Updating the Propaganda

The current administration, just like the previous administration, doesn’t like the fact that the plebs have the ability to keep secrets from it. When the previous administration pushed prohibit effective cryptography, it was met with a great deal of resistance. Hoping to avoid the same failure, the current administration is updating its propaganda. It’s not seeking to prohibit effective cryptography, it’s seeking to promote responsible cryptography:

A high-ranking Department of Justice official took aim at encryption of consumer products today, saying that encryption creates “law-free zones” and should be scaled back by Apple and other tech companies. Instead of encryption that can’t be broken, tech companies should implement “responsible encryption” that allows law enforcement to access data, he said.

“Warrant-proof encryption defeats the constitutional balance by elevating privacy above public safety,” Deputy Attorney General Rod Rosenstein said in a speech at the US Naval Academy today (transcript). “Encrypted communications that cannot be intercepted and locked devices that cannot be opened are law-free zones that permit criminals and terrorists to operate without detection by police and without accountability by judges and juries.”

Encrypted communications that cannot be intercepted and locked devices that cannot be opened are law-free zones? He just made effective cryptography sound even more awesome!

Once again this administration is telling the plebs that they have no right to privacy, which tends to go over about as well as a lead balloon with the plebs. Moreover, this recommendation is one way. Notice how under these proposals the plebs aren’t allowed to have any privacy from the government but the government gets to maintain its privacy from the plebs by having legal access to effective cryptography? If the United States government is supposed to be accountable to the people, then by the government’s logic the people should have a means of breaking the government’s encryption as well.

There are two facts about the United States of America. Anybody can sue anybody else for any reason and high ranking officials can make any demands they want. Just as many lawsuits get tossed out due to lack of merit, many demands from high ranking officials are technically impossible. “Responsible encryption,” to use the euphemism, is not technically possible. Encryption is either effective or ineffective. If there is an intentional weakness added to an encryption algorithm then it will be exploited by unintended actors, not just intended actors.

Political Favors for Favored Businesses

In celebration of the country’s favorite annual religious festival being held in Minneapolis this year, the Minneapolis City Council has announce that it will magnanimously allow bars to stay open until 4AM between February 2nd and 4th. But not every bar. Only those close enough to the Temple of Football:

Last week, Minneapolis City Council approved a resolution that will let bars near U.S. Bank Stadium stay open until 4 a.m. for the weekend of the Super Bowl, February 2–4.

The good news is, the chaos will probably be confined to downtown. As GoMN notes, only bars within the “designated area” can apply for the honor of serving the beer-pounding, pigskin-loving, out-of-town masses until the wee hours of the morning — meaning no, you won’t be able to meet up for super late drinks at the CC Club. Bars will also need to pony up a $250 fee for the special permit. (Gee, wonder if that will pay for itself.)

Excellent news for the bars who are fortunate enough to be situated next to The People’s Stadium but not so good news for every other bar.

Why shouldn’t bars elsewhere in the city also be allowed to stay up until 4AM during the Super Bowl? Better yet, why should any restrictions be placed on how late a bar can stay open? Why can’t bar owners decide for themselves how late they’ll keep their establishments open? And why are these special privileges only bestowed when the city will be packed with people from out of town (because, let’s face it, the Vikings aren’t going to be playing in the Super Bowl)? Are the people living in Minneapolis not good enough to deserve these special privileges?

Catalonia Declared Independence

Yesterday the region of Catalonia declared its independence from Spain:

BARCELONA (Reuters) – Catalan leader Carles Puigdemont and other regional politicians signed a document declaring Catalonia’s independence from Spain, but it was unclear if the document would have any legal value.

“Catalonia restores today its full sovereignty,” says the document, called “declaration of the representatives of Catalonia.”

“We call on all states and international organizations to recognize the Catalan republic as an independent and sovereign state. We call on the Catalan government to take all necessary measures to make possible and fully effective this declaration of independence and the measures contained in the transition law that founds the republic.”

I’m amused by the article noting that it’s unclear if the document has any legal value. Legal value to who? If the question is in regards to Spain, then the document has no legal value because as far as Spain is concerned it is illegal for any territory within its realm to leave. If the question is in regards to Catalonia, then the document has legal value because the Catalans believe that they have a right to secede from Spain.

The actual question of importance is, what will Spain’s response be? Spain must decide to either recognize Catalonia’s independence (officially or unofficially) or forcefully prevent Catalonia from operating independently. If Spain chooses the former, Catalonia becomes independent regardless of legality. If Spain chooses the latter, there very well could be a civil war.

The Sorry State of Electronic Voting Machine Security

A lot of people from different backgrounds have expressed concerns about the integrity of electronic voting machines. It turns out that those concerns were entirely valid:

It’s no secret that it’s possible to hack voting systems. But how easy is it, really? Entirely too easy, if you ask researchers at this year’s DefCon. They’ve posted a report detailing how voting machines from numerous vendors held up at the security conference, and… it’s not good. Every device in DefCon’s “Voting Machine Hacking Village” was compromised in some way, whether it was by exploiting network vulnerabilities or simple physical access.

Multiple systems ran on ancient software (the Sequoia AVC Edge uses an operating system from 1989) with few if any checks to make sure they were running legitimate code. Meanwhile, unprotected USB ports and other physical vulnerabilities were a common sight — a conference hacker reckoned that it would take just 15 seconds of hands-on time to wreak havoc with a keyboard and a USB stick. And whether or not researchers had direct access, they didn’t need any familiarity with the voting systems to discover hacks within hours, if not “tens of minutes.”

Just put those voting machines in the cloud! Everything is magically fixed when it’s put in the cloud!

Anonymous ballots are notoriously difficult to secure but it’s obvious that the current crop of electronic voting machines were developed by companies that have no interest whatsoever in even attempting to address that problem. Many of the issues mentioned in the report are what I would call amateur hour mistakes. There is no reason why these machines should have any unprotected ports on them. Moreover, there is no reason why the software running on these machines isn’t up to date. And the machines should certainly be able to verify the code they’re running. If the electronic voting machine developers don’t understand how code signing works, they should contact Apple since the signature of every piece of code that runs on iOS is verified.

And therein lies the insult to injury. The types of security exploits used to compromise the sample voting machines weren’t new or novel. They were exploits that have been known about and addressed for years. A cynical person might believe that the companies making these voting machines are just trying to make a quick buck off of a government contract and not interested in delivering a quality product. A cynical man might even feel the need to point out that this type of behavior is common because the government seldom holds itself or contractors accountable.

Why Government Licensing is a Bad Idea

Everybody seems to be a fan of government licensing until a politician they don’t like abuses it or threatens to abuse it. Donald Trump became upset with NBC because it reported that he said that he wanted a tenfold increase in nuclear weaponry. I wasn’t at the meeting so I can’t say one way or another whether he said that. However, in response to the report, Trump threatened to bring the weight of federal regulations down on NBC:

WASHINGTON — President Trump threatened on Wednesday to use the federal government’s power to license television airwaves to target NBC in response to a report by the network’s news division that he contemplated a dramatic increase in the nation’s nuclear arsenal.

In a story aired and posted online Wednesday morning, NBC reported that Mr. Trump said during a meeting in July that he wanted what amounted to a nearly tenfold increase in the nation’s nuclear weapons stockpile, stunning some members of his national security team. It was after this meeting that Secretary of State Rex W. Tillerson reportedly said Mr. Trump was a “moron.”

Mr. Trump objected to the report in a series of Twitter messages over the course of the day and threatened to use the authority of the federal government to retaliate.

Libel and slander are usually dealt with in court. Normally if somebody believes that they have grounds to retaliate over what somebody else said or wrote, the courts would be the place where they would take their case. But most of us aren’t high ranking members of the State. Those that are have access to other forms of retaliation that doesn’t involve potential roadblocks like juries. One such form of retaliation is licensing. If you’re involved in a business that is required to be licensed by a governmental body, pissing off any petty bureaucrat could result in your licensed being revoked without so much as a bench trial.

I’ve seen a lot of self-declared leftists decry Trump’s threat. A few of them have even recognized that this form of licensing can allow the government to violate the First Amendment. Unfortunately, I expect this recognition to disappear once one of their guys is in power again. At that point self-declared rightists will again recognize the dangers of government licensing and the cycle will continue. Until enough people can recognize the dangers of government licensing for longer than their opponent is in power we’ll never see this practice dismissed.

Everything is a Big Ol’ Conspiracy

Can anything occur this day and age without people claiming that it’s part of a conspiracy? Almost immediately after the shooting in Las Vegas, before any investigation had a chance to even begin, people were claiming that the event was part of some conspiracy. As with most conspiracy theories, this conspiracy theory is based on spurious evidence. So far the dumbest “evidence” that “doesn’t add up” is news that the shooter used the freight elevator at Mandalay Bay:

Law enforcement sources told CBS News that Las Vegas shooter Stephen Paddock is believed to have used the freight elevator at the Mandalay Bay hotel casino in the days leading up to last week’s deadly attack.

It wasn’t clear what Paddock used the freight elevator for or how often he used it.

How could the shooter have accessed a restricted freight elevator without help from the inside? Obviously this is proof that he had help!

Anybody who claims that doesn’t realize just how poor building security generally is. I’ve used freight elevators on numerous occasions, including in casinos, without authorization. They’re usually “hidden” behind a nondescript door or one with a sign that says “Employees Only.” In almost every case the door is unlocked and the elevator lacks any form of access control. If the owners of the building are really concerned about security, there might be cameras that aren’t monitored by anybody facing the freight elevator doors although even that’s pretty rare.

Another way of gaining access to a freight elevator is to ask the person working at the front desk if you can use it to haul up a bunch of luggage. As it turns out, the person at the front desk who is tasked with making the customer happy will often let you use the freight elevator if it makes you happy. Humans are often wonderfully helpful creatures.

So I’m sorry to report that using a freight elevator isn’t evidence that “doesn’t add up.” It adds ups quite cleanly. Although I suspect that access control on freight elevators will become more common now that this information has been released.

The End of Everything Good and Holy

It seems like every generation is destined to disparage the next generation. This is nothing new. Even the elderly Romans complained about how an easy life has made their successor soft. In the most recent entry of the new generation sucking we have an article wondering if smartphones have destroyed a generation:

Around 2012, I noticed abrupt shifts in teen behaviors and emotional states. The gentle slopes of the line graphs became steep mountains and sheer cliffs, and many of the distinctive characteristics of the Millennial generation began to disappear. In all my analyses of generational data—some reaching back to the 1930s—I had never seen anything like it.
The allure of independence, so powerful to previous generations, holds less sway over today’s teens.

[…]

What happened in 2012 to cause such dramatic shifts in behavior? It was after the Great Recession, which officially lasted from 2007 to 2009 and had a starker effect on Millennials trying to find a place in a sputtering economy. But it was exactly the moment when the proportion of Americans who owned a smartphone surpassed 50 percent.

The more I pored over yearly surveys of teen attitudes and behaviors, and the more I talked with young people like Athena, the clearer it became that theirs is a generation shaped by the smartphone and by the concomitant rise of social media. I call them iGen. Born between 1995 and 2012, members of this generation are growing up with smartphones, have an Instagram account before they start high school, and do not remember a time before the internet. The Millennials grew up with the web as well, but it wasn’t ever-present in their lives, at hand at all times, day and night. iGen’s oldest members were early adolescents when the iPhone was introduced, in 2007, and high-school students when the iPad entered the scene, in 2010. A 2017 survey of more than 5,000 American teens found that three out of four owned an iPhone.

Do you know what destroyed a generation? The printing press! When books stopped being written by hand by monks in monasteries, they become cheaper and more readily available. This lead to more people reading more frequently, which cause them to pass less attention to their social obligations.

That’s the same argument except it would have, and probably did, taken place in the 1440s.

Just as every generation is destined to disparage the next generation, every technological advancement that makes its way into the hands of consumers is destined to be accused of destroying the next generation. Television, video games, and computers were all accused of destroying a generation in recent times. The first generations the grew up with those technologies turned out fine just as the new generation will end up turning out fine. Adoption of new technologies are always disruptive to a point but it seems like humanity has a knack for discovering, rather rapidly, the positives and negative aspects and adopting the former while discarding or working around the latter. As today’s teenagers develop they too will discover the positives and negatives of smartphones and adjust themselves accordingly. Then they’ll be at an age where they can disparage their successors and whatever new technology is being adopted by them at the time.

Learning Lessons the Hard Way

My view of politics is bleak. I don’t believe voting is capable of bringing about meaningful change nor do I believe that the system can be changed from the inside even if decent people are elected to offices. No matter how often I point out the redundancies that prevent meaningful change from occurring within the State, people continue to argue that we (by which I assume they mean the royal we) have to keep trying. Perhaps those individuals, like this individual, will someday get a job within the State and learn the lesson the hard way:

This summer I got to see how Illinois government works from the inside when I accepted a high-level position at the governor’s office.

A lot of people have asked why I took the role, considering I have spent the bulk of my career railing against the government.

It came down to this: If I declined the job, I’d watch Illinois’ problems go unfixed and wonder if I could have made a difference. Or, I could enter the nucleus of state government and attempt to change the system from within.

[…]

The experience was eye-opening, but after six weeks I decided to leave the position. It was a dysfunctional workplace in a flailing administration. The bad I saw far outweighed any good I could do.

But perhaps worst of all is that I learned early on that there would be no fixing the system from within, especially from my role; this is a state government that has been broken for decades. It is designed to reject improvement in every form, at every level.

Then again they, like most people who enter government, might realize how awesome it is to receive a paycheck for doing nothing meaningful and forget all about their plan to change the system from within. But I digress.

The article is a great read and, although it’s discusses the Illinois government, the issues it brings up apply to any governmental body (or any bureaucracy in general). Promotions aren’t based on merit but on seniority and connections. Since promotions aren’t based on merit, apathy is rampant. Tradition rules. “We’ve always done it this way,” is considered a valid argument for doing something in governmental bodies. The combination of apathy and tradition dictating direction is a recipe for failure. Just ask any number of companies that failed due to apathetic employees pursing the things the company has always done.

Every single member of government is an interchangeable cog in a complex machine. Even an office as powerful as the presidency of the United States of America is unable to bring about any meaningful change, regardless of how much people believe otherwise, because the other cogs don’t want to shake up what they perceive to be a pretty good thing (being a government official is a pretty cushy job).

Something You Don’t See Everyday

Here’s something you don’t see everyday:

A jury on Monday found a former Minneapolis police officer guilty of a felony for kicking a man in the face during a domestic violence call.

Christopher Reiter was found guilty of third-degree assault for severely injuring a domestic assault suspect in May 2016 while the suspect was on his hands and knees, causing a brain injury.

A law enforcer was actually found guilty for using excessive force. Talk about an isolated incident!

I’m not sure if this decision is the beginning of a change in the culture where law enforcers are no longer seen are heroes but as the regular, fallible human being they are. It seems like there has been a slow shift in that direction, especially with all of the videos of cops behaving badly becoming available. Then again, this decision could also be a fluke. The cynic in me says that this decision was a fluke while the optimist in me hopes that this is the beginning of a shift in the culture.

Put It in the Cloud, They Said. It’ll Be Fun, They Said.

Not only do you not own devices that are dependent on online services but those devices are also more vulnerable to unauthorized remote access. If your Internet connected devices aren’t secure, they can be accessed by unauthorized third parties, which can make for an awkward time when said device is capable of playing audio:

That suave chat is a translation of what webcam owner and shocked F-bomb flinger Rilana Hamer, of the Netherlands, related in a 1 October Facebook post.

Hamer says that a month or two ago, she picked up a Wi-Fi enabled camera to keep an eye on the house. Most particularly, to keep an eye on her puppy, who has a penchant for turning everything upside down. She bought the device at Action—a local discount-chain store that mostly sells low-budget convenience utilities.

Hamer’s experience isn’t unusual. In fact, there’s a website dedicated to providing remote feeds to insecure video cameras. Internet of Things (IoT) manufacturers have a pretty dismal record when it comes to security and few have shown any notable effort to improve that record. While the ramifications of this lack of security awareness aren’t immediately obvious for many IoT devices, they are obvious when it comes to devices that allow unauthorized third-parties to interact with you.