Tag: Technology

Why Firearm Access Control is a Futile Effort

The issue of access control technology built into firearms (erroneously called smart gun technology by advocates of gun control) has been a hot topic as of late. Anti-gunners want it and gun owners want nothing to do with it. But the argument is irrelevant and Forbes, in an article trying to explain why gun owners should fear access control technology in their firearms, explains why:

10. Firearms must be able to be disassembled in order to be cleaned and maintained. One of the principles of information security is that someone who has physical access to a machine can undermine its security. Smartgun manufacturers need to show evidence that criminals who steal smartguns cannot modify them to work with the smart technology removed or disabled (or that preventing any components from being accessed that are accessible in conventional weapons will not impact the durability of the weapons).

Physical access is the ultimate killer of any security system. If an individual has both physical access and unlimited time they can bypass any security system. After all security systems merely buy time. An effective security system is one that takes longer to bypass than an attacker is either willing or able to invest. With access control technology on firearms both of those criteria are met since the owner necessarily has permanent physical access.

Mandating access control technology in firearms is entirely futile. The technology won’t survive even a few days once it’s introduced to market. With that said, the technology would give us something fun to play with at Defcon.

Find My iPhone Vigilantism, a Demonstration of State Failure in Providing Security

The New York Times ran a story covering a recent phenomenon where victims of iPhone theft use the Find My iPhone feature to find the thief and reclaim their phone:

Using the Find My iPhone app on her computer, she found that someone had taken the phones to a home in this Los Angeles exurb, 30 miles east of her West Hollywood apartment.

So Ms. Maguire, a slight, 26-year-old yoga instructor, did what a growing number of phone theft victims have done: She went to confront the thieves — and, to her surprise, got the phones back.

Ah, the lovely Hollywood outcome where all is well at the end. But the news isn’t Hollywood so you know that a happy ending at the beginning of the story must be followed by a story of horror:

In San Diego, a construction worker who said his iPhone had been stolen at a reggae concert chased the pilferer and wound up in a fistfight on the beach that a police officer had to break up. A New Jersey man ended up in custody himself after he used GPS technology to track his lost iPhone and attacked the wrong man, mistaking him for the thief.

The rest of the article mostly consists of dire warning, primarily form police officers, against people seeking out thieves and attempting to recover their property. By the end of the story you’re supposed to see these so-called vigilantes as well-meaning albeit foolish people. What isn’t discussed are the motivations of these people willing to put themselves at risk to recover their stolen property.

I see this phenomenon (which likely consists of no more than ten or so people but the media needed a story so it inflated how common this practice is) as an example of the state’s failure to provide adequate security. As you likely know the state maintains a virtual monopoly on security services via its monopoly on law enforcement. While there are a few areas that the state allows private security providers to operate in (namely building security) the personal electronics recovery market isn’t one of them. If somebody steals your mobile phone you’re expected to rely on the police to recover it. This wouldn’t be an issue if the police would actually invest resources into recovering a stolen phone. But in most cases they will fill out a meaningless report and inform you that it’s almost impossible to recover a stolen personal electronic device. Even providing the police with access to your Find My iPhone service will seldom encourage them to get off of their asses and retrieve your phone. In fact you can get more done by contacting Apple and providing it with your stolen phone’s serial number. At least then the phone will be kept by Apple should it ever be brought in for repairs and the person who brought it in will be reported to the police. But that’s a pretty big if.

Since the solution provided by the state is unwilling to retrieve your phone and private solutions are verboten you’re left with only one option: if you want to retrieve your stolen phone you have to do it yourself. Don’t blame the vigilantes, blame the state that monopolized the security market and failed to provide an adequate service.

Mozilla Releases Chrome, Err, Firefox 29 and It’s Basically Chrome

Yesterday Mozilla released the latest version of its Firefox web browser. The most significant change is the user interface, which received a complete overhaul:

Mozilla is launching its most important release of Firefox in a very long time today. After almost two years of working on its Australis redesign, the company is now finally ready to bring it to its stable release channel.

After loading it for the first time, chances are you’ll be slightly confused. This is Firefox’s most radical redesign since it moved to its rapid release schedule a few years ago.

The new user interface is basically Google Chrome’s user interface:

I think this move demonstrates that Mozilla’s developers are desperately thrashing in the water without purpose. Mozilla’s business model now seems to be do whatever Google does. That’s not necessarily a bad strategy as Google does a lot of really amazing things. But there are far better features to lift from Chrome than its user interface. Why doesn’t Mozilla lift Chrome’s behavior of isolating each tab in a separate process? When a single tab in Chrome crashes it doesn’t take the entire browser with it. As a security measure isolating tabs in separate processes is also beneficial. I would love to see Mozilla copy that feature.

There’s nothing wrong with copying (in my intellectual property hating opinion). Good ideas should proliferate. But differentiation is also important. Unique features are what you can market to convince users to use your product. If Firefox and Chrome are identical, at least in the eyes of most end users, what can Mozilla do to convince people to use its browser instead of Google’s? Right now the only thing Firefox really has over Chrome, that I can think of, is extensibility. That’s not a lot to market a browser on, especially when Chrome has several features that Firefox lacks (such as isolating each page in a separate process).

I fear that we’re looking at the slow demise of Firefox. Mozilla seems to think that copying Chrome is a sufficient business model. As far as I know most of its income is still derived from users making Google search from Firefox’s search bar. Firefox isn’t as important to Google’s business model as it was in the days before Chrome so that money is likely to dry up at some point. What’s Mozilla’s answer to this likely inevitable future? Sell ads:

(Reuters) – Mozilla, the company behind the Firefox Internet browser, will start selling ads as it tries to grab a larger slice of the fast-expanding online advertising market.

The company said in a blog posting on Tuesday that it has reached out to potential corporate sponsors about its fledgling “Directory Tiles” program, targeted at first-time users.

Novice Firefox users now see nine blank tiles when they open up the browser, which fill in over time with their most-visited or recently visited websites. Now, Mozilla intends to display the most popular sites by location, as well as sponsored websites that will be clearly labeled as such.

That’s a frightening road. If the “Directory Tiles” program turns out to be a money maker Mozilla will be motivated to include more and more ads in Firefox. Ads have a tendency to ruin software products. If I see ads pop up on a program that I’m using I will almost reflexively begin searching for a replacement and I’m not alone.

Mozilla needs to get its shit together and come up with something besides doing what Google does. Because if my options are Chrome or a cut-rate version of Chrome I will just use Chrome. Somehow I doubt that I’m alone in this.

Failing to Understand the Real Net Neutrality Problem

The Internet is up in arms over discussions of the Federal Communications Commission (FCC) endorsing tiered Internet access. Solutions are being offered by many but most of those solutions involve some variation of “We need the government to regulate itself in a way that’s favorable to the people instead of its corporate partners!” Such solutions are pointless. There is an article by Davis Morris making its way around the Internet that offers a slightly different solution:

With the announcement by the FCC that cable and telephone companies will be allowed to prioritize access to their customers only one option remains that can guarantee an open internet: owning the means of distribution.

This is what I’m talking about. It’s time that we the people stood up to the FCC and Internet Service Providers (ISP) by seizing their monopoly on distribution. Viva la revolución!

Thankfully an agency exists for this. Local government. Owning the means of distribution is a traditional function of local government.

Oh, my bad. I thought Mr. Morris was going to propose an actual solution not simply another variation of “We need the government to regulate itself!” The root of the net neutrality problem is the institution of government itself. So long as any central organization maintains ownership of the Internet infrastructure the threat of censorship, tiering, and other undesirable restrictions will loom over our heads. What happens if local government take ownership of the infrastructure? The large content providers, such as Comcast (Comcast plays both sides against the middle by being an ISP and a content provider), will simply buy the local governments just as it has bought the federal government.

Mr. Morris’ basic idea, that we need to own the means of distribution, is correct. But his method is wrong. To defeat net neutrality we must put the means of distribution in the peoples’ hands (I never thought I’d see the day that I started sounding like Karl Fucking Marx). I briefly describe the work I’m participating in to bring mesh networking to the Twin Cities. The nice part about mesh networks is that individuals can own the infrastructure. Each person can purchase and maintain as many mesh nodes as they desire and establish a system of federation with other node owners. In other words we need infrastructure anarchy.

Through this method we the people become the literal owners of the means of distribution. The biggest advantage of this is that buying off many people willing to operate mesh nodes is difficult since they are oftentimes motivated by the desire to maintain a free and open Internet. It’s people with such motivations that we want owning and maintaining the means of distribution.

Stop Using Internet Explorer and Upgrade Your Flash Player

Are you one of those people who still uses Internet Explorer as your primary browser? If you are you really need to stop. Seriously. Right fucking now:

Attackers are actively exploiting a previously unknown vulnerability in all supported versions of Internet Explorer that allows them to surreptitiously hijack vulnerable computers, Microsoft warned Sunday.

The zero-day code-execution hole in IE versions 6 through 11 represents a significant threat to the Internet security because there is currently no fix for the underlying bug, which affects an estimated 26 percent of the total browser market. It’s also the first severe vulnerability to target affect Windows XP users since Microsoft withdrew support for that aging OS earlier this month. Users who have the option of using an alternate browser should avoid all use of IE for the time being. Those who remain dependent on the Microsoft browser should immediately install EMET, Microsoft’s freely available toolkit that greatly extends the security of Windows systems.

Internet Explorer has a pretty expansive history of major security flaws. As far as I’m concerned it’s not a safe browser to use in any context. This problem is also worse for people still using Windows XP since Microsoft has finally dropped support for it. By the way, if you’re using Windows XP stop it. Running an operating system that no longer received security updates is asking for trouble.

Also, since I’m on the issue of security news, you also want to upgrade your Adobe Flash Player:

The attacks were hosted on the Syrian Ministry of Justice website at hxxp://jpic.gov.sy and were detected on seven computers located in Syria, leading to theories that the campaign targeted dissidents complaining about the government of President Bashar al-Assad, according to a blog post published Monday by researchers from antivirus provider Kaspersky Lab. The attacks exploited a previously unknown vulnerability in Flash when people used the Firefox browser to access a booby-trapped page. The attackers appear to be unrelated to those reported on Sunday who exploited a critical security bug in Internet Explorer, a Kaspersky representative told Ars.

While the exploit Kaspersky observed attacked only computers running Microsoft Windows, the underlying flaw, which is formally categorized as CVE-2014-1776 and resides in a Flash component known as the Pixel Bender, is present in the Adobe application built for OS X and Linux machines as well.

Flash is another dangerous plugin to have installed. Unfortunately there are still sites that necessitate the use of Flash. My tactic is to disable Flash in every browser except Firefox and use NoScript to block all Flash content I don’t expressly allow. This method does a good job of balancing usability and security in my opinion. Hopefully we will someday live in a world where Flash is no longer used.

Verizon Collecting More Customer Information to Sell to Advertisers

Verizon has notified its customers that it will begin collecting more information from its customers for sale to advertisers:

The company says it’s “enhancing” its Relevant Mobile Advertising program, which it uses to collect data on customers’ online habits so that marketers can pitch stuff at them with greater precision.

“In addition to the customer information that’s currently part of the program, we will soon use an anonymous, unique identifier we create when you register on our websites,” Verizon Wireless is telling customers.

“This identifier may allow an advertiser to use information they have about your visits to websites from your desktop computer to deliver marketing messages to mobile devices on our network,” it says.

That means exactly what it looks like: Verizon will monitor not just your wireless activities but also what you do on your wired or Wi-Fi-connected laptop or desktop computer — even if your computer doesn’t have a Verizon connection.

The inevitable outcome of government protected monopolies is customer abuse. This move by Verizon is a prime example of this. Verizon enjoys government protection from competitors in many forms such as the Federal Communication Commission’s (FCC) monopoly over wireless spectrum distribution, municipal control over the installation of new communication infrastructure, and outright monopolies granted by local governments to favored Internet Service Providers (ISP). Without any effective competition Verizon enjoys the ability to abuse its customers who have two options: put up with the abuse or go entirely without the service. And this abuse is only going to increase as Verizon realizes it has a captive audience who can be used to extract every possible penny from without fear of retaliation.

Abuses by ISPs is another reason why we need to radically decentralize Internet access. One of the more promising ideas for decentralizing Internet access are mesh networks. I’ve been working with several other people on using a combination of Ubiquiti M2-HP access points with Commotion Wireless firmware to create mesh networks. We’ve found out that setting up a mesh network is trivial and I believe it could be an option in bypassing ISPs, especially high-density in neighborhoods where access points could be installed on every building. While such a solution isn’t universal it is a step in the right direction.

The less power ISPs have over us the less they can abuse us. Our priority at this point in time should be to take as much control away from ISPs as possible.

Solar Power That Doesn’t Suck

Renewable energy is the buzzword used by any company or non-profit organization that wants a big fat grant from the federal government. One of the big categories of renewable energy is solar. Solar sounds nice on paper since it produces energy from the sun and if the sun stops providing energy we will have much larger issues to worry about that electricity. But solar panels can also be unreliable. At night or when there is cloud cover solar panels produce nothing. The atmosphere, by design, also greatly diminishes solar energy before it gets to Earth’s surface. These factors make terrestrial solar panels less than idea for power production. But that doesn’t mean solar energy is nonviable, it merely means solar collectors need to be placed in space:

It’s been the subject of many previous studies and the stuff of sci-fi for decades, but space-based solar power could at last become a reality—and within 25 years, according to a proposal from researchers at the Japan Aerospace Exploration Agency (JAXA). The agency, which leads the world in research on space-based solar power systems, now has a technology road map that suggests a series of ground and orbital demonstrations leading to the development in the 2030s of a 1-gigawatt commercial system—about the same output as a typical nuclear power plant.

This is research into solar energy that actually matters. Unlike the shit research produced here in the United States, research into space-based solar collectors could actually create a viable source of energy for our increasingly energy-hungry society.

Obviously the technology isn’t without danger. If energy is being beamed from orbit the beam will most likely carry a rather high damage potential. But wind farms and terrestrial solar collectors don’t have a flawless safety record either. Anything that generates enough electrical energy to matter is almost certainly going to have some tradeoffs. The only question becomes one of tradeoff. Here in the United States we’ve basically decided that the risk of nuclear meltdown is too great for the amount of power produced. Will we decide that the risk of a point on land being incinerated is low enough for the amount of power produced? I hope so because space-based solar panels will likely be the only renewable energy source that can produced what our species needs.

Don’t Let Fear Stop the Progress of Firearm Technology

After Beretta revealed its PXi4 series of sensor laden pistols I started thinking of many cool things that merging electronics and firearms could enable. Then I got to thinking of a criticism I sometimes here in regards to marrying electronics and firearms, which is that the existence of such technology would lead to it becoming legally mandatory. This criticism isn’t entirely without merit. Ed Markey, a senator from Massachusetts, recently introduce the Handgun Trigger Safety Act of 2014. The act would require all handguns manufactured three years after the passage of the act to include technology that only allows them to be used by authorized individuals. It’s a great gun control tactic since such technology isn’t widely available. In fact the Armatix iP1 is the only pistol on the market that advertises such technology and it hasn’t been widely tested yet (not to mention it’s only available in .22 Long Rifle).

Alas I don’t believe the fear of access control technology becoming mandatory in firearms should stop the firearms industry from pursuing more high-tech firearm designs. After all, the technology doesn’t even exist yet and we’re already seeing legislation mandating access control for firearms. Whether the technology exists is irrelevant as far as legislation is concerned. But more importantly the advantages of merging electronics and firearms are many.

I touched on some of them when I was fawning over the Beretta PXi4 and have touched on other advantages in an earlier post. When you look at the advantage of tying a round counter, recoil sensor, slide cycle timer, trigger pull weight recorder, chamber pressure sensor, malfunction counter, and other statistics to a heads-up display or mobile phone the possibilities become practically limitless. Imagine being able to instantly call up the number and type of failures a particular gun has suffered over the years you’ve owned it. You could see, for example, that cartridges that operated at specific pressures caused a certain error. Tuning ammunition to give a desired bullet velocity while maintaining a minimal desired amount of recoil would be trivial. If you encountered an error that you had previously encountered years ago you would be able to call up that data and see what changes you had to make to get around it (because let’s be honest, after a few years we usually forget a lot of fine details about how we fixed something). Buying a used gun would involved less guess work if you could demand the data for the total number of rounds firearm and number of errors experienced from the current owner.

As a species we are merging electronic technology with all of our other technology and it is inevitable that firearms will receive the same treatment. In a generation or two gun owners will likely be just as baffled by guns that cannot report the number of rounds fired since it was purchased as we are by flintlock rifles today (that is to say there will only be a handful of people who know how to properly operate or understand the older technology). The sooner we get underway with his merger the sooner we get all of the kinks worked out.

Fear is a terrible motivation for failing to pursue a new technology. Allowing fear to prevent us from advancing technologically only hinders our species’s potential. Yes, there are wicked people who want to use technology for nefarious things. Senators want to use technology to enact gun control. Military leads want to use technology to reign more efficient death and destruction down upon their enemies. But those wicked people won’t stop their pursuit simply because good people are afraid of the technology. We might as well reap the benefits because we will certainly be dealing with the consequences regardless of our decision.

Beretta Shows Us the Potential of True Smart Guns

Smart gun is a dirty word in gun rights circles. This is because the term is used by gun control advocates in their crusade to restrict gun owners. But smart gun technology doesn’t have to be a dirty thing. There are a lot of neat features you could enable by including on-board electronics in firearms as Beretta is planning to show us with its new PX4i Storm series:

Beretta’s newest Law Enforcement pistol, unveiled at DSA ’14, is the Beretta PX4i Storm. This pistol is a standard PX4 Storm that been wired with electronic sensors which can track when rounds are fired, how many rounds are in the magazine, the status of the safety and even if a round is in the chamber or if the hammer is cocked.

[…]

If a police officer removes his PX4i from its holster the iProtect system could, for example, automatically notify the police dispatch as well as other officers nearby and route them to assist the officer in trouble. This can all be done without the officer having to make a radio call. It can even detect if an officer is injured or killed and issue an appropriate alert.

This is neat. I would love to have some of this technology in my competition pistol. Being able to automatically track the number of rounds fired would help me know when to replace wearable parts. It would also be interesting if the gun could record my draw time (which is possible since there is an accelerometer), the amount of time is takes me to go from drawing the pistol to firing the first round, and how long it takes me to perform a reload. If the technology was done correctly you could event eliminate the need for a shot timer in single-gun competitions by having the gun record the span of time between the first draw and the last round fired. Heck, if the guns were setup to communicate with one another you could even eliminate shot timers from multi-gun competitions.

Combining this technology with Bluetooth would open up a realm of possibilities. Imagine tying a firearm with something like Google Glass. At any time you could look up and know exactly how many rounds remain in your weapons magazine, whether or not a round is currently chambered, if there is a malfunction, how warm the barrel is (it would be helpful to receive an indicator if the barrel has reached a temperature where accuracy begins to deteriorate), how much charge remains in the optic’s battery, and so on.

I’m sure this technology will be pooh-poohed by a lot of gun owners. Many gun owners seem to dislike radical changes in firearm technology because they believe it will decrease reliability. But if there’s something electronic optics have taught us it’s that reliable electronics can be built and they can benefit our shooting. It won’t surprise me if the PXi4 has initial reliability issues but those issues will get resolved in time. Additionally there’s also the fact that electronics can be included in a firearm in such a way that an electronic failure won’t hamper the operation of the firearm itself, which I assume is how Beretta has designed the PXi4.

Moving Towards Electromagnetic Guns

Firearms are considered a mature technology. The basic concept hasn’t changed in centuries. Since inception firearms have effectively been tubes designed to contain pressure and direct it out a specific direction. Inside the tube is a projectile placed in front of a chemical propellent and when the propellent is ignited it creates pressure that propels the projectile out of the tube. The need to contain and direct pressure is one of the limiting factors in firearm design.

3D printed firearms have become a buzzword as of late. While politicians and the media are making 3D printed firearms out to be the next destroyer of civilization the truth is there are currently severe limitations on what can be manufactured on an affordable printer. While this will improve over time I think it may be time to consider investing resources into improving electromagnetic guns.

The reason I say that is because electromagnetic guns don’t rely on high pressure to propel a projectile. Rail guns rely on closing a circuit between two rails with a conductive projectile, which creates Lorentz force to move the projectile. Coil guns rely on timing a series of electromagnets to pull a projectile down a barrel. Neither design involves high pressure created by burning chemical propellents. A rail gun will generate a great deal of heat as the projectile moving down the rails generates a lot of fiction. That leads me to believe a coil gun design would be a better option if one’s goal is to create a firearm that can mostly be manufactured on a 3D printer.

Obviously the electromagnets, capacitors, and other necessary electronics can’t be manufactured on an affordable 3D printer at this time. But those components are all readily available either online or an electronic hobbyist shops. And best of all buying the parts doesn’t announce to the world that you’re building a firearm or explosive (something that buying chemical propellents or components necessary to create chemical propellents can do).

There are major drawbacks to such a gun though. At this point in time traditional firearms are a known quantity. We know how to manufacture them in a way that is reliable. Coil gun designs are in their infancy and a lot of research and development would be necessary to make such weapons that could perform all of the duties of a traditional firearm can. Being able to accelerate a projectile to anywhere near the speeds of a traditional firearm isn’t easy and reliability will likely be an issue for some time. But coil guns may represent a weapon that is easier to manufacture in the home during this age where knowledge of electronics is becoming more common that knowledge of metalworking. Furthermore the components needed to build a coil gun are more difficult to control than components needed to build a traditional firearms (namely chemical propellants). In fact this is probably the most appealing aspect of electromagnetic weaponry, the components need to build a coil gun are also used in everything that our modern civilization relies on. Controlling such commonly available components is impossible (technically controlling anything is impossible but controlling commonly available components is orders of magnitude more difficult than controlling specialized components).

I think pursuing electromagnetic guns is something the gun rights movement should consider and maybe even invest resources into investigating.