A Geek With Guns

Chronicling the depravities of the State.

Archive for the ‘You’re Doing it Wrong’ tag

Snatching Defeat from the Jaws of Victory

without comments

I guess even the most incompetent, loathsome bastards do something right once in a while:

The Republican-controlled chamber passed the bill by 231-198, in their first major gun legislation since a 2012 Connecticut school massacre.

Republicans said the bill would allow gun owners to travel without having to worry about conflicting state laws.

Just kidding! We’re getting fucked over by this as well:

To make the Concealed Carry Reciprocity Act more palatable, Republicans have included measures to strengthen the national background check system.

Never underestimate the Republicans’ willingness, even with majority control over Congress and the presidency, to snatch defeat from the jaws of victory.

Written by Christopher Burg

December 7th, 2017 at 11:00 am

Fraud is the Status Quo for Government Agencies

without comments

What do you do when you’re a postal service that, in spite of enjoying a legal monopoly on delivering certain types of mail, has troubles making ends meet but also enjoy the immunity that generally comes with being a government agency? You commit fraud, of course:

She told CBS46 her former supervisors at the post office gave her specific instructions to misrepresent delivery times because, she says, they know what’s at stake if Amazon packages are late.

“At 7:15, whatever you have not delivered, pull your truck over to the side of the road and scan every single one of your amazon packages. We cannot have late packages because that will jeopardize our contract with Amazon,” said the former mail carrier.

CBS46 drove around and found a current mail carrier working in a different county who attested to the claims. She also asked to be kept anonymous.

“Basically, we have to falsify the timing, and a lot of carriers don’t want to do that, but we’re mandated to with a direct order,” she said.

While these carriers admit the official records at the post office are being tampered with, their advice to customers is this:

If you know for a fact that your package came late, make a complaint and stand your ground. Most of the handheld scanners that carriers use have GPS records that can be looked up if it comes down to it.

First, the United States Postal Service (USPS) is defrauding the people who ordered the packages because if the package is delivered after 20:00 they get a free month of Amazon Prime. Second, it’s defrauding Amazon by lying about when packages are being delivered. Since the USPS is a government agency there likely isn’t anything Amazon or its customers can do other than stop using USPS in areas where these practices are happening. Even then neither party can stop doing business with USPS entirely because it enjoys a monopoly on delivering certain types of mail. And the USPS has no motivation to fight these kinds of fraudulent practices because it’s a government agency and fraud is the status quo for them.

Written by Christopher Burg

November 30th, 2017 at 10:30 am

Adaptability is an Established Military’s Greatest Weakness

without comments

You may have heard the phrase, “The military is always preparing to fight the last war.” Any military that has been established for a length of time seems to get dragged down by entrenched ideologies and traditions. This leads them to become very rigid. The United States military is a great example of this. During its War on Terror it has clung to its usual tactics, which work well against other large national militaries but are more or less useless against asymmetrical tactics. It has also proven incompetent at information security, which is no a major component in warfare:

After uncovering a massive trove of social media-based intelligence left on multiple Amazon Web Services S3 storage buckets by a Defense Department contractor, the cloud security firm UpGuard has disclosed yet another major cloud storage breach of sensitive intelligence information. This time, the data exposed includes highly classified data and software associated with the Distributed Common Ground System-Army (DCGS-A), an intelligence distribution platform that DOD has spent billions to develop. Specifically, the breach involves software for a cloud-based component of DCGS-A called “Red Disk.”

Don’t get me wrong, I’m all for government transparency and appreciate the military’s current, albeit accidental, dedication to it. However, from a strategy standpoint this is pretty damned pitiful.

Written by Christopher Burg

November 29th, 2017 at 11:00 am

But It Works One Percent of the Time

without comments

Both parties become extremely interested in voter fraud when their candidate fails to win. After Obama’s election the Republican Party was up in arms about voter fraud. After Donald Trump won against Hillary Clinton the Democrat Party was suddenly up in arms about voter fraud. While both parties try to approach the problem slightly differently (the Republicans tend to blame illegal immigrants while the Democrats have been blaming Russia), they both tend to favor terrible solutions. Take this system that will be used in Indiana:

A database system that will now be used by Indiana to automatically purge voter registrations that have duplicates in other states is 99 percent more likely to purge legitimate voters, according to a paper published last week by researchers from Stanford University, the University of Pennsylvania, Harvard, Yale, and Microsoft Research. Using the probability of matching birth dates for people with common first, middle, and last names and an audit of poll books from the 2012 US presidential election, the researchers concluded that the system would de-register “about 300 registrations used to cast a seemingly legitimate vote for every one registration used to cast a double vote.”

The Interstate Voter Registration Crosscheck Program is a system administered by the office of Kansas Secretary of State Kris Kobach—the vice-chair of President Donald Trump’s Presidential Advisory Commission on Election Integrity. Crosscheck uses voter roll data from 27 states—pulled every January by election officials and uploaded to an FTP site—to check for duplicate records across states, based on full name and date of birth, as well as the last four digits of social security numbers where that data is collected by voter registration (which is not consistent from state to state).

Somebody finally did it. They managed to have a higher failure rate than the Transportation Security Administration (TSA).

The Interstate Voter Registration Crosscheck Program is yet another failure on a long list of government failures. Like most entries on that list, the magnitude of the failure was only realized after the “solution” was implemented, which raises the question, who is performing the preliminary studies on these “solutions?” I honestly doubt any preliminary studies are even being performed, which is why the list of failures is so long. A system of this size should have involved a significant amount of testing, including a study like the one mentioned in the article, before it was released.

Statists often wonder why libertarians are so skeptical of government solutions. Part of the reason has to do with the fact that the government often fails to perform due diligence. When government tries to find a solution to a problem it tasks handful of bureaucrats, who usually have no expertise in fields applicable to the problem, with developing a solution. They then outsource the solution to whatever crony offered up the best campaign contributions and then blindly accept whatever product it handed to them. If the solution fails to work, the bureaucrats hold some hearings that might result in some poor schmuck at the crony company being forced to step down (oftentimes to go to work for some lobbyist organization). In the end the crony company suffers little in the way of consequences but enjoys a significant profit from doing the initial work. Needless to say, this environment of no accountability breeds poor solutions.

Written by Christopher Burg

November 1st, 2017 at 10:30 am

First World Problems

with 2 comments

A friend of mine posted the following picture on Facebook:

It really does illustrate a first world problem. Between the militias, III%ers, Neo-Nazis, Antifa, and a handful of other groups there are a lot of Americans who want to be militants. However many (if not most) of these individuals have enjoyed an overabundance of food and a luxurious lifestyle that has allowed them to avoid physical labor so they’re too obese to fight anybody besides other obese Americans.

Written by Christopher Burg

October 31st, 2017 at 11:00 am

A Grim Start to the Week

without comments

This week started on a low note as far as computer security is concerned. The first bit of new, which was also the least surprising, was that yet another vulnerability was discovered in Adobe’s Flash Player and was being actively exploited:

TORONTO (Reuters) – Adobe Systems Inc (ADBE.O) warned on Monday that hackers are exploiting vulnerabilities in its Flash multimedia software platform in web browsers, and the company urged users to quickly patch their systems to prevent such attacks.

[…]

Adobe said it had released a Flash security update to fix the problem, which affected Google’s Chrome and Microsoft’s Edge and Internet Explorer browsers as well as desktop versions.

If you’re in a position where you can’t possibly live without Flash, install the update. If you, like most people, can live without Flash, uninstall it if you haven’t already.

The next bit of bad security news was made possible by Infineon:

A crippling flaw in a widely used code library has fatally undermined the security of millions of encryption keys used in some of the highest-stakes settings, including national identity cards, software- and application-signing, and trusted platform modules protecting government and corporate computers.

The weakness allows attackers to calculate the private portion of any vulnerable key using nothing more than the corresponding public portion. Hackers can then use the private key to impersonate key owners, decrypt sensitive data, sneak malicious code into digitally signed software, and bypass protections that prevent accessing or tampering with stolen PCs. The five-year-old flaw is also troubling because it’s located in code that complies with two internationally recognized security certification standards that are binding on many governments, contractors, and companies around the world. The code library was developed by German chipmaker Infineon and has been generating weak keys since 2012 at the latest.

This flaw impacts a lot of security devices including Estonia’s electronic identification cards, numerous Trusted Platform Modules (TPM), and YubiKeys shipped before June 6, 2017. In the case of YubiKeys, the flaw only impacts Rivest–Shamir–Adleman (RSA) keys generated on the devices themselves. Keys generated elsewhere and uploaded to the device should be fine (assuming they weren’t generated with a device that uses the flawed Infineon library). Moreover, other YubiKey functionality, such as Universal 2nd Factor (U2F) authentication, remains unaffected. If your computer has a TPM, check to see if there is a firmware update available for it. If you have an impacted YubiKey, Yubico has a replacement program.

The biggest security news though was the announcement of a new attack against Wi-Fi Protected Access (WPA), the security protocol used to secure wireless networks. The new attack, labeled key reinstallation attacks (KRACKs, get it? I wonder how long it took the researchers to come up with that one.), exploits a flaw in the WPA protocol itself:

The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor.

Fortunately, KRACKs can be mitigated by backwards compatible client and router software updates. Microsoft already released a patch for Windows 10 on October 10th. macOS and iOS have features that make them more difficult to exploit but a complete fix is apparently in the pipeline. Google has stated that it will release a patch for Android starting with its Pixel devices. Whether or not your specific Android device will receive a patch and when will depend on the manufacturer. I suspect some manufacturers will be quick to release a patch while some won’t release a patch at all. Pay attention to which manufacturers release a patch in a timely manner. If a manufacturer doesn’t release a patch for this or doesn’t release it in a timely manner, avoid buying their devices in the future.

Written by Christopher Burg

October 17th, 2017 at 10:00 am

With “Friends” Like These

with 2 comments

The National Rifle Association (NRA) has a history of supporting gun rights when its convenient but throwing gun rights under the buss when its politically expedient. That being the case, it probably came as no surprise that the organization expressed support for legal restrictions on bump stocks:

The National Rifle Association has called for “additional regulations” on bump-stocks, a rapid fire device used by the Las Vegas massacre gunman.

The group said: “Devices designed to allow semi-automatic rifles to function like fully-automatic rifles should be subject to additional regulations.”

It would have been nice if the NRA would have at least waited until the fight began before capitulating. Not surprisingly, the Republicans have expressed a willingness to implement such a restriction. Despite their rhetoric, like the NRA, Republicans have a tendency to support gun control whenever opposing it becomes politically inconvenient.

Written by Christopher Burg

October 9th, 2017 at 10:30 am

Communication Breakdown

without comments

When you’re filming on location it’s wise to contact the local law enforcers to let them know. It’s also a smart idea to request an officer onsite during the filming. Why would I suggest voluntarily interacting with the police? Because, in the case of on location filming, it could avoid a situation like this:

Police in Indiana fired a gunshot at a man who they thought was a thief on Tuesday, but was actually just an actor playing one.

The incident occurred after Indiana State Police responded to the scene of a possible robbery at Backstep Brewing Co. in Crawfordsville, Indiana, according to Fox 8 Cleveland.

When actor Jim Duff exited the building, wearing a ski mask and holding a gun, police reportedly thought he was the suspect they were looking for.

My guess is that either the film crew didn’t alert the local law enforcers that they would be filming there or they did inform the local law enforcers but that information didn’t communicated down the chain. Having a local law enforcer present could have prevented this since when the other officers arrived at the scene a known individual could have informed them that the “robbery” was being shot for a movie.

There are no absolute rules in the universe. While I normally recommend against voluntarily interacting with law enforcers, there are circumstances where doing so may be the less bad option.

Written by Christopher Burg

September 29th, 2017 at 10:00 am

I Disagree

with 4 comments

It’s no secret that the people living in the United States of America are becoming more polarized. People increasingly refuse to even entertain the possibility that their ideas may not be the only correct ideas. What makes this matter especially bad is that there appears to be an inverse correlation between polarization and disagreement. As a population becomes more polarized, it seems to become less willing to entertain disagreement:

To listen and understand; to question and disagree; to treat no proposition as sacred and no objection as impious; to be willing to entertain unpopular ideas and cultivate the habits of an open mind — this is what I was encouraged to do by my teachers at the University of Chicago.

It’s what used to be called a liberal education.

[…]

That habit was no longer being exercised much 30 years ago. And if you’ve followed the news from American campuses in recent years, things have become a lot worse.

According to a new survey from the Brookings Institution, a plurality of college students today — fully 44 percent — do not believe the First Amendment to the U.S. Constitution protects so-called “hate speech,” when of course it absolutely does. More shockingly, a narrow majority of students — 51 percent — think it is “acceptable” for a student group to shout down a speaker with whom they disagree. An astonishing 20 percent also agree that it’s acceptable to use violence to prevent a speaker from speaking.

These attitudes are being made plain nearly every week on one college campus or another.

Rhetoric and debate are being replaced by religious zeal. An increasing number of Americans appear to be holding their beliefs as infallible scripture. If you disagree with their beliefs, you are seen as a heretic and may find yourself excommunicated or even attacked.

Discussion and debate were once considered a cornerstone of education. You were expected to hold your beliefs because evidence had lead you to them and you were therefore also expected to be able to defend your beliefs from critics using the art of debate. In modern times you are expected to have faith in the beliefs dictated to you by your “betters.” Since people who hold beliefs because they were told to do so have not actually researched their beliefs thoroughly, many people today are unable to debate and thus resort to other tactics, which are sometimes violent.

Admittedly, part of me looks forward to the televised death matches that are the logical conclusion of this polarization. However, I’m already weary of every minor disagreement resulting in screaming matches or physical fights.

Written by Christopher Burg

September 27th, 2017 at 11:00 am

Corporate Welfare Commission Decides Cheap Solar Panels Are Bad

without comments

Big corporations tend to be very friendly with big government because big government can help them monopolize their market. While this process of monopolization is bad for consumers, neither the government nor the corporations that have allied themselves with it give a damn. For example, solar power has become increasingly viable over the years thanks to cheap solar panels. However, these cheap panels are being produced overseas, where the lack of government restrictions makes it more viable to make cheap products. To compensate domestic solar panel manufacturers for the restrictions it put in place, the Corporate Welfare Commission, sometimes mistakenly referred to as the International Trade Commission (ITC), has ruled that overseas panels are a threat to domestic manufacturers:

On Friday, the International Trade Commission (ITC) sided with bankrupt solar panel manufacturer Suniva, voting 4-0 that cheap imported solar panels and modules have harmed domestic panel manufacturers.

The commission now has until November to send recommendations on remedies to President Trump, who will be responsible for either setting a tariff on imported solar materials or finding some other remedy. Given Trump’s promises to bolster American manufacturing, it’s likely that he’ll favor restrictions on solar panel imports.

I’m sure the ITC will settle on a tariff because the other remedy, removing government created restrictions from domestic manufacturers, is unthinkable. What does this mean for consumers? It means us consumers will be paying more for solar panels. This is a bit ironic since the government dumped so much money into encouraging manufacturers to make solar panels affordable in the first place. But what government giveth, government taketh away. It may favor cheap solar panels today and oppose them tomorrow.

Written by Christopher Burg

September 26th, 2017 at 10:30 am