A Geek With Guns

Discount security adviser to the proles.

Archive for the ‘You’re Doing it Wrong’ tag

Silencing the Opposition

without comments

While the court system is used from time to time to settle legitimate disputes between individuals, it’s becoming more and more common for the court system to be used to silence dissenting voices. That’s what’s happening in Waller Country, Texas:

A Texas county sued a gun-rights activist who has complained that county officials were unlawfully barring firearms from being brought into a public building.

[…]

Holcomb has sent letters to more than 75 local governments and other public entities across the state complaining of restrictions placed on license-holders from bringing a firearm into a public arena. Others have filed complaints with the Texas attorney general’s office accusing Austin City Hall, the Dallas Zoo, a nature preserve, a suburban Houston convention center and other places with unlawfully banning firearms. Those complaints are on top of regular fights that rage in Texas over guns, most recently with lawmakers approving the concealed carry of firearms on college campuses.

Texas Carry, the organization Mr. Holcomb is an executive director of, has been notifying a lot of locations that their firearm prohibitions are unlawful. What was the response they received? In the case of Waller County they filed a lawsuit against Mr. Holcomb:

Holcomb argues that the “heavy-handed” decision by Waller County to sue him makes his case much more than a Second Amendment matter.

“We can agree or disagree on the gun issue but this is different than that,” he said, contending that the county’s suit is frivolous and “borderline official oppression.”

There’s nothing borderline about it. Filing a lawsuit against somebody for brining up the fact that your prohibition may be unlawful is outright official oppression. The county, of course, is claiming that Mr. Holcomb misunderstands the intention of the lawsuit and that the fact the lawsuit is seeking $100,000 in damages was a clerical error. But the supposed goals of the county, to received an official court ruling on the matter of whether or not an entire courthouse facility can prohibit firearms, could have been easily accomplished without suing Mr. Holcomb.

What seems more likely is that the lawsuit was filed to punished Mr. Holcomb. Even if he managed to win the lawsuit he would face notable legal expenses that could likely only be recouped by filing a countersuit. Lawsuits send a clear message to the public, which is that anybody causing trouble for the State will be legally harassed at a minimum.

I hope this lawsuit is dismissed for what it is, a thinly veiled attempt to punish Mr. Holcomb for not being a good little slave.

Written by Christopher Burg

August 9th, 2016 at 10:00 am

You Ought to Trust the Government with the Master Key

with one comment

The Federal Bureau of Investigations (FBI) director, James Comey, has been waging a war against effective cryptography. Although he can’t beat math he’s hellbent on trying. To that end, he and his ilk have proposed schemes that would allow the government to break consumer cryptography. One of those schemes is call key escrow, which requires anything encrypted by a consumer device be decipherable with a master key held by the government. It’s a terrible scheme because any actor that obtains the government’s master key will also be able to decrypt anything encrypted on a consumer device. The government promises that such a key wouldn’t be compromised but history shows that there are leaks in every organziation:

A FBI electronics technician pleaded guilty on Monday to having illegally acted as an agent of China, admitting that he on several occasions passed sensitive information to a Chinese official.

Kun Shan Chun, also known as Joey Chun, was employed by the Federal Bureau of Investigation since 1997. He pleaded guilty in federal court in Manhattan to one count of having illegally acted as an agent of a foreign government.

Chun, who was arrested in March on a set of charges made public only on Monday, admitted in court that from 2011 to 2016 he acted at the direction of a Chinese official, to whom he passed the sensitive information.

If the FBI can’t even keep moles out of its organization how are we supposed to trust it to guard a master key that would likely be worth billions of dollars? Hell, the government couldn’t even keep information about the most destructive weapons on Earth from leaking to its opponents. Considering its history, especially where stories like this involving government agents being paid informants to other governments, there is no way to reasonably believe that a master key to all consumer encryption wouldn’t get leaked to unauthorized parties.

Written by Christopher Burg

August 3rd, 2016 at 10:00 am

To the Gulags, Slaves

with 2 comments

The centrally planned paradise of Venezuela is falling apart. People are starving. Animals are starving. And President Maduro keeps making the situation worse by ordering even more central planning. His latest decree, a socialist favorite, is to allow the government to force people to work in the fields:

International human rights activists are complaining that new laws have introduced forced labour in Venezuela.

“A new decree establishing that any employee in Venezuela can be effectively made to work in the country’s fields as a way to fight the current food crisis is unlawful and effectively amounts to forced labor,” Amnesty International said in a statement released on Thursday.

President Nicolás Maduro signed a decree at the end of last week that gives powers to the labor ministry to order “all workers from the public and private sector with enough physical capabilities and technical know-how” to join a government drive aimed at increasing food production.

They can be required to work in the agricultural sector for a 60-day period that can be extended for another 60 days “if the circumstances require it.”

I’m sure mandatory field work can be extended for an infinite number of 60-day periods.

President Maduro is either ignorant of history or a sadistic son of a bitch. The Soviet Union tried collectivizing agriculture and forcing people to work fields and the country never fully recovered from it. Bread lines were the norm until they were replaced by starvation. If you’re a student of history you know that making people slaves does not motivate them to work harder. Instead they work as little as possible to avoid being beaten too severely because they’re not getting anything for their efforts. I guarantee that the poor Venezuelans that are forced to work in the fields will produce very little foodstuff. And why should they? They don’t want to be there, they’re not knowledgable in the skills of agriculture, and they have every right to resist since they’re being coerced.

Venezuela is fucked. It should go down in the history books as yet another demonstration of the futility of central planning.

Written by Christopher Burg

August 2nd, 2016 at 10:00 am

Garbage In, Garbage Out

with one comment

In computer science the term garbage in, garbage out is used frequently to note that if you have garbage data as an input you will get garbage data as an output. This is applicable in any research. A new study has been released that claims there is no racial bias in polices’ use of lethal force in the United States. Quite a few people have jumped on this because it supports their bias that there isn’t a problem with policing in this country. However, Radley Balko points out a serious flaw in the study. It uses reports written by police officers:

For the purpose of the discussion, let’s break shootings and killings by police into three categories: incidents that were illegal and unnecessary, incidents that were legal and necessary, and incidents that were legal but unnecessary. If you’re asking whether current laws and policies allow for too many police shootings, looking at how many shootings are justified under current law and policy is just question begging. It’s that last category — legal but unnecessary — that we want to explore. Unfortunately, it’s also a category that is plagued by subjectivity and the simple fact noted above: Most of the data we have comes from police reports themselves.

If we were to compile statistics on, say, medical mistakes in an effort to make policies that would improve the state of medicine, we wouldn’t get all of our data from written statements by the accused doctors or hospitals. If we wanted to compile data on conflicts of interest in politics, we wouldn’t rely on members of politicians to self-report and adjudicate when their vote may have been influenced by a campaign donation. But this is essentially what we do with shootings by police officers.

The study is simply an extension of the phrase, we investigated ourselves and found that we did nothing wrong. Studying police use of force in the United States is difficult because most of the data is created by the police themselves. There is very little third-party oversight and what little exists is usually tied to the law enforcement community in some manner.

I’m sure Jeronimo Yanez, the officer who killed Philandro Castile, wrote a report that exonerated him of wrongdoing. This isn’t just because he wants to avoid punishment but also because he probably wants to justify his actions to himself. We humans are great at twisting logic to justify our actions to ourselves. Thieves will tell themselves that since the person they were stealing from was wealthy no real harm occurred to him and therefore the theft was justified. Domestic abusers will tell themselves that they have to hit their partner in order to teach them important lessons. Police, likewise, will tell themselves that lethal force was necessary to preserve their lives. We cannot rely on the reports thieves, domestic abusers, and police write about their own actions because they are necessarily biased. So long as rely on such data as our input we’re going to get garbage as our output.

Written by Christopher Burg

July 15th, 2016 at 10:30 am

Incentives Matter

with one comment

I’ve been focusing a lot on the law enforcers as of late but I think it’s important to also take a look at the people who create the laws. Specifically, what incentives they put forward for enforcing different laws.

What does a law enforcement department receive when they solve a murder, robbery, or rape? Perhaps some respect from the community and the gratitude of the victims.

What does a law enforcement department receive when they go after a suspected drug user or seller? A percentage of the proceeds from the property taken under civil forfeiture.

What does a law enforcement department receive when they write a traffic citation? Here in Minnesota, as I’m sure is true with most other states, a percentage goes to the cities, which usually give that money back to their law enforcement department.

The law enforcers are focusing on the crimes that the politicians have incentivized them to focus on. The fact that the politicians are incentivizing crimes such as drug manufacturing, selling, and use over murder, robbery, and rape should be damning.

Written by Christopher Burg

July 12th, 2016 at 10:00 am

All Full-Disk Encryption isn’t Created Equal

without comments

For a while I’ve been guarded when recommending Android devices to friends. The only devices I’ve been willing to recommend are those like the Google Nexus line that receive regular security updates in a timely manner. However, after this little fiasco I don’t know if I’m willing to recommend any Android device anymore:

Privacy advocates take note: Android’s full-disk encryption just got dramatically easier to defeat on devices that use chips from semiconductor maker Qualcomm, thanks to new research that reveals several methods to extract crypto keys off of a locked handset. Those methods include publicly available attack code that works against an estimated 37 percent of enterprise users.

A blog post published Thursday revealed that in stark contrast to the iPhone’s iOS, Qualcomm-powered Android devices store the disk encryption keys in software. That leaves the keys vulnerable to a variety of attacks that can pull a key off a device. From there, the key can be loaded onto a server cluster, field-programmable gate array, or supercomputer that has been optimized for super-fast password cracking.

[…]

Beniamini’s research highlights several other previously overlooked disk-encryption weaknesses in Qualcomm-based Android devices. Since the key resides in software, it likely can be extracted using other vulnerabilities that have yet to be made public. Beyond hacks, Beniamini said the design makes it possible for phone manufacturers to assist law enforcement agencies in unlocking an encrypted device. Since the key is available to TrustZone, the hardware makers can simply create and sign a TrustZone image that extracts what are known as the keymaster keys. Those keys can then be flashed to the target device. (Beniamini’s post originally speculated QualComm also had the ability to create and sign such an image, but the Qualcomm spokeswoman disputed this claim and said only manufacturers have this capability.)

Apple designed its full-disk encryption on iOS very well. Each iOS device has a unique key referred to as the device’s UID that is mixed with whatever password you enter. In order to brute force the encryption key you need both the password and the device’s UID, which is difficult to extract. Qualcomm-based devices rely on a less secure scheme.

But this problem has two parts. The first part is the vulnerability itself. Full-disk encryption isn’t a novel idea. Scheme for properly implementing full-disk encryption have been around for a while now. Qualcomm not following those schemes puts into question the security of any of their devices. Now recommending a device involves both ensuring the handset manufacturers releases updates in a timely manner and isn’t using a Qualcomm chipset. The second part is the usual Android problem of security patch availability being hit or miss:

But researchers from two-factor authentication service Duo Security told Ars that an estimated 37 percent of all the Android phones that use the Duo app remain susceptible to the attack because they have yet to receive the patches. The lack of updates is the result of restrictions imposed by manufacturers or carriers that prevent end users from installing updates released by Google.

Apple was smart when it refused to allow the carriers to be involved in the firmware of iOS devices. Since Apple controls iOS with an iron fist it also prevents hardware manufacturers from interfering with the availability of iOS updates. Google wanted a more open platform, which is commendable. However, Google failed to maintain any real control over Android, which has left uses at the mercy of the handset manufacturers. Google would have been smart to restrict the availability of its proprietary applications to manufacturers who make their handsets to pull Android updates directly from Google.

Written by Christopher Burg

July 5th, 2016 at 10:30 am

The B-Team

with one comment

In 2016 a wannabe commando unit was sent to a holding cell by a civilian judge to stand trial for a crime they did commit. These men promptly escaped from jail to the New York City underground by posting bail. Today, still wanted by the police, they survive as soldiers of fortune. If you have a problem, if no one else can help, and if you can’t afford anybody better, maybe you can hire the B-Team.

John Cramsey’s 20-year-old daughter died from a heroin overdose four months earlier in Allentown, Pennsylvania.

He and two friends Dean Smith and Kimberly Arendt were stopped by police for driving with a cracked windscreen.

They told the arresting police officers that they were a group of vigilantes on their way to rescue a teenage girl.

I know this story is going to raise a lot of question. For starters, how did the police identify this crack commando team? Obviously they went to great lengths to be as inconspicuous as possible…

b-team-truck

Nothing says inconspicuous like a truck with neon green tastelessly plastered all over a truck. The target reticle painted on the side is a nice touch as well. I’m sure you’re wondering what the B-Team’s load out was.

A camouflage helmet, seven guns including rifles, and knives were recovered from the car, as well as cannabis, body armour and 2,000 rounds of ammunition.

2,000 rounds of ammunition? I bet they were planning on using discount Mini-14s (Is there a discount Mini-14? Maybe, like, a Hi-Point carbine or something?) and didn’t plan to hit anything they shot at.

Written by Christopher Burg

June 24th, 2016 at 10:30 am

“Libertarian” Vice Presidential Candidate

with one comment

Supposedly the Libertarian Party tries to get libertarians elected into offices. The party has a funny way of going about that goal though. For example, the party hasn’t nominated an actual libertarian presidential candidate for at least as long as I’ve been old enough to vote. This year’s ticket is no different.

Gary “Ban the Burqa” Johnson was nominated to be the Libertarian Party’s presidential candidate this year. Although the Libertarian Party doesn’t allow presidential candidates to outright pick their running mates, the party voters are usually willing to roll over and approve whoever their presidential candidate wants. Johnson wanted Bill Weld and the Libertarian Party, apparently deciding it didn’t want any libertarians on its presidential ticket, was happy to comply.

After the shooting in Orlando Weld decided to show his anti-libertarian colors:

Bill Weld, the former governor of Massachusetts now running as the Libertarian Party’s candidate for vice president, called today for a 1,000-agent task force to combat Islamic State adherents in the United States, and for a tip line where Muslims could inform on radicalism.

“Let’s face it: The United States is under attack right now by ISIS and ISIS copycats,” Weld said. “They have a deep pool to pull from. There are over 3 million Muslims in the United States — maybe Mr. Trump will want to deport them all, but the better approach is to work with the community.”

Weld, who served as U.S. attorney and then assistant attorney general in the DOJ’s criminal justice division, suggested that the DOJ could take a cue from a program that worked in Massachusetts. The “Drop-a-Dime Project,” a nonprofit tip line created by community leaders, was used by law enforcement to pursue tips about crime in Boston’s black neighborhoods and to achieve breakthroughs in drug investigations.

“We’d get all kinds of tips,” Weld said. “The residents of Dorchester and Mattapan were only too happy to help. There may be some people out there leaning toward ISIS, people who would want to shelter the people going around killing other people. But for every pair of ears that would be sympathetic, there will be pairs that will not be sympathetic.”

I thought the Libertarian Party was all about shrinking government, not growing it. I guess this is what happens when the party doesn’t nominates a libertarian for its vice presidential candidate.

I know the Libertarian Party, especially now that it’s pulling people from the Republican Party, has a lot of statists within its ranks so this idea may sound appealing to them. Let’s consider the effectiveness of such a program. I’ll start by once again quoting Bruce Schneier, “If you ask amateurs to act as front-line security personnel, you shouldn’t be surprised when you get amateur security.” This is something libertarians tend to inherently understand. If you setup a program where average Joes are expected to rat out their neighbors you will get a lot of noise and very little, if any, signal.

How do you tell if somebody expressing sympathies for the Islamic State (IS) is merely angry at the way the United States and European countries have treated the Middle East or is planning to commit acts of murder in the organization’s name? Most people can’t tell and that’s the problem with this kind of tip line. It would be flooded with “tips” from people who think somebody speaking out against the United States dropping bombs on wedding parts is sympathizing with IS. Many of the “tips” would likely come from people who just don’t like their Muslim neighbors and see the tip line as a way to get the State to harass them. Well’s proposal would create a 1,000-agent (you do have to appreciate how all of these proposals involve an arbitrary number of agents that is almost always cleanly divisible by 10) task force that does nothing productive (in other words, it’ll be just like every other government agency).

I’m glad I don’t play politics anymore. If I did I’d be depressed this election cycle because there are exactly zero acceptable candidates running for office.

Tragedy Of The Commons

with one comment

Waze is a wonderful app that allows users to alert other users of traffic issues. I use the app because I like to report and know about road pirate activity but it’s also useful for avoiding traffic issues that aren’t caused by thieves with badges. Now that we’ve entered road construction season here in Minnesota Waze is useful to routing around the every changing landscape is the transportation infrastructure. But some people are unhappy with the app because it sometimes routes travelers through their neighborhoods:

When the traffic on Timothy Connor’s quiet Maryland street suddenly jumped by several hundred cars an hour, he knew who was partly to blame: the disembodied female voice he could hear through the occasional open window saying, “Continue on Elm Avenue . . . .”

The marked detour around a months-long road repair was several blocks away. But plenty of drivers were finding a shortcut past Connor’s Takoma Park house, slaloming around dog walkers and curbside basketball hoops, thanks to Waze and other navigation apps.

“I could see them looking down at their phones,” said Connor, a water engineer at a federal agency. “We had traffic jams, people were honking. It was pretty harrowing.”

And so Connor borrowed a tactic he read about from the car wars of Southern California and other traffic-weary regions: He became a Waze impostor. Every rush hour, he went on the Google-owned social-media app and posted false reports of a wreck, speed trap or other blockage on his street, hoping to deflect some of the flow.

He continued his guerrilla counterattack for two weeks before the app booted him off, apparently detecting a saboteur in its ranks. That made Connor a casualty in the social-media skirmishes erupting across the country as neighborhoods try to contend with suddenly savvy drivers finding their way on routes that were once all but secret.

Cry me a river. Mr. Conner must have quite the ego if he thinks he has some kind of right to decide who can and cannot use roads he doesn’t even own.

The issue he’s seeing, without being intelligent enough to realize it, is a tragedy of the commons. Most roads in this country are considered public (which is a fancy word for the State claiming exclusive ownership rights). They’re funded by money that has been stolen from the population in the form of taxes. That being the case, Conner has no right to bitch about how the road in his neighborhood is used. If it suddenly becomes popular with motorists and that popularity causes the road to degrade faster and to be less usable by people living in the neighborhood then there’s no recourse for the people of the neighborhood.

There is a solution to this: private roads. Suddenly everything changes. The people using your private road without your permission are trespassers. If they do want to use your road they can attempt to negotiate a deal with you. If you’re not interested in a deal then you can tell them to buzz off. But none of that is possible if the roads are public because then the State gets to decide who can and cannot use them.

Instead of whining about people using the road that they were forced to pay for, Mr. Conner should really try to see if there is a way to privatize the road so his neighbors and him can decide who gets to use it.

Written by Christopher Burg

June 8th, 2016 at 10:30 am

Another One Of Those Bad Apples

with one comment

I’m not sure if this is one of those bad apples that makes the majority look bad, another isolated incident I keep hearing so much about, or a case of an officer who simply wanted to go home to his family at night. Regardless of the typical law enforcer apologist excuse you select, it’s important to remember that the rules are different for men with government badges:

A former Kenosha Police officer who planted evidence in a homicide investigation will not see jail time.

Kyle Baars was sentenced Wednesday to one year probation for felony misconduct in public office.

He was given permission to serve that probation in Illinois, and will be required to serve 80 hours of community service. He could serve a year in jail and one year of extended supervision if he violates the terms of his probation.

Baars could have been sentenced to 18 months in prison and given a $10,000 fine.

The former officer had admitted planting a bullet and an identification card in a backpack during an investigation into the 2014 shooting death of a Kenosha man.

On Wednesday, Baars called planting the evidence “a bad decision” but argued that he should be given credit for eventually admitting his actions and testifying at the homicide trial for one of the defendants that he had planted evidence.

One year of probation for planting evidence in the investigation of a legitimate crime? It’s good to be in the king’s employ. The sentence is ridiculous but the way the officer was handled with kid gloves is almost as ridiculous. Neither his fellow officers, the district attorney, or the judge ripped his ass properly. Instead he received a mild chiding by the judge for blaming other people.

This is just another case of the court system treating agents of the State differently than the rest of us. I’m fairly certain any non-state agent who planted evidence in a criminal investigation would receive a bit harsher of a sentence than one year of probation. I also doubt that excuses such as a “distinguished career” would be considered a legitimate legal defense. The sentencing would likely include the judge delivering much harsher words than a mere “Tsk, tsk. You shouldn’t have done that. That was naughty.”

Police are like you and me, only better!

Written by Christopher Burg

June 3rd, 2016 at 10:00 am