Cover photo
Matthew Sachs


Matthew Sachs

Shared publicly  - 
A sprawling piece explaining the Observe-Orient-Decide-Act feedback loop, dynamic systems, and an analysis of past and prediction of future for the 2016 presidential race through that lens.

OODA theory, which came from a military strategy context, describes how people behave in a system where the reality is continuously clanging: observations lead to interpretations of those data, lead to decisions, lead to actions -- but the actions generate new data to observe, the interpretations lead to new perspectives which alter observations, and so on. Everything feeds back and forward into everything else.

In a competitive situation (war, sports, politics, ...) one can take advantage of "getting inside your opponent's OODA loop": If you can take well-calculated action faster than they can react, then between when they observe and when they act, you will have altered reality such that their observations no longer match reality, and so their actions will be based on obsolete data.

Truly crafty tacticians will also exploit "OODA ambiguity": If your opponent is unable to narrow down the range of actions you might take (e.g. of they aren't sure if you're a serious candidate or not, or if they're unsure of whether you'll launch a third-party bid), they don't have as much time to react to you, and they have to account for more possibilities in their own actions which in turn constrains them and makes them easier to predict.
Air Force fighter pilot John Boyd's theory about confounding opponents with a constantly shifting battlefield applies to Donald Trump and all GOP aspirants.
Add a comment...

Matthew Sachs

Shared publicly  - 
Twenty-four hours after an attack by Da'esh (the organization formerly known as ISIS [1]) on Paris left 129 dead and 352 wounded, the Internet and the airwaves alike have been filled with profound waves of self-serving nonsense and stupidity from left and right alike. Everyone seems to have found a way in which this situation justifies their position – protect the refugees! Exile the refugees! Bomb someone! Stop all bombing of anyone! – and magically, it seems that one of the most complex political situations of our time can be reduced to simple slogans.

Well, I've run out of patience with this, so let me seriously discuss what just happened here, and what it tells us. I'm going to talk about three things which have combined to lead to yesterday's massacre: the refugee crisis, Europe's Muslim population, and Da'esh. I'll then talk about a few things which I think have little or nothing to do with what we're seeing – most importantly, religion and oil – and a few things which do – such as food and water. And finally, we'll talk about what it's going to take to fix this, both in the short term and the long term.

Being entirely out of patience right now, forgive me for being particularly blunt. I suspect that, by the end of this, you will be thoroughly offended by my opinions, whether you are American, European, or Middle Eastern, left or right: nobody has behaved well in the lead-up to this.

The first thing to realize about the refugees streaming into Europe from Syria and its environs is that not only are they not, by and large, terrorists – they're people fleeing these exact terrorists. France was just hit by Da'esh, with over five hundred casualties; in Syria, people are surrounded by Da'esh on one side, and a bloodthirsty army on the other side, and have been seeing death on the scale of yesterday's attack every single day for the past four and a half years. [2] If you were living there, you would very likely be fleeing, too.

But the second thing to realize about the refugees is that there are, in fact, Da'esh members among them. It's clear that at least one of the attackers came in from Syria as part of October's refugee flood, and there's no reason at all not to believe that quite a few more are among them, working both at short- and long-term goals. (More on which in a moment)

Everyone seems to have simplistic solutions, here: kick out all the Muslims (as America's Ann Coulter and Donald Trump suggest), settle the refugees more permanently, build giant prison camps. These solutions tend to miss a few very basic points:

(1) When you have hundreds of thousands of people who are quite literally willing to risk not only their deaths, but the deaths of their families, in order to escape, your odds of being able to keep them out aren't actually great, unless your plan is to mobilize a giant army and start attacking inward until they're fleeing in the opposite direction.

(2) You do not have enough prison camp capacity to handle this many people, nor could you build it. Nor do you have enough housing and residential infrastructure capacity to easily settle this many people, because the flux you're seeing out of Syria is very far from the end of it. 

This is why large regional disasters quickly tend to spread into adjacent regions. This is why it's important not to let regional disasters get out of hand, no matter how politically appealing isolationism may appear.

The second thing to be aware of is that this didn't happen in a vacuum: Europe has a very large Muslim population, and it seems that most of the attackers were French or Belgian citizens. This started out with Europe's colonial ambitions, back in the day: France, for example, ruled over Algeria with a mind-bogglingly bloodthirsty approach [3] for decades, but now has a large population of people with a right to French residence who have been moving in to the country in search of a better economic situation. (Hardly surprising, when you leave behind a colony wracked by a horrifying civil war for decades) And France is far from alone in this.

Europe's Muslim population is both profoundly European and profoundly not European. They are European in that they have been living there, often for more than a generation; they work there, they pay taxes, they have become as assimilated as they can. They are not European in that Europe has been profoundly unwilling to allow them to assimilate. This is far from a historical anomaly: Europe has historically defined itself in terms of villages or cities and their local populations, which one can't really join very easily. Groups marked as outsiders – be they Jews, Romany, or Muslims – have been considered only marginally European. At times, there has been a high degree of apparent assimilation: for example, Jews were thoroughly integrated into European culture in the late 19th and early 20th centuries, intermarrying, forming friendships and professional associations across the board. As you may notice, "thorough integration" can be an awfully chancy business. 

Muslims in today's Europe, on the other hand, don't have anything close to this superficial level of integration; France has been routinely passing laws banning Muslims from dressing the way they did in their home countries in the past few years, which should tell you a great deal about local opinions of that population.

So you have a large population who finds it systematically hard to find work, impossible to be accepted, the regular target of police, and told every day that they should probably be kicked out of the country. I'm sure you will find it shocking that, if you do this to a few tens of millions of people for a few decades at a stretch, you will end up with a disillusioned and disenfranchised youth, some of which will combine this with the general hot-headedness and stupidity of being a young adult to become easy fodder for people who have shown up to recruit.

Lots of people seem to have half-assed solutions here, and they tend to be even more foolish than the solutions to the refugee crisis. "Send them back," the European right frequently cries: back to where? Most of the Muslim population is no longer fresh immigrants; they are second and third generation Europeans. They don't have homes anywhere else. The European left, on the other hand, preaches a mealymouthed combination of urging assimilation and unmistakeable racism. 

For some context, go back to the Charlie Hebdo attacks several months ago. There was a large outcry, saying that what the magazine (a notable left-wing satirical organ) had been doing was entirely in the bounds of proper satire, that the satire of religion was a hallowed European tradition. What this explanation glosses over is that nobody on the receiving end of the satire saw it as satire of religion, for the simple reason that religious affiliation, in Europe as in the Middle East, has little to do with what you believe and much to do with who you are. Charlie Hebdo's targets weren't simply religious extremists preaching from Saudi mosques; they were a portrayal of the French Muslim population as violent extremists, the dangerous other. And that's precisely the European left-wing line: Muslims are fine, so long as they become completely European, to the extent that we can forget that they were ever from someone else. Which, realistically, might mean they have to intermarry for a few generations and acquire blue eyes and blond hair, but that's OK, we welcome them!

The honest fact is this: neither the European left nor the right have ever made the large Muslim community into a full part of society. One side has covered it in nice words, while the other side has blared its xenophobia from the rooftops, but nobody on the receiving end of either of these has been fooled.

You sow the wind, you reap the whirlwind. What did you expect was going to happen?

And then we come over to our friends in the Middle East, the psychotically bloodthirsty bastards of Da'esh itself. It's a bit off to even refer to them as Islamist extremists in the mold of al-Qaeda; they've gone so far off the rails of Islam that the only clear ideology that often seems left is power and murder. Exhortations from theologians of any stripe aren't really going to have an effect on them.

But they seem to have realized that they are on an upswing of power, nobody having the resources or will to stop them, and have come up with the idea of spreading this worldwide, with attacks spreading to places like Russia and France – and, as soon as they can, everywhere else. Because as far as anyone can tell, they want to take over the world.

(Yes, this is a kind of screwy plan, and they barely even control chunks of land in the ass end of Syria and Iraq. But they've had enough luck with killing people that they seem to have convinced themselves that if they engage in even more killing people, it'll continue to work just as well. [4])

They seem to have one fairly simple strategic objective with these new attacks: drive a hard wedge between Muslim and infidel populations around the world, so that the Muslims will have no choice but to join them and become their army, overthrowing the local governments and establishing a world-wide Caliphate.

Unfortunately, political stupidity seems likely to help them. If the response to these attacks is to further isolate Muslim populations – both settled and refugee – then they will certainly have a far easier time recruiting among them. It's not actually going to lead to them taking over the world, but it will lead to bloodshed.

This recruitment tends to take a few forms. One is to recruit fighters to come and help in the bloodshed in existing battlefields; the second is to recruit suicide bombers and the like in other countries. These are somewhat disjoint processes, since the process of recruiting someone to commit suicide is rather different and targets different sorts of people, but there is also overlap: one strategy which al-Qaeda long favored was to recruit people to come to places like Iraq, Afghanistan, or Chechnya to fight, and later export trained fighters elsewhere.

One important thing about these tactics is that they seem to be realizing that surprisingly little training and planning is required. Yesterday's attack required some coordination among teams, but nothing spectacular; it did require practice in gunplay. But even this was fairly complex compared to the bare minimum required; consider the amount of chaos caused by the D.C. Sniper back in 2002.

Da'esh poses a particular danger because they seem to have latched onto the idea of exporting their violence to the rest of the world, but they're hardly the first or the last group to do this. If they were to be wiped out, I wouldn't bet any money that someone else wouldn't get the same idea soon after, much like al-Qaeda did before them. It's not even a particularly regional idea; the notion that if we kill enough people we can restructure the world to be perfectly {Aryan, Muslim, Democratic, Christian, Communist, etc.}, or to be the economic vassal states of the {X} empire, is frankly a cliché by now on pretty much every square kilometer of the planet.

So let's review where we are, for a moment. There's a large European Muslim population which is disillusioned, disenfranchised, underemployed, and generally treated as outsiders and fair political punching bags by the society as a whole. There's a giant stream of refugees pouring in to Europe, combining huge numbers of people running for their lives from bloodthirsty maniacs with small numbers of bloodthirsty maniacs looking to recruit. There's a factory of particularly bloodthirsty maniacs with a vision of taking over the world through (a) killing people and (b) convincing the rest of the world to treat Muslims even more like outsiders, who are actively trying to both create refugee streams and send out recruiters, to this end.

At this point, I expect to hear a chorus of voices blaming two things for this: religion (specifically, Islam), and oil (specifically, the West's insatiable need for it). To which my main response to both is "hogwash."

The reason I reject Islam as an explanation for this is that there's nothing particularly Muslim about any of it. The European Muslims which are being treated as second-class citizens aren't being treated that way because they pray on rugs facing Mecca, rather than in pews facing an altar; they're being treated this way because they're "dirty foreigners." (I'll spare you the actual terms used to describe them) Da'esh's plan to take over the world isn't rooted in a theological destiny of Muslims; it's rooted in an explicitly political vision of conquest. And quite frankly, the people being shot at the most are Muslims, too; remember who the refugees were running from?

More profoundly, people in the Middle East aren't systematically any more religious than people are in America. You have the same spectrum from the wholly secular to the crazed fundamentalist, with the former predominating in cities and the latter in the countryside. There's a tendency to assume (for example) that any woman wearing a headscarf must be extremely devout, or subject to domination and terror by some devout man; you have to back away and look at it in its local context, where sometimes it's a sign of devotion or a political statement, but it's also just what people wear; for many people, walking around with one's hair exposed is not done in much the same way people don't walk around in most of the US or Europe with their asses hanging out.

Oil is generally used as a proxy for "if only the Americans|Europeans never intervened in the Middle East, it would be peaceful there!" This bespeaks a rather curious innocence as to the history of the Middle East, combined with a reversed vision of (generally American) exceptionalism, that somehow our surpassing evil can corrupt otherwise noble savages. It's certainly true that without oil, most of the Middle East would be desperately poor – but as it happens, most of it is desperately poor anyway. Oil is not uniformly distributed, and Syria doesn't have that much of it to begin with.

There is one sense in which this is true, which is that the 2003 invasion of Iraq created a spectacular disaster. George W. Bush's belief that if we just created enough of a power vacuum, democracy would magically rush in to fill the void – the precise belief which his father didn't have, mind you, which is why GHWB made the explicit and deliberate decision to leave Saddam Hussein in power – proved to be exactly as unwise as it sounds when written so plainly. The result was a giant area of anarchy and civil war smack in the center of the Middle East, into which would-be fighters from all over the region (as well as other regions) swarmed: veterans of Chechnya and Bosnia found new employment in Iraq, as Sunnis and Shi'ites alike slaughtered one another. This anarchy, never resolved, has been the perfect factory of chaos which quite easily spilled over elsewhere.

But there's one profound factor which has driven the violence in the Middle East far more than oil ever could: water.

The entire Middle East has been in a water, and thus food, crisis for decades. In Egypt, for example, the Nile Valley has been drying out ever since the Aswan Dam was completed in 1970; as this once-fertile soil turned to desert, people have streamed into Cairo, doubling and tripling its population by forming tremendous shantytowns. Unemployment was extreme, as it's not like the cities suddenly had tens of millions of new jobs in them; the government kept order as well as it could by importing grain in tremendous quantities (the government's by-far largest annual expense) and selling bread cheaply. Unfortunately, a drought in Russia and Ukraine, Egypt's primary suppliers, caused those countries to cut off wheat exports in 2011 – and the government collapsed soon after.

Syria is a similar story: the lead-in to the collapse of Bashar al-Assad's dictatorship was steady droughts in the Syrian countryside driving people into the cities by the hundreds of thousands, leading to mass unemployment and unrest. People's livelihoods had simply disappeared. Stories like this repeat across the entire Middle East.

When we talk about the ultimate causes of the situation, this is the fact we tend to ignore: at the root of it, there isn't enough water, and there isn't enough food, and droughts have been hitting the area harder and harder for a decade. When there isn't enough food, people move from the countryside to the cities; and now you have giant groups of people who still don't have jobs or food, and that's a recipe for the collapse of governments as surely today as it was in Europe in the 1840's.

If you've ever wondered why I have often said that we need to be very actively worried about climate change, this is it. Changing climate breaks agriculture in various areas; the people who were farming there don't magically turn into factory workers or teleport to places which are (slowly) becoming more fertile; they become desperate former farmers, generally flooding into cities. 

So given all of this, what can we actually conclude? I think the most important thing is that you can't bury your head in the sand, and assume that problems in some other part of the world aren't your own. A drought or a civil war somewhere else can easily start to spill over in unexpected ways.

If you want to avoid terrible consequences, what you have to do is plan, and in particular never let kindling build up. For example:

(1) If you have a large, disenfranchised, population, this is trouble waiting to start. The only way to fix this problem is to enfranchise them: give them a full stake in your society. Yes, that means treating people who are very different from you like full equals. Yes, it also means that your society – that is, the set of people that you're responsible for – now includes a bunch of people who are a lot poorer than you are, and this is going to be expensive to fix. You're not going to like it. But you're going to like the alternative a whole lot less.

(2) If there's political instability, or worst of all, food supply instability somewhere else in the world, it doesn't matter how far away it seems: you need to get together with everyone else and have a serious plan to deal with it. Once masses of hundreds of thousands of people start streaming across the countryside, chaos will follow in their wake. 

(3) Climate change isn't an abstract fear for the future; it's a major political problem right now. You can't punt it away and talk about what to do about carbon emissions or its effect on the economy; you have to sit down and come up with serious strategic plans for what to do when agricultural productivity in critical breadbaskets drops sharply, or watersheds dry up. Contingency planning for any government needs to include anything from hurricanes to long-term droughts, and not just as one-offs, but what to do if these start happening a lot. The reason you need to plan for this is that it's not a goddamned hypothetical, you idiot.

What do we do in the short term? This is harder, because right now Da'esh has been sending agents across the planet to cause as much trouble as they can. One obvious prong of the solution is ordinary police work; that's proven far more effective than complex intelligence solutions at catching terrorists. Another prong is stopping their support system at the root. Because Da'esh's plans are so focused on actual conquest, a collapse of their regime back home is likely to have more of an effect on their satellite agents than the collapse of a more ideologically-oriented organization like al-Qaeda.

A third prong is to stabilize the situation in Syria: here the key isn't so much blowing anyone up as giving people a way to stop fighting. There are three key obstacles to this. One is Da'esh, which seems to be pretty committed to fighting for its own sake; this is unlikely fixable by any means short of straightforward military defeat. One is the underlying lack of food availability. The third is that quite a lot of people have reason to believe that they will be killed either if al-Assad regains power, or if he loses power. They need a serious guarantee of personal safety in any peace.

What this probably means is that a peace agreement will require very heavy international support: aid to rebuild the country, neutral military forces to guarantee cease-fires, and some way to deal with the underlying economic issues. That's going to require heavy international coordination of the profoundly unsexy sort: not deploying giant militaries to bomb targets and wave banners, or propping up regimes and helping them "suppress insurgencies," but working on the long-term realities of helping locals build a government that they're invested in – even when said government is unlikely to be either similar to Western norms, or friendly to Western aims. Military force to crush Da'esh is almost certainly needed as a precondition to this, but it's by far the smaller part of the game.

The short version is: if you want to fix problems, you're going to have to deal with some very serious, expensive, and unsexy solutions. Because life isn't simple, and you can't just bomb your way out of trouble.

[1] See this recent editorial for the argument for switching to the term Da'esh more broadly: [Thanks to +Lisa Straanger for finding this more in-depth discussion than the Boston Globe op-ed which I had earlier cited]

[2] cf, for example, this infographic:

[3] cf, for example, this obituary of a proud French torturer:

[4] cf
498 comments on original post
Add a comment...

Matthew Sachs

Shared publicly  - 
Trying an experiment here.  Give me a song parody prompt -- a song, plus a line or a title or a theme for a parody version of it -- and I'll write lyrics for the parody.
Eric Barry's profile photoMatthew Sachs's profile photo
(+Dan Pierson: Posted to corp+ due to excessive quantities of inside baseball.)
Add a comment...

Matthew Sachs

Shared publicly  - 
Dear parents: Your lives could be worse. "The big guy in this picture is the cuckoo - a young cuckoo.  The little one is the momma bird, who is feeding the baby, even though the baby is now like five times as big as she is."
cattletyrants: “blurds: “ avianeurope: “ Common Cuckoo (Cuculus canorus) »by Kee Liu ” I’m seeing some confusion about this one in the reblogs, and it is for my money one of the most interesting...
Add a comment...

Matthew Sachs

Shared publicly  - 
I'm totally uninterested in actually talking to any recruiters at the moment, but next time one pings me I'll be awfully tempted to give this reply...
“This is my new standard reply to recruiter emails (lol "culture fit")”
Add a comment...

Matthew Sachs

Shared publicly  - 
Two observations here:

- I've been interviewing a lot of candidate's for Google's engineering practicum internship, a program intended to help high-potential 1st- and 2nd-year college students, especially those from "historically underrepresented groups in the field", gain skills, and experience, and exposure to Google as an employer.  I usually ask candidates how they became interested in computing, and by far the most common answer is that they took AP CS in high school and loved it.

- "[The school] will use computer science as a form of literacy, threading it through other subjects [...]. For instance, rather than using paper and a calculator to solve a kinematics problem in physics or using a shortcut like Wolfram Alpha, students might code their own script to process the problem and produce an answer. [...] (One downside of such an approach is that it can put an undue burden on the teachers who have to implement it, many of whom lack a background in computer science.)" -- This suggests that schools should have CS faculty, but instead of / in addition to teaching their own courses, they should assist other faculty with lesson plans and provide in-class aide in e.g. the physics class on the day they're doing coding.  Perhaps this is something industry professionals can help with, I'd love to spend O(hours) per week at a school helping with this kind of thing.
Add a comment...

Matthew Sachs

Shared publicly  - 
As sacrilegious as it is to riff off Lin-Manuel Miranda, and as little as the internet needs more people griping about their kids or white dudes rapping... after getting four hours of sleep in the past 48 it seemed like a good idea.

This is a parody of the "I imagine death" section of "My Shot" from Hamilton.

I’ve been lacking sleep so long it’s barely in my memory
Can I ever rest? We
never sleep, this sickness is our enemy.
Nasopharyngitis will not let me or my family be.
Now it’s making little eardrums flee.
See, I really thought I’d doze for two hours
But that simply ain’t within my powers
Ask the baby why she’s cryin’ and she laughs, she has to outlast
The night and then with puke I’m showered, the cat glowers
Eff that
This is not an illness, it’s the illest
It’s just the tiniest virus with
Something to prove, and
Her sister is waking, and she joins in the scream
My brain is baking, dreaming of a dream
And? If I do steal a moment’s peace?
Is that temporary, it’s just a lease
On freedom from fatigue, know I need
To be well-rested or I’ll find I increase
The number and severity of tantrums
But Jesus, these germs are holding me ransom
Now I shriek like the Phantom:
“How can this be, why the hell won’t she
Become a body at rest and set my body free?!”
I’m past boopin’ nose. Time for probably
Improbably gentle repose.
It’s time for rockin’ in time with Lin’s flows!
‘Cause Hamilton’s a lullaby to end our sorrow,
This’ll be the last night I’m awake until tomorrow!
Add a comment...

Matthew Sachs

Shared publicly  - 
This page from @Lin_Manuel's notebook!! "Burr, sir" rhymes from #Hamiltonmusical. Great to see The Mind at work! Embedded image. 12:52 PM - 13 Nov 2015. Reply to @mattsachs. Home · Sign up · Log in · Search · About. Not on Twitter? Sign up, tune into the things you care about, and get updates as ...
Add a comment...

Matthew Sachs

Shared publicly  - 
Important security research. An attack on the CASHIER system Chipotle uses to enforce quota constraints on their Burrito as a Service platform enabled a malicious client to consume excessive resources. This is why automation and monitoring is important! Recommendations for Chipotle BaaS:

1. Automate half-and-half orders by deploying half-size scoops to all endpoints.
2. Patch the buffer overflow exploit that non-bowl orders can use as a tortilla-count escalation path.
3. Install weight-based monitoring systems and verify system health before provisioning burritos to untrusted users.
We ordered 35 burritos from Chipotle to figure out what methods can increase the size of your burrito. Want to know which methods worked?
Lesley Katzen's profile photo
Seriously though this exploit + lack of load testing == DoSed Chipotles
Add a comment...

Matthew Sachs

Shared publicly  - 
Beautiful! "I am a total sucker for banknote mockups and aside from the simplicity, what caught my eye about Bernát's project is the one security feature: if you look at the notes under a UV light, you see the skeletons of the animals depicted on the notes:"
For her master's project, Barbara Bernát designed a set of fictional banknotes: the Hungarian Euro. I am a total suc
Add a comment...

Matthew Sachs

Shared publicly  - 
Thoughts on how to replace Social Security Numbers, inspired by the Anthem breach.

SSN serves two incompatible purposes: it (in conjunction with other easy-to-find information like name) is a bearer token for identification and authentication.  It's adequate for identification, and there would be huge migration costs to replacing it for that, so let's not try.  Requirements for a replacement authentication mechanism:

* Can be used by many loosely-connected parties -- federal and state tax-collecting authorities and financial institutions at a minimum, for value of "financial institutions" that includes anyone who can extend a person credit which includes provision of services, so cell-phone companies and doctors offices and video-rental stores.  Sigh.  But if these entities can report "you" to collection agencies for failure to pay, then let's make sure that it's really you.

* Can be used offline.  Challenge-response protocols are hard when you're filling in and mailing a paper form.

* Can be used by everyone.  Including homeless people with no source of connectivity or power or ability to secure possessions.

That's a really tough set of requirements.  I think the best we can do is to add a second number, call it the Private Number or PIN or something so it's really obvious that it's sensitive.  The system designed around this number would have the following properties:

* Can be revoked and replaced on-demand.  Since it's not an identification number, that doesn't come with the same headaches that replacing SSN does.

* Would be asked for much less frequently.  It should be a federal crime to ask for this number except for purposes of filing a tax return, opening a line of credit, applying for federal benefits, or [other small set of whitelisted purposes.]

* Would be handled much more securely.  Similar to the credit-card CVV number, there would be regulations around the secure processing of this number.  Most importantly, it would need to be used to verify identity as soon as practical, and it would be illegal to retain any copies of the number after that verification had been completed.

That already gets us somewhere much better than SSN.  The credentials needed to steal identity are much less valuable, and big breaches are no longer financially viable since victims can trivially rotate PINs.

If we wanted to go the extra mile, we could also implement some kind of opt-in system where, say something like:

* User opts in and receives a U2F token.  Probably has to be done in person at a government office so that extra-strict identity verification can be done, and token doesn't have to be sent in the mail.

* Now, in addition to PIN, user has to supply U2F to authenticate.  PIN can also be used (in conjunction with other identity verification mechanisms such as checking photo IDs and in person at a government office) replacing a lost U2F token. Or, even more optionally, user can enroll biometric info in step 1 and that would additionally be used to replace lost U2F.

* For paper forms or legacy systems that aren't U2F-enabled, user can generate a one-time PIN, ideally one bound to a particular entity and purpose (e.g. bound to IRS for filing of 2015 taxes; bound to T-Mobile for applying for telephone service.)

But, honestly, that'd be enough of a boondoggle to spec out and implement and deploy that I'm not sure it's worth doing at all, and if it is then it should be decoupled from the SSN->SSN+PIN transition.
Add a comment...

Matthew Sachs

Shared publicly  - 
I'm interested in why -- taking as a given, for the sake of argument, that (to a problematic though far from universal extent) -- police are racist/corrupt. Is it a prison experiment-esque "power corrupts"? Is it a vicious cycle, where police spend most of their time dealing with minority populations who are hostile to them because of those communities' prior experiences with police? Is it caused by who is out there joining the force?

Better oversight et al are great and all, but I think the impact is going to be limited until we address the underlying systemic causes.

Add a comment...
More fun than a gallon of strawberries.