5-Jun-86 01:24:24-PDT,4370;000000000000 Mail-From: NEUMANN created at 5-Jun-86 01:20:33 Date: Thu 5 Jun 86 01:20:32-PDT From: RISKS FORUM (Peter G. Neumann, Coordinator) Subject: RISKS-3.2 [supplement to 3.1] Sender: NEUMANN@SRI-CSL.ARPA To: RISKS-LIST@SRI-CSL.ARPA RISKS-LIST: RISKS-FORUM Digest, Thursday, 5 June 1986 Volume 3 : Issue 2 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Are SDI Software predictions biased by old tactical software? (Herb Lin) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@SRI-CSL.ARPA, Requests to RISKS-Request@SRI-CSL.ARPA.) (Back issues Vol i Issue j available in SRI-CSL:RISKS-i.j. Summary Contents in MAXj for each i; Vol 1: RISKS-1.46; Vol 2: RISKS-2.57.) ---------------------------------------------------------------------- Date: Thu, 5 Jun 1986 01:58 EDT From: LIN@XX.LCS.MIT.EDU To: Cc: arms-d@XX.LCS.MIT.EDU, risks@SRI-CSL.ARPA Subject: Are SDI Software predictions biased by old tactical software? [Since Herb was evidently up late, since I was up late also, and since distribution of this message may stave off many overlapping responses to Bob Estell and prompt many rebuttals as well, it seems appropriate to distribute this response from Herb Lin as a special one-message issue that you can read along with RISKS-3.1. SDI is probably one of the most significant debate subjects of our lifetimes and deserves thorough coverage. Yes, it does mix politics and technology. It must. There is simply no other way. So, don't be UP IN ARMS-D. But let us keep any subsequent discussion cogent and sensible. PGN] From: ... At some personal risk, let me say at the outset that SDI, as ballyhooed in the popular press, may never work - certainly not in this decade. It is NOT the public press that says that SDI will create a perfect defense. It is the President and the Secretary of Defense. ...Similarly, one errant SDI computer need not fail the entire network - anymore than one failing IMP need crash the entire ARPANET. That point has never been made by the critics either. The problem is not that it WOULD, but that some fundamental design error COULD fail the entire system. There is no way to rule that out. ... A missile defense is worth having if it is good enough to save only 5% of the USA population in an all-out nuclear attack. Not necessarily true. If having a defense that can kill 5% of the current Soviet threat prompts the Soviets to increase their missile force by a factor of two, we are not better off, and the missile defense would not be worth having. That shield might save 75% of the population in a terrorist attack, launched by an irresponsible source; this is far more likely than a saturation attack by a well armed power like the USSR. Where will the Libyans get even one ICBM? Besides, we NOW have the capability to build defenses against one missile aimed against the US, and we don't need SDI for that. We solved that problem in the 1960's. The hard problem is the saturation attack. ... I am saying that if we don't try, we won't progress... But my point is that we must not shun the challenge to TRY to improve the software in the field, and the tools used to design and build and test it. But if trying makes war and nuclear buildups more likely, then we may not progress either. Actions are taken or not taken in a context; most responsible critics of SDI argue that there is a downside to "just doing research". That downside has to be evaluated. Specifically, a system that works with questionable reliability or effectiveness is most useful in the aftermath of a thinned-out retaliatory blow, i.e., one that most closely resembles your terrorist attack. Thus, it is not unreasonable to interpret the building of defenses as an offensive act. ------------------------------ End of RISKS-FORUM Digest ************************ -------