The following is an email I shot off to Roderick Jones @ MetaSecurity....I thought it may be worth sharing.
 
--snip--
 
was thinking about this last night, was curious to see if you had any thoughts...
 
so following the whole 60 mins debacle, vulnerabilities to critical infrastructure have been on every one's mind.  it's a challenging problem.  you have private entities that have no regulatory body requiring them to meet certain security standards (although dhs may have something).  the incentive to adequately secure their infrastructure simply isn't there until their reputation is sullied and they begin to lose money - or even worse, the government comprehensively intervenes.
 
so here's what i am thinking.  w/ mobile computing and geo social media on the verge of blowing up, we'll begin to have copious amounts of user submitted real-time information that is location relevant due to gps (whether it be twitter feeds, facebook feeds, whatever else comes down the pipe, etc) - there is obviously great value in mining this information - nothing new here, this is what you and i have already discussed.
 
what if we are able to mine this geo social, real-time info, and filter for key things like "power outage", "electricity went out", "stop lights have malfunctioned", etc.  people will tweet this info and facebook it, simply because that's what people do.  we stand up the platform and let the people fuel the engine.
 
algorithms could be devised to quantitatively determine if there may be a serious problem in a certain location.  this would be based on the number of people to "tweet" or "facebook" info relative to their geo-coordinates.  if we're getting a lot of user info speaking of outages in specific locations chances are we have an infrastructure issue - it may not be hackers but something is not working.
 
a system like this would pinpoint flaws or problems to our infrastructure and provide more transparency.  instead of having big gov't get involved and try to regulate, let the people do it.  a system like this would conspicuously acknowledge flaws in critical infrastructure and service providers would likely become more accountable.
 
does this make sense?  you have anything thoughts?