Constructing war games is all very well, but they're limited to the imagination of a small group of wargame "designers" who set the parameters for the test. In reality, those are the weaknesses that have already been, or are easy to address. The ones that are the big problems tend to start with "How the hell did they do that?"
One thing to be aware of with war games is a knowledge of what they are designed to achieve. Not all of them are there to spot weakenesses, a lot could be there merely to provide assurance or arse-covering. In those cases, "winning" by succeeding in breaking in could be the worst outcome - either personally for the winner, or the people who were supposed to stop them. Often blame and punishment is a much cheaper solution than a fix.
With most of the backbones being optical, your amendment would have no practical use. You'd have to remove the "electronic" qualifier. Even that would be easy to get around - just slow the whole mess down to FIDONET speeds. the functionality is still intact, but the utility has gone. Although quite why anyone would bother arguing semantics if the place ever got into such a mess that universal censorship was seriously considered, I don't know.
I'm sure a strategically placed dot in the right DNS entry would have exactly the required effect. Plus the plausible deniability of a "computer error". After all if China can route a large portion of the internet through it's servers accidentally, just think what could be achieved with a little thought - and the right password.
If it had the side effect of turning off the rest of the world, too - well....
There's more to the world than 1 country. So when a helpdesk serves a worldwide user base, most of the calls will NOT come from the country the operation is based in.
So unless you are prepared to bear the overheads of your favourite software company running a helpdesk in every country int he world, the question is moot.
If another state, without an incumbent rocketry industry, was to get serious they would effectively start with a clean sheet of paper. They would not have to go to the trouble of developing all the preceding rocket based technologies, and could leapfrog to the next hill (albeit not to the top of the hill - at least not to start with). If that paid off and they were able to put payloads into orbit for a tenth, or a hundredth of what conventional technologies were charging that would be such a disruptive technology that the old regime would be out of business within a decade.
The key for that new state would be to keep their developments a closely guarded secret, purely to increase the time advantage they had until every other spacefaring nation could work it out for themselves. The question then becomes, do the other states try to play catch-up and slavishly emulate what the new guy is doing, or do they try to leapfrog them onto the hill after that?
Yup, happens in elections all the time - except there it's everyone suffering from the stupidity of the many. Just 'cos the numbers vary doesn't make it any better.
Since my current connection is 15MBit/s and only costs me a few £'s (british pounds) a month, I can say that I'm quite content with that. If the cost of a 100x faster connection was 100x more - or even 10x more, then the answer would almost certainly be "no thanks" If it was an extra quid or two then yes, OK, I'll take it. However I'm under no illusions that having a 1GBit/s connection to my home is pretty worthless if the source is still only running at 1MBit/s.
Here's an example of the sort of thing I'm concerned about
A dissident group starts a forum, or opens up on twitter. They gather followers, including a few government "sympathisers". All the followers duly follow, but the govt. people start to make more vociferous posts/tweets, appear to be in possession of more damning/inflammatory information (as you'd expect, from the source) and, while still towing the dissident line, become key influencers in the group. Come the revolution, these people - whom no-one has ever met in person - use the credibility they have gained either to stage a "coup" within the group, post information that still sounds credible but is misleading, or uses their position to betray other group members to the authorities while still remaining free themselves: "OMG Adbul X has just been arrested. I was just on my way to meet him"
On top of that, it's trivially easy for an agency to find who's friended/following who and either take them down (as potential leaders, without whom any opposition would be unfocused and therefore less effective) or to hack/subvert their accounts and post counter-information.
What's worse is the possible retribution after the revolution - either way, depending on who wins. Want your boss's job? Just get his/her work account and posta few inflammatory messages for/against the right people. Come the reckoning, they get the blame. Likewise with all the other followers or forum members, who either expressed an opinion or were guilty by association.
The problem we have with the internet today is its openness. We already know that any child in their bedroom can build a website that makes them appear to be a multinational, or subject expert (provided they don't give themselves away with "Cooooooool, dude" type content). The same applies to dissidents, honeypots and the lack of verification of message sources. In fact, in future it may be that governments do NOT switch off their country's internet but just go into overdrive, themselves, using their privileged position to subtly alter the message, corrupt the content and make their own propaganda much more widespread.
People like to think of the internet as the answer to "the man" and that it has a grass-roots connection to people that allows them to multiply their effectiveness at bringing "people power" to bear. Is there really any truth in that? Although it's a popular meme among advocates, it does sound unlikely.
For a start, the greater the technological advancement, the more dependent it is on a larger number of underlying functions. That makes it vulnerable not only to someone hitting the kill switch, but to government agents (of whom we can safely assume there are many infiltrated amongst any overthrow plot) sending out false information under the guise of "the people" Whether that's reports saying things are different from what they really are, or sabotaging rallies by sending people tot he wrong place - the problem with believing an anonymous source (on twitter, say) is that they're anonymous: you can never be sure they truly represent who they say they do.
So, while there is/was obviously some use of the internet by some people in Egypt, I would think that its main effect has been to deliver part of the story to outsiders (whether news organisations or just people) rather than to get things going within the country itself. As such, if the only way we have of getting information is through the internet we naturally (and mistakenly) presume that is also how people inside are getting information, too. There appears to already have been quite enough groundswell without the need for smartphones or websites.
Rocks aren't aerodynamic, so the fall through the atmosphere will add significant deviations to their path. During WW2 this aerodynamic uncertainty amounted to about 6 feet per 1000 feet of drop - even for a bomb designed to fly straight. So for a 100,000 foot drop through the whole atmosphere that would put you +/- 600 feet off target, even under perfect conditions and with impossibly accurate targeting. You're more likely to be way outside the 1960's (reported) ICBM target area, which estimated a nuke would land within 5 miles of its target.
As a consequence, the chances of hitting anything you're aiming for, from the Moon, are pretty much zero. That doesn't mean the idea has no worth. Just like with all strategic bombing of civilian targets, the action is more to do with terror than inflicting damage.
They would never be certain to get the right target and cannot guarantee that innocent bystanders won't get caught in the crossfire. That may be acceptable in the silly plots of TV dramas, but in real life there are consequences.
that style doesn't work well in a dead tree format
The basic problem with Drupal is that most of the contributed code (modules) was written by people as a hobby. Once they've demonstrated their cleverness (hint: no-one cares how convoluted your code is, or how obscure, if mathematically correct, your nomenclature is) to their coding buddies, they lose interest. They stop fixing bugs - some modules have bug lists years long: I've added some myself that never got fixed. They won't or can't write documentation and it's impossible to tell which modules fulfill their hype and which ones are simply turkeys.
The dead tree format is a good way to separate the amateurs from people with a professional outlook. If people can't be bothered to describe what they've done, then what they've done is in all practical terms useless.
And then tell me what can possibly cost 400,000 GBP.
What costs this much? A few months of a couple of "security consultants" off the approved suppliers list, for a start. Billed at the usual rate for government jobs. It will take them at least that amount of time to attend the meetings, write the proposals, agree the process, appoint the auditors, find all the copies (except for a few which will later leak out), benchmark some data destruction methodologies and finally outsource the whole mess to the lowest bidder who will take the data and fly-tip it somewhere close-by.
Like almost everyone else here, the OP is addressing the broader question of whether employees in general should be allowed to use their own stuff at work. Not the narrow point about one single instance with one specific setup. The answer to the general question is (obvious to most) "hell no" and for so many different and varied reasons
5 Spend all that profit and more trying to debug obscure problems caused by network abuse
6 Work all weekends cleaning up the mess after some fool brought in a laptop with a virus on it
7 Wonder why the company insurance won't pay out when someone trips over the lead of another employees persona phone charger
8 Discover that when an employee leaves, half the kit you *knew* was yours leaves with them - as there's no asset checking
9 Suddenly find that someone downloaded the entire customer contact database, all your designs and finance data onto a USB stick, and they're now your competition (but without those pesky development/sales costs)
The only stuff that goes on our company's network is company kit. Bought, maintained, documented, tested and secured according to company standards and used as the company sees fit. You want to put your unknown, incompatible, unsecure toys on it - go start your own company.
NASA has too many prudes amongst its enemies to ever get this idea off the ground (literally). However, it would be a prime candidate for a privately funded, manned (and womened) flight. With the right sponsorship (who? Durex, sex.com, Penthouse?) and maybe even film rights, books and TV it could even make a profit. You never know, they may even be some solid science comes out of the project too.
I've used Drupal for a few websites and cursed it every time. It is just about adequate for non-technical users to add content to a finished website, provided you have installed, configured and documented a HUGE number of extremely complicated and interconnected modules - all of which teeter on the verge of unsupportability.
However, the development process is awful. Just the simplest change to an existing template requires intimate knowledge of HTML, PHP, DOM, sometimes Javascript and CSS. The level of module documentation is appalling and vast numbers of key modules appear to be whimsical products of amateur enthusiasm, written as a hobby and supported sporadically (I've got bugs I reported 2 years ago that have just been added to ever-lengthening queues that authors have apparently lost interest in) or not at all.
Like most open source software that's written for fun, most of the contributions are far too complicated and appear to be intended more as a monument to the authors' obscure programming techniques than as a clear, properly designed and thought-out addition to enhance the job of a web designer. Maybe with some iron-willed leadership the package could ber whipped into shape in enough time, but until that process is complete it will really only ever be a toy product - for used by people who like to tinker with its internals than those who just want a clean, properly implemented website.
Trying to get 2 sysadmins to cooperate would be like insisting every car has 2 drivers (and not like a plane has a copilot). There are at least four possible outcomes: one sysadmin becomes dominant and you're back to where you started, but paying two salaries. They continually bicker about the best way to do things and nothing ever gets done (or worse: they sabotage each others' efforts), one just slacks off and causes decision-making bottlenecks or they spend so long reaching a consensus that even the most trivial task takes a week of decision making, timetabling, agreeing and finally doing it.
The only solution I can think of that would stand a chance is to require:
a) everything gets documented (you'll know this is the correct way, as all the techies will hate it)
b.) every week / month all the roles change, if an admin coming into a role finds that things aren't as they were documented, someone gets yelled at
This also has the advantage that you're no longer completely screwed if someone leaves, goes sick or gets promoted. it also makes it clear to the people in question that the company can get along quite nicely without them.
Ring buffers in serial ports are not quite the same thing. With a serial port, once the ring bugger had filled (i.e. inut pointer == output pointer) the sourcing program would either be deschedule, pause a time or loop until there was space in the buffer to put the next byte of data. Nothing was lost.
With network buffers, what JG seems to be saying is that this does not happen. As packets arrive at whatever the choke point is in the circuit, there is no method for telling the sender to stop sending - the packets just keep coming. As a consequence, once the buffer has filled something starts dropping them - relying on the TCP error correcting protocols to resent "lost" packets.
The problem he's describing is the lack of an XOFF or DTS/DSR handshaking in the lower-level transports. Either that of incorrectly set window sizes, so packets are sent even though a certain number of earlier packets have yet to be ACK'd.
I have to say, that I have not experienced the issues JG raises. I can easily get 1.4MByte/second off my 14269 MBit/s ADSL downlink and it will send me data at this speed all day. Maybe our european infrastructure is adequately sized for the number of users and amount of traffic?
The first from people who saw the programmes and were inspired to go out, get a telescope and try it for themselves. They were given no information about haw difficult it can be. Nothing about what sort of telescopes to get, how to fous, find objects, the merits of different eyepieces or what level of expectations they should have. The same goes for the tacit implications in the piece about photography. By framing that piece with high quality images from the masters of the art - which were photoshopped with skill and precision, rather than just snapped off a DSLR on a tripod, they gave the impression that ordinary people could get the same sort of results.
The other backlash could be from the uncritical adoration/hate that the presenters attract. Whether that's the "I luuuuuve Brian Cox. He's so pretty and young-looking and such a good presenter. Nothing he says can be wrong and how dare you imply that any programme he's on is anything less than perfect (pauses for breath)". On the other side is the Dara O'Briain fan/hate club and the same for Jonathon Ross (was he [purposely editted to appear like a fool) and Liz Bonnin. Most of the comments I have heard about the programmes have been purely about the presenters to the exclusion of anything to do with astronomy. Just what you'd expect from people who watched it solely for entertainment, rather than information.
Slashdot Mirror
One thing to be aware of with war games is a knowledge of what they are designed to achieve. Not all of them are there to spot weakenesses, a lot could be there merely to provide assurance or arse-covering. In those cases, "winning" by succeeding in breaking in could be the worst outcome - either personally for the winner, or the people who were supposed to stop them. Often blame and punishment is a much cheaper solution than a fix.
With most of the backbones being optical, your amendment would have no practical use. You'd have to remove the "electronic" qualifier. Even that would be easy to get around - just slow the whole mess down to FIDONET speeds. the functionality is still intact, but the utility has gone. Although quite why anyone would bother arguing semantics if the place ever got into such a mess that universal censorship was seriously considered, I don't know.
If it had the side effect of turning off the rest of the world, too - well ....
So how about the "ethics" of setting up a helpdesk in another state? Or another town. Just where do these "ethical" people draw the line?
So unless you are prepared to bear the overheads of your favourite software company running a helpdesk in every country int he world, the question is moot.
The key for that new state would be to keep their developments a closely guarded secret, purely to increase the time advantage they had until every other spacefaring nation could work it out for themselves. The question then becomes, do the other states try to play catch-up and slavishly emulate what the new guy is doing, or do they try to leapfrog them onto the hill after that?
Yup, happens in elections all the time - except there it's everyone suffering from the stupidity of the many. Just 'cos the numbers vary doesn't make it any better.
Don't these libertarian people deny evolution? Weren't we (and seat belts) always like we are now?
Since my current connection is 15MBit/s and only costs me a few £'s (british pounds) a month, I can say that I'm quite content with that. If the cost of a 100x faster connection was 100x more - or even 10x more, then the answer would almost certainly be "no thanks" If it was an extra quid or two then yes, OK, I'll take it. However I'm under no illusions that having a 1GBit/s connection to my home is pretty worthless if the source is still only running at 1MBit/s.
A dissident group starts a forum, or opens up on twitter. They gather followers, including a few government "sympathisers". All the followers duly follow, but the govt. people start to make more vociferous posts/tweets, appear to be in possession of more damning/inflammatory information (as you'd expect, from the source) and, while still towing the dissident line, become key influencers in the group. Come the revolution, these people - whom no-one has ever met in person - use the credibility they have gained either to stage a "coup" within the group, post information that still sounds credible but is misleading, or uses their position to betray other group members to the authorities while still remaining free themselves: "OMG Adbul X has just been arrested. I was just on my way to meet him"
On top of that, it's trivially easy for an agency to find who's friended/following who and either take them down (as potential leaders, without whom any opposition would be unfocused and therefore less effective) or to hack/subvert their accounts and post counter-information.
What's worse is the possible retribution after the revolution - either way, depending on who wins. Want your boss's job? Just get his/her work account and posta few inflammatory messages for/against the right people. Come the reckoning, they get the blame. Likewise with all the other followers or forum members, who either expressed an opinion or were guilty by association.
The problem we have with the internet today is its openness. We already know that any child in their bedroom can build a website that makes them appear to be a multinational, or subject expert (provided they don't give themselves away with "Cooooooool, dude" type content). The same applies to dissidents, honeypots and the lack of verification of message sources. In fact, in future it may be that governments do NOT switch off their country's internet but just go into overdrive, themselves, using their privileged position to subtly alter the message, corrupt the content and make their own propaganda much more widespread.
For a start, the greater the technological advancement, the more dependent it is on a larger number of underlying functions. That makes it vulnerable not only to someone hitting the kill switch, but to government agents (of whom we can safely assume there are many infiltrated amongst any overthrow plot) sending out false information under the guise of "the people" Whether that's reports saying things are different from what they really are, or sabotaging rallies by sending people tot he wrong place - the problem with believing an anonymous source (on twitter, say) is that they're anonymous: you can never be sure they truly represent who they say they do.
So, while there is/was obviously some use of the internet by some people in Egypt, I would think that its main effect has been to deliver part of the story to outsiders (whether news organisations or just people) rather than to get things going within the country itself. As such, if the only way we have of getting information is through the internet we naturally (and mistakenly) presume that is also how people inside are getting information, too. There appears to already have been quite enough groundswell without the need for smartphones or websites.
As a consequence, the chances of hitting anything you're aiming for, from the Moon, are pretty much zero. That doesn't mean the idea has no worth. Just like with all strategic bombing of civilian targets, the action is more to do with terror than inflicting damage.
They would never be certain to get the right target and cannot guarantee that innocent bystanders won't get caught in the crossfire. That may be acceptable in the silly plots of TV dramas, but in real life there are consequences.
that style doesn't work well in a dead tree format
The basic problem with Drupal is that most of the contributed code (modules) was written by people as a hobby. Once they've demonstrated their cleverness (hint: no-one cares how convoluted your code is, or how obscure, if mathematically correct, your nomenclature is) to their coding buddies, they lose interest. They stop fixing bugs - some modules have bug lists years long: I've added some myself that never got fixed. They won't or can't write documentation and it's impossible to tell which modules fulfill their hype and which ones are simply turkeys.
The dead tree format is a good way to separate the amateurs from people with a professional outlook. If people can't be bothered to describe what they've done, then what they've done is in all practical terms useless.
And then tell me what can possibly cost 400,000 GBP.
What costs this much? A few months of a couple of "security consultants" off the approved suppliers list, for a start. Billed at the usual rate for government jobs. It will take them at least that amount of time to attend the meetings, write the proposals, agree the process, appoint the auditors, find all the copies (except for a few which will later leak out), benchmark some data destruction methodologies and finally outsource the whole mess to the lowest bidder who will take the data and fly-tip it somewhere close-by.
Like almost everyone else here, the OP is addressing the broader question of whether employees in general should be allowed to use their own stuff at work. Not the narrow point about one single instance with one specific setup. The answer to the general question is (obvious to most) "hell no" and for so many different and varied reasons
5 Spend all that profit and more trying to debug obscure problems caused by network abuse 6 Work all weekends cleaning up the mess after some fool brought in a laptop with a virus on it 7 Wonder why the company insurance won't pay out when someone trips over the lead of another employees persona phone charger 8 Discover that when an employee leaves, half the kit you *knew* was yours leaves with them - as there's no asset checking 9 Suddenly find that someone downloaded the entire customer contact database, all your designs and finance data onto a USB stick, and they're now your competition (but without those pesky development/sales costs)
The only stuff that goes on our company's network is company kit. Bought, maintained, documented, tested and secured according to company standards and used as the company sees fit. You want to put your unknown, incompatible, unsecure toys on it - go start your own company.
At a guess, finding enough of the required types of valves (aka "tubes" in other languages) is a time consuming activity
You will form part of the control group. Your role will be to stay on earth and not have sex.
NASA has too many prudes amongst its enemies to ever get this idea off the ground (literally). However, it would be a prime candidate for a privately funded, manned (and womened) flight. With the right sponsorship (who? Durex, sex.com, Penthouse?) and maybe even film rights, books and TV it could even make a profit. You never know, they may even be some solid science comes out of the project too.
However, the development process is awful. Just the simplest change to an existing template requires intimate knowledge of HTML, PHP, DOM, sometimes Javascript and CSS. The level of module documentation is appalling and vast numbers of key modules appear to be whimsical products of amateur enthusiasm, written as a hobby and supported sporadically (I've got bugs I reported 2 years ago that have just been added to ever-lengthening queues that authors have apparently lost interest in) or not at all.
Like most open source software that's written for fun, most of the contributions are far too complicated and appear to be intended more as a monument to the authors' obscure programming techniques than as a clear, properly designed and thought-out addition to enhance the job of a web designer. Maybe with some iron-willed leadership the package could ber whipped into shape in enough time, but until that process is complete it will really only ever be a toy product - for used by people who like to tinker with its internals than those who just want a clean, properly implemented website.
The only solution I can think of that would stand a chance is to require:
a) everything gets documented (you'll know this is the correct way, as all the techies will hate it)
b.) every week / month all the roles change, if an admin coming into a role finds that things aren't as they were documented, someone gets yelled at
This also has the advantage that you're no longer completely screwed if someone leaves, goes sick or gets promoted. it also makes it clear to the people in question that the company can get along quite nicely without them.
With network buffers, what JG seems to be saying is that this does not happen. As packets arrive at whatever the choke point is in the circuit, there is no method for telling the sender to stop sending - the packets just keep coming. As a consequence, once the buffer has filled something starts dropping them - relying on the TCP error correcting protocols to resent "lost" packets.
The problem he's describing is the lack of an XOFF or DTS/DSR handshaking in the lower-level transports. Either that of incorrectly set window sizes, so packets are sent even though a certain number of earlier packets have yet to be ACK'd.
I have to say, that I have not experienced the issues JG raises. I can easily get 1.4MByte/second off my 14269 MBit/s ADSL downlink and it will send me data at this speed all day. Maybe our european infrastructure is adequately sized for the number of users and amount of traffic?
The first from people who saw the programmes and were inspired to go out, get a telescope and try it for themselves. They were given no information about haw difficult it can be. Nothing about what sort of telescopes to get, how to fous, find objects, the merits of different eyepieces or what level of expectations they should have. The same goes for the tacit implications in the piece about photography. By framing that piece with high quality images from the masters of the art - which were photoshopped with skill and precision, rather than just snapped off a DSLR on a tripod, they gave the impression that ordinary people could get the same sort of results.
The other backlash could be from the uncritical adoration/hate that the presenters attract. Whether that's the "I luuuuuve Brian Cox. He's so pretty and young-looking and such a good presenter. Nothing he says can be wrong and how dare you imply that any programme he's on is anything less than perfect (pauses for breath)". On the other side is the Dara O'Briain fan/hate club and the same for Jonathon Ross (was he [purposely editted to appear like a fool) and Liz Bonnin. Most of the comments I have heard about the programmes have been purely about the presenters to the exclusion of anything to do with astronomy. Just what you'd expect from people who watched it solely for entertainment, rather than information.