LAST WORD
Trading Places
U ntil the 1990s, stationary devices (tele-
visions) received their content through
the air while devices that wanted to be mobile
(telephones) received their content over fixed
cables. MIT’s Nicholas Negroponte predicted
that information going through the cables
(phone calls) would go through the air and
information going through the air (televi-
sion programs) would be delivered via cable.1
Negroponte called this “trading places.” He
was right, and the effect was profound.
Everywhere the talk is about “big data” and
how much better an instrumented society will be.
The cumulative sum of the curves for computing,
storage, and bandwidth is this: In 1986 you could
Daniel E. Geer Jr. fill the world’s total storage using the world’s total
In-Q-Tel bandwidth in two days. Today, it would probably
take something over nine months of the world’s
total bandwidth to fill the world’s total storage,2
but because of replication, synchronization, and
sensor-driven autonomy, it is no longer really
possible to know how much data there is. Deci-
sion making that depends or depended on know-
ing how much data there is is over.
Nevertheless, it is clear that the future will
be data rich and that the tools acting on that
data will be dual use. The classic triad of cyber-
security has long been confidentiality, integrity,
and availability, and we have heretofore pri-
oritized confidentiality as the pinnacle goal of
cybersecurity, especially in the military sector.
That will not be the case going forward, and not
N egroponte’s “trading places” was the
just because the rising generation has a relaxed
complacency about the tradeoffs inherent
to information sharing. In the civilian sector,
integrity will supplant confidentiality as cyber-
security’s pinnacle goal. In the military sector,
weapons against data integrity already far sur-
pass weapons against data confidentiality.
This trading places—this eclipse of confi-
dentiality by integrity—is solidly underway.
Already algorithms learn rather than being
taught. What they learn depends on what they
are fed and how their learning is scored. This is
behavioral reinforcement of a form that would
be entirely familiar to B.F. Skinner—you don’t
teach the subject the desired behavior, you
reward the subject for accidentally exhibiting
2 January/February 2018 Copublished by the IEEE Computer and Reliability Societies 
the desired behavior. You don’t look into the
mind of the human subject nor into the struc-
ture of the self-modifying algorithm, you just
look at the objective reality of their behavior,
per se. This is not so much humanity’s purpo-
sive creation of an intelligence but rather an
unforced error of assumption that a utile intel-
ligence will appear if given enough training sets.
It was three years ago when the count of
networked devices exceeded the count of
human beings.3 Qualcomm’s Swarm Lab at UC
Berkeley predicts 1,000 radios per human by
2025, while Pete Diamandis’ book Abundance
calls for 4531012 networked sensors by 2035.
These kinds of scale cannot be supervised; they
can only be deployed and left to free-run. If any
of this free-running is self-modifying, then the
concept of attack surface is just plain over as is
the concept of trustworthy computing, at least
as those two are presently understood. Their
data inputs are what control them, not their
code. Protecting confidentiality when data is
coming from 103 radios per person is as irrel-
evant as it is infeasible, but protecting its integ-
rity had better be doable, and all the more so if
algorithms are data-fueled black boxes that are
not obligated to give you an answer when you
ask why they made such and such a decision.
story that defined the previous decade.
Cybersecurity’s “trading places” will be the
story that defines next one.
References
1. G. Gilder, “Into the Telecosm,” Harvard Busi-
ness Review, Mar./Apr. 1991; https://hbr.org
/1991/03/into-the-telecosm.
2. M Hilbert, “World’s Information Capacity PPTs,”
www.martinhilbert.net/WorldInfoCapacity
PPT.html.
3. D. Geer, “Implications of the IoT,” USENIX;
login:, Dec. 2016; geer.tinho.net/fgm/fgm.geer
.1612.pdf.
Daniel E. Geer Jr. is the chief information
security officer of In-Q-Tel. Contact him at
dan@geer.org.
1540-7993/17/$33.00 © 2018 IEEE