A Geek With Guns

Chronicling the depravities of the State.

Archive for the ‘News You Need to Know’ Category

But Wait, There’s More

without comments

Equifax already displayed a staggering level of incompetence but like a Billy Mays commercial there’s more:

The official Equifax Twitter account encouraged people to visit a knock-off website that mocks the company’s security practices instead of the site the company created to warn of a massive data breach. That recent breach exposed personal details for as many as 143 million US consumers.

In a tweet on Tuesday afternoon, an Equifax representative using the name Tim wrote: “Hi! For more information about the product and enrollment, please visit: securityequifax2017.com.” The message came in response to a question about free credit monitoring Equifax is offering victims. The site is a knock-off of the official Equifax breach notification site, equifaxsecurity2017.com. A security researcher created the imposter site to demonstrate how easy it is to confuse a legitimate name with a bogus one. The Equifax tweet suggests that even company representatives can be easily fooled. The tweet was deleted late Wednesday morning, more than 18 hours after it went live.

It’s almost as if large credit agencies like Equifax aren’t held accountable for screwing up and therefore aren’t motivated to do an effective job. Weird.

Statists continue to claim that government is necessary to deliver justice when large corporations like this screw up. However, I’m still waiting to see the government do anything more than give a corporation like this a minor slap on the wrist for fuck ups of this magnitude. Hell, I’m still waiting to see the government give Equifax a stern talking to over this series of amateur mistakes. As far as I can tell, government seems exists primarily to protect large corporations like this from competitors that would currently be tearing it apart if there was a free market.

Written by Christopher Burg

September 22nd, 2017 at 10:30 am

NSA Told to Sod Off

without comments

After the National Security Agency (NSA) was caught cryptographic algorithms to enhance its surveillance abilities, trust for the agency fell to an all time low. This distrust lead the International Standards Organization (ISO) to reject two encryption algorithms recently submitted by the NSA:

SAN FRANCISCO (Reuters) – An international group of cryptography experts has forced the U.S. National Security Agency to back down over two data encryption techniques it wanted set as global industry standards, reflecting deep mistrust among close U.S. allies.

In interviews and emails seen by Reuters, academic and industry experts from countries including Germany, Japan and Israel worried that the U.S. electronic spy agency was pushing the new techniques not because they were good encryption tools, but because it knew how to break them.

The NSA has now agreed to drop all but the most powerful versions of the techniques – those least likely to be vulnerable to hacks – to address the concerns.

The dispute, which has played out in a series of closed-door meetings around the world over the past three years and has not been previously reported, turns on whether the International Organization of Standards should approve two NSA data encryption techniques, known as Simon and Speck.

This is an appropriate response. The NSA has a track record of manipulating standards organizations in order to make its surveillance apparatus more effective. In security trust is everything. Since the NSA has proven itself to be untrustworthy, it only makes sense to reject any proposals from the agency.

Written by Christopher Burg

September 22nd, 2017 at 10:00 am

Collectivizing Individual Action

without comments

The War on Some Drugs is justified by collectivizing individual action. According to its proponents, drug usage is a societal problem. They try to justify this claim by using other forms of collectivism. For example, proponents of the drug war will claim that drug usage costs “us” fantastic amounts of money in healthcare-related expenses. However, they can only make that claim because the government has collectivized a significant portion of the healthcare market. If the healthcare market were a free market, drug users would be left footing the expenses for their habit.

The drug war’s current hot topic is illegal opioid usage. In an attempt to make illegal opioid usage look like a societal problem, proponents of the drug war are now claiming that opioid usage has lowered the average life expectancy in the United States:

The problem is so bad, in fact, that the epidemic is dragging down the entire country’s life expectancy—by 2.5 months. That’s according to a new analysis by CDC researchers who published Tuesday in JAMA.

The problem with this statistic is that it’s completely meaningless.

Drug usage isn’t a communicable disease like plague or the flu. A drug user can’t transmit the effects of the drugs they’re using to you. Like them, you have to make a conscious decision to use drugs. If my neighbor down the street decides to use heroine, my life expectancy isn’t impacts in any way whatsoever. But if enough people actually realized that, the government would have a difficult time drumming up popular support for its very profitable war.

Let Them Eat Rabbit

without comments

Socialism has brought equality to Venezuelans! Everybody is equally hungry (except for members of the Party but they’re more important than the lowly proles) and it’s not sitting well. Probably hoping to keep his head firmly attached to his neck, President Maduro has offered a plan to deal with the country’s hunger. His plan? Let them eat rabbit:

That was basically the message from President Nicolas Maduro to Venezuelans starving and struggling through severe food shortages brought on by a spiraling economic crisis.

Maduro unveiled “Plan Rabbit” on Wednesday with his agriculture minister, Freddy Bernal, at a meeting that was broadcast on Periscope. (In the video, the announcement comes after the two-hour mark).

Unfortunately for the people of Venezuela, rabbit meat alone doesn’t fend off starvation:

Protein poisoning was first noted as a consequence of eating rabbit meat exclusively, hence the term, “rabbit starvation”. Rabbit meat is very lean; commercial rabbit meat has 50–100 g dissectable fat per 2 kg (live weight). Based on a carcass yield of 60%, rabbit meat is around 8.3% fat while beef and pork are 32% fat and lamb 28%.

Unless Venezuelans can find a source of fat to go with their rabbit meat, they’ll be in the same position they currently are.

Written by Christopher Burg

September 15th, 2017 at 10:30 am

New Levels of Incompetence

without comments

Equifax, one of the largest consumer credit report agencies, recently suffered a major database breech. Of course, you wouldn’t know it if the media wasn’t giving it heavy coverage because Equifax seems to want to keep things hush hush and I understand why. After reading this it would appear that Equifax implemented worse security than most college students in an introductory web development class:

It took almost no time for them to discover that an online portal designed to let Equifax employees in Argentina manage credit report disputes from consumers in that country was wide open, protected by perhaps the most easy-to-guess password combination ever: “admin/admin.”

[…]

Each employee record included a company username in plain text, and a corresponding password that was obfuscated by a series of dots.

However, all one needed to do in order to view said password was to right-click on the employee’s profile page and select “view source,” a function that displays the raw HTML code which makes up the Web site. Buried in that HTML code was the employee’s password in plain text.

This is an impressive level of incompetence and I mean that sincerely. Most amateur websites have better security than this. The fact that a company as large as Equifax could implement worse security practices than even the most amateur of amateur web developers is no small feat. Unfortunately, its piss poor security practices has put a lot of people’s sensitive information in the hands of unknown parties.

Written by Christopher Burg

September 15th, 2017 at 10:00 am

Play Stupid Games, Win Stupid Prizes

without comments

On Tuesday night a security officer at St. Cathrine University was shot. The initial report said that an individual had shot the officer but it turns out that the officer shot himself and lied about it. Why did he do that? Because he played a stupid game:

Investigators continued working the case all day Wednesday. While interviewing Ahlers about 9:15 p.m. Wednesday, he told officers that he was in a wooded area of the campus about 9:30 p.m. Tuesday. He had brought his personal handgun from home and was handling it when it accidentally discharged, hitting him in the shoulder.

He told police he’d lied and said he made up the story because he was afraid of losing his job because he’d brought a gun to work with him.

One of the rules of carrying a firearm is that you should leave it in the holster unless you absolutely need to use it. A holstered gun won’t hurt anybody but the second a gun leaves its holster the possibility of it being fired increases from zero.

As an additional note, if the officer wanted to carry a gun he should have sought out an armed job. Then he wouldn’t have had to worry about losing his job for being armed. Now he’ll probably lose his job and find a tough time getting a new job as a security officer since he’s proven himself to be untrustworthy.

Written by Christopher Burg

September 14th, 2017 at 10:30 am

Plan Ahead

without comments

Planning ahead can save you a great deal of grief, frustration, and money:

Two things are true of all festivals: the security is super tight and the booze is very expensive.

[…]

One guy from New York named Alex found an ingenious way to get past these two road blocks. Three weeks before the Electric Zoo festival in New York City, Alex travelled to the Randall’s Island where the event is located with a bottle of Vodka in arm.

He filled a reusable bottle with the Vodka and using a small shovel that he brought with him, Alex and his friends buried the bottle of booze in the ground a long time before the festival crew arrived to construct the stages for the event.

Alex is a real American hero (I know this story could be fake but I want it to be true so I’m going to believe it is).

On a more serious note, this tactic could also work for smuggling weapons into outdoor festivals. I wonder how many security providers have considered such a threat model. It’s also a difficult threat model to defend against since a security team would have to run metal detectors across the entire grounds and that would only offer protection against metallic weapons.

Written by Christopher Burg

September 14th, 2017 at 10:00 am

Gun, Camera, What’s the Difference?

without comments

Another day, another isolated incident. This isolated incident involves a law enforcer who apparently mistook a camera tripod for a gun:

A newspaper photographer from Ohio was shot Monday night by a sheriff’s deputy who apparently mistook his camera and tripod for a gun, and fired without a warning, the newspaper reported.

Andy Grimm, a photographer for the New Carlisle News, left the office at about 10 p.m. to take pictures of lightning when he came across a traffic stop and decided to take photos, according to the paper’s publisher, Dale Grimm.

“He said he got out, parked under a light in plain view of the deputy, with a press pass around his neck,” Grimm told The Washington Post. “He was setting up his camera, and he heard pops.”

Clark County Sheriff’s Deputy Jake Shaw did not give any warnings before he fired, striking Andy Grimm on the side, according to the paper.

Did the officer mistake a tripod for a gun or was he simply not in the mood to be photographed and knew that the likelihood of him being punished for shooting an innocent person was practically zero? There’s no way to know for sure since law enforcers almost always get away with shooting innocent people with little or no punishment.

Written by Christopher Burg

September 6th, 2017 at 10:00 am

Utah Hospital Tries to Prohibition Cops from Further Abusing Its Nurses

with 2 comments

I’m sure you’ve already heard about the incident with Alex Wubbels. Some armed thugs came into her hospital and demanded to draw blood from an unconscious patient. She refused to allow the thugs to do so because the hospital’s policy is that blood can only be drawn from an unconscious individual if they are under arrest or if there is a court order. While the officers in question didn’t have enough evidence to arrest the unconscious person of interest, they apparently had enough evidence to arrest Wubbels… roughly. She paid a price for standing in the way of an officer’s power trip and that has resulted in the hospital prohibiting officers from interacting with its nurses:

The University of Utah Hospital, where a nurse was manhandled and arrested by police as she protected the legal rights of a patient, has imposed new restrictions on law enforcement, including barring officers from patient-care areas and from direct contact with nurses.

This may be a nice gesture but it will likely be unenforceable. The lack of accountability for law enforcers in this country means any restriction placed upon them by a private entity can be ignored. After all, who is going to enforce this policy? The good cops? Seeing as they stood by while their fellow officer kidnapped a nurse because she was doing her job I don’t have much faith that they do anything. Maybe the hospital itself will enforce the policy. Of course, any staff member who attempts to enforce the policy will receive the same treatment that Wubbels did.

The biggest problem with government monopolies is that individuals don’t get a choice of whether or not they want to participate. Participation is mandatory. If you refuse to participate, you are usually arrested and charged with a crime. I hope this changes someday but I don’t have a lot of hope that it will.

Written by Christopher Burg

September 5th, 2017 at 10:30 am

Being the Designated Fall Person is Lucrative

with one comment

After Officer Noors gunned down Justine Ruszczyk the mayor of Minneapolis, Betsy Hodges, sought out a sacrificial lamb that she could toss to the public to appease their anger. The sacrificial lamb she found was Janeé Harteau, the now former police chief for the City of Minneapolis. Initially it looked like a pretty raw deal but it turns out that being the sacrificial lamb can be quite profitable:

Former Minneapolis Police Chief Janeé Harteau would receive $182,876 in separation pay plus 12 months of health benefits under a severance deal with the city released Friday.

The deal must earn City Council approval. It includes a sweeping mutual non-disparagement clause: Harteau must say nothing negative about Mayor Betsy Hodges, the City Council or other high-ranking city officials, and they must say nothing negative about her.

Shielding the mayor and City Council for criticism doesn’t come cheap.

These deals always amuse me. On the one hand, a person in a management position is terminated because they supposedly did a bad job. On the other hand, their severance package is so good that they’re actually rewarded for doing a bad job. It’s like the people above the sacrificial lamb want to have their cake and eat it.

Written by Christopher Burg

September 5th, 2017 at 10:00 am