I respect your opinion as much as anyone here. Still, I wish there was anything I could say to get a little of the negative tone off of your security advice sometimes. (You're much better than bad ivory tower security experts I've worked with over the past fifteen years, though.)
I really, really like engineers trying as hard as they can at hard problems. Give them a dose of the dangers involved, absolutely-- but why discourage someone with "scrap it" language who is absolutely trying to give it their best possible shot? I want MUCH more of that, rather than discouraging one project because some host, somewhere MIGHT misuse this to commit fraud. There's real value to the world if companies/governments/sites work really hard on this problem. Even if they don't get it 100% right, we can all benefit just from the philosophy of this approach even if the technology has corner cases.
Not a perfect analogy or a refutation below, but I want to remind readers that there are millions of real world problems that are hard and hairy, yet can still be sound:
# There is no less hospitable environment to man than outer space.
# Start with the vacuum, for which you need an airtight container, large enough to contain men and equipment with no possible way for air to escape into space and leave you dead.
# Now launch that container into space, accelerating all the way up to escape velocity, which puts incredible pressures on the craft through the entire trip, risking integrity the whole way.
# Now consider that you're working with some of the most explosive/flammable substances just to get your container into the air.
# "Clunky" and "very early days" are not words that harmonize with with "basic idea is entirely sound". The basic idea simply isn't sound.
I really, really like engineers trying as hard as they can at hard problems. Give them a dose of the dangers involved, absolutely-- but why discourage someone with "scrap it" language who is absolutely trying to give it their best possible shot? I want MUCH more of that, rather than discouraging one project because some host, somewhere MIGHT misuse this to commit fraud. There's real value to the world if companies/governments/sites work really hard on this problem. Even if they don't get it 100% right, we can all benefit just from the philosophy of this approach even if the technology has corner cases.
Not a perfect analogy or a refutation below, but I want to remind readers that there are millions of real world problems that are hard and hairy, yet can still be sound:
# There is no less hospitable environment to man than outer space.
# Start with the vacuum, for which you need an airtight container, large enough to contain men and equipment with no possible way for air to escape into space and leave you dead.
# Now launch that container into space, accelerating all the way up to escape velocity, which puts incredible pressures on the craft through the entire trip, risking integrity the whole way.
# Now consider that you're working with some of the most explosive/flammable substances just to get your container into the air.
# "Clunky" and "very early days" are not words that harmonize with with "basic idea is entirely sound". The basic idea simply isn't sound.