This post is sponsored by FIRE - the Foundation for Individual Rights and Expression - an organisation defending free speech on all sides and in all forms from books to code, learn more at FIRE.org

Software that automatically finds security vulnerabilities in computer systems - such as Anthropic’s MYTHOS - feels like another disorienting and unprecedented development wrought by AI.

Interestingly though, this moment isn’t completely without historical parallel…

31 years ago - in April 1995 - a program called ’SATAN’ (Security Administrator Tool for Analyzing Networks) was released publicly. Its utility: automatically detect network security vulnerabilities on a then nascent internet. When the network security experts behind SATAN - Dan Farmer & Wietse Venema - announced its impending public release in March of that year, panic ensued…

Handing a cyber super-power to anyone and everyone felt to many irresponsible - criminal even - after all, the encryption wars were still raging and encryption software remained under export controls, as well as computer hardware over a certain power. Why was SATAN any different?

How did Farmer and Venema justify giving unrestricted open access to SATAN? Their stance was it would be a net positive for online security by spurring network admins to patch known vulnerabilities and find new ones: security via decentralized power, rather than centralized.

While created for security defence, the emphasis in the press was on its offensive use by hackers… it should be noted, the panicked reception to SATAN was invited: the programs name was deliberately provocative, as was its satanic logo created by author Neil Gaiman, a friend of Farmer’s. It was all designed to attract attention, seemingly a trollish homage to satanic panic in broader culture, helped no doubt by Farmer’s heavy metal frontman aesthetic.

If the branding wasn’t enough to stoke fear, Farmer also revealed to The New York Times that SATAN was now in the hands of world infamous hacker Kevin Mitnick who had stolen a copy during a cyber intrusion. The cat was out the bag now and it wasn’t clear how many copies were in the wild - casting doubt on the idea the software could be safely contained and controlled by higher authorities.

Farmer acknowledged the risks and potential harms of allowing broad uncontrolled access to SATAN, but believed it was for the greater good of cyber security - shaking complacent network security administrators from their slumber. If every network administrator had access to SATAN, then the Kevin Mitnicks of the world would find fewer vulnerabilities and in the long run the internet would be more secure.

It was a stance that would see Farmer dismissed from his job at Silicon Graphics shortly after the Justice Department threatened to open an investigation into the company according to a PC mag report. Farmer would soon find a new job at Sun Microsystems.

SATAN would release on April 5th, 1995 - Farmer’s Birthday - seeing a surge of downloads (10,000+ in a few weeks) by anyone - anywhere in the world with an internet connection. Don’t forget: instant global distribution of a powerful new duel-use technology was historically unprecedented. People braced for chaos… some were more skeptical, Joshua Quittner at Time Magazine predicted SATAN would be the ‘Michelangelo of 1995’, referencing an earlier unfounded panic about a computer virus. It aged well.

In the press Dan Farmer had been cast as the wild haired poster-boy of cyber-anarchy, a sort of digital anti-christ, promising safety while supposedly unleashing the digital apocalypse. Fitting then, that his arch nemesis and loudest public critic was Donn B. Parker - committed Christian and veteran computer security expert who predicted the digital end times precipitated by SATAN.

Parker advocated a more careful, centralized and controlled approach to distributing the software - much like encryption at the time. It was a rivalry the LA Times would profile in a multi-page spread titled ‘High Noon in Cyberville’ in May 1995, a month after SATAN was released.

The piece’s subtitle would set the scene: “One is the father of SATAN and the other wants to send SATAN back from whence he came.” In Parker’s view, Farmer was inspired by the ‘infantile’ cypherpunk hacker culture that believed “all information wants to be free.” Parker would compare Farmer’s cyber-anarchy approach to handing out free rocket launchers at local schools and libraries:

Dan Farmer would retort, summarizing Parker’s stance as thinking “certain technological tools or knowledge are too powerful for mere mortals, and must be kept, like magic swords, in the hands of “the computer gods”, seeming to evoke the Greek myth of Prometheus. He would interpret Parker’s view as a general distrust of people with information, positing “controlled dissemination of information doesn’t work.” Donn Parker would concede to the LA Times that - a month after SATAN’s release - his dire predictions had yet to come true, suggesting it was only a matter of time before they did.

The internet was never “completely wrecked” as Parker predicted, though it also didn’t become as secure as SATAN’s creators might have hoped. The following year - in 1996 - the CIA’s website was hacked, with its name changed briefly to the “Central Stupidity Agency.” Later that year Dan Farmer would release a report that audited thousands of websites using SATAN, revealing unpatched vulnerabilities - generating a new round of headlines.

In 1997 Farmer would give testimony in a US House Science Committee hearing on cyber-security, continuing to sound warnings about online security systems - warning newspapers and wire services were vulnerable to hackers running fake headlines and influencing the stock market.

If only SATAN could have patched the vulnerabilities it helped find in the 1990s, like MYTHOS can today. If only MYTHOS was available to every network security administrator to help find vulnerabilities, like SATAN was then - for now it will be kept like "magic swords, in the hands of “the computer gods.” Is there a lesson to learn from Dan Farmer’s cypherpunk fable? Or is it different this time?

Share

This post is sponsored by FIRE.org - the Foundation for Individual Rights and Expression - an organisation defending free speech from all sides, in all forms from books to code.

If you read Pessimists Archive, you know the pattern: new technology arrives, new ideas spread, public anxiety spikes, and powerful institutions look for ways to control what people can say, read, publish, teach, or promote…

FIRE fights this type of censorship in every public arena - from campus speech codes and book bans to government pressure campaigns, online censorship, AI policy, and recurring efforts to decide which ideas are safe enough for public life. FIRE also produces essays, podcasts, videos, interviews, and original reporting for people who care about free inquiry and want to understand how censorship actually happens.

If you’re a fan of Pessimists Archive, you’ll love what FIRE is doing. For more from FIRE, check out:

• Expression — FIRE’s publication on free speech, censorship, law, technology, & culture

  Expression

  What does AI have to do with the First Amendment?

  We’re kicking off a series of essays answering your questions about free speech and AI, with this essay establishing a bedrock reality at the center of the First Amendment’s relationship with AI: The technology is increasingly influencing the future of communication, information exchange, and knowledge creation…

  Read more

  8 hours ago · 7 likes · Tyler Tone

• So to Speak - FIRE’s podcast on free expression and the First Amendment

  So to Speak: The Free Speech Podcast

  Ep. 271: Minecraft, censorship, and threats to press freedom with Clayton Weimers

  Editorial note: This conversation was recorded on Friday, April 24, the day before the White House Correspondents’ Dinner. Both Nico and Clayton attended the event, where a gunman breached security and opened fire before being apprehended…

  Listen now

  2 months ago · 4 likes · 1 comment · Nico Perrino

• Support FIRE - Help defend free speech, open inquiry, and independent debate.

PessimistsArchive.org os also open to taking tax deductible contributions via surrogate nonprofits, email for more information.