30 September 2014

Encryption, won't make you beyond the law, no matter what some FBI person thinks

Cryptography is your friend. Even if you have nothing to hide, making it hard to uncover that you have nothing to hide is your Constitutional right to be SECURE in your papers and effects.

Contrast that to this response.
The company says its algorithm is so complex that if it ever had to turn over data from an iPhone 6, it would take the NSA about five years to decode it.
Even if Apple is underestimating the NSA's abilities, the principle isn't sitting well with FBI chief James Comey. “What concerns me about this is companies marketing something expressly to allow people to hold themselves beyond the law,” he says. http://www.foxnews.com/tech/2014/09/29/apple-it-could-take-years-for-nsa-to-get-into-your-iphone-6/?intcmp=obinsite
Really?

The head of the FBI has publically come out against people having secure data on a highly portable, easily stolen platform that is used by many for banking and confidential business, legal, and medical communications? As if somehow securing your data on a phone makes you beyond the law?

Hell, all Apple would have to do to shut this guy up is remind him that there is such a thing as HIPAA compliance...

Since we are on the subject of encryption, consider getting a Self Encrypting Drive for your next computer. Use a 32 character password and compute away. http://www.computerweekly.com/feature/Self-encrypting-drives-SED-the-best-kept-secret-in-hard-drive-encryption-security

Also, if you want to encrypt your hard drive now, or encrypt your phone now, those options are already available through software options for Windows and Android (two of the more popular options).

Drive encryption (with links for Mac and Linux included): http://www.pcworld.com/article/2304851/so-long-truecrypt-5-encryption-alternatives-that-can-lock-down-your-data.html

Phone Encryption: http://www.greenbot.com/article/2145380/why-and-how-to-encrypt-your-android-device.html

Comments are open.

28 September 2014

The Rambo problem

The plot of "First Blood" was a small town sheriff picked on someone who decided to fight back. The movie ends when someone talks down John Rambo and convinces him to be taken into custody.

That's how you know it is fiction, the lone guy isn't shot or burnt to death by the ever increasing power of the state forces hunting him down.

http://www.foxnews.com/us/2014/09/27/suspect-in-deadly-trooper-amush-gives-away-location-police-say/

http://en.wikipedia.org/wiki/Christopher_Dorner_shootings_and_manhunt

The similarities here are striking. The suspects in each case failed basic Operational Security and were quickly identified as suspects (Dorner published a manifesto, Frein's car and spent shell casings), each egressed to a rural location where they felt comfortable, and in each case the State quickly pooled resources to hunt down their suspect.

Since I'm not a headshrinker I'm not qualified to diagnose either Dorner or Frein with any sort of mental illness, but expect that to become a similar theme.

So the end of Frein's story is already clear, either he will die by cop, or be captured. So far he hasn't removed himself from the area of operations, didn't build a tribe or support network to escape and evade, and is now plastered on every BOLO (be on the look out) list of every law enforcement agency.

So the lesson to learn here is clear, if you are going to commit a crime don't fail at basic OPSEC. Don't write a manifesto. Don't leave shell casings in your vehicle. Don't use your cell phone. Don't keep trophies.

I don't know why people do these things, but I suspect it is because they want others to know of the rightness of their cause, of how they were so aggrieved that murder was justified, or some other nonsense.

Even Lois Lerner and the IRS had enough sense to destroy evidence to make it harder for investigators.

27 September 2014

The scout rifle

Ruger went ahead and released a "Scout Rifle" in 223 Rem. Certain scout rifle aficionados are less than thrilled.

http://anarchangel.blogspot.de/2014/09/the-scout-rifle-is-officially-dead.html

The requirement for the scout rifle to be capable of bringing down large game goes back to the beginning where the "scout rifle" was an "all purpose" rifle capable of killing men, taking game, and in a handy lightweight platform.

The 223 Rem can and will bring down large game with appropriate bullets and appropriate hunting ranges. Sure it isn't legal to do so in many areas due to caliber restrictions, but that is not a functional concern so much as a societal concern.

In purely military terms, the "scout rifle" as envisioned by Jeff Cooper (I know it wasn't his concept, but he made it popular) was to be used by scouts who didn't need a full battle rifle but did need the ability to make precise shots to serve as dedicated marksmen (the way the German ZF-41 equipped K98 ended up serving as a sniper rifle despite being a true scout rifle).

When you look at it that way, then a 223 Rem "Scout Rifle" makes just as much sense as a 308 Win Scout Rifle. But when you look at it in terms of available alternatives, such as an AR-15 or AR-10, then the scout rifle makes no military sense at all.

It isn't light or accurate enough to justify the bolt action. It doesn't have the rate of fire necessary to provide cover fire in a break contact situation (something every Scout should know how to do, break contact with the enemy instead of being over run or captured).

Don't get me wrong, a Scout Rifle is every bit as lethal as any other weapon, and if I were going to do a lot more hunting than war I'd rather have a scout rifle than an AR-10. If I were getting parachuted into the Alaskan wilderness you can bet that a 308 Win would be in my "bare minimum caliber" requirements.  If I were getting dropped into Colorado or Missouri, well 223 Rem is just fine.

The reason that the Scout Rifle never really caught on in a widespread manner is that it just isn't so many other things. Generalization is not a bad thing, but infantry bolt action rifles went out of style after WWII, and now they exist only in the realm of the sniper. Bolt action hunting rifles have been with us for over a century now, and don't look to be giving up their status as meat getters any time soon, even with a traditional action mounted optic.

To sum it up, the Scout Rifle isn't "dead" so much as it was a "never was." Yes they are useful, not arguing that. Just arguing that they aren't useful enough at any one thing to be better than an AR-15 or AR-10 with an ACOG or MTAC on top for an actual scout. And for the price of a Ruger Scout rifle, it is hard to say no to an AR.

26 September 2014

Why I can't stand Arabic Feminists

If you haven't read the crazy that is Randa Jarrar's piece, "White I can't stand white belly dancers." You don't have to read the whole thing, I'll sum it up for you.

Arabic feminist uses her grrrl power to point the finger of shame at white women for the bad think crime of "cultural appropriation." As if somehow learning to belly dance equals being able to make a nice chicken biryani and be a good third wife to Achmed.

If the irony of an Arabic woman engaging in free speech to tell white women not to appropriate her culture is as delicious to you as it is to me you are grinning right now. I mean really, who is she to come here and enjoy such rights as free speech, equality under the law, and the right to vote? Arabic women didn't do that, so Randa clearly has no problem with "cultural appropriation" when it benefits her. Of course leftists don't believe in equality, it is always "one rule for me, another for thee" with leftists...

Randa, your culture says you are property, that your word isn't worth the weight of a man's word in a court. Your culture says that you aren't a citizen, that you aren't a leader, that you aren't ever to hold any position of authority over any man. Your culture would stone you for being a feminist.

So allow me to remind you of your culture. Shut up Randa, and get back into a burqa. Now what was that teaching about a cat not being responsible for eating uncovered meat again?

21 September 2014

Using a computer is like riding a motorcycle, everyone crashes eventually.

There is no such thing as a truly secure environment.

Whether that is the basic rule of the infantry "continually improve your fighting position" or cyber security "if you are happy with your firewall, so is the enemy."

Suffice to say that in the digital realm, sooner or later you'll screw up and get hacked, or infected with malware, or if not you then someone you are responsible for.

There are things you can do to minimize your digital presence, such as using TAILS and a MAC randomizer. You can use TOR to browse and chat. You can use free email services. You can even use cryptography and steganography to get your message out there.

None of this is illegal until you start doing this to gain illegal access to someone's data. Simply using security tools and trying not to leave footprints is all perfectly legal (at least in the United States, for now, other countries consult an attorney).

After going through some training, I won't say that Linux is more secure than Microsoft any more. I will say that the bad guys largely aren't targeting the Linux users yet. Mac users who put their faith in OS X should reconsider, or at least look through the Metasploit library for all the known vulnerabilities.

If you are going to use a computer on the internet, then you really should harden your computer as best you can.

If I were to describe a well hardened machine, it would look something like a normal computer with a high end processor and lots of ram so it can run virtual machines (like VMware or Virtual Box) running a host intrusion detection system (Snort, Kismet, or OSSEC for example), anti-virus (pick your flavor), and file integrity checker (like Tripwire), and the Operating system would have a MAC randomizer, with a browser set to delete all cookies and FLUSH the DNS record after every browsing session.

Even on top end hardware that computer software load would run significantly slower than a computer just set up for being used. But how paranoid are you? How much is your data worth? Are you storing that data on a computer that you ever connect to any network?

Good luck in hardening your computer. And back up your data.

Comments are open.

18 September 2014

Truth and Falsity

In science a well designed experiment determines if the hypothesis is false. If the hypothesis is not proven false, then the assumption is that the hypothesis is true until proven otherwise.

Notice that there is nothing about "consensus" in that definition. Things aren't true because of agreement.

But when you can't separate truth from falsehood, odds are the situation is just "complicated." Sometimes the evidence isn't very clear, and the phenomena you are interested in occurs on too long of a time scale to be experimented on, or the study population would be unethical to conduct experiments on.

These things are the contentious issues like "Global Warming er, I mean 'Climate Change' caused by carbon dioxide" and the ever present anti vaccine movement.

CO2 does interact with the IR spectrum. The skeptics aren't denying that. The skeptics are the ones questioning how CO2 has to be both a warming agent and a cooling agent for the global warming computer models to be correct. When something starts violating the laws of thermodynamics based on partial pressure explanations you should feel your BS detector start flagging into the red.

Vaccines are contentious because there are risks either way, and there isn't a good way to quantify those risks. So far their haven't been mass deaths due to plagues caused by vaccine preventable diseases coming back, but there have been higher rates of infection for those diseases. People can make the "public health care" argument all they want, but at the end of the day people are still individuals. Vaccines are effective, but not 100% effective, and they have risks associated with them too, so it is almost impossible to give someone a good set of Vegas style odds to inform them of the pros and cons. There are simply too many variables to make the math easy.

As of late I've been accused of "being on the other teams side" when I point out a crappy argument made by people I agree with. But, just because I agree with your point doesn't mean your argument isn't crap.

But, the next time someone tells you that something is true because X number of scientists agree, please remind them that:

A consensus of scientists reportedly agree that GMO foods are just as safe as conventional crops.

A consensus of scientists reportedly agree that vaccines are safer than not being vaccinated, and that the CDC schedule of vaccines is not too aggressive.

A consensus of scientists reportedly agree that anthropogenic global warming is a problem, and that we should give governments much more control over our lives to fix problems like the arctic being ice free by the summer of 2013.

I haven't met anyone yet who believes all three of those statements are really true. Most conservatives believe two out of three, and most liberals believe two out of three, and most dingbat 'lympians believe one out of three. Consistency may be the hobgoblin of small minds, but it is one way to spot a bs argument.

In the search for truth, you need a well tuned BS detector.

15 September 2014

Bring it on.

Once again the "fairness at all costs" crowd has succeeded in opening up more opportunities for women to act like men.

In this case, it is a preliminary study on women in Ranger school.

http://www.armytimes.com/article/20140912/NEWS/309120058/Women-invited-apply-Ranger-School

Bring it on.

The Army is casting the net far and wide for this one. They will take only the cream of the crop of female Soldiers to ensure that this has every chance of success. You can bet that only those with Olympic level athleticism will be chosen to attend.

Bring it on.

Half the men who start don't finish. Yes mostly it is because of failing to meet standards, and tiny heart syndrome.

Bring it on. Make the women achieve the same standards. Make them go through the peer review process. Grade them to the same standard as every other Ranger in the school.

You know the school where if your subordinate fucks up when you are in a leadership position it is your fault, and your patrol that gets rated as a failure?

If they compromise the standard to let women through then shame on them. If they make like the USMC did with their Infantry Officer Basic School, where all the women failed because they didn't change the standard, then so be it.

http://www.washingtonpost.com/opinions/fourteen-women-have-tried-and-failed-the-marines-infantry-officer-course-heres-why/2014/03/28/24a83ea0-b145-11e3-a49e-76adc9210f19_story.html

And if you care to read a better response: http://www.dontevercallmeahero.com/2014/04/09/2nd-lt-santangelo-promised-rose-garden/

I earned my tab. I got a yeast infection. I got cellulitis. I smelled like a corpse and looked like the walking dead. I took a double recycle to stay in the course so that my 62 day training event stretched out to 117 days. But ten years and one day after I signed my first enlistment contract my wife pinned a black and gold tab to my left shoulder.

So bring it on. If there are any women out there who volunteer to meet the Ranger standard, go for it. I'm convinced there will be women who can make it. But I'm also convinced that the women who could make it are smart enough to avoid it.

Men go to Ranger school to get a tab, or to meet peer pressure, or even for the illusion of being "elite." Many call it a right of passage, and it is if you are in the infantry. There are two types of Infantry Officers, those who have a tab and those who are working to get a tab. I knew one douchebag who was given five chances at Ranger school before he earned his tab. After OBC, before the Career Course, after the Career Course, and twice from the same unit. He finally passed, West Point Protection Society made sure he got enough chances.

But just like opening Airborne School didn't turn the 82nd into a bunch of pansies opening Ranger school to women won't turn the 75th Regiment into a bunch of hippies. What it will likely do is make the training easier for everyone. I went through Airborne school twice. Once in 1998 where I was injured on a jump, and again in 2007 where I earned the silver wings. It was easier in a time of war, there wasn't room in the budget to fail people for dumb crap.

But if Ranger school is to be prestigious it cannot waiver on standards. The Sapper school has been used as a model for integrating women into combat training. But even after a decade of gender integration:
Though the sapper school's training of women has become a sort of social experiment, it wasn't designed to be. It was opened to women in 1999 because these soldiers were already allowed into the engineering field, and the Army simply concluded that all junior leaders - men and women - should be given an opportunity to attend the elite course.
In the ensuing 14 years, 55 women have graduated from the course out of 147 who have attended. Marine Capt. Katie Neff, 28, graduated No. 1 among all students in a class last summer.
http://archive.jacksonsun.com/usatoday/article/1954149
I doubt that Ranger School could even match those numbers. The rucks are heavier, the marches are longer, Mountain Phase, the training over twice as long, and even having a Sapper tab is no guarantee of success in Ranger school (although Sappers generally do very well in Ranger school).

So how wide can the net be cast to get women into Ranger school? Well there are at least 55 Sapper tabbed women in the eligibility pool.

Bring it on.