Month: May 2015

Market Solutions Versus State Solutions: Global Positioning System

Continuing on my theme of comparing market solutions to state solutions, today I’m going to discuss the Global Positioning System (GPS). For those of you unfamiliar with GPS it’s a network of satellites that provides positional information for navigation purposes. Development started in 1973 by the Department of Defense (DoD) and it became fully operational in 1995. Today anybody who uses a computer navigation system, say their phone or a dedicated GPS receiver, relies on this network.

There are several points to note about GPS. It was originally developed to improve the DoD’s ability to blow up people in foreign countries. Civilians were begrudgingly given access to the network but only through a degraded signal. In 2000 civilians were finally allowed to access a non-degraded GPS signal and that’s when the real innovation began.

The DoD’s exclusive access to the full capabilities of GPS resulted in no notable quality of life improvements for everyday people. Instead the DoD saw GPS as a way of improving its ability to kill people. Even today the state still uses GPS to enhance its own power. The Federal Bureau of Investigations (FBI), for example, uses GPS to perform warrantless surveillance.

Meanwhile the market has been utilizing GPS to improve the lives of everyday people. In 1991 a GPS receiver weighing less than 3 pounds was finally created. Today GPS receivers are so small that they fit in our phones. Using these miniaturized GPS receivers we are able to navigate with our phones. Google and (to a much lesser extent) Apple’s mapping services give consumers free access to constantly updated maps that enable real-time turn-by-turn navigation when coupled with a GPS signal. Market access to GPS gave rise to Geocaching, a game where players use GPS to locate hidden caches. Task management apps allow users to create reminders that will fire off when they enter their home or place of work. Bicycling apps allow cyclists to keep track of where they road, how fast they were going, and how high the hills the ascended were. Phones and other devices can utilize GPS to report their location so they can be easily recovered if stolen. Thanks to the market you can even use GPS to defend yourself against the state. Apps such as Waze will alert you to reported police presence before you’re close enough to be clocked on a radar gun.

Where the state saw a network of navigational satellites only as a means of improving its ability to kill and spy the market saw it as a means of improving our lives in a vast number of ways. Thanks to the market GPS is so integrated into our daily lives that we take it for granted.

Basic Safety Equipment Legalized in Minnesota

The guys and gals over at Minnesota Gun Owners Civil Rights Alliance (GOCRA) have demonstrated once again that, unlike the charlatans over at Minnesota Gun Rights, they can get shit done. Through some miracle of the gods suppressors will be legal to own in Minnesota starting on July 1st:

Minnesota became the 40th state to allow civilian ownership of National Firearms Act-compliant firearms suppressors with Gov. Dayton’s signature last week.

The bill began life as a House measure that, although it threaded its way successfully through that chamber as a stand-alone proposal, had to be folded into a huge judiciary policy bill that addressed a number of widely varied issues to survive in the Democrat-controlled Senate where it passed in a veto-proof 55-9 vote.

Although Dayton cautioned lawmakers that he would not approve a bill legalizing the devices, saying, “I’m not aware that there is any part of the Second Amendment to the U.S. Constitution that gives us the right to bear a silencer,” the Governor in fact signed the legislation without comment along with three other bills last Friday morning.

The bill contained other provisions that are helpful to Minnesota gun owners such as limiting the state’s power to confiscate firearms during an emergency situation. I look forward to finally being able to attach a piece of basic safety equipment to my firearms. It’s too bad that the National Firearms Act requires me to hand $200 over to the gun runners at the Bureau of Alcohol, Tobacco, Firearms, and Explosives for the privilege of using safety equipment but such as the way of the state (you can’t get anything nice without giving the mob its cut).

Opposing the War on Immigrants

One of the issues anarchist and statist libertarians often butt heads is immigration. Us anarchist libertarians don’t believe the imaginary lines created by illegitimate entities should exist. Statist libertarians often cherish those imaginary lines to such a point that they demand fences, guard towers, and armed patrols to keep people on the other side out.

The problem with strong borders is that they necessarily require a strong enforcer. A strong enforcer in the hands of the state will always lead to the expansion of state power:

Libertarians should pay more attention to the ban on immigration. These regulations are big government at its worst: over-militarization, over-criminalization, over-regulation, anti-market, and anti-liberty. Nearly every aspect of American life is affected by them, yet many libertarians are still ambivalent.

Its consequences are devastating. Consider this fact: the number one reason for arrests under federal law last year was for unsanctioned entry into the United States. And it’s not even close. Half of all federal arrests in the United States are for immigration offenses — drugs are a distant second at just 15 percent.

If libertarians are focused on reducing government power and intrusion into the lives of peaceful people, immigration ought to receive at least as much attention as the drug war. But it’s almost like the liberty movement is stuck in the 1980s when illegal immigration, though common, was largely ignored.

Statist libertarians, and other opponents of freedom of movement that claim to support small government, cannot have both a small government and heavily defended borders. Anybody who follows a philosophy that advocates free markets should understand the problem here. The state is a monolithic entity that is slow to adapt to changes and relies on violence to accomplish all of its goals. Meanwhile immigrants are more akin to market actors. There are millions of them and when you have millions of people who can quickly adapt to changes going against a single entity that seldom adapts to changes the former group is going to win.

We see this today. When the state throws up border crossings on major highways immigrants use less traveled routes. When the state builds a wall immigrants climb over it, cut through it, or tunnel under it. When the state patrols the border immigrants watch their patrol patterns and learn how to avoid them. No matter what the state does immigrants adapt their strategies to compensate.

Furthermore immigrants seldom have a lot of money so they come up with cheap solutions. This harkens back to asymmetrical warfare. One side uses cheap tactics to take out the other side’s very expensive equipment. Eventually the size utilizing cheap tactics wins by simply bleeding the other side dry. Immigrants, likewise, use cheap tactics that the state tries to counter with extremely expensive equipment and tactics. A handful of immigrants crossing the border can cause the state to spend out police patrols to pull over anybody who has a bit too much melanin in their skin to check for their citizenship papers. Patrols like that cost a lot of money.

Libertarians, even those who believe those imaginary lines are important, should oppose the war on immigrant on the grounds that it’s incredibly inefficient and a detriment to liberty.

Market Solutions Versus State Solutions: Google Edition

Xcel Energy demonstrated the difference between how markets and the state utilize drones. Now Google unwittingly provided another demonstration. When Google created the Play Store it saw it as a service that would improve the lives of their customers by providing a method to easily download Android applications. When the National Security Agency (NSA) saw the Play Store it saw it as a method to infect Android phones so they could be surveilled:

The information about Irritant Horn comes from documents provided by Edward Snowden to The Intercept and CBC. The program, which appears to have been in its early stages in 2011-2012, had NSA analysts use a type of man-in-the-middle attack to implant spyware on Android devices connecting to the Android Market or Samsung’s apps store. Basically, besides the requested app, the targets were served malicious software that allowed spooks to eavesdrop on everything that happened on the device. The NSA even explored using the capability to modify the target device, for propaganda or disinformation purposes.

Google wants to provide Android users with Firefox so they can browse the web. The NSA wants to provide Android users with a modified version of Firefox that reports on their browsing habits and potentially feeds them disinformation.

Whether the NSA was successful in highjacking Google’s service is up in the air. I think the answer to that heavily depends on the security used by the Play Store. If the Play Store uses effective tools to encrypt communications between an Android device and the Play Store as well as digitally sign provided software the likelihood of the NSA being successful is low. This is because a properly secured connection cannot be highjacked and digitally signing the software will alert you if it has been altered. Even if Google cooperated with the NSA the user would be able to tell if the software was modified so long as the developer signed it (that still leaves the possibility of the NSA enlisting the developer but then the problem isn’t the Play Store).

Two lessons should be taken away from this story. First, the market sees services as means to fulfill consumer wants whereas the state sees services as means to exploit them. Second, proper security is important and markets actors should focus on it to protect consumers from the state (and other malicious entities).

Giving Back to Society

It amuses me when people talk about the wealthy market actors needing to “give back to society” and then saying holding a political office is a public service.

Let’s consider the difference between a wealthy person who created a product that people wanted versus a politicians. Steve Jobs, for example, became an extremely wealthy man by producing computers, portable music players, and phones that people really wanted. People wanted these products so much that they were willing to give him money in exchange. How can one claim he needs to “give back to society” when he already gave people in society what they wanted?

Politicians are the polar opposite. Instead of fulfilling the wants of people in society politicians dictate what they want society to want. When a politician says a community needs a new school they don’t build one with their own money and see if members of the community want it. What they do is hold a meeting with their fellow politicians, vote to build a new school, then plunder more money from the community by issuing a tax increase to build it. Where a market actor gives to the community a politician takes from the community. How can holding political office be considered a public service when the job involves stealing from people?

If anybody needs to “give back to society” it’s the politicians and they can start by giving back all of the money they’ve plundered from me over the years. I chose to give Steve Jobs my money of my own volition. The only reason I give the politicians money is because the alternative involves a cop smashing my face in with a truncheon.

Come See Me On a Panel Discussion with William Binney and Todd Pierce

Wednesday June 3rd I will be participating in a panel discussion with National Security Agency (NSA) whistle blower William Binney and retired Judge Advocate General (JAG) Todd Pierce. The event will be focused on ending mass surveillance in our lifetime. Binney will likely be addressing the issue from a political activism viewpoint, Pierce will likely focus on legal matters, and I’ll be addressing the issue from a technical viewpoint.

The event will be held at the Bent Creek Golf Club in Eden Prairie. It’s scheduled to start at 19:00 and end at 20:30. There is no admission fee but drinks are going to cost you.

Political Solutions Versus Technical Solutions

When discussing pervasive surveillance I focus exclusively on technical solutions. People involved in political activism often ask me why I don’t also involve myself in political solutions. My reason is that I don’t like investing effort into worth that is unlikely to pay off when I can invest it in work that will pay off.

Consider the political solution. Say, in spite of everything we know about the state, Congress decides to ban the National Security Agency (NSA) from spying on American citizens and actually enforces that ban. What then? You’re still vulnerable to spying from the Government Communications Headquarters (GCHQ) as well as the intelligence agency of every other major world government. In addition to that your Internet service provider (ISP) can still spy on you and inject malicious code into websites you visit. Political solutions are also temporary. Once the Congress that voted to prohibit the NSA from spying is replaced with a new Congress that ban could be reversed.

Technical solutions avoid those limitations. When you use security forms of communication that the NSA, GCHQ, and other intelligence agencies can’t crack then they are unable to spy on regardless of where the political winds blow. Furthermore ISPs are unable to surveil your traffic or inject malicious code into websites you visit. Technical solutions fix the holes needed to spy on you and therefore defends you against all surveillance and not only for temporary stretches of time (assuming the secure communication tools continue to be maintained so any discovered vulnerabilities are fixed).

I, like everybody else, only have a limited amount of time. Why would I invest some of that precious time into something that is, at best, temporary and only guards against a select few bad actors when I can focus on something that is more permanent and works against all bad actors? It just doesn’t make sense.

Another Vulnerability Caused by State Meddling

In March a security vulnerability, given the fancy marketing name FREAK, was discovered. FREAK was notable because it was caused by government meddling in computer security. Due to cryptography export restrictions quality cryptographic algorithms were not allowed to be put into widespread use, at least legally, and many legacy systems were built around weak algorithms. FREAK may be behind us but a new vulnerability was just discovered:

Tens of thousands of HTTPS-protected websites, mail servers, and other widely used Internet services are vulnerable to a new attack that lets eavesdroppers read and modify data passing through encrypted connections, a team of computer scientists has found.

The vulnerability affects an estimated 8.4 percent of the top one million websites and a slightly bigger percentage of mail servers populating the IPv4 address space, the researchers said. The threat stems from a flaw in the transport layer security protocol that websites and mail servers use to establish encrypted connections with end users. The new attack, which its creators have dubbed Logjam, can be exploited against a subset of servers that support the widely used Diffie-Hellman key exchange, which allows two parties that have never met before to negotiate a secret key even though they’re communicating over an unsecured, public channel.

The weakness is the result of export restrictions the US government mandated in the 1990s on US developers who wanted their software to be used abroad. The regime was established by the Clinton administration so the FBI and other agencies could break the encryption used by foreign entities. Attackers with the ability to monitor the connection between an end user and a Diffie-Hellman-enabled server that supports the export cipher can inject a special payload into the traffic that downgrades encrypted connections to use extremely weak 512-bit key material. Using precomputed data prepared ahead of time, the attackers can then deduce the encryption key negotiated between the two parties.

We’ll likely be dealing with the consequences of those export restrictions for some time to come. The only upside to this is that it is a reminder of what happens when the government meddles in security for its own purposes. Cryptography export restrictions were put in place because the United States government feared it would be unable to spy on foreign entities (and, as it turns out, domestic entities). Now the government, operating under similar concerns for its ability to spy, is discussing mandating the inclusion of back doors in systems that use strong cryptography. If this happens and developers actually comply we’ll have a repeat of what we’re dealing with today. Security vulnerabilities will arise from government mandated cryptography weaknesses that will put the masses at risk.

Whenever the government wishes the involve itself in something that only appropriate answer for the people to give is a loud “No!” This is especially true when it comes to security because the government has a direct interest in ensuring that each and every one of us is vulnerable to its surveillance apparatus.

State Solutions Versus Market Solutions

Technology is a double-edged sword. One edge improves the lives of people. The other edge enables bad people to do bad things. When you want to see both edges of a technology you need only compare how it is used by the state versus the market. Consider drones. States use drones to spy and drop bombs on people. Meanwhile the market utilizes them to provide better services to individuals. Xcel Energy is planning to utilize drones to inspect power infrastructure:

Xcel Energy says it has approval from federal regulators to use drones to inspect more than 320,000 miles of electric and natural gas infrastructure.

The Federal Aviation Administration says Xcel can use the small unmanned aircraft systems to visually inspect electric transmission and distribution lines, power plants, renewable energy facilities, substations and pipelines.

This will allow more reliable provision of power by identifying flaws in the infrastructure before they become a major problem. It will also allow fast identification of problem sources as aerial inspection of power infrastructure is usually faster than ground inspection. Instead of using drones to terrorize entire nations Xcel Energy is another company that has found yet another way to utilize the technology to enhance the lives of people.

Why Political Activism Won’t Stop Mass Surveillance

Time and again people ask me why I don’t involve myself in political activism to stop mass surveillance. My answer is doing so is pointless because no matter how hard you beg the state it will never handicap itself. Case in point, the Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet-collection and Online Monitoring (USA FREEDOM) Act (I hope a staffer was paid a nice bonus for coming up with that acronym). It has been hailed as a solution to the National Security Agency’s (NSA) mass surveillance practices. However the bill, as so often is the case, does the opposite of what its name implies and advocates claim. Instead of curtailing NSA surveillance the bill codifies it:

After only one hour of floor debate, and no allowed amendments, the House of Representatives today passed legislation that seeks to address the NSA’s controversial surveillance of American communications. However, opponents believe it may give brand new authorization to the U.S. government to conduct domestic dragnets.

[…]

However, the legislation may not end bulk surveillance and in fact could codify the ability of the government to conduct dragnet data collection.

“We’re taking something that was not permitted under regular section 215 … and now we’re creating a whole apparatus to provide for it,” Rep. Justin Amash, R-Mich., said on Tuesday night during a House Rules Committee proceeding.

“The language does limit the amount of bulk collection, it doesn’t end bulk collection,” Rep. Amash said, arguing that the problematic “specific selection term” allows for “very large data collection, potentially in the hundreds of thousands of people, maybe even millions.”

In a statement posted to Facebook ahead of the vote, Rep. Amash said the legislation “falls woefully short of reining in the mass collection of Americans’ data, and it takes us a step in the wrong direction by specifically authorizing such collection in violation of the Fourth Amendment to the Constitution.”

Political activism can’t solve problems. At most is can be used to convince the state to rewrite its rules, and then only temporarily, so that it can continue doing the same thing but claim it isn’t. The only way widespread surveillance can be curtailed is if every one of us begins encrypting all of our communications. Even if some of us utilize weak cryptography it will still increase the overall cost of operating the system. Clear text requires no resources to read. Weak cryptography still requires some resources to identify the algorithm(s) used and to reverse them. Furthermore the text of any encrypted communication is unknown to the eavesdropper until it’s unencrypted. Strong cryptographic tools, on the other hand, are practically (as in the time required is longer than the information’s usefulness) impossible for spies to crack.

Stop begging the state to neuter its spying capabilities and take back your privacy. A good place to start is to begin utilizing tools that allow secure communications.