Author: Christopher Burg

Overcooking the Numbers

A lot of journalists rely on numbers reported by government agencies for research. When it comes to government reported numbers I tended to follow the advice of George Carlin who said, “I have certain rules I live by. My first rule: I don’t believe anything the government tells me.” This advice has proven its value time and again because the government has a tendency to make shit up. Take the Center for Disease Control (CDC). The agency has been cooking the numbers when it comes to gun violence. In fact the agency has overcooked the numbers so thoroughly that even anti-gun organizations like The Trace, which should be happily gobbling up the fallacious numbers, had to call bullshit:

But the gun injury estimate is one of several categories of CDC data flagged with an asterisk indicating that, according to the agency’s own standards, it should be treated as “unstable and potentially unreliable.” In fact, the agency’s 2016 estimate of gun injuries is more uncertain than nearly every other type of injury it tracks. Even its estimates of BB gun injuries are more reliable than its calculations for the number of Americans wounded by actual guns.

An analysis performed by FiveThirtyEight and The Trace, a nonprofit news organization covering gun violence in America, found that the CDC’s report of a steady increase in nonfatal gun injuries is out of step with a downward trend we found using data from multiple independent public health and criminal justice databases. That casts doubt on the CDC’s figures and the narrative suggested by the way those numbers have changed over time.

This isn’t unprecedented behavior. The CDC has lied about gun violence statistics before.

In addition to not believing anything the government tells me, I’m also automatically skeptical of statistics. Statistics in of itself isn’t bad. There are a lot of great uses for statistics. However, statistics can be easily manipulated to show a desired result and more often than not it seems that people reporting statistics are reporting numbers that were specifically crafted to show the outcome that they desired.

Living in a Surveillance State

People often argue about whether Brave New World or Nineteen Eighty-Four more accurately predicted our current predicament. I tend to believe that both books predicted different aspects of the present. Governments have certainly invested heavily in dumbing down and distracting the population in order to make them more docile and therefore easier to rule. But they have also invested heavily in ensuring that they can watch everything you do wherever you go:

The next time you drive past one of those road signs with a digital readout showing how fast you’re going, don’t simply assume it’s there to remind you not to speed. It may actually be capturing your license plate data.

According to recently released US federal contracting data, the Drug Enforcement Administration will be expanding the footprint of its nationwide surveillance network with the purchase of “multiple” trailer-mounted speed displays “to be retrofitted as mobile LPR [License Plate Reader] platforms.” The DEA is buying them from RU2 Systems Inc., a private Mesa, Arizona company. How much it’s spending on the signs has been redacted.

This is why I laugh at people who leave their cellphone at home when they “don’t want to be tracked.” If you drive your vehicle somewhere, there’s an ever increasing chance that the license plate will be recorded by a government scanner. If you take public transit, there’s an almost guaranteed chance that your face will be caught on a surveillance cameras inside of the vehicle (and an ever increasing chance that facial recognition software will automatically identify you). If you walk, you’ll likely be recorded on any number of private and public surveillance cameras (which, again, are more and more being tied to facial recognition software to automatically identify you).

Everything has pros and cons. One of the cons of technology becoming more powerful and cheaper is that surveillance technology has become more powerful and cheaper. Tracking an individual, especially in metropolitan areas, is trivial. Fortunately, surveillance is a cat and mouse game. One of the pros of technology becoming more powerful and cheaper is that countersurveillance technology is becoming more powerful and cheaper.

The Power of Not Voting

People like to talk about the power of voting but few bother to mention the power of not voting:

BUCHAREST (Reuters) – A referendum to change Romania’s constitution to prevent same sex couples from securing the right to marry failed to draw enough voters to validate the result on Sunday, after a campaign that led to a rise in hate speech against the gay community.

[…]

Dozens of human rights groups had said a successful referendum would embolden further attempts to chip away at the rights of minority groups and push Romania onto a populist, authoritarian track.

They have encouraged people to boycott the ballot, with several companies and popular musicians and artists following. A library chain even offered a book discount over the weekend for those who wanted to stay in and read rather than vote.

If voter turnout had been higher, the referendum may have passed. Since not enough people bothered to show up to validate the results, the referendum couldn’t pass.

Governments that describe themselves as democratic prefer to make it appear as though their power is endorse by “the people.” That means that they like to see high voter turnout. If a vast majority of people go to the polls during an election, a government can argue that it enjoys the endorsement of the majority of “the people.” If almost nobody shows up during an election, a government has a much tougher time making that claim.

Your Password, Please

Since I live in the United States, I spend most of my time lambasting its government’s infringements on privacy. But the United States doesn’t have a monopoly on violating individuals’ privacy. Every government has an interesting in violating rights. The hot privacy violation at the moment is demanding access to cell phones. Cell phones are becoming more integrated into our daily lives every day, which makes them a treasure trove of personal information. Here in the United States the government has made several efforts to force cell phone manufacturers to include a backdoor it can access. New Zealand has taken a different approach. If you don’t hand over your password to law enforcers, you will be fined:

New Zealand privacy activists have raised concerns over a new law that imposes a fine of up to NZ$5,000 (more than $3,200) for travelers—citizens and foreigners alike—who decline to unlock their digital devices when entering the country. (Presumably your phone would be seized anyway if it came to that.)

The Southern Pacific nation is believed to be the first in the world to impose such a law.

As a general rule, especially when crossing borders, it’s best to travel with clean devices and access whatever information you need remotely when you arrive at your destination. For example, instead of storing contract information on your cell phone when traveling, you might consider have your contract information on a remotely accessible server. When you get to your destination, you can log into the server and grab the phone numbers you need when you need them. When you’re ready to leave the country, you can factory reset your phone so your call log is erased.

Such a plan isn’t bulletproof. A factory reset phone is suspicious in of itself. Unfortunately there are no silver bullets. Every defensive measure has a list of pros and cons. You have to decide which set of pros and cons best fit your situation.

The Difficulty of Classifying People

It must be difficult being a collectivist. Their philosophy requires that 7 billion unique individuals fit neatly into a handful of boxes. Is an individual male or female? Is an individual a proletariat or a bourgeois? Is an individual black or white? These questions often seem straight forward but then you run into intersex individuals, workers who also own a stake in means of production, and individuals with white skin who have black ancestry:

In 2010, Taylor took an AncestryByDNA test, he said, “just to confirm what we’d already known.” The results said that he was 90 percent European and 6 percent indigenous American, as well as 4 percent sub-Saharan African.

[…]

Still, the results were enough for Taylor to update his birth certificate last November: It now says that he is black, Native American and Caucasian.

Taylor acknowledges that he looks white. But despite being “visually Caucasian,” as he puts it, he considers himself to be multiracial.

“I’m a certified black man,” he told The Post. “I’m certified black in all 50 states. But the federal government doesn’t recognize me.”

What qualifies an individual as being black? This is a question collectivists have to wrestle with. Is it based on ancestry? Is it based solely on skin color? Is there a minimum DNA threshold? Is so, what is that threshold and what is the justification for setting it there?

Every historical attempt to categorize individuals into a handful of tidy boxes has failed. It turns out that a species with 7 billion individuals is rather complex and contains a lot of variety.

I Want to Alter the Deal

The Witcher series of games have been phenomenally successful. In fact their success has overshadowed the books that they were based on. Unfortunately for the author, he made a bad deal and now wants to alter the deal:

“I was stupid enough to sell them rights to the whole bunch,” Sapkowski said at the time. “They offered me a percentage of their profits. I said, ‘No, there will be no profit at all — give me all my money right now! The whole amount.’ It was stupid. I was stupid enough to leave everything in their hands because I didn’t believe in their success. But who could foresee their success? I couldn’t.”

Sapkowski has now made a public demand for six percent of the profits obtained for the lifetime of the franchise, which adds up to more than $16 million for The Witcher 3: Wild Hunt alone.

I especially enjoy how he admits that he was initially offered a percentage of the profits and turned the offer down because he didn’t believe that the project would be successful. So even he’s admitting that his failure to capitalized on his novels was entirely his fault.

Higher risks generally come with greater rewards, which makes sense since there needs to be a justification for taking a risk. Sapkowski played it safe and took the low risk/low reward option. Generally speaking, if you can bear the brunt of losing out on a high risk/high reward situation, take it. Sapkowski had income from his books so he may have been able to bear the brunt of not receiving any money on the series if it flopped. If you ever find yourself in a similar position, give the high risk option some serious thought.

Making Security Illegal

A recent court ruling has potentially made secure devices and effective security services illegal:

The Canadian executive of a 10-year-old company that marketed its purportedly secure BlackBerry services to thousands of criminals (who paid at least $4,000 per year, per device) has pleaded guilty to a racketeering conspiracy charge, federal prosecutors in San Diego said Tuesday.

[…]

As the Department of Justice said in a Tuesday statement:

To keep the communications out of the reach of law enforcement, Ramos and others maintained Phantom Secure servers in Panama and Hong Kong, used virtual proxy servers to disguise the physical location of its servers, and remotely deleted or “wiped” devices seized by law enforcement. Ramos and his co-conspirators required a personal reference from an existing client to obtain a Phantom Secure device. And Ramos used digital currencies, including Bitcoin, to facilitate financial transactions for Phantom Secure to protect users’ anonymity and launder proceeds from Phantom Secure. Ramos admitted that at least 450 kilograms of cocaine were distributed using Phantom Secure devices.

[…]

At the time of his arrest, the Department of Justice said that the Ramos case was the “first time the U.S. government has targeted a company and its leaders for assisting a criminal organization by providing them with technology to ‘go dark,’ or evade law enforcement’s detection of their crimes.”

From what I could ascertain, the reason Vincent Ramos was arrested, charged, and declared guilty was because he offered a device and service that allowed his customers to actually remain anonymous. This is what most Virtual Private Network (VPN) providers, I2P, Tor, and other anonymity services offer so will one of them be the next Department of Justice target?

I’m going to take this opportunity to go on a related tangent. Ramos was charged because his devices and service were being used by other people to facilitate illegal activities such as selling cocaine. Ramos himself wasn’t, as far as I can tell, performing those illegal activities. Since the illegal actions in this case weren’t performed by Ramos, why was he charged with anything? Because the illegal activities being performed with his devices and service were related to the drug war and the drug war has served as the United States government’s excuse to go after anybody it doesn’t like.

Anything that can be tacitly tied to the drug war can be punished. If an officer doesn’t like you, they can claim that the cash you have on hand is evidence that you are participating in drug crimes and use civil forfeiture to seize your stuff. If your roommate is dealing drugs without your knowledge, prosecutors can claim that you actually do have knowledge and charge you with a plethora of crimes. If you offer a product that anonymizes users, prosecutors can charge you for aiding drug dealers. All of the supposed civil rights you enjoy suddenly go out the window when the word drugs is involved.

All Data Is for Sale

What happens when a website that sells your personal information asks you to input your phone number to enable two-factor authentication? Your phone number is sold to advertisers:

Facebook is not content to use the contact information you willingly put into your Facebook profile for advertising. It is also using contact information you handed over for security purposes and contact information you didn’t hand over at all, but that was collected from other people’s contact books, a hidden layer of details Facebook has about you that I’ve come to call “shadow contact information.” I managed to place an ad in front of Alan Mislove by targeting his shadow profile. This means that the junk email address that you hand over for discounts or for shady online shopping is likely associated with your account and being used to target you with ads.

There really is no reason for a website to require a phone number to enable two-factor authentication. Short Message Service (SMS) is not a secure protocol so utilizing it for two-factor authentication, which many websites sadly do, is not a good idea. Moreover, as this study has demonstrated, handing over your phone number just gives the service provider another piece of information about you to sell.

Instead of SMS-based two-factor authentication websites should at a minimum offer two-factor authentication that utilizes apps that use Time-based One-time Password Algorithm (TOTP) or HMAC-based One-time Password Algorithm (HOTP) like Authy and Google Authenticator. Better yet websites should offer two-factor authentication that utilizes hardware tokens like YubiKeys.