Re: I need a system the U.S. government cannot 'hack'
From: Proprietor_PER_Ltd (ProprietorPERLtd_at_discussions.microsoft.com)
Date: 11/29/05
- Next message: Proprietor_PER_Ltd: "Re: I need a system the U.S. government cannot 'hack'"
- Previous message: Laura \( '_' \): "Re: XP internet security broken"
- Maybe in reply to: Lanwench [MVP - Exchange]: "Re: I need a system the U.S. government cannot 'hack'"
- Next in thread: Mark Randall: "Re: I need a system the U.S. government cannot 'hack'"
- Reply: Mark Randall: "Re: I need a system the U.S. government cannot 'hack'"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Nov 2005 07:46:04 -0800
First, let me apologize for not being clear. By way of an excuse, I am
trying to summarize something both wildly complex and genuinely new, in a few
words.
By way of a further excuse, using words such as 'hack', 'government' or
'system', whose meanings have become so fuzzy from overuse and/or abuse, that
they really have no meaning by themselves any more, always leads to
confusion. In Canada, the ability to string such words together in such a
way that one can speak for hours without ever saying a damn thing will get
you seat in Cabinet, but my own use of them is not for that purpose...
What I have designed is a many-to-one management system explicitly for the
purpose of enabling the public to more efficiently, effectively and reliably
manage their elected officials.
The mechanisms which currently exist for the execution of governmental
actions (i.e. the civil service, the judiciary, the military, etc.) are not
directly affected, and are not likely to change as a result of the adoption
of these systems, beyond those changes ordered by the public, through their
government.
What will change is the practical(!!!) means available to the public to
exercise the rights we already have, in principle(!!!), such as the right to
grant or deny the rights and privileges of elected office, and the right to
issue a direct order to our duly elected servants.
While the public is virtually certain to exercise their rights, given both
the opportunity to do so and a systematic means for ensuring the results they
get are at least as good as the results they expect, and this will of course
flow through to changes in the civil service et al, the system itself is not
designed for managing the civil service --> it is designed for managing
elected bodies (i.e. Congress, the Senate, the Executive Branch, etc.)
The security requirements are driven in part by the costs associated with
disputed election and/or 'referendum' results --> think Florida in 2000,
without hanging chads for CNN to show the public. Note that referendums
themselves are pure paper and pony --> this system utiizes resolutions, based
on the systematic application of the professional problem solving process,
FMECA analysis & control plan formation, and basic quality control principles
(measuring actual results, then feeding them back for comparison against
expected results), rather than referendums (one question, yes or no).
Again, the principles of this system design are lifted directly from
democracy --> despite being the worst system in the world, except for the
rest, the principles of democracy are sound. The differences stem from the
world of possibilities for correcting the flaws in democratic practice which
are rooted in the physical limitations of paper and ponies, made possible by
boxes and wires. The threshold of viability is defined by access --> enough
people must have enough access at a reasonable and sustainable cost. The
most important point to recognize, however, is that the only body with the
right to make that judgment call ("Yes, we have enough, no we don't") is the
public itself. In a lovely bit of circularity, the system itself is the very
system they need for first making, and then acting on, that judgment call.
The bulk of the cost of box and wire systems is in the infrastructure -->
"the internet". For many nations, including the U.S., the bulk of these
costs have already been paid --> many nations already have almost enough, and
a few may have enough. Again, the call is neither mine nor yours to make; it
is ours and theirs.
In practical terms, the bulk of the challenges are political, as opposed to
technical or business. As a quick aside, Mr. Gates recently issued the
largest special dividend in history, specifically because he could no longer
even pretend to have any clue what to invest that money in, and his good
friend Mr. Buffet has publicly expressed the same difficulty. Finding money
always poses challenges, but there is rather a lot of it sitting around with
nothing to do at the moment...
While an oversimplification, a machine which the NYC government could not
hack would be OK for New Yorkers to manage their municipal government, and a
machine which the Californian government could not hack would be OK for
Californians to manage Mr. Schwarzenegger and company. However, while not
entirely useless, the loss in value associated with insufficient security for
federal use is more than enough to justify the expenditure of significant
resources to develop a machine with sufficient security.
Please note, however, that the bulk of the security provided to the public
by these systems has nothing whatsoever to do with the machine itself --> a
'hack-proof' machine is only one small part of a much larger security system.
I do not believe that any nation of sane people could be convinced to bet
their own lives on the security of a machine --> I'm certainly not about to
recommend it...
I searched for a sufficiently secure system several years ago, and didn't
find one. This in turn drove me to study the security flaws inherent to the
systems which were available, most of which had nothing to do with the
hardware or software (people are much easier to 'hack' than machines). Most
of the remaining flaws can be eliminated both simply and cost effectively by
designing a single-purpose machine lacking the physical capacity to do
anything other than exactly what it was designed for, as opposed to general
purpose or general purpose-based systems.
Fixed state machines offer a level of security approriate for this
application, but their cost is ridiculous, on a scale necessary to serve the
public. I have, however, applied the basic principles of fixed state machine
design --> absolute control of data flow --> leading to what I have dubbed a
'controlled-state' machine.
While I can, and will, and am trying, to move ahead with my own design,
Kerchkoff's Law, basic security principles, and the necessity of ensuring
that the public gets the best possible deal on the best possible system,
dictate that my own design be both publicly vetted and exposed to competition.
This post was a rather pathetic attempt to find some competition. By way of
an excuse, I've spent everything I had, not to mention everything I can
borrow, developing my own design, and consequently have squat left to spend
on this search, at the moment.
I am currently in the 'market research' phase of this project. The market
research plan developed for this project, however, segues directly into the
marketing launch plan, and, in practice, is largely the same plan...
At this point, any feedback I can get is of use. If you care to offer any,
or want to know more, feel free to use ProjectLynx@shaw.ca.
The bulk of the response I've gotten so far was pure cynicism, although, on
the bright side, I got a laugh out of the tin foil crack... This is in large
part a reflection of a poor choice of forums on my part.
Perhaps you could recommend a more appropriate forum (i.e. one where
explicitly defined security and performance requirements could be posted in
detail, as opposed to asking for something that can't be 'hacked'), or at
least one with funnier contributors...
And if you happen to have Mr. Gates' home phone number, or perhaps someone
who works for him but isn't either too busy or too cynical to figure out what
the hell this is all about, I promise not to pass it around if you pass it
on...
Thank you for your time, sir.
Mark Smith, Proprietor,
PER Ltd.
- Next message: Proprietor_PER_Ltd: "Re: I need a system the U.S. government cannot 'hack'"
- Previous message: Laura \( '_' \): "Re: XP internet security broken"
- Maybe in reply to: Lanwench [MVP - Exchange]: "Re: I need a system the U.S. government cannot 'hack'"
- Next in thread: Mark Randall: "Re: I need a system the U.S. government cannot 'hack'"
- Reply: Mark Randall: "Re: I need a system the U.S. government cannot 'hack'"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
