12 January 2015

Russia, Europe, and cost.

Five years ago I wrote how the US Army could close down bases in Europe. http://randomthoughtsandguns.blogspot.de/2010/12/why-us-can-close-bases-in-europe.html#disqus_thread

That analysis stayed valid up until our allies in NATO saw Russia nibble at the Ukraine. Ukraine is not a member of NATO.

The brigade math now stands as this, the 173rd Airborne based out of Vicenza, Italy, and the 2nd Cavalry Regiment (Strykers) based out of Vilseck, Germany.

Two of the Brigades that were here in 2010 are no longer with us. They have been inactivated as part of the drawdown from the War on a Noun.

But fundamentally the math has not changed significantly. Russia could easily bowl through the Baltics, but for what purpose? Triggering a NATO response is a surefire way to start a war that no one wants. Not even Russia.

The current state of "Persistent Training Missions" to our European allies puts a whole Companies worth of troops on the ground. In countries where a Russian Division or two sits across the border.

What has changed is the political considerations. Our allies feel better with us having troops in Europe, which only reinforces the truth that Clausewitz pointed out, "War is a continuation of politics by other means."

So for the foreseeable future a new Cold War is brewing. It didn't start in Georgia. It honestly didn't even start in the Ukraine. It started in the Arab Spring, and specifically in Syria.

I still think that China is the bigger threat to Russian hegemony, although I don't think that the Chinese will go on the warpath to acquire brides for the 20 million Chinese men who can't find a Chinese wife. I think China will continue to seek a "mail order bride" solution and open up their country to more travel and trade. I don't think Russian women are all that interested in being a Chinese trophy wife, at least not on a large scale.

But, in the short term, both Russia and China are looking to the United States and the European Union as adversaries, and so provide mutual support for each other in the face of crippling economic sanctions.

So we still have units in Europe, and we will have units in Europe for at least the next few years as Soldiers from the 173rd and 2nd Cavalry Regiment share duties with a rotational stateside Brigade to train with our allies, without violating our non-binding agreement to not establish permanent bases in eastern Europe that we made with Russia.

The current situation is designed to be a compromise between reassuring our allies, and not provoking Russia so that the diplomats and political leaders can keep talking.

So until the powers that be figure out how to ease tensions (not going to happen with the way Russia has been acting), Army bases in Europe are here to stay.

08 January 2015

Paris, and why everyone who believes in freedom of sarcasm is Charlie Hebdo

Writing about killers is one of the most coldly analytical things I do. To learn lessons, and to spot patterns, it is imperative to think, observe, and think some more. Emotions have no place in the analysis, no matter how dreadful the reality of the situation turns out to be. Whether that is the Holocaust or a school shooting, if you think emotionally (you can't think emotionally really, you can only feel emotionally which isn't thinking) you will miss facts and patterns in the facts.

The Columbine murderers killed 13 with two shooters.

Nidal Hassan killed 13 at Fort Hood by himself.

The Paris terrorists killed 12.

What separates the Paris terrorists is that they didn't plan a suicide mission like the Columbine shooters or Hassan. The two suspects, brothers, are still at large as I type this.

The suspects are Cherif Kouachi, 32, and Saïd Kouachi, 34. There are over one million Algerians living in France, so the guerilla "a fish swimming in the sea of the people" is a very possible tactic by the brothers to avoid capture. The passive support of all the people, the so called "moderates" would horribly inconvenience authorities looking to serve justice.

What bothers me is that the shooters didn't know where they were going, and had to force a woman at gunpoint to get to their target. This means that despite the "military style training" the press keeps referencing the men did not bother to do an actual recon of their target. Weapons handling and familiarity may be required military skills, but they are not unique to that profession.

The escape plan involved abandoning one vehicle and stealing another. They did not kill the driver of the vehicle they carjacked, which means they have probably abandong the Renault Clio they stole and transitioned to another vehicle.

The manhunt continues. Once things settle down I'll see if the one guy I know in the French military has any information to share, even if it is just his opinion.

Now the World Trade center had been bombed before airplanes crashed into it. Charlie Hebdo had been firebombed in 2011 without casualties. In 2007 a group of muslims brought a lawsuit against the magazine for insults to islam.

The pattern is clear, lawsuit was innefective so a firebomb was used. The firebomb proved ineffective so shooters were used.

Once something is targeted by Muslims, evidently it stays targeted.

What is worrisome is that they have so far lasted further evading authorities than Tim McVeigh. But will they last as long as Dorner? Who knows, the future is unwritten.

But anyone who has been sued by a muslim for defaming the prophet, better carry a gun.

Update 1: The suspects have holed up in a printing factory, with hostages. They did not make it out of France, and evidently did not have a safe house planned as part of the escape route. The message to French authorities is that they want to be "martyrs" but taking hostages makes that statement a lie, as it would be easy to die a martyrs death by killing the hostages and forcing a tactical entry.

05 January 2015

Fake cell towers, IMSI grabbers, and how to secure communications through an unsecure medium

A few months back, the "fake cell tower" story hit the tech news, and I wanted to blog about it then, but I didn't have my thoughts in order. I think my readers understand how unsecure cell phones are, so they don't need me to remind them that anything they say is probably being recorded, filtered, and analysed by people they would rather not be doing those things. I put it on the back burner to simmer for a while, and I think I've got my thoughts in enough order to describe things in a way that people not familiar with communications technology can appreciate.

For back story, unregistered cell towers have been found outside military bases, major metropolitan areas, and no one knows who they belong to:



So the basic problem of any sort of routed communication is simply privacy, but add in cell phone technology and you also run into problems of geo location as a side bonus.

So problem one, geolocation.

I can't do anything about the geolocation if you use a cell network, if you use it you can be found. The data received from the timing advance on the hardware handshake will let anyone with access to the towers pinpoint your location down to an area about half a kilometer square. It will not give them a high precision GPS fix on your phone if you have the GPS turned off (through software or hardware hack). Geolocation using timing advance comes from the network side of things, there is nothing you can do about it but not use the network.

Separate from spoofed towers are IMSI grabbers. IMSI grabbers track down the physical location of a device. There is no defense against this other than turning the device off completely so that it cannot do a hardware handshake with the IMSI device spoofing a tower. Putting your phone in "airplane mode" will do it for a smart phone. If you think you're phone operating system has been compromised with trojan software, turn it completely off and remove the battery. But the technique is to kick your phone off the tower so that it has to renegotiate a handshake, and when it does it emits, and the IMSI grabber tells the guy holding the box whether he is neared to you or further away. A series of these "knock off, listen for handshake" events happen like a game of electronic "marco polo" until the cops kick in your door because they pinpointed your cell phone.

One way to detect if your phone is going through a bunch of hardware handshakes is to place them on top of a live speaker where the feedback of "duh dut, duh dut, duh dut" beeps comes out through feedback. If you get a bunch of beeps all at once, either you are receiving a text message or someone is kicking you off the network (or your connection sucks and must be constantly negotiated).

So ignoring the geolocation problem, lets talk about the privacy issue.

Communications intercept technology has been going on since the first telegraph wires were tapped. In my experience wired communication is no more secure than wireless communication. But, if everything is so unsecure, why do we use routed networks for phone and data?

Because it is the cheapest way to get things done, and we mitigate the intercept/eavesdropping risk using encryption. Much like British analysts tracked German military movements by the "hand" of German telegraph operators even when they couldn't decrypt the actual message, they knew who was talking to whom and from where even if they didn't know what was being said.

Encryption using a cell phone can do that. Signal encryption between the cell phone and the cell tower is built into the cellular standards. The odds of anyone with a plain receiver tapping into your conversation is taken care of, they would have to capter the signal and run it through a decryption scheme that can crack the codes. This has been done, but it is very difficult to do in real time.

So instead of spending the money to build a signal cracking computer mated to a radio to listen in on cell phone calls, it is much easier to spoof a cell tower, because the encryption keys are part of the hardware handshake between reciever and tower now you have the conversation in plain text. That is why law enforcement uses devices that spoof towers.

So what is the solution? How do you use an untrusted network to transmit secure communications? You use end to end encryption instead of relying on link encryption. This isn't a perfect solution, but it is basically the same as a Virtual Private Network (VPN), except instead of using a direct internet pipeline with IP tunneling, you use the cell phone network with clear dialing and payload encryption.

There are a number of aftermarket programs for smart phones that provide end to end encryption for text, and now for voice. You can find a list to get started at this link.


For what it is worth, I use text secure and redphone, and have been happy with both.

With the cost of cheap pre paid Android smart phones down into the "burner" cost range, there is no reason to not have secure end to end encryption between devices. This isn't to say that Android is more secure than Apple iOS or Windows Phone, it isn't, but that the price point is cheap enough because of the open source nature to allow secure end to end communication without costing an arm and a leg.

Comments are open, if you have any questions feel free to ask.

04 January 2015

Health care, quality and cost. TANSTAAFL

There are very good reasons that American health care costs more than the rest of the world. Some people like to say that there aren't very good reasons, and that there are only bad reasons such as "corporate greed" or other such nonsense. To illustrate those very good reasons, we first need to ask a series of questions.

Would you?

Rather have the right to sue your doctor for malpractice, or pay less money to receive care from your doctor?

Rather have access to immediate healthcare and damn the costs, or access to a wait list and mind the costs?

Rather have the choice to spend money on unproven therapies, or be restricted to only what the state deems is "means proven"?

Rather have the ability to pick any medical insurance you think you need, or let someone else decide what is appropriate for you?

Rather be able to purchase any drug prescribed to you, or be restricted to a pharmacy formulary designed to reduce costs?

Rather have experiemental drugs/procedures continually researched, or pay only for the proven methods we already have?

That is only six of many options, but every time you chose the first option you chose the system we have now, and every time you chose the second option, you chose a feature that is part of "universal health care."

When you have millions of people, making millions of choices, and casting millions of votes, you end up with a mishmash of everything.

And worse than no government intervention is ineffective and counterproductive government meddling. Which is what we have today, ineffective government meddling in the healthcare industry.

People want to be able to sue for malpractice. This raises insurance costs for providers. Providers then have an economic incentive to practice defensive medicine that costs insurance companies more so that they look competent during a potential future lawsuit. Because there are more tests to run practicing defensive medicine, there are more people involved in the paperwork who have to draw salary. By not choosing meaningful tort reform, we have collectively chosen higher prices by direct and second and third order effects.

Every time you choose the best care for yourself, you are choosing higher costs for all of us. That is not a bad thing really. The last year I can find numbers we wasted 33.9 Billion dollars on "Complementary Alternative Medicine" that is nothing more than nostrums, hokum, and chicanery.

On the flip side, LASIK is so affordable now that people routinely pay out of pocket to get lasered in the face. No government price control schemes on that elective procedure. Of course it is a procedure, not a diagnostic battery of tests, has a definite treatment course, and features very few complications. Not all of medicine is so neat.

LASIK would also not be developed in places like the UK or Canada where medical research has little to no economic benefit to anyone involved. Profit is a powerful motivator, and it has motivated American medical research to be the world leader. Less than five research hospitals in America and you have a budget equivalent to the entire Canadian health care research budget.

Now that isn't to say that we can't do things to start driving down the cost of healthcare in the United States, and personally I think tort reform is the low hanging fruit.

But, you have to know that by doing so, you are going to lose the right to sue the crap out of the surgeon who left a clamp in you after that quadruple bypass.

03 January 2015

Getting away with murder

Two men sat on a clear cut hillside far away from civilization. A convenient stump served as a chair for one, and another stump as a rifle rest for another.

Richard snapped the Handi Rifle back together, screwed the silencer on, and shouldered the rifle. Opening his eyes Richard opened the breach and paused. The forend stock piece on the barrel had been modified that it would no longer stop the rifle from full disassembly when installed, simply shaving a bit off the back end made it very quick to break the rifle down, or put it together.

It started out as a bit of fun really, just research for his latest hard boiled detective novel, about a contract killer and the forensic investigators who track him down. Richard hadn't decided how the novel should end.

The killer in his story needed to be a ghost. A master of poison, sniping, driving, planning, knowing how to make a death look like an accident, or look like a murder depending on the client's wishes and pocketbook. But the deeper his research took him, the more parallels he saw to reality.

Richard pulled out the 358 Winchester hand loads. A pistol bullet in a rifle case, matched to a 16" barrel with a twist and rifling identical to a standard Beretta service pistol. A polygonal barrel glock style would have been better, but it was easier, and more anonymous, to order a standard rifle barrel.

At the muzzle velocity Richard checked over his chronograph he knew that to duplicate handgun wounds the target would need to between 250 and 400 yards. The 125 gr full metal jacket pistol bullet was slightly undersized for the bore, but accuracy had proven acceptable for chest shots at those ranges, and no one expected clean headshots from pistols anyway, not when the normal suspects would be rival gang members or mafia hit men.

Richard slid the round into the chamber, and closed the breach. The 2-7x32 optic was maxed out at 7x, and zeroed for 300 yards. Three football fields away a target was simply a helium balloon on a string. Carefully noting the wind indicators Richard eased up the slack on the trigger. Careful honing made the trigger better, but it wouldn't ever break as clean as a true match trigger. Today that didn't matter, as the rifle coughed through the suppressor the pistol bullet flew through the air, curving in the crosswind to barely graze the balloon, popping it just as Richard got the scope back on target.

"Good shooting." Detective Lee Jung commented. "And you think this is how old 'Teflon Ted' was really killed last year?"

"I can't prove it." Richard replied, opening the breach, removing the spent casing, and quickly disassembling the rifle into two pieces and unscrewing the suppressor from the muzzle. Each piece fit into a normal sized brief case lined with foam. "But it fits the facts of the case as I know them, at least what you guys have let leak through the press."

"Nobody heard anything. Not unusual when a known crook gets whacked everybody seems to have been somewhere else at the time, but this time it was the middle of the day, and no one saw a car, no one saw anything suspicious, and half the houses around here have video surveillance installed." Richard snapped the briefcase shut.

"Now I know we are out in the middle of a state forest, but that shot recreated the possible shot from at least three houses in Ted's neighborhood." Richard continued. "One of them was empty, for sale, the other two currently occupied, but one of the couples living there was on vacation, fifteen year anniversary. That means two possible shooting locations that were well outside a normal police investigation ring. I know, I checked with the couple that was home that day, the police never stopped by to take a statement."

"Well bravo Mr. Holmes." Detective Lee said sarcastically. "For your next trick would you like to give me a name and address so I can go ball him up?"

"I wish I could." Richard replied. "But it's been a year, it took me six months to figure out how to kill someone with a pistol bullet when no one saw or heard a pistol shooter. I had to go to some crazy places on the internet to figure it out. Places where normal people just don't go."

"But you've got a real professional out there somewhere." Richard spoke evenly. "Teflon Ted, Three Finger Joe, even Brad the Butcher. Three different deaths, same organization, no witnesses, no clues."

"How do you figure Three Finger Joe? Coroner said it was a heart attach?" Detective Lee asked.

"I may have bribed someone for a toxicology report, Joe had a known heart condition, but he didn't have a prescription for digitalis, which was found in his system." Richard replied. "The coroner wrote it off as 'seniors sharing pills' but I think someone used it to make murder look like natural causes."

"And Brad the Butcher?" Detective Lee asked, frowning.

"Single car accident." Richard explained. "Everybody wears seatbelts, but not Brad?" Richard paused to collect his thoughts, "I tried to find out if the buckle had been tampered with, but the car had been scrapped."

"And you used that crime writer mind of yours to spin all these facts together to make some super assassin?" Detective Lee asked.

"Yes, but the deeper I dug the more it made sense." Richard explained. "I did a line wire diagram of relationships in known criminal organizations and cross referenced for all deaths in the last five years. In this state middle managers and leaders have been dying outside of statistical norms according to a friend of mine who works insurance."

"What does insurance have to do with this?" Detective Lee chuckled.

"Actuarial tables, the kind insurance agents use to determine if someone is a good risk to sell insurance to." Richard continued, "One death outside the norm is a fluke, two is suspicious, three has to be enemy action, right?"

"Or, as they say, shit just happens." Lee responded.

"True, shit just happens." Richard replied, "But the deeper I dug, the less it looked like a financial thing. Murders for hire are pretty cheap on the deep web, and killing someone yourself isn't all that hard if you are really motivated. Whoever this guy is, he isn't doing it for money, it's like he has a personal beef against these guys. Why else would he be active over a number of years, using different methods?"

Richard's mouth started talking faster than his brain. "So it's like maybe he started with fooling the forensics teams, some sort of guy who knows cop procedures inside and out, like 'Dexter' hiding in plain sight."

Richard stopped. His face went pale, and turned to Detective Lee. "You joined the gang task force about a year before the first death."

Detective Lee's face went blank. "Now ain't that a coincidence."

31 December 2014

Smart people with dumb ideas.

Intelligence, as measured by IQ, isn't a measure of being right. It is a measure of how likely you are to succeed in an endeavour you undertake. So while Gruber is intelligent, that doesn't mean he is right, and very intelligent people can often have very wrong ideas. Not there fault really, sometimes people are just taught wrong. Look at the generations of Communist scientists and engineers who kept the creaky USSR going until it finally collapsed under its own economic foolishness?

Read the following quote.
“The problem is it starts to go hand in hand with the mandate; you can’t mandate insurance that’s not affordable. This is going to be a major issue,” Gruber admitted in an October 2, 2009 lecture, the transcript of which comprised the policy brief.

“So what’s different this time? Why are we closer than we’ve ever been before? Because there are no cost controls in these proposals. Because this bill’s about coverage. Which is good! Why should we hold 48 million uninsured people hostage to the fact that we don’t yet know how to control costs in a politically acceptable way? Let’s get the people covered and then let’s do cost control.”
Just to put that into perspective, imagine a party of twenty, all from various backgrounds, some unemployed, all going into a restaurant to share a meal.

How are we going to feed everyone? Doesn't matter that we couldn't do it before because we never figured out how split the bill, lets just everyone order and we'll figure out how to pay the restaurant later.

That is the level of stupidity in "buy now, figure out how to pay for it later" doesn't work in any case I can think, remember, or imagine.

I guess when money magically appears when you need it, someone always bailed you out before, "you didn't build that", maybe it makes sense.

Keynesian economics is all about increasing demand before you increase supply to stimulate an economy. Keynesian economics works when there is idle supply. But what happens when there is scarcity of supply?

Well, basic economics says that when supply is finite, and demand increases, then prices will increase as the people pay more for what supply there is.

Anyone in the medical field will tell you that there are only so many primary care physicians to go around, according to kff.org http://kff.org/other/state-indicator/total-active-physicians/ there are 425,032 active primary care physicians in the United States.

The Affordable Care Act did nothing to make more health care providers. But it did make more insured, and so basic economics saw prices increase. Of course how you measure the cost increase is subject to quite a bit of debate. Forbes dot com posted in 2013 about how the ACA caused a 41% increase in premium prices, then crowed about how prices in 2014 had only raised on average 5% over the previous year. Crazy to think that the largest premium spike in memory followed by a smaller than normal would be "good news" except in our amnesiac news cycle. The leveling off tells me that the market price has correct for the increase in demand without a concurrent increase in supply.

Welcome to the new normal.

Helping new shooters choose a holster.

If you carry in condition one, in a proper holster, and have trained on safe handling procedures, drawing from your concealed carry position, and worked to master the skills needed, that is great. This post is not for you unless you are also a trainer of new shooters (or a trainer of old shooters who have unsafe handling habits).

Colin Noir made a joke that you might be a gun person if your first holster was an "Uncle Mike's." I had to chuckle at that. Uncle Mike's has the market cornered on cheap black nylon it seems.

But the truth is that I, like a bunch of other people, went out and bought an Uncle Mike's to pack our heater in because it was affordable, and really why waste ammo money on a better holster? At least that was what I used to think, but since Uncle Mike's is still around evidently their product is still selling. I assume their customer base is much like I was, dumb and cheap.

But in reality, a holster that matches the type of pistol you have, where on your body you want to conceal the pistol, and how you plan on carrying (open or concealed) should be more seriously thought out than, "what's cheap?"

Other people have written about this:





If you are going to teach people to carry in condition one, you need to teach them how to do it safely.

Not shoved into your pants. Not slipped into your purse. Not slid into a pocket (unless you have an actual pocket holster for the pistol to reside in). Not in something it can fall out of when you use the bathroom. Not in something that has straps that can unintentionally activate the trigger when you holster it.

I feel like Dr. Suess, "Would you carry in your bra? I would not could not in my bra! Would you carry in your sock? I would not could not in my sock! Not in my pants, not by my knee, not in my purse now let me be!"

I keep coming back to defending Israeli carry because there is no other rational option when you are giving our loaded pistols to minimally trained people who will be carrying in heavens knows what manner. Everyone who says Israeli Carry is only the result of people not being trained to properly carry, that is exactly right. Competence doesn't happen overnight, and I've been around too many negligent discharges to feel competent in anyone who says, "I was in the military, of course I know what I'm doing!"

I think that this holster subject is glossed over in so many basic firearms safety courses is because it really is a big, big area with lots of variation. Also there is no legal requirement to cover it. But, it needs to be covered, knowledge needs to be transferred, and hopefully the next generation of new shooters won't go out and buy a pistol, shove it in their purse, or waistband, in condition one, "because Tueller drill."

One thing that Tam brings up with holsters is that plastic holsters are easier better when it comes to re-holstering your heater after you've drawn it for some reason. If you plan on doing any sort of shooting competition, or serious gun school training, this is definitely something to consider.

Honestly I'd still rather have an Uncle Mike's than nothing at all. In fact I do, I have a Blackhawk Serpa (the kind with the extended slide cover to go over the safety) with the drop leg kit for when I wear body armor, and I have a cheap nylon Uncle Mikes holster with a magazine pouch attached for chilling like a fobbit. For concealed carry, I have an inside the waistband Tagua leather holster that really does suck to reholster a pistol in after I've drawn it. But it is light and feels good when I'm not sweating my ass off. I've also a couple other holsters that litter the bottom of footlockers, never again to see the light of day.

Maybe I should order a new holster? http://theholstersite.com/