For some reason my blog comes up on top for a number of search terms with the search engines.  Due to the referrals I was seeing I noticed that searching for Josh Sugarmann on either MSN search or google puts The View From North Central Idaho at the top of the list.  It was this post that did it.

Josh Sugarmann, for those that don’t know, is the Executive Director at Violence Policy Center, is the author of this book, and was the brains behind the assault weapon ban.  Wow!  Someone looking for information on Mr. Sugarmann ends up looking at my propaganda on freedom, guns, and explosives.  I love the irony.

Stephanie has finished tweaking all the press releases now.  Please point your favorite, or even your most hated, MSM editors, reporters and bloggers to them.  Our objective is to get positive media coverage of gun ownership and use.  The explosives angle gives that extra edge to make it a newsworthy story rather than just a bunch of people punching holes in paper that you can’t see without a deep space telescope.  Our hand picked and carefully trained media specialists can keep even the most noxious gun fearing wussy reporter from gaining much traction.  Check out some of the previoius press coverage we have obtained to see what is possible if you manage the press appropriately.  We are expecting some good stuff this year too and if you can help make it happen it will benefit gun owners everywhere.

Here are some data points:

• More Than 2,000 Demonstrate at Iraqi Bombing Site
• bin Laden encouraged Zarqawi and his group to focus on attacks inside the United States
• Lebanese Cheer Collapse of Syrian-led Government
• Syria cooperating with Iraq authorities
• Democratic moves snowballing across Mideast

From this last article:

Under the combined impact of US pressure and rumblings on the home front, democratic moves have snowballed across the Middle East in recent weeks and brought in timid changes to Arab regimes fearful of reform.

Egypt has become the latest country to break with the autocratic order that has come to define regional politics and make a small concession to a cautious yet unprecedented democratic push.

President Hosni Mubarak took Egyptians and the rest of the world by surprise Saturday when he proposed multi-candidate direct presidential polls, replacing a 50-year-old system whereby a single candidate was vetted by the army before being submitted to a popular vote.

The fact that there are thousands of protesters against the terrorists in Iraq is a very good sign and I suspect this attitude is a good part of the reason why bin Laden is telling his top commander in Iraq to move his area of operations to the U.S.  They have lost the battle in Iraq and they know it.  Syria is trying to play friendly with the US and Iraq as their power wanes.  Egypt claims to be moving towards freedom.  Iran is a concern but overall it’s almost all good news from the Middle East.

I, as well as most other people that watch these sort of things, are amazed we haven’t had another attack on U.S. soil since 9-11.  That bit of good fortune may change as the extremists realize they aren’t going to win in Iraq.  But we got nearly four years of preparation in before they decided to focus their sights on us again.  I just hope our intelligence network is working well enough to stop the vast majority of the attempts on our homeland.  That reminds me–I should go visit the guy upstairs to see if the stuff I have been giving him has been ignored or put to good use.

I did a lot of preparation for Boomershoot 2005 this weekend.  I finished up reducing the volume of the 8“ target bodies so the neighbors don’t have so much stuff falling off the walls.  I didn’t do all the 8“ target bodies, just more than enough for this event.  I changed my method to do this.  The egg cartons were just too time consuming.  I switched to using the expanding sealing foam used in home repair.  It was much, much faster even if it was more expensive.  Here is a picture of some of the target bodies:

Also note the colors of the lids at the base of the stack of target bodies. I’m painting them different colors to help the shooter/spotter teams identify which target they are talking about.  There will be a white as well as the yellow, red, and “cardboard brown” shown in the picture above.  I have painted all the yellow and red lids I need for the 8“ targets just the white lids remain.  I’ll do the six inch lids and the rest of the 8“ lids sometime in March.

These are the new 4” targets we will be using for the main event on Sunday.  These are cardboard boxes with internal dimensions of 4x4x2 inches.  These targets will hold slightly more of the “reactive recipe“ than the old 4“ diameter targets did.  They come from the factory white so there will only be the three colors of them.  The clinic will use up the last of the 4” diameter targets with the plastic lids we used last year.

In other news I just sent in the comments from a number of proof readers (family and friends) on a article that is being written for a shooting magazine on the Boomershoot by someone that has attended the last two events.  It looks really good but we don’t know for certain if the magazine will actually publish it or not.  I doubt that it will appear before this years event so it probably won’t help attendance this year but it might for next year.

Next weekend, assuming the weather is favorable, we will be doing a bunch of experiments with new mixes to increase the sensitivity and reliability of detonation.  Then on the 27th of March we have a “private party“ to put on.  This is going to be a busy month for Boomershoot stuff.

I got an inquiry from someone in Wisconsin this weekend.  He will be a first from that state if he is able to make it.

As usual, lots of entries came in this last week of February but because I expanding the shooting line so much I still have 22 more shooting positions available.  I have 38 positions taken now.  I’m also officially in the black on paper.  That doesn’t count the loan I made to Boomershoot for the new explosives magazine last year and all the chemicals I purchased last year or the new generator I bought a month ago.  But since I had purchased nearly enough materials for this years event last year my cash flow has been very good this year.  I have paid back $1650 (including interest) on the loan and paid for the generator with this years money so I’m feeling pretty good about the money situation.

Since we have all the bloggers showing up this year I had hoped to get wireless internet service onsite.  I talked to the provider yesterday and found out that there are political obstacles to that happening.  They have been working on providing service in that area for some time but aren’t quite there yet.  There are permits they have to obtain and stuff like that.  The current schedule looks like “end of the summer“.  So, maybe Boomershoot 2006 will be the first to have live blogging.

There are just under nine weeks to Boomershoot 2005.  Next Saturday Ry and I will do a full day of experiments aimed at getting the mix more sensitive.  Then we will be ready until just a few days before the event when the work really begins.

I drove 400 miles round trip to have dinner with a friend on Wednesday evening.  I always enjoy my time with him immensely.  Very, very, funny, and thought provoking.  I’ll share his solution to our war with Muslim extremists in some other post but a newspaper article I saw this evening reminded me of something else he said.  He made a comment about Bush’s State of the Union speech being insane if you read between the lines. “Oh?”, I asked. “How is that?” The answer I got was, “He wants to export freedom to everyone. That’s not much different than Caesar saying he wanted to bring civilization to everyone and the Conquistadors bringing Catholicism to everyone.”  Interesting viewpoint.  I hadn’t thought of it that way before.  My friend doesn’t exactly think everyone is ready or capable of handling freedom as we know it.  I’m not so sure but he has a number of data points from dealing with other cultures that I don’t have direct experience with.  Anyway the news indicates, insane or not, foreign governments are taking Bush seriously.

From the LA Times:

Egyptian President Hosni Mubarak called Saturday for a constitutional amendment to allow other candidates to run against him for the first time, a surprise move that could be a historic turning point in a country that has endured decades of repressive rule.

The announcement by Mubarak, a staunch U.S. ally, came days after Secretary of State Condoleezza Rice canceled a trip to the Middle East this week amid mounting tension over the autocratic Egyptian leader’s crackdown on political opponents.

Yeah, I know, so what else is new?

They report on the bill before the U.S. Senate to protect the gun industry from junk lawsuits.  They claim:

 In September, the families of victims in the sniper shootings in the Washington area won a $2.5 million settlement from the dealer who supplied the snipers’ assault rifle.

Being generous to the reporter and editors, they are misleading when they say this.  The gun was stolen from the dealer by the two criminals.  Do they claim a bank that gets robbed provided money for the criminal to buy illegal drugs?

To give them credit where they deserve it, they did quote a spokesman for one of my Senators:

A spokesman for Senator Larry E. Craig, an Idaho Republican who sponsored the bill, said the lawsuits were inappropriate.

The suits “attempt to achieve gun control through judicial rather than the legislative means,” said the spokesman, Sid Smith. “If a drunk driver hits someone,” he said, “the car manufacturer is not held responsible so long as the car functioned correctly, so why should the gun industry be any different?”

Overall I give them a grade of ‘C’ on this article. In addition to the above blatant bias they only gave a few lines of coverage to the pro-freedom viewpoint and the vast majority to the anti-freedom viewpoint.

Denise’s comments here and the big story about CNN breaking Federal law to do an anti-freedom story on gun ownership reminds me of something I said a long time ago and remains true today:

Huffman’s rule of firearms law: Firearm laws are so complex, victimless, and nonsensical that almost every firearms owner breaks multiple laws without knowing it. A general rule to compute the earned prison time for crimes committed is to multiply the number of years of activity in the shooting sports by five.

Joe Huffman
12/16/97
If I were caught and convicted I would spend the rest of my life in prison.

As I reported before Adam was one of the Precision Rifle Clinic instructors at the last Boomershoot.  Rivrdog reports on his memorial service.

MSM reports:

Seattle Times
Seattle Times
The News Tribune
The News Tribune
KVAL News
Seattle PI
Seattle PI
KOMO TV
The Register Guard
KOIN News
The Oregonian
Bend.com
The Olympian
The Olympian
YubaNet

You can donate money to directly to the Lancer Memorial Fund which helps the families of those fallen in battle.  See near the bottom of this press release for more details.

Amazing.  The first time my blog is linked to by a really, really, high traffic blog and it’s these people.

Someone has a tin foil hat on and quotes a news quote of mine rather than going directly to the source I gave.  They are a few Fruit Loops short of a full bowl so what do you expect?

My ISP is having some problems.  It’s been down for over 18 hours now.  I don’t know when it will be up again.

An ex-employee at the San Francisco International Airport claims the security people doing the passenger screening cheat to pass the tests by federal auditors.  Bruce Schneier writes about the necessity of having trusted people.  This is true.  What he doesn’t point out is that in this case it’s probably an unsolvable problem.  Security is no stronger than the weakest link.  When you have thousands of people you have to trust to ensure the “sterile area” of the air transportation system is secure the odds of having one or more untrustworthy people is asymtotically close to one.

The odds of getting weapons onboard a plane when the passenger makes no attempt to hide the weapon is about 20%.  When the auditors deliberately try to evade security they classify the test results.  My guess is the results approach a 100% failure rate.

It’s time to consider alternatives.  Obtaining public acceptance of scientifically sound methods of security is a better position to be in than using publicly acceptable methods that can never succeed.

Kim du Toit has a picture of a poster from a previous war entitled “What did you do today … for freedom?“  It turns out I have been thinking about that a lot the last few days.  I just woke up a short while ago so I’ll write about yesterday instead of today.

What did I do for freedom yesterday?  I reviewed proposals for some Navy money and voted on which should be given funding and which should be dropped this time.  Then I worked on a portion of a solution to plug a security hole in our computers. 

But I can’t tell you how many times I think about Adam and wonder if there was a countermeasure for Vehicle Borne Improvised Explosives Devices (VBIEDs) that I should have thought of.  Without more details on what exactly happened to Adam I don’t know if any of my ideas could have made any difference.  But I keep thinking maybe there was something more I should have done with the ideas I did have or were suggested to me.  I presented them and sold them as best I could to management last fall but they didn’t go anywhere that I know of.  They could have been passed on to people better able to implement than I and classified–I just don’t know.  But could I have followed up more and pushed harder?  Could I have gotten something implemented and deployed in time to have prevented Adams death?  Probably not.  But what about the next VBIED?  Is there one that next week or next month or next year that will kill or injury Walter or my nephew or a few years from now after my niece graduates from West Point?  Is there something I could have done or should do to prevent it?  What if I had found someone to give my information on people searching for bomb building information sooner?  Technically, it’s not my job.  My job is with computer security.  I’m working to keep our computers and computer networks safe from attack.  Worthwhile endeavors in our fight to preserve our freedoms, but I often feel it’s not as pressing as solving the simple brute force attacks used by our current adversaries.

What to do?  Do my job as best I can, keep thinking, and keep feeding ideas to those who’s job it is to solve the immediate problems.  It’s time to get ready for work.  Today and every day is important.

The following is only very slightly edited from a class I took yesterday.  I think it’s good advice for everyone.

We have become vulnerable everywhere because today’s terrorist confronts the United States indirectly.  This tactic exploits our vulnerabilities and negates our superior tactical and strategic advantage.  The terrorists are looking for headlines, high mortality, and high shock value.  The reality is that the risk is now on our home front.  We no longer can assume we are safe in the continental United States; as demonstrated by September 11, 2001 terrorist events.  The terrorists are bringing the fight to us.

You can help CI by being aware of activities that are precursors of a terrorist event and may provide a warning that saves lives and property.  The fundamental indicator is unusual and suspicious activities.  We must all remain alert to possibilities that are virtually limited only by one’s imagination.  We cannot accept the risk of complacency.  Our defense: unpredictability, situational awareness, patience, and vigilance.  Awareness, the eyes and voice of each individual, is critical to the success of the war against terrorism. 

A partial list of things worthy of additional attention:

• People near a facility using or carrying video cameras or observation equipment (for example night vision devices)
• People parking, standing or loitering over several days with no apparent reasonable explanation
• Suspicious vehicles, something that is not normal for the situation or area
• Unusual questioning about the facility or personal information
• Frequent telephone calls claiming to be wrong numbers
• Abandoned packages, briefcases, or suitcases
• Low-flying aircraft, possibly observing the area
• Any activity considered suspicious or unusual to you from what you normally observe.

I just found out via Kim duToit that Adam Plumondore was killed in a car bomb explosion.  Adam and his co-worker Walter assisted Eugene Econ with the Precision Rifle Clinic last year. I had a few pictures that were taken by Ry and Michael of the Saturday night dinner during Boomershoot 2004 that I had never put up.  Some of those included pictures of Adam.  I put those up on my photo album a few minutes ago.  We all are saddened by this loss.

Update: See also this blog entry.
Update2: I found another picture and uploaded it here.

In a most pleasant change from normal I didn’t have to drive 150 miles home after work Thursday or Friday.  Barb, Xenia, and Xenia’s friend Sara drove over Thursday night to spend the weekend with me.  This saved me six hours of driving while still getting to be with my family for the weekend. 

I made pancakes yesterday morning for the girls and myself.  We had lunch at the Chinese buffet.  I got discount tickets at work and last night we went to see Finding Neverland. We all cried.  It was a great movie.  So here I sit, in bed, with Barb asleep beside me.  Life is good.

Ry and Stephanie are doing their part in our efforts to make people more comfortable with the recreational use of explosives and firearms.  Ebay seems like as good a place as any to reach the general population.

Thank you!

I help design and implement solutions to improve security of various things against intelligent, determined adversaries.  I think I’m pretty good at it.  But I don’t think I would have envisioned and prevented the dust bunny that took down a network, supporting thousands, for hours.

I was in a meeting this afternoon where we were figuring out how to handle all the different possible failure situations in a communication protocol.  As we progressed I was getting more and more concerned.  The designers were explaining how things would work and I would come up with all these different situations they hadn’t considered.  Things like (not exactly, but close enough to get the point across) if your encryption keys are being updated every ten minutes what happens when your main unit goes down and you have to bring online the back up control center 100 miles away?  How does the backup know what the current keys are?  They hadn’t thought of that.  Lots and lots of examples like that things they hadn’t thought of but were valid concerns.  They were very good with finding solutions to the “hand grenades” I was throwing at them, but it bothered me that I was the only one coming up with the complications.  I may be better than the average person at thinking of all the exceptions to a general rule (my wife sometimes gets angry with me when I do this in “normal conversation”) but I’m far from perfect.  What about all the exceptions I hadn’t thought of?  If two or more people from different perspectives are “lobbing hand grenades” at the proposed solution I would feel a lot better about the robustness of the solution.  I didn’t say anything about it, I just stewed on it, “Who else can we get to take a look at this for vulnerabilities?  Should I hire an outside consultant to review our work?  We really need to make sure we have thought of nearly everything…”  I was right in the middle of those thoughts when one of the guys told a story of something happened at the lab a year or two ago.  I burst out laughing and continued even though they kept insisting it wasn’t funny.  Of course it wasn’t funny to them, they were there until the wee hours of the morning bringing the network back up with thousands of people needing for them to be successful.  All I could think about was that I knew that no matter how many people were brought in or who those people were, they wouldn’t have envisioned a killer dust bunny.

If you have a critical resource like an engine on a airplane or a computer system that your entire company requires to function you go to extraordinary efforts to make sure it doesn’t fail or that you can fail in a graceful manner. A power failure to a system with a UPS can give the computer a few minutes warning the power is going away when the batteries go dead. The computer then gets to shutdown gracefully. If one computer system and/or UPS system fails the second computer system and it’s independent UPS can continue without skipping a beat until the primary can be fixed. But as reliability engineer Ted Yellman from Boeing (and Teltone where I met him) once told me many years ago, “The question usually isn’t how reliable or how many redundant systems you have, it’s how independent they are.” In this case someone was routing some cables through the false ceiling over the computer room for the network at the lab. Some dust came down (technically not a dust bunny, but it makes a better story if it is a dust bunny) and the fast moving air in the computer room pulled the dust into the smoke detector. The smoke detector set off the fire control mechanism which “knew” that you don’t want the electricity on when you turn on the sprinklers. And since designers of the fire control system knew the computers were on a UPS, not just the normal power mains, it shut down the UPS as well. That brought down the all the computers, main and backup, in a fraction of a second without the computers able to gracefully shutdown. Imagine planting your face in the middle of your plate of spaghetti during dinner instead of going to your room and getting in bed to fall asleep. And so it was with a room full of racks filled with computers–splat! It took them something like 170 man hours to bring the system back up. Some of the computers hadn’t been turned off in a year or more and some hard drives and other hardware failed on startup. Other systems had corrupted files systems that were discovered after they booted. The startup procedure had been written before new equipment and software had been installed. It was a nightmare–they had to diagnosis and repair a complex system under time pressure with multiple simultaneous and unknown failures.

So I’m thinking what hope do we have to guard against determined, intelligent adversaries when something as undetermined and unintelligent as a dust bunny can take us out?  And I’m reminded of the joke about computer programmers versus carpenters.

If carpenters build houses like programmers wrote software the first woodpecker that came along would destroy civilization.

Yesterday morning I sent an email to some people at a company I knew was about to release a product using SHA-1.  I got this back last night:

Hi Joe,

 

Just saved me an email I was about to send you a similar one…

We’ve been tracking this since yesterday and evaluating what it means to us.

I’ll keep you posted of our evaluation and next step plan.

Thanks!

I know of two new applications, so new they haven’t even shipped yet, that were going to use SHA-1.  Then this comes out:

SHA-1 has been broken. Not a reduced-round version. Not a simplified version. The real thing.

…

This attack builds on previous attacks on SHA-0 and SHA-1, and is a major, major cryptanalytic result. It pretty much puts a bullet into SHA-1 as a hash function for digital signatures (although it doesn’t affect applications such as HMAC where collisions aren’t important).

What he said.  Major, major cryptoanalytic result.  The U.S. government, via NIST, planned to phase out SHA-1 by 2010 anyway.  I imagine this will speed things up a bit:

http://csrc.nist.gov/hash_standards_comments.pdf

…due to advances in technology, NIST plans to phase out of SHA-1 in favor of the larger and stronger hash functions (SHA-224, SHA-256, SHA-384 and SHA-512) by 2010.

See also: http://csrc.nist.gov/CryptoToolkit/tkhash.html

MD5 was partially broken months ago.  These are interesting times we live in.