A Geek With Guns

Chronicling the depravities of the State.

Archive for the ‘You Can’t Cure Stupid’ tag

But Wait, There’s More

without comments

Equifax already displayed a staggering level of incompetence but like a Billy Mays commercial there’s more:

The official Equifax Twitter account encouraged people to visit a knock-off website that mocks the company’s security practices instead of the site the company created to warn of a massive data breach. That recent breach exposed personal details for as many as 143 million US consumers.

In a tweet on Tuesday afternoon, an Equifax representative using the name Tim wrote: “Hi! For more information about the product and enrollment, please visit: securityequifax2017.com.” The message came in response to a question about free credit monitoring Equifax is offering victims. The site is a knock-off of the official Equifax breach notification site, equifaxsecurity2017.com. A security researcher created the imposter site to demonstrate how easy it is to confuse a legitimate name with a bogus one. The Equifax tweet suggests that even company representatives can be easily fooled. The tweet was deleted late Wednesday morning, more than 18 hours after it went live.

It’s almost as if large credit agencies like Equifax aren’t held accountable for screwing up and therefore aren’t motivated to do an effective job. Weird.

Statists continue to claim that government is necessary to deliver justice when large corporations like this screw up. However, I’m still waiting to see the government do anything more than give a corporation like this a minor slap on the wrist for fuck ups of this magnitude. Hell, I’m still waiting to see the government give Equifax a stern talking to over this series of amateur mistakes. As far as I can tell, government seems exists primarily to protect large corporations like this from competitors that would currently be tearing it apart if there was a free market.

Written by Christopher Burg

September 22nd, 2017 at 10:30 am

Collectivizing Individual Action

without comments

The War on Some Drugs is justified by collectivizing individual action. According to its proponents, drug usage is a societal problem. They try to justify this claim by using other forms of collectivism. For example, proponents of the drug war will claim that drug usage costs “us” fantastic amounts of money in healthcare-related expenses. However, they can only make that claim because the government has collectivized a significant portion of the healthcare market. If the healthcare market were a free market, drug users would be left footing the expenses for their habit.

The drug war’s current hot topic is illegal opioid usage. In an attempt to make illegal opioid usage look like a societal problem, proponents of the drug war are now claiming that opioid usage has lowered the average life expectancy in the United States:

The problem is so bad, in fact, that the epidemic is dragging down the entire country’s life expectancy—by 2.5 months. That’s according to a new analysis by CDC researchers who published Tuesday in JAMA.

The problem with this statistic is that it’s completely meaningless.

Drug usage isn’t a communicable disease like plague or the flu. A drug user can’t transmit the effects of the drugs they’re using to you. Like them, you have to make a conscious decision to use drugs. If my neighbor down the street decides to use heroine, my life expectancy isn’t impacts in any way whatsoever. But if enough people actually realized that, the government would have a difficult time drumming up popular support for its very profitable war.

The EFF Resigns from the W3C

without comments

The World Wide Web Consortium (W3C) officially published its recommendation for a digital rights management (DRM) scheme. By doing so it put an end to its era of promoting an open web. After fighting the W3C on this matter and even proposing a very good compromise, which was rebuffed, the Electronic Frontier Foundation (EFF) has resigned from the W3C:

We believe they will regret that choice. Today, the W3C bequeaths an legally unauditable attack-surface to browsers used by billions of people. They give media companies the power to sue or intimidate away those who might re-purpose video for people with disabilities. They side against the archivists who are scrambling to preserve the public record of our era. The W3C process has been abused by companies that made their fortunes by upsetting the established order, and now, thanks to EME, they’ll be able to ensure no one ever subjects them to the same innovative pressures.

[…]

Effective today, EFF is resigning from the W3C.

Since the W3C no longer serves its intended purpose I hope to see many other principled members resign from the organization as well.

While content creators are interested in restricting the distribution of their products, the proposal put forth by the W3C will return us to the dark days of ActiveX. Since the proposal is really an application programming interface (API), not a complete solution, content creators can require users to install any DRM scheme. These DRM schemes will be native code. If you remember the security horrors of arbitrary native code being required by websites using Active X, you have an idea of what users are in for with this new DRM scheme. At this point I hope that the W3C burns to the ground and a better organization rises from its ashes.

Written by Christopher Burg

September 19th, 2017 at 10:00 am

Let Them Eat Rabbit

without comments

Socialism has brought equality to Venezuelans! Everybody is equally hungry (except for members of the Party but they’re more important than the lowly proles) and it’s not sitting well. Probably hoping to keep his head firmly attached to his neck, President Maduro has offered a plan to deal with the country’s hunger. His plan? Let them eat rabbit:

That was basically the message from President Nicolas Maduro to Venezuelans starving and struggling through severe food shortages brought on by a spiraling economic crisis.

Maduro unveiled “Plan Rabbit” on Wednesday with his agriculture minister, Freddy Bernal, at a meeting that was broadcast on Periscope. (In the video, the announcement comes after the two-hour mark).

Unfortunately for the people of Venezuela, rabbit meat alone doesn’t fend off starvation:

Protein poisoning was first noted as a consequence of eating rabbit meat exclusively, hence the term, “rabbit starvation”. Rabbit meat is very lean; commercial rabbit meat has 50–100 g dissectable fat per 2 kg (live weight). Based on a carcass yield of 60%, rabbit meat is around 8.3% fat while beef and pork are 32% fat and lamb 28%.

Unless Venezuelans can find a source of fat to go with their rabbit meat, they’ll be in the same position they currently are.

Written by Christopher Burg

September 15th, 2017 at 10:30 am

New Levels of Incompetence

without comments

Equifax, one of the largest consumer credit report agencies, recently suffered a major database breech. Of course, you wouldn’t know it if the media wasn’t giving it heavy coverage because Equifax seems to want to keep things hush hush and I understand why. After reading this it would appear that Equifax implemented worse security than most college students in an introductory web development class:

It took almost no time for them to discover that an online portal designed to let Equifax employees in Argentina manage credit report disputes from consumers in that country was wide open, protected by perhaps the most easy-to-guess password combination ever: “admin/admin.”

[…]

Each employee record included a company username in plain text, and a corresponding password that was obfuscated by a series of dots.

However, all one needed to do in order to view said password was to right-click on the employee’s profile page and select “view source,” a function that displays the raw HTML code which makes up the Web site. Buried in that HTML code was the employee’s password in plain text.

This is an impressive level of incompetence and I mean that sincerely. Most amateur websites have better security than this. The fact that a company as large as Equifax could implement worse security practices than even the most amateur of amateur web developers is no small feat. Unfortunately, its piss poor security practices has put a lot of people’s sensitive information in the hands of unknown parties.

Written by Christopher Burg

September 15th, 2017 at 10:00 am

Play Stupid Games, Win Stupid Prizes

without comments

On Tuesday night a security officer at St. Cathrine University was shot. The initial report said that an individual had shot the officer but it turns out that the officer shot himself and lied about it. Why did he do that? Because he played a stupid game:

Investigators continued working the case all day Wednesday. While interviewing Ahlers about 9:15 p.m. Wednesday, he told officers that he was in a wooded area of the campus about 9:30 p.m. Tuesday. He had brought his personal handgun from home and was handling it when it accidentally discharged, hitting him in the shoulder.

He told police he’d lied and said he made up the story because he was afraid of losing his job because he’d brought a gun to work with him.

One of the rules of carrying a firearm is that you should leave it in the holster unless you absolutely need to use it. A holstered gun won’t hurt anybody but the second a gun leaves its holster the possibility of it being fired increases from zero.

As an additional note, if the officer wanted to carry a gun he should have sought out an armed job. Then he wouldn’t have had to worry about losing his job for being armed. Now he’ll probably lose his job and find a tough time getting a new job as a security officer since he’s proven himself to be untrustworthy.

Written by Christopher Burg

September 14th, 2017 at 10:30 am

In a Democracy Everybody Has a Say

with one comment

Take a look at the current political landscape. We have national socialists and international socialists doing battle openly. College campuses are currently deciding how much free speech they should allow. The harden the fuck up crowd and the snowflake crowd aren’t terribly pleased with each other. There are a lot of rifts between Americans today and they’re only becoming wider and more numerous. What makes these rifts worse is the fact that deciding which side will win on the political battlefield won’t be done by rigorous debate to decide the pros and cons of each idea, it will be decided by a popularity contest:

“Democracy,” H. L. Mencken once said, “is the theory that the common people know what they want, and deserve to get it good and hard.” He also famously defined an election as “an advance auction sale of stolen goods.”

Mencken was not opposed to democracy. He simply possessed a more sobering view of its limitations than today’s conventional wisdom.

Indeed, democracy may be the world’s single most oversold concept of political governance. Commonly yet erroneously romanticized, it is assumed in most circles to ensure far more than it possibly can. The Norman Rockwell portrait of engaged, informed citizens contending freely on behalf of the common good is the utopian ideal that obscures the messy details of reality.

I’m sure you’ve all heard George Carlin’s quote, never underestimate the power of stupid people in large groups. Democracy is a mechanism that empowers people in large groups to do stupid things. One of the biggest flaws in democracy is the fact that it gives everybody an equal say in matters. Considering almost everybody on this planet, including myself, is incompetent when it comes to a vast majority of things, giving everybody an equal say in every matter is a recipe for disaster. The United States’ economic policies are probably the best illustration of this. Most people are incompetent when it comes to economics, which is why they’re willing to support a lot of really bad economic policies.

I think the best example of the power of stupid people in large groups is the fact that a majority of people still claim that democracy is a great system. Hell, a majority of the people who claim that the current state of the United States, which was created through democracy, is deplorable still claim that democracy is a great system. These people are simply parroting what they’ve been told. They’ve put almost no critical thought into the idea of democracy. Yet their voice on the matter is treated equally to everybody else’s, even the people who have done a great deal of research on democracy.

Written by Christopher Burg

September 1st, 2017 at 11:00 am

The FCC’s Free File Hosting Service

without comments

Who says government agencies can’t innovate? The Fascist Communications Club Federal Communications Commission (FCC) has an online commenting systems that allows individuals to give their input on proposed rule changes. In addition to being a commenting system, the system also served as a file hosting service:

The application programming interface for the FCC’s Electronic Comment Filing System that enables public comment on proposed rule changes—such as the dropping of net neutrality regulations currently being pushed by FCC Chairman Ajit Pai—has been the source of some controversy already. It exposed the e-mail addresses of public commenters on network neutrality—intentionally, according to the FCC, to ensure the process’ openness—and was the target of what the FCC claimed was a distributed denial of service (DDoS) attack. But as a security researcher has found, the API could be used to push just about any document to the FCC’s website, where it would be instantly published without screening. That was demonstrated by a PDF published with Microsoft Word that was uploaded to the site, now publicly accessible.

I guess the FCC decided that since you’re already paying taxes to find it, it didn’t need to charge you for file hosting services.

The level of incompetency displayed by the government never ceases to amaze me. Commenting systems aren’t exactly rocket science, they have been available on websites for ages now. Most of those commenting systems managed to implement basic protections against uploading arbitrary files. Why didn’t the FCC just go with one of those services or at least hire a developer with some basic understanding of how to develop a commenting system that isn’t vulnerable to such a trivial exploit?

From what I’ve read, it doesn’t appear that the FCC has fixed this hole yet. While uploading arbitrary files to the FCC’s commenting service might cause you to run afoul with the Computer Fraud and Abuse Act, you still have access to a government provided free file hosting service.

Written by Christopher Burg

September 1st, 2017 at 10:00 am

They Came for Violence

without comments

If you listen to self-identified national socialists, you would be lead to believe that they had no violent intentions in Charlottesville and that they only resorted to violence to defend themselves against the international socialists. However, material posted in chats for organizing the event indicate that those claims of self-defense are spurious at best:

Unicorn Riot has so far published roughly 1,000 screenshots of chats, and the recording, conducted through the app Discord, from a source. A march organizer says the documents he has seen appear to be authentic. Transcripts show participants openly planning violence while organizers instruct them to obey the law. Participants on one call debated when it would be permissible to use riot shields as weapons. “Some screaming little Latina bitch comes at you and knocks your teeth on your riot shield, that means you hit her, and you’re going to get in trouble for the weapons,” one participant says.

Timothy Litzenburg represents two women injured in the melee who last week sued 28 groups and individuals, including the alleged organizers of the Unite the Right march. He says the documents could be “the crux of the case,” because they show “a little flavor of how [organizers] totally intended on violence and mayhem.”

While Unicorn Riot cannot be called an impartial source (it’s a hardcore leftist media collective), it did provide screenshots from the organizer’s Discord server that have so far been undisputed. Moreover, it’s no surprise that a bunch of national socialists planned to perpetrate violence since national and international socialists have been killing each other for a long time now. But this information does lend itself to a more interesting topic: self-defense.

In Minnesota, one of the requirements for legally using deadly force in self-defense is that you must be a reluctant participant. That is to say, you must not have willfully entered yourself into the violent situation. I personally think that it’s a good principle.

So the question here is, can the national socialists claim self-defense in this situation? Obviously that question can only be answered on an individual by individual basis. However, the material released by Unicorn Riot shows that at least some of the individuals who went to Charlottesville did so seeking violence. They knowingly put themselves into a situation that was all but guaranteed to turn violent (violating the “Don’t go stupid places,” principle of self-defense) and specifically expressed a purpose to perform violence.

I know there will be some debate about whether or not one can claim self-defense if they knowingly went somewhere that they reasonably believed would turn violence, however, one thing is certain: prosecutors eat up material like this. And that is another important point. While situations that qualify as self-defense can be debated, what you post online can and will be used against you if you are ever in a situation where you claim self-defense. Protecting yourself doesn’t stop after the situation itself, it starts before that situation and ends after that situation. Before you get into a self-defense situation, you should take care of how you portray yourself because a prosecutor will use your character against you after the situation.

Written by Christopher Burg

August 31st, 2017 at 11:00 am

All Hail Hurricane Harvey, Savior of Our Economy

without comments

A lot of people like to write off the Austrian school of economics as lunacy. Those same people usually cite mainstream economics as the right and true school of thought. However, I have a difficult time taking their opinions seriously when they believe shit like this:

Devastating Hurricane Harvey, unprecedented in its rainfall, could be a slight negative for U.S. growth in the third quarter, but economists say it may ultimately provide a tiny boost to the national economy because of the rebuilding in the Houston area.

Goldman Sachs economists estimate a very preliminary impact of the storm to be $30 billion in property damages, making it the ninth largest since World War II in terms of domestic property damage. Goldman economists say, in a note, the storm could take 0.2 points off of growth in third quarter because of the impact to the energy sector.

The problem with mainstream economics is its reliance on activity. So long as money is changing hands mainstream economists see a strong economy. If $30 billion of property is destroyed, they see $30 billion of activity and therefore a stronger activity. What totally flies over their head is the fact that that $30 billion isn’t producing new wealth, it’s merely replacing lost wealth. The Austrian school of economics is at least intelligent enough to address this fact.

What’s especially bad about the viewpoint that destruction is good for the economy is that it was refuted by Frédéric Bastiat way back in 1850:

Have you ever witnessed the anger of the good shopkeeper, James Goodfellow, when his careless son has happened to break a pane of glass? If you have been present at such a scene, you will most assuredly bear witness to the fact that every one of the spectators, were there even thirty of them, by common consent apparently, offered the unfortunate owner this invariable consolation – “It is an ill wind that blows nobody good. Everybody must live, and what would become of the glaziers if panes of glass were never broken?”

Now, this form of condolence contains an entire theory, which it will be well to show up in this simple case, seeing that it is precisely the same as that which, unhappily, regulates the greater part of our economical institutions.

Suppose it cost six francs to repair the damage, and you say that the accident brings six francs to the glazier’s trade – that it encourages that trade to the amount of six francs – I grant it; I have not a word to say against it; you reason justly. The glazier comes, performs his task, receives his six francs, rubs his hands, and, in his heart, blesses the careless child. All this is that which is seen.

But if, on the other hand, you come to the conclusion, as is too often the case, that it is a good thing to break windows, that it causes money to circulate, and that the encouragement of industry in general will be the result of it, you will oblige me to call out, “Stop there! Your theory is confined to that which is seen; it takes no account of that which is not seen.”

It is not seen that as our shopkeeper has spent six francs upon one thing, he cannot spend them upon another. It is not seen that if he had not had a window to replace, he would, perhaps, have replaced his old shoes, or added another book to his library. In short, he would have employed his six francs in some way, which this accident has prevented.

Resources spent on rebuilding lost wealth cannot be used on creating new wealth. The rate of creation of new wealth is a far better indicator of the strength of an economy that simple economic activity.

Written by Christopher Burg

August 30th, 2017 at 11:00 am