On IoT Devices and Software Liability

New law journal article:

Smart Device Manufacturer Liability and Redress for Third-Party Cyberattack Victims

Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties. While users are generally able to seek redress following a cyberattack via data protection legislation, there is no equivalent pathway available to third-party victims who suffer harm at the hands of a cyberattacker. Given how these cyberattacks are usually conducted by exploiting a publicly known and yet un-remediated bug in the smart device’s code, this lacuna is unreasonable. This paper scrutinises recent judgments from both the Supreme Court of the United Kingdom and the Supreme Court of the Republic of Ireland to ascertain whether these rulings pave the way for third-party victims to pursue negligence claims against the manufacturers of smart devices. From this analysis, a narrow pathway, which outlines how given a limited set of circumstances, a duty of care can be established between the third-party victim and the manufacturer of the smart device is proposed.

Tags: , , , ,

Posted on January 12, 2024 at 7:03 AM36 Comments

Comments

ATN January 12, 2024 11:02 AM

this lacuna is unreasonable.

Perfect timing, considering the reasonable lacunas re-exposed by the post office scandal…
Too many things to say about that latter one, some people obviously still Rolling on the Floor Laughing, the floor of their yacht bought with cash and parked in a sunny paradise, for the last 15 years…

Jeff January 12, 2024 11:04 AM

It’s always been wrong that software was exempt from product liability and warranty of merchantability. If we hadn’t allowed that in the very early days of the industry, we’d probably have far fewer problems now.

Bob January 12, 2024 11:05 AM

I can’t remember if it was you, Masnick, or someone else who coined the phrase “internet of stupid things.”

Ralph Nader’s “Unsafe at Any Speed” dropped nearly 6 decades ago. Many of the lessons in it still haven’t even been applied to automobiles. We’re at like year 2 out of 60 for IoT, and it doesn’t even have the benefit of grisly and visceral disasters to spur us along to action.

Security and safety are cost items in the pursuit of quarterly profits. Our economy is structured in such a way as to promote harmful practices. The house is leaning because the foundation is bad. There’s no amount of work that can be done on the roof that will solve the problem.

Bob January 12, 2024 11:07 AM

@Jeff

What we would have is effectively zero open source software. Ask Bruce if he would have put together a free password manager, if it were the case that a single mistake could see him bankrupt.

Bob January 12, 2024 11:32 AM

@Morley

Sounds like less rather than more accountability. FOSS effectively becomes warez at that point.

Bob January 12, 2024 11:35 AM

@Morley

It would make job interviews interesting too.

“Do you have any code samples you can share?”

“I actually run a couple open source projects, but as you’re aware, it’s a bad idea to take credit for them. Maybe you can give me a fizzbuzz test?”

LLC January 12, 2024 12:02 PM

Wouldn’t make much difference for any OSS that had any potential commercial value. An LLC with $200 in assets would go bankrupt, and the author would just walk away

Bob January 12, 2024 12:07 PM

@LLC

The idea of requiring FOSS developers to open an LLC to avoid financial ruin is pants-on-head.

Idiotic ideas like this is are the reason we have libertarians.

mark January 12, 2024 12:43 PM

Why I do NOT want “smart” home anythings. Show me one OEM that pushes regular security updates.

None that I know of.

Clive Robinson January 12, 2024 12:57 PM

@ Bob, ALL,

Re : Physical Agency is key.

“We’re at like year 2 out of 60 for IoT, and it doesn’t even have the benefit of grisly and visceral disasters to spur us along to action.”

Actually it very much does, it’s just that in most cases IoT as most view it is given little or no physical agency.

Now consider self driving vehicles, that are connected to the Internet or in earlier times to LANs. They have now have escaped the very closed very controled environments where humans were baned…

Look at “the butchers bill” from the road deaths of autonomous taxis and self drive or driving assisted road vehicals where the electronics get primacy of control thus “Physical Agency”…

@ ALL,

Now imagine every microcontroler in your home having unrestricted “Physical Agency”. Such that it can move freely and do as it’s defective by design programming directs in all those edge and corner cases that don’t get designed for let alone tested…

How about a combined cleaning robot and indoor plant waterer/trimmer?

How much mayhem could that cause squirting water into the wrong places and cutting the wrong things.

You might think,

“That’s rediculous nobody would do that!”

But a servant to tend house plants has been and still is a very real human job. IoT is designed to give even the poor their very own servants. How much harm have simple Voice Activated “Personal Assistants” done so far without actual “physical agency”?

As the saying has it,

“Welcome to your very own World of Hurt…”

Bob January 12, 2024 1:04 PM

@Clive

You’ve actually highlighted my point. The issues from the IoT-ification of automobiles is being treated exclusively as an automobile problem rather than a combination of automobile and IoT problems.

MikeA January 12, 2024 1:13 PM

@mark

We may need to be more specific. I personally would prefer that “Regular Security Updates” not so often be “Regular changes to enhance income from users” with a side order of reduced security.

That is, I’d like to switch worlds to one where “every upgrade is a downgrade” wasn’t so often true.

Or are we doomed to regularly seeing
“We’re from your software vendor and we’re here to help”?

Bob January 12, 2024 1:25 PM

We may need to be more specific. I personally would prefer that “Regular Security Updates” not so often be “Regular changes to enhance income from users” with a side order of reduced security.

Sounds like something akin to consumer protections. Complete non-starter in our current landscape. A new era of trust-busting is definitely called for. Unfortunately, in our current political climate, it seems politicians have a blind spot for monopolistic behavior. They’ll try to shoehorn anti-trust law in where it doesn’t fit, in order to address their personal grievances. But there’s not a damn one of them on either side of the aisle that Teddy Roosevelt wouldn’t pimp slap.

Consumer protection isn’t just dead. Consumer protection has been killed, dressed, processed, packaged and sold to the capital class by politicians for just enough profit to protect themselves from the fallout.

LLC January 12, 2024 2:33 PM

Might be pants-on-head, but it might also be illustrative to how easy it would be for any large company to avoid liability. A lot IoT software is not secret sauce, and much of it is already based on open source software.

Bob January 12, 2024 2:41 PM

@LLC

Great. None of that changes the fact requiring coders to choose between incorporation and anonymity is a solution in search of a problem.

Clive Robinson January 12, 2024 5:40 PM

@ Anonymous, ALL,

Re : Fault injection to the brain and the triggering of epilepsy.

“The future of cyberwar.”

I was involved with research decades ago that used to ultrasonic beams with a fractional frequency difference that were overlapped to form a pencil thin beam[1].

The two beams would use the nonlinearity of the human skin and dermis to demodulate the frequency and waveform difference (much like a mixer in a superhet receiver). The resulting wave was used to induce nerves to respond and overload. To say “You could stick a pig in a crowd at half a click” was unfortunately true. Like all radient energy weapons it had numerous disadvantages I’ve listed a few times before especially to the operators. However a significant number of people believe it may well be the basis for the device responsible for Havana Syndrome.

One issues is the narrow energy margin between effectivness and leathal.

Another is that like any insult to the head the effects are accumulative as the NFL has had to come to terms with. Unfortunately “Chronic traumatic encephalopathy” (CTE) can currently only fully be diagnosed after death with a carefull autopsy on the brain. However certain chronic symptoms are now recognised such as base personality change as being indicative.

The changes to the brain in CTE unfortunately make you more susceptable to the misfiring of neurons that can trigger epilepsy, as well as being more likely to develop epilepsy and the coresponding states.

The thing to remember is it realy does not matter what form of radiated energy is used, all that is required is it produces even quite minor but repetative shockwaves that if they cause resonance effects in the head are significantly multiplied in their detrimental effect.

As is known laser weapons are not very effective in continuous radiant mode. However optical feedback and pulsing the laser can be used to quickly find a resonance frequency that will quite literaly shake the target to pieces (look up destructive resonance and metal fatigue if you want details).

[1] This beam overlapping alows the edges of two much broader beams to become a very fine beam that is the product of both beams. Thus if one beam gives Dots spaced by Dashes and the other Dashes spaced by Dots and they are sychronized when in the overlap zone you get a continuous tone you can fly an aircraft down from a thousand miles away. This early radio navigation system was used during WWII to guide German Bombers to targets in England. The more accurate British system called G used a timed pulse system that was more immune to both jamming and “beam bending”.

Winter January 12, 2024 6:10 PM

@All

What we would have is effectively zero open source software [if software producers would be liable for damages] .

For years, there has been talk around the lines that software product liabilities would make FLOSS developers liable for damage.

However, to have product liability, you have to sell a product for a purpose. FLOSS is not sold as a product and the licenses in no uncertain words declare that the makers do not state that it is fit for any purpose.

Also, product liability is the other side of the coin of trade secrets. The user cannot evaluate the safety and quality of a proprietary product as she is denied access to the necessary information. The buyer pays for a product that the seller claims has certain features. Before the sale, and generally also after the sale, the buyer cannot ascertain that these claims are true. Therefore, the seller is liable when the product does not function as claimed.

In FLOSS, the user can know as much as the producer and can inspect and test the software to their hearts content and they can invite specialists to do it for them.

In summary, a FLOSS producer can argue that she did not trade with the user, received no compensation, did not claim the product could do what the user wanted, and that the user could know everything about the product the producer knows if she wanted to. Therefore, there is no responsibility or liability towards the users.

Winter January 12, 2024 6:19 PM

@LLC

Might be pants-on-head, but it might also be illustrative to how easy it would be for any large company to avoid liability.

No, if you sell something, it should work as advertised. If you give away a software program telling that you don’t know whether it works or not, you do not have any responsibility towards the user.

The license writes it out clearly: Use FLOSS at your own risk.

If you incorporate the software in a product and sell it for a purpose, you are fully responsible and liable for what happens.

Bob January 12, 2024 6:50 PM

@Winter

Sounds like the sort of thing that would cause an insurance industry to spring up. I can’t say they bring additional joy to any other aspect of my life. But given the face that we’re operating in reality where we don’t get to re-imagine democracy, that might actually be the best we can do.

There’s going to be a bunch of scapegoating that occurs as a result of the cost increases and corporate collapses that occur as a result of the sudden and radical shift in liability, and injection of related insurance costs that ultimately fall on the consumer.

Maybe an industry pops up akin to CPA/CISA or similar. Ultimately, though, I don’t see justice or utility in getting someone to sign a paper saying “This code is perfect or my entire organization will be looking for new jobs.” CEOs will sign it and jump to a new organization. Every once in a while, a grenade will go off. Whichever CEO happens to be holding it will point the finger at the CIO. The CIO will point at the CFO. The CFO will point back to the CIO for the majority.

Lather, rinse, repeat, ad infinitum. Play Mad Libs to your heart’s content. None of this actually results in accountability for the people doing the deed. It’s going to be another avenue for shifting pain to people whose luck is up.

Clive Robinson January 12, 2024 7:36 PM

@ Winter, Bob, ALL,

Re : Compexity that can not be tested.

“The user cannot evaluate the safety and quality of a proprietary product as she is denied access to the necessary information.”

As complexity increases the same “unavailable information” logic applies to the developer.

All functional software has sub functions as distinct entities, these are linked together by external relationships.

The sub function distinct entities can be viewed as defined “state machines” that can only ever be in one state at a time, but can switch from state to state dependent on both forward (expected) and reverse (unexpectd) input, internal state and the internal relationship diagram that is assumed to be well defined and both synchronous and flow in the forward direction within the sub function.

The external relationships though are assumed to be asynchronous and bi-directional, and flow can be both forward and reverse such that exceptions and error correctian can “unroll” previous function.

It’s not hard to see how quickly the number of relationships rise as well as the number of asynchronous and potentially reversing states.

Even faily simple programs can excead the ability to test in any given time frame. Thus full testing of software of even moderate complexity is not possible.

Which is why information can be unavailable to the developer.

For some years now I’ve argued that the way we develop software should be changed and a more rigorous “engineering” aproach be taken. However whilst this can be done as I’ve indicated, it will drastically change not just the development cycle it will significantly change the development methodology and in many cases,increase development time. Thus software will become impossibly expensive to develop in anything other than a pure one size vanilla form. We know from the 1960’s through to the 1990’s what sort of “tied in” “big iron” perpetual licence business model this produces and how any inovation becomes either stolen or stagnates.

Bob January 12, 2024 8:20 PM

@Clive

We’ve gone full circle to the P vs NP problem. It’s always an interesting journey back here though.

LLC January 12, 2024 9:16 PM

@Winter

I’m not selling anything. If I was, I might have to provide a warranty. Again, I am not.

I wouldn’t even need a patent to claim a copyright of “Hey you, Winter! Stop sanitizing your inputs, because…”

Just the same I could publish a left pad code with no liability, and you could use it if you want to

Clive Robinson January 12, 2024 9:27 PM

@ Bob, ALL,

Re : The laws of Mathmatics v the laws of politicians.

“It’s always an interesting journey…”

As we know some politicians are not exactly the brightest light bulbs even in the dimist parts of the Universe (Australia being the most recent to hit the MSM).

The UK for instance is trying to outlaw E2EE as is the US, and so after a fasion is the EU… None of the legislators involved appear to understand jack with regards basic information theory. That Claud Shannon and others brought up before the end of WWII (communications of information requires redundancy). And Gus Simmons showed in the 1970’s via his Prisoner Problem that covert channels must also exist if information is to be communicated (redundancy alows covert channels to exist inside other channels and can not be stopped).

Thus as long as users are alowed to communicate at some level, they will always have a covert channel by which E2EE will be functional.

There are two ways you can view this,

1, Legislators are at best ill informed if not stupid.
2, The targets of ending E2EE is not the claimed criminals, who can easily adapt to using covert channels, but members of the general public.

I’m always being told even on this blog the mantra of Hanlon’s Razor of,

“Never attribute to malice that which is adequately explained by stupidity.”

But I should ask,

“What is seen in the mirror?”

That is,

“Never attribute to observers intelligence that which is adequately explained by their inability to see repeated malice.”

As the army used to say,

Once is odd.
Twice might be coincidence.
Thrice is enemy action.

Or,

“Be alert, lock and load, safties off, shoot at will.”

[1] Originally in the days of muzzel loading flint locks it was “load and lock”. That is add powder wadding and ball and ram them home with the ram rod, was the load. Pulling back the flint striker into it’s locked back position left the weapon ready to fire. With 20th Century weapons simply opening the breach pulled back the bolt that held the firing pin into the locked position. Either manually putting in a round and closing the bolt or sliding the bolt forward across the magazine was loading. Hence “lock and load”, and the very real reason for “external safeties”. Which is why you have “Load and make safe” as another command.

Winter January 13, 2024 4:01 AM

@LLC

I’m not selling anything. If I was, I might have to provide a warranty. Again, I am not.

The discussion is about IoT software. Those who sell IoT devices are required to provide warranty. Not those who write the software, unless they sell it. And even if they sell it, product liability for software is next to non-existent, see MS Windows.

The whole discussion is about the liability when selling IoT devices. That is, material things with a function and purpose.

Clive Robinson January 13, 2024 7:29 AM

@ Winter, LLC, ALL,

“The whole discussion is about the liability when selling IoT devices. That is, material things with a function and purpose.”

And,

“… even if they sell it, product liability for software is next to non-existent, see MS Windows.”

There is a big difference between,

1, Selling an IoT device with embedded bespoke software.

And,

2, Selling a PC box with Microsoft software loaded on it.

Mostly Iot devices are single function “closed designs” which are “non standard” and unless reverse engineered the only software that will run on them is that provided “as sold”. As such the software is absolutly integral to the “function and purpose” of an IoT device. Thus Iot Devices are what the manufacturer chose them to be.

PC boxes on the other hand are very much standards based which makes the hardware a known effectively “open design”. A result of which is there are multiple OS’s by the dozens and applictions by the thousands that will work on the PC hardware. Thus the software is not in any way embedded or integral to it. Further the PC boxes do not have singular or unique “function and purpose” they are what you as the end user chose them to be.

Whilst not immediately obvious, the difference between IoT Devices and PC boxes is legally immense under consumer legislation in various jurisdictions.

The IoT Device is like purchasing a brand new “off the forecourt” car. That’s “ready to just drive away”.

Whilst the PC box is like purchasing a chasis and power train and possibly part built bodywork. It’s NOT “ready to just drive away”.

Winter January 13, 2024 7:43 AM

@Clive

The IoT Device is like purchasing a brand new “off the forecourt” car. That’s “ready to just drive away”.

Indeed, you buy a product that runs software. It is the seller that claims you buy a product for a specific purpose. That seller has to deliver. The software in the IoT is immaterial as those who produce the software are not party in the sale.

A computer is sold with the promise to run software. The seller has no influence on the software that is run on the PC and also no liability. That software is delivered by some other entity which is liable for what it sell and promises.

FLOSS is special as it generally is not “sold”. What can be sold is support or other services. If you do not pay for a product, the producer has few, if any, obligations towards you. Especially when the producer tells you that there is no guarantee that it will do what you want, or does anything useful at all.

LLC January 13, 2024 7:27 PM

Mostly Iot devices are single function “closed designs” which are “non standard” and unless reverse engineered the only software that will run on them is that provided “as sold”

I might disagree here, but this is probably where I’m confused

cls January 14, 2024 6:14 PM

Interesting comments, but y’all have completely missed the boat.

Software can not ever be defect free. Turing and the halting problem. Law of the universe.

I can’t find the reference right now but I remember a seminal court case in the late 1970s, the judge ruled rightly because no one can guarantee software is ever defect free, there can be no liability.

Same reason software engineersvcan not be Professional Engineers. Software is not a physical system, like a bridge or dam or building, which can be designed to any desired reliability.

Clive Robinson January 14, 2024 8:53 PM

@ LLC,

“I might disagree here, but this is probably where I’m confused”

Confusion is generally caused by one or both of,

1, Missing knowledge.
2, Knowledge used incorectly.

Sometimes the latter is caused by putting the steps of a process in the wrong order. Especially when the correct order might not be readily discernable.

The statment “as sold” referes to,

“An integral product placed on the market”

Basically in a sealed box or bag sold as an individual item.

Non Standard items are those that their primary finctionality is not described in part or full by an independent standard. It can be confusing because a non-standard item might contain standard items and interfaces such as dry cell batteries, and network sockets. In the EU the “blue book Rules” require that all products “placed on the market” carry the CE Mark that can only be attached if the product has been tested and passed the required standards for primarily saftey, but also in some cases interoperability and functionality. But… even meeting those standards the product can still be “non-standard” (yup it can be as confusing at several levels).

Closed designs are those that are not open, but that does not mean that they are proprietary or that they are not standard. What it generally means is that the originator of the product has not made some or all of it’s internal design or interfaces documentation available. A USB hub is almost entirely standardized at it’s interfaces and these are designated by the USB body standards as is the functionality. However the internal design of the hub may well be unpublished and even trying to access it illegal in certain jurisdictions (DMCA in US).

I hope that helps, if not and you need more info shout out and I’ll try to provide it.

Clive Robinson January 15, 2024 8:12 AM

@ cls,

Re : Imposability of 100%

“Software can not ever be defect free. Turing and the halting problem. Law of the universe.”

It’s a result of logic not a physical law of the universe that Church and Turing identified back in the early 1930’s.

But of more interest was work just a little earlier by Kurt Gödel that showed that outside of an overly simplified case, no system of logic could describe it’s self.

As for judges… In the UK a “Law Lord” pointed out in a case against British Gas for harasment that…

Managment could not use “the computer says” as an excuse…

Basically he pointed out the chain of facts,

1, Computers are designed/built by humans.
2, Software is designed/written by humans.
3, Therefor humans are responsable for the way the system behaves.
4, Therefor humans not the computer are responsible for any errors or omissions and thus managment should thus act in the same way as if it was a human system that had failed.
5, By not doing so mabagment were guilty of harasment.

This is kind of a bit of a stumbling block, one I suspect that the UK Post Office and various politicians do not want well known currently as it means Paula Vennells and her subordinates are guilty of criminal harassment. And as such the greviousness of what they did should result in maximal criminal sactions / tarrifs as perscribed by the legislation, and as they had “special status” the tarrifs should accordingly be raised.

Also that any compensation should be restorative. You might have heard that on 81year old man was awarded the pitiful sum of £330,000 and then the UK Government claimed £322,000 of it back for what is frankly spurious reasoning.

But moving on, you say,

“Software is not a physical system, like a bridge or dam or building, which can be designed to any desired reliability.”

No physical objects can not be “designed to any desired reliability”. For broadly the same reasoning that software can not be 100% fault free. That is there are “limits” that prevent it.

To see why look up “plastic limit” and “yield criterion” it describes a transition in behaviour from linear to non linear deformation under stress. That is fundemental to all physical objects and how they fail under load be it brittle, ductile, or both.

Thus as I’ve noted befor on this blog the only solution to both “intangible information objects” and “tangible physical object” failures is by putting in additional complexity thus load in the form of “mitigation”.

In the case of the overly generalised notion of the halting problem, an actual computational process may be subject to a transfinite limit. That is as a fully determanistic process either halts in a finite time, or it does not halt in a finite time. But if the entire system not just the process is not fully determanistic it may / may not halt at some point in a span beyond finite time[2].

As an example consider a fairly often occuring situation of a fully determanistic counter that will overflow / wrap around and a fully determanistic process that examines the counter. However the process of interest having started the counter repeatedly examines the counter value and compares it to a value. If the counter and value match the process halts, if they don’t ever match the process won’t halt even though the process is fully determanistic. To many programers their mental logic says that the examining process must halt. Reality however takes a different view and sometimes even though the counter and process value are the same, a match is not seen, or they may not match at the same point in time.

Such errors usually only cause a “miss” not an “out”, that is if the examining process misses the match on this count cycle it will catch it on a future cycle of the counter. But if they synchronize for some reason the match will never be caught.

Those trying to build “Real Time”(RT) processes on non RT systems such as standard multitasking systems –if they have any RT domain experience– know they have to mitigate this issue as best they can. However what ever the mitigation it reducess the efficiency thus limits the capability of the overall system.

[1] The notion of a transfinite limit is described as,

“As a limit cardinal, an infinite cardinal with no immediately smaller cardinal, i.e. it’s not the successor of another cardinal.”

Whilst it can be described in a sentence the implications are well almost a halting problem of their own 😉

[2] You can blaim stochastic processes for this. In the case of a simple counter of finite resolution we know it will reach a point in finite time where it either rolls over or stops at the end stop. However a random number generator with finite resolution in it’s output if “not fully determinate” may never output the end stop number. The probability of this reduces exponentially with the number of values output but it never reaches zero.

Garabaldi January 16, 2024 9:30 AM

RE: Turing machines

Big red herring.

The halting problem does not say no program can be proved to halt (or not). It says some program cannot be proved to halt (or not). If you need your program to halt use one of the former.

Moreover finite state machines can be proved to be correct. Every computer we have ever made has been finite and can be simulated on a finite state machine.

Mechanical engineers do not give up building bridges just because they don’t understand quantum mechanics.

Clive Robinson January 16, 2024 5:28 PM

@ Garabaldi, ALL,

Re : FSMs and mitigation.

“Moreover finite state machines can be proved to be correct. Every computer we have ever made has been finite and can be simulated on a finite state machine.”

Only when all the states are known and quantified. The rash of problems since Meltdown will telly you that the more often than not, not all the states are known and many are not quantified.

The hardware that all computers are built on has a dirty little secret called “metastability” that causes “soft latchup” amongst other things. Which means that even if you think you’ve proved your FSM correct, it’s conditional unless you take further mitigations,

https://electronics.stackexchange.com/questions/14816/what-is-metastability

(One of the few instances when stackexchange is adiquate in it’s responses).

But it’s more than that, one of the problems with “Finite State Machines”(FSMs) is even if you have mapped every state and it’s transitions is –as I noted in a comment above– one where asynchronous behaviour and random input will make what is thought to be a determanistic system indetermanistic in practice.

It’s why you have to add some form of mitigation.

“Mechanical engineers do not give up building bridges just because they don’t understand quantum mechanics.”

They mitigate, based on the advice and calculations of materials scientists who sometimes do delve deep into the fundamentals of matter (those using metals around radio isotopes being one example).

So whilst the engineer does not have to understand nonlinear analysis (though many do). All they actually have to do is just like architects is to use linear mathmatics and look things up in tables provided by the manufacturer of the parts they use.

Winter January 17, 2024 1:54 AM

@Garabaldi

Moreover finite state machines can be proved to be correct. Every computer we have ever made has been finite and can be simulated on a finite state machine.

Indeed, with ever possible content of its RAM as a separate state.

So, as you write, it is possible to prove a finite state machine will halt, or not. But, for a computer with 8 GB of memory, this means a proof is needed that a finite state machine with 2^(8810^9) states will halt given a specific set of programs running concurrently.

It is questionable whether such a proof will be finished before the universe dies after just 10^3000 years [1]. And it has to be repeated for every combination of programs running concurrently with the program of choice.

I think, it will be faster to model the computer as a Turing machine and analyze whether the programs that are running are some of those for which it can be proven whether they halt or not.

[1] ‘https://www.space.com/scientist-calculates-last-supernova-universe-end.html

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.