Security – Page 31 – A Geek With Guns

The Advantages of Decentralized Security

Terrorism is a tactic that has proven to be successful because it exploits basic economics. Two individuals with a couple of pressure cookers and some explosives placing an entire region under martial law can be considered nothing more than a successful attack. What made this response possible, in part, is the increasing centralization of security in the United States.

During the early days of the United States the founders envisioned a militia system, akin to what Switzerland has today, where the average person was armed and received basic military training. Between then and now the country transitioned from a militia system to a centralized standing army. Along with this transition have come many consequences. Thanks to its standing army the federal government began to enjoy the ability to crush any opposition, which it used to on several individual states that decided the whole Union thing wasn’t working out for them. As the advocates of a militia system predicted the existence of a standing army lead to tyranny. The establishment of tyranny is only one consequence of a standing army however. Another aspect that is seldom discussed is the sheer cost involved in maintaining a permanent military class.

Military spending for the United States has reach absurd levels. Nobody should be surprised by that, centralized systems are notoriously inefficient. The United States has further compounded its error by transforming the domestic police force into a standing army as well. America has changed a lot since the almost stateless Frontier was, well, a frontier [PDF]. Before the militarization of the police there existed an actual security market, which provided security at a much cheaper rate and with better results. In most cases of trouble the general population was armed sufficiently to deal with the matter. In cases where the general populace was unable or unwilling to deal with troublesome matters professional mercenaries would be hired. If a community was large enough to warrant a full time peacekeeper the townsfolk would come together to hire a sheriff, who would rely on the armed townsfolk for any matters he could not handle himself.

This decentralized system had many advantages. First, it was efficient. Resources only needed to be invested in security when problems occurred. When a professional police class exists they must be paid year around regardless of whether or not trouble exists. Even in today’s world police spend most of their time dealing with victimless “crimes” like exceeding the arbitrarily posted speed limit, parking in places posted as no parking zones, and the consumption of certain plants. Crimes involving victims are exceedingly rare so without victimless “crimes” the average police officer would be paid to, quite literally, stand around and do nothing.

The second advantage of a decentralized system is that the cost of committing crimes increases. Under a centralized system where only professional police officers are likely to be armed the cost of committing a crime against non-police officers is relatively low. If I wanted to rob my neighbor’s home I am reasonable sure I would encounter little, if any, resistance. Under a decentralized system more people are likely to be armed and training to use arms because there is no centralized entity they can put their faith in. If I wanted to rob my neighbor’s home under a decentralized system I would be more likely to encounter resistance, which would increase the cost of performing the act and likely discourage me from doing so.

Advantage number three is that a decentralized system relies primarily on individuals familiar with an area. This point was prominently made during the entire Boston fiasco. Dzhokhar Tsarnaev wasn’t found by the police, he was found by a homeowner who noticed the tarp over his boat was amiss. The homeowner was familiar with the area, unlike many of the police officers brought in to deal with the situation. That knowledge allowed him to find the perpetrator even when the police could not. Familiarity with an area is invaluable when searching for a suspected wrongdoer. While a person unfamiliar with an area is unlikely to notice a small out of place detail a person who is familiar with the area is likely to take note if they’re actively searching for somebody.

Another advantage is that people are more likely to take interest in the affairs of friends, family members, and neighbors. If you rob, assault, or murder somebody you can be reasonably assured that your victim’s friends, family members, and neighbors are going to be none too happy with you. In general people don’t like to see those they like suffer harm. Police officers, especially those not from the afflicted area, are less likely to have an emotional investment in solving a crime.

When you combine these advantages you have a system that can deal with incidents like the Boston bombing in a much less resource intensive manner. The suspect is more likely to be found quickly due to everybody’s familiarity with the area, the resources needed to defend against the bomber are spread out amongst the armed populace instead of centralized by a single organizations, those with an emotional investment will be the ones seeking the perpetrator, and the crime may not have occurred in the first place because the cost of doing so would have been higher.

Violent Criminals are Trying to Recruit Potential Computer Experts

One of the most violent gangs in the United States has begun actively recruiting individuals who show a high aptitude in computer skill. I would advise parents to talk with their children and warn them against joining the ranks of psychopaths such as the National Security Agency (NSA) and Department of ~~Fatherland~~ ~~Motherland~~ Homeland Security (DHS):

The secretary of that agency, Janet Napolitano, knows she has a problem that will only worsen. Foreign hackers have been attacking her agency’s computer systems. They have also been busy trying to siphon the nation’s wealth and steal valuable trade secrets. And they have begun probing the nation’s infrastructure — the power grid, and water and transportation systems.

So she needs her own hackers — 600, the agency estimates. But potential recruits with the right skills have too often been heading for business, and those who do choose government work often go to the National Security Agency, where they work on offensive digital strategies. At Homeland Security, the emphasis is on keeping hackers out, or playing defense.

“We have to show them how cool and exciting this is,” said Ed Skoudis, one of the nation’s top computer security trainers. “And we have to show them that applying these skills to the public sector is important.”

One answer? Start young, and make it a game, even a contest.

This month, Mr. Jaska and his classmate Collin Berman took top spots at the Virginia Governor’s Cup Cyber Challenge, a veritable smackdown of hacking for high school students that was the brainchild of Alan Paller, a security expert, and others in the field.

With military exercises like NetWars, the competition, the first in a series, had more the feel of a video game. Mr. Paller helped create Cyber Aces, the nonprofit group that was host of the competition, to help Homeland Security, and likens the agency’s need for hackers to the shortage of fighter pilots during World War II.

The job calls for a certain maverick attitude. “I like to break things,” Mr. Berman, 18, said. “I always want to know, ‘How can I change this so it does something else?’ ”

Between drones and these types of competitions it appears that the United States government is continuing its track record of exploiting young children by making war feel like a video game. What the government recruiters don’t talk about are the harsh realities of war. In the case of computer security working for the government means working for the entity that is actively trying to suppress free speech on the Internet. This entity has continued to push legislation such as the Stop Online Piracy Act, Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, and Cyber Intelligence Sharing and Protection Act. In addition to pushing destructive legislation this entity has also actively worked against free speech by seizing domain names of websites it finds undesirable (without any due process, of course). This entity has even go so far as to relentlessly pursue an individual for being a proponent of free speech and free information. By every definition of the word the United States government is a terrorist organization.

If you or somebody you know is an upcoming computer expert I urge you to urge them to work on projects that help protect Internet users from the psychopaths in the United States government. The Tor Project and I2P are always looking for more developers. Those of us that want to preserve free speech, free information, and privacy online need more advocates of cryptographic tools such as OpenPGP, Off-the-Record Messaging, and encrypted voice communications. Young computer savvy individuals should work on becoming experts in such technology, encourage their friends to use such technology, and work on the next generation of such technology.

Fortunately, for those of us that work against the United States government’s continuous attempts to censor the Internet, most people described by the state as computer hackers are not fond of authority and are therefore more likely to pursue non-state employment instead of working for the monster that labels them criminals.

When Seconds Count the Police Aren’t Showing Up

With the amount of time police have to dedicate to expropriating wealth from the general populace in the form of traffic citations, civil forfeiture laws, and rounding up slave labor for Federal Prison Industries and Corrections Corporation of America it’s not surprising that the time they have set aside for helping people has dwindled to almost nothing. In fact the police have become so inept at protecting the people of Oakland, California that the people have finally decided to help one another directly:

OAKLAND (KPIX 5) – Oakland’s crime problems have gotten so bad that some people aren’t even bothering to call the cops anymore; instead, they’re trying to solve and prevent crimes themselves.

KPIX 5 cameras caught up with a half dozen neighbors in East Oakland’s Arcadia Park neighborhood Monday as they walked the streets on the lookout for crime. The vigilance has never seemed more necessary than now; 25 homes in the neighborhood have been burglarized over the last two months alone.

In a neighborhood that has started to feel like the wild west, people have even started posting “wanted” signs.

People often get suckered into believing that the state provides protection for those living within its borders. The police aren’t required to provide protection and, in many parts of the world, people have learned that the police are almost useless when it comes to providing protection. In such cases the people end up having to find alternative methods to ensure the safety of their community. I believe we’ll see communities creating their own methods of providing protection as more police departments demonstrate their ineffectiveness.

How Tor and HTTPS Work

The Electronic Frontier Foundation (EFF) has posted a nice diagram that explains how Tor and Hypertext Transfer Protocol Secure (HTTPS) work in regards to security and anonymity. If you click the HTTPS button the diagram explains how HTTPS protects your data, if you click the Tor button the diagram explains how Tor protects your anonymity, if you have both buttons clicked the diagram explains how Tor and HTTPS work together to protect your data and anonymity.

Neither Tor or HTTPS are perfect, especially when you’re accessing data outside of the Tor network (in other words, not accessing a hidden service). The anonymity that Tor provides cannot protect you if you chose to reveal personal information and HTTPS is only a secure as the trust chain created by issued certificates. The trust chain created by HTTPS has been compromised before when hackers were able to acquire the root signing certificates used by DigiNotar and it’s possible that many trusted certificate authorities are willing to issue fraudulent certificate to government entities. However both tools are relatively effective at what they do and when used in unison can do a great deal to protect your identify online.

OS X Security Tip: Destroy FileVault Key on Standby

I haven’t talked much about technology as of late. With so much other news, especially on the gun rights front, I haven’t had much time nor reason to writeup any technology tips. With that said I have a security tip that OS X users who use FileVault on their main drive may find useful. While investigating another power management issue I found a pmset (an OS X command line application for adjusting power management settings) value mentioned in the command’s man page:

destroyfvkeyonstandby – Destroy File Vault Key when going to standby mode. By default File vault keys are retained even when system goes to standby. If the keys are destroyed, user will be prompted to enter the password while coming out of standby mode.(value: 1 – Destroy, 0 – Retain)

As a user of FileValut and my laptop’s standby mode I found this value interesting. As far as I knew the FileVault key was destroyed when my computer entered standby. Apparently that’s not the default behavior. Looking further into this command I found a FileVault 2 training document [PDF] put out by Apple that had more to say about the destroyfvkeyonstandby value:

All computers have firmware of some type—EFI, BIOS—to help in the discovery of hardware components and ultimately to properly bootstrap the computer using the desired OS instance. In the case of Apple hardware and the use of EFI, Apple stores relevant information within EFI to aid in the functionality of OS X. For example, the FileVault key is stored in EFI to transparently come out of standby mode.

Organizations especially sensitive to a high-attack environment, or potentially exposed to full device access when the device is in standby mode, should mitigate this risk by destroying the FileVault key in firmware. Doing so doesn’t destroy the use of FileVault, but simply requires the user to enter the password in order for the system to come out of standby mode.

The destruction of the FileVault key when going to standby mode can be accomplished by setting a specific power management environment variable using the pmset command. Performing the following command on the targeted system interactively, or during the execution of a script for automation or deployments, sets the key for destruction:

# pmset destroyfvkeyonstandby 1

I used the command “pmset -a destroyfvkeyonstandby 1” (the same as the command mentioned in the manual with the addition of the -a flag, which applies the value to all power profiles) but I don’t believe the -a flag is actually necessary. Now, hopefully, my FileVault key is actually destroyed when the computer enters standby mode.

Cost-Benefit Analysis of the Minnesota Voter ID Amendment

Political organizations are spending their money for the final push before the election. Television screens are alive with political advertisements, newspapers are filled with pages of propaganda, and billboards across the country are urging you to vote one way or another. In Minnesota we’re being assaulted with advertisements asking us to vote yes or no on two constitutional amendments. These amendments have consumed a great deal of time for the politically active members living in this state, even though they’re really just scams meant to get the Democratic and Republican voter bases out to the polls.

Of the two amendments I find the one that would require voters to present state issued photo identification when voting to be the most interesting. Unlike the amendment that would make the state’s prohibition against same-sex marriages constitutional, which is nothing more than further legislating religious dogma, the voter identification amendment is a potential solution to a potential problem. Both the problem and the solution are only potentials because no reliable study has been performed to determine if the cost of implementing voter identification outweighs the cost. To this point all arguments for and against this amendment are hypothetical. Those who support the amendment claim that it will fight voter fraud but haven’t demonstrated that voter fraud is a significant problem and those who oppose the amendment claim it will disenfranchise specific voting blocks (which can’t actually be demonstrated until the amendment is passed so I give them a bit of a break). Security, like anything else that requires the use of resources, needs to undergo cost-benefit analysis.

In order to perform a cost-benefit analysis we need to identify the threat. Voter identification legislation is meant to combat the threat of individuals claiming they’re somebody else in order to cast additional votes. How many cases of such fraud have occurred in Minnesota? I’ve seen no conclusive studies indicating such a number, just vague statements claiming it’s a rampant problem. Nationwide the rate of voter impersonation is statistically nonexistent:

Out of the 197 million votes cast for federal candidates between 2002 and 2005, only 40 voters were indicted for voter fraud, according to a Department of Justice study outlined during a 2006 Congressional hearing. Only 26 of those cases, or about .00000013 percent of the votes cast, resulted in convictions or guilty pleas.

.00000013 percent of votes cast nationwide were demonstrated to be cases of voter impersonation. That number is so statistically insignificant as to be entirely irrelevant. Unless Minnesota greatly bucks the national trend voter impersonation isn’t a notable problem here. Considering the likely insignificant nature of the problem how much would it cost to implement a voter identification system? According to the only study I’ve found on the subject the cost it is estimated that a voter identification program would be $68.5 million in the first year [PDF].

Is it really worth spending $68.5 million in the first year on something that hasn’t even been proven to be a problem? Personally I don’t think it’s a good idea to spend a single dime on something that hasn’t been proven to be a problem.

Poor Parental Risk Assessment

One of my friends posted this story that discusses the difficulties of a parent trying to find a day care for their immunocompromised child. Their child has leukemia and is currently undergoing chemotherapy meaning his immune system is roughly as effective as a screen door on a submarine. What’s interesting s that the story is attempting to explain the dangers of not immunizing children but fails to acknowledge a much bigger problem:

But here’s something that rarely gets discussed: the threat posed by the nonvaccinated to children who are immunosuppressed. Last year, while searching for child care for our 2-and-a-half-year-old son, my husband and I thought we had we found the perfect arrangement: an experienced home day care provider whose house was an inviting den of toddler industriousness. Under her magical hand, children drifted calmly and happily from the bubble station to the fairy garden to the bunnies and the trucks, an orchestrated preschool utopia. But when I asked: “Are any of the children here unvaccinated?” the hope of my son’s perfect day care experience burnt to a little crisp. As it turned out, one child had a philosophical or religious exemption—a convenient, cover-all exemption that many doctors grant, no questions asked, when a parent requests one. (I still do not understand how the state can allow one to attribute his or her fear of vaccines and their unproven dangers to religion or philosophy. But that’s a question for another day.)

Ordinarily I wouldn’t question others’ parenting choices. But the problem is literally one of live or don’t live. While that parent chose not to vaccinate her child for what she likely considers well-founded reasons, she is putting other children at risk. In this instance, the child at risk was my son. He has leukemia.

Ignoring the author’s rather condescending holier-than-thou attitude we must look at the much larger picture that is apparently being entirely ignored. The parent has acknowledged the fact that even minor diseases can be potentially lethal to her child and therefore will not allow her child to be around children that haven’t been immunized. That’s a smart decision but it fails to address the much more common issue of diseases for which no immunizations exist such as the common cold, the flu (granted there are limited immunizations against specific strains of the flu but they are far from effective against all strains of the flu), or pneumonia.

Even if a child has received all of their recommended immunizations they are still potential, and likely, carriers for the previously mentioned diseases. Whether an immunocompromised individual contracts whooping cough of a cold isn’t overly relevant as either one can be potentially lethal.

The parent in this article makes an all too common human mistake, she has done a poor job at risk assessment. Children, due to the fact their immune systems aren’t fully developed, are more susceptible to diseases. Therefore it’s risk to put an immunocompromised child in a day care or school as both will likely expose the child to numerous diseases. While the parent has assessed children who haven’t been immunized as a risk to her immunocompromised child she has entirely ignored the threat of diseases that can’t be immunized against.

Humans, in general, are poor assessors of risk. We will inflate the threat of unlikely risks while playing down the threat of more likely risks. Consider the gun rights movement. Many of us spend a great deal of time preparing to defend agains a violent attacker but often fail to exercise or eat properly to defend ourselves against the far more likely threat of heart disease.

The linked story is interesting because it is trying to demonstrate the risk of children who are not immunized but unintentionally demonstrates that the parent is doing a poor job of assessing overall risk. While a great deal of time is spent advertising the risks of not getting children immunized very little time is spent advertising the risks of common diseases like the cold. This is likely part of the reason the parent has put so much weight on the issue of immunization while ignoring the fact that putting her immunocompromised child in a day care is insanely risky regardless of whether the other children have received their recommended immunizations.

Our species’s inability to properly assess risk should always be taken into consideration when policies are introduced to mitigate a supposed risk. People should question government programs that promise to mitigate the risk of terrorism while risks involving far more common crimes are left ignored. When somebody offers sell you an expensive product to mitigate a risk you should stop and consider whether or not the risk in question is actually in need of being mitigated.

Volunteer Community Security

Many people seem to believe that the state is the only option for delivering community security. These are usually the same people who believe the state must build the roads, deliver the mail, deliver water, and provider fire services. In truth the state is needed for none of these things and one community has turned to volunteers to provider community security:

Redlands volunteers now outnumber paid officers five to one and, even with a 25 percent reduction to their police force in 2007, their violent crime rates have decreased steadily.

And it doesn’t cost tax payers a dime.

“Our volunteer program is completely self-sustainable,” Martinez says. “They raise their own money, they buy their own cars. None of the money comes out of the general fund.

The program even includes an air support unit, complete with 30 volunteer pilots and a prop plane.

There is a video at the link. Some people will point out that the volunteers are volunteering for the Redland Police Department (RPD) but that’s irrelevant as RPD doesn’t provide any funding to the volunteer organization, they raise their own money and buy their own equipment. If RPD went away the volunteers would still be able to function (except the state wouldn’t allow them to because they wouldn’t be volunteering for the state and therefore would be restricted in what they could do).

You Can’t Trust Anybody Anymore

Remember Lulz Security? They were the hacker group that was traveling around the Internet and breaking into site for shits and giggles? While they were in full swing I mentioned that they, along with Anonymous, were good testers of Internet anonymity:

I often talk about the importance of anonymity and groups like Lulz Security and Anonymous make great testers of the ability to remain anonymous on the Internet. People likely to be prosecuted by law enforcement would do well to watch the actions of these groups and determine how they are able to avoid law enforcement. If the tactics used by these groups allows them to avoid those who are seeking them out then the same tactics can be used by political dissidents in oppressive countries. Those wishing to release dirt on private or government entities would also be well served by such information.

It appears as though some work is still needed in the field of Internet anonymity:

Law enforcement agents on two continents swooped in on top members of the infamous computer hacking group LulzSec early this morning, and acting largely on evidence gathered by the organization’s brazen leader — who sources say has been secretly working for the government for months — arrested three and charged two more with conspiracy.

Law enforcement was finally able to close in on several members of Lulz Security by gleaming information from the group’s leader, who provided evidence in, what I’m guessing was, exchange for either a reduced sentence or no sentence at all:

The offshoot of the loose network of hackers, Anonymous, believed to have caused billions of dollars in damage to governments, international banks and corporations, was allegedly led by a shadowy figure FoxNews.com has identified as Hector Xavier Monsegur. Working under the Internet alias “Sabu,” the unemployed, 28-year-old father of two allegedly commanded a loosely organized, international team of perhaps thousands of hackers from his nerve center in a public housing project on New York’s Lower East Side. After the FBI unmasked Monsegur last June, he became a cooperating witness, sources told FoxNews.com.

Obviously Monsegur failed to anonymize himself property as did his cohorts. This failure could have been through bragging about his capers, having his machine compromised, or by failing to properly anonymize his traffic during the attacks. His cohorts failed to keep themselves anonymous from Monsegur. If you’re going to be committing illegal acts it is best that you divulge no information about yourself to you coconspirators as such information could lead to your arrest if any other member is arrested.

Security Incentives

It’s an exceedingly rare instance where I disagree with Bruce Schneier but in his recent post regarding the Transportation Security Administration (TSA) I have to say he was incorrect:

Hard to argue with most of that, although abolishing the TSA isn’t a good idea. Airport security should be rolled back to pre-9/11 levels, but someone is going to have to be in charge of it. Putting the airlines in charge of it doesn’t make sense; their incentives are going to be passenger service rather than security.

Personally I won’t argue with his statement as far as security goes, somebody should be in charge of airport security, but that entity shouldn’t be the federal government. This debate is really one of economics though as Schneier apparently has a misunderstanding regarding incentives.

The airliners primary incentive isn’t passenger service or security, it’s profits. Like any business the airliners are in business to make money and in order to do that they must keep costs down and ensure customers are happy. Usually when I mention the need for airliners to keep costs down they assume I’m talking about bookkeeping items like employee wages, fuel costs, and airplane maintenance. Those are not the only costs though as airliners must also ensure the protection of their property.

Airplanes and airports are expensive properties to replace. Airliners are not going to be happy if their aircraft are constantly being hijacked, flown into buildings, or simply blown up. Insurance claims may cover the cost of replacing the airplanes but at high insurance costs and the possibility of insurance companies refusing to cover airliners with atrocious security-related failures. Because of the costs involved in replacing airplanes airliners have a large incentive to ensure proper security measures are taken to protect their investment. Airports are no different and thus there is incentive to protect them.

Airliners also have an incentive to protect their customers. The reason for this is rather obvious, an airliner who has an atrocious security record will soon find itself out of business. If we look at a hypothetical situation between two competing airliners we can better see this fact. For this hypothetical situation we’ll say there are two competing airliners; Security Air and Insecurity Air (I’m not creative with names, sue me). Security Air has a marvelous safety record and have only had one airplane hijacked. Their competition, Insecurity Air, on the other hand has an absolutely dismal security record with airplanes getting hijacked on a monthly basis. Given the choice between these two airliners it’s fairly obvious what one is going to have the market advantage.

Private entities like airliners have to play a balancing act though between security and convenience. Taking this example further let’s say after Security Air experienced their hijacking a competing company was formed call Transcontinental Secure Airlines, or TSA for short. TSA decides to play the security game and have implemented extreme security measures including full strip searches of passengers, random cavity searches of passengers after they get on the plane, and seat on the plane is equipped with a stun gun to subdue unruly passengers. How many customers do you think they will have? None is most likelihood.

We also have the other side of the coin to consider, what is the government incentive for keeping airplanes secure? Truthfully the government has no incentive to keep airplanes secure. No profit incentive exists because government are funded entirely by theft. The TSA has a strong incentive to instill fear in passenger and state bookkeepers to ensure the continuous flow of money and authority. In fact putting the government in charge of security is the last thing you want to do. When security fails at an airport the government rewards itself with more rules, regulations, and powers.