Folks like Joe Slowik, Grugq and you (Dave) have tried to articulate the CONOPS for worms since long. In their current forms, worms look like IO packages in full-spectrum missions. Ignoring technical problems like extreme target dependence for worms, "harm" would always be defined at the policy level, and then technical. There is a reason why Defend Forward assumes that establishing "contact" in forward areas is a precursor to producing signals or effects (and that reason is not technical). That's also why SolarWinds was missed. You could have neatly placed (wormable) SolarWinds on the axis of Gerasimov Doctrine where "crisis reaction" morphs into "localisation" and "neutralisation" of conflict. A whole genre of Russian or Chinese doctrinal literature on noncontact operations is highly conducive for worms; but then, you can't see things in isolation. You start talking about things like systems-on-systems warfare. It becomes way more than just target discrimination and noncombatants. You enter an informational conflict (la US vs. Nicaragua). You start imbibing the Russian definition of asymmetricity and Creative Military Thought -- worms would fall under the same category as "inspection satellites." Everything becomes Reflexive Control. That's where the norms customary law would come from, such behavioral precedents.  

On Fri, Jan 29, 2021 at 12:13 AM Dave Aitel via Dailydave <dailydave@lists.aitelfoundation.org> wrote:
I mean, the goal of the question is to start putting some meat on the idea of what "harm" is and how that is reflected both from a policy and technical perspective. But also: It's useful to put some real definitions around what is required to make people comfortable with fully-automated techniques. 

I don't think the idea that we are going to come up with and enforce norms is as useful as figuring out what the norms really are sometimes, perhaps.

-dave


On Thu, Jan 28, 2021 at 12:39 AM Dave Dittrich <dave.dittrich@gmail.com> wrote:
Did any of them mention international humanitarian law, specifically
discrimination, respecting territory of neutral ("green") actors and
their infrastructure, and avoiding harm to neutral third parties and
non-combatants? The problem with most worms is the inability to
accurately discriminate targets and resulting harm. This is an area
where technical experts need to be balanced with operators and policy
makers to ensure that non-technical operators and policy makers fully
understand what it is that they are talking about. And where use of
*all* of the levers of sovereign power, in partnership with other
nations, to establish and enforce norms, is crucial. Should we really
consider unconstrained damage and instantaneous global chaos as "fun?"
;)


On Wed, Jan 27, 2021 at 8:45 PM Dave Aitel via Dailydave
<dailydave@lists.aitelfoundation.org> wrote:
>
> So one of my new fav questions to ask policy teams is what they would do if they were told to switch their offensive team entirely to worms. Nothing else. Just worms. What needs to change to make that happen - from op tempo to supply chain to personnel to policy and technological investment.
>
> And how would their defensive team need to change strategically if they were facing such an offensive team.
>
> It's a fun thing to see people wrap their minds around. :)
>
> Also, if you missed it, yesterday's CYBER HOT TAKES are here:
> https://www.youtube.com/watch?v=hzcmfIgvj7A&t=2s&ab_channel=DaveAitel
>
> -dave
>
> _______________________________________________
> Dailydave mailing list -- dailydave@lists.aitelfoundation.org
> To unsubscribe send an email to dailydave-leave@lists.aitelfoundation.org



--
Dave Dittrich
@davedittrich
dave.dittrich@gmail.com
https://davedittrich.github.io/
_______________________________________________
Dailydave mailing list -- dailydave@lists.aitelfoundation.org
To unsubscribe send an email to dailydave-leave@lists.aitelfoundation.org