antipaucity

fighting the lack of good ideas

beware the fury of a patient man

John Dryden was right.

A single, dedicated man is nearly impossible to stop. And one who waits a long time before exacting revenge is even harder – the target never knows that it’s coming.

I took an introduction to terrorism class during the spring 2000 semester at Hudson Valley Community College. The class served as a presentation of the causal factors behind terrorism, and how defenses against it are developed. As part of the class we were broken up into groups and given the task of picking a target, and then installing defenses against threats we thought to be most probable.

My group picked an embassy (using floor plans of a structure in downtown Troy NY). We decided that we could defend against anything other than kamikaze-style missions and nuclear weapons, but that it would be incredibly expensive to do so. In order to provide round-the-clock guards, we decided to station about 30 Marines at the embassy, install 30+ security cameras, maintain an extensive armory, and put metal detectors and X-ray machines at each entrance.

We had planned three routes of escape/attack for our building: the roof, the river (which was conveniently a few feet from the back door), and the front door. While we didn’t decide to station a helicopter permanently at the embassy, we were prepared for up to three to land on the roof and cart away refugees. To beef-up our external defenses, we installed 4 guard towers on the corners of the building, and put a Phalanx CIWS unit on the roof. We also armored the dock doors (which shielded our planned boat from the outside world) so an attack would not be likely to destroy one of our escape routes.

But the real issue we were most worried about was someone who didn’t bring a metallic weapon with him to the embassy, and yet was still dangerous. A rope, ceramic knife, cane, or any of a thousand other items could be easily smuggled inside the embassy, perhaps even in plain view, and there was nothing we could do about it. That dedicated individual, who may be operating under a shroud of not caring about his own life, would be practically impossible to stop – or even identify.

Even after that class, I have spent a lot of free time noting problems with physical security at various locations. The primary point I noted, due to my employer’s proximity, was the airport. I realized that taking-out the entire fuel supply for the airport would be a trivially-simple task for anyone who could shoot well at long ranges, and who acquired a few incendiary or tracer rounds. Positioning himself back a few hundred yards, and firing a handful of incendiary rounds into the large fuel tanks at the airport wouldn’t be hard – especially considering the fact that they are only typically behind chain-link fencing. And if shooting wasn’t his strong suit, he could just rent a moving truck, and slam through the fence into the tanks.

While performing my more-or-less mindless job of cleaning rental cars, I thought about how those tanks could be protected better. I designed several soft-armored ‘curtain’ arrangements made from layers of Kevlar and thin Lexan sheeting which could be suspended around the tanks from simple frames, and would provide a great deal of bullet resistance.

Stopping a kamikaze driver wouldn’t be too hard, either: just put in place some concrete or steel posts/barriers, and any civilian vehicle would be stopped from getting too close. Stopping a suicide pilot would be difficult, if not impossible, but defense has to stop somewhere.

From both my class experience and further personal reading, I am convinced we spend a lot of money on securing the wrong things. Yes, preventing some nut-job from hijacking a plane is a good thing. However, I think it would be a boon to airline security if people with legitimate carry permits were allowed to bring personal firearms onboard – in the passenger cabin, not just the baggage area.

A primary deterrent to crime is the thought that maybe the person about to be attacked will defend himself. In areas where legally carrying weapons is either inhibited or prohibited, criminals have a much easier time than where carrying weapons is allowed or encouraged.

It would seem to me that it would be a more effective use of security dollars to invest in real physical security and intelligence rather than what Bruce Schneier refers to as ‘movie-plot security’. We’ve spent money to make cockpit doors more-or-less invulnerable, but pull 84-year-old grandmothers out of line to be screened more thoroughly. Security is about identifying the most likely threats, and responding to them. It’s not about coming up with a possible attack, and defending against it alone.

When I worked on the embassy protection project, I kept trying to come up with other attacks that the proposed defenses would be able to handle. And if something we were proposing was really only useful against one highly improbable action, it was listed as discardable if it couldn’t be afforded.

We need more people coming up with real security devices, like my proposed curtains, rather than coming up with movie-plot scenarios.

dating sites

I’ve noticed (for a while now) that most dating and matching sites are all pay based. What I want to know is why? Yahoo! Personals, for example, requires a monthly subscription fee to use it for more than browsing. eHarmony is famous for allowing free scanning, but they charge a (seemingly high) monthly rate. Match.com also uses a subscription system. There are myriad others out there that all use the same basic concept – allow people to create a profile free, but as soon as they want to really use the service, it’s going to cost them.

It would seem to me that such a service should be able to be built and run based only on non-subscription revenue. Many people make a stable income from such services as Google’s AdSense. On high-traffic sites, that income has been reported to be as high as $100k/month or more. Even if it took some time to get the service noticed and utilized, I think such a service could be constructed and run entirely off ad revenues. A quick survey of available hosting packages from just one company shows dedicated servers with 4TB/month or transfer and 30GB of space for $99/month.

With such space and bandwidth available, and especially with the bonus of total administrative freedom of a dedicated box, I don’t see why someone doesn’t launch a free dating site. Basic requirements would include a demographics survey, space for an ‘about me’ narrative, a search feature, place to store a small collection of pictures, and some way to contact other members (email via scripted page?). I think it should also have a way of verifying members when they register for the site – a combination of captcha and email /text message exchange – to ensure that scripts aren’t registering bogus people.

A simple policy of “we won’t share your information with anyone without your permission, and we do not guarantee the accuracy of any profile on our site – please report suspicious activity to us at…” should absolve the administrators of any legal repurcussions if something doesn’t work out between members. Obviously, a lawyer should be consulted to get precise wording, but I think this has great potential.

Another feature that could be offered would be private or internal messages – like eBay uses. Members could intentionally change their message delivery preferences to have them delivered to their personal e-mail address, but would default to storing them on the server so that you have to login to communicate. Users should be able to block people they do not want to hear from in the future, too.

I’ve been thinking about this a lot recently, and would be interested in building something like this with some help. If anyone reading this is interested in such an endeavour, please contact me.

containerized datacenters

Expanding on Cringely’s posts late last year (first, second), I was wondering why companies don’t offer turn-key datacenters for businesses.

Imagine, for a moment, that you were in need of several servers – email, web, hr, inventory, file storage, applications – and support architecture – routers, switches, firewalls, etc. Locating suppliers for all of these can be a very time-consuming process, and if everything is not purchased at the same time, you can run into compatibility issues. So, why not have a business whose sole purpose in life is to integrate datacenter needs for customers, and then deliver those datacenters ready to roll?

For example, let’s say you need to provide email for 5000 users, handle user authentication for workstations, serve a medium-use website (>10000 hits/day), document management, and handle human resources -related stuff (employee contracts, sick/vacation time use, benefits, time tracking). From my understanding, a typical organization who needs to do this will solicit proposals from several vendors, fight their internal bureaucracies over how much should be spent, what OS to use, etc, and then finally start purchasing equipment after several months. In a perfect world, the vendor supplies support and training to administrators so they can run the hardware for their organization, but otherwise leave the ‘real’ work up to the customer.

I think a very profitable business could be run in which a vendor receives such a request from a customer, but instead of worrying about which hardware goes in which closet, is there enough rack space already, or do they need more, etc, they could provide the entire package in a container that could be delivered via truck (or train). Said container could include its own HVAC unit, and only need a couple connectors to the outside world to become a ‘usable’ server room when it’s delivered.

My vision for this is to install lots of rack space into a default arrangement in the container, preroute cooling and ventilation ducts, wire the whole container for power, phone, and network, and install insulation inside the container, so that the HVAC unit won’t be working overtime to keep the box cold.

Containers have lots of space inside of them, and could easily be used to hold dozens of servers, storage units, and networking infrastructure hardware. Once a customer settled on what they need, in terms of current and future capacity, minimum networking requirements, OS, etc, the vendor would just install all of the necessary hardware into the racks inside the container, install non-proprietary software into the hardware – basically everything the systems administrators would have to do when the hardware arrived at their location – but would then just close the doors on the container, hire a trucking outfit to deliver the container, and have it dropped-off at the customer’s location.

All that would be left for the customer would be decide where they wanted their datacenter, connect power and network, and turn it on.

What do you think?

center creek canoes (C3)

For my senior capstone course, our professor is having us each build a mock e-commerce site. All through the semester till this point, the counter example I kept picking for questions was a canoe.

So, when we were told to pick something to sell, what could be more logical than canoes? So I am writing a mock e-commerce site to sell custom canoes.

Reasons to do business with Center Creek:

  • customer service – we will deliver your canoe ourselves, no third party shipping
  • customer service – Creekside™ delivery available – not only do we deliver your canoe in person, we will bring it to your campsite or canoeing location
  • customer service – as long as you don’t damage the canoe intentionally (no sledge-hammering the hull), we guarantee it for life – the guarantee is transferrable as long as you tell us who you sell it to
  • customer service – you will always get a person when you call customer support, if the location you call is closed (weekend, holiday, after hours), we will call you back – personally
  • custom-fit to you – if you order a custom CC canoe, part of the purchase price includes round-trip airfare and one night’s accomodations to the location nearest you to have the seat(s) fitted to you (and a companion if you order a 2- or 3-seat boat)
  • quality – each of our canoes is hand-made by caring, professional boatmakers whose only job is designing, building, and delivering boats

Did I mention we stress customer service?

Our canoes aren’t cheap – but they are the best available.

Oh, and the other bonus of calling the company Center Creek Canoes: any time we order materials to build our canoes, we get to call the order a C3PO 🙂