Jump to content
Science Forums

Ethics, Safety, And Security Concerns


gonnn

Recommended Posts

Speaking as a professional computer security system expert and designer/programmer of many years, I assure you that not every computer system can be broken into. Most can, because absolute security is expensive and time consuming, so the amount of risk to the system due to vulnerability to intrusion is weighted against the potential cost of the intrusion, but technically, it’s not difficult to make a system that is both easily available to many poorly authenticated users of a specific program – such as players of MORPG like SAO – yet completely secure against alteration of the program by unauthorized programmers – hackers – provided that the computers of all authorized developers use special software and are physically secure. Absolute, 100% security is essentially a result of absolute secrecy, which can be provided by cyphersystems using one-time pads. One-time pads are even proof against brute force attacks involving arbitrarily large numbers of arithmetic operations, such as those hypothetically possible by quantum computers that don’t yet (and possibly never will) exist.

 

In short, adequate security is low in my assessment of the challenges to creating deeply immersive VR system like the fictional deep dive from SAO. Of course, it shouldn’t be ignored, but I wouldn’t worry about it.

 

That is reassuring, not only for the 'hacking' point of view, but also for the concern for "Government Intrusion". If the system was rather secure then we wouldn't have to worry about people being concerned for anyone, really, coming in and trying to mess with them. Thank you. That actually helps with a lot of the "Ethics" portion of DDW.

Link to comment
Share on other sites

Hey guys.

 

Kilravok, I'd like to take this moment to say I respect everything you're saying. We're both on the same book with everything you said. I appreciate the fact that you love the idea of a world where your skills and willingness to learn will guide you to happier prospects than having your life dictated by paperwork and expectations. I respect that but there's a word you used that I absolutely despise... 'Fight'. Now, granted SAO has a combat system that encourages you to fight monsters, but that has massive team-based elements where we work together to beat a common enemy. We shouldn't need to fight to achieve a goal we all share. We all have our reservations about certain aspects with this project, but thats why we're here, to ease each other's minds.

 

But I suppose I just dont trust the world to use this technology solely for good. Even though there's all of us with the good intent out there, we're just the 1% of the world that actually comes into this prospect of good intent. Everyone else sees this as a cash cow. Hell, I'd even see this as a chance for Google to control more of the online universe... and look what they did to Youtube...

I just cant trust the good in everyone to provide the best results regardless of how hard we try.

 

But as I said before, my own want is to be proven wrong and that everyone who can make this can do so with the best intent.

 

Sorry for being a negative nancy all this time. I'm normally trying to find a silver lining in everything, I guess that's why I address such things as the population doing what they do.

 

But to counter my negativity, I'll bring up some technical viewpoints here.

 

1. I see where everyone's coming with the whole smell and taste thing, but we have to remember that if the brain has any control over the body, there could be a neural collision between send and receive. If you eat in-game, your brain may return to the body saying it shoudlnt be. This bring the conflict of which is stronger? The mind telling the body it isnt hungry, or vice versa? Meaning there could be in-game over-consumption, or physical deterioration... this really would fall down to the implementation method for the product as a whole, but I'd say we reserve the taste and smell functions to a safety protocol alone. Use it as a method of identifying when something happens to the body... or I could be looking too much into it.

 

In the case of security, although being low on priority, it's a concern I feel we can bypass by using the concept from the show, that SAO had its own Operating System. If this is the case we could possibly cut out all security concerns entirely because only direct product designers would have the coding for it. Current generation programming will have flaws because a lot of applications would be easily breached, so a new OS would make things more difficult. With a new file structure and command list, we could make it harder and harder to break. Viruses are also one thing that people worry about that we could reduce the concern for. People will tend to think of viruses by the stereotype (e.g. like pouring acid on a metal block, some people would see a virus as something that would melt their computer) but it's not. It's just a system of code used to force the OS to run autonomously despite user awareness.

example: I could create a shortcut to the following command,

 

Shutdown -r -t "1"

 

This command, when run, would reboot the computer as soon as the user logged in. If there's one user and no password, it becomes a loop or log in, restart, login, restart, etc. This would be a virus to many, but really it's just an abused system command. Nothing more.

Besides, hackers have more fun with Windows users.

But if we needed to introduce a security system to the game, I'd say CraigD would be the guy to get that secured

Great Faith for the CraigD! *bows*

 

But other than that, I'm just throwing things out there.

I'll just say that, as much as enthusiasm is an amazing thing, let's ensure we have the logic down before trying to create anything. We dont want to fork out on building something, only to find something crops up that we cant explain, or cant fix.

 

... and you dont need billions to make these things. You just need to run everything down to basics, draw up a basic design and estimate totals from that :)

So dont worry about money just yet

 

 

Once again, sincerest apologies for the negative stuff I say. I just dont want to see this turn from an ambitious venture for creating a paradise to resort to if life gets you down, to building a giant money-making social engine and calling it Facebook City :p facebook in 2D is bad enough.

Link to comment
Share on other sites

I see where you are coming from with a company using this for their own personal profit. I honestly don't know how I feel about Google anymore. They do some really cool stuff that seems like they want to help humanity, and then they do things that seem like they want to run the world. The idea of hot air balloons with wifi is genius, but then you'd be using google's wifi. Unless Google decided to lease them to other companies for profit, but that isn't important. Facebook buying the Oculus Rift made me really sad because that company shouldn't have a hold on something like the OR. However, the only way to become a company like that is if 1. We sell ourselves to another company that offers a vast amount of money, or 2. We decided as a group that we want money so we take this project and use it as a "cash cow". I think strong willpower to do something right and communication will help us stay on track. But you're right, Facebook city would be terrible... Then you could never escape your family...

I was also wondering about eating and drinking. You bring up an excellent point about hunger and thirst. It would help immersion in a sense, but I think it would also take away from reality. People might forget that just cause they eat in the game doesn't mean they aren't still hungry in the real world. Also, do you know how hard it is to replicate food? I don't, but I could imagine it is incredibly difficult. Haha. How would the game know when you are hungry? Will it override the brain's commands on hunger and thirst? How dangerous is it to have the concept of being hungry and thristy in a full VR game? What if you are hungry in real life so the brain tells you that you are hungry. Would the game then have a system messages that warns you about being hungry in real life? Or would the game just tell you to eat in-game? Would it be like Minecraft hunger, where the hunger isn't real, the player wouldn't feel hungry, but they have to keep their hunger up or they will lose *Blank*. In Minecraft you lost health, but SAO could be like speed, attack speed, strength, just overall sluggishness from not eating, you know? You would still feel the effects of having not eaten in awhile, but it would have no control over your hunger in reality, thus not having the issue of "Am I actually hungry in real life or is this the game?"

 

I'm starting to think that we should put out a model DDW that has a very few of these VR capabilities, like the pressure on the feet to simulate standing on something, and hold off on taste, smell, pain (although that one could go in the base model if we wanted) and focus on perfecting the basic aspects of VR. After we make it feel like you are in a whole other world with completely control over your body in game, we could work on adding these other concepts we are throwing out as we all agree on adding them.

 

We could also have an authentication like Blizzard has, but it could be your fingerprint like Apple does now with iPhones, or even something as crazy as the retinal scanner that( I would assume be in the DDW) could scan your eyes and know that it is you. If someone tried to log in, or use your system, it would have to have an authentication from either your finger or your eyes (Or any other method we come up with. It could be something crazy as the DDW memorizing the dimensions of your head.)

Edited by KiriyagaKazuto
Link to comment
Share on other sites

I see where you are coming from with a company using this for their own personal profit. I honestly don't know how I feel about Google anymore. They do some really cool stuff that seems like they want to help humanity, and then they do things that seem like they want to run the world. The idea of hot air balloons with wifi is genius, but then you'd be using google's wifi. Unless Google decided to lease them to other companies for profit, but that isn't important. Facebook buying the Oculus Rift made me really sad because that company shouldn't have a hold on something like the OR. However, the only way to become a company like that is if 1. We sell ourselves to another company that offers a vast amount of money, or 2. We decided as a group that we want money so we take this project and use it as a "cash cow". I think strong willpower to do something right and communication will help us stay on track. But you're right, Facebook city would be terrible... Then you could never escape your family...

I was also wondering about eating and drinking. You bring up an excellent point about hunger and thirst. It would help immersion in a sense, but I think it would also take away from reality. People might forget that just cause they eat in the game doesn't mean they aren't still hungry in the real world. Also, do you know how hard it is to replicate food? I don't, but I could imagine it is incredibly difficult. Haha. How would the game know when you are hungry? Will it override the brain's commands on hunger and thirst? How dangerous is it to have the concept of being hungry and thristy in a full VR game? What if you are hungry in real life so the brain tells you that you are hungry. Would the game then have a system messages that warns you about being hungry in real life? Or would the game just tell you to eat in-game? Would it be like Minecraft hunger, where the hunger isn't real, the player wouldn't feel hungry, but they have to keep their hunger up or they will lose *Blank*. In Minecraft you lost health, but SAO could be like speed, attack speed, strength, just overall sluggishness from not eating, you know? You would still feel the effects of having not eaten in awhile, but it would have no control over your hunger in reality, thus not having the issue of "Am I actually hungry in real life or is this the game?"

 

I'm starting to think that we should put out a model DDW that has a very few of these VR capabilities, like the pressure on the feet to simulate standing on something, and hold off on taste, smell, pain (although that one could go in the base model if we wanted) and focus on perfecting the basic aspects of VR. After we make it feel like you are in a whole other world with completely control over your body in game, we could work on adding these other concepts we are throwing out as we all agree on adding them.

 

We could also have an authentication like Blizzard has, but it could be your fingerprint like Apple does now with iPhones, or even something as crazy as the retinal scanner that( I would assume be in the DDW) could scan your eyes and know that it is you. If someone tried to log in, or use your system, it would have to have an authentication from either your finger or your eyes (Or any other method we come up with. It could be something crazy as the DDW memorizing the dimensions of your head.)

The authentication process could be something like this: You start the game, you login, and you place your hand on some kind of interface window that will scan it, and check if its the same as when you started up for the first time and registered, or the nervegear would have somekind of finger scanning system that would store the data inside the nervegear, but isn't it possible to hack your account that way? The security system that would be made for the nervegear is a complete different story, and is actually a close problem for now, as because we need to decide of what parts is it going to consist. Lets be fair with everything, there is no such thing as a PERFECT & COMPLETE security system that would be unhackable in any way and the fact that nowadays you can almost DDOS anyone and ANYTHING is terrorising.

I've got couple of points to the DDOS point I made. First of all you have 1 starting point, network. The network shares internet to giant companies, like MTC and Beeline in Russia, or O2, Vodafone, T-Mobile and others in England, thats not the point, there is endless amount of these networks around the world. And in own order these networks share internet to other individuals and smaller companies, thought even these can share internet to even SMALLER companies that share internet and network to their customers. And this web of sharing is really big, so it's not that hard to buy off a company and DDOS someone or some computer system. I think expirienced gamers would understand what I'm talking about, not just gamers but also people that work at such companies or study computer science/programming, doesn't matter really. 

How would we deal with such attacks? How would we deal with hackers? It's just enough to know a little bit about proxy and some programming to become a "hacker", because the definition "hacker" is a computer programmer, at least thats what i've learnt from over 10years of studying computer programming/science. 

All of that puts us in a very hard situation, as because we will need to take care of our product users, their anonymity and safety. 

If the NerveGear becomes a real invention one day, there will be endless people hunting for hacking our product customers/users and network, seeking for the "source code" and files, after all there are just really fkd up people all around the world that are just jelous, or bigger companies that would not like the progressing of some other projects that could harm their business, they would rather have their own projects growing and no one harming their ideas/plans. Give me your ideas, I'm really dumb to think about this myself... Or actually no I'm not, but all of my thoughts up to now seem pretty dumb even for myself, but I'd like to see and read what you guys think about this, and maybe I'll also share my own ideas of what I have been thinking, I've made couple of security systems for my earlier projects and I think you guys would be interested in hearing about them ;) I'm really hyped about this thread now, I'm doing researches daily and I'll be as active as I can from now on, I think I've got plenty of time for helping this project progress. 

Edited by IsseiKun
Link to comment
Share on other sites

  • 5 months later...

Hi everybody ! I finally decided to register on the forum for trying to 'revive' this talk and also after watching the sao conversation ongoing (along with some tech and science stuff) on the website. As there is a lot of concern for doing this technology, I think we should proceed by elimination by finding all the problems the fulldive can occur and then suggest a solution and if it works,to do less talking about it because I have sometime the feeling the conversation go around in circle...

 

It's just a suggestion too, Im maybe wrong..

 

For the security thing,I think we should not let the hack probability fears us for two points: Like Craig (the admin)

said, if dev take the time and the hassle to develop the security, it can be unhackable or really near to. My second point is that we can just make mechanical limits. Example: in sao they kill the players by ' frying their head' with the sensors. The guys who design them just have to make them they can emit more than x signal even if you set the device to 10 k volt.

 

Also the ddos threat doesn't really exist: Ddosing a server or someone is like spamming them with a question and the worst case scenario will be that the server will shutdown or the player won't be able to have is internet connection for a little period of time. They could even be able to play solitaire offline if the dev is nice :P

 

 

Finally sorry for the broken English (taking courses this summer) and I hope you are still able to understand what I wrote.

Edited by Nalfein
Link to comment
Share on other sites

  • 4 weeks later...

Ok heres my idea for test subjects we go around to people who have stage 4 cancer and tell them with their help we can help more people and that way we would be in the clear(not trying to be offensive just thinking out loud)

For all practical purposes, you can’t legally experiment on humans, even with their consent, even when they are almost certainly near death, when there is any appreciable risk of harming them, without a lot of expert oversight. In the US, application for such research is handled by the NIH, in other countries, similar agencies. All countries are subject to ethical oversight by the UN.

 

The history of laws and regulation of human experimentation is long and complicated, and owes a lot to legal standards set after the prosecution of Germans who experimented on concentration camp inmates during WWII, and US CIA experiments done secretly during the cold war, which were later discovered and declared illegal. The Wikipedia article Human subject research and Human subject research legislation in the United States are a good starting place for more on this subject.

 

On a high level, I think this is a pretty good synopsis of human medical experimentation ethics:

  • It must be done by authorized people, meaning MDs
  • MDs must follow the Hypocratic oath, which bars them from doing harm, even when knowledge can be gained by it, regardless of how much more quickly knowledge can be gained than by other means.
  • Thus, before human experimentation can be done, everything possible must be done to assure the experiments are as safe as possible. Usually this consists of exhaustive technical research, publication, and review, then animal experiments.
  • Research can be expedited when it is likely medically help many people. For example, much money and assistance is currently being supplied to researchers seeking to use brain implants to heal US soldiers with brain injuries.
The only practical loophole I’m aware of to these laws is self-experimentation. Though arguably still not legal, because the potential victims and perpetrators of the crime are the same people, the crime is less actionable. Medicine has a long and illustrious history of self-experimentation to circumvent ethical barriers – the Wikipedia article self experimentation in medicine has more on this.

 

Self-experimentation is ethical only when the experimenter is highly qualified, however, meaning they are an MD recognized as expert in the resarch. Unless you’re an MD, and further an expert the research in question, you should never consider self-experimentation, nor encourage others to.

Link to comment
Share on other sites

  • 9 months later...

I was just thinking what would happen if the Nerve Gear had a limiter to try and stop addiction.

 

People would try and find a way around it but this would only a be a small percentage. (I think)

 

Considering that we're going to need an 'unbreakable' system to stop hackers from endangering the users life, the people who will be trying to get round the limiter won't be able to.

 

And if we don't use a limiter, we could have a really annoying 'alarm'  that comes up for 30 secs, every 2 minutes, if the user has been playing for a long time. LOL

 

Or we could secretly, make the game really slow and have lots of lag, if the user has been playing for a long time. That way, the user won't try and get round it because they don't know it's there. :innocent:

Link to comment
Share on other sites

I was just thinking what would happen if the Nerve Gear had a limiter to try and stop addiction.

 

People would try and find a way around it but this would only a be a small percentage. (I think)

 

Considering that we're going to need an 'unbreakable' system to stop hackers from endangering the users life, the people who will be trying to get round the limiter won't be able to.

 

And if we don't use a limiter, we could have a really annoying 'alarm'  that comes up for 30 secs, every 2 minutes, if the user has been playing for a long time. LOL

 

Or we could secretly, make the game really slow and have lots of lag, if the user has been playing for a long time. That way, the user won't try and get round it because they don't know it's there. :innocent:

Like the Halo 5 matchmaking! Where cheaters and trolls can be given bad reputation points and they'll eventually only be able to play with others just like them!

Link to comment
Share on other sites

Like the Halo 5 matchmaking! Where cheaters and trolls can be given bad reputation points and they'll eventually only be able to play with others just like them!

errr, what?

 

EDIT: Oh, I see.

 

The more I think about this idea, the more I like it. :)

Edited by CraigD
Link to comment
Share on other sites

As there is a lot of concern for doing this technology, I think we should proceed by elimination by finding all the problems the fulldive can occur and then suggest a solution and if it works,to do less talking about it because I have sometime the feeling the conversation go around in circle...

 

I've been told that by another member here. Unfrotunately it's true. As new people come, the same questions get asked (Maybe, just a theory)

Perhaps we could make a Google Doc (Though I don't trust Google much), which can be seperated into sections (E.G. Ethics, Security, Writing into brain, e.t.c) and then we can eliminate all the problems about the Nerve Gear like Nalfein said in real time.

 

Anyone up for it?

Link to comment
Share on other sites

I've been told that by another member here. Unfrotunately it's true. As new people come, the same questions get asked (Maybe, just a theory)

Perhaps we could make a Google Doc (Though I don't trust Google much), which can be seperated into sections (E.G. Ethics, Security, Writing into brain, e.t.c) and then we can eliminate all the problems about the Nerve Gear like Nalfein said in real time.

 

Anyone up for it?

I certainly wouldn't trust google, try reading their policies and terms of use. There was a time that by agreeing to use their software, you had to sell your soul to google. http://www.forbes.com/sites/greatspeculations/2012/01/27/be-prepared-to-sell-your-soul-if-you-use-google/#6e1ac6f17dc2

Google is quite the definition of conflict of interest, and putting any such info in a place that the worlds best search engine can find it is liable to be abused by said corporation. I would think that someone at google would maybe read some of what we and others like us have discussed if they decided to build an FDVR device themselves.

Edited by NotBrad
Link to comment
Share on other sites

Blimey! I knew Google was bad, but I didn't know they were that bad. :surprise:

 

I did do some reseach into alternatives for Google Docs earlier today and got a list:

 

hackpad, zoho, onlyoffice, etherpad, peepel, buzzword, huddle

 

(I think some you have to download. I'm not sure.)

Link to comment
Share on other sites

  • 2 weeks later...

For all practical purposes, you can’t legally experiment on humans, even with their consent, even when they are almost certainly near death, when there is any appreciable risk of harming them, without a lot of expert oversight. In the US, application for such research is handled by the NIH, in other countries, similar agencies. All countries are subject to ethical oversight by the UN.

<snipped to save page space>

 

 

This is one of the biggest issues with this sort of thing, and why there isn't a big team of 'alpha testers' lined up ready to test any form of DiveTech or 'FullDive'. Especially something that, despite not being directly invasive, from a legal standpoint *would* be invasive, is unstable at its best, and deals directly with the most complex part of the human body. Animal testing is my current theory on how to get things sorted once the immersive part of the system is implemented, although god knows that there'll be hurdles with that as well from a legal standpoint, not to mention greenies jumping up and down, and even moreso if something goes wrong (then they have every right to).

 

It's quite incredible to think how much was slipping under the rugs for the last ~thousand years when it comes to human based technology. Especially as you said, during WW2 and the Cold War. There's a fine line between knowing that morally and ethnically it is all completely wrong and disgusting, but also knowing that it probably jumped some of that technology forward 10 years, maybe more.

Link to comment
Share on other sites

So, this is a bit off-topic, but after reading a comment on another forum, I started thinking; if someone actually started developing something like this, would it all go to waste?

 

I mean, what if the device and/or project itself, got banned? Another thing which could be done is hijacking the device, and extending its range, which in return could possibly(?) be used to do crimes, like stopping hearts or shutting down people's brain non-invasively.

 

What do you guys think?

Link to comment
Share on other sites

So, this is a bit off-topic, but after reading a comment on another forum, I started thinking; if someone actually started developing something like this, would it all go to waste?

 

I mean, what if the device and/or project itself, got banned? Another thing which could be done is hijacking the device, and extending its range, which in return could possibly(?) be used to do crimes, like stopping hearts or shutting down people's brain non-invasively.

 

What do you guys think?

 

I don't think it would get banned completely. It might be banned for the general public but it could still be used for stuff such as military training and such (Things that don't require internet).

Regarding your stopping heart statement, I don't think that would be possible as we won't need to stimulate that part of the brain. But I get your point.

 

Perhaps we could have a system that can detect anomalies and immediately shut down the NerveGear if it detects one.

 

BTW, what do you mean by extending it's range?

Link to comment
Share on other sites

BTW, what do you mean by extending it's range?

 

What I mean is basically that because this is done non-invasively, there are no cables, which means it is going to send its signals "wirelessly". Everything that is wireless is pretty much a signal, and can be extended.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...