Month: July 2015

Authors Guild Demands The Impossible To Fight Piracy

Statism encourage the use of the truncheon to solve every problem. Is your neighbor is being noisy at night? Don’t go over and talk to them, sic men with guns on them! Is your new competitor stealing away some of your business? Don’t revamp your business model to more effectively compete, demand the state implement new regulations that stifle your competitor!

The problem with this mode of thinking is that it discourages creativity so when a problem that can’t be solved by the truncheon appears the only solution is to demand the impossible. That’s what the Authors Guild is doing in the name of fighting piracy:

The Authors Guild, one of the nation’s top writer’s groups, wants the US Congress to overhaul copyright law and require ISPs to monitor and filter the Internet of pirated materials, including e-books.

[…]

Rasenberger believes that ISPs have the technology and resources to remove pirated works without being notified that pirated content is on their networks. She continued:

Individual copyright owners do not have the resources to send notices for every instance of infringement online, much less to keep sending the for copies reposted after being taken down. Individuals do not have access to automated systems that track infringing copies and send notices, nor do they have the bargaining power to make the deals with ISPs that larger corporations can.

ISPs, on the other hand, do have the ability to monitor piracy. Technology that can identify and filter pirated material is now commonplace. It only makes sense, then, that ISPs should bear the burden of limiting piracy on their sites, especially when they are profiting from the piracy and have the technology to conduct automates searches and takedowns. Placing the burden of identifying pirated content on the individual author, who has no ability to have any real impact on piracy, as the current regime does, makes no sense at all. It is technology that has enabled the pirate marketplace to flourish, and it is technology alone that has the capacity to keep it in check.

Those who don’t understand the technical issues involved in piracy may believe this is a viable solution. But the stronger emphasis on security, thanks to Edward Snowden, also ensures Internet service providers (ISP) are going to be less and less able to monitor their customers’ activities. An ISP can only monitor what it can see. If piracy is happening over unencrypted connections an ISP can see it. Encrypted connections are an entirely different matter. Unless pirates are using ineffective encryption it’s not possible for an ISP to monitor their activities. It is possible for an ISP to use heuristics to estimate what customers are doing but that is a far cry from being able to say without question what a customer is doing. And an ISP doesn’t want to acquire a reputation for cutting off service and turning over customers to law enforcers without iron clad evidence of wrongdoing.

Solving digital copyright infringement, what piracy actually is, requires adjusting business models. Identifying and combating pirates is no longer feasible so copyright holders must give customers reason to choose paying them over obtaining pirated copies of works. I think the music industry is finally seeing a solution with streaming services such as Spotify and Apple Music. Such services make it extremely easy for users to acquire and listen to music. In fact they make it easy enough that the cost of the subscription is less than the hassle of finding a pirate source of music, downloading it, and loading it onto devices and computers. While that doesn’t stop all piracy is stops a lot of it and that’s the best a copyright holder can hope for when their product can be copied infinite times with ease.

Music piracy has proven that no amount of laws will solve the problem. The Digital Millennium Copyright Act (DMCA), the very act that is being cited by the Authors Guild, was passed, in part, as a response to music piracy. Music piracy is still a thing even though the DMCA has been on the books for years because passing a law and enforcing a law are two entirely different things.

Gun Control And Cryptography Control: Same Idea With The Same Outcome

Crypto War II is heating up. David Cameron has vowed to make effective cryptography illegal in the Britain, the Federal Bureau of Investigations (FBI) has been uging Congress to pass a ban on effective cryptography, and Australia has been ahead of the curve by not just prohibiting the use of strong cryptography but also learning about it. I’ve spent a good deal of time fighting against attempts to restrict or prohibit gun ownership. From my experience there I can say that attempts to restrict or prohibit effective cryptography is the exact same thing with the same outcome.

First, let’s consider what restricting or prohibiting gun ownership does. Gun restriction laws prohibit non-state individuals from having legal access to certain types of firearms and what they can do with their firearms. The National Firearms Act (NFA), for example, places heavy restrictions on purchasing machine guns, suppressors, and several other categories of firearms. Adding to the NFA’s restrictions on machine guns the Hughes Amendment to the Firearm Owners Protection Act outright prohibited non-state entities from legally owning machine guns manufactured after 1986. In addition to these restrictions the Gun Control Act of 1968 also created a list of individuals prohibited from owning any type of firearm. The list includes anybody who has been labeled a felon, which means simply failing to abide by the entire tax code could make it illegal for you to own a firearm. Most states have laws restricting individuals from lawfully carrying a firearm without state permission. In other words most states restrict individuals’ options for self-defense. Those laws, like all laws, only apply to individuals acting within the law. Criminals, by definition, do not have to abide by these restrictions and prohibitions so the ultimate outcome is that non-state individuals can be outgunned by violent criminals (both the state and non-state variety).

Now let’s consider what restricting or prohibiting effective cryptography does. Restrictions against effective cryptography create a legal requirement that all cryptographic systems be weakened in such a way that they can be easily bypassed by the state. In reality cryptographic systems cannot be weakened in such to allow only one entity to bypass them without also allowing other entities to bypass them. We learned this lesson during the Clipper chip fiasco. When you purposely introduce weaknesses into cryptographic systems those weaknesses can be targeted by anybody, including run of the mill criminals and foreign states. In the case of key escrow, the system being proposed where all encrypted data can be decrypted by a key held by the state, the focus would likely be in either creating or stealing a copy of the state’s key. Once that happened, and it would only be a matter of time until it did happen, the encrypted data would be available to anybody with a copy of the key to read. Imagine the day, and it would happen, where that master key was widely distributed across the Internet. Suddenly everything that was lawfully encrypted would be easily decrypted by anybody. Your personal information, including credit card and Social Security numbers, would be accessible to every identify thief in the world. Any communications you had that could imply you were participating in an unlawful activity, even if you weren’t, would suddenly be accessible not only to law enforcement agents but also individuals interested in blackmailing you. All future communications with online stores would be vulnerable, which means your credit card and shipping information could be snapped up by anybody surveiling the network you’re using. Any information you entered into state and federal online tax systems would be viewable to anybody with a copy of the master key. Effectively everything you communicated would be transmitted in plaintext and viewable to anybody.

Cryptography, like a firearm, is a means of self-defense. Where firearms are used to defend your physical self cryptography is used to defend your data. If your phone or laptop is stolen encryption can defend all of the information stored on it from the thief. When you make a purchase online encryption defends your credit card number and shipping address from identify thieves. Your Social Security number is also defended against identify thieves by encryption when you fill out your taxes online. There are a lot of bad individuals who want to steal personal information about you and the only thing you have to defend against them is effective cryptography. Any restriction against effective cryptography necessarily inhibits the ability of individuals to defend themselves.

The fight against restricting cryptography is the same fight against restricting firearm ownership. Both fights are against attempts by the state to restrict the ability of individuals to protect themselves from harm.

The Deplorable State Of The Government’s Network Security

“I’ve got nothing to hide,” is a phrase commonly spoken by supporters of government surveillance and those too apathetic to protect themselves against it. It’s a phrase only spoken by the ignorant. With each working professional committing an average of three felonies a day there are no grounds for anybody to claim they have nothing to hide from the government. But even those who don’t believe they have anything to hide from the government likely feel as though they have something to hide from the general public. With the breach of the Office of Personnel Management’s (OPM) network we were shown another important fact: the government’s network security is in such a poor state that any data it collects could be leaked to the general public.

Now we’re learning that the OPM wasn’t the only government agency with deplorable network security. It’s a chronic problem within the government:

Under a 2002 law, federal agencies are supposed to meet a minimum set of information security standards and have annual audits of their cybersecurity practices. OPM’s reviews showed years of problems.

But the issue is far more widespread than with just one agency. According to the Government Accountability Office, 19 of 24 major agencies have declared cybersecurity a “significant deficiency” or a “material weakness.” Problems range from a need for better oversight of information technology contractors to improving how agencies respond to breaches of personal information, according to GAO.

“Until federal agencies take actions to address these challenges—including implementing the hundreds of recommendations GAO and agency inspectors general have made—federal systems and information will be at an increased risk of compromise from cyber-based attacks and other threats,” the watchdog agency said in a report earlier this month.

A large majority of major agencies have declare their network security to be unfit. In addition to general network security there are also concerns about overseeing contractors; which is pretty legitimate after Edward Snowden, an at the time contractor, walked off with a lot of National Security Agency (NSA) secrets; and abilities to respond to breaches.

Many mass surveillance apologists have pointed out that the OPM isn’t exactly the NSA because they assume the latter has far better security. As I mentioned above, Edward Snowden proved otherwise. And even if some agencies do have effect network security the problem of inter-agency sharing is a real concern. Assume the Internal Revenue Service (IRS) actually has adequate network security but it shares information with the OPM. In the end the data held by the IRS is still acquired by malicious hackers because they were able to compromise an agency that also held the data. Security is only as strong as the weakest link.

The next time somebody claims they have nothing to hide from the government ask them to post all of their personal information to Pastebin. If they’re not willing to do that then they should be concerned about government surveillance considering the state of its networks.

Hacking Team Changes Its Tune In Desperate Attempt To Remain Relevant

Last week Hacking Team made a big deal about terrorists having access to its advanced technology. This week everything is different. Hacking Team wants the world to know that the technology that was obtained from its internal network is old and crappy and no big deal:

On Monday, Hacking Team released a statement saying that while some of its surveillance-related source code was released to the public, the firm still retains an edge. “Important elements of our source code were not compromised in this attack and remain undisclosed and protected,” the release said. “We have already isolated our internal systems so that additional data cannot be exfiltrated outside Hacking Team. A totally new internal infrastructure is being build [sic] at this moment to keep our data safe.”

Hacking Team must work very fast if it was able to discover all new exploits between last week and today that allows it to regain its edge as a top purveyor of surveillance software to countries that regularly commit atrocities. At best the company is literally making up bullshit, which wouldn’t be the first time considering how often it denied doing business with many of the countries it was doing business with, or at worst has been able to buy a slew of new zero-day exploits. Either way I doubt the damage against Hacking Team’s brand can be undone. Being a malware seller that was breached is one thing but being a malware seller that has demonstrably shitty internal security practices isn’t likely to put its customers’ minds at ease.

My highest hope is that Hacking Team goes bankrupt and its top brass are raked through the coals.

Another Reason To Run An Ad Blocker

Ad blockers are marvelous web browser plugins. In addition to saving users from dealing with ceaseless pop-ups, audio that plays automatically, and other annoyances ad blockers also protect users from malware. A recent study [PDF] published by the Simon Fraser University shows another reason to run an ad blocker: they can significantly reduce the data usage of your network:

A Canadian university claims to have saved between 25 and 40 percent of its network bandwidth by deploying Adblock Plus across its internal network.

The study tested the ability of the Adblock Plus browser extension in reducing IP traffic when installed in a large enterprise network environment, and found that huge amounts of bandwidth was saved by blocking web-based advertisements and video trailers.

This is especially important when you’re dealing with a service that requires you pay by usage, such as most modern cellular data plans, or building a network that will see heavy usage from numerous individuals, such as university networks.

Ad blockers are not well received by website operators who rely on them. It’s understandable because ad blockers directly cut into their profits. But it’s also unwise to rely on a revenue source that requires users to put themselves at risk of being infected with malware and pay more for bandwidth usage. If ad blockers are a threat to your revenue model then you should consider looking into other avenues to make profits.

I mention Feedbin periodically when the issue of website revenue comes up because it’s a great example of how a website can make money without relying on advertisements. Feedbin charges customers $3.00 per month or $30.00 per year to use its service. People are more than willing to pay money for a quality online service as demonstrated by Feedbin, Netflix, and Spotify. The advantage of a subscription model is that it’s a predicable cost, unlike the potential bandwidth costs incurred by serving advertisements, and greatly reduces the risks of malware infection.

Finding alternative revenue sources is going to become increasingly important as more people utilize ad blockers for security, reducing network congestion, and lowering bandwidth costs. Instead of expecting customers to face more risks and costs website operators need to being researching ways to stay afloat without ads. As with any market online services are constantly evolving and those who want to continue participating in it need to evolve as well.

In Regards To Hoppe’s Argument Against Open Borders

The imaginary lines on our maps are the subject of frequent debate. It’s not surprising to see statists argument about immigration policy since they believe those imaginary lines are very real and very important. What’s surprising to me is that various branches of anarchism argue about them as well.

Yesterday the Muh Borders Facebook page linked to an article by Hans-Hermann Hoppe posted by Lew Rockwell. Hoppe’s article argues against open border policies that are supported by, what he refers to as, left-libertarians. It’s true that I consider myself a dirty leftist but I came from what most people would consider right-libertarianism. Right-libertarianism believes in the Lockean principle of homesteading. That is to say initial property rights are established when one mixes their labor with unowned resources. From there property rights can be transferred through trade. Herein lies my quarrel with Hoppe’s article. In it he argues:

But on what grounds should there be a right to un-restricted, “free” immigration? No one has a right to move to a place already occupied by someone else, unless he has been invited by the present occupant. And if all places are already occupied, all migration is migration by invitation only. A right to “free” immigration exists only for virgin country, for the open frontier.

[…]

The second possible way out is to claim that all so-called public property – the property controlled by local, regional or central government – is akin to open frontier, with free and unrestricted access. Yet this is certainly erroneous. From the fact that government property is illegitimate because it is based on prior expropriations, it does not follow that it is un-owned and free-for-all. It has been funded through local, regional, national or federal tax payments, and it is the payers of these taxes, then, and no one else, who are the legitimate owners of all public property. They cannot exercise their right – that right has been arrogated by the State – but they are the legitimate owners.

On the surface this makes sense. Goods obtained with stolen wealth rightfully belong to those who the wealth was stolen from. But this raises a question, what exactly can be claimed to be owned by the state? Is it everything within the imaginary lines it has drawn on our maps? If that’s the case the principle of homesteading seems to be absent in Hoppe’s argument. Much of the land claimed by the United States government, for example, hasn’t been homesteaded, the state hasn’t mixed any labor with it. It just sits untouched.

If we were to divest the property of the United States to the people whose wealth has been stolen would we also include that untouched land? If so, why? Do states enjoy a special type of property right that allows it to just declare something its own in lieu of homesteading? If not, why is the land not open for homesteading and therefore why are open borders at odds with right-libertarianism?

Hoppe expands his argument further by asking a hypothetical question:

First off: What would immigration policies be like if the State would, as it is supposed to do, act as a trustee of the taxpayer-owners’ public property? What about immigration if the State acted like the manager of the community property jointly owned and funded by the members of a housing association or gated community?

At least in principle the answer is clear. A trustee’s guideline regarding immigration would be the “full cost” principle. That is, the immigrant or his inviting resident should pay the full cost of the immigrant’s use made of all public goods or facilities during his presence. The cost of the community property funded by resident taxpayers should not rise or its quality fall on account of the presence of immigrants. On the contrary, if possible the presence of an immigrant should yield the resident-owners a profit, either in the form of lower taxes or community-fees or a higher quality of community property (and hence all-around higher property values).

Again, this argument seems to make sense on the surface. Immigrants or the residents who invited them are expected to pay the full cost of the immigrants’ use of public goods and facilities. But it again fails to address land that hasn’t been homesteaded by either the state of its tax victims. If an immigrant decides to homestead a piece of land in the Nevada desert that hasn’t already been homesteaded the tax victims face no costs. The only way the trustee model justifies state enforced immigration controls is if it is exempted from the homesteading principle.

When I brought this up to some of my friends one of them had an interesting interpretation of what Hoppe wrote. He thought Hoppe implied that the state was only able to hold the territory it claimed by extorting wealth from the populace and therefore, under Hoppe’s argument, all of the territory should be divested amongst the tax victims. Even using this interpretation I find that the homesteading principle would have to be ignored.

It’s true that the state is only able to hold the territory it claims because it used some of the wealth it stole to create a military that can kill anybody who doesn’t acknowledge its claim. But I don’t believe that satisfies the homesteading principle because the state still didn’t mix any labor with the land.

Imagine if the United States claimed sole ownership over the moon and threatened war against any other nation that landed on it. It’s ability to make such a threat would certainly be made possible by its sizable military. However the stolen wealth was invested in creating the military, not homesteading the moon. Therefore this interpretation would be an argument for divesting military assets amongst the tax victims but not the moon itself. The same applies to the territory within the state’s borders that hasn’t been homesteaded.

At the start of the article Hoppe claims that left-libertarianism “serve as Viagra to the State.” I would argue that, if anything, his argument against open borders serves as Viagra to the state. His argument requires granting the state a special privilege to claim land without homesteading it. Right-libertarianism’s core argument against the state is that it enjoys a special privilege to legally initiate force. One of the ways it exercises that privilege is by enforcing its claims to land and resources it hasn’t homesteaded. By granting the state a special privilege you put it a step up on the hierarchy than everybody else and that is what allows it to maintain its power.

The Founding Fathers Did Use Encryption

One of the arguments that have been made for prohibiting strong encryption is that the Founding Fathers couldn’t have envisioned a world where law enforcers were unable to read communications. Why the Founding Fathers needed to be clairvoyant to justify something today is beyond me but the Electronic Frontier Foundation (EFF) had a great rebuttal to the argument. If you head over to the Library Of Congress’s website you can read about how James Madison encrypted his messages to prevent law enforcers from reading them:

As a Virginia delegate to the Continental Congress, while secretary of state, and in his personal correspondence with Thomas Jefferson, James Madison feared constantly that unauthorized people would seek to read his private and public correspondence. To deter such intrusions, he resorted to a variety of codes and ciphers.

Most of the early ciphers that Madison used were keyword polyalphabetic code systems involving a complex interaction of a keyword with alphabets and numbers in a preestablished pattern. The codes were designed by James Lovell, a Massachusetts delegate to the Continental Congress and an expert on ciphers. On July 5, 1782, Edmund Randolph wrote to James Madison: “I wish, that on future occasions of speaking of individuals we may use the cypher, which we were taught by Mr. Lovell. Let the keyword be the name of the negro boy, who used to wait on our common friend.” Madison noted at the bottom of Randolph’s letter, “Probably CUPID.” He added, “I have been in some pain from the danger incident to the cypher we now use. The enemy I am told have in some instances published their intercepted cyphers.”

What’s interesting here is that Madison not only encrypted his messages when he was in the Continental Congress but also after he became secretary of state and in his personal correspondences. He wasn’t just hiding his communications from British law enforcers but continued to hide them even after they had been replaced by United States law enforcers. That only makes sense because if you only encrypt important messages the simple fact you used encryption indicates to spies that the message is important and resources should be put into decrypting it.

Arguing that the Founding Fathers couldn’t have predicted pervasive encryption is idiotic because they themselves used it. There’s also no evidence that they provided either British or United States law enforcers with any keys to allow them to rapidly decrypt the communications if needed.

Does Anybody Do This

I’ve seen a few gun blogs posting about the Glock “Gadget” this week. Most of the posts read more like paid advertising (nothing wrong with that) than genuine reviews but they all make a claim that I’m curious about. According to the post on The Firearm Blog:

I agree with ToddG from Pistol Forum that holstering a hammered firearm is indeed safer than holstering a common striker-fired handgun. This is principally because a shooter can “ride the hammer” to ensure it cannot fall during the holstering movement.

Striker-fired guns like Glock, M&P’s, and others on the other hand can easily discharge when they are holstered improperly, either with something catching the trigger or a booger-picker not quite out of the way.

The “Gadget” adds the “hammer-riding” capability to a striker-fired pistol to make it easy for the shooter to holster the weapon and physically tell the striker is being pulled prior to a discharge. (That said, it is much easier to pull a trigger in a downward motion than it is for one to hold the striker in. It may be possible to have the gun go off and a shooter injure their thumb during the discharge).

Does anybody actually “ride their hammer?” I’ve been shooting for a long time and I have never seen anybody “ride their hammer” when holstering a hammer-fired pistol. I certainly haven’t done this. As far as I can tell this is a marketing myth created to sell a device that most people would otherwise find entirely unnecessary.

So I ask you, the greater Internet, do any of you actually “rides your hammer” when holstering a hammer-fired pistol?

Hennepin County Offers To Make Peaceful Transactions More Risky

Every day people are performing voluntary transactions, many of which are setup over trade websites like Craigslist. There have been a few horror stories arising from these arranged transactions, mostly because one party didn’t demand the transaction occur in a public place, but a vast majority occur without incident. Thanks to the media and police the handful of bad incidents have been trumped up enough to make a lot of people unnecessarily afraid of such transactions. Now that it has helped create the problem Hennepin County is claiming to have the solution:

MINNEAPOLIS (KMSP) – Ever purchased or sold an item on Craigslist and wondered if the person on the other end could kill you? To combat online purchasing crime, Hennepin County unveiled “Swap Spots,” public safe havens where members of the community can go to make a variety of transactions.

[…]

Swap Spots are only available during normal hours of operation and designated by a blue and red logo. A deputy is not required to monitor each exchange, will not facilitate the transaction, and won’t keep a log of transactions, but if you would like a deputy present, the sheriff’s office said they’ll try to accommodate you.

What could make another otherwise peaceful transactions risky? Adding armed men with liability shield and an extensive history of violence into the mix! That’s what Hennepin County is offering with these “Swap Spots.” Instead of meeting in a public place, say a busy park or a restaurant, to perform a transaction people now have the option of performing the transaction under the gaze of police officers who are likely chomping at the bit to arrest somebody for violating some esoteric law, failing to pay a tax, or any number of other possible justifications they can fabricate on the spot.

If I were going through with an online transaction the last place I would do it at is one of these “Swap Spots.” Adding government in any capacity to the free market is always dangerous. I’d far prefer performing a transaction at a restaurant where you’re not only safe but also have access to food and drink (which is always nice when doing business).