trespass is illegal, one way of easy(though expensive) way of solving it would be to demand that all packets carry a geographic location, which of course the site would know when the person clicks on that link. To police that, turning off location would need to be blocked, or if it is turned off, sites would not be permitted to send you certain material that might not be permitted at that location. I feel certain there would be better and cheaper and more effective solutions.

I don’t intend to spend any longer exploring details here, but it is abundantly clear from just inspecting a few trees that making detectors for virtual worlds will be a very large and diverse forest full of dangers. Who should be able to get hold of the sensors? Will they only work in certain ‘dimensions’ of cyberspace? How should the watchers be watched?

The most interesting thing I can find though is that being able to detect cyberspace would allow new kinds of adventures and apps. You could walk through a doorway and it also happens to double as a portal between many virtual universes. And you might not be able to make that jump in any other physical location. You might see future high street outlets that are nothing more than teleport chambers for cyberspace worlds. They might be stuffed with virtual internet of things things and not one one of them physical. Now that’s fun.

 

The future of prying

Prying is one side of the privacy coin, hiding being the other side.

Today, lots of snap-chat photos have been released, and no doubt some people are checking to see if there are any of people they know, and it is a pretty safe bet that some will send links to compromising pics of colleagues (or teachers) to others who know them. It’s a sort of push prying isn’t it?

There is more innocent prying too. Checking out Zoopla to see how much your neighbour got for their house is a little bit nosy but not too bad, or at the extremely innocent end of the line, reading someone’s web page is the sort of prying they actually want some people to do, even if not necessarily you.

The new security software I just installed lets parents check out on their kids online activity. Protecting your kids is good but monitoring every aspect of their activity just isn’t, it doesn’t give them the privacy they deserve and probably makes them used to being snooped on so that they accept state snooping more easily later in life. Every parent has to draw their own line, but kids do need to feel trusted as well as protected.

When adults install tracking apps on their partner’s phones, so they can see every location they’ve visited and every call or message they’ve made, I think most of us would agree that is going too far.

State surveillance is increasing rapidly. We often don’t even think of it as such, For example, when speed cameras are linked ‘so that the authorities can make our roads safer’, the incidental monitoring and recording of our comings and goings collected without the social debate. Add that to the replacement of tax discs by number plate recognition systems linked to databases, and even more data is collected. Also ‘to reduce crime’, video from millions of CCTV cameras is also stored and some is high enough quality to be analysed by machine to identify people’s movements and social connectivity. Then there’s our phone calls, text messages, all the web and internet accesses, all these need to be stored, either in full or at least the metadata, so that ‘we can tackle terrorism’. The state already has a very full picture of your life, and it is getting fuller by the day. When it is a benign government, it doesn’t matter so much, but if the date is not erased after a short period, then you need also to worry about future governments and whether they will also be benign, or whether you will be one of the people they want to start oppressing. You also need to worry that increasing access is being granted to your data to a wider variety of a growing number of public sector workers for a widening range of reasons, with seemingly lower security competence, meaning that a good number of people around you will be able to find out rather more about you than they really ought. State prying is always sold to the electorate via assurances that it is to make us safer and more secure and reduce crime, but the state is staffed by your neighbors, and in the end, that means that your neighbors can pry on you.

Tracking cookies are a fact of everyday browsing but mostly they are just trying to get data to market to us more effectively. Reading every email to get data for marketing may be stretching the relationship with the customer to the limits, but many of us gmail users still trust Google not to abuse our data too much and certainly not to sell on our business dealings to potential competitors. It is still prying though, however automated it is, and a wider range of services are being linked all the time. The internet of things will provide data collection devices all over homes and offices too. We should ask how much we really trust global companies to hold so much data, much of it very personal, which we’ve seen several times this year may be made available to anyone via hackers or forced to be handed over to the authorities. Almost certainly, bits of your entire collected and processed electronic activity history could get you higher insurance costs, in trouble with family or friends or neighbors or the boss or the tax-man or the police. Surveillance doesn’t have to be real time. Databases can be linked, mashed up, analysed with far future software or AI too. In the ongoing search for crimes and taxes, who knows what future governments will authorize? If you wouldn’t make a comment in front of a police officer or tax-man, it isn’t safe to make it online or in a text.

Allowing email processing to get free email is a similar trade-off to using a supermarket loyalty card. You sell personal data for free services or vouchers. You have a choice to use that service or another supermarket or not use the card, so as long as you are fully aware of the deal, it is your lifestyle choice. The lack of good competition does reduce that choice though. There are not many good products or suppliers out there for some services, and in a few there is a de-facto monopoly. There can also be a huge inconvenience and time loss or social investment cost in moving if terms and conditions change and you don’t want to accept the deal any more.

On top of that state and global company surveillance, we now have everyone’s smartphones and visors potentially recording anything and everything we do and say in public and rarely a say in what happens to that data and whether it is uploaded and tagged in some social media.

Some companies offer detective-style services where they will do thorough investigations of someone for a fee, picking up all they can learn from a wide range of websites they might use. Again, there are variable degrees that we consider acceptable according to context. If I apply for a job, I would think it is reasonable for the company to check that I don’t have a criminal record, and maybe look at a few of the things I write or tweet to see what sort of character I might be. I wouldn’t think it appropriate to go much further than that.

Some say that if you have done nothing wrong, you have nothing to fear, but none of them has a 3 digit IQ. The excellent film ‘Brazil’ showed how one man’s life was utterly destroyed by a single letter typo in a system scarily similar to what we are busily building.

Even if you are a saint, do you really want the pervert down the road checking out hacked databases for personal data on you or your family, or using their public sector access to see all your online activity?

The global population is increasing, and every day a higher proportion can afford IT and know how to use it. Networks are becoming better and AI is improving so they will have greater access and greater processing potential. Cyber-attacks will increase, and security leaks will become more common. More of your personal data will become available to more people with better tools, and quite a lot of them wish you harm. Prying will increase geometrically, according to Metcalfe’s Law I think.

My defense against prying is having an ordinary life and not being famous or a major criminal, not being rich and being reasonably careful on security. So there are lots of easier and more lucrative targets. But there are hundreds of millions of busybodies and jobsworths and nosy parkers and hackers and blackmailers out there with unlimited energy to pry, as well as anyone who doesn’t like my views on a topic so wants to throw some mud, and their future computers may be able to access and translate and process pretty much anything I type, as well as much of what I say and do anywhere outside my home.

I find myself self-censoring hundreds of times a day. I’m not paranoid. There are some people out to get me, and you, and they’re multiplying fast.

 

 

 

Estimating IoT value? Count ALL the beans!

In this morning’s news:

http://www.telegraph.co.uk/technology/news/11043549/UK-funds-development-of-world-wide-web-for-machines.html

£1.6M investment by UK Technology Strategy Board in Internet-of-Things HyperCat standard, which the article says will add £100Bn to the UK economy by 2020.

Garnter says that IoT has reached the hype peak of their adoption curve and I agree. Connecting machines together, and especially adding networked sensors will certainly increase technology capability across many areas of our lives, but the appeal is often overstated and the dangers often overlooked. Value should not be measured in purely financial terms either. If you value health, wealth and happiness, don’t just measure the wealth. We value other things too of course. It is too tempting just to count the most conspicuous beans. For IoT, which really just adds a layer of extra functionality onto an already technology-rich environment, that is rather like estimating the value of a chili con carne by counting the kidney beans in it.

The headline negatives of privacy and security have often been addressed so I don’t need to explore them much more here, but let’s look at a couple of typical examples from the news article. Allowing remotely controlled washing machines will obviously impact on your personal choice on laundry scheduling. The many similar shifts of control of your life to other agencies will all add up. Another one: ‘motorists could benefit from cheaper insurance if their vehicles were constantly transmitting positioning data’. Really? Insurance companies won’t want to earn less, so motorists on average will give them at least as much profit as before. What will happen is that insurance companies will enforce driving styles and car maintenance regimes that reduce your likelihood of a claim, or use that data to avoid paying out in some cases. If you have to rigidly obey lots of rules all of the time then driving will become far less enjoyable. Having to remember to check the tyre pressures and oil level every two weeks on pain of having your insurance voided is not one of the beans listed in the article, but is entirely analogous the typical home insurance rule that all your windows must have locks and they must all be locked and the keys hidden out of sight before they will pay up on a burglary.

Overall, IoT will add functionality, but it certainly will not always be used to improve our lives. Look at the way the web developed. Think about the cookies and the pop-ups and the tracking and the incessant virus protection updates needed because of the extra functions built into browsers. You didn’t want those, they were added to increase capability and revenue for the paying site owners, not for the non-paying browsers. IoT will be the same. Some things will make minor aspects of your life easier, but the price of that will that you will be far more controlled, you will have far less freedom, less privacy, less security. Most of the data collected for business use or to enhance your life will also be available to government and police. We see every day the nonsense of the statement that if you have done nothing wrong, then you have nothing to fear. If you buy all that home kit with energy monitoring etc, how long before the data is hacked and you get put on militant environmentalist blacklists because you leave devices on standby? For every area where IoT will save you time or money or improve your control, there will be many others where it does the opposite, forcing you to do more security checks, spend more money on car and home and IoT maintenance, spend more time following administrative procedures and even follow health regimes enforced by government or insurance companies. IoT promises milk and honey, but will deliver it only as part of a much bigger and unwelcome lifestyle change. Sure you can have a little more control, but only if you relinquish much more control elsewhere.

As IoT starts rolling out, these and many more issues will hit the press, and people will start to realise the downside. That will reduce the attractiveness of owning or installing such stuff, or subscribing to services that use it. There will be a very significant drop in the economic value from the hype. Yes, we could do it all and get the headline economic benefit, but the cost of greatly reduced quality of life is too high, so we won’t.

Counting the kidney beans in your chili is fine, but it won’t tell you how hot it is, and when you start eating it you may decide the beans just aren’t worth the pain.

I still agree that IoT can be a good thing, but the evidence of web implementation suggests we’re more likely to go through decades of abuse and grief before we get the promised benefits. Being honest at the outset about the true costs and lifestyle trade-offs will help people decide, and maybe we can get to the good times faster if that process leads to better controls and better implementation.

Switching people off

A very interesting development has been reported in the discovery of how consciousness works, where neuroscientists stimulating a particular brain region were able to switch a woman’s state of awareness on and off. They said: “We describe a region in the human brain where electrical stimulation reproducibly disrupted consciousness…”

http://www.newscientist.com/article/mg22329762.700-consciousness-onoff-switch-discovered-deep-in-brain.html.

The region of the brain concerned was the claustrum, and apparently nobody had tried stimulating it before, although Francis Crick and Christof Koch had suggested the region would likely be important in achieving consciousness. Apparently, the woman involved in this discovery was also missing some of her hippocampus, and that may be a key factor, but they don’t know for sure yet.

Mohamed Koubeissi and his the team at the George Washington university in Washington DC were investigating her epilepsy and stimulated her claustrum area with high frequency electrical impulses. When they did so, the woman lost consciousness, no longer responding to any audio or visual stimuli, just staring blankly into space. They verified that she was not having any epileptic activity signs at the time, and repeated the experiment with similar results over two days.

The team urges caution and recommends not jumping to too many conclusions. They did observe the obvious potential advantages as an anesthesia substitute if it can be made generally usable.

As a futurologist, it is my job to look as far down the road as I can see, and imagine as much as I can. Then I filter out all the stuff that is nonsensical, or doesn’t have a decent potential social or business case or as in this case, where research teams suggest that it is too early to draw conclusions. I make exceptions where it seems that researchers are being over-cautious or covering their asses or being PC or unimaginative, but I have no evidence of that in this case. However, the other good case for making exceptions is where it is good fun to jump to conclusions. Anyway, it is Saturday, I’m off work, so in the great words of Dr Emmett Brown in ‘Back to the future':  “Well, I figured, what the hell.”

OK, IF it works for everyone without removing parts of the brain, what will we do with it and how?

First, it is reasonable to assume that we can produce electrical stimulation at specific points in the brain by using external kit. Trans-cranial magnetic stimulation might work, or perhaps implants may be possible using injection of tiny particles that migrate to the right place rather than needing significant surgery. Failing those, a tiny implant or two via a fine needle into the right place ought to do the trick. Powering via induction should work. So we will be able to produce the stimulation, once the sucker victim subject has the device implanted.

I guess that could happen voluntarily, or via a court ordered protective device, as a condition of employment or immigration, or conditional release from prison, or a supervision order, or as a violent act or in war.

Imagine if government demands a legal right to access it, for security purposes and to ensure your comfort and safety, of course.

If you think 1984 has already gone too far, imagine a government or police officer that can switch you off if you are saying or thinking the wrong thing. Automated censorship devices could ensure that nobody discusses prohibited topics.

Imagine if people on the street were routinely switched off as a VIP passes to avoid any trouble for them.

Imagine a future carbon-reduction law where people are immobilized for an hour or two each day during certain periods. There might be a quota for how long you are allowed to be conscious each week to limit your environmental footprint.

In war, captives could have devices implanted to make them easy to control, simply turned off for packing and transport to a prison camp. A perimeter fence could be replaced by a line in the sand. If a prisoner tries to cross it, they are rendered unconscious automatically and put back where they belong.

Imagine a higher class of mugger that doesn’t like violence much and prefers to switch victims off before stealing their valuables.

Imagine being able to switch off for a few hours to pass the time on a long haul flight. Airlines could give discounts to passengers willing to be disabled and therefore less demanding of attention.

Imagine  a couple or a group of friends, or a fetish club, where people can turn each other off at will. Once off, other people can do anything they please with them – use them as dolls, as living statues or as mannequins, posing them, dressing them up. This is not an adult blog so just use your imagination – it’s pretty obvious what people will do and what sorts of clubs will emerge if an off-switch is feasible, making people into temporary toys.

Imagine if you got an illegal hacking app and could freeze the other people in your vicinity. What would you do?

Imagine if your off-switch is networked and someone else has a remote control or hacks into it.

Imagine if an AI manages to get control of such a system.

Having an off-switch installed could open a new world of fun, but it could also open up a whole new world for control by the authorities, crime control, censorship or abuse by terrorists and thieves and even pranksters.

 

 

Time Travel: Cyberspace opens a rift in the virtual time-space continuum

Dr Who should have written this but he didn’t so I have to. We keep seeing those cute little tears in space-time in episodes of the BBC’s Dr Who, that let through Daleks and Cybermen and other nasties. (As an aside, how come feminists never seem to object to the term Cybermen, even though 50% of them are made from women?). Dr Who calls them rifts, and it allegedly needs the energy of entire star systems to open and close them. So, not much use as a weapon then, but still a security issue if our universe leaks.

Sci-fi authors have recognized the obvious dangers of time-space rifts for several decades. They cause problems with causality as well. I got a Physics degree a long time ago (well, Applied Mathematics and Theoretical Physics, but all the maths was EM theory, quantum mechanics and relativity, so it was really a physics degree), but I have never really understood fully why causality is such a big deal. Sure it needs a lot of explaining if it fails, but why would an occasional causal error cause such a huge problem? The Daleks are far more worrying. **Politically incorrect joke censored**

I just wrote about time travel again. All competent physicists rightly switch on their idiot filters automatically on hearing any of the terms ‘cold fusion’, ‘telekinetic’, ‘psychic’, ‘perpetual motion machine’, ‘time travel’ or ‘global warming catastrophe’. Sorry, that last one just sort of crept in there. Time travel is not really possible, unless you’re inside a black hole or you’re talking about a particle shifting atoseconds in a huge accelerator or GPS relativistic corrections or something. A Tardis isn’t going to be here any time soon and may be impossible and never ever come. However, there is a quite real cyberspace route to quite real time travel that will become feasible around 2075, a virtual rift if you like, but no need to activate idiot filters just yet, it’s only a virtual rift, a rift in a sandbox effectively, and it won’t cause the universe to collapse or violate any known laws of physics. So, hit the temporary override button on your idiot filter. It’s a fun thought experiment that gets more and more fun the more you look at it. (Einstein invented thought experiments to investigate relativity, because he couldn’t do any real experiments with the technology of his time. We can’t verify this sort of time travel experimentally yet so thought experiment is the only mechanism available. Sadly, I don’t have Einstein’s brain to hand, but some aspects at least are open to the rest of us to explore.) The hypothesis here is that if you can make a platform that stores the state of all the minds in a system continuously over a period from A to B, and that runs all those minds continuously using a single editable record, then you can travel in time freely between A and B.  Now we need to think it through a bit to test the hypothesis and see what virtual physics we can learn from it, see how real it would be and what it would need and lead to.

I recognized on my first look at it in

http://timeguide.wordpress.com/2012/10/25/the-future-of-time-travel-cheat/

that cyberspace offers a time travel cheat. The basic idea, to save you reading it now that it’s out of date, is that some time soon after 2050 – let’s take 2075 as the date that crowd-funding enables its implementation – we’ll all be able to connect our brains so well to the machine world that it will be possible to share thoughts and consciousness, sensations, effectively share bodies, live electronically until all the machines stop working, store your mind as a snapshot periodically in case you want to restore to an earlier backup and do all sorts of really fun things like swapping personalities. (You can see why it might attract the required funding so might well become real).  If that recording of your mind is complete enough, and it could be, then, you really could go back to an earlier state of yourself. More importantly, a future time tourist could access all the stored records and create an instance of your mind and chat to you and chat and interact with you from the future. This would allow future historians to do history better. Well, that’s the basic version. Our thought experiment version needs to go a bit further than that. Let’s call it the deluxe version.

If you implement the deluxe version, then minds run almost entirely on the machine world platform, and are hosted there with frequent restore points. The current state of the system is an interactive result of real-time running of all the minds held in cyberspace across the whole stored timeline. For those minds running on the deluxe version platform, there isn’t any other reality. That’s what makes up those future humans and AIs on it. Once you join the system, you can enjoy all of the benefits above and many more.

You could actually change old records and use the machines to ripple the full system-wide consequences all the way through the timeline to whenever your future today is. It would allow you to go back to visit your former self and do some editing, wouldn’t it? And in this deluxe version, the edits you make would ripple through into your later self. That’s what you get when you migrate the human mind from the Mk1 human brain platform into the machine world platform. It becomes endlessly replicable and editable. In this deluxe version, the future world really could be altered by editing the past. You may reasonably ask why we would allow any moron to allow that to be built, but that won’t affect the theoretical ability to travel in time through cyberspace.

It is very easy to see how such a system allows you to chat with someone in the past. What is less obvious, and what my excuse for a brain missed first time round, is that it also lets you travel forwards in time. How, you may reasonably ask, can you access and edit records that don’t exist yet? Well, think of it from the other direction. Someone in the future can restore any previous instance of you from any time point and talk to them, even edit them. They could do that all in some sort of time-play sandbox to save money and avoid quite a few social issues, or they could restore you fully to their time, and since the reality is just real-time emulation all rippled through nicely by the machine platform, you would suddenly appear in the future and become part of that future world. You could wander around in a future android body and do physical things in that future physical world just as if you’d always lived there. Your future self would feel they have travelled in time. But a key factor here is that it could be your future self that makes it happen. You could make a request in 2075 to your future self to bring you to the future in 2150. When 2150 arrives, you see (or might even remember) the request, you go into the archives, and you restore your old 2075 self to 2150, then you instruct deletion of all the records between 2075 and 2150 and then you push the big red button. The system runs all the changes and effects through the timeline, and the result is that you disappear in 2075, and suddenly reappear in 2150.

There would be backups of the alternative timeline, but the official and effective system reality would be that you travelled from 2075 to 2150. That will be the reality running on the deluxe system. Any other realities are just backups and records on a database. Now,so far it’s a one way trip, far better if you can have a quick trip to the future and come back. So, you’re in 2150, suppose you want to go back again. You’ve been around a while and don’t like the new music or the food or something. So before you go, you do the usual time mischief. You collect lots of really useful data about how all the latest tech works, buy the almanacs of who wins what, just like in Back to the Future, just in case the system has bugs that let you use them, and you tweak the dials again. You set the destination to 2075 and hit the big red button. The system writes your new future-wise self over your original 2075 entry, keeping a suitable backup of course. The entry used by the deluxe system is whatever is written in its working record, and that is the you that went to 2150 and back. Any other realities are just backups. So, the system ripples it all through the timeline. You start the day in 2075, have a quick trip for a week’s holiday in 2150, and then return a few minutes later. Your 2075 self will have experienced a trip to 2150 and come back, complete with all the useful data about the 2150 world. If you don’t mess with anything else, you will remember that trip until 2150, at which time you’ll grab a few friends and chat about the first time you ever did time travel.

All of the above is feasible theoretically, and none of it violates any known physics. The universe won’t collapse in a causality paradox bubble rift if you do it, no need to send for Dr Who. That doesn’t mean it isn’t without issues. It still creates a lot of the time travel issues we are so familiar with from sci-fi. But this one isn’t sci-fi – we could build it, and we could get the crowd-funding to make it real by 2075. Don’t get too excited yet though.

You could have gone further into the future than 2150 too, but there is a limit. You can only go as far as there exists a continuous record from where you are. You basically need a road that goes all the way there. If some future authority bans time travel or changes to an incompatible system, that represents a wall you can’t pass through. An even later authority could only remove that wall under certain circumstances, and only if they have the complete records, and the earlier authority might have stopped storing them or even deleted earlier ones and that would ruin any chances of doing it properly.

So, having established that it is possible, we have to ask the more serious question: how real is this time travel? Is it just a cyberspace trick with no impact on the real world? Well, in this scenario, your 2075 mind runs on the deluxe system using its 2075 record. But which one, the old one or the edited one? The edited one of course. The old version is overwritten and ceases to exist except as a backup. There remains no reality except the one you did your time travel trip in. Your time trip is real. But let’s ask a few choice questions, because reality can turn out to be just an illusion sometimes.

So, when you get home to 2075, you can print off your 2150 almanac and brag about all the new technologies you just invented from 2150. Yes?

Yes… if you implement the deluxe version.

Is there a causality paradox?

No.

Will the world end?

No.

But you just short-circuited technology development from 2075 to 2150?

Yes.

So you can do real time travel from 2075? You’ll suddenly vanish from 2075, spend some time in 2150, and later reappear in 2075?

Yes, if you implement the deluxe version.

Well, what happens in 2150?

You’ll do all the pushing red button stuff and have a party with your friends to remember your first time trip. If you set the times right, you could even invite your old self from 2075 as a guest and wave goodbye as you* goes back to 2075.

Or you* could stay in 2150 and there’d be two of you from then on?

Yes

OK, this sounds great fun.  So when can we build this super-duper deluxe version that let’s you time travel from 2075 to 2150 and go back again.

2150

And what happens to me between 2075 and 2150 while I wait for it to be built?

Well, you invest in the deluxe version, connect into the system, and it starts recording all its subscribers’ minds from then on, and you carry on enjoying life until 2150 arrives. Then you can travel from 2075 to 2150, retrospectively.

Retrospectively?

Well, you can travel from 2075 to whatever date in the future the deluxe system still exists. And your 2075 self will fully experience it as time travel. It won’t feel retrospective.

But you have to wait till that date before you can go there?

Yes. But you won’t remember having to wait, all the records of that will be wiped, you’ll just vanish in 2075 and reappear in 2150 or whenever.

What *insert string of chosen expletives here* use is that?

Erm…. Well…. You will still have enjoyed a nice life from 2075 to 2150 before it’s deleted and replaced.

But I won’t remember that will I?

No. But you won’t remember it when you’re dead either.

So I can only do this sort of time travel by having myself wiped off the system for all the years in between after I’ve done it? So the best way of doing that is not to bother with all the effort of living through all those years since they’re going to be deleted anyway and save all the memory and processing by just hibernation in the archives till that date arrives? So I’ll really vanish in 2075 and be restored in 2150 and feel it as time travel? And there won’t be any messy database records to clean up in between, and it will all be nice and environmentally friendly? And not having to run all those people years that would later be deleted will reduce storage and processing costs and system implementation costs dramatically?

Exactly!

OK, sounds a bit better again. But it’s still a fancy cyberspace hibernation scheme really isn’t it?

Well, you can travel back and forth through time as much as you like and socialize with anyone from any time zone and live in any time period. Some people from 2150 might prefer to live in 2075 and some from 2075 prefer to live in 2150. Everyone can choose when they live or just roam freely through the entire time period. A bit like that episode of Star Trek TOS where they all got sent through a portal to different places and times and mixed with societies made of others who had come the same way. You could do that. A bit like a glorified highly immersive computer game.

But what about gambling and using almanacs from the future? And inventing stuff in 2075 that isn’t really invented till 2150?

All the knowledge and data from 2150 will be there in the 2075 system so you won’t have anything new and gambling won’t be a viable industry. But it won’t be actually there until 2150. So the 2075 database will be a retrospective singularity where all of the future knowledge suddenly appears.

Isn’t that a rift in the time-space continuum, letting all the future weapons and political activists and terrorists and their plans through from 2150 to 2075? And Daleks? Some idiot will build one just for the hell of it. They’ll come through the rift too won’t they. And Cyberpersons?

It will not be without technical difficulties. And anyway, they can’t do any actual damage outside the system.

But these minds running in the system will be connected to android bodies or humans outside it. Their minds can time travel through cyberspace. Can’t they do anything nasty?

No, they can only send their minds back and connect to stuff within the system. Any androids and bodies could only be inhabited by first generation minds that belong to that physical time. They can only make use of androids or other body sharing stuff when they travel forwards through time, because it is their chosen future date where the android lives and they can arrange that. On a journey backwards, they can only change stuff running in the system.

 And that’s what stops it violating physics?

Yes

So let’s get this straight. This whole thing is great for extending your mind into cyberspace, sharing bodies, swapping personalities, changing gender or age, sharing consciousness and  some other things. But time travel is only possible for your mind that is supported exclusively in the system. And only that bit in the system can time travel. And your actual 2075 body can’t feel the effect at all or do anything about it? So it’s really another you that this all happens to and you start diverging from your other cyber-self the moment you connect. A replica of you enjoys all the benefits but it thinks it is you and feels like you and essentially is you, but not in the real world. And the original you carries on in parallel.

Correct. It is a big cyberspace bubble created over time with continuous timeline emulation, that only lets you time travel and interact within the bubble. Like an alternative universe, and you can travel in time in it. But it can only interact with the physical universe in real time at the furthermost frontier of the bubble. A frontier that moves into the future at the same speed as the rest of the local space-time continuum and doesn’t cause any physics problems or real time paradoxes outside of the system.

So it’s not REAL time travel. It’s just a sort of cyber-sandbox, albeit one that will be good fun and still worth building.

You can time travel in the parallel universe that you make in cyberspace. But it will be real within that universe. Forwards physical time travel is additionally possible in the physical universe if you migrate your mind totally into cyberspace, e.g. when you die, so you can live electronically, and even then it is really just a fancy form of hibernation. And if you travel back in time in the system, you won’t be able to interact with the physical stuff in the past, only what is running on the system. As long as you accept those limitations, you can travel in time after 2075 and live in any period supported after that.

Why do all the good things only ever happen in another universe?

I don’t know.

No physics or mathematics has knowingly been harmed during this thought experiment. No responsibility is accepted for any time-space rifts created as a result of analytical error.

 

 

The future of biometric identification and authentication

If you work in IT security, the first part of this will not be news to you, skip to the section on the future. Otherwise, the first sections look at the current state of biometrics and some of what we already know about their security limitations.

Introduction

I just read an article on fingerprint recognition. Biometrics has been hailed by some as a wonderful way of determining someone’s identity, and by others as a security mechanism that is far too easy to spoof. I generally fall in the second category. I don’t mind using it for simple unimportant things like turning on my tablet, on which I keep nothing sensitive, but so far I would never trust it as part of any system that gives access to my money or sensitive files.

My own history is that voice recognition still doesn’t work for me, fingerprints don’t work for me, and face recognition doesn’t work for me. Iris scan recognition does, but I don’t trust that either. Let’s take a quick look at conventional biometrics today and the near future.

Conventional biometrics

Fingerprint recognition.

I use a Google Nexus, made by Samsung. Samsung is in the news today because their Galaxy S5 fingerprint sensor was hacked by SRLabs minutes after release, not the most promising endorsement of their security competence.

http://www.telegraph.co.uk/technology/samsung/10769478/Galaxy-S5-fingerprint-scanner-hacked.html

This article says the sensor is used in the user authentication to access Paypal. That is really not good. I expect quite a few engineers at Samsung are working very hard indeed today. I expect they thought they had tested it thoroughly, and their engineers know a thing or two about security. Every engineer knows you can photograph a fingerprint and print a replica in silicone or glue or whatever. It’s the first topic of discussion at any Biometrics 101 meeting. I would assume they tested for that. I assume they would not release something they expected to bring instant embarrassment on their company, especially something failing by that classic mechanism. Yet according to this article, that seems to be the case. Given that Samsung is one of the most advanced technology companies out there, and that they can be assumed to have made reasonable effort to get it right, that doesn’t offer much hope for fingerprint recognition. If they don’t do it right, who will?

My own experience with fingerprint recognition history is having to join a special queue every day at Universal Studios because their fingerprint recognition entry system never once recognised me or my child. So I have never liked it because of false negatives. For those people for whom it does work, their fingerprints are all over the place, some in high quality, and can easily be obtained and replicated.

As just one token in multi-factor authentication, it may yet have some potential, but as a primary access key, not a chance. It will probably remain be a weak authenticator.

Face recognition

There are many ways of recognizing faces – visible light, infrared or UV, bone structure, face shapes, skin texture patterns, lip-prints, facial gesture sequences… These could be combined in simultaneous multi-factor authentication. The technology isn’t there yet, but it offers more hope than fingerprint recognition. Using the face alone is no good though. You can make masks from high-resolution photographs of people, and photos could be made using the same spectrum known to be used in recognition systems. Adding gestures is a nice idea, but in a world where cameras are becoming ubiquitous, it wouldn’t be too hard to capture the sequence you use. Pretending that a mask is alive by adding sensing and then using video to detect any inspection for pulse or blood flows or gesture requests and then to provide appropriate response is entirely feasible, though it would deter casual entry. So I am not encouraged to believe it would be secure unless and until some cleverer innovation occurs.

What I do know is that I set my tablet up to recognize me and it works about one time in five. The rest of the time I have to wait till it fails and then type in a PIN. So on average, it actually slows entry down. False negative again. Giving lots of false negatives without the reward of avoiding false positives is not a good combination.

Iris scans

I was a subject in one of the early trials for iris recognition. It seemed very promising. It always recognized me and never confused me with someone else. That was a very small scale trial though so I’d need a lot more convincing before I let it near my bank account. I saw the problem of replication an iris using a high quality printer and was assured that that couldn’t work because the system checks for the eye being alive by watching for jitter and shining a light and watching for pupil contraction. Call me too suspicious but I didn’t and don’t find that at all reassuring. It won’t be too long before we can make a thin sheet high-res polymer display layered onto a polymer gel underlayer that contracts under electric field, with light sensors built in and some software analysis for real time response. You could even do it as part of a mask with the rest of the face also faithfully mimicking all the textures, real-time responses, blood flow mimicking, gesture sequences and so on. If the prize is valuable enough to justify the effort, every aspect of the eyes, face and fingerprints could be mimicked. It may be more Mission Impossible than casual high street robbery but I can’t yet have any confidence that any part of the face or gestures would offer good security.

DNA

We hear frequently that DNA is a superbly secure authenticator. Every one of your cells can identify you. You almost certainly leave a few cells at the scene of a crime so can be caught, and because your DNA is unique, it must have been you that did it. Perfect, yes? And because it is such a perfect authenticator, it could be used confidently to police entry to secure systems.

No! First, even for a criminal trial, only a few parts of your DNA are checked, they don’t do an entire genome match. That already brings the chances of a match down to millions rather than billions. A chance of millions to one sounds impressive to a jury until you look at the figure from the other direction. If you have 1 in 70 million chance of a match, a prosecution barrister might try to present that as a 70 million to 1 chance that you’re guilty and a juror may well be taken in. The other side of that is that 100 people of the 7 billion would have that same 1 in 70 million match. So your competent defense barrister should  present that as only a 1 in 100 chance that it was you. Not quite so impressive.

I doubt a DNA system used commercially for security systems would be as sophisticated as one used in forensic labs. It will be many years before an instant response using large parts of your genome could be made economic. But what then? Still no. You leave DNA everywhere you go, all day, every day. I find it amazing that it is permitted as evidence in trials, because it is so easy to get hold of someone’s hairs or skin flakes. You could gather hairs or skin flakes from any bus seat or hotel bathroom or bed. Any maid in a big hotel or any airline cabin attendant could gather packets of tissue and hair samples and in many cases could even attach a name to them.  Your DNA could be found at the scene of any crime having been planted there by someone who simply wanted to deflect attention from themselves and get someone else convicted instead of them. They don’t even need to know who you are. And the police can tick the crime solved box as long as someone gets convicted. It doesn’t have to be the culprit. Think you have nothing to fear if you have done nothing wrong? Think again.

If someone wants to get access to an account, but doesn’t mind whose, perhaps a DNA-based entry system would offer good potential, because people perceive it as secure, whereas it simply isn’t. So it might not be paired with other secure factors. Going back to the maid or cabin attendant. Both are low paid. A few might welcome some black market bonuses if they can collect good quality samples with a name attached, especially a name of someone staying in a posh suite, probably with a nice account or two, or privy to valuable information. Especially if they also gather their fingerprints at the same time. Knowing who they are, getting a high res pic of their face and eyes off the net, along with some voice samples from videos, then making a mask, iris replica, fingerprint and if you’re lucky also buying video of their gesture patterns from the black market, you could make an almost perfect multi-factor biometric spoof.

It also becomes quickly obvious that the people who are the most valuable or important are also the people who are most vulnerable to such high quality spoofing.

So I am not impressed with biometric authentication. It sounds good at first, but biometrics are too easy to access and mimic. Other security vulnerabilities apply in sequence too. If your biometric is being measured and sent across a network for authentication, all the other usual IT vulnerabilities still apply. The signal could be intercepted and stored, replicated another time, and you can’t change your body much, so once your iris has been photographed or your fingerprint stored and hacked, it is useless for ever. The same goes for the other biometrics.

Dynamic biometrics

Signatures, gestures and facial expressions offer at least the chance to change them. If you signature has been used, you could start using a new one. You could sign different phrases each time, as a personal one-time key. You could invent new gesture sequences. These are really just an equivalent to passwords. You have to remember them and which one you use for which system. You don’t want a street seller using your signature to verify a tiny transaction and then risk the seller using the same signature to get right into your account.

Summary of status quo

This all brings us back to the most basic of security practice. You can only use static biometrics safely as a small part of a multi-factor system, and you have to use different dynamic biometrics such as gestures or signatures on a one time basis for each system, just as you do with passwords. At best, they provide a simple alternative to a simple password. At worst, they pair low actual security with the illusion of high security, and that is a very bad combination indeed.

So without major progress, biometrics in its conventional meaning doesn’t seem to have much of a future. If it is not much more than a novelty or a toy, and can only be used safely in conjunction with some proper security system, why bother at all?

The future

You can’t easily change your eyes or your DNA or you skin, but you can add things to your body that are similar to biometrics or interact with it but offer the flexibility and replaceability of electronics.

I have written frequently about active skin, using the skin as a platform for electronics, and I believe the various layers of it offer the best potential for security technology.

Long ago, RFID chips implants became commonplace in pets and some people even had them inserted too. RFID variants could easily be printed on a membrane and stuck onto the skin surface. They could be used for one time keys too, changing each time they are used. Adding accelerometers, magnetometers, pressure sensors or even location sensors could all offer ways of enhancing security options. Active skin allows easy combination of fingerprints with other factors.

 

Ultra-thin and uninvasive security patches could be stuck onto the skin, and could not be removed without damaging them, so would offer a potentially valuable platform. Pretty much any kinds and combinations of electronics could be used in them. They could easily be made to have a certain lifetime. Very thin ones could wash off after a few days so could be useful for theme park entry during holidays or for short term contractors. Banks could offer stick on electronic patches that change fundamentally how they work every month, making it very hard to hack them.

Active skin can go inside the skin too, not just on the surface. You could for example have an electronic circuit or an array of micro-scale magnets embedded among the skin cells in your fingertip. Your fingerprint alone could easily be copied and spoofed, but not the accompanying electronic interactivity from the active skin that can be interrogated at the same time. Active skin could measure all sorts of properties of the body too, so personal body chemistry at a particular time could be used. In fact, medical monitoring is the first key development area for active skin, so we’re likely to have a lot of body data available that could make new biometrics. The key advantage here is that skin cells are very large compared to electronic feature sizes. A decent processor or memory can be made around the size of one skin cell and many could be combined using infrared optics within the skin. Temperature or chemical gradients between inner and outer skin layers could be used to power devices too.

If you are signing something, the signature could be accompanied by a signal from the fingertip, sufficiently close to the surface being signed to be useful. A ring on a finger could also offer a voluminous security electronics platform to house any number of sensors, memory and processors.

Skin itself offers a reasonable communications route, able to carry a few Mbit’s of data stream, so touching something could allow a lot of data transfer very quickly. A smart watch or any other piece of digital jewelry or active skin security patch could use your fingertip to send an authentication sequence. The watch would know who you are by constant proximity and via its own authentication tools. It could easily be unauthorized instantly when detached or via a remote command.

Active makeup offer a novel mechanism too. Makeup will soon exist that uses particles that can change color or alignment under electronic control, potentially allowing video rate pattern changes. While that makes for fun makeup, it also allows for sophisticated visual authentication sequences using one-time keys. Makeup doesn’t have to be confined only to the face of course, and security makeup could maybe be used on the forearm or hands. Combining with static biometrics, many-factor authentication could be implemented.

I believe active skin, using membranes added or printed onto and even within the skin, together with the use of capsules, electronic jewelry, and even active makeup offers the future potential to implement extremely secure personal authentication systems. This pseudo-biometric authentication offers infinitely more flexibility and changeability than the body itself, but because it is attached to the body, offers much the same ease of use and constant presence as other biometrics.

Biometrics may be pretty useless as it is, but the field does certainly have a future. We just need to add some bits. The endless potential variety of those bits and their combinations makes the available creativity space vast.

 

 

WMDs for mad AIs

We think sometimes about mad scientists and what they might do. It’s fun, makes nice films occasionally, and highlights threats years before they become feasible. That then allows scientists and engineers to think through how they might defend against such scenarios, hopefully making sure they don’t happen.

You’ll be aware that a lot more talk of AI is going on again now. It does seem to be picking up progress finally. If it succeeds well enough, a lot more future science and engineering will be done by AI than by people. If genuinely conscious, self-aware AI, with proper emotions etc becomes feasible, as I think it will, then we really ought to think about what happens when it goes wrong. (Sci-fi computer games producers already do think that stuff through sometimes – my personal favorite is Mass Effect). We will one day have some insane AIs. In Mass Effect, the concept of AI being shackled is embedded in the culture, thereby attempting to limit the damage it could presumably do. On the other hand, we have had Asimov’s laws of robotics for decades, but they are sometimes being ignored when it comes to making autonomous defense systems. That doesn’t bode well. So, assuming that Mass Effect’s writers don’t get to be in charge of the world, and instead we have ideological descendants of our current leaders, what sort of things could an advanced AI do in terms of its chosen weaponry?

Advanced AI

An ultra-powerful AI is a potential threat in itself. There is no reason to expect that an advanced AI will be malign, but there is also no reason to assume it won’t be. High level AI could have at least the range of personality that we associate with people, with a potentially greater  range of emotions or motivations, so we’d have the super-helpful smart scientist type AIs but also perhaps the evil super-villain and terrorist ones.

An AI doesn’t have to intend harm to be harmful. If it wants to do something and we are in the way, even if it has no malicious intent, we could still become casualties, like ants on a building site.

I have often blogged about achieving conscious computers using techniques such as gel computing and how we could end up in a terminator scenario, favored by sci-fi. This could be deliberate act of innocent research, military development or terrorism.

Terminator scenarios are diverse but often rely on AI taking control of human weapons systems. I won’t major on that here because that threat has already been analysed in-depth by many people.

Conscious botnets could arrive by accident too – a student prank harnessing millions of bots even with an inefficient algorithm might gain enough power to achieve high level of AI. 

Smart bacteria – Bacterial DNA could be modified so that bacteria can make electronics inside their cell, and power it. Linking to other bacteria, massive AI could be achieved.

Zombies

Adding the ability to enter a human nervous system or disrupt or capture control of a human brain could enable enslavement, giving us zombies. Having been enslaved, zombies could easily be linked across the net. The zombie films we watch tend to miss this feature. Zombies in films and games tend to move in herds, but not generally under control or in a much coordinated way. We should assume that real ones will be full networked, liable to remote control, and able to share sensory systems. They’d be rather smarter and more capable than what we’re generally used to. Shooting them in the head might not work so well as people expect either, as their nervous systems don’t really need a local controller, and could just as easily be controlled by a collective intelligence, though blood loss would eventually cause them to die. To stop a herd of real zombies, you’d basically have to dismember them. More Dead Space than Dawn of the Dead.

Zombie viruses could be made other ways too. It isn’t necessary to use smart bacteria. Genetic modification of viruses, or a suspension of nanoparticles are traditional favorites because they could work. Sadly, we are likely to see zombies result from deliberate human acts, likely this century.

From Zombies, it is a short hop to full evolution of the Borg from Star Trek, along with emergence of characters from computer games to take over the zombified bodies.

Terraforming

Using strong external AI to make collective adaptability so that smart bacteria can colonize many niches, bacterial-based AI or AI using bacteria could engage in terraforming. Attacking many niches that are important to humans or other life would be very destructive. Terraforming a planet you live on is not generally a good idea, but if an organism can inhabit land, sea or air and even space, there is plenty of scope to avoid self destruction. Fighting bacteria engaged on such a pursuit might be hard. Smart bacteria could spread immunity to toxins or biological threats almost instantly through a population.

Correlated traffic

Information waves and other correlated traffic, network resonance attacks are another way of using networks to collapse economies by taking advantage of the physical properties of the links and protocols rather than using more traditional viruses or denial or service attacks. AIs using smart dust or bacteria could launch signals in perfect coordination from any points on any networks simultaneously. This could push any network into resonant overloads that would likely crash them, and certainly act to deprive other traffic of bandwidth.

Decryption

Conscious botnets could be used to make decryption engines to wreck security and finance systems. Imagine how much more so a worldwide collection of trillions of AI-harnessed organisms or devices. Invisibly small smart dust and networked bacteria could also pick up most signals well before they are encrypted anyway, since they could be resident on keyboards or the components and wires within. They could even pick up electrical signals from a person’s scalp and engage in thought recognition, intercepting passwords well before a person’s fingers even move to type them.

Space guns

Solar wind deflector guns are feasible, ionizing some of the ionosphere to make a reflective surface to deflect some of the incoming solar wind to make an even bigger reflector, then again, thus ending up with an ionospheric lens or reflector that can steer perhaps 1% of the solar wind onto a city. That could generate a high enough energy density to ignite and even melt a large area of city within minutes.

This wouldn’t be as easy as using space based solar farms, and using energy direction from them. Space solar is being seriously considered but it presents an extremely attractive target for capture because of its potential as a directed energy weapon. Their intended use is to use microwave beams directed to rectenna arrays on the ground, but it would take good design to prevent a takeover possibility.

Drone armies

Drones are already becoming common at an alarming rate, and the sizes of drones are increasing in range from large insects to medium sized planes. The next generation is likely to include permanently airborne drones and swarms of insect-sized drones. The swarms offer interesting potential for WMDs. They can be dispersed and come together on command, making them hard to attack most of the time.

Individual insect-sized drones could build up an electrical charge by a wide variety of means, and could collectively attack individuals, electrocuting or disabling them, as well as overload or short-circuit electrical appliances.

Larger drones such as the ones I discussed in

http://carbonweapons.com/2013/06/27/free-floating-combat-drones/ would be capable of much greater damage, and collectively, virtually indestructible since each can be broken to pieces by an attack and automatically reassembled without losing capability using self organisation principles. A mixture of large and small drones, possibly also using bacteria and smart dust, could present an extremely formidable coordinated attack.

I also recently blogged about the storm router

http://carbonweapons.com/2014/03/17/stormrouter-making-wmds-from-hurricanes-or-thunderstorms/ that would harness hurricanes, tornados or electrical storms and divert their energy onto chosen targets.

In my Space Anchor novel, my superheroes have to fight against a formidable AI army that appears as just a global collection of tiny clouds. They do some of the things I highlighted above and come close to threatening human existence. It’s a fun story but it is based on potential engineering.

Well, I think that’s enough threats to worry about for today. Maybe given the timing of release, you’re expecting me to hint that this is an April Fool blog. Not this time. All these threats are feasible.

Deterring rape and sexual assault

Since writing this a new set of stats has come out (yes, I should have predicted that):

http://www.ons.gov.uk/ons/rel/crime-stats/crime-statistics/focus-on-violent-crime-and-sexual-offences–2012-13/rft-table-2.xls

New technology appears all the time, but it seemed to me that some very serious problems were being under-addressed, such as rape and sexual assault. Technology obviously won’t solve them alone, but I believe it could help to some degree. However, I wanted to understand the magnitude of the problem first, so sought out the official statistics. I found it intensely frustrating task that left me angry that government is so bad at collecting proper data. So although I started this as another technology blog, it evolved and I now also discuss the statistics too, since poor quality data collection and communication on such an important issue as rape is a huge problem in itself. That isn’t a technology issue, it is one of government competence.

Anyway, the headline stats are that:

1060 rapes of women and 522 rapes of girls under 16 resulted in court convictions. A third as many attempted rapes also resulted in convictions.

14767 reports of rapes or attempted rapes (typically 25%) of females were initially recorded by the police, of which 33% were against girls under 16.

The Crime Survey for England and Wales estimates that 69000 women claim to have been subjected to rape or attempted rape.

I will discuss the stats further after I have considered how technology could help to reduce rape, the original point of the blog.

This is a highly sensitive area, and people get very upset with any discussion of rape because of its huge emotional impact. I don’t want to upset anybody by misplacing blame so let me say very clearly:

Rape or sexual assault are never a victim’s fault. There are no circumstances under which it is acceptable to take part in any sexual act with anyone against their will. If someone does so, it is entirely their fault, not the victim’s. People should not have to protect themselves but should be free to do as they wish without fear of being raped or sexually assaulted. Some people clearly don’t respect that right and rapes and sexual assaults happen. The rest of us want fewer people to be raped or assaulted and want more guilty people to be convicted. Technology can’t stop rape, and I won’t suggest that it can, but if it can help reduce someone’s chances of becoming a victim or help convict a culprit, even in just some cases, that’s progress.  I just want to do my bit to help as an engineer. Please don’t just think up reasons why a particular solution is no use in a particular case, think instead how it might help in a few. There are lots of rapes and assaults where nothing I suggest will be of any help at all. Technology can only ever be a small part of our fight against sex crime.

Let’s start with something we could easily do tomorrow, using social networking technology to alert potential victims to some dangers, deter stranger rape or help catch culprits. People encounter strangers all the time – at work, on transport, in clubs, pubs, coffee bars, shops, as well as dark alleys and tow-paths. In many of these places, we expect IT infrastructure, communications, cameras, and people with smartphones. 

Social networks often use location and some apps know who some of the people near you are. Shops are starting to use face recognition to identify regular customers and known troublemakers. Videos from building cameras are already often used to try to identify potential suspects or track their movements. Suppose in the not-very-far future, a critical mass of people carried devices that recorded the data of who was near them, throughout the day, and sent it regularly into the cloud. That device could be a special purpose device or it could just be a smartphone with an app on it. Suppose a potential victim in a club has one. They might be able to glance at an app and see a social reputation for many of the people there. They’d see that some are universally considered to be fine upstanding members of the community, even by previous partners, who thought they were nice people, just not right for them. They might see that a few others have had relationships where one or more of their previous partners had left negative feedback, which may or may not be justified. The potential victim might reasonably be more careful with the ones that have dodgy reputations, whether they’re justified or not, and even a little wary of those who don’t carry such a device. Why don’t they carry one? Surely if they were OK, they would? That’s what critical mass does. Above a certain level of adoption, it would rapidly become the norm. Like any sort of reputation, giving someone a false or unjustified rating would carry its own penalty. If you try to get back at an ex by telling lies about them, you’d quickly be identified as a liar by others, or they might sue you for libel. Even at this level, social networking can help alert some people to potential danger some of the time.

Suppose someone ends up being raped. Thanks to the collection of that data by their device (and those of others) of who was where, when, with whom, the police would more easily be able to identify some of the people the victim had encountered and some of them would be able to identify some of the others who didn’t carry such a device. The data would also help eliminate a lot of potential suspects too. Unless a rapist had planned in advance to rape, they may even have such a device with them. That might itself be a deterrent from later raping someone they’d met, because  they’d know the police would be able to find them easier. Some clubs and pubs might make it compulsory to carry one, to capitalise on the market from being known as relatively safe hangouts. Other clubs and pubs might be forced to follow suit. We could end up with a society where most of the time, potential rapists would know that their proximity to their potential victim would be known most of the time. So they might behave.

So even social networking such as we have today or could easily produce tomorrow is capable of acting as a deterrent to some people considering raping a stranger. It increases their chances of being caught, and provides some circumstantial evidence at least of their relevant movements when they are.

Smartphones are very underused as a tool to deter rape. Frequent use of social nets such as uploading photos or adding a diary entry into Facebook helps to make a picture of events leading up to a crime that may later help in inquiries. Again, that automatically creates a small deterrence by increasing the chances of being investigated. It could go a lot further though. Life-logging may use a microphone that records a continuous audio all day and a camera that records pictures when the scene changes. This already exists but is not in common use yet – frequent Facebook updates are as far as most people currently get to life-logging. Almost any phone is capable of recording audio, and can easily do so from a pocket or bag, but if a camera is to record frequent images, it really needs to be worn. That may be OK in several years if we’re all wearing video visors with built-in cameras, but in practice and for the short-term, we’re realistically stuck with just the audio.

So life-logging technology could record a lot of the events, audio and pictures leading up to an offense, and any smartphone could do at least some of this. A rapist might forcefully search and remove such devices from a victim or their bag, but by then they might already have transmitted a lot of data into the cloud, possibly even evidence of a struggle that may be used later to help convict. If not removed, it could even record audio throughout the offence, providing a good source of evidence. Smartphones also have accelerometers in them, so they could even act as a sort of black box, showing when a victim was still, walking, running, or struggling. Further, phones often have tracking apps on them, so if a rapist did steal a phone, it may show their later movements up to the point where they dumped it. Phones can also be used to issue distress calls. An emergency distress button would be easy to implement, and could transmit exact location stream audio  to the emergency services. An app could also be set up to issue a distress call automatically under specific circumstances, such at it detecting a struggle or a scream or a call for help. Finally, a lot of phones are equipped for ID purposes, and that will generally increase the proportion of people in a building whose identity is known. Someone who habitually uses their phone for such purposes could be asked to justify disabling ID or tracking services when later interviewed in connection with an offense. All of these developments will make it just a little bit harder to escape justice and that knowledge would act as a deterrent.

Overall, a smart phone, with its accelerometer, positioning, audio, image and video recording and its ability to record and transmit any such data on to cloud storage makes it into a potentially very useful black box and that surely must be a significant deterrent. From the point of view of someone falsely accused, it also could act as a valuable proof of innocence if they can show that the whole time they were together was amicable, or if indeed they were somewhere else altogether at the time. So actually, both sides of a date have an interest in using such black box smartphone technology and on a date with someone new, a sensible precautionary habit could be encouraged to enable continuous black box logging throughout a date. People might reasonably object to having a continuous recording happening during a legitimate date if they thought there was a danger it could be used by the other person to entertain their friends or uploaded on to the web later, but it could easily be implemented to protect privacy and avoiding the risk of misuse. That could be achieved by using an app that keeps the record on a database but gives nobody access to it without a court order. It would be hard to find a good reason to object to the other person protecting themselves by using such an app. With such protection and extra protection, perhaps it could become as much part of safe sex as using a condom. Imagine if women’s groups were to encourage a trend to make this sort of recording on dates the norm – no app, no fun!

These technologies would be useful primarily in deterring stranger rape or date rape. I doubt if they would help as much with rapes that are by someone the victim knows. There are a number of reasons. It’s reasonable to assume that when the victim knows the rapist, and especially if they are partners and have regular sex, it is far less likely that either would have a recording going. For example, a woman may change her mind during sex that started off consensually. If the man forces her to continue, it is very unlikely that there would be anything recorded to prove rape occurred. In an abusive or violent relationship, an abused partner might use an audio recording via a hidden device when they are concerned – an app could initiate a recording on detection of a secret keyword, or when voices are raised, even when the phone is put in a particular location or orientation. So it might be easy to hide the fact that a recording is going and it could be useful in some cases. However, the fear of being caught doing so by a violent partner might be a strong deterrent, and an abuser may well have full access to or even control of their partner’s phone, and most of all, a victim generally doesn’t know they are going to be raped. So the phone probably isn’t a very useful factor when the victim and rapist are partners or are often together in that kind of situation. However, when it is two colleagues or friends in a new kind of situation, which also accounts for a significant proportion of rapes, perhaps it is more appropriate and normal dating protocols for black box app use may more often apply. Companies could help protect employees by insisting that such a black box recording is in force when any employees are together, in or out of office hours. They could even automate it by detecting proximity of their employees’ phones.

The smartphone is already ubiquitous and everyone is familiar with installing and using apps, so any of this could be done right away. A good campaign supported by the right groups could ensure good uptake of such apps very quickly. And it needn’t be all phone-centric. A new class of device would be useful for those who feel threatened in abusive relationships. Thanks to miniaturisation, recording and transmission devices can easily be concealed in just about any everyday object, many that would be common in a handbag or bedroom drawer or on a bedside table. If abuse isn’t just a one-off event, they may offer a valuable means of providing evidence to deal with an abusive partner.

Obviously, black boxes or audio recording can’t stop someone from using force or threats, but it can provide good quality evidence, and the deterrent effect of likely being caught is a strong defence against any kind of crime. I think that is probably as far as technology can go. Self-defense weapons such as pepper sprays and rape alarms already exist, but we don’t allow use of tasers or knives or guns and similar restrictions would apply to future defence technologies. Automatically raising an alarm and getting help to the scene quickly is the only way we can reasonably expect technology to help deal with a rape that is occurring, but that makes the use of deterrence via probably detection all the more valuable. Since the technologies also help protect the innocent against false accusations, that would help in getting their social adoption.

So much for what we could do with existing technology. In a few years, we will become accustomed to having patches of electronics stuck on our skin. Active skin and even active makeup will have a lot of medical functions, but it could also include accelerometers, recording devices, pressure sensors and just about anything that uses electronics. Any part of the body can be printed with active skin or active makeup, which is then potentially part of this black box system. Invisibly small sensors in makeup, on thin membranes or even embedded among skin cells could notionally detect, measure and record any kiss, caress, squeeze or impact, even record the physical sensations experiences by recording the nerve signals. It could record pain or discomfort, along with precise timing, location, and measure many properties of the skin touching or kissing it too. It might be possible for a victim to prove exactly when a rape happened, exactly what it involved, and who was responsible. Such technology is already being researched around the world. It will take a while to develop and become widespread, but it will come.

I don’t want this to sound frivolous, but I suggested many years ago that when women get breast implants, they really ought to have at least some of the space used for useful electronics, and electronics can actually be made using silicone. A potential rapist can’t steal or deactivate a smart breast implant as easily as a phone. If a woman is going to get implants anyway, why not get ones that increase her safety by having some sort of built-in black box? We don’t have to wait a decade for the technology to do that.

The statistics show that many rapes and sexual assaults that are reported don’t result in a conviction. Some accusations may be false, and I couldn’t find any figures for that number, but lack of good evidence is one of the biggest reasons why many genuine rapes don’t result in conviction. Technology can’t stop rapes, but it can certainly help a lot to provide good quality evidence to make convictions more likely when rapes and assaults do occur.

By making people more aware of potentially risky dates, and by gathering continuous data streams when they are with someone, technology can provide an extra level of safety and a good deterrent against rape and sexual assault. That in no way implies that rape is anyone’s fault except the rapist, but with high social support, it could help make a significant drop in rape incidence and a large rise in conviction rates. I am aware that in the biggest category, the technology I suggest has the smallest benefit to offer, so we will still need to tackle rape by other means. It is only a start, but better some reduction than none.

The rest of this blog is about rape statistics, not about technology or the future. It may be of interest to some readers. Its overwhelming conclusion is that official stats are a mess and nobody has a clue how many rapes actually take place.

Summary Statistics

We hear politicians and special interest groups citing and sometimes misrepresenting wildly varying statistics all the time, and now I know why. It’s hard to know the true scale of the problem, and very easy indeed to be confused by  poor presentation of poor quality government statistics in the sexual offenses category. That is a huge issue and source of problems in itself. Although it is very much on the furthest edge of my normal brief, I spent three days trawling through the whole sexual offenses field, looking at the crime survey questionnaires, the gaping holes and inconsistencies in collected data, and the evolution of offense categories over the last decade. It is no wonder government policies and public debate are so confused when the data available is so poor. It very badly needs fixed. 

There are several stages at which some data is available outside and within the justice system. The level of credibility of a claim obviously varies at each stage as the level of evidence increases.

Outside of the justice system, someone may claim to have been raped in a self-completion module of The Crime Survey for England and Wales (CSEW), knowing that it is anonymous, nobody will query their response, no further verification will be required and there will be no consequences for anyone. There are strong personal and political reasons why people may be motivated to give false information in a survey designed to measure crime levels (in either direction), especially in those sections not done by face to face interview, and these reasons are magnified when people filling it in know that their answers will be scaled up to represent the whole population, so that already introduces a large motivational error source. However, even for a person fully intending to tell the truth in the survey, some questions are ambiguous or biased, and some are highly specific while others leave far too much scope for interpretation, leaving gaps in some areas while obsessing with others. In my view, the CSEW is badly conceived and badly implemented. In spite of unfounded government and police assurances that it gives a more accurate picture of crime than other sources, having read it, I have little more confidence in the Crime Survey for England and Wales (CSEW)  as an indicator of actual crime levels than a casual conversation in a pub. We can be sure that some people don’t report some rapes for a variety of reasons and that in itself is a cause for concern. We don’t know how many go unreported, and the CSEW is not a reasonable indicator. We need a more reliable source.

The next stage for potential stats is that anyone may report any rape to the police, whether of themselves, a friend or colleague, witnessing a rape of a stranger, or even something they heard. The police will only record some of these initial reports as crimes, on a fairly common sense approach. According to the report, ‘the police record a crime if, on the balance of probability, the circumstances as reported amount to a crime defined by law and if there is no credible evidence to the contrary‘. 7% of these are later dropped for reasons such as errors in initial recording or retraction. However, it has recently been revealed that some forces record every crime reported whereas others record it only after it has passed the assessment above, damaging the quality of the data by mixing two different types of data together. In such an important area of crime, it is most unsatisfactory that proper statistics are not gathered in a consistent way for each stage of the criminal justice process, using the same criteria in every force.

Having recorded crimes, the police will proceed some of them through the criminal justice system.

Finally, the courts will find proven guilt in some of those cases.

I looked for the data for each of these stages, expecting to find vast numbers of table detailing everything. Perhaps they exist, and I certainly followed a number of promising routes, but most of the roads I followed ended up leading back to the CSEW and the same overview report. This joint overview report for the UK was produced by the  Ministry of Justice, Home Office and the Office for National Statistics in 2013, and it includes a range of tables with selected data from actual convictions through to results of the crime survey of England and Wales. While useful, it omits a lot of essential data that I couldn’t find anywhere else either.

The report and its tables can be accessed from:

http://www.ons.gov.uk/ons/rel/crime-stats/an-overview-of-sexual-offending-in-england—wales/december-2012/index.html

Another site gives a nice infographic on police recording, although for a different period. It is worth looking at if only to see the wonderful caveat: ‘the police figures exclude those offences which have not been reported to them’. Here it is:

http://www.ons.gov.uk/ons/rel/crime-stats/crime-statistics/period-ending-june-2013/info-sexual-offenses.html

In my view the ‘overview of sexual offending’ report mixes different qualities of data for different crimes and different victim groups in such a way as to invite confusion, distortion and misrepresentation. I’d encourage you to read it yourself if only to convince you of the need to pressure government to do it properly. Be warned, a great deal of care is required to work out exactly what and which victim group each refers to. Some figures include all people, some only females, some only women 16-59 years old. Some refer to different crime groups with similar sounding names such as sexual assault and sexual offence, some include attempts whereas others don’t. Worst of all, some very important statistics are missing, and it’s easy to assume another one refers to what you are looking for when on closer inspection, it doesn’t. However, there doesn’t appear to be a better official report available, so I had to use it. I’ve done my best to extract and qualify the headline statistics.

Taking rapes against both males and females, in 2011, 1153 people were convicted of carrying out 2294 rapes or attempted rapes, an average of 2 each. The conviction rate was 34.6% of 6630 proceeded against, from 16041 rapes or attempted rapes recorded by the police. Inexplicably, conviction figures are not broken down by victim gender, nor by rape or attempted rape. 

Police recording stats are broken down well. Of the 16041, 1274 (8%) of the rapes and attempted rapes recorded by the police were against males, while 14767 (92%) were against females. 33% of the female rapes recorded and 70% of male rapes recorded were against children (though far more girls were raped than boys). Figures are also broken down well against ethnicity and age, for offender and victim. Figures elsewhere suggested that 25% of rape attempts are unsuccessful, which combined with the 92% proportion that were rapes of females would indicate 1582 convictions for actual rape of a female, approximately 1060 women and 522 girls, but those figures only hold true if the proportions are similar through to conviction. 

Surely such a report should clearly state such an important figure as the number of rapes of a female that led to a conviction, and not leave it to readers to calculate their own estimate from pieces of data spread throughout the report. Government needs to do a lot better at gathering, categorising, analysing and reporting clear and accurate data. 

That 1582 figure for convictions is important, but it represents only the figure for rapes proven beyond reasonable doubt. Some females were raped and the culprit went unpunished. There has been a lot of recent effort to try to get a better conviction rate for rapes. Getting better evidence more frequently would certainly help get more convictions. A common perception is that many or even most rapes are unreported so the focus is often on trying to get more women to report it when they are raped. If someone knows they have good evidence, they are more likely to report a rape or assault, since one of the main reasons they don’t report it is lack of confidence that the police can do anything.

Although I don’t have much confidence in the figures from the CSEW, I’ll list them anyway. Perhaps you have greater confidence in them. The CSEW uses a sample of people, and then results are scaled up to a representation of the whole population. The CSEW (Crime Survey of England and Wales) estimates that 52000 (95% confidence level of between 39000 and 66000) women between 16 and 59 years old claim to have been victim of actual rape in the last 12 months, based on anonymous self-completion questionnaires, with 69000 (95% confidence level of between 54000 and 85000) women claiming to have been victim of attempted or actual rape in the last 12 months. 

In the same period, 22053 sexual assaults were recorded by the police. I couldn’t find any figures for convictions for sexual assaults, only for sexual offenses, which is a different, far larger category that includes indecent exposure and voyeurism. It isn’t clear why the report doesn’t include the figures for sexual assault convictions. Again, government should do better in their collection and presentation of important statistics.

The overview report also gives the stats for the number of women who said they reported a rape or attempted rape. 15% of women said they told the police, 57% said they told someone else but not the police, and 28% said they told nobody. The report does give the reasons commonly cited for not telling the police: “Based on the responses of female victims in the 2011/12 survey, the most frequently cited were that it would be ‘embarrassing’, they ‘didn’t think the police could do much to help’, that the incident was ‘too trivial/not worth reporting’, or that they saw it as a ‘private/family matter and not police business’.”

Whether you pick the 2110 convictions of rape or attempted rape against a female or the 69000 claimed in anonymous questionnaires, or anywhere in between, a lot of females are being subjected to actual and attempted rapes, and a lot victim of sexual assault. The high proportion of victims that are young children is especially alarming. Male rape is a big problem too, but the figures are a lot lower than for female rape.

And another new book: You Tomorrow, 2nd Edition

I wrote You Tomorrow two years ago. It was my first ebook, and pulled together a lot of material I’d written on the general future of life, with some gaps then filled in. I was quite happy with it as a book, but I could see I’d allowed quite a few typos to get into the final work, and a few other errors too.

However, two years is a long time, and I’ve thought about a lot of new areas in that time. So I decided a few months ago to do a second edition. I deleted a bit, rearranged it, and then added quite a lot. I also wrote the partner book, Total Sustainability. It includes a lot of my ideas on future business and capitalism, politics and society that don’t really belong in You Tomorrow.

So, now it’s out on sale on Amazon

http://www.amazon.co.uk/You-Tomorrow-humanity-belongings-surroundings/dp/1491278269/ in paper, at £9.00 and

http://www.amazon.co.uk/You-Tomorrow-Ian-Pearson-ebook/dp/B00G8DLB24 in ebook form at £3.81 (guessing the right price to get a round number after VAT is added is beyond me. Did you know that paper books don’t have VAT added but ebooks do?)

And here’s a pretty picture:

You_Tomorrow_Cover_for_Kindle