Month: March 2016

TANSTAAFL

Everything should be free is the attitude a lot of people hold towards software. If you charge $9.99 for an application you spent months writing and will spend years maintaining you’ll probably receive at least some backlash for having the audacity to charge for it. But the universal principle of TANSTAAFL, there ain’t no such thing as a free lunch, >applies even to software.

The developers of Caddy, a web server that I’ve admittedly never used, wrote an explaining why they’re asking for money. As it turns out, in spite of what many people who don’t develop software believe, creating and providing open source software involves some notable expenses:

Today you will notice an addition to the Download page: a “Payment” section. Is Caddy no longer free software?

The truth is, it never was. There’s no such thing as free software. The question is, “Who pays the price?”

In the case of Caddy, it has been the developers. The obvious problem with this is that it’s not sustainable in our economy.

[…]

In less than a year, Caddy has well over 20,000 downloads — many of which aren’t counted as the project is cloned and built locally and deployed to both development and production environments. We’ve accrued over 4,500 stars on GitHub, processed hundreds of pull requests, and have dozens of participants in our chat rooms. I can’t speak for other Caddy developers because donations are private, but thanks to very generous donors last year, our web hosting is paid (for now) and I’ve received a little over $150 for my time.

[…]

Keep in mind that commercial offerings for similar web servers cost anywhere from $80 one-time to $1900/yr. (And none of them do what Caddy does.) My text editor costs $70, even just your domain name probably costs ~$12/yr. (If you support us well enough, we’ll send you swag!)

Too many people, typically those who don’t develop software, have the attitude that all software should be free (as in price, but the ambiguity of the term free is why I refer to software with unburdened source code as open source software instead of free software). The app economy is a perfect example of this. It’s why many developers have moved towards nickel and diming customers with in-app purchases or selling a subscription service. When they tried to charge reasonable fees for their software up front people bitched. And now people are bitching because software developers are relying on in-app purchases and subscription services.

Too many people have gotten it into their heads that software should be free (again, as in price). Don’t fall into that trap. Software development incurs a lot of expenses. Time, computers, electricity, and web hosting are just a handful of things needed for software development and none of them are free.

As I said, I haven’t used Caddy. But it does seem to be popular so I’m going to assume it’s a quality product. That being the case, I do hope enough users begin paying for it to keep the developers afloat. It’s always sad to see a good software product fall into obscurity because the developers weren’t being compensated and had to abandon the project for something that actually paid the bills.

The Most Transparent Government In History

Nearly a decade ago Obama was campaigning on a platform of, amongst other things, transparency. After 9/11 the Bush administration went full Orwell (you never go full Orwell) and people were demanding change. Obama promised to deliver that change. But history repeated itself as it so often does. Like every other politician before him, Obama failed to deliver on most of the promises he made. He not only failed to deliver on his promises but he actually expanding what Bush was doing.

Decades will likely pass before we learn the full extent of the current administration’s expansions to the surveillance state. However, bits and pieces are already leaking out. A recent Freedom of Information Act (FOIA) request produced a wealth of information on how the current administration has been working to undermine FOIA requests:

The Obama administration has long called itself the most transparent administration in history. But newly released Department of Justice (DOJ) documents show that the White House has actually worked aggressively behind the scenes to scuttle congressional reforms designed to give the public better access to information possessed by the federal government.

The documents were obtained by the Freedom of the Press Foundation, a nonprofit organization that supports journalism in the public interest, which in turn shared them exclusively with VICE News. They were obtained using the Freedom of Information Act (FOIA) — the same law Congress was attempting to reform. The group sued the DOJ last December after its FOIA requests went unanswered for more than a year.

The documents confirm longstanding suspicions about the administration’s meddling, and lay bare for the first time how it worked to undermine FOIA reform bills that received overwhelming bipartisan support and were unanimously passed by both the House and Senate in 2014 — yet were never put up for a final vote.

It’s a lengthy article detailing several different ploys made by Obama’s administration in its quest to establish the most opaque government in history.

While the FOIA has revealed a great deal of the State’s dirty laundry it has always been a limited tool. When it was written a number of exemptions were included. Basically, at the judgement of the State, FOIA requests can be denied under several justifications. A FOIA request only reveals what the State is willing to reveal. However, the higher ups in the State have recognized that even with the number of exemptions put in place a lot of embarrassing information is still becoming public. That being the case, it’s not surprising to see the current administration working to add further restrictions on top of a bill that already includes numerous restrictions.

There is a lesson to be learned here. No matter what promises a politician makes up front they will almost invariably go unfulfilled if they win an election. Power seems terrible until you have it. Before becoming president I’m better Obama was being sincere in many of his promises. But when he gained the power he likely realized how good it felt. This is also why reforming the system through the voting process is doomed to fail. Even the most honest individuals can be corrupted with enough power.

Dianne Feinstein Planning To Propose Legislation To Enslave Tech Workers

Dianne Feinstein may be the Devil incarnate. Whenever there’s a glimmer of freedom slipping through the statists’ fingers she’s there to tighten the grip. Seeing Apple being allowed to fight the Federal Bureau of Investigation’s (FBI) demand to write a compromised version of iOS, Feinstein is rushing in with legislation that will punish disobedient companies:

WASHINGTON (Reuters) – Technology companies could face civil penalties for refusing to comply with court orders to help investigators access encrypted data under draft legislation nearing completion in the U.S. Senate, sources familiar with continuing discussions told Reuters on Wednesday.

The long-awaited legislation from Senators Richard Burr and Dianne Feinstein, the top Republican and Democrat on the Senate Intelligence Committee, may be introduced as soon as next week, one of the sources said.

Let’s call this proposal what it is: slavery. Under this legislation device manufacturers would be required to either perform labor when commanded or face severe punishment.

There should never be a circumstance under which you are forced to perform labor against your will. If law enforcers want to unlock a device and the manufacturer doesn’t want to help then they should be required to either do it themselves or hire somebody who wants to do it. But that’s a basic market principle and statism is the antithesis of the market.

Illustrating Cryptographic Backdoors With Mechanical Backdoors

A lot of people don’t understand the concept of cryptographic backdoors. This isn’t surprising because cryptography and security are very complex fields of study. But it does lead to a great deal of misunderstanding, especially amongst those who tend to trust what government agents say.

I’ve been asked by quite a few people why Apple doesn’t comply with the demands of the Federal Bureau of Investigations (FBI). They’ve fallen for the FBI’s claims that the compromised firmware would only be used on that single iPhone and Apple would be allowed to maintain total control over the firmware at all times. However, as Jonathan Zdziarski explained, the burden of forensic methodology would require the firmware to exchange hands several times:

Once the tool is ready, it must be tested and validated by a third party. In this case, it would be NIST/NIJ (which is where my own tools were validated). NIST has a mobile forensics testing and validation process by which Apple would need to provide a copy of the tool (which would have to work on all of their test devices) for NIST to verify.

[…]

If evidence from a device ever leads to a case in a court room, the defense attorney will (and should) request a copy of the tool to have independent third party verification performed, at which point the software will need to be made to work on another set of test devices. Apple will need to work with defense experts to instruct them on how to use the tool to provide predictable and consistent results.

If Apple creates what the FBI is demanding the firmware would almost certainly end up in the hands of NIST, the defense attorney, and another third party hired by the defense attorney to verify the firmware. As Benjamin Franklin said, “Three can keep a secret, if two of them are dead.” With the firmware exchanging so many hands it will almost certainly end up leaked to the public.

After pointing this out a common followup question is, “So what? How much damage could this firmware cause?” To illustrate this I will use an example from the physical world.

The Transportation Security Administration (TSA) worked with several lock manufacturers to create TSA recognized locks. These are special locks that TSA agents can bypass using master keys. To many this doesn’t sound bad. After all, the TSA tightly guards these master keys, right? Although I’m not familiar with the TSA’s internal policies regarding the management of their master keys I do know the key patterns were leaked to the Internet and 3D printer models were created shortly thereafter. And those models produce keys that work.

The keys were leaked, likely unintentionally, by a TSA agent posting a photograph of them online. With that single leak every TSA recognized lock was rendered entirely useless. Now anybody can obtain the keys to open any TSA recognized lock.

It only takes one person to leak a master key, either intentionally or unintentionally, to render every lock that key unlocks entirely useless. Leaking a compromised version of iOS could happen in many ways. The defendant’s attorney, who may not be well versed in proper security practices, could accidentally transfer the firmware to a third party in an unsecured manner. If that transfer is being monitored the person monitoring it would have a copy of the firmware. An employee of NIST could accidentally insert a USB drive with the firmware on it into an infected computer and unknowingly provide it to a malicious actor. Somebody working for the defendant’s third party verifier could intentionally leak a copy of the firmware. There are so many ways the firmware could make its way to the Internet that the question isn’t really a matter of if, but when.

Once the firmware is leaked to the Internet it would be available to anybody. While Apple could design the firmware to check the identity of the phone to guard against it working on any phone besides the one the FBI wants unlocked, it could be possible to spoof those identifies to make any iPhone 5C look like the one the FBI wants unlocked. It’s also possible that a method to disable a fully updated iPhone 5C’s signature verification will be found. If that happens a modified version of the compromised firmware, which would contain an invalid signature, that doesn’t check the phone’s identifiers could be installed.

The bottom line is that the mere existence of a compromised firmware, a master key if you will, puts every iPhone 5C at risk just as the existence of TSA master keys put everything secured with a TSA recognized lock at risk.

Terrorist Plots Aren’t The Only Things The FBI Makes Up

The Federal Bureau of Investigations (FBI) has a long history of creating terrorists. This practice is so prevalent that there’s a book about it. But terrorist plots aren’t the only thing the FBI makes up. The agency also likes to make up sex-trafficking rings:

In the press, it was a “wide-reaching sex-trafficking operation” run by Somali Muslim gangs who forced “girls as young as 12” to sell sex in Minnesota and Tennessee. In reality, the operation—which led to charges against 30 individuals, sex-trafficking convictions for three, and an eight year legal battle—was a fiction crafted by two troubled teenagers, a member of the FBI’s human-trafficking task force, and an array of overzealous officials. An opinion released this week by the 6th Circuit Court of Appeals shows that federal prosecuters had no evidence whatsoever to support their “child sex trafficking conspiracy” case outside the seriously flawed testimony of two teenagers, one of whom had “been diagnosed as insane and was off her medication.”

“We conclude from our careful review of the trial transcript and record that, if the prosecution proved any sex trafficking at all (and we have serious doubts that it did), then at best it proved two separate, unrelated, and dissimilar sex-trafficking conspiracies, involving different defendants, albeit with the same alleged victim, namely Jane Doe 2,” states the 6th Circuit opinion, written by judges Alice M. Batchelder, Sean F. Cox, and Helene N. White.

At some point you would think the general public would begin asking why the FBI even exists. An agency has been caught time and again fabricating crimes. So one is forced to question whether any of the crimes it has solved were actually real.

We return again to the fact that the supposed system of checks and balances is more accurately described as a circlejerk. If the legislative and judicial branches were a check and balance against the executive branch there would have been investigations into the FBI itself by now. Judges would be throwing out cases on the grounds that the FBI isn’t a credible agency. Senators would be urging their fellows to vote to dissolve the agency. The heads of the FBI would be facing charges and begging oversight committees for mercy. But none of that is happening. Instead the FBI continues to operate as a law enforcement agency and its transgressions are continuously ignored.

Facebook Trolling The United Kingdom

In general I find Facebook to be one of the creepiest surveillance corporations. But in this case I’m willing to give the company a pass. Facebook has announced that it is giving each of its United Kingdom (UK) employees a $1.1 million bonus in order to avoid paying taxes:

Facebook is to award bonuses of £280 million ($396 million) to its U.K.-based staff over the next three years in a bid to offset the amount of tax it has to pay to the U.K. Treasury.

Each employee will receive an average of £775,000 ($1.1 million), which Facebook will list as a taxable expense.

This raises an interesting question. Who will win between the statists demanding Facebook to pay more taxes or the statists demanding Facebook pay its employees more. Since the same people are often demanding both this is probably causing some severe headaches.

But that’s not all! In addition to this trolling Facebook also threw in an additional complimentary troll:

The new tax blow is all the more frustrating for the British government after data emerged recently to show that the Treasury pays more to Facebook for advertising placement than it receives in taxes from the Silicon Valley giant.

Why is the UK Treasury paying Facebook for advertising? What does a State have to advertise? It makes its services compulsory for everybody. Either way, it’s nice to see Facebook draining some wealth away from the State. While Facebook’s employees will likely have to pay income taxes on their substantial bonus the amount the UK will receive will likely be far less than if Facebook paid what was being demanded of it directly. It also sends a terrific message.

The Power Of Juries

People often talk about the supposed system of checks and balances that exists within the various levels of government in the United States. Their claim is that the judiciary keeps the legislature in check and vice versa. In reality the system of checks and balances more accurate mimics a circlejerk. If a check and balance system exists in this country it is the jury. Unfortunately too many people have fallen for the bullshit that juries must rule on the letter of the law but sometimes a jury will still recognize its power, which stems from the fact jurors cannot be punished regardless of what their ruling is, and rule against a government goon on a power trip:

Last week a West Virginia woman who stood between her dog and a state trooper intent on killing him was acquitted of obstructing an officer by a jury in Wood County. It took jurors just half an hour to acquit 23-year-old Tiffanie Hupp after they watched the video of the incident that Hupp’s husband, Ryan, shot with his cellphone.

Trooper Seth Cook came to the Hupps’ house on May 9, 2015, in response to a dispute between a neighbor and Ryan’s stepfather. There Cook encountered Buddy, a Labrador-husky mix who was chained outside the house. The dog, whom Hupp describes as “a big baby,” ran toward Cook, barking, and Cook backed up. Even though the dog had reached the end of his chain and Cook was not in any danger, he drew his pistol. “I immediately thought, ‘I don’t want him to get shot,'” Hupp, who was in the yard with her 3-year-old son, told the Charleston Gazette-Mail. The video shows her stepping in front of Cook, at which point he grabs her, throws her to the ground, picks her up, leans her against his cruiser, and handcuffs her.

Stepping in front of a homicidal cop when he’s about to get his murder fix by blasting a dog was a brave move on Tiffanie’s part. Part of me is actually surprised she got through the encounter without being shot herself.

I’m glad to see the jury acquitted her since she did nothing wrong and, in fact, saved an innocent dog’s life. It’s too bad that this officer will likely face no repercussions though. Officer Cook is obviously a dangerous man and should not be trusted with any amount of authority. He should be fired immediately less he kills a dog or kidnaps another person who was only guilty of saving an innocent life.

Brining Fascism Back To Europe

You would think Europe would have learned its lesson about fascism during World War II. Of all the nations of Europe, you would expect France to have especially learned its lesson since it suffered under the boot of Nazi Germany for quite some time. Yet, in a rather ironic twist, France is leading the way to the fascism revival on that continent:

French parliamentary deputies, defying government wishes, have voted in favour of penalising smartphone makers which fail to cooperate in terrorism inquiries, entering a controversy that has pitted the FBI against Apple in the United States.

The move came in the form of an amendment to a penal reform bill that was receiving its first reading in parliament.

Part of me appreciates France’s honesty in its pursuit of absolute power over its people. While I completely disagree with such a philosophy I do prefer an opponent who is honest about their intentions. On the other hand, an honest government is often the most terrifying kind. When the State no longer sees a need to even pay lip service to the rights of individuals it quickly begins perpetrating heinous act after heinous act.

It’ll be interesting if this bill manages to pass into law. I’m sure the French government foresees it as an effective means of compelling smartphone manufacturers to kowtow to law enforcers. But it will likely convince smartphone manufacturers to take their business elsewhere. I can’t imagine many CEOs willing to risk being kidnapped because their company’s devices used effective cryptography. Especially when there are so many other countries around the world willing to take in money making companies.

With Special Badges Comes Special Privileges

Becoming a police officer is a pretty sweet gig. You don’t need to be intelligent. In fact, being intelligent can prohibit you from becoming a police officer. It’s not an especially dangerous. And you get to enjoy special privileges:

This week, a Tarrant County judge sentenced cop watcher Kenny Lovett to 90 days in jail after a jury determined he interfered with a high-risk traffic stop in Arlington in 2015.

“It’s a safety issue first and foremost,” said Melinda Westmoreland, the assistant district attorney who prosecuted Lovett’s case.

On that day, Lovett and several other cop watchers pulled over to film Arlington police making a traffic stop.
Not long after they began filming, two officers approached them, concerned about the holsters some the cop watchers were also carrying. The exchange was caught on video.

“I need you to go back [to your vehicle] and put your weapons up if you’re armed,” the officer says in the recording. “Feel free to record after that.”

Two of cop watchers did what the officers told them to do. Lovett, who was carrying a black powder pistol, refused. He was then led away in handcuffs and charged with interfering with public duties and disorderly conduct.

When you interact with a police officer it’s OK for them to demand you to disarm but it’s not OK for you to demand they disarm. Considering the number of officers being killed is going down while the number of people being killed by cops is going up I think it would be fair to demand officers disarm when interacting with members of the public.

Power is easily abused by those who have it. By operating on a higher level than the general public law enforcement officers are in a position to abuse power. If we want to reduce power abuse by law enforcers they need to operate on the same level as the rest of us. That means they should fall under the same scrutiny when using force, being surveilled, and interacting with other individuals as every other person in society. If an officer can be armed while interacting with the general public then people keeping officers accountable by filming police interactions should be allowed to be armed as well.