Now that I'm a customer instead of the VAR everytime I challenge a vendor on a security issue, the answer is either FDA device no changes allowed or just make sure it's on your secure network. If I get in early enough, I can bounce a vendor in RFP, but some days, we're stuck with a product that cries to be rooted.
The original MUMPS started on VMS VAX computers. Security was baked into the operating system. Users ran in captive accounts restricted to application access. You could run multiple departments on one platform with restricted rights. The grandchild, CACHE now runs on UNIX and Windows as another back end database.
>>>move the source code and the signing key to Germany
Not to Germany. Rather putting the source into encrypted file system spread across multiple independent countries. (RAIJ, Redundant Array of Independent Jurisdictions). You can have the file system fragments here in the United States, the German, Irish, Chinese, Brazilian, . . . are of course not covered and need to be addressed in each country.
I'm at a medical center where pagers are still in use. Why? Pagers work in the basements and don't drop signal when you're inside a large building away from a window. We can request an upgraded 2-way pager, but most at best a pager will alert you and you can either pick up a phone or move to location where your phone has a signal. Under trial are VOIP phones that use our local Wi-Fi for staff on the floor to have texting & voice. During a prolong blackout, paging continued to work long after cell coverage had died.
It's not the first one to get there, it's the first one to build a working mine and develop the resources. Whether it's gold, titanium, iron-nickel, or hydrogen/oxygen from ice. The homesteaders or prospectors who settled the United States had to get there, and work a mine or bring in crops to reap the rewards.
And for the politically correct, social just warriors, etc.
You carry a laptop, you carry a live boot USB stick/CD, You carry encrypted media, possibly the same as a boot USB. Your counterpart, possibly in another country, carries the decryption key. You carry his decryption key. Never cross an international border together.
Encryption or physical destruction. Failed media replaced under vendor's field service is destroyed. Most vendors will add a surcharge to their service agreements that allow failed media to remain on site for destruction rather be be RMA'd. If not, well then bill me.
>>>The shuttle was a crap vision that never came to be
The vision of the shuttle never came to be. Originally, the booster was planned as a rocket plan, capable of returning to KSC for refueling. The mass of the wings deployed were dictated by having to meet USAF requirements that the shuttle could return to Vandenberg. Because you know we had so many shuttle launches from California. That mass required pushing the space shuttle main engine beyond original design capacity. And that meant a full rebuild after every mission.
The original vision was possible and could still be flying if scope creep had been shut down in the 70's.
Google may or may not consider this a business model, but what it does do is put the DSL & cable internet providers on notice that there may be another option. Since the decline of competition and the retirement of "sharing" that last mile, the only two options have been cable or phone company for internet access. 14 years ago, PacBell was laying fiber to San Diego neighborhoods, that project got canned when AT&T swallowed PacBell. Maybe Google could pick up those strands for $2.00. I'll chip in.
In the corporate world, after every merger or takeover I've seen, non essential employees are shown the door. If we can do without for a day, why not a week, why not a month, let's go for all year. The worst thing will be having to fondle yourself at the airport.
It's more likely it took a week before any staff members noticed students were doing "fun" things with iPads.
WARNING TO ALL PERSONNEL: Firings will continue until morale improves.