IMHO, the reason this isn't done yet is because of the org structure. OMB is responsible for administrative oversight of this type of stuff, but each department don't actually work for them obviously. So it could be analagous to the corporate IT department sending an email to each department lead (sales, production) telling them to install certain patches to their desktop PC.
Yeah sure, the IT department has the right to give direction because the common CEO delegated that responsibility to them, but when prioritizing what is important... they aren't writing the performance review, are they?
Which is why IT department usually have actual control over such things and push the patches whether the user likes it or not. But OMB doesn't "control".gov truly.
One of the best things the government IT folks have done is the use of the PKI infrastructure. Must have a physical token (smart card) and then an unchanging PIN to access the physical token. The private key never leaves the card itself. And all internal sites are mandated to use that authentication, so no more password hell. Yes, the cards expire every couple years, but it's about worn out by then anyways.
Because Intellectual Property Hoggers International got a patent on a man-in-the-middle (TM) attack and the accountants at the university wouldn't pay the licensing fees, so they had to come up with a COMPLETELY NEW and different attack to avoid patent litigation, thus the incredibly novel "intercept-resend attack" (patent pending).
Well, at least military now knows they are off the hook for causing the end of the world, the real end of the world will be launched by spammers... who knew??
Really, defeating them could be just eliminating -anyone- from having control.
All you have to do to do that is jam the control signal. Then it doesn't get any control inputs, and eventually will crash.
You can do this regardless of whatever encryption may or may not be on the control signal. It's an RF problem, not an encryption problem. (but not as simple of one as it sounds)
At this point scrolling down, does anyone remember what the original article was about? I don't think it was about establishing a libertarian communist dictatorship exploited by fruit-growing neighbors...
IANAL, but I don't think consent is the issue either. You get bulk snail mail delivered to your physical mailbox daily that you didn't consent to receive. But those folks don't go to jail. I would think the hacking of machines to create their shell boxes and similar crimes would be more the issue.
Yep, we knew we had officially survived the tourist phase when we did our first 'hook turn' in Melbourne instead of driving around 3 streets to avoid them.
Once you get the hang of them, it's not so bad, but what a bizarre way to do it.
Parent's reference to "M&S" is Mark's and Spencers, a ubiquitous department store chain/grocery. It's a great recommendation.
I always make a stop in a local countries grocery stores and take a browse through the aisles. Not as dramatic as the British Museum etc (which all are must-do's), but finding strange flavored chips [UK: crisps] and other bizarre food items is a fun diversion.
Definitely eat in the pubs, the UK is -expensive-, particularly London, so be prepared to go through food quickly. Though as mentioned, for goodness sakes never order a US beer. Only the worst US beer get exported generally, sadly the good micro-brews never make it out, giving the US a horrid beer reputation that isn't really deserved any longer.
And also get some Indian take-away [US: Carry out]... UK cuisine used to be fish&chips and other assorted 'average' food, but the indian food is outstanding and is now really the most common staple IMO.
What I'm getting at is that -after- some horrible thing occurs (either a mass murder or my hypothetical sex crime), people tend to second guess "funny on-topic vulgarities" and instead point to them and say "see see you should have known".
I.E. the email made to an Imam asking for marital advice. Now the media is trying to hang government agencies out to dry for not taking action because a US citizen asked someone with a questionable background about marriage advice.
So in one case, we do nothing, and get raked over the coals, in this case, we do something, and still get raked over the coals.
So I have a hard time crucifying anyone because we as a society can't set a standard on this type of stuff other than "it doesn't matter what you do because if it doesn't turn out well you're wrong regardless". [By that I mean a public opinion / moral standard, not a legal standard]
Was he right? Probably not [ref privacy statement on website], but seeing what else we are doing as a society, I can't get on much of high horse about it.
Just to be sure everyone's clear, this truck-based system does not have anything to do with missile defense. Shooting a missle warhead at this point in the game is pretty much pointless and presents challenges point out already elsewhere.
A couple comments here are focusing on stealth, that's not the big question.
There is not a single US Gen 2+ stealth aircraft engaged in Iraq/Afghanistan. F-117s have been retired, B-2 are not needed. The aircraft over there are relying on a variety of other IR countermeasures (tactics/flares/directed IR) to defeat threats.
TFA is talking about shooting down UAVs, which pose a unique problem because they are very small and can be made out of low-tech composite stealth materials like frickin balsa wood. That, combined with a naturally low IR signature because of their low performance envelope, make it hard to target then with traditional guided weapons (IR and Radar guided).
The key question, which TFA avoided giving details about, is what range they are talking about. If the range is = a 25mm chain gun, this system has little value yet, as if you can find it and track it, a turreted chain gun is already very deadly, the ballistics models aren't that hard to compute. But those weapons are also very easy to fly above.
If this laser has a range of, say, 8 miles (40,000-ish feet), then things could get interesting. Data that would also be important is how long the laser needs to stay on target, and how small the beam is. If the beam is 1" wide, and must stay on the same spot for 1/2 a second, it could be defeated by old-fashioned 'jinking' which would move the beam around and diffuse the heat. But if it's 1/100 second, then again, it's really deadly.
Finally (and then I'm done), this laser is really cool, but must be guided by something... at 40,000 feet (or at night), you'll need something better than a Mk 1 eyeball to find and track the target accurately enough, just like you do today, and that's where countermeasures could be applied.
But a really good EO/IR guidance system that can find/track targets up to 40,000 feet on a clear day at night and a laser that can kill in 1/100" second (or close), and you've got a game-changing technology, forcing aircraft to hope for cloudy days.
Most likely, IMHO, after deleting the post a second time, the moderator was in the process of blocking the poster's IP address, and did a routine reverse DNS check to see where the IP was. That check pulled up an extension ".edu". Then, and only then, his concerned parent mind kicked in, and now armed with the knowledge that there was a person posting vulgarities from a school computer during school hours, and he had make a moral decision whether to ignore it or do something about it. He decided to do something about it once he knew it was coming from a school.
Now can I prove this is how it went down? No, but it sure seems more logical that this guy going on a witchhunt of anyone who says something bad on his boards.
FLIP SIDE: Alternate reality where he decides to do nothing... one week later an individual in a trusted position commits horrible [sexual] crime, and the resulting investigation finds out he posted [sexual] comments to a website, and people with the ability to take action knew about it, but did nothing.
NOW, replace [] with "radical Islamic" and see how it sounds like something recent at Ft. Hood. He was damned either way.
Another main reason for the length of time involved is the orbital dynamics of the positions of the two planets. There is a astro concept called a Hohmann Transfer (http://en.wikipedia.org/wiki/Hohmann_transfer_orbit), which is a specific impulse efficient way of moving from one orbit to another. But it takes time, and requires waiting until the bodies are in the right position before we do it.
So you end up having to hang around on Mars for several months.
Going just a -little- bit faster doesn't gain anything because then you just have to wait longer for the planets to align.
Since this proposes something vastly quicker, the comment in the article about being able to do it in one planetary pass is what makes the 89 days possible. Requires tons more delta-V to do an orbital transfer this way, but the amount we'd save on human sustainment would more than make up for it.
Of course, not sure yet about hauling the nuke reactor into space...
Radar is easy to both jam and triangulate, which means radar-guided systems have been quickly taken out. Mobile radar SAMs more difficult, but still not that hard.
IR guided systems however are very difficult to detect and trace. But a shoulder-launched SAM still requires a visual acquisition to get the lock in the first place, something very hard to do at night. So there are still reasons for flying at night for survivability
BUT, in Serbia in particular, often the reason for targetting at a certain time had more to do with collatoral damage than survivability. All targets bombed by NATO had to be approved by their legal staff.
According to LOAC, you could target their bullet-building factory (home?) and if they are inside, then that's tough luck. But you can't directly target them under current international law. If they tried building another factory/house, you (you are a country, right??) could occupy their territory, imposing martial law, and send to jail any non-combatants that aided the enemy. But you can't just shoot then w/o trial for making ammo them unless they become unlawful combatants (pick up a gun and shoot at you).
When you go to war, you go to war completely. Which means you kill every man, woman, and child in your enemy's country
Um, no. That would be called genocide.
See Law of Armed Conflict (http://en.wikipedia.org/wiki/Law_of_Armed_Conflict) This is actually an aggregate term used to describe legal obligations of many countries who have signed onto a number of treaties.
Noncombatants cannot be 'indiscriminately' targeted. You can bomb a factory that produces ammunition, but can't just bomb the city to kill everyone in it.
It's not simple, as technology has changed the application of 'indiscrimate'. WW II bombing targeted industrial areas, and because technology was what it was, killed lots more people. It was as good as could be done (this can be debated, but that's not my point). NOW, with GPS smart bombs, a bunch of B-52's carpet bombing Baghdad WWII style would be considered a LOAC violation because it can now be done much more discriminately.
In fact, factories etc are now often targeted at night so fewer civilian casualties occur.
From about.com's summary: "Noncombatants may not be made the object of direct attack. They may, however, suffer injury or death incident to a direct attack on a military objective without such an attack violating the LOAC, if such attack is on a lawful target by lawful means"
Backup strategies must be relative to the supported application, there is no one size fits all.
Some systems can handle a couple days to bring up with little $$$ lost (an internal data warehouse used to build financial reports that derives it's data from other sources), others need hot failovers with milliseconds latency (Wall Street?)
So without knowing the business requirement, you can't really say whether a backup strategy is good or bad. Now, in this case, they've recovered all the data in the end, so the backup strategy 'worked' in that it recovered the data, but clearly failed in that it didn't meet the business requirement in a rather shocking fashion.
Specifically the person who did the service acquisition should be fired. They obviously never verified that the backup strategy was tested and they never agreed a plan for disaster handling.
So now as a sysadmin, every customer you have is going to send their contracting/procurement specialist with their degree in accounting to watch you do your backup strategy and demand a full demonstration, then second-guess you on how it might have problems and give you some really useful tips on how to make it better. After all, their job should be on the line for your mistakes.
How about because my insurance may not cover me for something left in an unattended vehicle?
Then I'd seriously considering getting better insurance. As long as the vehicle is locked, policies that cover contents are available, and AFAIK, are fairly standard provisions.
True, all P2P apps have to know what files they are sharing. But here's where I see bill's raison d'etre...
"being 'clear and conspicuous' about which files are being shared and getting user consent to share them"
NOW, when the RIAA sues everyone: The software maker is free and clear ("We added the consent to share box as mandated by law") And the person sharing Rocky 17 CAN'T say "I had no idea that file was being shared", which has been a defense in the past.
So (IMHO) when we talk about big lobbying groups, the RIAA would like it, and the software makers are willing to put up with the other provisions because now they are off the hook from the big P2P lawsuit.
Yep, Smart Cards are the way to go. No more passwords to remember first off...(eliminate the security hole created by complex passwords... the 'cheat sheet' carefully concealed in the top drawer of thousands of people's desks)
Then, when you remove them, the computer locks up. AND, the PIN number to access the smart card is only cached for a couple minutes, so worst case if you do mistakenly leave the card in while in a meeting in the secure building and have no screensaver, the damage you can do is greatly reduced. Someone could send an email on your behalf, but not a digitally signed/encrypted one.
Of course, it is a pain when you leave your card in your computer when you leave work for the day and then can't get back in to work (did it last week, many buildings will let you leave without a card, just not enter), and having to enter your PIN multiple times a day is also a pain, but overall I've got to say I'd never go back to all those passwords.
Many posters here seem to believe he just 'pointed out security flaws', akin to telling someone their door locks are easily picked, and then suddenly being held responsible for the owner wanting better lock.
That is clearly not the case here. He found security holes, -and exploited them-, and -damaged systems- as a result.
Even if I leave my door wide open, if someone comes in and trashes my house, I'm going to expect them to pay for the repairs and clean-up. That's going to include me doing a complete inventory to figure out what might now be missing or broken. And that will take a while.
Weak security != permission to exploit
And the $700K amount is vague as to it's origin, I also saw nothing that specifically indicated that any of the $700K was specifically for -upgrading- security.
Yep, nuclear reactors in particular have been noted for this problem, especially a couple in the Great Lakes area. Can't seem to find a decent-quality link though.
And at the other end of the spectrum, using ground-water for cooling is not a radical idea for housing, that technology is available at most local contractors, is widely used in Florida for cooling, and is spreading across the country. Higher upfront costs, though, than a freon-based system.
So assume your data center is a) bigger than a single family home, and b) smaller than a nuclear reactor, there is probably a solution out there.
But the water quality police will have to argue with the air quality police about which is better for the planet.
True, heat pumps are great, but only in climates without temperature extremes. Alberta Canada will not be able to use a heat pump reliably in the winter, it's just too cold outside to 'suck heat in' through the pump. From an energy efficiency point of view, the perfect solution in this case is a heat pump + backup gas furnace, but in real life, that's too expensive for most folks, so marginal climate add a backup electrical resistance element to the heat pump, and really cold places never see them at all.
Slashdot Mirror
IMHO, the reason this isn't done yet is because of the org structure. OMB is responsible for administrative oversight of this type of stuff, but each department don't actually work for them obviously.
So it could be analagous to the corporate IT department sending an email to each department lead (sales, production) telling them to install certain patches to their desktop PC.
Yeah sure, the IT department has the right to give direction because the common CEO delegated that responsibility to them, but when prioritizing what is important... they aren't writing the performance review, are they?
Which is why IT department usually have actual control over such things and push the patches whether the user likes it or not. But OMB doesn't "control" .gov truly.
Again, just MHO
One of the best things the government IT folks have done is the use of the PKI infrastructure. Must have a physical token (smart card) and then an unchanging PIN to access the physical token. The private key never leaves the card itself. And all internal sites are mandated to use that authentication, so no more password hell.
Yes, the cards expire every couple years, but it's about worn out by then anyways.
Because Intellectual Property Hoggers International got a patent on a man-in-the-middle (TM) attack and the accountants at the university wouldn't pay the licensing fees, so they had to come up with a COMPLETELY NEW and different attack to avoid patent litigation, thus the incredibly novel "intercept-resend attack" (patent pending).
Well, at least military now knows they are off the hook for causing the end of the world, the real end of the world will be launched by spammers... who knew??
Really, defeating them could be just eliminating -anyone- from having control.
All you have to do to do that is jam the control signal. Then it doesn't get any control inputs, and eventually will crash.
You can do this regardless of whatever encryption may or may not be on the control signal. It's an RF problem, not an encryption problem. (but not as simple of one as it sounds)
At this point scrolling down, does anyone remember what the original article was about? I don't think it was about establishing a libertarian communist dictatorship exploited by fruit-growing neighbors...
IANAL, but I don't think consent is the issue either. You get bulk snail mail delivered to your physical mailbox daily that you didn't consent to receive. But those folks don't go to jail.
I would think the hacking of machines to create their shell boxes and similar crimes would be more the issue.
Yep, we knew we had officially survived the tourist phase when we did our first 'hook turn' in Melbourne instead of driving around 3 streets to avoid them.
Once you get the hang of them, it's not so bad, but what a bizarre way to do it.
Parent's reference to "M&S" is Mark's and Spencers, a ubiquitous department store chain/grocery. It's a great recommendation.
I always make a stop in a local countries grocery stores and take a browse through the aisles. Not as dramatic as the British Museum etc (which all are must-do's), but finding strange flavored chips [UK: crisps] and other bizarre food items is a fun diversion.
Definitely eat in the pubs, the UK is -expensive-, particularly London, so be prepared to go through food quickly. Though as mentioned, for goodness sakes never order a US beer. Only the worst US beer get exported generally, sadly the good micro-brews never make it out, giving the US a horrid beer reputation that isn't really deserved any longer.
And also get some Indian take-away [US: Carry out]... UK cuisine used to be fish&chips and other assorted 'average' food, but the indian food is outstanding and is now really the most common staple IMO.
I think you misunderstand what I was getting at.
What I'm getting at is that -after- some horrible thing occurs (either a mass murder or my hypothetical sex crime), people tend to second guess "funny on-topic vulgarities" and instead point to them and say "see see you should have known".
I.E. the email made to an Imam asking for marital advice. Now the media is trying to hang government agencies out to dry for not taking action because a US citizen asked someone with a questionable background about marriage advice.
So in one case, we do nothing, and get raked over the coals, in this case, we do something, and still get raked over the coals.
So I have a hard time crucifying anyone because we as a society can't set a standard on this type of stuff other than "it doesn't matter what you do because if it doesn't turn out well you're wrong regardless". [By that I mean a public opinion / moral standard, not a legal standard]
Was he right? Probably not [ref privacy statement on website], but seeing what else we are doing as a society, I can't get on much of high horse about it.
Just to be sure everyone's clear, this truck-based system does not have anything to do with missile defense. Shooting a missle warhead at this point in the game is pretty much pointless and presents challenges point out already elsewhere.
This is strictly an anti-aircraft demonstrator.
A couple comments here are focusing on stealth, that's not the big question.
There is not a single US Gen 2+ stealth aircraft engaged in Iraq/Afghanistan. F-117s have been retired, B-2 are not needed. The aircraft over there are relying on a variety of other IR countermeasures (tactics/flares/directed IR) to defeat threats.
TFA is talking about shooting down UAVs, which pose a unique problem because they are very small and can be made out of low-tech composite stealth materials like frickin balsa wood. That, combined with a naturally low IR signature because of their low performance envelope, make it hard to target then with traditional guided weapons (IR and Radar guided).
The key question, which TFA avoided giving details about, is what range they are talking about. If the range is = a 25mm chain gun, this system has little value yet, as if you can find it and track it, a turreted chain gun is already very deadly, the ballistics models aren't that hard to compute. But those weapons are also very easy to fly above.
If this laser has a range of, say, 8 miles (40,000-ish feet), then things could get interesting. Data that would also be important is how long the laser needs to stay on target, and how small the beam is. If the beam is 1" wide, and must stay on the same spot for 1/2 a second, it could be defeated by old-fashioned 'jinking' which would move the beam around and diffuse the heat. But if it's 1/100 second, then again, it's really deadly.
Finally (and then I'm done), this laser is really cool, but must be guided by something... at 40,000 feet (or at night), you'll need something better than a Mk 1 eyeball to find and track the target accurately enough, just like you do today, and that's where countermeasures could be applied.
But a really good EO/IR guidance system that can find/track targets up to 40,000 feet on a clear day at night and a laser that can kill in 1/100" second (or close), and you've got a game-changing technology, forcing aircraft to hope for cloudy days.
Most likely, IMHO, after deleting the post a second time, the moderator was in the process of blocking the poster's IP address, and did a routine reverse DNS check to see where the IP was. That check pulled up an extension ".edu".
Then, and only then, his concerned parent mind kicked in, and now armed with the knowledge that there was a person posting vulgarities from a school computer during school hours, and he had make a moral decision whether to ignore it or do something about it. He decided to do something about it once he knew it was coming from a school.
Now can I prove this is how it went down? No, but it sure seems more logical that this guy going on a witchhunt of anyone who says something bad on his boards.
FLIP SIDE: Alternate reality where he decides to do nothing... one week later an individual in a trusted position commits horrible [sexual] crime, and the resulting investigation finds out he posted [sexual] comments to a website, and people with the ability to take action knew about it, but did nothing.
NOW, replace [] with "radical Islamic" and see how it sounds like something recent at Ft. Hood. He was damned either way.
Another main reason for the length of time involved is the orbital dynamics of the positions of the two planets. There is a astro concept called a Hohmann Transfer (http://en.wikipedia.org/wiki/Hohmann_transfer_orbit), which is a specific impulse efficient way of moving from one orbit to another. But it takes time, and requires waiting until the bodies are in the right position before we do it.
So you end up having to hang around on Mars for several months.
Going just a -little- bit faster doesn't gain anything because then you just have to wait longer for the planets to align.
Since this proposes something vastly quicker, the comment in the article about being able to do it in one planetary pass is what makes the 89 days possible. Requires tons more delta-V to do an orbital transfer this way, but the amount we'd save on human sustainment would more than make up for it.
Of course, not sure yet about hauling the nuke reactor into space...
Unfortunately neither of you are really correct.
Radar is easy to both jam and triangulate, which means radar-guided systems have been quickly taken out. Mobile radar SAMs more difficult, but still not that hard.
IR guided systems however are very difficult to detect and trace. But a shoulder-launched SAM still requires a visual acquisition to get the lock in the first place, something very hard to do at night. So there are still reasons for flying at night for survivability
BUT, in Serbia in particular, often the reason for targetting at a certain time had more to do with collatoral damage than survivability. All targets bombed by NATO had to be approved by their legal staff.
"stop them" != "hunt down and disintegrate"
According to LOAC, you could target their bullet-building factory (home?) and if they are inside, then that's tough luck. But you can't directly target them under current international law.
If they tried building another factory/house, you (you are a country, right??) could occupy their territory, imposing martial law, and send to jail any non-combatants that aided the enemy. But you can't just shoot then w/o trial for making ammo them unless they become unlawful combatants (pick up a gun and shoot at you).
When you go to war, you go to war completely. Which means you kill every man, woman, and child in your enemy's country
Um, no. That would be called genocide.
See Law of Armed Conflict (http://en.wikipedia.org/wiki/Law_of_Armed_Conflict) This is actually an aggregate term used to describe legal obligations of many countries who have signed onto a number of treaties.
Noncombatants cannot be 'indiscriminately' targeted. You can bomb a factory that produces ammunition, but can't just bomb the city to kill everyone in it.
It's not simple, as technology has changed the application of 'indiscrimate'. WW II bombing targeted industrial areas, and because technology was what it was, killed lots more people. It was as good as could be done (this can be debated, but that's not my point).
NOW, with GPS smart bombs, a bunch of B-52's carpet bombing Baghdad WWII style would be considered a LOAC violation because it can now be done much more discriminately.
In fact, factories etc are now often targeted at night so fewer civilian casualties occur.
From about.com's summary: "Noncombatants may not be made the object of direct attack. They may, however, suffer injury or death incident to a direct attack on a military objective without such an attack violating the LOAC, if such attack is on a lawful target by lawful means"
Backup strategies must be relative to the supported application, there is no one size fits all.
Some systems can handle a couple days to bring up with little $$$ lost (an internal data warehouse used to build financial reports that derives it's data from other sources), others need hot failovers with milliseconds latency (Wall Street?)
So without knowing the business requirement, you can't really say whether a backup strategy is good or bad. Now, in this case, they've recovered all the data in the end, so the backup strategy 'worked' in that it recovered the data, but clearly failed in that it didn't meet the business requirement in a rather shocking fashion.
Specifically the person who did the service acquisition should be fired. They obviously never verified that the backup strategy was tested and they never agreed a plan for disaster handling.
So now as a sysadmin, every customer you have is going to send their contracting/procurement specialist with their degree in accounting to watch you do your backup strategy and demand a full demonstration, then second-guess you on how it might have problems and give you some really useful tips on how to make it better.
After all, their job should be on the line for your mistakes.
Just be careful what you wish for.
How about because my insurance may not cover me for something left in an unattended vehicle?
Then I'd seriously considering getting better insurance. As long as the vehicle is locked, policies that cover contents are available, and AFAIK, are fairly standard provisions.
True, all P2P apps have to know what files they are sharing. But here's where I see bill's raison d'etre...
"being 'clear and conspicuous' about which files are being shared and getting user consent to share them"
NOW, when the RIAA sues everyone:
The software maker is free and clear ("We added the consent to share box as mandated by law")
And the person sharing Rocky 17 CAN'T say "I had no idea that file was being shared", which has been a defense in the past.
So (IMHO) when we talk about big lobbying groups, the RIAA would like it, and the software makers are willing to put up with the other provisions because now they are off the hook from the big P2P lawsuit.
Yep, Smart Cards are the way to go. No more passwords to remember first off...(eliminate the security hole created by complex passwords... the 'cheat sheet' carefully concealed in the top drawer of thousands of people's desks)
Then, when you remove them, the computer locks up.
AND, the PIN number to access the smart card is only cached for a couple minutes, so worst case if you do mistakenly leave the card in while in a meeting in the secure building and have no screensaver, the damage you can do is greatly reduced. Someone could send an email on your behalf, but not a digitally signed/encrypted one.
Of course, it is a pain when you leave your card in your computer when you leave work for the day and then can't get back in to work (did it last week, many buildings will let you leave without a card, just not enter), and having to enter your PIN multiple times a day is also a pain, but overall I've got to say I'd never go back to all those passwords.
Many posters here seem to believe he just 'pointed out security flaws', akin to telling someone their door locks are easily picked, and then suddenly being held responsible for the owner wanting better lock.
That is clearly not the case here. He found security holes, -and exploited them-, and -damaged systems- as a result.
http://www.publications.parliament.uk/pa/ld200708/ldjudgmt/jd080730/mckinn-1.htm
Even if I leave my door wide open, if someone comes in and trashes my house, I'm going to expect them to pay for the repairs and clean-up. That's going to include me doing a complete inventory to figure out what might now be missing or broken. And that will take a while.
Weak security != permission to exploit
And the $700K amount is vague as to it's origin, I also saw nothing that specifically indicated that any of the $700K was specifically for -upgrading- security.
Yep, nuclear reactors in particular have been noted for this problem, especially a couple in the Great Lakes area. Can't seem to find a decent-quality link though.
And at the other end of the spectrum, using ground-water for cooling is not a radical idea for housing, that technology is available at most local contractors, is widely used in Florida for cooling, and is spreading across the country. Higher upfront costs, though, than a freon-based system.
So assume your data center is a) bigger than a single family home, and b) smaller than a nuclear reactor, there is probably a solution out there.
But the water quality police will have to argue with the air quality police about which is better for the planet.
True, heat pumps are great, but only in climates without temperature extremes. Alberta Canada will not be able to use a heat pump reliably in the winter, it's just too cold outside to 'suck heat in' through the pump.
From an energy efficiency point of view, the perfect solution in this case is a heat pump + backup gas furnace, but in real life, that's too expensive for most folks, so marginal climate add a backup electrical resistance element to the heat pump, and really cold places never see them at all.