[brenden2]

Generally seems like a good idea, minus the part about it being state owned and operated. If it's operated by the state, it will probably be a disaster. Many governments can barely keep their Windows machines up to date, leading to ransomware attacks. It would be a shame if people's money were held hostage for ransom.

[atonse]

I love how we say this with a straight face and ignore the fact that the best hackers _anywhere_ are mostly currently or formerly employed/trained by the government: NSA, FBI, same with Israeli hackers trained by the IDF, Russian and Chinese hackers, pretty much everyone is a current or former state actor.

So yeah I'd trust NSA lending its talent to securing our payments infrastructure over some of the people that were in that Google thread that got paid 300k to do hardly any work in years. But this is a false dichotomy.

[refurb]

I somehow doubt the NSA would be the ones building it. It would probably be farmed out by the govt like the ACA website.

I agree it would be terrible if the govt ran it, but would make sense is for the govt to actually plan it and put regulations around it. Provide a framework for private companies to work off of.

[atonse]

That's why I said lending their talents. The NSA and FBI would definitely consult on something that big.

Actually they'd do it regardless of whether it was built by the public or private sector.

I'm in the DC area – so I know exactly how bloated and utterly incompetent most defense contractors are (I worked for a couple). So I have nearly zero faith in them doing a better job.

[maximente]

i would wager a fair amount of US dollars that, given past behavior/track record, the offensive mission of NSA would almost certainly result in some sort of backdoor that would eventually be used by opposing actors to pull down the data directly.

the defensive NSA guys would probably be blamed post-facto in some sort of delicious intra-organizational bull-bleep.

[atonse]

That's a different argument. I'm addressing this notion that the government is oh so incompetent and the only people that can do this is the private sector, when many countries have upgraded to excellent government-run (but private sector built) payment systems that work just fine.

[brenden2]

I respectfully doubt many talented folks are giving up $500k+/year jobs to work for Uncle Sam at below market rates.

[atonse]

No it's the opposite. A lot of people getting $500k were trained by Uncle Sam and left.

My point was that you can't say the government would mess it up when the government (really, many governments as I outlined above) has done a phenomenal job of training many of our best private sector hackers.

[chimeracoder]

> My point was that you can't say the government would mess it up when the government (really, many governments as I outlined above) has done a phenomenal job of training many of our best private sector hackers.

That's very different from saying that the government's core competencies include developing and operating secure consumer-facing web services that are also convenient to use.

There's a very big difference between having the raw resources and actually executing.

[atonse]

I forgot to mention another point that someone else mentioned (and I added to).

I live in the DC area. If you think that your average government contractor would do a much better job, you'd be shocked.

[whatshisface]

The NSA has a history of being so offence-focused that it wouldn't be very wise to trust them.

[ethanbond]

Alternatively, it has a public reputation of being extremely offense-focused.

[maximente]

well, we know without a doubt that they withhold info related to vulnerabilities in order to prioritize continued offensive success. that doesn't bode well for any non-offensive work, and there's no reason to believe that has changed.

[xtian]

The largest private companies in the world (e.g., Yahoo, Facebook, Equifax, Target) can barely keep user data private, leading to massive data breaches. It would be a shame if people's private information were to be compromised with essentially zero recourse.

[brenden2]

Ideally there would be regulation that drastically limits the blast radius of such incidents. In a perfect world, these companies would not be allowed to hold on to private information and would simply operate as zero-knowledge networks in the same way that Internet carriers do (in theory at least).

[xtian]

Ok, but you still haven’t made an argument for why it would be better to spend a lot of effort designing a complex system of incentives and punishments for private companies rather than focusing on building a quality public service.

[throwGuardian]

On the contrary, payments is critical infrastructure, like roads or social security, that needs to be publicly owned and operated, immune to the rise of cancel culture, and other whims of the techno-elites. No one should be denied their right to basic economics because someone in power at a private company disagrees with their politics

[brenden2]

The government should define what's okay and what's not (aka regulation), and let private entities duke it out for a reasonable share of the economic value.

[moralsupply]

Why not let consumers decide on what's better for them?

What does centralized (and politicized) regulation do better than then free market?

[xtian]

You can argue for improvements to the political process, but public entities do many things better than the market. For example: the fire department, parks, utilities, roads, healthcare, education.

[moralsupply]

How do you know these services do better than the market given that they are monopolistic (as in: the government doesn't allow for competition)?

[xtian]

Because the US has for-profit healthcare and it’s worse on all societal-scale metrics than nationalized healthcare in other countries. And we had for-profit fire departments and the result was poor people’s houses burned down. For-profit utilities cut maintenance of essential infrastructure to hit quarterly goals. For-profit education reinforces class hierarchy, enables grift, and results in superficial curriculum tailored for mercurial “employer demand.”

[brenden2]

Having multiple private entities competing for customers allows consumers the opportunity to decide what they want.

[moralsupply]

> payments is critical infrastructure, like roads or social security, that needs to be publicly owned and operated

So if one day Bitcoin becomes the norm, do you believe it has be handled by the government? If you think so, how do you think the government will be able to enforce that?

[peterwwillis]

> If it's operated by the state, it will probably be a disaster.

The more I see this meme, the more ridiculous it seems.

The US federal government, the overall governing body of the most powerful nation in the world, employs 2 million people in around 1,760 agencies and manages nearly 1 Trillion dollars. If anything it touched "became a disaster", it would not be able to support the most powerful nation in the world, supporting the world's largest economy by GDP.

States are not the federal government, but they generally follow it as a model, and they generally do a good enough job at managing themselves that everything they touch also does not become a disaster.

[vraivroo]

> If it's operated by the state, it will probably be a disaster.

This is a common trope propagated by big-business interests, but it's not borne out by evidence. Giant corporations have proven remarkably apt at being hacked and leaking private data.

[spectrum1234]

Yes but have you seen the costs of infrastructure in the US?

Big business is bad but big government is bad too.

[vraivroo]

Government is necessary. Government is not free. Grow up.

[downerending]

IIRC, I once signed up for a NY transit account to auto-bill my train pass. Noped right out of there when they emailed me back my password in the clear.

[quest88]

Imagine the next government shutdown over budget.