The Soviets had a strong typewriter implant game[0]. They might have to revive some of their old tradecraft to either deliver implants via the card punches, or monitor what is being sent over the air gap.
If you can get natural light in people could live under the mound. Then you can have a city that looks like a park! People could quickly walk or cycle to where they need to go. Cars stay in tunnels.
There are around a dozen streets downtown that are multilevel, Wacker Dr. being the most famous thanks to The Dark Knight. They’re not tunnels so much as raised floors. The buildings around them are similarly laid out so that the pedestrian levels are actually dozens of feet above the ground with service entrances beneath.
You might also might be interested to know that Millennium Park is actually a massive rooftop garden covering a train station and parking garage which connects to a lot of these streets.
I’d also add that street level was raised off of the ground in the 1850’s, but that was just to help with drainage afaik.
Firstly "unhackable" in the marketing makes me trust it less. Everything is hackable.
I am not sure what the threat vector is that makes this more secure than hashing a password in a single database.
With hashing the server doesn't know your password. If you picked a poor password a hacker with the hash could guess it I suppose but you can mitigate against that.
Also if someone can hack into server A, however they did that is likely to work for B unless they are managed on different clouds by different teams and share no common code or prod access.
Thank you for your feedback, and I completely understand your concerns. The term "unhackable" can definitely raise skepticism, and I agree—nothing is completely immune to threats in cybersecurity. However, let me clarify what we mean by FortiLock's approach and how it differs from traditional single-database systems with hashed passwords.
Why FortiLock Is Different:
Password Splitting:
The major difference with FortiLock is that instead of hashing and storing the entire password in one place, we split the password across two independent servers (Server A and Server B).
Each server holds only a part of the password, which is hashed separately, so even if one server is compromised, the data is useless without access to the other.
Decentralization:
You’re absolutely right that if the same vulnerability exists across both servers, the attacker could potentially compromise both. However, FortiLock mitigates this by splitting the infrastructure, often across different environments (or clouds), making it significantly harder for an attacker to breach both.
Additionally, Server C handles email and levelpoints, further decentralizing the critical elements needed for a complete attack. So even if someone gets into Server A, without Server B and Server C, they still can’t reconstruct the full credentials.
Threat Vectors:
The common attack vector with traditional hashed password systems is that once the server is breached, the attacker may gain access to the full hashed password. With enough resources, they can try brute-force or rainbow table attacks.
By splitting the hashed password into two pieces, FortiLock makes it much harder for an attacker to do this, as they'd need to compromise multiple systems and reconstruct the password from two independently hashed pieces.
Beyond Poor Passwords:
You're right that even with hashing, weak passwords are still vulnerable. FortiLock reduces this risk with its additional layer, the PinK System, which introduces a dynamic, monthly code that even a stolen password can’t bypass. It’s not just about having the password; it’s about passing several independent checks.
Why Not Just a Single Server with Hashing?
You're correct that in traditional systems, a hashed password on a single server offers decent security, especially with salting. But FortiLock isn't trying to replace hashing—we still hash the password. The key here is mitigating risk by:
Splitting the attack surface: No one server holds enough data to crack the password.
Adding multi-step verification: With the PinK System, an additional layer of dynamic security ensures that even if a password is compromised, it’s not enough to access the account.
Can FortiLock Be Hacked?
No system is 100% immune, and I totally agree with you—everything is hackable to some extent. What FortiLock aims to do is make the attack surface so complex and decentralized that it becomes far harder and costlier for an attacker to succeed.
Reading your answers is very frustrating, because you keep referencing a “we / we’ve” when it’s clearly a hobby project by a complete beginner.
It sounds like you’ve come up with this idea via ChatGPT or other LLM, and you won’t take any legitimate criticisms. All your responses sound like taking to ChatGPT.
I’d advise not to lean on ChatGPT. It’s cutting corners. Learn deep, read material online
That said, cameras are more of a commodity.
QR and typing: see TOTP tokens!