Category Archives: Technology

Quote of the day—Matthew Green (@matthew_d_green)

Posted on by

If the US government dictating iPhone encryption design sounds ok to you, ask yourself how you’ll feel when China demands the same.

Matthew Green (@matthew_d_green)
Tweeted on February 17, 2016
[H/T to Tyler Durden.

Of course, as I posted before, Lyndon Johnson once said:

You do not examine legislation in the light of the benefits it will convey if properly administered, but in the light of the wrongs it would do and the harms it would cause if improperly administered.

The problem being that it is difficult for many people to see the “unintended consequences” in foresight. If there is the possibility of a good outcome they will focus on that. In a lot of ways it’s like gun control. “People might be safer if guns are banned because the bad guys won’t have guns to commit crimes with.” Overlooking that the good guys won’t have guns to defend against the bad guys with.

The gun control analogy is an even a better fit when you remember that at one time the U.S. government insisted encryption was a “munition” and was mostly banned from export. It would seem to me that if the Second Amendment were well respected by Congress and the courts then a good lawyer could make the case government resistant encryption is protected by the Second Amendment as much or more so than it is by the First Amendment.—Joe]

Speer Gold Dot Short Barrel

Posted on by

As I mentioned a couple times before Speer makes a self-defense bullet intended for lower velocity loadings. They call it “Gold Dot® Short Barrel®”. I needed these for handgun students with difficulty handling factory loads. I loaded 301 rounds (I purchased three 100 round boxes and ended up with 301 bullets) over 3.9 grains of Bullseye and delivered 100 rounds to one of my students last Saturday.

Here is what the 180 grain bullets look like in .40 S&W:

IMG_5293

IMG_5295

I’m expecting a velocity of about 850 fps at the muzzle with my STI DVC (5 inch barrel). This compares to about 1025 fps with 180 grain Winchester Rangers out of the same gun. The difference in recoil is significant.

I’ll run them over a chronograph and do some water jug testing (only valid for simple expansion testing) the first chance I get.

Quote of the day—Tim Cook

Posted on by

The U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

Tim Cook
February 16, 2016
A Message to Our Customers
[Such a concession to the government would fail The Jews In The Attic Test. No further discussion is required.—Joe]

Code practice oscillator

Posted on by

Roberta just posted about telegraph keys and coincidently I ran across this as I was continuing to unpack boxes that hadn’t been touched in 20 or 30 years:

CodePracticeOscillator

The battery is new and that is all it took to make it functional. It’s a code practice oscillator that Brother Doug and/or I built back in the late 60’s or early 70’s. Once upon a time we put in a half-hearted effort to learn Morse Code but neither of us succeeded at learning the skill.

This will be interesting

Posted on by

Cosmic breakthrough: Physicists detect gravitational waves from violent black-hole merger:

Scientists announced Thursday that, after decades of effort, they have succeeded in detecting gravitational waves from the violent merging of two black holes in deep space. The detection was hailed as a triumph for a controversial, exquisitely crafted, billion-dollar physics experiment and as confirmation of a key prediction of Albert Einstein’s General Theory of Relativity.

It will also inaugurate a new era of astronomy in which gravitational waves are tools for studying the most mysterious and exotic objects in the universe, scientists declared at a euphoric news briefing at the National Press Club in Washington.

“Ladies and gentlemen, we have detected gravitational waves. We did it!” declared David Reitze, the executive director of the Laser Interferometer Gravitational-wave Observatory (LIGO), drawing applause from an  audience that included many of the luminaries of the physics world. The briefing was watched around the world by physicists who have long waited for such a detection.

I’m hoping this will lead to the development of “warp drive”.

Lost email

Posted on by

Due to some technical issues any email sent to joehuffman.org between 1:00 AM and 10:15 AM PST Saturday 2/6/2016 has been lost.

If you sent me something during that time frame please resend it.

Thank you.

Another day another hole in the gun control argument

Posted on by

Via Steve from work.

95 percent 3D-printed (Glock barrel and probably a few springs):

Even with the Glock barrel the gun is completely “off the books”.

Another day another hole in the gun control argument.

Quote of the day—Maj. Gen. Robert Scales

Posted on by

Presidential involvement in small arms has been strategic and game-changing in our history. Obama comes along and tells the Army that, in this administration, money is going into small arms to build — not a deadly weapon, not an effective weapon, not a dominant weapon, not a lifesaving weapon, not a technological cutting-edge weapon — but a weapon that prevents accidental discharge. Give me a break.

Maj. Gen. Robert Scales
Former commandant of the U.S. Army War College
January 31, 2016
Obama’s eye-opening order to Pentagon: Make combat weapons safer, not more lethal
[He is doing just what he said he would do. He is fundamentally transforming our country.—Joe]

Quote of the day—Iain Thomson

Posted on by

NSA tiger teams follow a six-stage process when attempting to crack a target, he explained. These are reconnaissance, initial exploitation, establish persistence, install tools, move laterally, and then collect, exfiltrate and exploit the data.

During the reconnaissance phase agents examine a network electronically and, in some cases, physically. They work out who the key personnel are, what email accounts matter, how far the network extends, and maintain constant surveillance until they can find a way in.

Iain Thomson
January 28, 2016
NSA’s top hacking boss explains how to protect your network from his attack squads
[Via Bruce Schneier. See also NSA Hacker Chief Explains How to Keep Him Out of Your System.

Most of this process applies to physical as well as information security. Use this information wisely.—Joe]

Quote of the day—Brian Garrett

Posted on by

Whenever someone tells me to “check my privilege”, I like to respond with “root access confirmed”.

Brian Garrett
January 21, 2016
Comment to Indistinguishable from Reality
[To understand this, and find it absolutely hilarious, it helps to be a computer geek.—Joe]

Sean’s dream is coming true

Posted on by

Laser weapons are being tested right now and they are getting close to having them on military planes:

a number of other companies are also working on lasers that might be suitable for use on the AC-130. Lockheed Martin, the aircraft’s manufacturer, is developing a 60-kilowatt-class laser for the Army, for example, and Northrop has advertised its interest in developing airborne lasers as well. AFSOC has studies under way to determine the best solution.

And they are getting small enough to put on a small truck:

General Atomics has developed another version that fits in a box 12 feet long, 4 feet wide and 2 feet tall.

60 kW is a lot of punch. A six inch diameter magnifying glass collects about 15 W (1/4000th of the power of the laser) and quickly fries an ant.

And these are going to get smaller too. A 1 kW laser rifle would seem to be plausible and useful for some tasks.

I know it could make Sean’s dream come true.

Malware for good

Posted on by

What if someone created a computer virus which illegally infected as many systems as it could via the Internet and made them more secure against attacks by unauthorized users?

Would you call that malware? How about vigilante malware?

The further we dug into Wifatch’s code the more we had the feeling that there was something unusual about this threat. For all intents and purposes, it appeared like the author was trying to secure infected devices instead of using them for malicious activities.

Wifatch’s code does not ship any payloads used for malicious activities, such as carrying out DDoS attacks, in fact all the hardcoded routines seem to have been implemented in order to harden compromised devices. We’ve been monitoring Wifatch’s peer-to-peer network for a number of months and have yet to observe any malicious actions being carried out through it.

In addition, there are some other things that seem to hint that the threat’s intentions may differ from traditional malware.

Interesting.

But what you have to wonder is, why didn’t the software writers for these devices (these are embedded systems for the “Internet of Things”) include the capability for automatic updates and eliminate the need for some “vigilante” to do it for them?

Quote of the day—Brett Peppe

Posted on by

What people can do with what they buy at the gun store doesn’t bother me much. It’s what the brilliant molecular biologist who has gone sideways can do in his basement in mayonnaise jars that absolutely terrifies me.

Brett Peppe
December 22, 2015
[I have nothing to add.—Joe]

First rocket VTOL?

Posted on by

This is pretty cool. Via Drudge. With video.

A rocket with landing gear. We saw that in books and SciFi movies all our lives. Never thought it would take this long, but apparently it’s difficult.

Better book yourself a flight. You get four minutes of free-fall, and the best “roller coaster” ride yet. Once they can go orbital it’ll cost more for a ticket I bet.

Quote of the day—Bruce Schneier

Posted on by

I have recently come to the conclusion that e-mail is fundamentally unsecurable. The things we want out of e-mail, and an e-mail system, are not readily compatible with encryption.

Bruce Schneier
November 12, 2015
Testing the Usability of PGP Encryption Tools
[Interesting observation. I tried to do encrypted email with some other people for a while and it didn’t last long. Things like searching for an old email was impossible. And the subject of the email was never encrypted so you would either leak a lot of information with the subject or you could decrypt just the one email you wanted to look at again.—Joe]

We told them so

Posted on by

For at least ten years gun owners, the police, and many others have been saying “ballistic fingerprinting” will not and cannot work (many of the links are dead but in January 2005 they were active, I include them anyway to give a hint at the number of people who were in agreement the system was doomed to failure):

Millions of dollars and over a decade later the Maryland legislators finally admitted what we have been saying all along:

Millions of dollars later, Maryland has officially decided that its 15-year effort to store and catalog the “fingerprints” of thousands of handguns was a failure.

Since 2000, the state required that gun manufacturers fire every handgun to be sold here and send the spent bullet casing to authorities. The idea was to build a database of “ballistic fingerprints” to help solve future crimes.

But the system — plagued by technological problems — never solved a single case. Now the hundreds of thousands of accumulated casings could be sold for scrap.

But the computerized system designed to sort and match the images never worked as envisioned. In 2007, the state stopped bothering to take the photographs, though hundreds of thousands more casings kept piling up in the fallout shelter.

And now we all get to say, “I told you so”:

No. Next question.

Posted on by

Nick Vivion asks, “Could this new Wi-Fi technology revolutionize airport security?”

Some of the most promising new technology has emerged from a multi-year project from MIT’s Computer Science and Artificial Intelligence Lab: a Wi-Fi network that can identify who you are — even through a wall. Yep, you read that right. These geniuses have built a way to implement Wi-Fi as a means to identify the unique characteristics of individual humans.

 

The RF Capture technology is able to analyze how Wi-Fi signals bounce off a human being to create an outline similar to what you might see from a millimeter wave scanner. The secret sauce is a reconstruction algorithm that stitches the many refracted waves into an image and then analyses the results. The system was able to identify 15 different people with a 90% accuracy.

The last sentence is meaningless. There are two types of errors. False positives and false negatives. Which type is this 90% numbers? Furthermore there are two types meanings of “identify” in biometrics. There is, “Who is this person?” (identification). And there is, “Is this person who they say they are? (verification)”. If they are identifying one person out of a population of 15 90% of the time then the success with of a population of 100s, 1000s, or millions is going to be insignificant. If they talking about verification then it means that one out of ten times an imposter is falsely verified. This is way too poor.

If that isn’t enough they don’t address the fundamental difficulty with security. That is that you have an active adversary. The adversary is going to do whatever they can to fool you. Wi-Fi signals bounce off of humans, as shown in the video below, but they bounce of metal even better. A little bit of aluminum foil underneath your shirt and you will appear as a completely different image to their technology. Some outdoor clothing has aluminum built into it for heat retention. This would play havoc with their tech.

Vivion should have asked a security expert his question. The answer would have been “No. Next question.”

Oh, auto-correct

Posted on by

I received this customer inquiry today;
“Which of the has tunes would fit a polish style am.”
So I did a little translation;
“Which of the gas tubes would fit a polish style AK.”
And translation of the translation;
“Which of your forward optic mounts would fit a Polish style AK?”
Context. It’s all about context– I’m reasonably sure I wasn’t being asked about the appropriateness of certain music for Polish radio stations on the amplitude-modulation band, for example. And so now I can give an informed answer to the question without asking him to clarify.

Smaller is better, maybe

Posted on by

In the “learn something new every day” category.

The furnace doesn’t kick on much during the summer here in the PNW, and for 4-5 months of the year we just heat with the waste heat from appliances and electronics, controlling the temperature mostly by opening windows. Locals know the drill. Well, with fall rolling around, eventually it was time for the furnace to kick on and move a little warm air around. But the spousal unit pointed out that it was still a tad chilly in the house, even after turning the thermostat up. Continue reading

A very select audience

Posted on by

If programming languages were weapons. This won’t make much sense to you unless you are a computer programmer and a gun nut.