Looking at Stuxnet [1] the distance between those two is less than most think, a...

ameister14 · on March 31, 2017

Stuxnet didn't kill hundreds of thousands of people. I think that while the distance has narrowed, perhaps it isn't as narrow as you think.

Strom · on April 1, 2017

What a peculiar thing to argue, but in the same spirit most nukes haven't killed a single person. The ones that did had really good delivery mechanisms, which don't come prepackaged with the nuke.

ameister14 · on April 1, 2017

Are you really arguing that nuclear weapons and stuxnet are similar because most nukes haven't been used on people? Why?

I get that you're saying Stuxnet is an example of programming having real world, physical effects, but this is a very strange argument because a lot of things that we have no moral or legal issue with anyone owning have the potential for outsized physical effect. Nuclear weapons have been used to kill hundreds of thousands of people, so the line we spoke about earlier, they belong on the 'not for everyone and ideally not for anyone' side of it, along with chemical and biological weapons.

A RAT doesn't quite seem to go that far.

Strom · on April 1, 2017

> Are you really arguing that nuclear weapons and stuxnet are similar because most nukes haven't been used on people?

Definitely not arguing that they're similar. More so about the difference decreasing at a greater rate than people seem to realize.

Taking a step back and talking in more general terms. Nukes are dangerous because they allow one person to do harm to masses. The same statement is increasingly more true in the software world. I feel like this isn't understood well enough (or is ignored?) by most people.

As an example, we're putting more and more software into cars, internet connected software even. If this software follows the security practices of almost any other software, then it won't take long until malicious users will move from opening CD trays to car doors.