A Geek With Guns

Chronicling the depravities of the State.

Archive for May, 2015

Without Government Who Would Expose Us to Malware

without comments

When the state confiscates a domain name do they have to renew it until the investigation concludes? Apparently not. The Federal Bureau of Investigations (FBI) seized a series of domains related to Megaupload when it decided to go after Kim Dotcom. What were once legitimate sites service the wants of users are now service up malware and porn. This didn’t happen as a result of somebody compromising the account used to register the domain names, it was only made possible because the FBI allowed the domains to expire:

Earlier this week, something suspicious started happening with Web addresses related to sites seized by the FBI from Megaupload and a number of online gambling sites. Instead of directing browsers to a page with an FBI banner, they started dropping Web surfers onto a malicious feed of Web advertisements—some of them laden with malware.

The hijacking of the Megaupload domains wasn’t the result of some sophisticated hack. Based on evidence collected by Ars, it appears someone at the FBI’s Cyber Division failed to renew the domain registration for CIRFU.NET, the domain which in turn hosted Web and name servers used to redirect traffic headed to seized domains. As soon as they expired, they were snatched up in a GoDaddy auction by a self-described “black hat SEO marketer,” a British ex-pat who calls himself “Earl Grey.”

As of Thursday afternoon, all of the server names associated with the domain no longer resolve to Internet addresses. GoDaddy has apparently suspended the domain registration, and Earl Grey has been ranting about it ever since on Twitter. The CIRFU.NET domain currently remains in limbo.

This raises a couple of concerns. First, if the FBI liable for allowing domains related to an investigation to expire? Since the FBI is seldom held accountable for its failures I doubt the answer to this question is yes. Related to this question is whether or not the FBI is liable for exposing visitors to Megaupload to malware. Even though the site wasn’t providing file hosting it was under investigation and therefore people believed they could safely visit the domain for laughs (who doesn’t enjoy laughing at the FBI). It was only due to the FBI’s incompetence that malware was being served by that domain. Finally, if the FBI isn’t held liable for this kind of failure does that mean it can effectively censor sites by seizing domains and letting them expire? Why go through the rigors of a trial when you can just make up an investigation, seize a domain, and sit on it until it expires and can be bought up by some spammer? Perhaps domain registrars would step in to prevent such shenanigans but I’m not entirely sure since they let expired domains get purchased by spammers all the time.

Had the FBI never targeted Kim Dotcom it’s almost certain that the Megaupload domains wouldn’t have expired because they were part of his business model. When you’re deriving income from something you tend to protect it. So we can just write this off as another example of the government exposing Internet users to dangers they wouldn’t have otherwise faced.

Written by Christopher Burg

May 29th, 2015 at 11:00 am

Remember When Obama Opposed Surveillance

without comments

Rewind to 2008. George W. Bush was finishing up his eighth year as president and many people were furious about all of the civil liberties he wiped his ass with since 2001. In comes Barack Obama who promises to curtail the surveillance powers enacted under Bush. Now we’re approaching Obama’s eighth year as president and he has not only failed to curtail the state’s surveillance powers but he’s actively campaigning to preserve it:

President Barack Obama called on the Senate Tuesday to extend key Patriot Act provisions before they expire five days from now, including the government’s ability to search Americans’ phone records.

“This needs to get done,” he told reporters in the Oval Office. “It’s necessary to keep the American people safe and secure.”

Is there any question why I don’t believe politicians?

Widespread surveillance has become a sticky issue. Part of the reason for this, in my opinion, is the fact both major political parties are performing constant maneuvers to oppose whatever the other party supports. In 2008 the Republican Party fully supported the surveillance state created under Bush precisely because it was created under a Republican president. The Democrats opposed the surveillance state because the Republicans supported it. When Obama came to power the Republicans started changing course on the surveillance state. Since the Republicans were changing course the Democrats had to as well less they be on the same side of an issue as their opponent. Now we’re in a position where the Republican Party is moving away from fully supporting the surveillance state and the Democratic Party is moving towards fully supporting it. What this issue has really shown us is that neither party has any principles and bases their stances almost entirely on what the other party espouses.

As the surveillance state is convenient for whatever party is in power it will never go away. Whatever party is in power will support it while the other party opposes it (I use the word “opposes” very loosely because they don’t really have any strong feelings other than opposing what the other party supports). This is why it’s important for everybody to utilize the security tools available to them. We’re always going to be spied on by the state so we need to defend ourselves regardless of what way the political winds are blowing. Politics won’t change the surveillance state but cryptography will help you defend against it.

Written by Christopher Burg

May 29th, 2015 at 10:30 am

Like You and Me, Only Better

without comments

I don’t consider myself anti-union per se. There’s nothing wrong in my book with workers coming together to support one another. But most unions today aren’t really groups of workers fighting for better pay and benefits. Instead they’re a few well paid individuals who agitated relationships between employers and employees to ensure an environment exists where their six figure salary can continue to be justified. In fact I’d argue that most unions today don’t give two shits about the workers they supposedly represent. Nowhere is this more apparent than in Los Angeles:

Labor leaders, who were among the strongest supporters of the citywide minimum wage increase approved last week by the Los Angeles City Council, are advocating last-minute changes to the law that could create an exemption for companies with unionized workforces.

The push to include an exception to the mandated wage increase for companies that let their employees collectively bargain was the latest unexpected detour as the city nears approval of its landmark legislation to raise the minimum wage to $15 an hour by 2020.

The union heads have been pushing for these $15.00 per hour minimum wage laws in various municipalities under the guise of fighting for the workers. But now they’re turning around and exempting the very employees they supposedly represent from the new minimum wage increases. I guess they feel that union laborers aren’t as good as non-union laborers, which is a strange attitude for a union boss to have.

This move does make sense though. If union shops are allowed to pay less than $15.00 per hour it encourages more companies to utilize union labor. More union labor means more employees giving a percentage of their paycheck to the union itself and that means the higher ups can bump up their six figure salary. These unions aren’t fighting for workers, they’re fighting for union executives.

Written by Christopher Burg

May 29th, 2015 at 10:00 am

Markets Versus the State

without comments

States throughout the world try to restrict markets. These attempts never succeed because the handful of individuals that comprise the state are up against the creativity of very person living under it. This is what so-called “black” markets exist.

Russia decided to place an embargo on foods from the European Union and United States in response to sanctions created against it by those regions. The embargo hasn’t stopped the importation of food from either region. But the embargo makes it risky for importers of these now illicit goods to openly advertise. In the past “black” market actors have relied on limited forms of advertising such as word of mouth. One advertisement agency has come up with a solution that allows “black” market providers to advertise their goods more widely and protects them from state agents:

Last summer, Russia imposed a full embargo on food imports from the European Union (as well as the U.S.) in retaliation for sanctions over Ukraine. This left authentic European food merchants in Moscow in a bit of a bind.

But one Italian grocery store there, Don Giulio Salumeria, kept selling its real Italian food—and came up with a bizarre out-of-home stunt to advertise to consumers without tipping off the police.

With help from agency The 23, the store developed a unique outdoor ad that could recognize police uniforms. Whenever the cops would appear, the ad would cycle out of its rotating display—in essence, physically hiding from the authorities.

Here’s a video showing the sign in action:

Obviously this solution isn’t perfect. Since it relies on recognizing police uniforms it won’t hide the advertisement from off-duty officers walking around in their regular clothes. However it is a demonstration of market innovation and could easily be expanded. In the next iteration they should have the sign store a facial picture of anybody recognized as an officer. Then have it compare faces of anybody passing by with known police officers and hide the advertisement if there’s a match. That way the sign would be able to hide its advertisement from off-duty and on-duty officers.

Innovative ideas such as this one are why the state will always fail when it attempts to restrict markets.

Written by Christopher Burg

May 28th, 2015 at 11:00 am

Paying Taxes is Dangerous to Your Personal Information

without comments

The Internal Revenue Service (IRS) is one of the, if not the, best examples of government incompetence. Almost all of us are required to interact with the IRS. Our interactions, unfortunately, involve handing over a great deal of personal information. This is a major problem since the agency has a poor security track record. Recently it has admitted to losing control over the personal information of 100,000 tax victims:

The IRS announced today that criminals used taxpayer-specific data acquired from non-IRS sources to gain unauthorized access to information on approximately 100,000 tax accounts through IRS’ “Get Transcript” application. This data included Social Security information, date of birth and street address.

These third parties gained sufficient information from an outside source before trying to access the IRS site, which allowed them to clear a multi-step authentication process, including several personal verification questions that typically are only known by the taxpayer. The matter is under review by the Treasury Inspector General for Tax Administration as well as the IRS’ Criminal Investigation unit, and the “Get Transcript” application has been shut down temporarily. The IRS will provide free credit monitoring services for the approximately 100,000 taxpayers whose accounts were accessed. In total, the IRS has identified 200,000 total attempts to access data and will be notifying all of these taxpayers about the incident.

Perhaps I’m hypercritical but it seems to me that we shouldn’t have to submit any of this information to an agency that has demonstrated a complete disregard for keeping it safe. I mean, the IRS’s website doesn’t even have a valid means for users to securely connect to it. If the IRS doesn’t care enough to pull a valid Transport Layer Security (TLS) certificate to protect users then why are we supposed to trust it to store our personal information?

The worst part about this is that the 100,000 people who just had their personal information accessed have no recourse. Since the IRS is the government it is shielded from liability and accountability. That makes matters worse since an organization that is shielded from liability has little motivation to invest resources into fixing its mistakes.

Written by Christopher Burg

May 28th, 2015 at 10:30 am

Police Dislike When the Tables are Turned

with one comment

As policing in the United States continues its downward spiral into thuggery people are finally starting to fight back. More people are recording police encounters to hold officers accountable. Demands are being made in many major cities to curtail police powers. And in a few places people are actively interfering in police attempts at kidnapping. All of this has many of the more psychopathic officers upset:

Whatever the reason, Melbourne police are grateful that for the second time in recent weeks experience and training overcame fear as officers found themselves surrounded and assaulted by hostile anti-police crowds.

This Friday night, Lt. Steve Sadoff saw 22-year-old Phoenix Chansler Low coming out of the Main Street Pub with an open container.

“The officer told him to go back inside or get rid of it,” said Melbourne Police Commander Dan Lynch. “From there it went downhill. The subject was very intoxicated and he began fighting with the officer.”

The scary thing was what happened next. A crowd of people started closing in on Lt. Sadoff and he was attacked from behind, Lynch said. Sadoff used his taser to get Low off him, and it scared the crowd away long enough for him to radio for help and make the arrest.

The person who attacked Sadoff from behind got away.

The “touch on crime” crowd want you to focus on the fact that an officer was attacked and not the fact that the officer initiated the situation by getting in the face of a person who had performed no crime (carrying an open alcohol container outside of a bar does not involve a victim and is therefore not a crime). Had the officer let the patron be nothing would have happened.

“This is the second incident in the past few weeks where officers were making an arrest and the arrestee or people around attempted to interfere with the officer attempting to do his job,” Lynch said. “It is tremendously concerning to us. Every confrontation an officer has is an armed confrontation and the officers are trained to use the minimal amount of force necessary.”

No, this is the second incident in the past few weeks where people prevented officers from kidnapping somebody. People are getting fed up with unaccountable police officers kidnapping and shooting people who haven’t hurt anybody. Decades of little police accountability combine with officers who enjoy power trips has eroded the public’s faith in modern policing. Since they lack faith in the institution they are unwilling to cooperate with it. If officers are really becoming concerned about this trend then they should start taking measures to regain the public’s trust. That starts with refusing to enforce victimless crimes and actually using minimum necessary force to resolve situations (not just talking about it).

Markets Have Not Ruined Video Games

without comments

According to Lorne Lanning capitalism is destroying the gaming industry. In his eyes the for-profit game development model has lead to a world where creativity is stifled by large developers. The Foundation for Economic Education has a good rebuttal by pointing out that the video game industry wouldn’t even be a thing without markets. I want to take it a step further though.

Lanning believes the solution to capitalism in video gaming is independent developers:

In today’s marketplace, Lanning pointed to the indie victories we’ve witnessed with titles like Octodad or Monument Valley. Yes, it takes money to make money, but it doesn’t have to take tens of millions.

What he doesn’t stop to consider is that independent developers are enjoying a great deal of success thanks, in part, to the major game developers that he seems to despise. There has never been a better time to be an independent game developer. This is because the development tools have become cheaper (often free) and more capable and getting titles in front of customers is dead simple.

Consider Microsoft. As much as I dislike Windows I can’t fault Microsoft for how it treats developers. Over the years it has created excellent development tools, streamlined game development with its DirectX framework, and created a distribution platform that every Xbox and Windows gamer has access to. If I want to release a game for the Xbox Microsoft is very much interested in helping me see my dream come true because it stands to profit from my success. And Microsoft isn’t the only game in town. Valve has given independent developers an amazing distribution platform for PCs with Steam. It has also given game developers a great engine called Source. I haven’t even mentioned Sony, with its PlayStation store, Google with its Play Store, or Apple with development tools and App Stores for both OS X and iOS.

It was only a few years ago when independent developers had to front the expense of developing, advertising, and distributing titles. This often resulted in a hodgepodge of a million online stores, product keys you had to keep track of, and other assorted headaches. Now an independent developer can download excellent, free developer tools and publish the completed title to the Xbox Games Store, the PlayStation Store, Google Play, Steam, and the Apple App Stores. From there users can click a few buttons and have the game downloaded to their system with minimal hassle.

Markets gave rise to today’s large developers. These large developers then created development tools and platforms that helped give rise to independent developers. Someday the independent developers will become large themselves and likely create new tools and platforms to give rise to new independent developers.

Video games have gone from a geeky hobby you got beat up for enjoying to a multi-billion dollar industry. The only reason we have capable gaming hardware, quality development tools, and easy distribution platforms is because developers of old satisfied customer wants enough to acquire the capital necessary to build these things. Had the Nintendo Entertainment System or Sega Genesis flopped it’s possible that video games would still be a niche industry. Dedicated gaming hardware such as consoles and graphics cards would likely be much less capable than they are today. Development tools would probably still be primitive due to the lack of investment in improving them. Distribution would almost certainly still rely on a hodgepodge of disparate websites and produce keys. After all, why would a large developed like Microsoft put any money into the growing the gaming industry if it didn’t stand to profit? How would Valve have acquired the capital necessary to build Steam if Half-Life hadn’t raked in so much money?

I think Lanning’s real objection to today’s gaming industry is that the best selling titles aren’t the titles he enjoys. As somebody who doesn’t enjoy today’s most popular series, such as the titular Call of Duty, I can relate. But the success of those blockbuster series hasn’t hampered the games I enjoy. Series I enjoy, such as MegaMan and Armored Core, have seen releases in recent times. Inafune, one of the creators of the MegaMan series, has even branched out on his own to release a spiritual successor. Igarashi, one of the masterminds behind Castlevania: Symphony of the Night, has also branched out to release a spiritual successor. Capitalism hasn’t destroyed the gaming industry, it has propelled it forward. All of the capital acquired by releasing blockbuster titles has given way to tools that help independent game developers. Hell it’s unlikely Oddworld, Lanning’s most well-known title, would have never seen the light of day if it wasn’t for blockbuster titles from the 8-bit and 16-bit console days creating a major gaming industry.

Written by Christopher Burg

May 27th, 2015 at 11:00 am

Watching Cronies Fail

with one comment

A major benefit of providing solutions to government meddling is watching as the government’s cronies fail. Cab drivers in Mexico, as cab drivers in much of the world, are unhappy with ride-sharing services such as Uber and Lyft. Their unhappiness is understandable since they’ve been shielded from competitors by their government for decades. When you haven’t had to compete in a market it can be scary facing competition because it makes you realize that you have to actually provide a superior service if you want to thrive.

On Monday cab drivers in Mexico went on strike to protest Uber. The protest was a plea for the Mexican government to ban Uber. The end result was to give Uber a great dead of publicity and convince a lot of people to try Uber since they couldn’t get around using traditional cabs:

Monday’s protest from Mexican Taxi drivers, against ride-sharing mobile apps such as Uber, has proved a boon for the San Francisco-based company. After offering a protest-edition special with two free 10-dollar rides, downloads of the app rose by 800 percent, Uber Communications Director for Mexico Luis de Uriarte said on Tuesday.

Unlike Uber, the signs of regulated taxis were off in Mexico on May 25, as some 5,000 drivers took to the streets of Mexico City. Chanting “Get out Uber!” union leaders demanded the government impose a ban on the smartphone-based service.

With the hashtags #UberNoPara (Uber doesn’t stop) and #MexicoNoPara (Mexico doesn’t stop), Uber launched a campaign offering two MEX$150 (US$9.8) fares for free between 7:00 a.m. and 9:59 p.m. on Monday. The initiative not only have become a commercial success, it brought PR blowback on the taxi drivers.

Uber and Lyft are providing a solution to a market that has been crippled by government regulations for decades. Many localities put an artificial cap on the number of legal taxi cabs that can operate. Other localities, while not putting an artificial cap in place, require potential taxicab drivers to pay a licensing fee, which adds a barrier to entry. The result has been lackluster taxicab services in much of the world. With ride-sharing services such as Uber and Lyft anybody can act as a taxicab. Suddenly cronies that have been protected from competition are facing the competition of anybody with a vehicle and they’re floundering.

Providing solutions to government create problems weakens its grip by showing how unnecessary it is. While government protected taxicab drivers were refusing to provide services ride-sharing swooped in to save the day. Because of this people are unlikely to accept any prohibition against ride-sharing services.

Go and Make It

without comments

This is effectively what us agorists have been advocating for decades:

What if we stopped attacking people for a cause and started attracting people to a cause? What if we became creators instead of mere critics and conquerors? Rather than waging war—either figuratively (in arguing) or literally — what if we channeled all of our passion and energy into disruptive acts of creation?

What if we bypassed electoral politics and established a more cooperative era…one in which the best ideas win?

In this new age, politicians would be replaced by innovators. Political capital would be replaced by creative capital.

Social change would not be planned by bureaucrats. It would emerge from the collective creativity of artists, scientists, and entrepreneurs working in cooperation.

Agorism utilizes counter-economics to provide goods and services in a manner that doesn’t feed the state. Permits are not acquired, taxes are not collected or paid, and regulations are not consciously adhered to. Instead goods and services that people want, not what the government says the ought to have, are created and sold for a lower price since all of the cost of bureaucratic overhead is absent.

We living in a world where solutions can be more easily created. “Go and make it,” is an excellent slogan for a new revolution. It encompasses the power of individuals to create solutions and the fact that the new revolution won’t be fought with the state’s tool of war but with markets.

Written by Christopher Burg

May 27th, 2015 at 10:00 am

United States Government Looking to Repeat Security Blunder

with one comment

As we’re recovering from two vulnerabilities caused by old export restrictions on strong cryptography tools the United States government is looking to repeat that failure:

The U.S. Commerce Department has proposed tighter export rules for computer security tools, a potentially controversial revision to an international agreement aimed at controlling weapons technology.

On Wednesday, the department published a proposal in the Federal Register and opened a two-month comment period.

The changes are proposed to the Wassenaar Arrangement, an international agreement reached in 1995, aimed at limiting the spread of “dual use” technologies that could be used for harm.

Forty-one countries participate in the Wassenaar Arrangement, and lists of controlled items are revised annually.

The Commerce Department’s Bureau of Industry and Security (BIS) is proposing requiring a license in order to export certain cybersecurity tools used for penetrating systems and analyzing network communications.

Another great example of the state making the same mistake, only harder. Restricting the export of strong cryptographic tools put everybody at risk of attack and an export restriction against penetration testing tools would put everybody at risk of missing basic vulnerabilities in their networks.

Penetration testing tools, like any technology, can be used for good and bad. If you properly utilize the tools on your network you can discover vulnerabilities that are exploited by those tools and patch them. Not utilizing these tools allows an malicious actor to exploit your network using those tools. Any restriction on exporting these tools will leave networks vulnerable to them.

Why would the United States government propose implementing restrictions that put the entire world at risk? Most likely it’s because government agencies utilize penetration testing tools to exploit networks and would therefore gain considerably by making defending against them more difficult. This proposal shows just how self-centered the state really is because it’s willing to put billions of people at risk just to make its task of exploiting networks a little easier. Its narcissism is so bad that it doesn’t even care that this restriction would also make every network more vulnerable to exploitation by its enemies (if the United States can hack your network then foreign countries such as North Korea can as well).

Fortunately we learned what happens when restrictions are placed on ideas during the crypto wars. Even though the United States restricted the export of strong cryptographic algorithms the knowledge spread quickly. It’s pretty hard to restrict something that can literally be printed on a t-shirt, especially when you have a worldwide network that specializes in information sharing. If this restriction is put into place it will be entirely ineffective at everything but giving the state justification to put several very intelligent people in a cage for the crime of making our networks safer.

Written by Christopher Burg

May 26th, 2015 at 11:00 am