A Geek With Guns

Chronicling the depravities of the State.

Archive for the ‘You’re Doing it Right’ tag

More Effective than Voting

without comments

The French government decided it was going to bleed its subjects a bit more by passing a fuel tax hike. This didn’t go over well. By “didn’t go over well” I don’t mean the usual American response where people scream bloody murder and claim they’re going to vote the responsible parties out of office when the next election rolls around, I mean shit was literally on fire. In response the French government has reconsidered the hike:

Fuel tax rises which had led to weeks of violent protests in France have been suspended for six months.

PM Edouard Philippe said that people’s anger must be heard, and the measures would not be applied until there had been proper debate with those affected.

Smart move. Considering France’s history, the next step in the protest would have likely involve guillotines.

Written by Christopher Burg

December 4th, 2018 at 10:30 am

Unexpected Microsoft

without comments

Microsoft has been making all sorts of unexpected moves in the last few years. The company released Visual Studio Code, which is not only an excellent code editing environment but available under the open source MIT License. In addition to that, Microsoft also released an open source version of its .NET framework and Windows Subsystem for Linux. Needless to say, it’s becoming more difficult to hate the company lately.

Now to top it all off it sounds like Microsoft is going to abandon its customer HTML rendering engine and replace it with Chromium:

Because of this, I’m told that Microsoft is throwing in the towel with EdgeHTML and is instead building a new web browser powered by Chromium, which uses a similar rendering engine first popularized by Google’s Chrome browser. Codenamed “Anaheim,” this new browser for Windows 10 will replace Edge as the default browser on the platform, according to my sources, who wish to remain anonymous. It’s unknown at this time if Anaheim will use the Edge brand or a new brand, or if the user interface (UI) between Edge and Anaheim is different. One thing is for sure, however; EdgeHTML in Windows 10’s default browser is dead.

I have mixed feeling about this. On the one hand, it’s good to see Microsoft moving towards an open source rendering engine. On the other hand, I don’t enjoy seeing the rendering engine market turning into a duopoly (with the only major non-Chromium engine, Firefox’s, having a paltry percentage of market share).

Watching Microsoft do an about face from being the satanic figure to the open source community has been fun to watch. It probably is the greatest testament to the viability of open source software out there.

Written by Christopher Burg

December 4th, 2018 at 10:00 am

The Best Timeline

without comments

Tuesday’s election resulted in a prisoner, dead pimp, and man with a thing for Bigfoot erotica all winning offices. We truly do live in the best timeline.

Written by Christopher Burg

November 8th, 2018 at 10:00 am

Deafening the Bug

with 2 comments

I know a lot of people who put a piece of tape over their computer’s webcam. While this is a sane countermeasure, I’m honestly less worried about my webcam than the microphone built into my laptop. Most laptops, unfortunately, lack a hardware disconnect for the microphone and placing a piece of tap over the microphone input often isn’t enough to prevent it from picking up sound in whatever room it’s located. Fortunately, Apple has been stepping up its security game and now offers a solution to the microphone problem:

Little was known about the chip until today. According to its newest published security guide, the chip comes with a hardware microphone disconnect feature that physically cuts the device’s microphone from the rest of the hardware whenever the lid is closed.

“This disconnect is implemented in hardware alone, and therefore prevents any software, even with root or kernel privileges in macOS, and even the software on the T2 chip, from engaging the microphone when the lid is closed,” said the support guide.

The camera isn’t disconnected, however, because its “field of view is completely obstructed with the lid closed.”

While I have misgivings with Apple’s recent design and business decisions, I still give the company credit for pushing hardware security forward.

Implementing a hardware cutoff for the microphone doesn’t require something like Apple’s T2 chip. Any vendor could put a hardware disconnect switch on their computer that would accomplish the same thing. Almost none of them do though, even if they include hardware cutoffs for other peripherals (my ThinkPad, for example, has a build in cover for the webcam, which is quite nice). I hope Apple’s example encourages more vendors to implement some kind of microphone cutoff switch because being able to listen to conversations generally allows gathering more incriminating evidence that merely being able to look at whatever is in front of a laptop.

Written by Christopher Burg

November 1st, 2018 at 11:00 am

Good News from the Arms Race

without comments

Security is a constant arms race. When people celebrate good security news, I caution them from getting too excited because bad news is almost certainly soon to follow. Likewise, when people are demoralized by bad security news, I tell them not to lose hope because good news is almost certainly soon to follow.

Earlier this year news about a new smartphone cracking device called GrayKey broke. The device was advertised as being able to bypass the full-disk encryption utilized by iOS. But now it appears that iOS 12 renders GrayKey mostly useless again:

Now, though, Apple has put up what may be an insurmountable wall. Multiple sources familiar with the GrayKey tech tell Forbes the device can no longer break the passcodes of any iPhone running iOS 12 or above. On those devices, GrayKey can only do what’s called a “partial extraction,” sources from the forensic community said. That means police using the tool can only draw out unencrypted files and some metadata, such as file sizes and folder structures.

Within a few months I expect the manufacturer of the GrayKey device to announce an update that gets around iOS’s new protections and within a few months of that announcement I expect Apple to announce an update to iOS that renders GrayKey mostly useless again. But for the time being it appears that law enforcers’ resources for acquiring data from a properly secured iOS device are limited.

Written by Christopher Burg

October 26th, 2018 at 10:30 am

Reduced Competition

without comments

Pat Robertson appealed to the people of the United States to overlook the Saudis’ minor transgression of butchering a journalist because a $100 billion weapons sale was on the table. Not only does it appear as though those weapons sales will continue but there may actually be more! One of the United States’ competitors has announced its intention of pulling out of future arms deal with Saudi Arabia:

BERLIN — In a move that could put further pressure on President Trump to stop arms sales to Saudi Arabia, German Chancellor Angela Merkel announced Sunday evening that her government would not approve new arms exports to the kingdom until further notice.

If the United States can exploit Germany’s decision, it could ensure that Germany never gets another arms deal with Saudi Arabia. That would put the United States one step closer to being the despotic regime’s sole arms dealer! U-S-A! U-S-A! U-S-A!

Written by Christopher Burg

October 23rd, 2018 at 10:00 am

Posted in Politics

Tagged with ,

The End of TLS 1.0 and 1.1

with one comment

Every major browser developer has announced that they will drop support for Transport Layer Security (TLS) 1.0 and 1.1 by 2020:

Apple, Google, Microsoft, and Mozilla have announced a unified plan to deprecate the use of TLS 1.0 and 1.1 early in 2020.

TLS (Transport Layer Security) is used to secure connections on the Web. TLS is essential to the Web, providing the ability to form connections that are confidential, authenticated, and tamper-proof. This has made it a big focus of security research, and over the years, a number of bugs that had significant security implications have been found in the protocol. Revisions have been published to address these flaws.

Waiting until 2020 gives website administrators plenty of time to upgrade their sites, which is why I’ll be rolling my eyes when the cutoff date arrives and a bunch of administrators whine about the major browsers “breaking” their websites.

Every time browser developers announced years ahead of time that support will be dropped for some archaic standard, there always seems to be a slew of websites, include many major websites, that continue relying on the dropped standard after the cutoff date.

Written by Christopher Burg

October 17th, 2018 at 11:00 am

The First Candidate with a Convincing Argument

without comments

John McAfee is the first presidential candidate for this election cycle with a valid argument for electing him:

.@VerminSupreme and myself at the 2016 Libertarian National Convention. If that one chance in a trillion that I could be elected president actually happens, I will stand down and be replaced by him. Vermin would be the best president ever.

This looks like a winning team to me:

Written by Christopher Burg

October 12th, 2018 at 10:30 am

Posted in Politics

Tagged with ,

The Power of Not Voting

without comments

People like to talk about the power of voting but few bother to mention the power of not voting:

BUCHAREST (Reuters) – A referendum to change Romania’s constitution to prevent same sex couples from securing the right to marry failed to draw enough voters to validate the result on Sunday, after a campaign that led to a rise in hate speech against the gay community.

[…]

Dozens of human rights groups had said a successful referendum would embolden further attempts to chip away at the rights of minority groups and push Romania onto a populist, authoritarian track.

They have encouraged people to boycott the ballot, with several companies and popular musicians and artists following. A library chain even offered a book discount over the weekend for those who wanted to stay in and read rather than vote.

If voter turnout had been higher, the referendum may have passed. Since not enough people bothered to show up to validate the results, the referendum couldn’t pass.

Governments that describe themselves as democratic prefer to make it appear as though their power is endorse by “the people.” That means that they like to see high voter turnout. If a vast majority of people go to the polls during an election, a government can argue that it enjoys the endorsement of the majority of “the people.” If almost nobody shows up during an election, a government has a much tougher time making that claim.

Written by Christopher Burg

October 9th, 2018 at 10:00 am

Properly Warning Users About Business Model Changes

without comments

I have an update from my previous article about how the developers of GPGTools botched their changeover from offering a free software suite to a paid software suite. It appears that they listened to those of us who criticized them for not properly notifying their users that the latest update will change the business model because this is the new update notification:

That’s how you properly inform your users about business model changes.

Written by Christopher Burg

October 3rd, 2018 at 10:00 am