Tag: Your Government Doesn’t Love You

Amateur Results

Remember Schneier’s point about expecting amateur results when using amateurs for frontline security? This is the result:

The couple says within twenty minutes, the door to the cabin opened and three, armed Port Authority police officers started walking down the aisle.

They stopped at aisle 23, where Chan and Serrano were sitting. One of them looked at Kathleen Chan.

“And he turns to her and says, ‘Do you have ID?’” Serrano remembered.

Chan showed her New York State driver’s license, with its photo ID and proof that she lived at the same address in Astoria that Serrano did.

In fact, the couple was about to mark nine years together, which included buying their Queens home in 2011 and refurbishing it.

[…]

“I asked him, ‘Can you tell me what this is about?’” Chan recalled. “He told me the flight crew had alerted the police that it was a possible case of sex trafficking. They thought I had not spoken any English, and that I was taking directions from Jay during the flight.”

Somebody on the flight crew saw something and decided to say something. Unfortunately the member of the flight crew wasn’t trained in any meaningful way to identify potential sex trafficking. So their reported ended up being a costly waste of time for everybody involved and needlessly terrorized an innocent couple.

If you see something, and you have no idea what you’re doing, just shut your mouth.

News From The Crypto War Frontline In New York

I continue to be amused by politicians’ efforts to prohibit math. A bill has been introduce in New York that would require manufacturers to implement backdoors in their mobile devices or face… some kind of consequence, I guess:

A New York assemblyman has reintroduced a new bill that aims to essentially disable strong encryption on all smartphones sold in the Empire State.

Among other restrictions, the proposed law states that “any smartphone that is manufactured on or after January 1, 2016 and sold or least in New York, shall be capable of being decrypted and unlocked by its manufacturer or its operating system provider.”

If it passes both houses of the state legislature and is signed by the governor, the bill would likely be the first state law that would impose new restrictions on mobile-based cryptography. Undoubtedly, if it makes it that far, the law would likely face legal challenges from Apple and Google, among others.

One of the great things about democracy is if a vote doesn’t go the way you want you can reintroduce the vote and waste everybody’s time again.

One question you have to ask is how this bill could be enforced. As written, it would punish sellers who sold phones that couldn’t be decrypted by law enforcers. But New York isn’t that big of a landmass and Ars Technia points out the rather obvious flaw in Assemblyman Titone’s clever plan:

UPDATE 3:49pm ET: Also, it’s worth pointing out that even if this bill does pass, it wouldn’t be terribly difficult for New Yorkers to cross a state line to buy a smartphone.

It doesn’t take a rocket scientists to see what would happen if this bill was signed into law. Sellers in New York may go under but sellers in neighboring states would see a jump in sales. In addition to sellers in neighboring states, the sales of online stores would likely increase as well since, you know, you can just order a cell phone online and have it delivered to your home.

Part of me is amused by the idea of strong cryptography being outlawed. Imagine millions of Android users flashing customer firmware just so they could remove government mandated backdoors. Such a prohibition would almost certainly create a sizable black market for flashing customer firmware.

How To Spot A Sex Trafficker According To The DHS

How do you spot a sex trafficker? According to the Department of Homeland Security (DHS) the signs of a sex trafficker in a hotel are almost exactly the same as the signs of anybody else in a hotel that’s ready for a good time:

  • garbage cans containing many used condoms
  • frequent use of “Do Not Disturb” sign on room door
  • excessive foot traffic in and out of a room
  • “excessive sex paraphernalia” in room
  • an “overly smelly room” that reeks of “cigarette, marijuana, sweat, bodily fluids, and musk”
  • a guest who “averts eyes or does not make eye contact”
  • individuals “dressed inappropriate for age” or with “lower quality clothing than companions”
  • guests with “suspicious tattoos”
  • the presence of multiple computers, cell phones, pagers, credit card swipes, or other technology
  • the presence of photography equipment
  • minibar in need of frequent restocking
  • guests with too many personal hygiene products, especially “lubrication, douches”
  • guests with too few personal possessions
  • rooms paid for with cash or a rechargeable credit card
  • “individuals loitering and soliciting male customers”
  • “claims of being an adult though appearance suggests adolescent features”
  • refusal of room cleaning services for multiple days

This list, with an except of a few token points thrown in to make it seem otherwise, appears to be aimed at prostitution instead of sex trafficking. Furthermore, it’s absurd to expect hotel staff to identify sex traffickers. To quote Bruce Schneier, “If you ask amateurs to act as front-line security personnel, you shouldn’t be surprised when you get amateur security.” There is no value in having hotel staff act as investigators. I would even say it has less than no value since the cost of chasing false positives, including money paid to investigators following up on leads and the complacency that comes from a continuous stream of false positives, will likely become detrimental to efforts of fighting sex trafficking.

Programs like this are exercises in security theater. By holding these training sessions the DHS can claim it is doing something to thwart sex trafficking without actually having to do anything.

When Your Return On Investment Doesn’t

As a resident of the Twin Cities I’ve recently suffered the bullshit spewed by stadium advocates. When the local handegg team started whining about wanting an even bigger stadium the smart people said it was a stupid idea and the stupid people said it was a smart idea. The stupid side claimed the stadium will bring a huge boost to the local economy. People from around the country will supposedly flock to the new stadium where they wouldn’t have come to the old stadium (apparently handegg fans travel to games for the buildings, not to watch the teams). This, in turn, will flood local eateries, convenience stores, hotels, and every other business with patrons. And that will lead to a flood of tax revenue (handegg fans also seem to think tax revenue is a meritorious thing). Since everybody will benefit, they claim in spite of facts, the stadium should be at least publicly funded.

One issue never touched by stadium advocates is what happens when the breadwinning team decides to leave? That’s the question denizens of St. Louis are probably wishing they had asked themselves before they built their shiny new stadium:

The St. Louis Rams’ decision to relocate to Los Angeles brought a double dose of bad news for the city’s residents on Tuesday: Not only are they losing the football team they’ve hosted for the last 21 years, they also still have to pay for the stadium they built to lure the Rams to their hometown in the first place.

At the beginning of 2015, city and state taxpayers still owed more than $100 million in debt on the bonds used to finance the Edward Jones Dome, the stadium St. Louis put $280 million in public funds behind in 1995.

It isn’t scheduled to pay off that debt until at least 2021, and that could be more difficult without the Rams and the $500,000 rent payment the team made each year. The city itself owes $5 million per year over that period, and the loss of the Rams could increase costs in the short-term.

Politicians, being incapable of admitting to fuck ups, are trying to spin this to their favor. But the bottom line is the city will have to pay off the stadium without a continuos source of rent. That will almost certainly lead to a rise in property taxes if not other taxes to make up the difference.

Publicly funded stadiums are nothing more than exercises in transferring wealth from the people to the politicians and their cronies. Even though the Rams are moving on the team gets to enjoy a great deal of wealth it otherwise wouldn’t have had because it was tight with the local politicians who were willing to put the tax victims on the line.

The Never Ending Ended War

Remember the war in Iraq officially declared over? Remember how much he and his supporters bragged about him ending Bush’s war? Guess what? We’re sending more troops there yet again:

FORT CAMPBELL, Ky. – An elite U.S. Special Operations targeting force has arrived in Iraq and will carry out operations against the Islamic State, part of a broader effort in 2016 to strike at the militants and that also includes U.S. Special Operations troops in Syria, Defense Secretary Ashton B. Carter said Wednesday.

The targeting force is now in place and is prepared to work with Iraqis to begin going after militant fighters and commanders, “killing or capturing them wherever we find them,” Carter said, speaking to about 200 soldiers at the home of the Army’s 101st Airborne Division, which is expected to deploy about 500 soldiers next month to Iraq and Kuwait as part of the campaign against the Islamic State, also known as ISIS and ISIL.

If you’re psychopathic enough to want to build an empire there are two ways to go about it. You can do it the smart way, the way the Mongols did it, and leave a conquered area to run its own affairs as long as it pays your demanded tribute. Or you can do it the stupid way, the way the United States prefers, and try to micromanage a conquered area even if they do pay your demanded tribute.

The problem with the stupid way is that the people tend to resent you far more. Because of that they continue actively fighting you, which ensures you can never really lay longterm ownership over the region. Even though the war was declared over the United States will likely be fighting it until it finally decides to leave.

Intellectual Property Means Not Owning Your Stuff

Intellectual property laws are always justified as being necessary for human innovation. Setting aside the fact humans have been innovating for longer than intellectual property laws have existed, the belief many people hold is that nobody would invest the resources necessary to innovate if they weren’t promised a monopoly on manufacturing afterwards. More and more though we’re seeing what the real purpose behind intellectual property laws are. It’s not to encourage innovation, it’s to curtail ownership.

Copyright is the biggest offender. Due to software copyright laws it’s getting more and more difficult to say you own anything because manufacturers are claiming anything with a computer in it is licensed, not sold. What’s that mean? It means when your product breaks down you are legally prohibited from fixing it:

How many people does it take to fix a tractor? A year ago, I would have said it took just one person. One person with a broken tractor, a free afternoon, and a box of tools.

I would have been wrong.

When the repair involves a tractor’s computer, it actually takes an army of copyright lawyers, dozens of representatives from U.S. government agencies, an official hearing, hundreds of pages of legal briefs, and nearly a year of waiting. Waiting for the Copyright Office to make a decision about whether people like me can repair, modify, or hack their own stuff.

[…]

Thanks to the “smart” revolution, our appliances, watches, fridges, and televisions have gotten a computer-aided intelligence boost. But where there are computers, there is also copyrighted software, and where there is copyrighted software, there are often software locks. Under Section 1201 of the DMCA, you can’t pick that lock without permission. Even if you have no intention of pirating the software. Even if you just want to modify the programming or repair something you own.

Enter the tractor. I’m not a lawyer. I’m a repairman by trade and a software engineer by education. I fix things—especially things with computers in them. And I run an online community of experts that teaches other people how to fix broken equipment. When a farmer friend of mine wanted to know if there was a way to tweak the copyrighted software of his broken tractor, I knew it was going to be rough. The only way to get around the DMCA’s restriction on software tinkering is to ask the Copyright Office for an exemption at the Section 1201 Rulemaking, an arduous proceeding that takes place just once every three years.

Ownership implies you have sole control over something. It can’t exist under intellectual property laws. So long as you stand the chance of being severely punished for repairing, modifying, or selling something you cannot claim to own it. Intellectual property claims are promises granted by the State that it will dish out those severe punishments.

This problem is also going to become exponentially worse as the number or products with embedded software increases exponentially. Soon we won’t be able to claim ownership over our refrigerators, coffee makers, or door bells. Everything in our homes will be rented property of the manufacturer. And if we violate the terms of the rental agreement the State will send its armed goons at oh dark thirty, kick down our doors announced, and shoot our pets.

The Pervasiveness Of Government Databases

Let’s discuss government databases. The United States government maintains numerous databases on its citizens. Many of these databases are populated, if not entirely, in part by algorithms. And unlike Amazon’s recommendation algorithms or Google’s search algorithms, government algorithms have real world consequences. Because government databases have become so pervasive these consequences can range from being barred from flying on a plane to signing up for the latest video game:

Last weekend Muhammad Zakir Khan, an avid gamer and assistant professor at Broward College in Florida, booted up his PC and attempted to sign up for Epic Games’ MOBA-inspired Paragon beta. Unbeknownst to Khan, however, was that his name name—-along with many others-—is on the US government’s “Specially Designated Nationals list,” and as such was blocked from signing up.

“Your account creation has been blocked as a result of a match against the Specially Designated Nationals list maintained by the United States of America’s Office of Foreign Assets control,” read the form. “If you have questions, please contact customer service at accounts@epicgames.com.”

There’s an interesting series of connections here. The first connection is Mr. Khan’s name appearing in the Specially Designated Nationals list. The second connection is the database, which is used to enforce the United States government’s various sanctions, applying to the Unreal 4 engine. The third connection is the game utilizing the Unreal 4 engine. In all likelihood Mr. Khan’s name was added to the database by an algorithm that adds anybody who has an arbitrarily selected number of characteristics that include such things as last names and religions.

So, ultimately, Mr. Khan was being prevented from signing up for a game because the government believes if they prevent modern video game technology from entering Iran, North Korea, or other countries under sanctions that the citizenry will start a revolution. Being human (or at least somewhat close approximations thereof) the agents charged with enforcing these sanctions chose to automate the process as much as possible, which resulted in a database likely automatically populated algorithmically.

What’s Your Score

Police, even more so than most people, tend to be lazy. And like other lazy people police are trying to replace everything with algorithms. But there is a difference between police relying on algorithms and private entities: algorithms in private hands seldom lead to people being killed. A higher death rate is the only outcome I can see coming from this:

FRESNO, Calif. — While officers raced to a recent 911 call about a man threatening his ex-girlfriend, a police operator in headquarters consulted software that scored the suspect’s potential for violence the way a bank might run a credit report.

The program scoured billions of data points, including arrest reports, property records, commercial databases, deep Web searches and the man’s social- media postings. It calculated his threat level as the highest of three color-coded scores: a bright red warning.

Algorithms that try to model human behavior are notoriously unreliable. Part of this is due to humanity’s lack of homogeneity and part of it is due to data limitations. An algorithm is only as good as the data it is fed. What data is fed into an algorithm is determined by the developers, which means the results often reflect their biases. In this case if the developers viewed gun owners as being prone to violence the algorithm would end up reflecting that.

Usually we don’t pay much attention when an algorithm screws up and recommends a product to us based on our previous purchasing history that we have no interest in. But an algorithm that tries to estimate a person’s threat level to police is going to carry much more dire consequences. There is already a chronic problem with police being too trigger happy. Imagine how much more trigger happy your average cop would be if they were told the suspect is rated high by the threat assessment algorithm. Chances are the officer will go for a shoot first and ask questions later approach.

Theoretically this type of algorithm wouldn’t have to result in such severe consequences but it is being utilized by individuals who are generally not held accountable for their actions. If an officer, for example, received notification that the suspect was rated is highly likely to be violent but knew gunning them down without cause would result in charges they would likely act more cautiously but still not resort to shooting without justification. But that’s not how things are this is will likely end badly for anybody facing off with an officer employed by a department that utilizes this system.

The Great American Outdoor Show Will Be Safer This Year

There has been some disagreement between the City of Harrisburg and the National Rifle Association (NRA). The NRA is hosting its Great American Outdoor Show in the city. In addition to brining a good deal of money to local businesses the NRA is also making a donation to the Civil War Museum. However, the mayor of Harrisburg wants to shutdown the museum so he’s a bit peeved that the cash is going there instead of his gang in blue. Now the mayor wants to exact revenge:

Harrisburg Mayor Eric Papenfuse says Harrisburg City Police will not staff the upcoming gun show, which is sponsored by the NRA.

In the past, the city staffed officers and the NRA made a donation to Harrisburg City Police in return. In 2015, that donation was $50,000.

This year, Papenfuse says the NRA is donating money and most of it is going to the Civil war Museum, which the mayor wants to close.

And in so doing he inadvertently made the event safer. Without the local gang in blue meddling with the event the attendees don’t have to worry about being extorted, assaulted, or kidnapped.

So the secret to hosting a safe event in Harrisburg is to make a donation to the local Civil War Museum instead of the gang in blue.

I Guess The ATF Will Sell Guns To Colorado Now

A lot of statists are unhappy about Colorado legalizing cannabis. In fact a couple of Republican attorneys general have gone so far as to call Colorado a drug cartel:

WASHINGTON — Oklahoma and Nebraska compared Colorado to a drug cartel on Wednesday and again urged the Supreme Court to let them sue their neighbor over its marijuana production and distribution system.

In sharply written arguments, the two states said Colorado “has created a massive criminal enterprise whose sole purpose is to authorize and facilitate the manufacture, distribution, sale and use of marijuana.”

“The State of Colorado authorizes, oversees, protects and profits from a sprawling $100 million per-month marijuana growing, processing and retailing organization that exported thousands of pounds of marijuana to some 36 States in 2014,” the states’ new brief says.

“If this entity were based south of our border, the federal government would prosecute it as a drug cartel.”

Does that mean the Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF) will now give guns to Colorado citizens?