Tag: security

Posted on
by

Now that Let’s Encrypt is up and running, and now that Dreamhost has integrated it into their tool set, I have finally gotten security turned on for my website.

Just visit philipbrewer.net using https instead of http and you can browse the site secure in the knowledge that the pages will be encrypted in transit. As if that mattered for a public website. But still—might be useful, and costs nothing except a whole bunch of cycles on your computer and my hosting service’s computers.

I had actually turned on encryption some time ago for the admin pages, so that I could securely administer the site even when my access to the internet wasn’t secure (over public WiFi, for example). But I hadn’t pulled the trigger to route general traffic over https because the certificate I used was self-signed, which meant that I could trust it, because I knew which certificate I’d installed, but the general public couldn’t tell the difference between my site and a fake site set up by a some perfidious fraudster. The new Let’s Encrypt certificate is signed by a well-known issuer, so any modern browser will show the handsome green padlock.

clipUpdate your bookmarks appropriately!

Posted on
by

I have long opposed most sorts of gun control. The main reason is the same reason I oppose drug prohibition: There is no way to enforce a ban on a thing, except through police-state tactics (and I don’t like living in a police state).

How do you ban a thing? You can pass a law against possession, but that law is unenforceable except by house-to-house searches. You can’t even enforce a ban on carrying concealed weapons except by stopping and frisking everyone out on the street. (Please don’t suggest only stopping and frisking “suspicious” people, unless you have first-hand experience with looking like one.) Since there’s no victim to report the crime (“I was illegally possessed at!”), you only find the criminals by chance, unless you’re willing to go full war-on-drugs with undercover agents, coerced informants, wiretaps, search warrants executed by SWAT teams and so on.

You could impose a high penalty on possession of a gun, and then only enforce the law when a gun came to the attention of the police. That would probably get the guns off the street—a gun hidden under the floorboards isn’t much of a threat—except of course for the “only criminals will have guns” issue: High penalties don’t much deter people who are already committing crimes with high penalties. Plus, it leads to all the classic slippery-slope arguments. Selective enforcement (searches used to harass disfavored people) and unfair results (unlucky people spending 20 years in prison for a gun they didn’t know was in the boxes of grandfather’s personal effects) being just two of the downsides.

Besides, guns are useful tools. If we have a ban that applies as well to the police and the military, then we’ve denied them tools that they may need to do their jobs. But if the ban doesn’t apply to them, then we have to draw the line in a specific place—or a series of specific places. If police qualify, how about campus police? Transit police? Park rangers? Do bodyguards qualify? How about armored-truck guards? Stalking victims? The result is once again selective enforcement and unfair results, this time with a side order of political shenanigans.  Some people who need the tool will be denied it. Other people who thought they were allowed the tool will have their lives destroyed when a court rules that they were not.

Much more sound than laws against things is laws against behavior. It’s illegal everywhere to shoot someone or to threaten someone with a gun or even to discharge a gun in a populated area. These are the sorts of laws that gun-control opponents always point to as the right way to control guns. But they self-evidently don’t work. Even if you discount suicides and accidents, there are 12,000 homicides a year in the United States—with about 90% committed with a firearm.

So, what other behaviors could we regulate? There is often talk of regulating the sale of firearms. Being in the business of selling firearms is already extensively regulated, but currently it’s legal to sell (or give away) a firearm without being in the business—sales between friends and gifts between relatives are legal, and don’t require that you be a licensed firearms dealer. That could be changed. You could make selling firearms be like selling prescription drugs, which only a licensed pharmacist can do. Many currently legal, perfectly ordinary behaviors would be illegal, or else the laws would have to be very carefully drafted. Could a father buy his son his first .22 rifle? Could an Olympic-champion riflewoman let her aspiring-sharpshooter daughter take mom’s match-grade pistol to the shooting range to practice with? If a down-on-his luck man pawned a family heirloom firearm, would he be committing a crime if the pawn shop owner’s firearms license were not in order? What if the pawn shop clerk were a felon?

Registering guns is often proposed, although I don’t see how doing so would reduce violence. Further, I think gun-owner fears of gun registries being useful primarily as a tool for eventual confiscation is well-founded: What other use would a registry have? The parallel is less with registering cars (which are big and operate in public where people can see them) and more with registering typewriters (which are small and are generally used in private).

Illinois has long had a registry of “allowed gun buyers,” which is somewhat less pernicious than a list of guns: It would still provide a list of places to search, if things trended even further toward a police state, but it would do so without providing what amounts to a master of list of guns to be seized. In fact, I would fully support such a scheme, if it were automatic: Every adult who has not been convicted of a felony or violent misdemeanor, nor adjudicated as dangerous or incompetent in some other fashion, should be on the list of those allowed to buy guns. The government could automatically strike people from the list upon conviction or commitment to a mental institution (with an appropriate appeals process to correct errors). Or people could file a simple form to ask to be taken off the list, if they had some personal objection. It’s basically the instant background check from the opposite direction.

I will say this, though—gun control advocates are finally on the right track, in attempting to mobilize public opinion. For the past thirty years, members of a small, mostly liberal elite have been trying to use their influence over government officials to pass gun control. But with public opinion so divided, legislative sausage-making has produced laws that are pointless and ineffective, full of easily ridiculed loopholes, but still with traps for the unwary gun-owner to commit a technical violation that leads to harsh sentences, without reducing the number of guns or making them less dangerous. (I am thinking in particular of the so-called assault rifle ban that ended up merely banning a handful of cosmetic details.)

And yet, I am nearly brought around. I am ready to support gun control legislation, if something can be found that would actually reduce violence (or at least its severity), doesn’t require police-state tactics to enforce, and doesn’t send people to prison simply because their papers are not in order.

That last is non-negotiable for me, an attitude puts closer than I’d like to be to unsavory company on other issues, such as immigration, where I agree with many Republicans that I think we should control our borders better. It’s because the other tactics of keeping our population density low are ineffective, unless we empower the police to check people’s papers. If we want the higher standard of living that comes from living well below carrying capacity—and I do—we can’t let just everybody live here. But having a category of “illegal” people forces immigrants to live outside the rules that promote the health, safety and prosperity of everybody, for fear of deportation. That risks the health, safety, and prosperity of all of us.

I’m no happier with letting police demand my firearm paperwork, and send me to prison if it’s not in order, than I am with letting police demand my citizenship papers against similar consequences.

I also think playing with guns is fun, and would be sad if they were banned. But I would give up playing with guns, if I thought it would prevent a large fraction of 11,000 murders a year. I don’t see a clear path from here to there, but I have joined the mass of people trying to find one.

Posted on
by

People are making a big deal right now about how it’s obviously stupid that “suspected” terrorists can buy guns, but can’t get on planes. But nobody seems to be pointing out how it’s terribly unamerican that there’s even a category of “suspected” terrorists.

Until 15 years ago, you were presumed innocent until you were convicted of a crime. Yes, there was a category of “indicted” that was kind of in-between—but there was a clear legal process for how you got there, and a clear path to resolving the in-between state.

I really object to the idea that someone who has been convicted of no crime can be put into a category that denies them any of their constitutional rights. The gun nuts are putting a special premium on the right to be armed, but what about the right to travel?

The government, in the few court cases that have had at least some proceedings so far, has put a lot of weight on the idea that you don’t have to be able to fly to exercise your right to travel. You can still walk, after all. If you’re overseas you can buy a yacht and sail to the U.S, and the lawyers for the government seem to think that resolves the right-to-travel issue.

The fact that the process for getting into this state of “not convicted of a crime but still lack the rights of a normal person” is opaque and uncontestable is bad, but really doesn’t bother me as much as the state existing at all.

I am slowly coming around on the gun-control issue, but I wouldn’t mind preserving the status quo just for a bit, as a way to focus the mind on the broader issue: We used to have constitutional rights, and nowadays the most basic of them—being deprived of liberty without due process—has been constantly violated for fourteen years.

Posted on
by

I’d seen it right along, and plenty of other people have commented on it before me, but I don’t think it really sunk in until just this past week, with all the hand-wringing over Syrian refugees:

Republicans are a bunch of cowards.

I’ve never seen so much fear as has been on display the past week from the Republicans (and, I must admit, way too many Democrats as well). And over what? A bunch of people—largely educated and middle class—who have been forced to flee their homes.

Seriously, the Republicans are straight up afraid of widows and orphans. What’s up with that?

I mean, I totally understand why the Syrians are afraid. They have soldiers and militias fighting house-to-house in their neighborhoods, blasting them with artillery, even using chemical weapons. Not to mention, they have U.S., French, and Russian air forces dropping bombs on those same militias, in the same neighborhoods.

But the Republicans? What are they afraid of? They’re afraid that some “terrorist” will “slip in” amongst the masses of refugees and commit “acts of terror” in the United States.

Well, these hypothetical refugee-terrorists (of which we’ve seen exactly zero so far) will have to get at the back of a pretty long line, behind the non-hypothetical white-supremacist, right-wing, and anti-government militias (not to mention depressed loner high-school boys) who have been committing mass murders in the U.S. in numbers well in excess of those committed by foreign terrorists.

Perhaps worst of all, most of the Republican rhetoric isn’t even aimed at affecting government policy; it’s aimed at preemptively setting up other people to take the blame. “We said you had to give ‘100% assurance’ that they wouldn’t be terrorists before you could let them in, so if even one of them commits a terrorist act it’s all on you!” (They know perfectly well that ‘100% assurance’ is impossible, which is why they demand it. It makes me want to point out that in the U.S. we convict people of capital crimes and execute them, and all we require is assurance “beyond a reasonable doubt.” I expect pointing that out makes me a rose-colored glasses wearing liberal who’s endangering our country.)

Fortunately, some people are man enough not to quake in their boots at the idea of some ordinary families fleeing terror and ending up here, and man enough not to be terrorized at the idea that they might have to take the blame if an evildoer does slip in. I’m thinking of President Obama here, rather too few Democrats in Congress, most of my liberal friends, and (oddly, because I don’t think of myself as especially brave) me.

Posted on
by

I got email today from one of my senators, with the text of a truly appalling letter to president Obama from the senator and eleven of his colleagues.

The letter (here’s his press release on it) calls on the president to ensure that “no refugee related to the Syrian crisis is admitted to the United States unless the U.S. government can guarantee, with 100 percent assurance, that they are not members, supporters, or sympathizers of the so-called Islamic State of Iraq and Syria (ISIS).”

It’s obviously intended to be an unattainable threshold, but that’s really beside the point—the whole thing is completely wrong-headed.

I was moved to respond, and sent him this message via the contact form on his website:

I wanted to say that I was appalled by the letter to president Obama that you shared with me.

Since 9/11, the number of refugees who have committed terrorist attacks in the US is exactly zero—which suggests to me that keeping refugees out of the US is a complete waste of time and effort.

Targeting refugees—the most helpless and vulnerable among us—is not only pointless, it is also heartless and cruel. It is a failure to live up to our obligations under international law. It is also, in my opinion, terribly unamerican.

There are far better, far more effective ways to protect US citizens than by heaping yet more misery on those who have already faced the violent extremism of ISIS—those Syrians who have been forced by it to flee their own country.

I urge you to write to the president and let him know that you repudiate your entire letter, and to suggest that existing US policies on refugees, established in accordance with international law, should remain in place.

Another eleven senators signed the letter. If yours was one of them, you might want to contact your senator and say something. Feel free to borrow from my text, if it speaks to you.

Posted on
by

I’ve been putting my photos on Flickr for years now—my first photos were uploaded in 2004. I didn’t upload all my photos, just the ones I particularly wanted to share. (In those days, you had to pay for a Pro account to share more than 200 photos. By uploading only occasionally, I stayed under that limit almost until it was lifted.)

More recently, I configured my phone to upload all the photos I take with it to Flickr, but to make uploads private until I go and publish them. I don’t do that for privacy or security. (I figure once a photo is uploaded, it’s effectively public anyway.) I do it this way so that my photostream is a list of photos that I’ve chosen to share, rather than just all my photos.

I think I once had a “Flickr badge” with some of my photos on the sidebar of my blog, but it seems to have gone away at some point. I forget whether there was some technical reason, or if it just got lost when I changed themes or something. In any case, I once again have a widget on the sidebar, showing my most recent shares to Flickr.

It’s pretty far down on the sidebar. In case it’s too far to scroll down, here my most recent Flickr photos, as of this morning:

Preying Mantis

Prairie path in fall

Wooly bear

Jackie weaving squares

Prairie sunset

 

Posted on
by

In an interesting post (with the tediously link-baity headline “Facebook just made a move that will infuriate law enforcement”), Business Insider reports that Facebook will now let you add your PGP public key to your profile, and that Facebook can be configured to use that key when they send you email.

This has the potential to make Facebook much more secure: The email to reset your password will be encrypted with your public key, potentially defeating the standard attack on a social media account (hijacking an email address and then getting the site to send that address a password reset message). As long as your private key stays under your control, the attacker can’t get at the password reset URL, even if they can get at your email.

As a bonus, any email alerts from Facebook remain somewhat private. (Not that I’d share anything I wanted kept private with Facebook, or expect that anything anyone else shared with Facebook would remain private—but keeping the contents of my email private seems worth doing just for its own sake.)

Of course, as Facebook warns you, if you lose your private key and access to Facebook at the same time, you may well be completely screwed.

I think it’s a risk worth taking, and have already added my PGP key to my Facebook profile.

Posted on
by

During the 1970s, there was a big push to hold corporations accountable for crimes they committed. Resistance to the idea came from people who thought that any crime would be committed by specific individuals, and that those individuals, not the corporation, should be held accountable.

Activists pushing for direct criminal sanctions against corporations pointed out that the obvious tactical response by the corporations to a policy of only holding individuals accountable would be to hire a “vice president in charge of going to jail.” That person could be put in charge of whatever activities might end up being found to be illegal—and be compensated appropriately for the extra risk he was taking. (How much would they have to pay you to take a 3% chance that you might have to spend 2 to 5 years in a minimum-security prison? One hundred thousand dollars a year? A million? Ten million? Many people have their price, and it tends to be surprisingly low, at least for risks perceived as being fairly low.)

I was reminded of this in the wake of Marissa Mayer’s statements that Yahoo and other corporations were unable to reveal that they were caving in to US government pressure to turn over customer data, because they’d go to jail if they did.

What those corporations needed was a VP in charge of going to jail: Someone hired specifically to speak out if the company receives a National Security Letter—and appropriately compensated for the risk that they might have to go to jail.

Sadly, it’s tough to get the incentives right. The corporations that the 1970s activists were concerned about were engaged in things like illegal waste disposal. Their “VP in charge of going to jail” had two goals—dump the waste as cheaply as possible, while making the activity look like it might be legal. As long as it was close enough to being legal to avoid going to jail, all that extra compensation was free money—but if looking like they might be following the law wasn’t a lot cheaper than actually following the law, the board was going to figure that there was no point in employing the expensive VP.

In the case of being the VP in charge of going to jail for revealing that the company had received a National Security Letter, the extra compensation would be received in advance, when the VP wasn’t even doing anything illegal. It would be awfully tempting to pocket all that money—and then when the National Security Letter came, to say, “You know, upon reflection, I think in this case my conscience requires me to follow the law and keep quiet.”

I’ve tried to come up with some mechanism to get the incentives right. Maybe paying the extra money into a trust that pays out promptly if the VP goes to jail, but otherwise only after many years, when there’s reason to believe that there was no National Security Letter—and of course, if it turns out there was a National Security Letter and the VP didn’t speak up, the money goes to charity instead. But that has too many problems with being unenforceable due to being contrary to public policy.

It’s too bad. A VP in charge of going to jail seemed like a perfect solution.

Posted on
by

I’ve always admired the way reporters come together when a reporter is messed with. It reminds me of the way the police engage in a big show of force when a policeman is killed.

Once when running a quick errand, I found that I’d put myself on the other side of an hour-long police funeral procession. It did not endear the police to me, but it did make a powerful statement that the police are not just willing to make people suffer when a policeman is killed, they want to make everyone suffer. They think it gets the incentives right. They think if everyone suffers just a little bit when a policeman is killed, everyone will have just a little bit more interest in keeping that from happening.

I think that sort of tactic is ill-advised—almost all people are much more strongly motivated by decency and compassion than they are by intimidation. But I understand that the police are motivated more by grief than by thinking a show of force will make a difference. Their legitimate feelings make it hard to argue with their tactic, even when its results will be mixed.

Reporters are better at being circumspect and targeted with their reaction, but when anybody within the power structure messes with a reporter, a vast swath of the journalistic community sits up and takes notice. They write stuff about what happened. They point out governmental overreach. They remind one another that they’re all on the line if this goes unchallenged—and they remind ordinary people that the same powers being used against reporters are available to be used against ordinary people.

It’s really good to see. It’s not perfectly effective, but it is effective.

It’s the right response.

Posted on
by

I’ve been very disappointed by many friends’ cavalier attitude toward both our government’s invasions of our privacy and its use of the most extreme forces of legal process against those who would tell us the truth about what the government has been doing.

One specific disappointment has been the various versions of “I don’t care if the government listens to my calls. I’ve got nothing to hide.” (Usually with some lame joke about how tedious it would be to listen to their conversations.) It’s as if they know nothing about what led to the American revolution. Didn’t these people go to high school? Don’t they know that each of the privacy-related rights spelled out in the constitution was there for good and specific reasons—because of actual abuses suffered by ordinary people?

The most disturbing of the recent revelations is not how much data that they’re sweeping up (pretty much everything) nor the incredibly lax standards they seem to have about exposing the data (my data and their own!) to a surprisingly large number of people. It’s that they’re sweeping up everything and then keeping it for years.

There are several problems here, but I want to focus on two of them.

It’s not okay just because it’s still secret

At one level, I understand people who trust the government enough to think that it’s okay (or at least less bad) to have the government sweeping up all their private information—as opposed to, let’s say, Google or Facebook or Microsoft (or Monsanto or ADM) doing it. I can accept the ideal of government as a force for good. We’re still reasonably close to having a functional democracy—a few tweaks to campaign finance law and we might very well get back a government that was responsive to the desires of its citizens.

But even if you trust the government not to use your information inappropriately, I think recent events prove that you can’t trust them to keep it secret. We’ve just seen a large leak of exactly the information that the government has been trying it’s very hardest to keep secret. But we only know about it because a brave leaker went public and because a free press published what they’d learned. How many leaks were not to the public, but instead to a foreign government or a criminal organization? We don’t know, because those leaks go unreported. We can’t know. Even the government doesn’t know, and if it did know it wouldn’t tell us.

If the government can’t keep the details of its own most secret programs from becoming public, why would you imagine that it could keep your details secret? For all you know, your information has already been leaked to criminal organizations, to foreign governments, to domestic corporations, to lobbying organizations and other influence peddlers—to anybody who could get an advantage by knowing secrets.

Maybe massive amounts of your information collected by the NSA have already leaked. The next time there’s an unauthorized charge on your credit card, maybe it’s because the NSA leaked your credit card number.

And of course that would just be true information about you. Maybe there’s a bunch of false information about you in the giant NSA databases. The next time you get turned down for a credit card or insurance or a job, maybe it’s because false information about you leaked to people who used it to make a decision about it.

And here is where we get back to why the idea that “I’ve got nothing to hide” is such a terrible idea.

It’s not okay just because you have nothing to hide

One friend made a short list of every “crime” he could remember having committed—a couple of youthful indiscretions, a couple of protests, a couple of harmless acts that were circumstantially appropriate but perhaps violations of some code or another. He was willing to own up to those—”If you want to prosecute me, go ahead!”

But, of course, that’s not how it works. The federal government doesn’t care about such things—or, at least, it doesn’t care until you become a “person of interest” in some other matter.

I don’t know whether my friend has committed any other federal crimes or not. But I do know that he has crossed international borders several times in the last few years. Did he fill out the requisite paperwork correctly each time? Did he carry anything across the border that he shouldn’t have, such as an agricultural product? Did he declare in the section on agricultural contacts that one of his running paths was also frequented by feral pigs? Is he sure that none of his financial dealings falls under the ambit of any federal laws?

In the real world, the federal government goes out and checks these sorts of things if they suspect you of something. Worse, they go and check these things if they suspect one of your friends of something (because it gives them leverage to get you to incriminate your friend). But now they’re going to have another whole bunch of things to check—all your phone calls and emails for the past 5 years.

And don’t forget that it’s trivially easy to convict you of conspiracy. All it takes is a single “overt act,” such as lending a friend bus fare or taking in his mail when he’d on vacation. (Well, technically it also takes an agreement and criminal intent, but apparently it’s okay if the only person in the conspiracy with those is the FBI informant.)

Don’t imagine that you’ve “done nothing wrong” just because you’re not aware of it. Unless you’re a federal prosecutor or defense attorney, you have no idea the vast array of actions that turn out to be federal crimes. One of our biggest protections has been that it’s a lot of effort to investigate and look for those crimes. If all your phone calls and emails are recorded it’s going to be a lot less effort.

As I say, I don’t dismiss out of hand the idea that the government is overall a force for good. I think our government (at all levels) has been pretty effective these last 150 years or so in reducing all sorts of bad things—there’s less poverty, there’s less casual violence, there’s less abuse of vulnerable people. But I don’t think giving the government audio recordings of all our phone calls, the texts of all our emails, or lists of every web page we visit will be much help in those things. And I think it will do real harm in those (fairly rare, but not rare enough) instances when people acting under color of law decide that somebody must be guilty of something, and make use of these new tools to prove it.