Did Sean Gorman's maps show the cascading vulnerability in Ohio?
So, the US Government wants to classify Sean Gorman's student project. The question is did Mr. Gorman's maps divulge the vulnerability in the East Coast power grid that resulted in the blackouts this week? Would it be better to know about these vulnerabilities, and do something about them; or is it better to keep them secret until they fail in a catastrophic way?
On Sunday 17 August 2003 06:28 pm, Having folded space, the Third Stage Guild Navigator said:
So, the US Government wants to classify Sean Gorman's student project. The question is did Mr. Gorman's maps divulge the vulnerability in the East Coast power grid that resulted in the blackouts this week?
Would it be better to know about these vulnerabilities, and do something about them; or is it better to keep them secret until they fail in a catastrophic way?
Please correct me if I misunderstand this, but I have a different take on all of this. Power Cos. have for some time traded power in a futures market system. Org A buys x gigawatts at an attractive price to be delivered at a specific time in the future from Org B, via the grid. Org C is facing a brown/blackout today so they are highly motivated to pay any price; Org A's contract terms with Org B fit Org C's needs so Org A makes a killing. Given that the players were producers, buyers and sellers of the same product this creates no incentaive to build out additional capasity. Quite different from say, Hog futures, were the supply side and demand side are not the same person. According the the NPR report I heard on this, the money to be made here is huge provided there was just enough power or not quite enough. So there were not market checks and ballances. having additional capasity on hand, in this system, drives down price in a futures market. So back on Sean's question, maps did not divulge this; at least not the primary cause. I see the primary cause as economic. It seems to me we are seeking a mechanical cause instead of looking at the fauly business model that allowed this to happen.
on 8/17/2003 9:09 PM hackerwacker@tarpit.cybermesa.com wrote:
Org A makes a killing. Given that the players were producers, buyers and sellers of the same product this creates no incentaive to build out additional capasity. Quite different from say, Hog futures, were the supply side and demand side are not the same person. According the the NPR report I heard on this, the money to be made here is huge provided there was just enough power or not quite enough. So there were not market checks and ballances. having additional capasity on hand, in this system, drives down price in a futures market.
Capacity isn't the problem. The problem is that there aren't enough lines between the providers and consumers to carry the current volume.
So back on Sean's question, maps did not divulge this; at least not the primary cause. I see the primary cause as economic. It seems to me we are seeking a mechanical cause instead of looking at the fauly business model that allowed this to happen.
No sorry. The grid is a national problem and has been stabbed at several times, but different special interests always move to keep the necessary work from being done. LULU -- Locally Undesirable Land Use NIMBY -- Not In My Backyard BANANA -- Build Absolutely Nothing Anywhere Near Anyone NOPE -- Nowhere on Planet Earth Another more-recent camp are those who see everything as a move by The Man and Mr. Big which must be stopped. -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
A measured response is needed. Obviosly we do not want the vulnerabilities disclosed to bored teenagers looking for "excitement". We need controlled access to this data so that those of us who need the data to fix vulnerabilities can gain access to it but access is denied to people without a legitimate need for the data. The "Dig Safe" program might be a good model for controlling access to Sean's work. This would not preclude further scholarship on Sean's work but it would keep the data out of the hands of the 31337 crowd. Scott C. McGrath On Sun, 17 Aug 2003, Sean Donelan wrote:
So, the US Government wants to classify Sean Gorman's student project. The question is did Mr. Gorman's maps divulge the vulnerability in the East Coast power grid that resulted in the blackouts this week?
Would it be better to know about these vulnerabilities, and do something about them; or is it better to keep them secret until they fail in a catastrophic way?
Hello Scott , On Mon, 18 Aug 2003, Scott McGrath wrote:
A measured response is needed. Obviosly we do not want the vulnerabilities disclosed to bored teenagers looking for "excitement". We need controlled access to this data so that those of us who need the data to fix vulnerabilities can gain access to it but access is denied to people without a legitimate need for the data. And my statement would be , And who is that authority ? The government ? The Utilities ? The ... ?
The "Dig Safe" program might be a good model for controlling access to Sean's work. This would not preclude further scholarship on Sean's work but it would keep the data out of the hands of the 31337 crowd. Huh ?, Try this on for size , "Hello , I am joe's contracting service & I have a building permit(I do) and I need to dig at ..." If I remeber correctly the "Dig Safe" program will give me the info without so much as a check on the permit or my company name .
But , Something (may) need to be put in place . I for one am not a great fan of any group of "X" that has a vested interest in keeping the information out of the public hands as being the ones to administer or setup or even give suggestions to a body who'd be involved in setting up such a commitee/org./... I'd really like to see a "Public" forum be used to take suggestions from the PUBLIC (ie: you & I & that neighbor you hate so well) for the guide lines as to who &/or when such info s/b released . Not the Gov. or the Util Alone .
On Sun, 17 Aug 2003, Sean Donelan wrote:
So, the US Government wants to classify Sean Gorman's student project. The question is did Mr. Gorman's maps divulge the vulnerability in the East Coast power grid that resulted in the blackouts this week? Would it be better to know about these vulnerabilities, and do something about them; or is it better to keep them secret until they fail in a catastrophic way? Twyl , JimL -- +------------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network Engineer | P.O. Box 854 | Give me Linux | | babydr@baby-dragons.com | Coudersport PA 16915 | only on AXP | +------------------------------------------------------------------+
Remember that Dig Safe is implemented on a state by state basis some of the programs like the one you describe are dreadful. The one in my home state is fairly thorough in checking bona fides before providing the data I believe in setting a fairly low bar for access to this information i.e. can you _prove_ that you have legitimate cause for access to this information. The proof would be do you have fiber/conduit/circuits/pipelines these all have identifiers which can be checked and generally only the customer and the service provider has this information. Not simply whose fibers are in the conduit attached to the railroad bridge. if you own one of those fibers you get access to the information on who else is in the conduit. if you do not you are not privvy to the information. We had a incident where someone accidentally started a fire under a bridge and burned through a PVC conduit knocking phone and data out for the better part of a week for 100,000+ lines. I really do not want that type of information in the hands of a bored teenager so they would be able identify potential targets so that they can be _famous_. Remember when you go to a library to study rare manuscripts you generally need to prove to the curator that you have a legitimate scholarly interest in the documents not simply random curiousity. Scott C. McGrath On Mon, 18 Aug 2003, Mr. James W. Laferriere wrote:
Hello Scott ,
On Mon, 18 Aug 2003, Scott McGrath wrote:
A measured response is needed. Obviosly we do not want the vulnerabilities disclosed to bored teenagers looking for "excitement". We need controlled access to this data so that those of us who need the data to fix vulnerabilities can gain access to it but access is denied to people without a legitimate need for the data. And my statement would be , And who is that authority ? The government ? The Utilities ? The ... ?
The "Dig Safe" program might be a good model for controlling access to Sean's work. This would not preclude further scholarship on Sean's work but it would keep the data out of the hands of the 31337 crowd. Huh ?, Try this on for size , "Hello , I am joe's contracting service & I have a building permit(I do) and I need to dig at ..." If I remeber correctly the "Dig Safe" program will give me the info without so much as a check on the permit or my company name .
But , Something (may) need to be put in place . I for one am not a great fan of any group of "X" that has a vested interest in keeping the information out of the public hands as being the ones to administer or setup or even give suggestions to a body who'd be involved in setting up such a commitee/org./...
I'd really like to see a "Public" forum be used to take suggestions from the PUBLIC (ie: you & I & that neighbor you hate so well) for the guide lines as to who &/or when such info s/b released . Not the Gov. or the Util Alone .
On Sun, 17 Aug 2003, Sean Donelan wrote:
So, the US Government wants to classify Sean Gorman's student project. The question is did Mr. Gorman's maps divulge the vulnerability in the East Coast power grid that resulted in the blackouts this week? Would it be better to know about these vulnerabilities, and do something about them; or is it better to keep them secret until they fail in a catastrophic way? Twyl , JimL -- +------------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network Engineer | P.O. Box 854 | Give me Linux | | babydr@baby-dragons.com | Coudersport PA 16915 | only on AXP | +------------------------------------------------------------------+
Speaking on Deep Background, the Press Secretary whispered:
Remember that Dig Safe is implemented on a state by state basis some of the programs like the one you describe are dreadful. The one in my home state is fairly thorough in checking bona fides before providing the data
????? Since {most} state laws REQUIRE you call, how to you propose to vet queries? I dig up my drain tile, I need to call re: the gas line. Legit or not? Jose and Manual are digging up a parking lot; do you NOT tell them about something under it because they are not lily white? Hell, I bet 40% of the general contractors in the country have SOME criminal history, be it brawling or such. It's not exactly a Walter Mitty profession. -- A host is a host from coast to coast.................wb8foz@nrk.com & no one will talk to a host that's close........[v].(301) 56-LINUX Unless the host (that isn't close).........................pob 1433 is busy, hung or dead....................................20915-1433
On Mon, 18 Aug 2003, Scott McGrath wrote:
Remember when you go to a library to study rare manuscripts you generally need to prove to the curator that you have a legitimate scholarly interest in the documents not simply random curiousity.
That's because those old manuscripts are fragile, not because they think the information should stay secret. If you want to live in a world where this type of information needs to be hidden, go ahead and finish your totalitarian state. The US isn't far off anyway. Paul
Information should be free. This however assumes that people will be _responsible_ for what is done with the information. On Manuel and Jose - with a valid permit number they get the information if Bubba and Joe do not have a _valid_ permit number they do not get the information because in the absence of legitimate need for this information they probably should not have it Try going to a presidential library and trying to access the information there you still need a legitimate scholarly interest to access any of the information deemed _sensitive_ by the curator. In most of these cases the documents are available on microfilm or digitally so fragility has noting to do with the access restrictions on the document but harm to the subject of the documents does play a significant role in what information is released to the general public and what is restricted to scholarly interests. I want to live in a world where information can be free however this a utopian ideal which does not work in the _real_ world. We as a group need to create a system which allows access to this information WITHOUT resorting to having GOVERNMENT control access to the information. BUT we also need to ensure that the information is used responsibly. Having "secrets" benefits no one except the keeper of the secrets. Scott C. McGrath On Mon, 18 Aug 2003, Paul Wouters wrote:
On Mon, 18 Aug 2003, Scott McGrath wrote:
Remember when you go to a library to study rare manuscripts you generally need to prove to the curator that you have a legitimate scholarly interest in the documents not simply random curiousity.
That's because those old manuscripts are fragile, not because they think the information should stay secret.
If you want to live in a world where this type of information needs to be hidden, go ahead and finish your totalitarian state. The US isn't far off anyway.
Paul
Date: Mon, 18 Aug 2003 11:15:02 -0400 (EDT) From: Scott McGrath <mcgrath@fas.harvard.edu> Sender: owner-nanog@merit.edu
Information should be free. This however assumes that people will be _responsible_ for what is done with the information.
On Manuel and Jose - with a valid permit number they get the information if Bubba and Joe do not have a _valid_ permit number they do not get the information because in the absence of legitimate need for this information they probably should not have it
This does not at all match reality. People don't have to have a permit to need to call USA (Call before you dig where I live.) Many things not requiring a permit do require calling USA before digging. I just tell them that I am digging at a location and they tell me if it's OK and if anything is near-by. I've been told to call for any dig deeper than 1 foot. Planting a tree does not require a permit, but the hole is plenty deep enough to be a problem! -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634
We have a permutation of this in NH. When the hole is greater than 1' deep we need a permit. This does illustrate the difficulties though we have too much government interference now. _but_ we do need some way of ensuring that information is used responsibly and I do not think that a government agency is the right way to go about solving this dilemma. Out here in the sticks a popular form of entertainment seems to be shooting out the insulators on transmission lines. I really do not want to tell Bubba and Joe which lines will plunge the region into darkness. On the other hand I need the information so that I can put into place the appropriate measures to ensure that services stay online in the event Bubba and Joe hit the wrong line. Scott C. McGrath On Mon, 18 Aug 2003, Kevin Oberman wrote:
Date: Mon, 18 Aug 2003 11:15:02 -0400 (EDT) From: Scott McGrath <mcgrath@fas.harvard.edu> Sender: owner-nanog@merit.edu
Information should be free. This however assumes that people will be _responsible_ for what is done with the information.
On Manuel and Jose - with a valid permit number they get the information if Bubba and Joe do not have a _valid_ permit number they do not get the information because in the absence of legitimate need for this information they probably should not have it
This does not at all match reality. People don't have to have a permit to need to call USA (Call before you dig where I live.) Many things not requiring a permit do require calling USA before digging. I just tell them that I am digging at a location and they tell me if it's OK and if anything is near-by.
I've been told to call for any dig deeper than 1 foot. Planting a tree does not require a permit, but the hole is plenty deep enough to be a problem! -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634
The "Dig Safe" program might be a good model for controlling access to Sean's work. This would not preclude further scholarship on Sean's work but it would keep the data out of the hands of the 31337 crowd. Huh ?, Try this on for size , "Hello , I am joe's contracting service & I have a building permit(I do) and I need to dig at ..." If I remeber correctly the "Dig Safe" program will give me the info without so much as a check on the permit or my company name .
This is not really correct. They wont tell you over the phone. Rather a survey company will show up and *mark* the locations where you cannot dig. The funny part is that they check only first 6 ft i.e. if your conduit is at the 6.5', touch luck :) Alex
The "Dig Safe" program might be a good model for controlling access to Sean's work. This would not preclude further scholarship on Sean's work but it would keep the data out of the hands of the 31337 crowd. Huh ?, Try this on for size , "Hello , I am joe's contracting service & I have a building permit(I do) and I need to dig at ..." If I remeber correctly the "Dig Safe" program will give me the info without so much as a check on the permit or my company name .
This is not really correct. They wont tell you over the phone.
I should probably correct this from "wont" to "should not". The reason for that is that if one does not call call before dig, one would be liable. If one does call and misunderstands, the survey company would be liable. So those companies prefer to leave very clear marks. Alex
On Mon, 18 Aug 2003 alex@yuriev.com wrote:
The reason for that is that if one does not call call before dig, one would be liable. If one does call and misunderstands, the survey company would be liable. So those companies prefer to leave very clear marks.
The way it works in California is that the digger marks the work area in white paint and submits the location to the USA hotline. The hotline distributes this to all of the utilities, which then mark the location of their underground facilities, color coded (Blue - water, Red - power, Orange - telco/cable, Yellow - gas). The digger must will take care not to damage anything marked. http://www.digalert.org/ -- Jay Hennigan - CCIE #7880 - Network Administration - jay@west.net WestNet: Connecting you to the planet. 805 884-6323 WB6RDV NetLojix Communications, Inc. - http://www.netlojix.com/
On Sun, Aug 17, 2003 at 08:28:44PM -0400, Sean Donelan wrote:
So, the US Government wants to classify Sean Gorman's student project. The question is did Mr. Gorman's maps divulge the vulnerability in the East Coast power grid that resulted in the blackouts this week?
Would it be better to know about these vulnerabilities, and do something about them; or is it better to keep them secret until they fail in a catastrophic way?
And what would you or the public holding these maps do about them? I have a better plan, instead of releasing it to the public, release it to these ignorant bandwagon activists so they can scream and shout about how these 'dangerous' things are too close to people. That will solve the problem of sending us back to the stone age by uprooting current 'dangerous' facilities (oh say, like INDIAN POINT or something just as useful), or there's always terrorists willing to pay for these maps. --snip-- The North American Energy Reliability Council, or NERC, which is charged with assessing the dependability of the electric grid system, has pointed to a section of the loop in Ohio as the likely point of origin for Thursday's blackout. ``That's the center of the focus,'' NERC chief Michehl Gent said. ``This has been a problem for years and there have been all sorts of plans to make it more reliable.'' --snip-- Oh wait...someone was already doing something about it behind the scenes, but naaaaah, their work is meaningless because since I've never heard anything about this (perhaps because I DON'T WORK FOR A POWER GENERATING ORGANIZATION OR RELIABILITY COUNCIL) let's release the map to some couple million unqualified individuals so they can scrutinize it and offer no reasonable or primarily negative input. Have a happy angst-filled low-voltage day.
participants (11)
-
alex@yuriev.com
-
David Lesher
-
Eric A. Hall
-
hackerwacker@tarpit.cybermesa.com
-
Jay Hennigan
-
Kevin Oberman
-
Mr. James W. Laferriere
-
Omachonu Ogali
-
Paul Wouters
-
Scott McGrath
-
Sean Donelan