So have a go. Here’s some inspiration: fantastic ideas, more mundane but plausible, and of course Sam’s page on how to destroy the earth for those with more grandiose dreams.

My favorites so far follow.

Play the odds:

Terrorists use unsolicited bulk e-mail (“spam”) which contain messages urging the recipient to kill everyone around them. While most people will realize the email is not genuine, a small fraction will simply take the message at face value, and go on shooting rampages.

Local flavor:

Dam The Speedboat! Pick several dams whose collapse would threaten a major metro area, canal locks, power plant intakes, etc. Any dam which trucks are forbidden on, for example. Pack explosive into a speedboat’s V-hull, creating the effect of a shaped charge. Design the boat with several large scuttling holes to flood rapidly and to orient appropriately while sinking.

Drive the boat up to the target, open the seacocks, neatly delivering a ton or more of high explosive right next to the target. Detonation on timer. For a bonus, simply tow the boat over the target, unhitch the trailer and run away, detonation on a timer with an anti-tamper detonator if someone tries to play hero and disarm it.

The ever-popular race card with ironic resonances:

Al-Qaeda recruits African islamists to blow up three of the largest megachurches in the South, leaving behind evidence it was the work of a revived cell of the Black Panthers. Meanwhile, light-skinned Persians destroy numerous black churches and the Apollo Theatre, leaving the impression it was done in retaliation, by white militias.

Then real members of these groups begin killing each other in the cities and countryside. Al Qaeda stokes the flames of conflict whenever it seems that it may subside.

Local governments assert “states’ rights” to suspend the constitution, and persecute and intern black americans. Inner-city gangs with access to high-powered weaponry assert themselves as defenders of the black community.

Self-reference:

Well-known security commentator announces “Movie-Plot Threat Contest” on his blog.
Ideas flood in.
picks the best one and implements it.
Ah thank you!

And a grand, intricate, but well-done finale:

Balloon attack in the warn terr.
Take 30 terrorists; organize as 15 teams of 2 terrs each.

Each team is equipped with
2 man-portable cylinders of helium, with regulators
120 largish, clear balloons
10 1000′ spools of 28-gauge copper wire
2 roll of kite string
2 box cutters

Total cost much less than $500,000. Use the balance for rent, food, cars, gas money, pet dogs (see below), and lap dances.

Deploy terr teams around the country, 5 to NYC metro, 5 to LA metro, 5 to Chicago Metro. Or any other cities you don’t like.

Have each terr team scout out the corridors underneath major high voltage transmission lines. Find the major corridors with 3-7 transmission lines crammed into one narrow path. They are easy to spot, use G**gle Earth, USGS maps, or working eyesight to spot large metal towers. Walk the dog in the corridors underneath the lines. Find secluded spots.

On T-day, all 15 teams go their chosen spots, with or without dogs.

Check the wind by blowing up a few balloons and releasing them. Unroll 200′ of copper wire, perpendicular to the chosen power line, and directly beneath it, or as required to compensate for wind. Each terr blows up a balloon with helium, ties it to the ground with 5-10′ of kite string, then attaches the copper wire to the string, just under the balloon. The tethered balloons holds the wire just above the well trimmed vegetation underneath each line so it won’t be snagged.

Repeat 6 -10 times for 1 power line, moving at least 50 yards down the line for each balloon pair and wire. Then repeat for the adjacent high voltage line. Lay out 50 wires in all.

Now the terr pair ditches their heavy helium bottles and get out their box cutters. Using hand signals, they simultaneously cut the kite strings holding down one wire with a balloon on each end. They quickly move down the line to the next, and repeat.

As the wire is lifted up to the high-voltage transmission line, it causes an electrical arc. Power flows from one high-voltage wire to the next until circuit breakers open. A few seconds after they open, the circuit breakers automatically reclose. The second balloon-borne wire causes a second arc. The circuit breaker opens, closes again. The third breaker causes still another arc. The circuit breaker opens, and this time is locks open.

The attack is repeated for all the transmission lines in each corridor. In a matter of minutes, New York, Los Angeles, and Chicago have blackouts. When the utilities try to manually close the circuit breakers, the additional balloon-wires are already in place across the lines. They arc and the breakers trip right away.

The attackers leave the area, assembly a second kit, get in their cars, and go to the areas around the next 3 big cities they don’t like.

Variations:
1) Use 30 each 1-terr teams, tether one end of each wire, and cause a line-to-ground arc instead of going for the more spectacular line-to-line. Attack 6 cities at once instead of 3. Leave lots of clear balloons and skinny wires floating near power lines, waiting for the right gust of wind to push them into the wires and cause a short circuit.

2) Ditch the balloons, the helium, the wire, the rent, and the lap dances. Buy explosives and timers and train the terrs to use them. Scout out the corridors as before. Find towers where the line takes a sharp bend, and cut the outer leg on that tower with the explosive and timer. Each terr is expected to cut one or more legs from at least 12 high-voltage towers. Extra points for getting one tower to fall across an adjacent line. Now the power systems to the targeted cities are shut down for weeks or months.

Results: Major metropolitan areas in blackout. Blackouts repeated many times as other disgruntled groups recruit terrs and repeat the attack along the 150,000 miles of high voltage transmission lines.

Voters turn out in mass and throw all the bums out of office. They’ll stand for murder, they’ll sit still for groping at airports, they’ll accept ruinous taxes and deficits, but when the power goes out, the politicians follow. Ask Gray Davis.

American culture is forever changed when the new group of politicians realizes that they don’t have long to line their wallets unless they can keep the power flowing. They can’t recruit enough guards for 150,000 miles of line. They have to stop the attacks at the source. They offer peace terms to Iraq, Afghanistan, and the rest of the world. All the troops are brought home, all the foreign bases closed. The Southerners, the rednecks, the ranchers, the rich, the businessmen, and even the gun nuts are made to feel welcome in American culture and politics. The Bill of Rights is restored and politicians who don’t enforce the letter and spirit of the Constitution as originally written are rapidly and firmly replaced. Government is drastically reduced and the economy prospers. World peace is upon us.

Well, you asked for a grandiose goal!

To: CountyClerk@mail.hamiltontn.gov
CC: webmaster@mail.hamiltontn.gov
From: noel at weichbrodt dot org
Subject: Express Tag Renewal Center Online Accessibility

Clerk Knowles (and Webmaster),

I was shocked to find, upon attempting to access your online Express Tag Renewal Center (http://www.countyclerkanytime.com/onlinesvcs.htm), that you do not support standards-based web browsers (https://secure.hamiltontn.gov/cclerk/tags/browser.asp) like Firefox (http://www.getfirefox.com). I and many of my friends and family (all your constituents) only use web browsers that adhere to the formal standards of the web (http://webstandards.org/about/) and that offer full protection from various internet exploits and dangers (http://www.mozilla.org/support/firefox/faq.html#mozvsie). To not offer your services to us because of our choice is both a slight and a self-condemnation.

Upon examination of your county web site, it seems that it currently stands in violation of Section 508 (http://www.section508.gov/index.cfm?FuseAction=Content&ID=3), which mandates compliance with both web standards and disabled accessibility standards (http://webstandards.org/learn/faq/#p312). Though Section 508 is a Federal law, and thus does not directly apply to the County, as a government agency compliance with Section 508 demonstrates your concern for standards and accessibility, especially for your constituents who are disabled (http://www.usdoj.gov/crt/ada/websites2.htm), also (http://www.alistapart.com/stories/politics/). Further, demanding the use of closed-source web browsers ignores the quantifiable superiority of other options (http://www.dwheeler.com/oss_fs_why.html).

There are a number of Chattanooga-based small businesses who are competent in the area of standards-based and accessibility-compliant web design (http://www.aiga50.org/cha/). I suggest that if your IT team does not agree with the industry standards and best practices in this area you avail yourself of their reasonably-priced services.

Please note that I will shortly discuss this issue, along with this letter, on my community blog (http://barelylegalsubstance.chattablogs.com). If you wish for further information regarding what I have mentioned above, or to discuss these matters, please contact me directly.

Thank you for your consideration.

Noel Weichbrodt

Background:
A city employee who wishes to remain anonymous recently wrote this on a Linux-related mailing list:

this sucks… the reason they wanted to know what sort of user-agent info is being sent from Safari is so that they could *allow* that browser to access the County Clerk tag & title website… [I] asked why the hell can’t I use Firefox anymore? Their reason:
Firefox is open source. A hacker could modifiy the code and post a hacked version of Firefox on the net. People download the hacked version of Firefox and it sends passwords and other sensitive information back to the hacker.
…the guy who made the policy to block Firefox [on the Express Tag Renewal Center] is one of the programming team managers here. the programmer said he wanted to block firefox, not because of security issues, but because he didn’t want to code his website to work with all possible browsers.

In light of what the city employee posted, my letter attempts to take the County’s elected officials to task. If you care about this sort of stuff, take a couple minutes and write to the addresses I noted above with your concerns.

This, while other counties are cutting costs and increasing performance by switching to free/open source software.

Update: Added links to the quoted URLs

As an example of the latter reason, I quote from a letter to the editor of chattanoogan.com:

United States citizens have the right to express themselves without being subjected to reprisal. As such, nothing in the U.S. Constitution states that people cannot be monitored. What it does indicate is that the Federal and State governments will not interfere with the lawful communication and protests of the people, and these governments must protect these rights.

Not to say that I approve of the NSA monitoring US citizens without judicial order. The Fourth Amendment prohibits unreasonable searches and seizures, and the NSA runs foul of that, no matter what powers the executive branch thinks it may have. But, pragmatically, this is going to get harder and harder to stop. If I have something to say privately, I’ll say it using the best encryption I can get. Since this is a wonderfully entrepreneurial nation, I expect that the first person to make that encryption as unobtrusive and easy to use as possible will make a fair pile of Hamiltons.

You know how your dad used to spend several hours per week maintaining the lawn, or waxing the car? You’re going to have to spend several hours a week maintaining your privacy and identity.

First Question.

What ever happened to distributed peer-based digital signatures and public keys using webs of trust? I am reading The Code Book, and today at lunch hit the chapter on the development of public-key crypto and the saga of Phil Zimmerman. I remember quite a fuss in the mid-90s about cypherpunks bootstrapping a decentralized trusted-key infrastructure. It seems quite relevant and do-able today. Has that project met demise and failed to get off?

Next question.

Has anybody done thinking on the epistemological criteria of encryption systems? Is there a formulation for knowledge wandering around which includes encryption? The history of crypto has seen a succession of knowledge-claims about the unbreakability of systems, and a matching set of persuasive counter-examples. Is there work in this area of philosophy? Additionally, what is the status of encrypted information? Is it knowledge, and what affect does the encryption state have on status?

Last question.

In day-to-day practice, I’ve supplanted my previous criteria for precise knowledge (being able to ask a good enough question that I can get a useful answer from someone knowledgeable) with the criteria “be able to formulate a Google search query which returns the desired information.” Is that wrong? What is the qualitative difference between the two?

Please answer below, or in trackbacks. I exist to be enlightened by someone other than myself.

Proposed class or classes of copyrighted work(s) to be exempted:
Motion Pictures, Software, Audio Recordings, and Digital Text.
Brief summary of the argument(s) in support of the exemption proposed above:
These classes of works (Motion Pictures, Software, Audio Recordings, and Digital Text) have traditionally been granted copyrights for the purpose of encouraging the public dissemination of the works for the benefit and use of the public by providing a property incentive to the originator for a short period of time. The DMCA ignores this traditional cause of granting a copyright, and moreover establishes crippling restrictions on the aforementioned “benefit and use of the public”. As such, the DMCA’s use should be restricted to the text of the DMCA itself, with the consequence being that any private party which attempts to discern the workings of the DCMA with the intent to apply it in any broader fashion outside of the text of the Act itself would be committing a punishable, criminal action under the DMCA.

Just an idea
I am awaiting a response from the LoC.
Found via Slashdot.

Thank you!

The following information was submitted to the U.S. Copyright Office at 17:35 on 11/3/05. Please print this page for your records.

[I have read the notice of inquiry and acknowledge that my attached submission will be posted on the Copyright Office website.]: Acknowledged

[Name]: Noel Weichbrodt

[Title]: Application Developer

[Organization]:

[Street Address]: The Volunteer Building

[Address Line 2]:

[City]: Chattanooga

[State]: TN

[ZIP]: 37402

[Phone]: 4237858262

[Fax]:

[Submitter's email]: nweichbrodt millermartin com

[Proposed class or classes of copyrighted work(s) to be exempted]: Motion Pictures, Software, Audio Recordings, and Digital Text.

[Brief summary of the argument(s) in support of the exemption proposed above]: These classes of works (Motion Pictures, Software, Audio Recordings, and Digital Text) have traditionally been granted copyrights for the purpose of encouraging the public dissemination of the works for the benefit and use of the public by providing a property incentive to the originator for a short period of time. The DMCA ignores this traditional cause of granting a copyright, and moreover establishes crippling restrictions on the aforementioned “benefit and use of the public”. As such, the DMCA’s use should be restricted to the text of the DMCA itself, with the consequence being that any private party which attempts to discern the workings of the DCMA with the intent to apply it in any broader fashion outside of the text of the Act itself would be committing a punishable, criminal action under the DMCA.

[Attached file]: ExceptionProposal.doc

The fuller quote confirms my take: “DHS must base its work on priorities driven by risk,” said the new Secretary, Mr. Chertoff. “Our goal is to maximize our security, but not security at any price. Our security regime must promote Americans’ freedom, prosperity, mobility, and individual privacy.”

It seems the DHS is finally realizing that fingernail clippers aren’t the problem; plastic explosives that are not screened on those little trolleys that cause us so much travel-pain are. Perhaps they will stop confiscating pen knives and making up laws that cannot be revealed to the public, presumably fearing that if the public knew the law, the public would then break the law, but as long as the law remains a secret, only law-breaking terrorists will, er, break it.

Hey, how about taking that evident skill in paper-pushing bureaucracy and setting up a division to track down those baker’s dozen missing Russian nukes that seem to have magically been sent to Africa and then vanished?

Security at any price is not acceptable. Security that puts more translators to work, that trains more cops to recognize suspicious behavior, and that educates the public on what to do if someone tries to bum-rush the cockpit door is smart security that we should gladly pay for.

My man Bruce Schneier has much to say on the topic of security, risk management, and these modern times. I’ve collected the best in my bookmark tag ‘security’.