

Make You Nervous that Countries with Nuke Buttons Can't Authenticate Each Other? Moreover, Why? - bprater
http://www.latimes.com/news/local/la-fg-pakistan-india7-2008dec07,0,4456565.story

======
curiousgeorge
I learned something interesting in grad school. It is that the Nash
Equilibrium for mutual assured destruction involves the occasional nuclear
explosion simply because players must be credibly irrational for the threat of
deterrence to be effective. I can't figure out if this is interesting or
crazy. But the fact we're not all dead suggests to me that rationality is
overrated in politics as in economics.

------
bprater
I submitted this because it seems strange that as much as we talk about
security and it's importance here -- that there isn't an established protocol
between leaders for authenticating the other party. We saw a similar situation
recently with Governor Palin.

I'm interested to get your take on why the most powerful people in the world
can't establish something as simple as a protocol to ensure they are
communicating with the right person.

~~~
sdurkin
Its absurd, and there's no excuse. My guess is that it solves a problem that
hasn't arisen yet. Not many countries have had sophisticated e-warfare
capabilities until recently and most countries have communicated over
encrypted means since WWII. Up until recently this was enough to ensure
identity, because heads of state communicated rarely, and they were the only
ones who needed flawless verification. As we proceed into the next century,
there's going to be a greater need for authentication at all levels of
government, and in private life. For example, I'm surprised we don't see more
forged emails that cause serious damage.

This reminds me of something I can't put my finger on. It was an article that
hypothesized a state who's authority was controlled by authentication
mechanisms. I feel like I may have even seen it here... Any help?

~~~
thwarted
The way your first paragraph is worded reminds me of this Obama-using-a-
blackberry stuff that is making the rounds. There are other risks than the
receiving end in the president's case. When it's easier to communicate, via
any available channel, the ability to access the communication channel ceases
to be a decent (reliable?) authentication mechanism.

Movies always seem to get this wrong, in both directions. I mean, did Trinity
REALLY have to physically break in to the power plant to use an ssh exploit?
If she could break in, why was an ssh exploit necessary. And if she could use
an ssh exploit, why did physical access help? It all seems unlikely (but makes
for good explosions).

