Category Archives: Technology

Hushmail whispers your secrets

Posted on by

If you thought your secrets were safe with Hushmail you were wrong:

Hushmail, a longtime provider of encrypted web-based email, markets itself by saying that “not even a Hushmail employee with access to our servers can read your encrypted e-mail, since each message is uniquely encoded before it leaves your computer.”

But it turns out that statement seems not to apply to individuals targeted by government agencies that are able to convince a Canadian court to serve a court order on the company.

There are methods to communicate securely (guaranteed at the theoretical level) provided your attacker never gets physical access to your computer or someone doesn’t hand over the encryption keys. It’s just that it’s very, very inconvenient to do so. There are some intermediate difficulty of use methods which are secure as long as your attacker doesn’t have millions to spend on cracking your messages. I have been wanting to implement that for a long time but always seem to find something more important to do.

One of my main reasons for not working on the problem is that I can’t guarantee “no physical access” to my computer. So it’s just doesn’t have much point. That is probably always going to be the weak link. I don’t have any secrets on my computer or in my communication that need to be kept that secure but its sort of like owning firearms that certain people in government don’t want you to have and reading banned books. “You don’t want me to have it? Then that means I must have it.”

Big brother is always watching

Posted on by

Just a gentle reminder that everything you say on the Internet is read by big brother. Case in point: my post comparing ATF agents to Special Olympics participants got the attention of the DOJ:

Domain Name   usdoj.gov ? (United States Government)
IP Address   149.101.1.# (US Dept of Justice)
ISP   US Dept of Justice
Location  
Continent  :  North America
Country  :  United States  (Facts)
State  :  Maryland
City  :  Potomac
Lat/Long  :  39.023, -77.1993 (Map)
Distance  :  2,059 miles
Language   English (United States)
en-us
Operating System   Microsoft WinXP
Browser   Internet Explorer 6.0
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; DOJ3jx7bf; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727)
Javascript   version 1.3
Monitor  

Resolution  :  1024 x 768
Color Depth  :  32 bits

Time of Visit   Nov 13 2007 1:14:06 pm
Last Page View   Nov 13 2007 1:14:06 pm
Visit Length   0 seconds
Page Views   1
Referring URL http://www.google.co…i&btnG=Google Search
Search Engine google.com
Search Words ben cornali
Visit Entry Page   http://blog.joehuffm…DoToDeserveThis.aspx
Visit Exit Page   http://blog.joehuffm…DoToDeserveThis.aspx
Out Click    
Time Zone   UTC-5:00
Visitor’s Time   Nov 13 2007 4:14:06 pm
Visit Number   210,121

Redefining privacy

Posted on by

Uncle points us to this article:

Privacy no longer can mean anonymity, says Donald Kerr, the principal deputy director of national intelligence. Instead, it should mean that government and businesses properly safeguard people’s private communications and financial information.

[…]

Mark Klein, a retired AT&T technician, helped connect a device in 2003 that he says diverted and copied onto a government supercomputer every call, e-mail, and Internet site access on AT&T lines.

Side note: I heard of such a device from a friend in 2000.

I’ve gotten into debates with people that insisted we just needed “appropriate regulations with regards to the collection and use of personal information”. I expect Kerr, at best, would claim regulation should be in place and would protect us from the harm that might come from government abuse. That people can believe such outrageous fantasies is so mind boggling to me that I have difficulty articulating my case through my anger.

Let me put this as simply and calmly as I can. If the government has access to information that can be abused, no matter what “regulations” are in place, it will be abused. Just two quick examples; 1) Census data, supposedly “sealed” for 72 years was used by the FBI to track down “enemy aliens and foreign nationals who might be dangerous”. People of Japanese, Italian, and German descent were put in internment camps based on “sealed” information. 2) Brady records were required to be destroyed if the gun buyer passed the NCIS check. They weren’t. They were kept for at least a year “for audit purposes”. I told one gun rights leader that I thought the gun rights community should make it an issue to make sure these records were destroyed. He told me that it wasn’t that important because even if they existed they couldn’t be used in a court of law because they were “legally destroyed” even if they weren’t physically destroyed. After 9-11 those records were used to find “terrorist suspects” that might own guns. People who bought guns were found and their homes searched because those records existed. Gun owners screamed bloody-murder and the gun grabbers insisted it was entirely appropriate that the law be ignored.

A few days ago I finished listening to the book IBM and the Holocaust. Read that book and you’ll give strong consideration to being on a back-packing trip deep in the woods when the next census is done. Information is power, tremendous power. When the German “Police Battalions” moved in behind the army to “maintain order” they had lists of every Jew in the area. You couldn’t say you didn’t have any children because they knew from the census a few months or years before that you did have them. They had birth and death records, they knew who lived in which house in which town. And they were able to murder “vermin” by the millions because they had those lists.

For Kerr to say we should “redefine privacy” is an even more inflammatory statement to me than some gun grabbing politician saying they want all the guns turned in. Even if I don’t have my guns I have a chance of hiding my “Jews in the Attic“. But if I can’t buy them food or obtain medical care for them anonymously they are toast (sick pun intended).

I have yet to hear someone give me, despite my insistence they “put something on the table” to discuss, concrete examples of regulations they think would protect people from government abuse of such data. No one has ever done so. It’s always been, “those are details that need to be worked out”. I suspect Mr. Kerr is no different. In practical terms there are no regulations that will ever exist that would be adequate.

From a purely hypothetical view point I would be willing to compromise on a set of regulations that probably would be adequate but would violate several articles of the Bill of Rights and probably inspire new rights to be articulated in further amendments to our constitution. I’d explain here but you really don’t want to know how creative I am in defending this essential piece of liberty.

Hence, since there will be no practical regulations that will protect such data collections we must not allow such data to be gathered in the first place. And the data that is gathered must be of suspect quality. You and I, as liberty and freedom loving people, have a duty to withhold and corrupt as much of this data as we can. And Mr. Kerr should get a one-way ticket on a fence rail, naked, tarred, and feathered, to North Korea, Cuba, or some other police state. [See my follow up post.]

Update: I forgot to mention another important (because I was there and heard it with my own ears) example. While working for the government laboratory PNNL I had fellow “scientist” (he had a degree in computer science and was working in “cyber security” but was unable to write a computer program) Newton Brown tell another co-worker and I, “See this badge?  This means the law doesn’t apply to us.” That is the mindset of some of those in government. And for all practical purposes Newton is correct.

Quote of the day–Archimedes

Posted on by

Give me a lever long enough and a fulcrum on which to place it, and I shall move the world.

Archimedes
[From some reason Kevin’s project reminded me of this.–Joe]

Real ID is in its death throes

Posted on by

I’d like to believe it but I won’t until the coffin has been nailed shut, it’s been cremated, and the ashes dumped in a pig farm lagoon. Here is the story:

“In discussions I participated in with the Department of Homeland Security, they were asked point blank, ‘What will happen to states that don’t participate?'” said Maine Secretary of State Matthew Dunlap, who was on the call. “The response was, ‘Nothing will happen. There will be no penalty. You can still get on a plane.'”

[…]

States began defying the feds, passing laws saying that they had no intention of complying with the REAL ID requirements. The federal government retorted that this was fine, but citizens from those states could not use drivers’ licenses to enter federal buildings or board aircraft (which are screened by federal personnel).

In the face of this sort of opposition, DHS extended the deadline for compliance to 2009, and then again to 2013. Now, it could be extended again, and states could get even more time to issue cards for older drivers (apparently less of a security threat).

Whether the new rules are an expedient compromise or a total backpedalling from the goals of REAL ID depends on who you ask. The ACLU, for instance, holds strong views on the matter.

“DHS is essentially whittling Real ID down to nothing—all in the name of denying Real ID is a failure,” said ACLU senior legislative counsel Tim Sparapani. “Real ID is in its death throes, and any signs of life are just last gasps.”

Like that is going to help

Posted on by

It’s a pleasant fantasy but the people offering these sort of solutions either don’t understand the problem or don’t want to face reality. From one of our wonderful government laboratories:

Los Alamos Lab developing liquid scanner for airport security

Scientists at Los Alamos National Laboratory are developing a new type of scanner that can distinguish liquids blaring out a warning for bad ones, like explosives, while letting through good ones, like water.

They will be able to scan bottles as big as a “magnum-sized champaign bottle,” Espy said.

“Apparently the whole duty-free thing is suffering, and people can’t carry their liquor on airplanes anymore,” Espy said. “It’s been disruptive to commerce. So, that’s one of the benefits of this.”

Software upgrades could add new liquids to the device’s detection list if any new threats arise, she said.

“The nice thing about this system is it’s not tuned to any specific threats,” Espy said. “As new materials of concern arise, it can be adapted to detect those.”

Even after the scanner is in place we still won’t be able to take liquor on airplanes–unless they are going to allow ethanol on board. In which case I need to demonstrate how to make an “explosive” out of ethanol. It would be tough to get a true detonation but in the enclosed space of an airplane cabin it just won’t matter whether the speed of propagation is greater than or less than the speed of sound.

And if they stop letting people take liquid hydrocarbons on board I’ll demonstrate the same sort of thing is possible with bread flour, powdered sugar, or coffee creamer. And when they ban those let them build a scanner that is sensitive to powdered human hair.

And those ideas are all taking the direct “brute force” approach. There are lots of other, much more subtle, ways to defeat airport “security”. TSA is backward for A Security Theater. It’s time we considered the alternatives.

Ho hum

Posted on by

Depending on what your definition of a robot is sex with robots is old hat. But what this guy has in mind is a taking it little bit further:

According to Netherlands University student David Levy, robots may become so human-like in the near future that people could fall in love with them, marry them, and have sex with them.

He recently completed his PhD on the subject of human-robot relationships. He stated that “At first, sex with robots might be considered geeky, but once you have a story like “I had sex with a robot and it was great!” appear in a magazine like Cosmo, I’d expect many people to jump on the bandwagon.”

Existing toys include these (not safe for work):

Microstamping patent

Posted on by

There has been a lot of talk (and here) about how the anti-gun bigots got pwned by a section in the microstamping bill that says it won’t take effect unless the technology is “available to more than one manufacturer unencumbered by any patent restrictions”. Furthermore those people dancing in the streets point out the primary patents won’t expire for another 15 years.

I hate to rain on everyone’s happy dance but check this out:

Question: Is microstamping a sole-source technology that would create a government-sanctioned monopoly for a single company?

Answer: The patent holder of microstamping technology has announced that a royalty-free license will be provided to every manufacturer in the United States on guns sold in California.

Tell me again who got pwned.

I still don’t want to feed one

Posted on by

This might help the “bullets on target” problem I have with machine guns but I still am put off by the cost of feeding such a device. At 1000 yards with my “Spud Gun” (some call it “insanely accurate”) will deliver a bullet just as accurately and with as much momentum as I could with this sub gun at 25 yards and with far less chance of receiving return fire.

It is a neat engineering advance in guns though. I applaud them for their ingenuity.

All my bags are packed

Posted on by

I’m ready to go. Barb and I are leaving on a jet plane for Reno and the Gun Blogger Rendezvous this evening. That’s assuming the TSA will allow me, my guns, and ammo on the plane. Alaska Airlines will only allow me to take 50 pounds of ammo [heavy sigh]. That would have been enough for what I want to do except that with all the other stuff I’m taking (Boomershoot give aways, knives, spotting scope, tripod, range bag, magazines, holsters, guns, shot timer, eye and ear protection, laser range finder, binoculars, spare batteries, gun cleaning gear, walkie-talkie, altimeter, wind gauge, thermometer, exterior ballistics calculator, targets, and a clean pair of socks) I started running up against a different weight limit without bringing all the ammo I wanted.

I have enough match rifle ammo and if I decide I want some more pistol ammo I’ll buy it in Reno sometime tomorrow.

Update: We made it through security without incident. We are now sitting at our gate waiting to board. Pretty amazing considering all the electronics and cables I had in my computer bag. The holster in the computer bag apparently didn’t raise an eyebrow either. And the empty water bottle… I thought for sure they would want to open my backpack to make sure it was actually empty. They were cool with me wearing a shirt with the picture of a gun on it and the Boomershoot coat too. All nice to know. Maybe they are happy with just infringing on one constitutionally guaranteed right at a time.

So far the flight is on time. You can track it in near real time here.

Insufficient mylenation

Posted on by

Via Thumper.

I’ll bet that was a real rush. But when someone prone on a few roller skate wheels passes a motorcycle you know it’s got to be a case of insufficient mylenation (another example can be found in the third paragraph here). Notice how he bleeds off speed by swerving side-to-side when coming up behind the motorcycle? I’ll bet he doesn’t have real brakes. It’s still awesome:


Rollersuit in the Swiss Alps

Update: A friend of mine owns a roller skating rink. I asked him if he had ever done anything like this. He replied:

Joe, Back in the “GOOD’OL” days when all my knees worked I skated down 3 of the then MAJOR hills in Lewiston which were Fifth St. Grade, Eighth St. Grade and Twenty-first St. Grade, in Clarkston the biggie was Beachview Park Grade, the trouble with it was it ended in a parking lot with curbs a strip of grass, and the Snake River. It’s a bitch to swim with roller skates on……………!  I passed a car on the Eighth ST. Grade deal he was doing 25 or 30 and he said I was still accelerating, but  I sure the first thing he did was let off so it seemed faster then he thought. We did clock the Twenty-first St deal and top was about 42 MPH-…….,use REALLY good Bearings

IIRC the way his knees stopped working was when he and his motorcycle parted company while they were both traveling at about 50 MPH. He tried running to avoid getting a road rash. His knees got messed up in addition to receiving numerous other injuries you might expect from a separation of man and machine of this type.

The god helmet

Posted on by

Put this helmet on and get a connection to your god(s).

Changes in CPR protocol

Posted on by

It turns out that for an out-of-hospital “witnessed cardiac arrest” you probably shouldn’t do the mouth-to-mouth portion of CPR.

You better get used to it

Posted on by

Uncle says see-through frogs are creepy. I say you better get used to it. People are now creating completely new species. Future Shock is here and now.

I read Future Shock in about ’75 and my opinion hasn’t changed with 30+ years of evidence–Toffler just likes to blather about things no one can or has any need to measure.

Do you think we can gain any traction with the environmentalists who whine about the loss of species if we started creating new species faster than we made old ones extinct? No? I didn’t think so either. There’s just no making some people happy.

More Halo 3 propaganda

Posted on by

Ry has four Halo 3 video ads posted. Microsoft puts an amazing amount of money into marketing (and nearly everything they do).

Playing in the park before going to the sandbox

Posted on by

Xenia made a video of John and her in the park. John is now headed back to the sandbox to guard convoys with his video game.

Good luck and thanks John. Please come back in one piece.

Alternative to Google for search

Posted on by

In case you haven’t tested it out recently (as in the last day) Microsoft’s search engine was just updated and for the first time has search results on par with Google. I know the test methodology for this claim but I’m not sure I’m at liberty to reveal it but I am of the opinion they did a good job measuring this and that the claim is accurate. “On par” is not good enough to win and I expect MS will pull ahead of Google in the near future.

Having an alternative to the anti-gun owner bigots at Google is important and now you don’t have to compromise on search results. Now if I can just get the message to the right person to get MS to give us an alternative to AdSense so I can drop the Google ads in the right margin of this blog.

Quote of the day–Dr. Jack Wheeler

Posted on by

Syria is shamed and silent.  Iran is freaking out in panic.  Defenseless enemies are fun.

Dr. Jack Wheeler
Silence in Syria, Panic in Iran
September 25, 2007
[Via David.–Joe]

Quote of the day–Bruce Schneier

Posted on by

For a while I’ve been saying that this whole national ID debate will be irrelevant soon. In the future you won’t have to show ID; they’ll already know who you are.

Bruce Schneier
September 26, 2007
The Technology of Homeland Security
[It was this article that inspired the above comment. My comment to Schneier’s article was:

I used to specialize in biometrics and was underwhelmed at the actual capabilities compared to the marketing hype. And that was with people that weren’t even actively engaged in trying to defeat the technology. If someone really wants to defeat it the odds of success are very close to 100%.

“Novelty” contact lens easily defeat iris scans. Remote fingerprint scanning can be defeated with Band-Aids (or just the sticky tape part of it). More sophisticated/determined people will use contact lens with someone else’s iris pattern and be wearing someone else’s fingerprints.

The bottom line is that for the average person they might be able to know who you are and where you have been. Great information to use against your political opponents and for stalkers with access to the databases but useless for stopping smart and determined criminals.–Joe]

Halo 3 propaganda

Posted on by

Speaking of propaganda… I received an email at work yesterday saying something to the effect that the Halo 3 release will be the biggest release event in entertainment history. At least that is what I remember it saying. I don’t pay that much attention to games or publicity events.

What struck me was the number of copies they have ordered for employees. At the Redmond company store alone they brought in 25,000 copies. There will be additional shuttles from all over the main campus to the company store to help alleviate the parking issues that would result if people tried to drive themselves.

I asked James when he was going to pick up his copy. He told me that he pre-ordered his a year ago at some retail outlet so he could get some special edition version. Wow…

I stopped off at the company store yesterday at lunch time to pick up some software for Caleb. He told me no big hurry but I just know the store will be a madhouse the rest of this week. I saw a big empty space in the middle of the store where I expect the product will be stacked when it opens later this morning.

I also saw some Halo 3 hats on the shelf: