<!--
+government promoting standards reference
+this is not a proposal, it is a historical summary
+ audited control resource use is not obvious the denial attack
+ 10. looks little funny,
+
+
+awkward sentency: Problems typically cannot be ignored, as they either prevent work from being done, or must be addressed as being urgent because they are related to security. as is the next one
+
+need transition before the bottom part of the intro
+
+As we will see in this white, sometimes misconceived
+
+as a reader will learn from this whitepaper could be transition,
+
+better alternatives? we need to rethink the whole stack
+ ----
+
+ one of the reasons we work together
+
+ productivity -> superior innovation
+
+ capacity for articulation
+
+add copyright notice
+
+fix this:
+<p>The stereotypical image of a group online is a Zoom meeting. However, online groups include
+
+
-->
<!DOCTYPE html>
<html lang="en">
<h1>Introduction</h1>
<p>
- Not long ago, there was no Internet, and a computer was typically installed in a physically secured facility. It is still the case today that ultimately computer security is built upon conventional security. This is something that Kevin Mitnick understood well and took advantage of. Kevin went so far as to dumpster-dive for passwords. He once walked into a building, into a manager's office, and copied information from an unattended terminal. We see conventional security issues today with lost phones, harvested ATM pins, and credit card theft.
+ Not long ago, there was no Internet, and a computer was typically installed in a room. During that computer security epoch, the facilities security was also the computer's security. It is still the case today that ultimately computer security is built upon conventional security. This is something that Kevin Mitnick understood well and took advantage of. Kevin went so far as to dumpster-dive for passwords. He once walked into a building, into a manager's office, and copied information from an unattended terminal. We see conventional security issues today with lost phones, harvested ATM pins, and credit card theft, etc.
</p>
<p>
</p>
<p>
- If a user could not reproduce one or both of his username and password, the user could not do any work on the computer, no matter how important or urgent that work was. The fear of being blocked from working caused many users to favor easy to remember passwords, or to write them down and place them into easily accessible places, such as next to a terminal. Thus began the ritual of administrators blaming users for not being more careful, when in fact the system was designed for failure. The typical reaction when the system fails? Force users to make harder to remember passwords.
+ If a user could not reproduce one or both, the user could not do any work on the computer, no matter how important or urgent that work was. The fear of being blocked from working caused many users to favor easy to remember passwords, or to write them down and place them into easily accessible places, such as next to a terminal. Thus began the ritual of administrators blaming users for not being more careful, when in fact the system was designed for failure. The typical reaction when the system fails? Force users to make harder to remember passwords.
+ The lost password problem led to the need for vulnerable password replacement policies.
</p>
- <p> The lost password problem led to the need for password replacement policies. Thus after an attacker bypassed conventional security, the would-be cybercriminal, informally called a hacker, would attempt to either: abuse the password replacement policy, find a way around logging in perhaps due to a software defect, or obtain a password. Common methods for obtaining a password were to be involved in a project and be given one, bribe or trick an a person involved in a project to share it, guess it, or steal it. Thus began the game of modern cybersecurity.
+ <p> Thus after an attacker bypassed conventional security, the would-be cybercriminal, informally called a hacker, would attempt to either: abuse the password replacement policy, find a way around logging in perhaps due to a software defect, or obtain a password. Common methods for obtaining a password were to be involved in a project and be given one, bribe or trick a person involved in a project to share it, guess it, or steal it.
+ </p>
+
+ <p>
+ Thus began the game of modern cybersecurity.
</p>
<p>
</p>
<p>
- Due to data isolation, once an attacker broke into an account, the question would become one of how to break into other accounts on the same machine. Often this would entail breaking into an account with elevated permissions. Techniques included finding data that was not properly protected, or taking advantage of flaws in the system of authentication or isolation. These are known as <RT-term>exploits</RT-term>. Flaws could be due to human error in leaving sensitive data open to be read, or it could be due to finding a bug in the architecture or implementation.
+ Due to data isolation, once an attacker broke into an account, the question would become one of how to break into other accounts on the same machine. Often this would entail breaking into an account with elevated permissions. Techniques included finding data that was not properly protected, or taking advantage of flaws in the system. These are known as <RT-term>exploits</RT-term>. Flaws could be due to human error in leaving sensitive data open to be read, or it could be due to finding a bug in the operating system or other privileged software.
</p>
<p>
- Then computers started talking with each other over telephone lines using screechy voices. This brought with it all the problems of distant communications that had been known from long before computers, going back to the early days of the telegraph and Marconi radio. Wired Internet has similar properties to telegraph lines and radio, while cell communication is radio.
+ Then computers started talking with each other over telephone lines using screechy voices. This brought with it all the problems of distant communications that had been known from long before computers, going back to the early days of the telegraph and Marconi radio. Wired Internet has similar properties to telegraph lines and radio, while cell communication is radio. The Internet was not originally designed to be secure, so today it has been patched to keep communications private through the extensive use of public key cryptography. Whether ultimately this is a good approach remains to be seen.
</p>
<p>
</p>
<p>
- The Christmas Tree hack appears to be novel in three aspects, firstly that the damage was indirect. Instead of deleting or stealing data, it denied computer services to the company. Secondly, the damage was not intentional. The student who wrote it intended it to be cute. Thirdly, it required human participation to spread as a person had to open it, but this was not much of a problem, as who doesn't want to open a Christmas card from a friend during the holiday season?
+ The Christmas Tree <RT-term>worm</RT-term> appears to be novel in three aspects, firstly that the damage was indirect. Instead of deleting or stealing data, it denied computer services to the company. Secondly, the damage was not intentional. The student who wrote it apparently considered it to be innocent mischief. Thirdly, it required human participation to spread as a person had to open it, but this was not much of a problem, as who doesn't want to open a Christmas card from a friend during the holiday season?
</p>
<p>
- When such damage can be caused by accident, is the fault that of the person who caused it, or of the design of the software? Should we be thankful to be alerted to the software's faults? <RT-term>White Hat</RT-term> hackers are those who hack so as to find <RT-term>exploits</RT-term> before bad actors do. But then who is wearing a <RT-term>White Hat</RT-term>, and who is not? Legislation has been passed to make computer hacking without permission illegal independent of who did it or why, though a person would expect the issues raised here to affect the discretionary use of enforcement and judicial efforts.
+ When such damage can be caused by accident, is the fault that of the person who caused it, or of the design of the software? Should we be thankful to be made aware of the software's vulnerabilities? <RT-term>White Hat</RT-term> hackers are those who hack so as to find <RT-term>exploits</RT-term> before bad actors do. But then who is wearing a <RT-term>White Hat</RT-term>, and who is not? Legislation has been passed to make computer hacking without permission illegal independent of who did it or why, though a person would expect the issues raised here to affect the discretionary use of enforcement and judicial efforts.
</p>
-
+<!-- Kevin Mitnik served 15 years for ...-->
<p>
On this latter point, should legislation be used as an attempt to fix what are essentially technical problems? If legislation becomes an effective liability shield for industry, then there is no longer incentive to design secure computers. That in turn would lead to a population of computers as a whole becoming vulnerable. In such a situation problems would happen at scale all at once when more audacious hackers come on the scene, instead of happening little by little.
</p>
- <p>Industry faces many hurdles when securing their products. One of the bigger ones is that of coordination and standards, which often must result in open software. Government input is effective in this arena. I'm reminded of Constantine telling the Christian hordes to unify and compelling leaders to come to agreement at the conference of Nicea in 325.
+ <p>Who called the first telephone? Who will communicate with a server that has a new security protocol? Industry faces many hurdles when securing their products. One of the bigger ones is that of coordination and creation of standards agreed upon by a diverse set of players. This is a place where government imperatives for creating open standards can move things in the right direction.
</p>
-
<p>
- New forces have intensified and popularized the cybersecurity problem. These include the fact that there is a global Internet that was not designed to be secure, that e-commerce has become popular, and that the world economy has moved to an intellectual property basis so there is stiff competition among global companies and among the state institutions of the various countries. There still exist students such as the Christmas Card author who create mischief, the disgruntled employee, or the would-be thief. In addition there are now entire departments of state hackers and multinational organized crime groups involved. There are now teams of scammers in India, and complete companies of hackers for theft and profit in Turkey, and other places. There was a do-it-yourself software package for sale in Nigeria for scamming people. They enter Europe and the US, not through airports, but via the Internet.
+ New forces have intensified the cybersecurity problem. These have emerged due to the existence of a global Internet that was not designed to be secure, the existence of honeypots such as government databases, the prevalence of e-commerce, and the macro trend of the economy shifting to an intellectual property basis. In this latter case there is now stiff competition among global companies and among the state institutions of the various countries to know what each other are up to. There still exist students such as the Christmas Card author who create mischief, the disgruntled employee, or the would-be thief. However, in addition there are now entire departments of state hackers and multinational organized crime groups involved. As examples, there are teams of scammers functioning like call centers in India, and companies specializing in hacking for profit in Turkey. There was a do-it-yourself be-a-scammer software package for sale in Nigeria. State sponsored hackers from North Korea stole bitcoin from a major hub. A building of Russians were busy adding fuel to controversies in social media in comment sections. They enter Europe and the U.S, not through airports, but via the Internet.
</p>
<p>
</p>
<p>
- This brings us back to the question of the role of legislation. As noted above, government is most effective through gathering the parties and promoting standards. On the other hand, how effective can it be to bring a group of foxes together and ask them to adopt standards for protecting chicken coops? Clearly, legislation must define the goal, build in penalties for not achieving it, and require the inclusion of a diverse set of parties in standardization efforts.
+ This brings us back to the question of the role of legislation. As noted above, government is most effective through gathering the parties together and promoting standards. On the other hand, how effective can it be to bring a group of foxes together and ask them to adopt standards for protecting chicken coops? Clearly, legislation must define the goal, build in penalties for not achieving it, and require the inclusion of a diverse set of parties in standardization efforts.
</p>
<p>
E-commerce already brought us a credit card infrastructure. Pornography sites, for example, already limit access through credit card verification. However social media sites, such as Facebook, fear that if they place their services behind a pay wall, it will negatively impact their business.
</p>
- <p>It would not work to have young users to identify. What would have to be done is for all users to identify, then those who identify and are too young, or those who do not identify would be treated differently from those who identify are old enough. Registration would happen once, resulting in an old person certification token placed in the user's <RT-term>wallet</RT-term>, or even better from the point of view of industry, the token would identify the user. Presumably the wallet would be automatically queried via public key cryptography when visiting any website.
+ <p>It would not work to have young users self identify. What would have to be done is for all users to identify, then those who identify and are too young, or those who do not identify, would be treated differently from those who identify and are old enough. Registration would happen once per device, resulting in an 'this is an old person' certification token being placed in the user's <RT-term>wallet</RT-term>, or even better from the point of view of industry, the token would identify the user, then could be used to key databases for storing and retrieving advertising or other profile information on the user. Presumably the wallet would be automatically queried via public key cryptography when visiting any website.
</p>
<p>In summary, we desire to be productive and have a good experience when computing and when online. With this goal in mind, cybersecurity professionals have developed a security stack consisting of the following layers (the first item being the base):
Because sometimes security measures are misconceived, layers overlap, and technology changes quickly, some of the features found on the security stack will be <i>security theater</i>, defined as being measures taken that look protective, satisfy a checklist, or create an impression of safety, but do little to address the underlying threat. Examples include password rotation policies that force users to invent forgettable passwords, CAPTCHAs that waste seconds of human life while machines sail past, and identity checks that verify nothing but a credit card number stolen from the same dark web they claim to fight.
</p>
- <p> The stack is straining under the weight; when things do not go right, the productivity loss has become palpable. This is most apparent to those on the outskirts of our system, the very people who need help to engage, but they are being pushed away. We need simplification, not more layers. Yet, more layers are being called for.
+ <p> As a reader will learn from this white paper, the stack is straining under the weight; when things do not go right, the productivity loss has become palpable. This is most apparent to those on the outskirts of our system, the very people who need help to engage, but they are being pushed away. We need simplification, not more layers. Yet, more layers are being called for. As discussed later in this paper, there is a better alternative course.
</p>
<h1>The garden of golden flowers</h1>
<h2>Observed qualities of golden flower gardens</h2>
<p>For a group to innovate, <RT-term>the contributors must feel comfortable to speak</RT-term>.
-Groups can follow neutral rules of order; however when even a mild amount of intimidation is applied, the required chemistry will be suppressed. Intimidation can be physical coercion, censorship, social pressures, rewards or punishments for certain outcomes, or even something as simple as desiring to be somewhere else.
+Groups can follow neutral rules of order; however when even a mild amount of intimidation is applied, the required chemistry will be suppressed. Intimidation can be physical coercion, censorship, social pressures, rewards or punishments for certain outcomes, attendees desiring to be elsewhere, or something as simple as subtle diversions being injected into discussions.
</p>
<p>
- In addition the following qualities tend to be present in productive groups. These are not requirements, but lacking any one of them drastically lowers the probability of success.
+ The following qualities tend to be present in productive groups. These are not requirements, but lacking any one of them drastically lowers the probability of success.
</p>
<ol>
</li>
<li>
- <RT-term>culture of sincere intent</RT-term> The group’s prevailing mood is that of a genuine desire to reach a better place. This is an emergent property of the group as a whole. A few cynics might even be a positive influence by bringing counterpoint and promoting discussion, while a gadfly, or even a bad-faith actor, if not too overbearing, can be worked around.
+ <RT-term>culture of sincere intent</RT-term> The group’s prevailing mood is that of a genuine desire to reach a better place. This is an emergent property of the group as a whole, and not required of all members. As examples, a cynic who does not set the tone might be a positive influence by bringing counterpoint and promoting discussion, while a gadfly, or even a bad-faith actor, if not too overbearing, can be worked around.
</li>
<li>
</ol>
<p>
-A strange property of our universe is that it is often more difficult to find a solution to a problem, than it is to recognize that a proposed solution works. It is harder to reach into a pile, pull out a peg, and search the board for the right hole, than it is to see that the peg does or does not fit. A well known property of mathematical proofs is that it is more difficult to find a new one, than it is to walk through and check each step. The former is a creative process, while the latter is a mechanical exercise. This is why it is often possible to define a <RT-term>success</RT-term> metric in advance.
+A strange property of our universe is that it is often more difficult to find a solution to a problem, than it is to recognize that a proposed solution works. It is a pattern matching problem that takes some concentration when holding a peg to figure out which hole it should go into, and sometimes the person with the peg gets it wrong, and tries again. In contrast the peg either goes into the hole or it doesn't, some wiggling and rotation might be involved, but it is not a mental puzzle to be solved. A well known property of mathematical proofs is that it is more difficult to find a new one, than it is to walk through and check each step. The former is a creative process, while the latter is a mechanical exercise. This is why it is often possible to define a <RT-term>success</RT-term> metric in advance. For the peg in the hole example, the success metric is that the peg drops in. For the proof example the success metric is that that every step is found to be sound.
</p>
<p>A voting procedure is not a <RT-term>success metric</RT-term>. With voting a count is made of group members’ individual opinions of whether a proposal should be selected. Each member applies their own criteria, which can be subjective. Sometimes a success metric cannot be found or agreed on, and voting might be the best option for the group, but not having a predefined success metric reduces the probability that the group will form a garden of golden flowers.
</p>
- <h2>Cases of security doing harm</h2>
+ <h2>Cases of security used to harm people</h2>
<p>Unenlightened cybersecurity policies can do as much damage to the group dynamic as hackers. This section provides real world examples.</p>
<p>Consider the case of an international bank on the east coast that advertises on their home page that they offer accounts to any American anywhere in the world. This makes good sense as many of their customers are in the military, military people are all over the world, and often times family members do the banking.</p>
- <p>As noted in the introduction, many organized attacks come over the Internet from foreign countries, so some government servers, and company servers will reduce the threat exposure by blocking international traffic. The IT experts at said international bank were doing this exact thing. So one department advertised, ‘from anywhere’ while the IT department had simultaneously blacklisted some countries. Let us call this ‘Snafu 1’.
+ <p>As noted in the introduction, many organized attacks come over the Internet from foreign countries, so some government servers, and company servers, will reduce the threat exposure by blocking international traffic. The IT experts at said international bank were doing this exact thing. So one department advertised, ‘from anywhere’ while the IT department had simultaneously blacklisted some countries. Let us call this ‘Snafu 1’.
</p>
- <p>Sara, an American in a foreign country went to the site, and finding she was blocked, opened a VPN, then signed up for an account. She reasoned that perhaps they required VPN use, as how else would ‘Americans anywhere’ make sense?
+ <p>Sara, an American in a foreign country went to the site, and finding she was blocked, opened a VPN, then filled out an application for an account. She reasoned that perhaps they required VPN use, as how else would ‘Americans anywhere’ make sense?
</p>
<p>But in fact, the bank did not support VPN access, quite the contrary. Let us call this ‘Snafu 2’. Upon logging in again to see the status of her application, the VPN use set off a security alert. She was asked to call to establish her identity.
</p>
<p>
- As a result of the KYC report, Sara’s brokerage sent notice saying they were terminating her account. They returned the funds to the linked account. The broker thought it the most prudent thing to do, as her identity was in question. When she asked why, they said, "by law we are not allowed to say." That is the telltale of a KYC report, as it is true, banks are supposed to keep records on clients and share them with other financial institutions, and they are by law not allowed to tell the clients what is in them. One by one, at other places where Sara had financial accounts, the companies asked her to update her information.
+ As a result of the KYC report, Sara’s brokerage sent notice saying they were terminating her account. They returned the funds to the linked account. The broker thought it the most prudent thing to do, as her identity was in question. When she asked why, they said, "by law we are not allowed to say." That is the telltale of a KYC report, as it is true, banks are supposed to keep records on clients and share them with other financial institutions, and they are by law not allowed to tell the clients what is in them. One by one, the other companies where Sara had financial accounts asked her to update her information.
</p>
- <p>I take as the moral of this story that lawmakers have not taken into account that human beings are realizing the dictates of their legislation, and human beings have good days and bad days. Also, each person was blessed by God with different talents. In some cases a person who was gifted with an analytical mind and went into security was not also gifted with high social IQ. All people, even those still recovering from childhood traumas, have jobs to pay the bills. And all this is modulated by corporate dynamics, which by themselves can be hard on people.
+ <p>Sara's experience demonstrates that lawmakers have not taken into account the fact that human beings are realizing the dictates of their legislation, and human beings have good days and bad days. Also, each person was blessed by God with different talents. In some cases a person who was gifted with an analytical mind and went into security was not also gifted with high social IQ. All people, even those still recovering from childhood traumas, have jobs to pay the bills. And all this is modulated by corporate dynamics, which by themselves can be hard on people.
</p>
- <p>In addition financial institutions now have a contradictory mission. On the one hand they serve customers and investors as a banking entity. On the other hand our government is forcing each of them to be a police agency. The natural result is an organization that does not do either well.
+ <p>In addition financial institutions now have a contradictory mission. On the one hand they serve customers and investors as a banking entity. On the other hand our government is forcing each of them to be a police agency, and as such to view customers with suspicion. The natural result is an organization that does not fulfill either mission well.
</p>
<p>
- The story of Sara is not an isolated incident. Many organizations, in their efforts to protect their systems, inadvertently block legitimate participants, damage trust, and damage golden garden dynamics.
+ Sara's experience is not an isolated incident. Many organizations, in their efforts to provide security are inadvertently blocking legitimate participants, damaging trust, and as a net effect, suppressing the required properties of having a golden garden.
</p>
<h3>GitHub’s "Too Many Requests" block</h3>
<p>
-GitHub is the premier meeting place for collaborating programmers, where they get together, ply their trade, improve by learning from each other, and often produce group intelligence level innovative software, and solutions to problems. GitHub is owned and maintained by Microsoft.
+GitHub is the premier meeting place for collaborating programmers, where they get together, ply their trade, improve by learning from each other, and often produce group intelligence level innovative software. GitHub is owned and maintained by Microsoft.
+</p>
+
+<p>
+ For over a year, GitHub users around the world reported seeing "Too Many Requests" errors during normal, low-volume browsing. Some users experienced attempting to following a link or opening a page, with no pattern of abuse, and yet still being blocked. There was no message saying "you’ve been blocked," so it was unclear to users what was happening. In fact, roughly half a percent of suspicious-fingerprint requests were blocked, and those blocks were absolute. There was no appeal, no explanation, no recourse, only a wall.
</p>
<p>
- For over a year, GitHub users around the world reported seeing "Too Many Requests" errors during normal, low-volume browsing. A person might follow a link or open a page, with no pattern of abuse, and still be blocked. Engineers later discovered the cause. Temporary abuse-mitigation rules that had been added during past emergencies were left in place long after the threats subsided. These rules used composite fingerprinting signals. During a crisis the signals were accurate, but over time they began matching completely legitimate logged-out users. Roughly half a percent of suspicious-fingerprint requests were blocked, and those blocks were absolute. There was no appeal, no explanation, only a wall. GitHub later apologized, noting that emergency controls "don’t age well as threat patterns evolve and legitimate tools and usage change."
+Engineers later discovered the cause. Temporary abuse-mitigation rules that had been added during past emergencies were left in place long after the threats subsided. These rules used composite fingerprinting signals, and over time they began matching completely legitimate logged-out users.
</p>
<p>
- In terms of the garden, every blocked user was a seed that never sprouted. Some were open-source contributors, others researchers, students, or citizens accessing public code. The protections were silent and invisible, there was no message saying "you’ve been blocked," only an error. This is exactly the kind of sludge that pushes legitimate participants out of the commons, and it happens because security was deployed as a fire-and-forget switch, not a tended garden. The qualities of <RT-term>shared minimal basis of understanding</RT-term> and <RT-term>the comfort to speak</RT-term> were undercut: people couldn’t even enter the garden, let alone speak. And this happened on Microsoft’s watch, we aren’t talking about startup struggling to find resources.
+ In terms of the garden, every blocked user was a seed that never sprouted. Some were open-source contributors, others researchers, students, or citizens accessing public code.
</p>
<h3>The Bendigo Bank VPN lockout</h3>
This is a perfect parallel to Sara’s experience. A legitimate customer using a privacy tool was treated as a criminal, subjected to Kafkaesque demands, and ultimately driven away. The bank’s security posture ‘VPN equals suspicious’, therefore ‘VPN equals guilty’ is the opposite of cultivation. It didn’t protect the garden; it salted the soil for anyone who values their privacy. The bank created security theater (virus scan, statutory declaration) that had no actual security value, purely to shift burden and liability. The <RT-term>culture of sincere intent</RT-term> was replaced with suspicion-by-default, and the <RT-term>comfort to speak</RT-term> was crushed.
</p>
-<p>There is another face mismatch case of a perfectly healthy man who works in high-tech not being recognized by ID.me, being initially rejected, and then not allowed to contact a human being there due a requirement of being recognized first, continuing over an 8 year period. The deadlock was finally broken only through the intervention of a Congresswoman.</p>
-
<h3>When the face doesn’t fit</h3>
<p>
This is security by blunt instrument excluding people on the fringes. Literally a camera that decides who looks human enough to participate. The garden loses more than <RT-term>diversity of awareness profiles</RT-term>; it loses entire populations. The facial recognition system was deployed with no consideration for edge cases, no fallback, no human override that respected dignity. It’s the security equivalent of a fence with no gate. And it’s not a hypothetical: real people are being told by machines that their faces don’t qualify. This destroys <RT-term>diversity</RT-term> and <RT-term>comfort to speak</RT-term> before a conversation even begins.
</p>
-<h2>The harm done by byzantine security</h2>
+<p>There is another face mismatch case of a perfectly healthy man who works in high-tech not being recognized by ID.me, being initially rejected, and then not allowed to contact a human being there due a requirement of being recognized first, continuing over an 8 year period. The deadlock was finally broken only through the intervention of a Congresswoman.</p>
+
+
+<h2>Byzantine security</h2>
<p>
The people of the Eastern Roman Empire called themselves Romans. The label "Byzantine" was applied retroactively in 1557 by the German historian Hieronymus Wolf. He needed a term to describe an empire that, over a thousand years, had mutated into a system defined by an impenetrable, suffocating labyrinth of administrative bureaucracy. Today, the word "Byzantine" describes a system so excessively complicated that it becomes hostile to the people navigating it.
</p>
<p>
- When an administration uses extreme complexity, every citizen is inevitably in violation of a rule. What government and the technology industry is building today is the digital equivalent. As the security stack grows to eleven layers and beyond, it creates an architecture of Byzantine security. This is defined as a defensive framework so layered with opaque policies, automated compliance checks, and overlapping authentication demands that it ceases to be a protective barrier and becomes a mechanism of systemic exclusion.
+ When an administration uses extreme complexity, every citizen is inevitably in violation of a rule. What government and the technology industry is building today is the digital equivalent. As the security stack grows to eleven layers and beyond, it creates an architecture of <RT-term>byzantine security</RT-term>. This is defined as a defensive framework so layered with opaque policies, automated compliance checks, and overlapping authentication demands that it ceases to be a protective barrier and becomes a mechanism of systemic exclusion.
+</p>
+
+<p>
+ As systems become more complex they keep out everybody, hence the architects of byzantine security systems can, and do, brag having kept out the bad guys. Further, bureaucrats who work for years within a byzantine system become to sole purveys of knowledge, and they are empowered by this.
</p>
<p>
- The negative consequence of Byzantine security is the creation of a digital underclass. Those who cannot perfectly navigate the eleven layers of the stack are pushed to the outskirts of the network. They are silently exiled, their accounts locked, and their communications severed. When a system prioritizes an impenetrable checklist of security theater over human usability, it methodically sterilizes the network, deliberately cutting off the very group intelligence that makes the system valuable in the first place.
+ The negative consequence of <RT-term>byzantine security</RT-term> is the creation of a digital underclass. Those who cannot perfectly navigate the eleven layers of the stack are pushed to the outskirts of the network. They are silently exiled as their accounts are locked, and their communications with the system are severed. When a system prioritizes an impenetrable checklist of security theater over human usability, it methodically sterilizes the network, deliberately cutting off the very group intelligence that makes the system valuable in the first place.
</p>
+
<h1>How experts think about safety</h1>
<h2>Linear risk</h2>
</RT-math>
<p>
- Here <RT-math>t<sub>i</sub></RT-math> is the probability of the event and <RT-math>c<sub>i</sub></RT-math> is the cost. As an example, consider that there is a 0.2 probability that a person forgot their password, and it will cost 900 seconds to recover it. (Here 0.2 is 20%, 1 out of 5 times). There is a 0.1 probability that a person made a typo in the user name which results in 45 seconds of time to figure out. There is a 0.3 probability that a person will type the password wrong, costing 15 seconds. There is a 0.05 probability that a person will get the password wrong 3 times and be locked out for a day, and thus a 0.65 chance that they type it correctly, taking 5 seconds to log in.
+ Here <RT-math>t<sub>i</sub></RT-math> is the probability of the event and <RT-math>c<sub>i</sub></RT-math> is the cost. As an example, consider that there is a 0.2 probability that a person forgot their password, and it will cost 900 seconds to recover it. (Here 0.2 is 20%, 1 out of 5 times). There is a 0.1 probability that a person made a typo in the user name which results in 45 seconds of time to figure out. There is a 0.3 probability that a person will type the password wrong, costing 15 seconds. There is a 0.05 probability that a person will get the password wrong 3 times and be locked out for a day, and thus leaving a 0.65 chance that they type it correctly, taking 5 seconds to log in.
</p>
<RT-math>
</p>
<p>
- Cybersecurity engineers almost always base their cost estimates on the normal mode time, here 5 seconds, rather than the actual expected cost, here 4334 seconds.
+ Cybersecurity engineers almost always base their cost estimates on the normal mode time, here 5 seconds, rather than the actual expected cost, here 4334 seconds. This gives decision makers a skewed picture of the actual situation.
</p>
<p>
- If this login model is implemented across millions of people, a person would hope the company is protecting more than the aggregate login cost per user, otherwise they are costing users more than the value they hold on the system. However, as normal mode times are being used, this is what is happening.
+ If this login model is implemented across millions of people, a person would hope the company is protecting more than the aggregate login cost per user, otherwise they are costing users more than the value they hold on the system. And indeed as normal mode times are being used, they are indeed costing users time and money.
</p>
<h2>Catastrophic failure</h2>
</p>
<RT-math>
- P = 1 - Π (1 - p(t<sub>i</sub>))
+ C = 1 - Π (1 - t<sub>i</sub>)
</RT-math>
<p>
- Here <RT-math>p(t<sub>i</sub>)</RT-math> again represents the probability that a specific failure <RT-math>t<sub>i</sub></RT-math> could happen. <RT-math>P</RT-math> is then the probability that the system will fail due to any one of the independent parts <RT-math>t<sub>i</sub></RT-math> failing. The symbol Π means to take the product.
+ Here <RT-math>t<sub>i</sub></RT-math> again represents the probability that a specific failure <RT-math>t<sub>i</sub></RT-math> could happen. <RT-math>C</RT-math> is then the probability that the system will have a catastrophic failure due to any one of the independent parts <RT-math>t<sub>i</sub></RT-math> failing. The symbol Π means to take the product.
</p>
<p>
- As an example, consider a small business where a Wi-Fi password gets guessed with probability <RT-math>p(t<sub>1</sub>) = 0.02</RT-math>, the manager clicks a scam email with probability <RT-math>p(t<sub>2</sub>) = 0.10</RT-math>, and a thief sneaks into the back room with probability <RT-math>p(t<sub>3</sub>) = 0.01</RT-math>.
+ As an example, consider a small business where a Wi-Fi password gets guessed with probability <RT-math>t<sub>1</sub> = 0.02</RT-math>, the manager clicks a scam email with probability <RT-math>t<sub>2</sub> = 0.10</RT-math>, and a thief sneaks into the back room with probability <RT-math>t<sub>3</sub> = 0.01</RT-math>.
</p>
<RT-math>
- P = 1 - (1 - 0.02)(1 - 0.10)(1 - 0.01)
- P = 0.13
+ C = 1 - (1 - 0.02)(1 - 0.10)(1 - 0.01)
+ C = 0.13
</RT-math>
<p>
There is a 13% probability that the system will be compromised. That is far higher than would normally be tolerated for a catastrophic risk. Here the biggest contributor was the human variable.
</p>
<p>
- This is called the failure equation. Notice that it scales exponentially with the number of terms, making it disproportionately more difficult to drive the total failure rate down as systems grow more complex. For a small, simple computer system it is possible to reach <RT-math>P = 0</RT-math>, but even then it is exceedingly difficult and expensive to do so, and in most cases few experts would believe it had actually been achieved. When it comes to security, small and simple is not only beautiful, it is the only hope.
+ This is known as the failure equation, and what we did here is called failure analysis. Notice that the equation scales exponentially with the number of product terms, making it disproportionately more difficult to drive the probability of system failure into very law numbers as the system grows more complex. For a small, simple computer system it is possible to reach <RT-math>C = 0</RT-math>, but this is exceedingly difficult and expensive to do, and in most cases few experts would believe it had actually been achieved. When it comes to security, small and simple is not only beautiful, it is the only hope.
</p>
<p>
- The scenario of small and simple is unlikely to be found for a system that serves the general public. Most security engineers simply implement existing protocols. Those protocols use algorithms that we assume to be formally proven to be correct, although that is often not the case, and it is certainly not the case for common algorithms used on the Internet. Even for correct security protocols that are correctly implemented, hackers have consistently found physical ways to vary timing, monitor power consumption, or grind the tops off chips to break into systems.
+ A stack of 11 interacting complex security protocols is neither small nor simple. Most systems engineers pull existing software off the shelf and stack it up. Those protocols use algorithms that we assume to be formally proven to be correct, although that is often not the case, and it is certainly not the case for common algorithms used with the Internet. Even for correct security protocols that are correctly implemented, hackers have consistently found creative ways to get around them, in cases by varying timing, monitoring power consumption, or grinding the tops off chips.
</p>
<h2>The role of perspective</h2>
It is typical that fraud cases act as linear risk failures from a credit card company's point of view, as they statically plan for some fraud to occur every year. However, those exact same risks are viewed as a catastrophic failure from the individual card holder's point of view. The entire purpose of insurance is to put card holders into the same boat as their card companies.
</p>
<p>
- Computer security is almost always treated as an uninsured catastrophic risk situation. There is typically no contract with users, and legally there sometimes can be no contract, to make up for losses after a security lapse.
+ Computer security is almost always treated as an uninsured catastrophic risk situation. There is typically no contract with users to make up for losses after a security lapse.
</p>
<h2>Dynamic risk profiles</h2>
In computer security, a single failure acts as a contagion rather than an isolated event; it spreads like a disease. It is assumed that once an attacker has figured out a way in, the attacker will scale that solution mechanically or sell it on the dark web. Consequently, once a failure occurs, the catastrophic failure equation changes, with a near 100% probability of repeat for the failure term.
</p>
- <h2>The security paradox</h2>
- <p>
- Most security systems are breakable or bypassable in the face of extreme innovation and effort. Once broken, an organization starts adding layers of friction on its way to the Marianas Trench.
- </p>
- <p>
- Good-intentioned users do not expend effort to break systems. In contrast, bad actors do. Thus, the trend over time is for security to severely hurt the productivity of good people, while bad actors make use of hard-won know-how to easily bypass it.
- </p>
-
<h1>Emergent properties from secure systems</h1>
<h2>The Marianas Trench paradigm</h2>
Security fixes are often difficult to apply because an insecure system has a high probability of having become compromised. Patching a system that has a backdoor installed on it will result in a patched system with a backdoor. If data has been stolen, no patch can take the stolen data out of the hands of those who took it. Furthermore, customer support can typically do little or nothing, as security features often cannot be turned off.
</p>
- <h2>Engineers build things, leaders provide vision</h2>
-
- <h3>The biometric fallacy</h3>
+ <h2>The security paradox</h2>
<p>
- The startup Pay By Touch incinerated $130 million on the premise that fingerprints are passwords. Yet sounding like a cool tech was enough to command a lot of funding.
+ Most security systems are breakable or bypassable in the face of extreme innovation and effort applied over a long period of time. Also, with time, built in bugs tend to be discovered, and new ones tend to accidentally inserted with updates.
</p>
<p>
- The physical reality: A person leaves their "password" on every water glass, door handle, and table they touch. Security engineers design to specifications and can lose sight of the forest for the trees. They can build a mathematically perfect verification algorithm while remaining structurally blind to the physical reality that the "secret" is being left on a restaurant table. Leaders provide common sense vision. If a person is a leader, they should not be afraid to ask questions about the base metrics of performance and expect answers that they understand.
+ Good-intentioned users do not expend effort to break systems. In contrast, bad actors do.
</p>
- <h3>The technician's crouch</h3>
- <p>
- In 1996, at a presentation to the SBC board, a man proposed a smartphone technology investment. One of the board members invited their "tech guy" to "interpret." Feeling his expertise was being challenged, the technician argued defensively that phone switches were the future and smartphones were a fad, merely because switches were what he understood. Two years later, the switch-centric giants like Nortel went into bankruptcy, and the world moved to the smartphone.
+ <p> Consequently the trend over time is for security to severely hurt the productivity of good people, while bad actors make use of hard-won know-how to easily bypass it.
</p>
- <p>
- Technicians optimize for the survival of their current tools and silos. They are rarely big-picture visionaries. Lawmakers must trust their common-sense judgment, and expect entrenched technology interests to propose further entrenchment. The goal is structural architectural integrity for the economy, rather than adding more layers that make life difficult for a person.
+
+ <h2>The primrose path</h2>
+
+ <p>When an security fails for an organization, the tendency is to add weight or complexity to that same protocol. The new additions then must be secured. This process eventually leads to the Mariana Trench, which is at the end of the primrose path.</p>
+
+ <p>Consider the example from the introduction. Users reasonably chose simple memorable passwords so they wouldn't chance the high cost of forgetting a password and being blocked from working. Then instead of questioning the protocol, security engineers responded by adding password check filters that forced users to use even longer harder to remember passwords. When, that that didn't work out well, password managers were added. But that created the issue of securing the password manager. This usually involves public key cryptography, and special operating system features. These features then must be tested and maintained. But how is the maintenance to be done? If anyone can post an update to a password manager, then the password manager will not be secure. Hence, there must be a secure update system with special features for sensitive software. But the updates system is part of a larger problem of administering a network of computers. Grab a thread at any part of that chain, and pull on it, and the whole of it becomes unraveled.
</p>
- <h1>The coming security apocalypse</h1>
- <h2>The writing on the wall: public key cryptography is doomed</h2>
+ <h2>Where is the commonsense?</h2>
+
+ <h3>The biometric fallacy</h3>
<p>
- All security today is built over communications that are secured by public key cryptography. There is no formal proof for any public key cryptography algorithm in use today that demonstrates at a computation theoretical level it actually works.
+ The startup Pay By Touch incinerated $130 million on the premise that fingerprints are passwords. Sounding like a cool tech was enough to command a lot of funding, and more came after that.
</p>
- <p>
- Thus, catastrophic failure could arrive at any hour, and then all security on the Internet, current ID schemes, bitcoin, etc. would be broken. This lack of proof problem speaks to public key cryptography at the most fundamental level, and thus applies to existing hardware, software, and systems.
+
+ <p>If a fingerprint is a password, then a person leaves their "password" on every water glass, door handle, and table they touch. How is was that supposed to work?
</p>
- <p>
- The above analysis is the situation today independent of quantum computing. That is another kettle of fish. When quantum computing comes online, Shor’s algorithm will break all of public key cryptography, proven or not. What are legislators planning to do, take police authority over all quantum computers?
+
+ <p>I hope readers will think about this, especially the non-technical among you. There is expensive important lesson here. There is a place for commonsense in security discussions. Investors and legislators alike should not fear asking commonsense questions, and getting answers back that they can understand.
</p>
- <h2>Biometrics are security theater</h2>
+ <p>Ok, so fingerprints are not a great idea, so we should move to faces?
+ </p>
+
+ <h3>Building to spec versus envisioning the future</h3>
<p>
- Fingerprints are left on door knobs and glasses. A fingerprint cannot be used as a secure password. Our faces are shown in public and in modern times are captured by cameras in buildings, on street corners, through the front windshield when we drive under traffic cameras, and by anyone who gets within a few hundred meters and can take a snapshot.
+ In 1996, at a presentation to the SBC board, a man proposed a smartphone technology investment. One of the board members invited their "tech guy" to "interpret." Feeling his expertise was being challenged, the technician argued defensively that phone switches were the future and smartphones were a fad, merely because switches were what he understood. Two years later, the switch-centric giants like Nortel went into bankruptcy, and the world moved to the smartphone.
</p>
<p>
- Generative AI is already a reality and a practical technology. With generative AI a signal with a life-like model can be created and given to a computer in place of a camera output. Today there is no long-term secure biometric system.
+ Technicians know how to build to spec, the good ones are good at it. Of course everyone reads the tech sections of news, and see a lot of exciting things coming. However, that does not make them into big-picture visionaries. Lawmakers must trust their common-sense judgment, and expect entrenched technology interests to propose further entrenchment. The goal is structural architectural integrity for the economy, rather than adding more layers that make life difficult for a person.
</p>
- <h1>Why do we want to ID computer users</h1>
+
+
+<h1>The coming security apocolypse</h1>
+
+<h2>Public key cryptography: a house built on sand</h2>
+<p>
+ Almost all security today is built over communications that are secured by public key cryptography, specifically relying on algorithms like RSA and Elliptic Curve Cryptography (ECC). However, there is a unadvertised disturbing fact: there is no formal computation-theoretic proof that these systems actually work.
+</p>
+<p>
+ These legacy systems rely on <RT-term>trapdoor functions</RT-term>—mathematical operations that are easy to perform in one direction but assumed to be impossibly hard to reverse without a key. Yet, there is no proof that a computationally reasonable inverse function (a polynomial time algorithm) does not exist for these specific problems. The security of the global digital economy rests entirely on the assumption that because no one has publicly found a fast way to reverse these functions, that no such method exists. If a person, or a state intelligence agency, discovers such a mathematical shortcut, the trapdoor vanishes, and then ssh, bitcoin, network privacy, are instantly broken.
+</p>
+<p>
+ This catastrophic fragility exists independent of quantum computing. However, when large-scale quantum computing comes online, Shor’s algorithm will mathematically annihilate the integer factorization and discrete logarithm problems that underpin RSA and ECC. While the industry is attempting a massive, highly vulnerable migration to <RT-term>Post-Quantum Cryptography</RT-term> (such as hash-based or lattice-based algorithms) to survive Shor's algorithm, the transition itself introduces immense new attack vectors and maintenance burdens to an already overloaded security stack.
+</p>
+
+<h2>Biometrics are security theater</h2>
+
+<p>
+ The fundamental architectural error of biometric security is treating a public biological identifier as a private cryptographic key. A password is a secret; a face or a fingerprint is a public broadcast. We leave our fingerprints on every doorknob and glass we touch. Our faces are captured continuously by security cameras, traffic systems, and anyone with a smartphone who walks within fifty meters of us. Using a public attribute to lock a private system is the definition of security theater.
+</p>
+
+<p>
+ Unlike a password, which is mathematically deterministic—meaning it is entirely correct or entirely incorrect—biometric authentication is probabilistic. The hardware takes a noisy biological sample and makes a statistical guess as to whether it matches a stored template within an acceptable confidence interval. Because it is a guess, the system will inevitably generate false negatives. When a deterministic password fails, a person can type it again. When a probabilistic biometric system decides a person does not match their own face—as happens frequently to people with facial differences or aging features—it creates an unresolvable administrative deadlock. The person is digitally exiled by an algorithm making a bad guess.
+</p>
+
+<p>
+ The technology industry claims that sensors will improve to fix these error rates, sometimes proposing invasive alternatives like retina scans to guarantee identity. However, this ignores the fatal structural flaw of remote authentication. Over the Internet, a server does not authenticate a physical face or a physical eye; it authenticates a digital signal sent from a remote device.
+</p>
+
+<p>
+ Generative AI has already rendered this security paradigm obsolete. An attacker does not need to resort to physical violence to steal a fingerprint or an eyeball. With practical, off-the-shelf generative AI, a highly accurate, life-like synthetic model can be created and injected directly into the data stream, acting as a virtual camera or a virtual fingerprint reader. The server receives a mathematically perfect biometric signal, bypassing the physical sensor entirely. Consequently, there is no long-term viability for any remote biometric security system.
+</p>
+
+
+
+ <h1>Why we want to ID people</h1>
<h2>Policing money</h2>
<p>
A product of the 1970s War on Drugs. To stop the outflow of illicit payments, the state began monitoring the movement of value. This transformed the bank from a private vault into a state monitoring station. All money being transferred had to have a name attached to it.
</p>
- <h2>Citizenship-based taxation (CBT)</h2>
- <p>
- The United States is one of only two nations that utilizes Citizenship-Based Taxation (CBT) instead of Residency-Based Taxation (RBT). Because the IRS must track every dollar a citizen touches globally, the US is the lead architect of the global financial "Phone Home" system. This requires every bank on the planet to report on American dealings (FATCA).
- </p>
- <p>
- This structural requirement is the hidden driver for an interoperable, global digital ID. Every dollar holder is now a suspected of being a money launderer, a drug dealer, or a tax-evading "sneak." In a CBT world, the source and identity of the money are more important to the state than the payment itself. We secure the portal to pay taxes, not because the account holder wants to prevent others from paying his or her taxes, but rather because the government needs to know where the money came from.
- </p>
-
- <h2>Individual revenue taxation</h2>
-
+ <h2>Database stability</h2>
- <h2>At the critical point before instability</h2>
- <p>Earlier in this white paper, I mentioned the Stasi, who had files on one third of East German citizens. Civics teachers used to present that fact as though it were horrific, but it is child's play relative to the amount of documentation we are keeping on U.S. citizens today.
+ <p>Our civics teachers lamented that the East German Stasi had files on a third of all citizens. That is child's play relative to the amount of documentation we are keeping on U.S. citizens today.
</p>
<p>
<td>Corporate submissions, quarterly/annual financial filings.</td>
<td>Publicly exposes the financial footprints and corporate affiliations of executives and major shareholders.</td>
</tr>
+ <tr>
+ <td>Fusion Centers (DHS / Local / Private)</td>
+ <td>Suspicious Activity Reports (SARs), social media scraping, ALPR (license plate) logs, and bridged commercial data.</td>
+ <td>The ultimate "Aggregation Sinkhole." Operates in a jurisdictional gray area to fuse local policing with federal intelligence, transforming unverified legal behavior into permanent, shared threat profiles.</td>
+ </tr>
+ <tr><td colspan="3"><hr></td></tr>
</tbody>
</table>
</table>
<p>
- Monotonic failure: each database is a honeypot, and once data is stolen, the damage cannot be undone. The KYC/Fraud database point is particularly chilling for a Congressional briefing because it highlights a system where the citizen has zero due process, they are judged, convicted, and digitally exiled by a black box they have zero permission to look inside.
+ Note, that each of these databases is a honeypot, and once data is stolen, the damage cannot be undone. The KYC/Fraud database point is particularly chilling because it highlights a system where the citizen has zero due process. A bureaucrat can judge, convict, and digitally exile a person using a database that the person has zero permission to look inside.
+ </p>
+
+ <h2>Citizenship-based taxation (CBT)</h2>
+ <p>
+ The United States is one of only two nations that utilizes Citizenship-Based Taxation (CBT) instead of Residency-Based Taxation (RBT). Because the IRS must track every dollar a citizen touches globally, the U.S. is the lead architect of the global financial "Phone Home" system. This requires every bank on the planet to report on American dealings (FATCA).
+ </p>
+ <p>
+ This structural requirement is the hidden driver for an interoperable, global digital ID. Every dollar holder is now a suspected of being a money launderer, a drug dealer, or a tax-evading "sneak." In a CBT world, the source and identity of the money are more important to the state than the payment itself. We secure the portal to pay taxes, not because the account holder wants to prevent others from paying his or her taxes, but rather because the government needs to know where the money came from.
+ </p>
+
+ <h2>Individual revenue taxation</h2>
+
+ <p>For a nation to tax an citizens' and residents' income, they must be able to verify what that income is. Initially this was done by having companies and contracting entities to report salaries and contract amounts to the IRS, a copy of that report is sent to the individual, and the individual must also send his copy to the IRS, so that the IRS can also verify the sent the report.
+ </p>
+
+ <p>Now that the government polices money, they are able to see financial transactions at banks. In theory this could replace the old system, but instead both are done. Any descrepencies are then used as signals for triggering audits.
+ </p>
+
+ <p>Each person is then given a tax account. This tax account is accessible online. The digital ID then ties all of this together. Note that the each individual has a social security number, and those numbers are used to key database records, but they lack the security and privacy required to be used as an ID.
+ </p>
+
+ <p>The next step for this system appears to be that of central bank digital currencies, where every transaction is an SQL command on a database. The government would then, in theory, have awareness of all transactions, and the capability to force their own transactions.
</p>
<h2>International scammers</h2>
Though we police money internationally, to the great consternation of out of jurisdiction banks, many of whom will no longer serve Americans, quizzically we take no enforcement action on international scammers who steal from our senior citizens through phone calls and spam mail. Russian hackers who were found creating conflict on the Internet. By IDing those on the Internet, we can deny access and prevent bad actors from entering the ecosystem in the first place.
</p>
- <h1>Current ID efforts</h1>
+ <h2>Public no longer means <em>public</em></h2>
+
+ <p>When a person logs into a server, the user name, prior provided credit card information if any, and user preferences determine how the server will interact with the user. But this is not the complete picture, rather how does a server decide who is allowed to sign up for an account in the first place?
+ </p>
+
+ <p>Up to this point in time commercial servers on the Internet have been open to the public, with few refinements to this. A person goes to Google, does a search, finds a server offering the services he or she wants, clicks the link, then opens an account. Within the limits of paid tiers of services, once opened, any account presents the same dashboard and options as any other account.
+ </p>
+
+ <p>
+ Profiling for targeted advertising is one of the refinements. In this case, different people are shown different ads based on their profiles. A shopping site might lead off with different entry points into their catalog. The catalog will be the same for everyone, but they want to help you find things in it more easily. This is accomplished by profiling users and selling that data to data brokers, who then collate the data, and selling it back to marketing firms who generate targeted ads.
+ </p>
+
+ <p>
+ Another refinement is for regions. A person who travels often probably doesn't even like this refinement, but sites accessed from different regions might come up in different languages, have different currency settings, and have region specific catalogs. This is accomplished by checking the IP address of the client who accesses the server, and then looking that IP address in a geolocation database.
+ </p>
+
+ <p>
+ The next step down the primrose path was to use the features for automatically selecting a clients region to enforce regional taxation laws on clients. This is important now that so much commerce has moved to the Internet. Another factor is that heavily indebted nations are highly concerned not to miss out on taxes as they need the revenue. Hence, many commercial servers will enforce the use of only credit cards and contact information that matches the region setting. Thus, a exchange student in France will be blocked from paying for a gift for his mother in the United States if he tries to pay for it with a U.S. credit card. PayPal will not allow a person with a U.S. telephone number to use a French credit card to buy boots from specialist boot maker in Columbia. Etc.
+ </p>
+
+ <p>We are now being asked to take this one step further. We want websites to differentiate service depending on the age of the person who requests an account, separately from the credit card system.</p>
+
+ <h2>The fear: digital authoritarianism</h2>
+
+ <p>
+ Historically, authoritarian regimes maintained control through physical violence and the direct intimidation of the individual. In a society where participation in the economy, discourse, and basic civic life is gated by digital systems, control can instead be achieved entirely in the digital domain.
+ </p>
+
+ <p>
+ Digital identity and centralized infrastructure provide the state, and its corporate proxies, the power of <RT-neologism>digital exile</RT-neologism>. An observer can already see the precursors to this phenomenon in recent history, where infrastructural chokepoints were used to enforce compliance and silence dissent.
+ </p>
+
+ <p>
+ Consider the freezing of bank accounts during the Canadian trucker protests. This event demonstrated a centralized authority using the digital financial infrastructure to deny people the ability to participate in the economy. Similarly, in the United States, Operation Choke Point saw the Department of Justice pressure financial institutions to cut off services to specific, entirely legal industries that the administration found politically unfavorable. Banks, fearing regulatory audits, closed the accounts of these businesses, enforcing a digital exile without legislative due process.
+ </p>
- <h2>Base categorizations of ID technology</h2>
+ <p>
+ Crucially, this power is also exercised directly by corporate entities through digital domination. In 2022, PayPal introduced an update to its Acceptable Use Policy that explicitly granted the company permission to debit $2,500 directly from a user's account if the company determined a person was spreading misinformation. Though retracted after public backlash, it demonstrates the technical capability and the corporate willingness to automatically penalize speech using financial infrastructure.
+ </p>
+
+ <p>
+ This corporate gatekeeping extends to complete financial excommunication. In 2023, British politician Nigel Farage had his accounts closed by Coutts bank. Internal documents later revealed the institution closed his accounts because his political views did not align with their "corporate values", a concept not normally associated with corporations. A high-profile individual was financially exiled by a centralized institution specifically because of his social and political speech.
+ </p>
+
+ <p>
+ This raises a fundamental question. Is authoritarianism abhorrent merely because of the use of violence? Or is the totalizing level of control it exerts the true danger, and violence an abhorrent means? Now there is a new means. As a person adds layers to the security stack, the architecture risks facilitating a <RT-term>digital authoritarianism</RT-term>. As with its violent analog, it covers the garden of golden flowers with a killing frost.
+ </p>
+
+
+
+ <h1>Evolution of ID technology</h1>
+ <p>
+ Based on concepts of bureaucracy, mandated expense, and the biometric fallacy, we are looking at Dante's 7 Levels of ID Heck:
+ </p>
+ <ul>
+ <li><strong>Stage 1: The Bureaucratic Number (The Card)</strong> - Dehumanization through serialization. Every human is reduced to a state-issued number; the fake ID industry becomes the only "free market."</li>
+ <li><strong>Stage 2: The Mandated Shackle (The Smartphone)</strong> - The first government-mandated capital expense. Forcing citizens to pay for a commercial product to exist in society. The "Corporate Smartphone" (Mic/Camera/GPS) ends privacy.</li>
+ <li><strong>Stage 3: The Biological Theft (The Biometric)</strong> - Treating a biological "username" as a "password." Security theater. A person leaves their physical "password" on a coffee cup or a door handle.</li>
+ <li><strong>Stage 4: The Aggregation Sinkhole (The Database Explosion)</strong> - Convergence of all state and commercial human data. The "Aggregation Force" creates a single point of failure for a person's entire life.</li>
+ <li><strong>Stage 5: The Algorithmic Gatekeeper (The Profiling)</strong> - Automated "Evil Thought" detection. Using the ID as a key for age-gating and "child safety" (California model).</li>
+ <li><strong>Stage 6: The Interoperable Web (The Global Wallet)</strong> - The end of jurisdictional escape. EU/UK cross-border standards. If a person is banned in one place, they are invisible in all.</li>
+ <li><strong>Stage 7: The Digital Exile (The Marianas Trench)</strong> - Total disconnection from the "Right to Exist." De-banking and removal from the digital society. The "Attractor" is reached: a system so secure that even the rightful owner cannot access their life.</li>
+ </ul>
+
+ <h1>Current digital ID efforts</h1>
+
+ <h2>Technonlogy catagories</h2>
<table>
<thead>
<tr>
</tbody>
</table>
- <h2>State sanctioned ID efforts</h2>
+ <h2>State sanctioned efforts</h2>
<table>
<thead>
<tr>
<tr><td colspan="4"><hr></td></tr>
<tr>
<td>Apple/Google Wallets (mDL)</td>
- <td>US (General)</td>
+ <td>U.S. (General)</td>
<td>Public Key (SE)</td>
<td>The Mandated Shackle. Gives Silicon Valley monopoly control. Vulnerable to supply chain hardware attacks.</td>
</tr>
</tbody>
</table>
- <h1>A house built on sand</h1>
<p>
- Every one of these technologies collapses under the scenario where identity is proven via credential data that can be observed and duplicated, because any system relying on a replicable digital signal structurally fails to distinguish a legitimate human being from a perfect mathematical or physical simulation.
+ Proponents of these initiatives routinely assure the public that the data will be secured by advanced encryption and strict access controls. However, architectural history proves that when a state centralizes identity, it creates an irresistible honeypot. Catastrophic failure has occurred in virtually every jurisdiction attempting to mandate digital IDs:
</p>
+
+ <ul>
+ <li>
+ India's Aadhaar system is the ultimate realization of Stage 4. As the world's largest biometric database, it has suffered massive data leaks, while simultaneously excluding the poorest citizens from food rations because manual labor wears off their physical fingerprints.
+ </li>
+ <li>
+ <strong>The Biometric Theft (United States, 2015):</strong> Attackers breached the U.S. Office of Personnel Management and stole 5.6 million digital fingerprints. This highlights the fatal flaw of biometric security. If a password is stolen, a person changes it. If a state database loses a citizen's fingerprint, that credential is permanently compromised.
+ </li>
+ <li>
+ <strong>The Interoperability Failure (Argentina, 2021):</strong> The National Registry of Persons (RENAPER) was breached when an attacker compromised a single remote VPN account at the Ministry of Health. By exploiting the interoperability between state departments, the attacker walked away with the ID photos and addresses of 45 million citizens.
+ </li>
+ <li>
+ <strong>The Aggregation Sinkhole (Taiwan, 2022):</strong> The complete household registration data of 23.5 million citizens appeared for sale on a cybercrime forum, proving that aggregating the population into a central registry guarantees total exposure upon failure.
+ </li>
+ <li>
+ <strong>The Cryptographic Collapse (Estonia, 2017):</strong> A mathematical vulnerability in the physical microchips of Estonia's mandatory e-ID cards allowed attackers to calculate private keys from public keys. The state had to instantly freeze 760,000 cards, digitally exiling a massive portion of the population from their own bank accounts and medical records overnight.
+ </li>
+ </ul>
+
+
+<h1>Proposed legislation</h1>
<p>
- Even Public Key Infrastructure (PKI) falls victim to this structural failure because it merely replaces a physical secret with a mathematical one, while still transmitting the proof across the same channel as the data. Possession does not equal identity: A public key system proves that a person possesses a private key; it does not prove who that person is. If an attacker uses a memory injection to scrape a private key or intercepts the signing process, the resulting bit-stream is mathematically perfect.
+ The following bills represent the current trajectory of federally funded digital identity infrastructure, alongside legislative counter-efforts. When viewed through the lens of architectural security and historical failure, these proposals highlight the ongoing tension between expanding the security stack and preserving civil liberties.
</p>
+
+ <h2>Expanding the infrastructure</h2>
+
+ <h3>The Stop Identity Fraud and Identity Theft Act (H.R. 7270)</h3>
+ <ul>
+ <li><strong>Links:</strong>
+ <a href="https://www.congress.gov/bill/119th-congress/house-bill/7270/text">H.R. 7270</a></li>
+ <li><strong>Overview:</strong> Introduced in early 2026, this bill creates federal grant programs to incentivize states to adopt NIST-compliant digital IDs and modernize identity systems, ostensibly to combat fraud and deepfakes.</li>
+ <li><strong>Architectural Critique:</strong> While the bill's sponsors emphasize that adoption is "voluntary," historical precedent shows that voluntary compliance in security protocols rapidly becomes mandatory to participate in the economy. This legislation directly funds the transition from <em>Stage 1 (The Bureaucratic Number)</em> to <em>Stage 2 (The Mandated Shackle)</em> by encouraging mobile driver's licenses (mDLs). As established earlier, this exacerbates the <RT-neologism>digital exile</RT-neologism> problem; those who cannot perfectly navigate or afford these new digital layers will be treated with suspicion by default and pushed to the outskirts of the network. Furthermore, treating deepfakes with more digital ID ignores the fundamental vulnerability that remote biometrics are inherently <RT-term>security theater</RT-term> vulnerable to AI injection.</li>
+ </ul>
+
+<!--
+The National Institute of Standards and Technology (NIST) was directed in the CHIPS and Science Act of 2022 to launch new work to develop a framework of common definitions and voluntary guidance for digital identity management systems, including identity and attribute validation services provided by Federal, State, and local governments, and work is underway at NIST to create this guidance. However, State and local agencies lack resources to implement this new guidance, and if this does not change, it will take decades to harden deficiencies in identity infrastructure.
+
+
+(A) develop digital versions of driver’s licenses and other identity credentials that comply with the guidelines for identity and attribute validation services developed by the National Institute of Standards and Technology under section 504 of the Cybersecurity Enhancement Act of 2014;
+
+(B) protect the privacy and security of individuals, including guarding against “deepfake” attacks powered by artificial intelligence;
+
+(C) catalyze the development, deployment, and use of more resilient, interoperable solutions Americans can use to protect and assert their identity online;
+
+(D) reduce identity theft and fraud by replacing legacy identity systems that are highly vulnerable to attack from organized criminals and hostile nation-states with more robust solutions that can defeat these attacks;
+
+(E) ensure the integrity of Government benefit programs paid through the Department of the Treasury;
+
+(F) protect the United States financial system from abuse by illicit actors; and
+
+(G) enable more trusted transactions online.
+
+-->
+
+
+ <h3>Improving Digital Identity Act (S. 884 / H.R. 4258)</h3>
+ <ul>
+ <li><strong>Links:</strong> <a href="https://www.congress.gov/bill/118th-congress/senate-bill/884">S. 884</a></li>
+ <li><strong>Overview:</strong> A persistent foundational bill that establishes an interagency task force to develop a nationwide, interoperable digital identity architecture, coordinating federal, state, and private-sector efforts.</li>
+ <li><strong>Architectural Critique:</strong> This bill is the legislative blueprint for <em>Stage 4: The Aggregation Sinkhole</em>. By mandating interoperability across state and private sectors, it guarantees that a single point of failure compromises a person's entire digital existence. If a citizen is flagged by an opaque algorithmic risk assessment—similar to the Bendigo Bank VPN lockout—an interoperable system ensures that the lockout propagates across all federal and state services. It constructs the ultimate <RT-term>byzantine security</RT-term> labyrinth.</li>
+ </ul>
+
+ <h3>Emerging Digital Identity Ecosystem Report Act (H.R. 1925 / H.R. 8658)</h3>
+ <ul>
+ <li><strong>Links:</strong> <a href="https://www.congress.gov/bill/119th-congress/house-bill/1925">H.R. 1925</a></li>
+ <li><strong>Overview:</strong> Directs the Transportation Security Administration (TSA) to report to Congress on digital identity ecosystems and their homeland security value in the transportation sector.</li>
+ <li><strong>Architectural Critique:</strong> This bill pushes digital identity into physical transportation, fusing the digital security stack with the fundamental freedom of movement. Relying on digital ecosystems at checkpoints inevitably forces the adoption of remote biometrics and facial recognition. As noted in the case of Autumn Gardiner, probabilistic facial matching inevitably creates unresolvable administrative deadlocks for minorities and those with facial differences. Tying travel to this flawed architecture guarantees physical exile driven by algorithmic error.</li>
+ </ul>
+
+ <h2>Counter-Legislation: Limiting the security stack</h2>
<p>
- The server has no capability to distinguish between the rightful owner and a thief because the "signal" of identity is merely another string of data bundled with the transaction. Because current architectures mix control signals and data, a person's "identity" becomes observable to the system itself. If the math can be seen, it can be simulated.
+ Not all legislation seeks to deepen the <RT-term>Marianas Trench paradigm</RT-term>. A counter-movement has emerged that aligns closely with the principles of structural elimination of security dependencies:
</p>
- <h1>Evolution of ID technology</h1>
+ <h3>Biometric ID Database Ban (H.R. 3693)</h3>
+ <ul>
+ <li><strong>Links:</strong> <a href="https://www.congress.gov/bill/118th-congress/house-bill/3693">H.R. 3693</a></li>
+ <li><strong>Overview:</strong> Prohibits federal agencies from creating or maintaining databases of citizens' biometric data.</li>
+ <li><strong>Architectural Critique:</strong> This directly addresses the <RT-term>biometric fallacy</RT-term> by preventing the creation of centralized honeypots that, once breached, permanently compromise a citizen's immutable biological "password".</li>
+ </ul>
+
+ <h3>Safeguarding Personal Information Act (S. 2769)</h3>
+ <ul>
+ <li><strong>Links:</strong> <a href="https://www.congress.gov/bill/119th-congress/senate-bill/2769">S. 2769</a></li>
+ <li><strong>Overview:</strong> Aims to repeal Title II of the REAL ID Act to eliminate what it terms a "de facto national identification mandate."</li>
+ <li><strong>Architectural Critique:</strong> This bill represents a structural rollback of <em>Stage 1</em>, attempting to stop the nationalization and interoperability of state databases before they can be fully weaponized by commercial data brokers and state intelligence.</li>
+ </ul>
+
+
+ <h1>The elephant in the room</h1>
+
<p>
- Based on concepts of bureaucracy, mandated expense, and the biometric fallacy, we are looking at Dante's 7 Levels of ID Heck:
+ Mandatory digital ID initiatives, such as H.R. 7270, would require the use of NIST-compliant Mobile Driver's Licenses (mDLs). A mobile driver's license is a digital representation of a state-issued identification document. At the architectural level, mDLs strictly require the use of a smartphone or a similar commercially produced smart device, effectively compelling citizens to carry and use microwave-linked cell phones.
+ </p>
+
+ <p>
+ The identity data is stored within the device's secure hardware and transmitted to verifiers via active network protocols such as NFC or Bluetooth. The deployment of mDLs relies almost entirely on the digital wallet ecosystems controlled by Apple and Google. This outsources the foundational infrastructure of state identification to two private corporations, granting them unprecedented gatekeeping authority.
</p>
+
+ <p>
+ If such an initiative is successful, it would mark the first time Congress has ordered the entire U.S. population to buy a physical product from commercial suppliers simply to participate in society. As established earlier in this paper, significant questions remain regarding the architectural effectiveness of this technology, and legislators should not hold back from asking commonsense questions about it. Furthermore, the architectural reality of a mobile digital ID requires the device to continuously broadcast its location to cell networks. Mandating this technology is functionally equivalent to legally requiring every citizen to carry an active geo-tracking beacon—a profound physical vulnerability considering that commercial geo-tracking data is actively exploited by criminals for stalking and kidnappings.
+ </p>
+
+ <p>
+ However, as severe as these civil liberty and physical security implications are, they are perhaps not the most disturbing part of the initiative.
+ </p>
+
+ <p>
+ By law, the FDA was compelled to defer the study of the health effects of microwaves to the FCC, an action codified in the Telecommunications Act of 1996. The FCC is staffed by engineers rather than medical experts. Consequently, they approached biology as an engineering problem. They set a safety limit for microwave exposure designed exclusively to prevent heating an adult human brain by more than one-tenth of a degree Celsius. The underlying regulatory assumption is that microwaves solely cook tissue; therefore, limiting thermal output solves the safety problem.
+ </p>
+
+ <p>
+ The observation that the FCC is a captured agency is a matter of recent legal record. In 2021, the US Court of Appeals for the DC Circuit ruled against the FCC (<em>Environmental Health Trust v. FCC</em>). The court found that the FCC's 2019 decision to retain its 1996 safety limits without adequately reviewing the thousands of pages of scientific evidence regarding non-thermal biological effects was "arbitrary and capricious." The court essentially stated that the FCC was ignoring the science to maintain the status quo.
+ </p>
+
+ <p>
+ Microwave health effects have been discussed and debated since shortly after the invention of radar in WWII. The Soviets published early findings of biological harm. Because radar uses microwaves and was considered a critical military technology, the U.S. Navy replied that they did not see the problem.
+ </p>
+
+ <p>
+ Today, there are thousands of studies showing biological effects, countered by industry responses claiming they do not exist. Significant studies establishing non-thermal mechanisms include:
+ </p>
+
<ul>
- <li><strong>Stage 1: The Bureaucratic Number (The Card)</strong> - Dehumanization through serialization. Every human is reduced to a state-issued number; the fake ID industry becomes the only "free market."</li>
- <li><strong>Stage 2: The Mandated Shackle (The Smartphone)</strong> - The first government-mandated capital expense. Forcing citizens to pay for a commercial product to exist in society. The "Corporate Smartphone" (Mic/Camera/GPS) ends privacy.</li>
- <li><strong>Stage 3: The Biological Theft (The Biometric)</strong> - Treating a biological "username" as a "password." Security theater. A person leaves their physical "password" on a coffee cup or a door handle.</li>
- <li><strong>Stage 4: The Aggregation Sinkhole (The Database Explosion)</strong> - Convergence of all state and commercial human data. The "Aggregation Force" creates a single point of failure for a person's entire life.</li>
- <li><strong>Stage 5: The Algorithmic Gatekeeper (The Profiling)</strong> - Automated "Evil Thought" detection. Using the ID as a key for age-gating and "child safety" (California model).</li>
- <li><strong>Stage 6: The Interoperable Web (The Global Wallet)</strong> - The end of jurisdictional escape. EU/UK cross-border standards. If a person is banned in one place, they are invisible in all.</li>
- <li><strong>Stage 7: The Digital Exile (The Marianas Trench)</strong> - Total disconnection from the "Right to Exist." De-banking and removal from the digital society. The "Attractor" is reached: a system so secure that even the rightful owner cannot access their life.</li>
+ <li>
+ <strong>The Guy Study (1984):</strong> A seminal $4.5 million study by Dr. Arthur W. Guy, funded by the U.S. Air Force, found that long-term exposure to low-level microwave radiation (at 2,450 MHz) significantly increased malignant tumor rates in rats. The effect was observed at levels that did not cause heating, pointing directly to a non-thermal mechanism.
+ </li>
+ <li>
+ <strong>Military and Occupational Studies (1995):</strong> A review by Dr. John Goldsmith presented epidemiological evidence from military, broadcasting, and occupational settings, linking microwave exposure to a range of health outcomes, including disturbances in blood counts, neurological issues, and reproductive effects.
+ </li>
+ <li>
+ <strong>CTIA's Own Study (Early 1990s):</strong> In an attempt to prove safety, the wireless industry association (CTIA) funded a $25 million research program. The results backfired. The study found DNA damage in human blood cells and an increased risk of brain tumors (acoustic neuroma) among heavy cell phone users. The research director, Dr. George Carlo, warned the industry, but the findings were allegedly suppressed.
+ </li>
+ <li>
+ <strong>Hippocampal Damage (2022):</strong> A study published in <em>Cell Communication and Signaling</em> explored changes in spatial learning and memory after long-term exposure to 2.856 and 9.375 GHz microwaves. It concluded that long-term exposure leads to different degrees of spatial learning and memory impairment, EEG disturbance, structural damage to the hippocampus, and the differential expression of proteins in hippocampal tissue and serum exosomes.
+ </li>
+ <li>
+ <strong>Endogenous Opioid Activation (1990s):</strong> The landmark work of Dr. Henry Lai at the University of Washington demonstrated that exposure to low-level microwave radiation, equivalent to the output of a cellular phone, activates the endogenous opioid system in the mammalian brain, triggering a physiological chemical response.
+ </li>
</ul>
- <h1>Current legislation</h1>
<p>
- The following bills represent the current trajectory of federally funded digital identity infrastructure:
+ Industry does not possess a strong track record when conducting studies on the safety of its own products. To understand the danger of blindly trusting corporate safety assurances, a person only needs to review the historical record of institutional deception:
</p>
+
<ul>
- <li><strong>H.R. 7270 (The Stop Identity Fraud and Identity Theft Act)</strong> - A bill creating federal grant programs through the Treasury to incentivize states to adopt Mobile Driver's Licenses (mDLs) and centralized biometric verification systems.</li>
- <li><strong>S. 884 (Improving Digital Identity Act)</strong> - A bill establishing an interagency task force to develop a nationwide, interoperable digital identity architecture, heavily reliant on existing state DMVs and biometric ledgers.</li>
- <li><strong>H.R. 4589 (National Digital Identity Act)</strong> - A companion proposal pushing for the commercialization and federated sharing of state identity databases with private sector verifiers.</li>
+ <li>
+ <strong>Radium:</strong> In the 1920s, the U.S. Radium Corporation assured young women that pointing brushes with their lips using glowing radioactive paint was perfectly healthy, even promoting it as a vitality tonic. Meanwhile, company scientists wore lead aprons to avoid exposure.
+ </li>
+ <li>
+ <strong>Television Radiation (1960s):</strong> In 1967, thousands of General Electric color TVs were discovered emitting X-rays at levels up to 100,000 times the safe limit. The industry initially minimized the issue and resisted regulation, claiming shielding was adequate. The FDA was given authority to set performance standards for electronic products. This is the exact authority the FDA later chose not to use for cell phones when it deferred to the FCC.
+ </li>
+ <li>
+ <strong>Leaded Gasoline:</strong> Industry executives knew the severe neurological dangers of tetraethyl lead for decades, yet continually funded favorable research to keep it in the global fuel supply, causing generational cognitive damage.
+ </li>
+ <li>
+ <strong>Thalidomide:</strong> Marketed heavily as a safe morning sickness remedy for pregnant women, it resulted in severe birth defects. It proved that pharmaceutical companies prioritize market release over rigorous, long-term biological testing.
+ </li>
+ <li>
+ <strong>Asbestos:</strong> Manufacturers hid internal memos detailing the respiratory destruction and cancer risks of asbestos fiber inhalation for half a century to protect profits in the construction and insulation markets.
+ </li>
+ <li>
+ <strong>Tobacco and Low-Tar Filters:</strong> When the lung cancer risks of smoking became undeniable, the industry introduced "low-tar" and filtered cigarettes. They marketed these as a safer alternative, when in reality they were engineered to deliver the exact same addictive nicotine and carcinogens, giving the public a false sense of security while attacking independent science.
+ </li>
+ <li>
+ <strong>DDT:</strong> The chemical industry aggressively marketed this pesticide as completely safe, producing promotional films showing it being sprayed directly over eating children and swimming pools, ignoring its devastating ecological and biological toxicity.
+ </li>
+ <li>
+ <strong>PFAS (Forever Chemicals):</strong> Chemical giants DuPont and 3M knew for decades that fluorinated compounds accumulated in human blood and caused severe health issues, yet they continued to dump them into water supplies and use them in consumer goods like Teflon.
+ </li>
+ <li>
+ <strong>Glyphosate:</strong> The manufacturer of Roundup ghostwrote research papers and actively colluded with regulators to suppress evidence linking the world's most widely used herbicide to non-Hodgkin's lymphoma.
+ </li>
+ <li>
+ <strong>OxyContin:</strong> Purdue Pharma secured FDA approval by pushing a fabricated narrative that their delayed-release opioid had an addiction rate of less than one percent. The FDA examiner who approved the deceptive labeling subsequently left the agency to work for Purdue, representing a gold standard example of regulatory capture.
+ </li>
+ <li>
+ <strong>Boeing 737 MAX:</strong> The FAA delegated safety certification directly to Boeing. To save airlines money on pilot training, Boeing engineers hid the existence of a single point of failure software override (MCAS). The regulator completely trusted the corporation's safety assurances, resulting in 346 deaths.
+ </li>
</ul>
- <h1>A better way forward: the reasoning technology plan</h1>
+ <p>
+ A 2018 investigative report in <em>The Nation</em>, titled "How Big Wireless Made Us Think That Cell Phones Are Safe," detailed a vast cover-up by the telecommunications industry. Society appears to be witnessing the exact same pattern again. The industry first duels in the journals, then attacks the researchers, and finally targets anyone who complains.
+ </p>
+
+ <p>
+ Here is a partial list of researchers who have reported being professionally targeted after publishing findings critical of microwave safety:
+ </p>
+
+ <ul>
+ <li><strong>Dr. Henry Lai and Dr. N.P. Singh</strong> (University of Washington, Seattle): Found DNA strand-breaks from microwave exposure and reported industry retaliation.</li>
+ <li><strong>Dr. Dominique Belpomme</strong> (France): Oncologist who conducted EHS cohort studies; faced disciplinary actions and threats to his medical license.</li>
+ <li><strong>Dr. Olle Johansson</strong> (Karolinska Institute, Sweden): Studied skin and immune effects of EMFs and subsequently lost lab access.</li>
+ <li><strong>Dr. Annie Sasco</strong> (France): Epidemiologist supporting EHS recognition who was subsequently marginalized.</li>
+ <li><strong>Dr. Magda Havas</strong> (Trent University, Canada): Researcher on EMFs and dirty electricity who is widely attacked as an alarmist.</li>
+ <li><strong>Dr. Martin Pall</strong> (Washington State University): Developed the voltage-gated calcium channel (VGCC) hypothesis and has described facing strong institutional push-back.</li>
+ <li><strong>Dr. George Carlo</strong> (CTIA-funded Wireless Technology Research program): Initially hired by the industry to prove safety, he later reported findings of risk, stating his results were suppressed and his career undermined.</li>
+ </ul>
+
+ <p>
+ An industry-sponsored study reported in <em>IEEE Spectrum</em> tested the reaction of people seeing or not seeing microwave devices, concluding that symptoms were psychosomatic. However, the study deliberately ignored the mechanics of operant conditioning, and failed to consider the results from prior studies showing endocrine and cellular damage.
+ </p>
+
+ <p>
+ Rather than wading exclusively into the technical literature, a person can observe practical demonstrations of these biological effects. In one demonstration by the engineering channel <a href="https://youtu.be/UC3O6B_K9Us?t=879">"Tech Ingredients"</a>, the presenter was operating a high-powered microwave test rig and momentarily forgot how to spell the word "front" while exposed to the field. In another <a href="https://www.youtube.com/watch?v=ee8eozHfPQ8">recorded experiment</a>, Danish school students demonstrated that cress seeds planted in a Faraday cage with a transmitting Wi-Fi router completely failed to grow compared to the control group.
+ </p>
+
+ <p>
+ Reflecting on this pattern of institutional deception brings to mind the famous quote from President George W. Bush: "There's an old saying in Tennessee, I know it's in Texas, probably in Tennessee, that says, fool me once, shame on, .. shame on you ah ah .. Fool me, you can't get fooled again."
+ </p>
+
+ <p>
+ Yet, legislators are currently on the cusp of making it functionally mandatory that every citizen carry and use a microwave-emitting cell phone.
+ </p>
+
+ <h1>Conclusion</h2>
+
+ <p>
+ I hope this white paper has made it clear to legislators that though technical people are very smart at what they do, they have repeatedly missed sight of the forest for the trees. Non-technically minded leaders should not be afraid to ask commonsense questions, and should expect to be given answers that make sense. Please do not follow the technologists down the primrose path, and instead work to preserve the garden of golden flowers.
+ </p>
+
+
+ <h1>Suggestions</h1>
+
+<p>I write these suggestions not due to a political agenda, but from the point of view of achieving computer security.
+ </p>
+
+<p>The most reliable way to make a system secure, is to remove the need for it to be secure. As we go down the list of reasons that digital ID is desired, how many of those can be removed? Lets throw around some ideas.</p>
+
+
+
+
<p>
We are currently charting a course for the byzantine ending of American civilization, but there is time to change course. We must simplify. Incentives are more powerful than regulations.
</p>
<li><strong>Reasoning Technology ID technology, RTID:</strong> Existing models force lawmakers into a false choice between massive surveillance honeypots or zero utility. Reasoning Technology has developed a foundational identity architecture that shatters this dichotomy. It works in the presence of quantum technology, works in the presence of strong AI, works without special hardware features, has minimal productivity impact, and is maintainable.</li>
</ol>
- <h1>Appendices</h1>
- <h2>Appendix A: "Microwaves are candy" and the corporate track record</h2>
- <p>
- The current RF/Microwave regulations entirely ignore cellular and neurological damage. When told that wireless signals are entirely safe, look at the historical track record of corporate industry assurances: X-Rays, Leaded Gasoline, Thalidomide, Asbestos, Tobacco, PFAS, and Glyphosate. The FDA must conduct and rely upon conflict-free studies.
- </p>
- <h2>Appendix B: The Aadhaar tragedy</h2>
- <p>
- India's Aadhaar system is the ultimate realization of Stage 4. A centralized biometric database that has suffered massive data leaks and routinely excludes the poorest citizens because their manual labor has worn off their fingerprints.
- </p>
+ <h1>Appendices</h1>
- <h2>Appendix C: The history of "secure" cryptographic backdoors</h2>
+ <h2>Appendix A: The history of "secure" cryptographic backdoors</h2>
<ul>
<li><strong>The "Clipper Chip" (1990s):</strong> The NSA attempted to mandate a microchip with a "key escrow." Independent researchers found vulnerabilities allowing anyone to exploit the backdoor.</li>
<li><strong>The _NSAKEY Controversy (1999):</strong> A secondary cryptographic key embedded inside Windows NT 4.0 highlighted the vulnerability of relying on proprietary corporate security.</li>
<li><strong>Crypto AG & Operation Rubicon:</strong> A Swiss manufacturer of encryption machines was secretly owned by intelligence agencies to intentionally weaken algorithms.</li>
</ul>
+
</RT-article>
</body>
</html>
projects / RT-ID / commitdiff
