I don't wonder. It'll get hacked and stolen, repeatedly. Government isn't technically competent by itself, and doesn't know how to select those who are.
At a superficial level, I think I would notice extra chips/wiring/HD showing up on a naked Mo-board.
Going further, as you wish to approach this in pseudo-apsolutist terms, GOV would simply choke on any effort to go _that_ far. Be it the Hardware Effort or the Software/Data Collection and Processing Effort (times many many millions), they would gag on The Spew. Yes, no encryption protects data for ever, blah blah. Good Encryption and other impediments just makes persuit/enforcement not worth the effort [insert THX-1138 reference and every real-world example of governments failing to absolutely control their populace here].
And since I am willing to talk in Absolute Terms, GOV is lousy at math. They may know something about Social Psychology, Propaganda, et al, but the Citizenry has both the guns and the numbers.
If this is implemented, it's going to be fun the day that someone from the government gets hacked and compromised via the very same security weaknesses they ordered.
True, but having all the data on the government's site may (may) make it more secure from being leaked to sources other than the government. This isn't a statement of the government's software quality, but one of incentives: large private companies have not, historically, suffered much (legally or in terms of growth/revenue) from data breaches. The government losing data that it has independent reasons to keep safe is probably a larger perceptual risks, since government departments/funding can be suddenly cut in the wake of disasters of this nature, and elections can be lost. TL;DR the feedback loop for bad security might be more direct if the government is the one doing the securing. That's a troublesome prospect in several regards, but is plausible, I think.
You're more worried about governments having capabilities like finding sql injection flaws in web apps and renting small botnets for and hour or two of DDOS?
It would be fascinating for American citizens to be attacked (cyber or otherwise) because they work for the federal government and another branch of that government messed up and allowed this database to be breached?
Not to mention those same bad actors will gladly risk going after those keys. Given the track record of government organizations' secure storage of data, I think it's likely they would succeed.
OTOH a government that persistently works to undermine the online privacy and security of everyone else cannot really complain when it makes securing their own staff and operations impossible.
wait. so if you are hacked, then the government has a free pass to hack you as well? Why do all the reasons that come to mind right now fit in the 'bad idea' bucket...?
You assume they can't just rootkit and browse your server at will?
On one hand, government agencies are notoriously ineffective with technology. On the other hand, I'd rather assume competence and be incorrect than the opposite.
What doesn't make sense? They would rather have sole access to all the data even at the expense of having to build their own tools. It's not the first or the last attempt of government taking power through 'protection'.
The government is even worse at providing IT services, so the data breaches and other assorted fuck ups would in turn get worse. :(
reply