going through the motions of making sure the hashes weren’t publicly available would have been just virtue signaling
Yes. That’s what I meant by “the sort of thing to do as part of the spirit of the game”: in an actual nuclear (or AI) application, you’d want to pick the straightforwardly best design, not the design which was “something like an hour faster to get things going this way”, right?
So as part of the wargame ritual, maybe you should expect people to leave annoying nitpicky comments in the genre of “Your hashes are visible”, even if you don’t think there’s any real risk?
Does that seem weird? For more context on why I’m thinking this way, I thought last year’s phishing attack provided us with a very valuable and educational “red team” service that it’d be fun to see continued in some form. (“Coordinate to not destroy the world” is an appropriate premise for an existential-risk-reduction community ritual, but so is intelligent adversaries making that difficult.) I’m not personally vicious enough to try to get the site nuked, but putting on a white hat and thinking about how it could be done feels on-theme.
your comment is a straightforward misapplication of security mindset. [...] There is no point in pursuing a security mindset if you are virtually certain that the thing you would be investing resources into would not be your weakest attack point.
“Misapplication” meaning you think I’m doing the security thinking wrong, or “misapplication” meaning you think the security thinking isn’t appropriate given the context and costs? I think it’s desirable to separate the security analysis (this-and-such design is safe against such-and-this class of attacks) from the project-management analysis (this-and-such design would cost an extra hour of dev time which our team doesn’t have); external critics are often in a position to say something useful about the former but not the latter. (Although, unfortunately, my comment as written didn’t successfully separate them: “the sort of thing to do” is most naturally read as an implied policy recommendation, not a just-the-facts threat analysis. Sorry!)
Yes. That’s what I meant by “the sort of thing to do as part of the spirit of the game”: in an actual nuclear (or AI) application, you’d want to pick the straightforwardly best design, not the design which was “something like an hour faster to get things going this way”, right?
So as part of the wargame ritual, maybe you should expect people to leave annoying nitpicky comments in the genre of “Your hashes are visible”, even if you don’t think there’s any real risk?
Does that seem weird? For more context on why I’m thinking this way, I thought last year’s phishing attack provided us with a very valuable and educational “red team” service that it’d be fun to see continued in some form. (“Coordinate to not destroy the world” is an appropriate premise for an existential-risk-reduction community ritual, but so is intelligent adversaries making that difficult.) I’m not personally vicious enough to try to get the site nuked, but putting on a white hat and thinking about how it could be done feels on-theme.
“Misapplication” meaning you think I’m doing the security thinking wrong, or “misapplication” meaning you think the security thinking isn’t appropriate given the context and costs? I think it’s desirable to separate the security analysis (this-and-such design is safe against such-and-this class of attacks) from the project-management analysis (this-and-such design would cost an extra hour of dev time which our team doesn’t have); external critics are often in a position to say something useful about the former but not the latter. (Although, unfortunately, my comment as written didn’t successfully separate them: “the sort of thing to do” is most naturally read as an implied policy recommendation, not a just-the-facts threat analysis. Sorry!)