News You Need to Know – Page 45

Anatomy Of A Scam

Kickstarter is used to get some really cool projects off of the ground but it’s also packed with half-baked ideas and outright scams. What I present here is a case of the latter. Meet the first encryption software engineered to defeat hacking programs, granting impenetrable data protection, and cloud storage (their words, not mine).

I’m not even sure where to start with this one so I guess I’ll start with the most obvious red flag, impenetrable anti-hacking software. Before starting this Kickstarter I assume the team worked on a unicorn ranch because they apparently have a knack for delivering the impossible. And if designing impenetrable software is possible it certainly isn’t going to be done by this team. Pulling off such a feat would require a great deal of technical knowledge and this team doesn’t appear to have that as I will demonstrate. Let’s begin with their statement regarding the Advanced Encryption Standard (AES):

AES Hacking Solutions are readily available for sale on dark web.

In the late 1990’s, AES, while under ‘well-intentioned’ government oversight, somehow, a ‘back-door’ found its way into this ‘approved’ data security solution, — as has been widely reported. The unintended consequences of this back-door allows for complete access to your data, without your permission, to data monitoring, data-mining and active eavesdropping. Effectively, voiding your right to privacy and confidently. So common is this practice it has a name: Active Snooping.

There are known attacks against AES but none of them are practical. But the elite team of entrepreneurs (I’ll get to that in a bit) supposedly know of a backdoor. In fact this backdoor has supposedly been widely reported! Yet I’ve never heard of it, which I find odd because I follow the publications of quite a few computer security experts. I guess everybody from Bruce Schneier to Dan Kaminsky just missed that piece of news as well as this piece:

SSL is a Myth. Cybercriminals know about these flaws and back-door. They are stealing, compromising, and profiting from your data everyday.

SSL is a myth? Huh. As somebody who has spent many hours configuring it I would beg to differ. SSL, more accurately TLS, is a very real thing. It’s also secure so long as it’s configured correctly. Speaking of myths, or more accurately fiction:

You don’t have to be 007 to Use the DataGateKeeper Encryption Software…

I’m glad they mentioned 007 because this page reads like the “hacking” Q did in Skyfall. That is to say it’s nonsensical and entirely fictitious. Q gets a pass though because he’s a fictional character in a fictional universe where anything is possible. Even something as infeasible as a Walther PPK feeding reliably can happen in the James Bond’s universe.

Earlier I questioned DataGateKeeper’s team’s technical knowledge. This isn’t because they posted an incorrect minor detail about a complex mathematical factoid. It’s because they can’t even get basic units of measure correct:

So. Many. Kilobits! Even if you’re only marginally aware of AES you’ve probably seen a mention of a 128-bit and a 256-bit mode. A kilobit is 1,000 bits so according to this chart DataGateKeeper has 512,000-bit encryption whereas services such as Dropbox and OneDrive lack even 128,000-bit AES encryption. Well that’s a no brainer since 128,000-bit AES doesn’t exist. Even if it did no consumer computer would have the processing power to use it. This chart should have added a row for unicorns. None of the competing services offer unicorns and I wouldn’t put it past the DataGateKeeper team to claim they offer unicorns.

Regardless of feasibility, DataGateKeeper is offering all of the kilobits:

512kb Civilian – 50 Years of protection. Available on Kickstarter.

768kb First Responders, Police, Retired & Active Duty Military – 73 years of protection. Donation of your choice.

1024kb – Enterprise & SMB

That’s a lot of kilobits! But wait… now I’m confused. Earlier on the page it said:

MyDataAngel.com provides Impenetrable Civilian Data Protection plans beginning at 512-bit encryption.

So which is it? 512-bits or 512-kilobits? There’s literally a multiple of 1,000 difference. I’m sure that will be clarified at a future data. What we do know is that whatever algorithm they’re using is 6,000,000 times stronger than current data security:

We created a cipher that is 6,000,000 times stronger than current data security, as proven by algorithmic mathematics.

See? They proved it with algorithmic mathematics! That’s, like, the best kind of mathematics!

So how does this miraculous algorithm work? Who knows. The Kickstarter page, not surprisingly, doesn’t include any technical details. Okay, it does include a gif image with a calculator and some math-like stuff. It doesn’t actually explain anything but it’s there.

After reading this Kickstarter page you’re left with the feeling that it was written by marketing people who have no knowledge about cryptography. Even the most basic of information is either wrong or nonsensical. It’s almost as if there are no cryptographers involved with this project. In fact, that may be exactly what the problem is:

Our management team is uniquely qualified to implement our plan of operations, with a combined 75+ years of entrepreneurial experience, at all levels of corporate gestation, from rank start-up through to publicly traded entities. Our experience spans multiple sectors, from entertainment and manufacturing to healthcare and technology. The management team resume includes names such as: PepsiCo, Colgate-Palmolive, Paramount Studios and Merv Griffin Productions. Our President and co-founder, Debra Towsley, oversaw the marketing plan for Universal Studio’s $1.5 billion theme park expansion, Islands of Adventure®, as VP of Marketing. Our Chief Strategy Officer, Frank Ruppen, graduated from Harvard Business School, and cut his teeth as the brand manager for Proctor & Gamble, before accepting positions at McKinsey & Co., Sterling Brands, and Consumer Dynamics; he relocated to work in cities like: Sydney, Caracas and Tokyo. Raymond Talarico, our CEO, has been involved in multiple roll-ups and consolidations. He is credited as having developed companies from a one-sentence mission statement in MEDirect Latino to publicly traded entities with market caps exceeding $160M. The youngest member of our team, Joshua Noel (21), is the Creative Director who is a literal ‘Jack of All Trades’ when it comes to content creation. Yes, they do exist. His talent is on display here in the videos, as well as the vlogs, the overall design of our branding, and iconization.

They have people experienced in entrepreneurship but not a single mention of a cryptographer anywhere on the page is made. That pretty much tells us everything we need to know and explains why this page reads like a marketing person was tasked with writing a sales pitch on a cryptographic service but wasn’t given access to anybody knowledgeable in cryptography to verify any of the claims.

This is what a scam looks like. The product being offered is not only impossible but the entire writeup makes no sense within the framework of the market they’re aiming at. Scam might not even be the correct word for this. I would hope a scam artist would put some effort into making their scam at least appear somewhat believable. The people involved in this page didn’t even accomplish that much! DataGateKeeper’s team are scam artists who couldn’t even create a convincing scam. They’re basically failures who failed at failing.

At this point, when social media backlash destroys any chance of this Kickstarter getting funded, I’m expecting them to claim that this was all an elaborate troll. It really is their only option.

Drug Abuse Cannot Be Fixed Through Legislation

Every year we’re told about the hot new legal drug that people are abusing. Shortly afterward we’re told about the hot new legislation that is supposed to curtail the abuse. Nobody seems to recognize the pattern though. This year the new drug being abused appears to be Imodium:

They call it the poor man’s methadone.

The epidemic of opioid addiction sweeping the country has led to another form of drug abuse that few experts saw coming: Addicts who cannot lay hands on painkillers are instead turning to Imodium and other anti-diarrhea medications.

The active ingredient, loperamide, offers a cheap high if it is consumed in extraordinary amounts. But in addition to being uncomfortably constipating, it can be toxic, even deadly, to the heart.

Now we just need to wait for the legislation that orders Imodium to be treated the same way as all drugs containing pseudoephedrine.

The cycle of abuse and legislation is counterintuitive. At first glance it seems sensible to restrict access to drugs people abuse. But looking at the cycle with a critical eye reveals a major problem: when one drug is restricted addicts find a substitute.

Restricting opioids didn’t stop addicts from being addicts. It merely pushed them to abuse Imodium instead just as restricting heroine lead to the substitute of easier to produce krokodil. Addiction is a medical issue. It cannot be legislated away. So long as politicians continue to treat addiction as a legal issue addicts will be pushed into finding, often more dangerous, substitutes.

Everybody Is Sick Of The TSA

This week I had to fly to another state for work. Unfortunately, that meant having to submit myself to the jack booted thugs at the Transportation Security Administration (TSA). The Minneapolis-Saint Paul International Airport (MSP) has been in the news as of late for having even more miserable security lines than other airports. This is due to the airport closing all but three of the security lines (the airport use to have more open gates but for reasons unknown — that totally have nothing at all to do with the TSA wanting flyers to buy its PreCheck scam — it closed all but three of them).

My flight was very early in the morning so I actually got through security in about half an hour. I didn’t even have to opt out of the slave scanner since they only ran me through the metal detector. In fact I didn’t even have to pull out my liquids, laptop, or remove my shoes. The goons working the airport were actually being reasonable for once.

Returning to the Twin Cities wasn’t as nice. The TSA goons there wanted me to go through the slave scanner so I had to waste time opting out and getting sexually assaulted. They also pulled my carryon off of the scanner, dug through it, and swabbed everything in it (I didn’t win an unlucky drawing, they were doing this to almost every piece of luggage). All in all I probably spent forty five minutes going through security.

The TSA is the epitome is government idiocy. It’s cumbersome, doesn’t fulfill its purpose, and inconsistent. I think the inconsistency is the most annoying part. When I go through security I’m not sure whether I’ll have to take off my shoes, belt, and wristwatch or be barked at for doing so. Will I have to remove the liquids from my bag? Will I have to pull my laptop out of its bag? I have no idea because the TSA agents seem to make up the rules on the spot. This means the lines end up being even longer because people have no idea what the fuck they’re supposed to do. If they take their shoes off before getting to the scanners they may get barked at and have to waste time putting them back on. The same goes for removing liquids and laptops from bags. There’s no way to speed up the line by planning ahead because you have no idea what you’ll be required to do before you get to the scanners.

It seems that my frustrations aren’t unique. New York City is now talking about replacing the TSA with private security agencies:

Management of the New York City area’s three major airports is fed up with long lines at security check points, and they have given the Transportation Security Administration an ultimatum: Either shorten the lines or we’ll find someone else to do it.

The Port Authority of New York and New Jersey, tasked with running John F. Kennedy, LaGuardia and Newark airports, is threatening to privatize the process of screening passengers before boarding their flight, according to a document sent from the Port Authority to TSA Administrator Peter Neffenger.

“We can no longer tolerate the continuing inadequacy of the TSA passenger services,” the letter obtained by ABC News reads.

Although this would be a move in the right direction I doubt it will have a major impact. Any private security agency would still have to abide by the TSA’s security policies. Privatization is of little value when the State restricts any possible innovation with regulatory burdens. However, if enough airports replaced the TSA it would help shake the agency’s iron grip over airport “security” (quotes used because the agency doesn’t actually provide security). If the iron grip was removed there would be a chance that some actual innovation could take place that would make airport security a less annoying experience.

The State Sucks At Language

Under any sane legal system the label criminal would be reserved for those who victimize others. But the legal systems of most modern developed countries use the label to describe anybody who has violated any of the State’s decrees, regardless of how arbitrary they may be. Because of this we have people walking around who have been labeled criminals but have never victimized anybody. Fortunately the Department of Justice (DoJ) is finally recognizing this fact, although I doubt it’s intentionally, and is moving away from the term criminal to describe the people it targets:

The Department Of Justice has been phasing out the use of the word “criminal” to describe criminals. On the DOJ website the newer term, “justice-involved individual,” can be traced back to 2009. However, the term has seen more and more daylight over the last couple of years.

I’ve seen quite a few neocons flipping their shit about this but it really is a good move. The DoJ spends a great deal of its time harassing drug buys and sellers, tax evaders, unlicensed firearm dealers, and other people who haven’t actually victimized anybody. That being the case, it makes sense to refer to its targets by something other than criminals.

With that said, the DoJ, like every other government agency, sucks at language. Justice-involved individual is also a misnomer for the same reason the agency’s name is a misnomer; the word justice implies a wrong being righted. Without a victim there is no wrong to right and therefore no justice to be had. A better label would be a legal-involved individual.

Performing Denial Of Service Attacks Against Airliners Is Ridiculously Simple

How can you shutdown an airline service? By setting your Wi-Fi hotspot’s Service Set Identifier (SSID) to something quippy:

According to The West Australian, a passenger on QF481 spotted a Wi-Fi hotspot titled “Mobile Detonation Device” and advised a crew member. It wasn’t clear what mobile device it was linked to or where the device was located.

The crew member informed the captain, who then broadcast a message to passengers. Passenger John Vidler told the publication the pilot said the device needed to be located before the flight could depart.

If somebody put a bomb on board would they use Wi-Fi to detonate it? Probably not. That would require being in close proximity to the device whereas a cellular device, which are commonly used as remote detonators, allow the perpetrator to be somewhere else in the world. If a bomber did use a Wi-Fi detonator would they set it to broadcast an SSID that indicated it was a detonator? Most likely not. That would increase the chances of the device being discovered before it could be detonated. Holding the flight until the device was located was an overreaction.

In addition to being an overreaction it also gives individuals interested in interfering with airline service a cheap and effective means of accomplishing their goals. With little more than a Wi-Fi access point you can perform a denial of service attack against an airplane.

Perpetual Prison

A man is sent to prison. He stays his time. After being released he’s required to fulfill additional stipulations. Due to financial restrictions, which isn’t an uncommon restrictions for people getting out of a cage, he is unable to fulfill those stipulations. As a result he’s sentenced again and returns to prison.

What I’ve described is effectively a way for the State to imprison somebody for life for any crime. Jonathan Earl Brown probably isn’t most people’s idea of an upstanding person. He, at 26 years-old, was caught in bed with a 15 year-old girl. He was then sentenced to prison. It would be easy to toss him aside but justice is supposed to be blind so the situation he finds himself in should be analyzed separately from his person. And his situation is what I described in the opening paragraph:

After serving nearly two years for criminal sexual contact with a minor, Brown, 26, enrolled at Minneapolis Community and Technical College and began searching for a stable job and a place to live.

But just four months into his probation, Brown was sent back to prison. His offense: failing to enter sex offender treatment that he could not afford.

Attorneys and therapists say his case has exposed a major gap in Minnesota’s system of treatment for the nearly 1,600 convicted sex offenders who live under supervision in the community after leaving prison.

In Minnesota, sex offenders are often ordered by local judges to pay for their own treatment as a condition of probation. Yet many walk out of prison too broke to afford the co-payments. Brown was homeless, jobless and so destitute that his probation officer suggested he sell his blood to cover his $42 co-payment, court records show.

Last month a state appeals court panel upheld the revocation of Brown’s probation, triggering denunciations by prisoner advocates and public defenders.

People often like to bring up the recidivism rate amongst sentenced criminals as evidence that criminal behavior is something inherent in certain individuals. What is often ignored is the almost insurmountable odds many criminals face when they get out of prison. Prison sentences are supposed to be a means in which criminals can repay their debt to society (it’s a nonsense collectivist ideal since one cannot owe anything to an abstract idea such as society, but bear with me). Once that debt is repaid they’re supposedly free to return to their life. But most people who have served a prison sentence come out penniless and have few, if any, prospects for a job.

When you have nothing to survive on and you’re effectively blacklisted from legitimate work what are you supposed to do? Is it not feasible that many people who have been sentenced for a crime end up reverting to their previous criminal activity, such as drug dealing, because they have no other prospects?

Now imagine somebody like Brown who not only has nothing to survive on but must meet financial obligations just to remain outside of the State’s cages. He’s being required to fulfill criteria that he cannot fulfill and is being punished for it. Is this justice? If so, what’s to stop a judge from perpetually returning somebody to prison by knowingly placing an unmeetable probational burden on them?

Perks Of The Job

What’s the best way to fight the State’s war on drug users? Apparently by becoming part of the State and working from within:

A former Massachusetts drug-lab chemist was high on the job nearly every day for eight years, according to a report from the state’s attorney general. The report said that the chemist, Sonja Farak, was under the influence of drugs like crack, meth, LSD, and ketamine as she testified in court in drug cases and while examining drug samples in a crime lab between 2004 and 2013.

The report from AG Maura Healey also said the chemist cooked crack cocaine in a crime lab at night while working overtime.

Anthony Benedetti of the Committee for Public Counsel Services said that “thousands” of drug prosecutions were imperiled. “Anything that went through that lab while she was there is in question,” he told the Boston Globe.

I’m being a bit humorous here. It would be far better if those drug users were never imprisoned in the first place. But it is amusing that a large number of prosecutions may be jeopardized because the lab technician was herself doing drugs.

I wonder if she every had to testify in court immediately after dropping the acid that was taken off of the accused? It would be hard to keep a straight face in that situation. Either way, she deserves some credit for being high at both the lab and in court for eight years without anybody noticing. That’s impressive.

An Ancient Historical Lesson Repeats Itself

What happens when a government hands weapons to men and trains them to kill? It establishes a military. What happens when the same government ceases to pay this new military? The military uses its weapons and skills to prey on defenseless people:

The situation in Venezuela has become so bad that even soldiers are struggling to support themselves.

Over the weekend, six members of the Venezuelan military were detained by local authorities for stealing goats, the Venezuelan newspaper El Nacional reported Sunday. It said the soldiers confessed to stealing the goats and said they did it to feed themselves, since they had no food left in their barracks.

“It’s not a good sign when your military doesn’t have enough food, and when the military has been relegated to guarding and protecting food lines,” said Jason Marczak, director of the Latin America Economic Growth Initiative at the Atlantic Council. “This is endemic of the problems going on across the country.”

If you’re a student of history you’ve probably read about this happening numerous times. It shouldn’t be surprising either. The primary skill of a soldier is using force. That is, after all, their job. When they suddenly find themselves impoverished and starving they use the skills they have at hand to do what they believe is necessary to survive.

A notable difference between professional militaries and militias is that the latter are generally employed in another field and only act as soldiers temporarily. Since they’re not reliant on the government for the entirety of their income they have other skills to fall back on if the government stops paying soldiers. Professional soldiers, on the other hand, often lack other skills as well as experience in operating in a market. When they stop receiving a paycheck they, like a militia member, rely on the skills they have. The difference is the skills of a militia member are often honed in a market environment whereas the skills of a professional soldier are not.

Government Incompetence Saves Us All

Conservatives always tell me that they want a competent government. The worst thing that could happen to a government is if it became competent. Today people around the world enjoy incompetent governments, which means their random decrees are not nearly as consequential as they could be:

A Brazilian judge has ordered (Google Translate) that all mobile phone providers in the country block WhatsApp traffic for 72 hours, beginning yesterday.

However, Brazilians are discovering that the ban only covers mobile carriers—so Brazilians still can use WhatsApp over Wi-Fi or a VPN connection over their mobile data plan.

Imagine if Brazil’s government was competent. The entire country could have been cutoff from a very popular means of communicating securely.

I’m a fan of incompetent government. So long as a government cannot effectively enforce the decrees it issues the amount of damage it can cause is limited (when compared to what the damage could be, I’m not claiming the damage is usually minor).

On Edward Snowden

With the Edward Snowden movie coming out the conversation regarding his motives has been rekindled. I see a lot of people referring to him as a traitor because he didn’t go through proper channels to stop the National Security Agency’s (NSA) indiscriminate violation of our privacy.

What may people seem to have forgotten is that we already know what happens when whistleblowers go through proper channels. William Binney did exactly that. He went to his superiors and eventually went so far as to try to get the Senate involved.

What did he get for his efforts? A lot of stonewalling with a great big side of nothing. Okay, that’s not entirely accurate. He did get to experience seeing armed federal agents threaten his family at gunpoint and then being kidnapped by them.

Repeating the same thing over and expecting different results is often referred to as a sign of insanity. Knowing what happened to Binney what other recourse did Snowden have? Should he have just shut his mouth? If so, what recourse do the people have against an overreaching government?

The history of the NSA and its whistleblowers needs more consideration when considering Snowden’s actions.