There aren't a lot of alternatives - the amount of mass killing going on right now is unusually high. People can't spend all day frothing with moral outrage at the horror of it all. If something is routine there isn't much of an alternative than to discuss it as routine.
This article is actually unusually good, I wouldn't be surprised if the site was generally anti-war. It isn't unusual for the level of analysis to be "we're the in-group, we're morally right, they're the out-group, we can't imagine they're competent, lets kill them it'll be easy". The moment people start doing serious analysis they become well-armed pacifists. As a case study; this war is part of a trend of the US hurting itself in aid of ... nothing useful for the US. The only silver lining is I don't see the Trump presidency surviving this and that might be a lesson to the next guy about trying to start fights.
It’s really quite amazing how the US went in without seemingly an iota of planning beyond “kill ayatollah for regime change”, but at this rate we will see US regime change before Iranian.
It's really this simple. People seem so confused as to why this administration is doing this and why this administration is doing that, but it's clearly about personal enrichment of leaders. It's not some complex 5D chess game. If you want to know why Trump did this or why Hegseth did that or why Bondi did thus, just look at who placed bets, owns stock, owns companies, and/or will be personally enriched by the decision. That's all there is to it.
It is notable that the worlds major available oil reserves are now[0] in Venezuela, Canada, the US and Russia. Democracies are capable of playing 4D chess even if none of the people involved are up to the challenge. There are a lot of power centres that could stop Trump if they saw it as a problem for their interests; like Congress, some people in the administration or even a few people in CENTCOM (although they'd be more delaying the inevitable).
That being said, unleashing this blow on Asia is insanely risky whether it is intentional or no. The Trump administration has a well-earned reputation for not being direct in their warmaking and the Asian's might decide not to go down without a fight. And the US is likely to get nothing but ill-will from the continent for the next generation. And I doubt Trump will politically survive the blows the US economy will take in the process of shredding the global oil market.
They aren't orthogonal - the reason that gas is being used is because renewable can't reliably power the grid! If you look at something like https://grid.iamkate.com/ you can see that in the last 24 hours the gas peak is when the wind dies down and the sun isn't shining, around 6-8pm. Happens to be a real price peak at that time. This isn't some weird and unexpected outcome, we've had at least a decade of evidence with this sort of low-wholesale-high-retail price dynamic.
That isn't gas is expensive, it is simply policy that the UK, rather naively, is trying to run their grid 24/7 based on processes that are not available 24/7. That is an expensive trick to try and pull off. Poor people need a way to signal that they won't use electricity in the evening if they want to be able to afford power is my read on the situation. Not very civilised but if that is how the UK approaches reliable cheap energy as a target then it seems the most reasonable outcome.
Unfortunately for the UK, its geology means there isn't a lot of pumped hydropower storage unlike France, which is the cheapest way to bank intermittent renewables. In the places where there is pumped hydro capacity like Coire Glas, the operators are demanding the government guarantee they would be paid today's (natural gas generated) price to go ahead with construction, which would completely defeat the purpose of energy storage.
And yes, letting nuclear power dwindle was a political choice, spurred by short termist bean-counter thinking:
Seems like a very good case to get storage and power backup in people's homes. Industrial users could install their own gas fired generators. Residential consumers could have simple battery based backup, or even a generator which would double for helping during powerouts.
Bigger question is why they haven't already - these trends have been in place for a very long time and this current phase of the UK energy crisis has been on display for years. Anything legal and cost effective would have been done by now if the market had anything to say about it. Which suggests something odd is afoot. Maybe storage is more expensive than gas, maybe the UK government has regulated the option out of existence. Maybe something else.
> Is global economic collapse not an eschatological scenario?
Not really, no. In this case 20-25% of the world's oil disappearing doesn't sound like it should be an 'everything collapses' scenario, we still have >75% of the oil around and oil isn't the only energy source. Everyone has always seen a "worst economic collapse of my lifetime" and although this one looks like it is going to be unusually horrific it isn't going to cause the end of anything structural unless there are other causes already in place. For example in theory this might be the end of the US military's ability to maintain global order in the same way as the Suiz Crisis humiliated the British empire - it'd be a recognition of realities on the ground rather than the current crisis changing anything.
You're missing that the impact is not evenly distributed. It doesn't mean everyone gets 25% less petrol, tighten the belt a little bit, take one fewer trip to starbucks, and all is well.
It means rich countries get the 75% while the poor countries get nothing and starve. What happens when a nuclear power like India starts to lack food?
> What happens when a nuclear power like India starts to lack food?
Personally I think that actually seems a bit unlikely. Most of India's energy doesn't come from oil and doesn't go to agriculture. It seems plausible that the global economy will be able to overcome the food and fertiliser issues even in the short term, there is a lot of food out there.
I'm expecting the threat to be more complex economic goods like construction, manufactured goods, leisure and general logistics. I don't want to downplay the risk, famine in India is a scary thought, but I don't really see how we'd get there from closing the Strait of Hormuz without a lot of bad luck. The problem is it is going to materially impoverish a number of people and collapse complex supply chains rather than make it hard to get food to them.
Food quantity has never been the issue. The logistics are. Food is the most direct issue, but "just" the economic turmoil alone is reason enough to worry. No one was starving in the Weimar republic, yet ...
The logistics of food don't seem to be under any particular threat. The petrol required to get someone survival calories is not so much and the vast majority of traffic on the road is not about getting basic calories to people. I don't think any of the world's nuclear states would struggle to overcome that problem right now.
> When Linux goes off and decides it'll rewrite its working desktop stack and it's still, ten years later, not useable?
In fairness it wasn't just the rewrite that was the problem, but it looks for all the world like there was a large faction in the Linux UI world around Wayland that believes accessibility is insecure and designed the new systems to make it impossible. It has been an interesting if unfortunate situation that seems to be slowly being fixed.
> but it looks for all the world like there was a large faction in the Linux UI world around Wayland that believes accessibility is insecure and designed the new systems to make it impossible
Agreed.
FWIW, accessibility is insecure, that is a fact, and it's also fine. The problem is that many security-minded people forget to ask the critical question: security for whom, and from what. There is no such thing as "security" in general. There is always a subject being secured from a threat.
With Wayland, like with most modern software development, the user ends up being the thing to secure from, and what is being protected are the interests of the vendor.
9front tells me otherwise. It's security model with namespaces and rfork it's far more tuned to modern times than the GNU/Linux or BSD one where even wth mitigations and the like a good crafted NES sound file (6502 code in the end, as C64 MOD files) could cause mayhem on some buffer overflow executing x86 code.
rio(1) windows under plan9/9front have their own namespace and OFC you can restrict these per windows making these kind of attacks futile.
How's the a11y story under Plan 9? I always thought of Plan 9 as being very forward thinking for its time but unfortunately stuck in the past in various ways, but are there screen readers and voice input and everything?
> [T]he security model on Unix (and Linux) is to trust your applications
If that were true, httpd (and all other system daemons) would be run as root and neither the 'nobody' user and group nor the various security-related X11 extensions would exist.
Anyone who has worked in this field for more than a few years (regardless of their era of entry) knows that nontrivial programs are faulty and can happen to or be induced to do things that are harmful in varying degrees to the operation of the computer that runs them.
I'm not even sure how much practical difference there is between 5 and indefinite in practice, 5 years is a long time. I imagine it is pretty life-destroying. Especially for the crime of having something on your phone that you want to keep private.
> If it’s not about nation security or CSAM, it’s two.
I am sure we all get what you mean, but there is a comic interpretation in vaguely-Soviet style here where if someone hasn't done anything wrong they only get 2 years. I'm going to spend some time this weekend making sure my encryption is plausibly deniable where possible.
Is anyone going to mention what these provocations are? I've yet to figure it out after 6-12 months. Pretty much everything going on seems to involve the Israelis aggressively expanding their borders or viciously attacking anyone who might oppose their expansion. I've lost count of the number of negotiators they've killed.
Trump has averaged something like 1 bombing run on Iranian leadership ever 2 years. Iranian provocations must be quite effective at making him see red.
> Is anyone going to mention what these provocations are?
Sure, it’s not hard to find. These started long before Trump. You should look beyond the last few months’ news cycles. Iranian government’s issues with Israel are of ideological nature (according to the regime) and their open support (financially and militarily) of a part of Palestinian resistance and Hezbollah. Iran has been active at Israel’s borders for years. Their heavy involvement (including sending troops) in Syria’s civil war is another one to name. All of these are the ones that Iran openly admits to. You can’t explain these away with Israel’s expansionist tendencies because that’s not been a threat to Iran. No serious analyst believes that Israel wants/can to expand into even Iraq, let alone Iran!
The hostilities towards US and vice versa are a whole different topic.
Now to be clear I’m not siding with Israel on this and not saying that caring for Palestinians is not right, just answering your question and naming a few examples. Now, it’s all happened during many decades and not sure if it matters anymore who started it because it’s become a total shit show that is very hard to reconcile.
You might find it surprising that during Iran-Iraq war, Israel was the only country in the region who helped Iran against Iraq (which had the backing of the Arab countries including Palestinians).
Would it be fair to characterise these provocations as all involving Iran providing resistance to Israel aggressively expanding their borders? Because these cases seem to have a tendency to Israel controlling more land at the end of the day. It looks like a pretty classic situation where an aggressive power builds up in a series of "defensive" expansions.
> Iranian government’s issues with Israel are of ideological nature
I think they're just good at threat assessment. There seem to be a lot of Iranians dying of Sudden Acute Missile Disease this month. Frankly I'm struggling to see what aspect of their actions aren't just common sense over the last decade, except for their charmingly simplicity in that they didn't make a break for a nuclear bomb when they first got within a year or two of being able to develop one. Israel and their supporters have done a very bad job of offering an explanation of why the repeated hits were justified or helpful.
Israel withdrew fully from Lebanon in 2000, and this was certified by the UN, yet Hezbollah kept attacking them anyway.
If Hezbollah offered Israel a choice between: peace with Hezbollah OR occupy land in Lebanon, I think Israel would rationally choose peace.
But Hezbollah has never offered this. Their stated goal is complete destruction of Israel.
So if the options are: Hezbollah shoots at you from right across the border OR you occupy a buffer zone and Hezbollah still shoots at you but from further away:
Isn't it perfectly rational to choose the buffer zone?
Israel just communited genocide in one place and displaced millions in two others.
It "ordered" wast places full of people to lead, destroyed bridges, created shoot at will area on other side and is getting ready to move settlers there.
Isreal is not defending itself. It is cleansing and expanding, feeling entitled to kill at will everyone not them.
> Would it be fair to characterise these provocations as all involving Iran providing resistance to Israel aggressively expanding its borders?
Considering the results of this war so far and the one before, as well as Iran's military strategy, it doesn't seem plausible to think Iran sees (or ever saw) Israel as a threat to its borders' integrity. This may be the basis for Iran's strategy in the region in some version of the future, but to extend it to what they've done in the past would be hindsight bias.
IMO, the regime is not as much worried about Israel as it is about the US. Just compare the number of missiles and drones they shot at Gulf countries vs Israel.
But consider that Israel, rightfully or not, can make similar claims, which actually conform to the Iranian regime's long-stated goal of "destruction of Israel".
> Frankly, I'm struggling to see what aspect of their actions isn’t just common sense over the last decade.
That’s because it didn’t all start in the last decade. As you get closer to “present” in this timeline, it looks more like a one-sided affair. This is similar to the view which sees the whole Israel-Palestine issue only from October 7th onwards.
> Israel and their supporters have done a very bad job of offering an explanation of why the repeated hits were justified or helpful.
True, I’m also not sure if this is going to turn out as they wish it did. Although the jury's still out, but as the article points out, it seems unlikely.
> IMO, the regime is not as much worried about Israel as it is about the US.
The Islamic Regime is not a normal rational actor, their opposition to Israel is driven primarily by their ideology.
> Just compare the number of missiles and drones they shot at Gulf countries vs Israel.
This is probably more just a matter of Iran having more short range weapons than long range weapons, Israel is a long range target that much of their weapons will be unable to reach.
The obvious next step should probably be impeachment and removal from office. This seems to be the sort of situation was intended for. Elderly president goes completely off the rails one Friday and attempt to take out the global economy and trigger world war 3 for reasons that nobody can articulate. It is difficult to find a perspective where this war was reasonable, necessary, well advised, legal, moral or agreed to by any of the bodies that are supposed to decide whether the US military activates.
The only vague silver lining is that the situation is such a disastrous blunder that maybe future presidents will think a bit harder before sending the military in to the middle east. Assuming that Iran doesn't survive, get nukes and set up an impenetrable missile deterrence that renders the question moot. If the Republicans don't disassociate from Trump ASAP it looks like it is going to be much worse for them than Bush was and the way he established a good decade of right-wing cultural irrelevance. The safest path that will hold together with hindsight is walking away but I doubt they're nimble enough to manage that.
> This seems to be the sort of situation was intended for.
AFAIK, it was intended for presidents that use their position to pump-and-dump some cryptocoin or keep manipulating the stock market after their friends brought-in.
Destroying the country and starting WW3 for no reason is what treason laws are for.
If the US history tells us anything, there are never any serious consequences to any terrible things the people in power do. And thanks to the John Robert's SCOTUS, presidents now enjoy total immunity. Who in their right mind is going to impeach Trump when he has total immunity?
> agreed to by any of the bodies that are supposed to decide whether the US military activates
This isn't true. Congress entered into de facto agreement the second that it struck down war powers measures against the Trump administration's power to wage war against Iran.
> Alright, so does that mean we don't need KYC for ... bank accounts either?
That sounds reasonable. A bank can just be an institution that holds money for people; they don't need to be all over their customer's business. It is like a telecom not being responsible for what their customers say. In a simple sense banks don't need KYC.
>> A bank can just be an institution that holds money for people
Nope. That is a storage locker. A bank uses the money it holds for other purposes such as loans or its own investments, possibly returning interest to the depositor. But, most importantly, a bank disperses money. it therefore needs to know who deposits what so that it doesn't eventually release funds to the wrong person. And then there are the lengthy procedures for handing out money without customer permission. People die. Governments garnish wages. Courts order payments to for child support. If you hold money you have to be prepared for this stuff. So you need to be absolutely confident in the identity of everyone you deal with.
Want a simple bank? A bank that doesn't ask for ID? Keep your cash under your mattress. Or put it all in a crypto wallet.
I don't think this makes sense. You seem to be saying that a bank has to do all these things to control criminals while simultaneously arguing that there are simple methods criminals could use to bypass the banks (ie, deal in cash and keep it under the mattress or use crypto).
Given that the criminals aren't going to be using the banks it would make sense for the banks to not have mandatory administrative overhead that is easy to avoid.
> Nope. That is a storage locker.
Again, sounds good to me. Let people have a storage locker with a plastic debit card attached. If people had the option of a bank that was a little bit more responsible and didn't roll the dice of total collapse every financial crisis there'd be many that would go for that. Prepper types for example. The discourse glosses over how crazy it is that full-reserve or near-full-reserve banks are soft-banned.
> See, for instance, the space shuttle O-ring incident
That wasn't really a result of an alignment of small weaknesses though. One of the reasons that whole thing was of particular interest was Feynman's withering appendix to the report where he pointed out that the management team wasn't listening to the engineering assessments of the safety of the venture and were making judgement calls like claiming that a component that had failed in testing was safe.
If a situation is being managed by people who can't assess technical risk, the failures aren't the result of many small weaknesses aligning. It wasn't an alignment of small failures as much as that a component that was well understood to be a likely point of failure had probably failed. Driven by poor management.
> Fukushima
This one too. Wasn't the reactor hit by a wave that was outside design tolerance? My memory was that they were hit by an earthquake that was outside design spec, then a tsunami that was outside design spec. That isn't a number of small weaknesses coming together. If you hit something with forces outside design spec then it might break. Not much of a mystery there. From a similar perspective if you design something for a 1:500 year storm then 1/500th of them might easily fail every year to storms. No small alignment of circumstances needed.
In reality the "swiss cheese" holes for major accidents often turn out to be large holes that were thought to be small at the time.
> [Fukushima] No small alignment of circumstances needed.
The tsunami is what initiated the accident, but the consequences were so severe precisely because of decades of bad decisions, many of which would have been assumed to be minor decisions at the time they were made. E.g.
- The design earthquake and tsunami threat
- Not reassessing the design earthquake and tsunami threat in light of experience
- At a national level, not identifying that different plants were being built to different design tsunami threats (an otherwise similar plant avoid damage by virtue of its taller seawall)
- At a national level, having too much trust in nuclear power industry companies, and not reconsidering that confidence after a number of serious incidents
- Design locations of emergency equipment in the plant complex (e.g. putting pumps and generators needed for emergency cooling in areas that would flood)
- Not reassessing the locations and types of emergency equipment in the plant (i.e. identifying that a flood of the complex could disable emergency cooling systems)
- At a company and national level, not having emergency plans to provide backup power and cooling flow to a damaged power plant
- At a company and national level, not having a clear hierarchy of control and objective during serious emergencies (e.g. not making/being able to make the prompt decision to start emergency cooling with sea water)
Many or all of these failures were necessary in combination for the accident to become the disaster it was. Remove just a few of those failures and the accident is prevented entirely (e.g. a taller seawall is built or retrofitted) or greatly reduced (e.g. the plant is still rendered inoperable but without multiple meltdowns and with minimal radioactive release).
To be blunt; that isn't an appropriate application of the swiss cheese model to Fukushima. It isn't a swiss cheese failure if it was hit by an out-of-design-spec event. Risk models won't help there. Every engineered system has design tolerances. And that system will eventually be hit by a situation outside the tolerances and fail. Risk models aren't to overcome that reality - they are one of a number of tools for making sure that systems can tolerate situations that they were designed for.
If Japan gets traumatised and changes their risk tolerance in response then sure, that is something they could do. But from an engineering perspective it isn't a series of small circumstances leading to a failure - it is a single event that the design was never built to tolerate leading to a failure. There is a lot to learn, but there isn't a chain of small defence failures leading to an unexpected outcome. By choice, they never built defences against this so the defences aren't there to fail.
> Many or all of these failures were necessary in combination for the accident to become the disaster it was.
Most of those items on your list aren't even mistakes. Japan could reasonably re-do everything they did all over again in the same way that they could simply rebuild all the other buildings that were destroyed in much the same way they did the first time. They probably won't, but it is a perfectly reasonable option.
Again I'm going from memory with the numbers but doubling the cost of a rare disaster in a way that injures ... pretty much nobody ... is a great trade for cheap secure energy. It isn't a clear case that anything needs to change or even went wrong in the design process. Massive earthquakes and tsunamis aren't easy to deal with.
> It isn't a swiss cheese failure if it was hit by an out-of-design-spec event
First of all, the design basis accident is a design choice by the developers of the plant and regulators. The decision process that produced that DBA was clearly faulty - the economic and social costs of the disaster so clearly have exceeded those of a building to a more serious DBA.
> Again I'm going from memory with the numbers but doubling the cost of a rare disaster in a way that injures ... pretty much nobody ... is a great trade for cheap secure energy. It isn't a clear case that anything needs to change or even went wrong in the design process. Massive earthquakes and tsunamis aren't easy to deal with.
This is absolute nonsense. For the cost of maybe maybe tens of millions at most in additional concrete to build the seawall a few meters higher, the entire disaster would have been avoided entirely (i.e. plant restored to operation). With backup cooling that could have survived the tsunami (a lower expense than building a higher seawall), all that would have happened at Fukushima Daiichi is what happened at its neighbor Fukushima Daini (plant rendered inoperable, no meltdown, no significant radioactive release). Instead, we are talking about a disaster that will cost a (current) estimated $180 billion USD to clean up (and there is no way this estimate is realistic, when the methods required to perform the cleanup barely exist yet).
> The decision process that produced that DBA was clearly faulty - the economic and social costs of the disaster so clearly have exceeded those of a building to a more serious DBA.
That isn't clear at all. We're effectively sampling from the entire globe and we've had 2-3x bad nuclear disasters since the 70s. Our safety standards appear to be overcautious given the relatively small amount of damage done vs ... pretty much every alternative. The designs seem to be fine. I'm still waiting to see the justification for the evacuations from Fukushima; they seemed excessive. People died.
> For the cost of maybe maybe tens of millions at most...
You haven't thought for long enough before you typed that. For this particular disaster, sure. But hardening against all the possible disasters is what needs to happen when you become less risk tolerant. It is the millions of dollars to prevent against this disaster multiplied by the number of potential disasters that you have to consider. Safety is expensive.
The numbers aren't small, safety of that magnitude might not even be economically feasible. To say nothing of whether it is actually sensible. And once you get into one in 500 or thousand year events, some really catastrophic stuff starts happening that just can't be reasonably defended against. San Francisco and its fault springs to mind, I forget what sort of even that is but it is probably once a millennium or more often.
Fukushima was designed to be constructed on a hill 30-35 meters above the ocean, but someones decided would be cheaper to construct it at sea level in order to reduce costs in water pumping, others decided to approve this, and much latter, one decade before the disaster when was requested to reinforce the security measures within all the reactors at Japan, those in charge of Fukushima decided to ignore it, again, pushing for extensions year after year until it all blew up. Decades of bad decisions with a strong smell to corruption.
I mean, ok. So say they build the plant 35m higher up, then get hit by a tsunami that is 36 meters higher [0] than the one that caused the Fukushima disaster? If we're going to start worrying about events outside the design spec we may as well talk about that one. If they're designing to tolerate an event, we can pretty reliably imagine a much worse event that will happen sooner or later and take the plant out. That is the nature of engineering. Eventually everything fails; time is generally against a design engineer.
Caveating that I'm not really sure it was even an out-of-design event, but if it was then it is case closed and the swiss cheese model is an inappropriate choice of model to understand the failure. If you hit a design with things it wasn't designed to handle then it may reasonably fail because of that.
[0] https://en.wikipedia.org/wiki/Megatsunami homework for the interested, it is cool stuff. Japan has seen some quite large waves, 57 meters seems to be the record in recent history.
In Japan they have the "Tsunami Stones" [0] across the coast, memorials to remind future generations of the highest point the water reached.
It was negligent to construct a nuclear plant at sea level, it was just a plant waiting to be flooded, and for such case they had ten years to design protections after being requested to reinforce measures (along with the other Japanese plants), but I can imagine the ones that should put the money was not very collaborative (I even doubt if such responsible learnt the lesson).
If it was a cheese model or not I do not enter (notice that parent of parent and me are different users), their negligence breaks all the possible logic we could apply without introducing the corruption's variable behind such decades of bad decisions.
> It was negligent to construct a nuclear plant at sea level, it was just a plant waiting to be flooded,
So why did they build it there? It isn't a gentleman in a clown hat hitting himself on the head with a rubber mallet, they had a reason. These things are always trade-offs.
Maybe if they'd built it up on the hill there'd have been an earthquake, a landslide then the plant slides into the sea and gets waterlogged. I dunno. If we're talking about things without a clearly defined bounds of risk tolerance that is the sort of scenario that can be bought up. You're talking about negligence, but you aren't saying what tolerances this plant was built with, what you want it to be built to or what the trade-offs you want made are going to be. Once you start getting in to those details it becomes a lot less obvious that Fukushima is even a bad thing (probably is, the tech is pretty old and we wouldn't build a plant that way any more is my understanding). It isn't possible to just demand that engineers prevent all bad outcomes, reality is too messy. It isn't negligent if there are reasonable design constraints, then something outside the design considerations happens and causes a failure, is the theoretical point I'm bringing up. It is just bad luck.
The whole affair seems pretty responsible from where I sit a long way away. Fukushima is possibly the gentlest engineering disaster to ever enter the canon. It is much better than a major dam or bridge failure for example, and again assuming the event that caused the whole thing was unexpected not even evidence of bad management. Most engineering failures involve a chain of horrific choices the leave the reader with tears in their eyes, not just a fairly mild "well we were hit with a wild tsunami and doubled the nominal price tag of the cleanup with no obvious loss of life or limb". And bear in mind we're scouring the world for the worst nuclear disaster in the 21st century.
> "well we were hit with a wild tsunami and doubled the nominal price tag of the cleanup with no obvious loss of life or limb"
This is a bit of a wild understatement. (1) the tsunami was by no means wild, as multiple posts here have referenced, and (2) the incident resulted in a number of significant injuries, not including for deaths involved in the evacuation. And those deaths very much count - you can't hand-wave away the consequences of the evacuation on the basis of hindsight that the evacuation was larger than the final outcome necessitated.
> And those deaths very much count - you can't hand-wave away the consequences
I don't. If it is what it looks like, the government officials that ordered/organised the evacuations should be harshly censured and the next time evacuation orders should be more risk-based and executed in a safer way. What little I've gleaned suggests an appalling situation where a bunch of presumably old people were forced from their homes to their deaths. The main thing keeping me quiet on the topic is I don't speak Japanese and I don't really know what happened in detail there.
<< The Fukushima Daiichi Nuclear Power Plant construction was based on the seismological knowledge of more than 40 years ago. As research continued over the years, researchers repeatedly pointed out the high possibility of tsunami levels reaching beyond the assumptions made at the time of construction, as well as the possibility of reactor core damage in the case of such a tsunami. However, TEPCO downplayed this danger. Their countermeasures were insufficient, with no safety margin.>>
<< By 2006, NISA and TEPCO shared information on the possibility of a station blackout occurring at the Fukushima Daiichi plant should tsunami levels reach the site. They also shared an awareness of the risk of potential reactor core damage from a breakdown of sea water pumps if the magnitude of a tsunami striking the plant turned out to be greater than the assessment made by the Japan Society of Civil Engineers.>>
Even leaving aside they ignored the original placement in order to reduce costs by using biased seismological reports of their convenience, TEPCO knew the plant was at risk, they was warned successively it was at risk. And the supposed regulator NISA [0] closed the eyes conveniently (conveniently for someones).
<< TEPCO was clearly aware of the danger of an accident. It was pointed out to them many times since 2002 that there was a high possibility that a tsunami would be larger than had been postulated, and that such a tsunami would easily cause core damage.>>
From the other url I put (I updated it with a cached url, I didn't noticed the article was deleted),
<< there appear to have been deficiencies in tsunami modeling procedures, resulting in an insufficient margin of safety at Fukushima Daiichi. A nuclear power plant built on a slope by the sea must be designed so that it is not damaged as a tsunami runs up the slope.>>
EU raised the maximum permitted levels of radioactive contamination for imported food following Fukushima, this is not a gentlest gesture to the Europeans. Japanese citizens also received their dose, at time the more vulnerable ones was recruited by the Yakuza to clean up the zone.
No, I'm just trusting that you'll be honest about what it is saying. I don't need to read a report to persuade myself that a 40 year old plant was designed based on the best available knowledge of 40 years ago. That seems like something of a given. I'm just not sure where you are going with that, it doesn't obviously suggest negligence to me.
You're not saying what tolerances you want them to design to. We both agree that there are scenarios that can and might happen. Obviously is is possible for a tsunami to take out buildings built near the shore in Japan so it doesn't surprise me that people raised it as a risk. A lot of buildings got taken out that day. That doesn't obviously suggest negligence to me; obviously a lot of people were happy living with the risk.
> EU raised the maximum permitted levels of radioactive contamination for imported food following Fukushima
Oh well then. I had no idea. I thought the consequences were minor and now I have learned ... there you go, I suppose. I'm not really sure what to do with this new information.
> I'm just not sure where you are going with that, it doesn't obviously suggest negligence to me.
You didn't read the report or search for information about the matter, but I have not problem to repeat it for you,
The General Electric's design was originally designed to be placed 30-35 meters above the ocean, instead of this TEPCO modified such design and constructed at sea level (almost) recurring to studies convenient to their purpose, cheaper, this in one of the more tsunami-prone countries, with an history of ones reaching 20-30 meters. When those -for them- convenient studies was not longer justifiable, as deeper studies did finally refute them, they decided to just keep ignoring all the warnings and requests to reinforce the safety. They knew the nuclear plant was in danger, they always knew it, General Electric didn't designed at 30-35 meters above the ocean by coincidence, and this happened with a supposed regulator always closing the eyes to this, conveniently, across those years, ignoring even pipes with fissures.
Well, this obviously suggest negligence to me. Decades of bad decisions with a strong smell to corruption.
> You're not saying what tolerances you want them to design to.
What about tolerance to avoid a meltdown of the core, specially under two events, an earthquake and a tsunami, exactly what happened after ignoring the warnings and requests to reinforce the safety.
> Oh well then. I had no idea. I thought the consequences were minor and now I have learned ... there you go, I suppose. I'm not really sure what to do with this new information.
Keep the sarcasm for other places, if you don't mind. It is not a mere gentlest engineering disaster as it reached the whole planet, with ate TEPCO's cesium-137, specially the Japanese. And it is not a mere gentlest engineering disaster when you have to force vulnerable people to go to ground zero to move contaminated land and water.
> What about tolerance to avoid a meltdown of the core, specially under two events, an earthquake and a tsunami, exactly what happened after ignoring the warnings and requests to reinforce the safety.
I wasn't going to reply but that seems like it moves the conversation forward; so why not?
It seems to me your design goal is fundamentally incompatible with a lot of the specific complaints of negligence. If you want a design that doesn't melt down when there is an earthquake and a tsunami, then moving the reactor to higher ground isn't helpful because it won't achieve the design goal. The design is still fundamentally vulnerable. Moving the reactor up 35m still leaves it vulnerable to a large enough tsunami and a big enough earthquake.
If your solution is moving the site uphill, then your design goal should be talking in terms of a 1 in X year event. If you want the risk completely mitigated then in this case it isn't relevant where the site is since the obvious way to achieve that design goal is just build something that doesn't fail when flooded. Coincidentally that seems to be the approach that the newer generation designs use - change how the cooling works so that it can't melt down in any reasonable circumstances, tsunami or otherwise.
I will note that there is a reading of your comment where you want the design to be able to tolerate this specific event. I'm ignoring that reading as unreasonable since it requires hindsight, but in the unlikely event that is what you meant then just pretend I didn't reply.
> Keep the sarcasm for other places, if you don't mind. It is not a mere gentlest engineering disaster as it reached the whole planet, with ate TEPCO's cesium-137, specially the Japanese. And it is not a mere gentlest engineering disaster when you have to force vulnerable people to go to ground zero to move contaminated land and water.
Which one do you think was gentler and a story of similar popularity as Fukushima? It is pretty usual to have multiple people actually die and it be the engineer's responsibility once something becomes international news. Even something as basic as a port explosion usually has a number of missing people in addition to a chunk of city being taken out. To anchor this in reality, Fukushima at a class 7 meltdown might have done less damage than a coal plant in normal operation. Coal plants aren't pretty places and air pollution is nasty, nasty stuff.
> It seems to me your design goal is fundamentally incompatible with a lot of the specific complaints of negligence. If you want a design that doesn't melt down when there is an earthquake and a tsunami, then moving the reactor to higher ground isn't helpful because it won't achieve the design goal.
My goal? My solution? My design!? you must be now kidding,
- GE original design 30-35 meters above the sea.
- Warnings about reinforce safety along one decade.
- Tsunami at Fukushima's nuclear plant, 15 meters above the sea.
> I wasn't going to reply but that seems like it moves the conversation forward; so why not?
Foward to... nothing it seems. You just replied with hypotheticals like if the event didn't happened, and as if such event would have been impossible to avoid, with some kind of dissociative reflexions that surpass the cynicism. I'm the one that is not going to reply.
> Caveating that I'm not really sure it was even an out-of-design event but if it was then it is case closed and the swiss cheese model is an inappropriate choice of model to understand the failure.
This is not how safe systems are designed and operated. Safety is not a one-time item, it is a process. All safety-critical systems receive attention throughout their operating lives to identify and mitigate potential safety risks. Throughout history, many safety-critical systems have received significant changes during their operating lives as a result of newly-discovered threats or recognition that threats identified during the initial design were not adequately addressed. Many (if not most) commercial aircraft have required significant modifications to address problems that were not understood at the time they were initially built and certified. Likewise, nuclear power plants in many countries have received major modifications over the years to address potential safety issues that were not understood or properly modeled at the time of their design. Sometimes, this process determines that there is no safe way to continue operation - usually that there is no economically viable way to mitigate the potential failure mode - and the system is simply shut down. This has happened to a few aircraft over the years, as well as several nuclear power plants (in many cases justified, in others not so much).
Fukushima existed in just such a system, and that the disaster occurred was the result of failures throughout the system, not a one-off failure at the design stage.
> I mean, ok. So say they build the plant 35m higher up, then get hit by a tsunami that is 36 meters higher [0] than the one that caused the Fukushima disaster? If we're going to start worrying about events outside the design spec we may as well talk about that one. If they're designing to tolerate an event, we can pretty reliably imagine a much worse event that will happen sooner or later and take the plant out. That is the nature of engineering.
I think you are missing the point. Obviously it is possible that a tsunami higher than any possible design threshold could occur (it is, after all, possible that an asteroid will strike in the pacific and kick up a wave of debris that wipes everything off the home islands). However, the tsunami that struct Fukushima Daiichi was no higher than a number of tsunamis that were recorded in Japan within the last century. The choice of DBA tsunami height was clearly an underestimate, and underestimates were identified for Fukushima and other plants prior to the accident but not acted upon. This was not a cases of "a bigger wave is always possible", it was a case where the design, operation, and supervision were wrong, and known (by some) to be so prior to the accident.
> The choice of DBA tsunami height was clearly an underestimate, and underestimates were identified for Fukushima and other plants prior to the accident but not acted upon.
Not much of a swiss cheese failure then though. The failure is just that they committed hard to an assumption that was wrong.
My point is that unless it is actually an example of multiple failures lining up then this is a bad example of a swiss-cheese model. Seems to be an example of a tsunami hitting a plant that wasn't designed to cope with it. And a plant with owners who were committed to not designing against that tsunami despite being told that it could happen. It is a one-hole cheese if the plant was performing as it was designed to. The stance was that if a certain scenario eventuated then the plant was expected to fail and that is what happened.
Swiss cheese failures are there are supposed to be a number of independent or semi-independent controls in different systems that all fail leading to an outcome. This is just that they explicitly chose not to prepare for a certain outcome. Not a lot of systems failing; it even seems like a pretty reasonable place to draw the line for failure if we look at the outcomes. Expensive, unlikely, not much actual harm done to people and likely to be forgotten in a few decades.
I don't think you understand how a swiss cheese failure happens. They're not independent or semi-independent. Latent failures, expose active failures, like:
"Committed hard to an assumption that was wrong"
Then causes damage to the seawater pumps along the shoreline, and flooded emergency diesel generators.
That causes total loss of AC and DC power.
Loss of AC and DC power causes the reactor to overheat.
There was a strong corporate cultural component to Fukushima as well. Tepco had spent decades telling the Japanese public that nuclear power was completely safe. A tall order in Japan obviously, but by and large it worked.
During the operation of Fukushima Daiichi, various studies had been done that recommended upgraded safety features like enlarging the seawall, moving the emergency generators above ground so they couldn't be flooded, etc.
In every case, management rejected the recommendations because:
1. They would cost money.
2. Upgrading safety would be tantamount to admitting the reactors were less than safe before, and we can't have that.
I’m not sure why you think those are not a confluence of smaller events or that something outside the design spec isn’t one of those factors. By “small,” I don’t mean trivial. I mean an event that by itself wouldn’t necessarily result in disaster. Perhaps I should have said “smaller” rather than “small.” With the O-rings, the cold and the pressure to launch on that particular day all created the confluence. With Fukushima, the earthquake knocked out main power for primary cooling. That would have been manageable except then the backup generators got destroyed by the tsunami. It was not a case of just a big earthquake, whether outside or inside the design spec, making the reactor building fall down and then radiation being released.
If Fukushima get hit by a disaster that is outside the design spec then the engineering root cause of the failure is established. There isn't some detailed process needed to figure out how a design should tolerate out-of-design events. And there isn't a confluence of smaller events, it is a very cut and dry situation (well, unstable and wet situation I suppose). There was one event that caused the failure. An event on a biblical scale that was hard to miss.
If you want Fukushima to tolerate things it wasn't designed to tolerate or fail in ways it wasn't designed to fail in then the swiss cheese model isn't going to be much help. You're going to need to convince politicians and corporate entities that their risk tolerance is too high. Which in a rational world would be a debate because it isn't obvious that the risk tolerances were inappropriate.
This article is actually unusually good, I wouldn't be surprised if the site was generally anti-war. It isn't unusual for the level of analysis to be "we're the in-group, we're morally right, they're the out-group, we can't imagine they're competent, lets kill them it'll be easy". The moment people start doing serious analysis they become well-armed pacifists. As a case study; this war is part of a trend of the US hurting itself in aid of ... nothing useful for the US. The only silver lining is I don't see the Trump presidency surviving this and that might be a lesson to the next guy about trying to start fights.
reply