A Geek With Guns

Chronicling the depravities of the State.

Chip-and-Fail

with one comment

EMV cards, those cards with the chip on the front, were supposed to reduce fraud but credit card fraud is rising. What gives? It turns out that the security provided by Chip-and-PIN doesn’t work when you don’t use it:

The reasons seem to be twofold. One, the US uses chip-and-signature instead of chip-and-PIN, obviating the most critical security benefit of the chip. And two, US merchants still accept magnetic stripe cards, meaning that thieves can steal credentials from a chip card and create a working cloned mag stripe card.

A lot of stores still don’t have credit card readers that can handle cards with a chip so you’re stuck using the entirely insecure magnetic strip. And most credit cards equipped with chips don’t require entering a PIN because Americans are fucking lazy:

The reason banks say they don’t want to issue PINs is that they’re worried it will add too much friction to transactions and make life difficult for their customers. “The credit-card market is pretty brutally competitive, so the first issuer who goes with PINs has to worry about whether the consumers are going to say, ‘Oh, that’s the most inconvenient card in my wallet,’’ says Allen Weinberg, the co-founder of Glenbrook Partners. “There’s this perception that maybe it’s going to be less convenient, even though some merchants would argue that PINs take less time than signatures.”

Since card holders face little in the way of liability for fraudulent transactions, they have little motivation to enter a four to six digit PIN every time they purchase something. If card holders aren’t motivated to enter a PIN, card issuers aren’t likely to require holder to enter a PIN because it might convince them to get a different card. It’s tough to improve security when nobody gives a damn about security.

Eventually the level of fraud will rise to the point where card issuers will take the risk of alienating some holders and mandate the use of a PIN. When that day finally comes, card issuers will discover that Americans are absolutely able to overcome any barrier if doing so allows them to continue buying sneakers with lights in them.

Written by Christopher Burg

November 16th, 2018 at 11:00 am

Freedom Isn’t Free

without comments

Freedom isn’t free. It costs $6 trillion:

WASHINGTON — The price tag of the ongoing “war on terror” in the Middle East will likely top $6 trillion next year, and will reach $7 trillion if the conflicts continue into the early 2020s, according to a new report out Wednesday.

The annual Costs of War project report, from the Watson Institute for International and Public Affairs at Brown University, puts the full taxpayer burden of fighting in Iraq, Afghanistan and Syria over the last 17 years at several times higher than official Defense Department estimates, because it includes increases in Homeland Security and Veterans Affairs spending, as well as new military equipment and personnel.

“Because the nation has tended to focus its attention only on direct military spending, we have often discounted the larger budgetary costs of the post-9/11 wars, and therefore underestimated their greater budgetary and economic significance,” the new report states.

And what does the United States have to show for this $6 trillion? The wars in Iraq, Afghanistan, and Syria are still ongoing as are wars in other countries that are related to the “war on terror.” On top of that none of these countries show any sign of stabilizing. As if that weren’t bad enough an unknown number of innocent civilians have been killed on top of the casualties incurred by all factions engaged in fighting.

So, really, the United States has jack shit to show for those $6 trillion. But it doesn’t seem to understand that because there is no sign that the “war on terror” will end anytime soon.

Written by Christopher Burg

November 16th, 2018 at 10:30 am

One of These Things is Just Like the Other

without comments

If you display a Nazi flag, you’re probably going to be persona non grata in your neighborhood (and will likely receive a visit from your local Antifa). This makes sense. The government that that flag represent murdered millions of innocent people. But why isn’t the same true if you display a Soviet Union flag:

This is the nub of the issue. While Naziism is intrinsically linked to the crimes of its followers, communism can always be separated. No one would tolerate a t-shirt emblazoned with Adolf Hitler or Benito Mussolini, yet the wildly oppressive Che Guevara is easily detached and morphed into a symbol of revolution.

The only real difference between Nazi Germany and the Soviet Union is that Nazi Germany got its ass handed to it and therefore wasn’t around long enough to rack up the same body count as the Soviet Union.

As the article points out, “Nazis, rightfully, are seen as hateful and vicious because their ideology is built around the idea that one group is superior to the other.” This is the excuse more communist sympathizers give me when I ask why they’re so starkly against displaying Nazi symbology but willing to wear Soviet symbology. The argument doesn’t hold up though. Marxism, like Nazism, is built around the idea that one group, the proletariat, is superior to the other, the bourgeois. Like Nazism, which is built on the conspiracy theory that the Jews have oppressed the Aryan race, Marxism is build on the conspiracy theory that the bourgeois have oppressed the proletariat. And like Nazism, which results in the “oppressed Aryans” killing the “oppressor Jews,” Marxism results in the “proletariat” killing the “bourgeois.”

One should have as much revile for the Soviet Union and its symbology as one has for Nazi Germany and its symbology. Both were horrible, oppressive regimes that murdered millions.

Written by Christopher Burg

November 16th, 2018 at 10:00 am

The Human Capacity for Self-Deception

without comments

It’s common upon hearing news of an individual committing some kind of atrocity to wonder how they ever brought themselves to do it. It’s also common to act rather indignant when that individual argues that their heinous act was actually for the great good because it’s automatically assumed that they’re lying to protect their own skin. However, humans have a marvelous capacity for self-deception as demonstrated by classified documents revealed by the American Civil Liberties Union (ACLU):

One of the most important lessons of the CIA’s torture program is the way it corrupted virtually every individual and institution associated with it. Over the years, we have learned how lawyers twisted the law and psychologists betrayed their ethical obligations in order to enable the brutal and unlawful torture of prisoners.

[…]

Perhaps the most striking element of the document is the CIA doctors’ willful blindness to the truth of what they were doing. CIA doctors decided that waterboarding actually “provided periodic relief” to a prisoner because it was a break from days of standing sleep deprivation. Similarly, CIA doctors decided that when a different prisoner was stuffed into a coffin-sized box, this provided a “relatively benign sanctuary” from other torture methods. CIA doctors described yet another prisoner — who cried, begged, pleaded, vomited, and required medical resuscitation after being waterboarded — as “amazingly resistant to the waterboard.” Incredibly, CIA doctors concluded that the torture program was “reassuringly free of enduring physical or psychological effects.”

This reminds me of a quote from Rudolf Diels, Himmler’s predecessor:

The infliction of physical punishment is not every man’s job, and naturally we were only too glad to recruit men who were prepared to show no squeamishness at their task. Unfortunately, we knew nothing about the Freudian side of the business, and it was only after a number of instances of unnecessary flogging and meaningless cruelty that I tumbled to the fact that my organization had been attracting all the sadists in Germany and Austria without my knowledge for some time past. It had also been attracting unconscious sadists, i.e. men who did not know themselves that they had sadist leanings until they took part in a flogging. And finally it had actually been creating sadists. For it seems that corporal chastisement ultimately arouses sadistic leanings in apparently normal men and women. Freud might explain it.

The Central Intelligence Agency (CIA) was likely looking for particular sorts of individuals to staff its prison camps. Namely individuals who weren’t squeamish in the presence of torture. Moreover, the CIA likely attracted many unconscious sadists who didn’t really know why they found the job description appealing. And the agency was almost certainly creating sadists by putting individuals in increasingly more sadistic positions that eventually desensitized them to the jobs that they were doing.

People who like to inflict physical pain generally don’t need to justify their actions to themselves. But what about the unconscious sadists and those who were perfectly normal before taking a job at a CIA prison camp? They likely had some difficulty sleeping at night… at first. Oftentimes when an individual’s actions bother their conscious they try to justify their actions to themselves. “I wasn’t torturing him, I as providing periodic relief by giving him a break from forced sleep deprivation!” “The methods used to interrogate these individuals don’t leave enduring physical or psychological effects so is it really that harmful?” “If we don’t use these methods, we won’t be able to find out the information we need in time to save lives!” Eventually most people are able to convince themselves that what they did was good and they are able to sleep soundly at night. Through this method a seemingly well adjusted individual can perform heinous acts and truly believe that what they’re doing is actually a good thing.

Written by Christopher Burg

November 15th, 2018 at 11:00 am

Risking Lives to Enforce Petty Offenses

without comments

There’s no offense so petty that law enforcers won’t risk lives to enforce it:

In Bloomington, police topped 90 miles per hour in a chase to nab a driver whose car had a missing license plate.

In nearby Eagan, an officer reached speeds up to 107 miles per hour in hopes of catching a driver wanted for shoplifting.

State troopers chased a car at 115 miles per hour after spotting an air-freshener hanging from the rear-view mirror.

Over the last three years, law enforcement officers throughout Minnesota have overwhelmingly engaged in high-speed, high-risk chases for low-level offenses, a 5 EYEWITNESS NEWS investigation has found.

An examination of more than 700 court cases since 2016 shows police officers, deputies and Minnesota State Patrol troopers chased drivers for non-violent offenses 95 percent of the time.

Not only is risking lives to enforce petty offenses far riskier than the payoff justifies but high speed chases are also unnecessary in a surveillance state.

Law enforcement departments throughout the country have invested heavily in surveillance technologies. Many cities are now covered with license plate scanners and those scanners are often sophisticated enough to identify the make and model of a vehicle as well as to uniquely identify a vehicle by bumper stickers and other external features. It’s quickly becoming impossible to evade law enforcement using a vehicle. This means that instead of engaging in a high speed chase, law enforcers could instead tell dispatch to track the vehicle using the expensive surveillance technology already in place. The suspect can still be arrested and innocent bystanders don’t have to be put at risk to do it.

But using tracking technology doesn’t offer the adrenaline rush that engaging in a high speed chase does so I can see why that option isn’t utilized very often.

Written by Christopher Burg

November 15th, 2018 at 10:30 am

Go Be Homeless Somewhere Else

without comments

Minneapolis made national news because of its Hooverville. What didn’t get as much headline attention is St. Paul’s Hooverville. Fortunately for the government of St. Paul (but unfortunately for the homeless individuals) the lack of national attention has meant that it has more freedom to deal with its homeless encampment. The St. Paul Police Department distributed flyers that informed the individuals in the encampment that have to go be homeless somewhere else:

Late last week, St. Paul city officials said they were increasingly worried about how the onset of wintry weather was affecting a camp of homeless people at the base of Cathedral Hill, and hoped to come up with a plan for them over the next couple weeks.

Early Tuesday morning, they took action: police officers and workers from the Department of Safety and Inspections visited the encampment alongside Interstate 35E and handed out fliers.

“To protect your health and safety,” the flier told campers, “this site will be permanently cleared at 10 a.m. on Thursday, November 15th. You are required to vacate the site and not return.”

To protect their health and safety their community will dismantled and their meager possession will be taken if not cleared out by the deadline. Makes sense.

The flyers do promise the homeless individuals transportation to the handful homeless shelters in the area, which will appease the residents of St. Paul who want the homeless people gone but in a manner that won’t upset their conscious. However, if the homeless shelters were able to provide these individuals what they need, they probably would be using them instead of camping in tents in the winter. The homeless shelters in the Twin Cities are overcrowded and usually kick guests out in the morning so they have to find somewhere to hunker down until the shelter opens up again. But none of this matters because the existence of the shelters is only being mentioned on the flyers to make the act of destroying the encampment appear magnanimous.

Written by Christopher Burg

November 15th, 2018 at 10:00 am

Disposable Soldiers

without comments

The United States government is constantly demanding that we treat soldiers as heroes. However, this is a case of “do as I say, not as I do.” While the government is demanding that we treat soldiers as heroes, it’s treating them as a disposable commodity:

The Department of Veterans Affairs has acknowledged that the failure of a new IT system for processing claims for Post-9/11 GI Bill benefits has been holding up payments for months and causing financial hardship for thousands of veterans. “Many of our Post-9/11 GI Bill students are experiencing longer than typical wait times to receive monthly housing payments,” the VA said in a statement, with processing times averaging “a little over 35 days” for first-time veteran applicants. More than 82,000 veterans were still waiting for housing payments for the fall semester as of November 8, with some having lost housing as the result of non-payment.

I’ve yet to hear a positive experience from a veteran who has had to deal with the Department of Veteran Affairs (VA). Whenever the VA’s abysmal record is dragged out for yet another round of political maneuvering, politicians act outraged at how this nation’s supposed heroes are being treated and pledge to get to the bottom of it. Of course they never do and the system continues to provide endless pain to the veterans who have to rely on it. I doubt this will ever change because politicians use the term “human resource” in its most literal sense, to them humans are a resource to be used and discarded afterwards.

Written by Christopher Burg

November 14th, 2018 at 11:00 am

Every Vote Matters

without comments

Another national election has concluded. That can only mean that Florida is steeping in electoral shenanigans again:

The elections board in Florida’s Miami-Dade County has collected a set of mysterious ballots in the Opa-locka mail facility after Democrats raised concern about the uncounted votes.

The uncounted ballots have emerged as one of many battles over the fiercely contested Florida elections that moved this weekend into a recount phase.

Suzy Trutie, a spokesperson for the county’s supervisor of elections, told CNN there were 266 ballots in the shipment and that the votes will not be counted. Florida law requires all ballots sent by mail to arrive at the election facility by 7 p.m. on Election Day, and these ballots did not meet that standard, Trutie said.

There are two possible explanations here. The first is that these votes were somehow lost in the mail. The second is that these votes were conjugated out of thin air when it a race was so close that ballots had to be recounted. Neither explanation supposed the advocate of democracy’s claim that every vote matters.

If the first explanation is true, then the votes of the 266 individuals who voted on those ballots don’t matter because they weren’t received by the legal deadline. If the second explanation is true and the people arguing that those ballots should be counted get their way, the power of the legitimate votes that were cast will be watered down.

It turns out that creating a pseudonymous voting system that is also secure is a task that has so far eluded the people of the United States. So long as that continues to be the case, your vote really can’t be said to matter.

Written by Christopher Burg

November 14th, 2018 at 10:30 am

Bitwarden Completes Security Audit

without comments

In my opinion one of the easiest things an individual can do to improve their overall computer security is use a password manager. I had been using 1Password for years and have nothing but good things to say about it. However, when I decided to move from macOS to Linux, I decide that I needed a different option. 1Password’s support on Linux is only available through 1Password X, which is strictly a browser plugin. Moreover, in order to use 1Password X, you need to pay a subscription (I was using a one-time paid license for 1Password 7 on macOS as well as the one-time paid version for iOS), which I generally prefer to avoid.

Bitwarden bubbled to the top of my list because it’s both open source and can be self-hosted (which is what I ended up doing). While Bitwarden lacks several nice features that 1Password has, using it has been an overall pleasant experience. Besides missing some features that I’ve come to enjoy, another downside to Bitwarden has been the lack of a security audit. Two days ago the Bitwarden team announced that a third-party vendor has completed a code audit and the results were good:

In the interest of providing full disclosure, below you will find the technical report that was compiled from the team at Cure53 along with an internal report containing a summary of each issue, impact analysis, and the actions taken/planned by Bitwarden regarding the identified issues and vulnerabilities. Some issues are informational and no action is currently planned or necessary. We are happy to report that no major issues were identified during this audit and that all issues that had an immediate impact have already been resolved in recent Bitwarden application updates.

The full report can be read here [PDF].

With this announcement I’m of the opinion that Bitwarden should be given serious consideration if you’re looking for a password manager. It’s an especially good option if you want to go the self-hosted route and/or want support for Linux, macOS, and Windows.

Written by Christopher Burg

November 14th, 2018 at 10:00 am

Posted in Technology

Tagged with ,

Jim Crow Never Went Away

without comments

If you ever need an illustration of just how stupid the average voter is, find a voter who is complaining about racist government policies and ask them how they plan to change it. 99 percent (a conservative estimate, it’s probably higher) of the time the voter will tell you that they’re planning to beg the government to change its policies. If you point out how stupid that idea is, they’ll point to the elimination of slavery and the striking down of Jim Crow laws as proof that their strategy works, which should prove to you that the person you’re conversing with is extremely gullible (on the upside you probably just found a buyer for that bridge that you’re trying to offload).

While the government has said that it eliminated slavery and Jim Crow laws, it really just changed some legal definitions. If you’re being held against your will and forced to provide labor, you’re not legally considered a slave, you’re legally considered a prison laborer. Likewise, there are no longer laws that overtly treat people differently based on the color of their skin, instead there are algorithms that do the same thing but provide plausible deniability:

But what’s taking the place of cash bail may prove even worse in the long run. In California, a presumption of detention will effectively replace eligibility for immediate release when the new law takes effect in October 2019. And increasingly, computer algorithms are helping to determine who should be caged and who should be set “free.” Freedom — even when it’s granted, it turns out — isn’t really free.

Under new policies in California, New Jersey, New York and beyond, “risk assessment” algorithms recommend to judges whether a person who’s been arrested should be released. These advanced mathematical models — or “weapons of math destruction” as data scientist Cathy O’Neil calls them — appear colorblind on the surface but they are based on factors that are not only highly correlated with race and class, but are also significantly influenced by pervasive bias in the criminal justice system.

As O’Neil explains, “It’s tempting to believe that computers will be neutral and objective, but algorithms are nothing more than opinions embedded in mathematics.”

For the record, when people were celebrating California’s decision to eliminate cash bail, I predicted that it would result in this outcome (although I didn’t predict the use of algorithms, I did predict that since the decision to let somebody out on bail would be the sole decision of some bureaucrats, nothing would actually change).

Plausible deniability is the staple of modern politics. A politician who wants to pass a racist policy just needs to make sure that race is never mentioned in their law and when the policy results in the politician’s desired outcome, they can claim that they had no way to predict such a result. Additional plausible deniability can be added by handing decisions over to algorithms. Most people think of algorithms as mysterious wizardry performed by the high priests of science and are therefore impartial and infallible (because, you know, scientists are always impartial and never wrong).

However, algorithms do exactly what they’re created to do. If you want a machine learning algorithm to perform in a certain way, you either write it to do exactly what you want or you provide it learning data that will skew it towards the results you want. When the masses wise up and realize that the algorithm is racially biases, you can just claim that the complexity of the algorithm prevented anybody from accurately predicting what it would do. Their ignorance will make your explanation believable to them and you can claim that you’ve now made improvements that should (i.e. won’t) lead to more impartial results.

Written by Christopher Burg

November 13th, 2018 at 11:00 am