Just because

I own drive an implausible and uncommon euroweenie car; why shouldn’t I own and shoot an implausible and uncommon euroweenie handgun?

Fire in the Sky

Not ashamed to admit that this song can bring tears to my eyes in the right (or wrong) mood.

Go buy their music.

Incidentally – June 28th, 2011 will mark 30 years and change, and the end, of what may well have been a boodoggle, but still stands as the most successful manned space vehicle to date. Though it’s past time for private industry to take over.

This one is Roberta’s fault, though action is somewhat removed from reaction.

Powers of Congress and the Second Amendment

Given the decisions in Heller and McDonald, and the precedent of the Law Enforcement Officers Safety Act, is there any reason that Congress could not require legislatively require states to permit carriage of firearms by non-prohibited persons?

A partial list of apps I’ve got on the TDR-4G

I've finally gotten my “own” Android (as opposed to a work-issued one) and have been loading it up with apps :) In the spirit of sharing, I've decided to share some of the apps and other stuff I have loaded. Links go to Android Market where appropriate. Since it's long, I put in a break. The list is below the fold

Bleg to the universe

I want a continuous client that will support facebook, twitter, and buzz (at least) on Windows desktop, multibrowser web, Android, and iOs.

Must additionally:

• Make it easy to do oldest-first viewing from program start (as Tweetdeck Android does)
• Have full capability in Facebook to like both posts and comments, as well as share content back out to facebook (which tweetdeck android does not, at least not easily).
• Allow me to see, in one column/timeline, all my incoming feeds

Tweetdeck Android does all of this, except continuous client. The iOs and desktop clients appear to be continuous, but are essentially separate from the Android client in synchronicity and almost appear to be different programs from the android program (and, possibly, the chromedeck program). The ChromeDeck version of TweetDeck appears to be closer to the Android version, but does not appear to sync, and also appears to start at newest (top of column) when started. And it doesn’t have resharing abilities; though at least I can easily go to the relevant facebook page easily.

My new mech

When I get an android whose device info still shows as htc_mecha, and whose marketing name is Thunderbolt, I can't help but call it the TDR-4G Thunderbolt

MoBleg

To the Android-based bloggers out there: what app for posting to blogspot? I have the Official Blogger app and don’t like it much.

When I was guest-blogging at Snowflakes, I used the WordPress app and was blown away by the functionality compared to what I can find for Blogger/Blogspot.

(I am not at home to suggestions to change platforms, I just got here.)

IstoleIt

As much as I love the recent developments in downloaded music, I feel sorry for Jon Bon Jovi. He didn’t ask for any of this, he probably realizes just how pointless most of his songs are, and every man and his dog now is ignoring his luddite rants.

Aside from some class acts (who are to be found in damn few bands), most of these rock stars have a choice between another line of coke or playing another crappy rehash of the two songs that made them famous.

…

and seriously, where’s your money coming from when your fans don’t buy your music online!?

 

(Apologies to everyone at the second link)

Six Degrees of Queen Victoria

Saw this is a comment at the Volohk Conspiracy:

“Six Degrees to Queen Victoria,” look up the Wikipedia article on anything at all and try, by clicking links, to get to Queen Victoria within six clicks.

My one Run through started with Passport To Danger and reached VR by 6 clicks exactly.

I’ll give you a hint, it involved Mark Twain, though not his page directly

New Jersey’s response to gun rights: Get Bent

The NJ counter-brief

THIS COURT SHOULD GRANT DEFENDANTS’ MOTION TO CROSSDISMISS PLAINTIFFS’ COMPLAINT BECAUSE THE CHALLENGED PROVISIONS OF N.J.S.A. 2C:58-4 ARE CONSTITUTIONAL. . . . . 3
A. The Challenged Provisions Do Not Implicate the Second Amendment Right to Possess a Handgun in One’s Home for Purposes of Self-Defense And the Second Amendment Does Not Encompass a Right to Carry a Handgun Beyond One’s Home.. . . . . . . . . . 4
B. Even If the Challenged Provisions Implicate the Second Amendment, They Pass Constitutional Review. . . . . . . . . . . . . . . . . . . . . . . . . . 10
1. The Challenged Provisions Are Constitutional Under Any Heightened Scrutiny. . . . . . . . . 11
2. The First Amendment’s Prior Restraint Framework Does Not Apply.. . . . . . . . . . . 15
CONCLUSION .. . . . . . . . . . . . . . . . . . . . . . . . . 19

The doc then proceeds to elaborate. This is in response to this brief, which stated

POINT I: SAF AND ANJRPC HAVE ORGANIZATIONAL STANDING ..................... 4
POINT II: HELLER HOLDS THAT THE SECOND AMENDMENT PROTECTS THE GENERAL RIGHT TO POSSESS AND CARRY A GUN – AND THE RULING IS NOT “LIMITED” TO THE HOME ................................................. 7
A. The Holdings of a Decision are the Parts Necessary to the Result Reached by the Court – Not Just the Boundaries of Relief Ordered ....................................................................................... 8
B. The Plaintiff in Heller Expressly Sought the Right to Possess and Carry a Handgun ............................................................................ 9
C. Heller Holds that the Right to “Bear Arms” is the Right to Carry Guns .......................................................................................... 12
D. The Heller Court Did Not Limit its Ruling to the Home .................... 15
E. The Dicta in Heller (and McDonald) Recognize a General Right to Carry Guns in Public ............................................................. 18
F. Caselaw Does Not Support the Claim that the Second Amendment Protects Only the Possession of Handguns within the Home ............................................................................................. 24
POINT III: THE “JUSTIFIABLE NEED” REQUIREMENT IS INHERENTLY DISCRETIONARY AND FAILS REVIEW AS A PRIOR RESTRAINT ................ 32
A. There is No Basis to Depart from Marzzarella’s Instruction to Utilize First Amendment Standards of Review .................................. 33
B. The Permit Laws Are Prior Restraints Because they Condition Constitutionally Protected Conduct on an Official Grant of Permission ........................................................................................... 35

C. The Determination of “Justifiable Need” is Plainly and Inherently Discretionary ...................................................................... 39
POINT IV: “JUSTIFIABLE NEED” IS AN IMPERMISSIBLE BURDEN ...................... 42
A. The Supreme Court Explicitly Rejected the Attempt to “Balance Away” the Core Protections of the Second Amendment .................... 43
B. There is No Basis for Applying the Proposed “Reasonable Regulation Test” .................................................................................. 45
C. The “Justifiable Need” Requirement is an Impermissible Burden on the Exercise of Constitutional Rights ................................ 49
CONCLUSION .......................................................................................................... 53

Handy that both of them make such easy reading out of their table of contents.

Anyway, now that everyone has drawn up their forces, it goes to the legal battlefield. This is all posturing anyway, since whatever the court of the first instance decides, it’s likely to be appealed. (Faint possibility, Governor Christie could order the NJ AG to stand down after a loss, but I think that vanishingly improbable).

Um. What was that?

Physics and Technology for Future Presidents: An Introduction to the Essential Physics Every World Leader Needs to Know.

By Richard A. Muller

“The United States Bureau of Alcohol, Tobacco, and Firearms tests wine, gin, whisky, and vodka for radioactivity. If the product does not have sufficient radioactivity, it may not be legally sold in the United States.”

P 108 of the edition that Google has up on their site.

So many places to go with that…

Capitol Hill High School Hijinks

The forces of gun control must be weeping in the bathroom right now, because their BFF just broke up with them by Facebook.

Interesting move by Governor Christie

Christie nominates N.J. Assemblyman Carroll to be superior court judge. From a 2A point of view, Assemblyman Carrol ritually introduces a very nice Shall-Issue CCW law every so often (A-1384 was the latest I could find) and a bill to make NJ use NICS only for background checks (A-1398 appears to be the most recent one).
Interestingly enough, Assemblyman Carroll beat out then-Prosecutor Christie in the Republican primary of 1995 to win his seat. This was the campaign in which Christie published his “Pro-AWB” flyer that has been used as an argument against Gov. Christie’s pro-2A bonafides. I would say this is a pretty pro-2A move by the Governor.

Edit: Well, that didn't last long: Christie yanks nomination of N.J. assemblyman as Superior Court judge

GPS and Lightsquared Followup

This New Scientist article goes on about the effects of disruption of the GPS network. It is precisely because of this large potential for disruption that Lightsquared will not be permitted to operate their network if it interferes with GPS.

I am entirely unsurprised, BTW, by this quote from the article:

"We originally expected that jammers might be assembled by spotty youths in their bedrooms," says Last. "But now they're made in factories in China."

This is one of the areas where the Chinese absolutely wish to “encourage” development, as GPS jammers have an important dual-use for them (degrading the American tech advantage if the Mainlander Chinese ever actively invade Taiwan).

As the state of the art progresses, the parameters of the problem will change, I’m sure.

Rotational coffins

This news (if true) would probably step up the rotational speed of Messers Hewlett and Packard; whose initial revolutions started when their names stayed with the PC business and not the instrument business.

TSA vs Amtrak

Looks like TSA took it upon themselves to “secure” an Amtrak facility. Amtrak chief is not amused

Hubris

I was reading through the comments at this review of Lookout mobile security and saw this howler:

“…android is linux based. hence, it’s literally impossible for it to contract a virus through an app (i heard some story recently that somewhere in russia, a virus was attacking linux based devices, but not through apps, and such a thing was very rare). Apple also uses a linux base for the iphone and mac, which is why they are famous for not getting viruses.”

Isn’t that precious? Later on he walks it back and claims that he meant “it was difficult.”

I am painfully aware through my day job that there is malware specifically targeting OSX (a DNS changer trojan); and that the awareness of security on the platform is so low that it can get away with being painfully obvious. The equivalent trojan on the Windows platform has to employ serious camouflage tactics to avoid getting picked up and removed; using tricks like burying in the TCP stack and sophisticated counter-countermeasure mechanisms. The OSX one runs as a obvious background task and can be easily spotted by checking your DNS settings.

Here’s the deal: consumer computing machines have users who can grant permissions to apps to do things, including “full control” (whatever that means for your particular OS). This means there is no security beyond what the user imposes. An OS can give the user tools to assist them in the process, and can restrict access without specific permission; but in the end, the user can override any and all security measures.

Message to comic authors who put their stuff on the web

If you do not have an RSS feed, I will not read your work. If I do not read your work, I will not buy your stuff. There are plenty of comic authors whose RSS feeds contain links to their sites, so I still go there for updates. This is 2011, I no longer use bookmarks and hope that I won’t get spoiled when I go to a site.

Sincerely, Ian Argent

Bootable CDs for banking, and why they won't work - Repost

I've been seeing from a lot of security types that banking from your home PC using Windows is inherently insecure; and that a solution to this is to use an OS on a bootable CD (the Live CD is usually touted). This is an elegant technical solution to the problem represented by an OS that runs from rewriteable media. For the purposes of the discussion, the specific OS doesn't matter; depending on a specific OS to protect you because it's a small fraction of the installed userbase is depending on a variant of security by obscurity. Ideally, you shouldn't bank online at all, say the extremists.

However, it's a terrible idea outside of the merely technical. Let's start with why online banking exists. Online banking exists because a bank's business model and inventory are both based on bits, not atoms. Banks actively work to reduce the number of atoms that they have to concern themselves with, because they only make money on bits, and atoms are a cost. As customers of a bank, we want them to do this, because the banks' costs are passed on to the customer. Thus, the rise of ATMs (which, while atomic in nature, consist of cheaper atoms than do tellers). Thus the rise of online banking (a server farm is made of cheaper atoms than a bank branch, in addition to having negligible cost for additional operating hours versus a traditional branch). Thus the death of checks enclosed in your statement (since they are converted to bits at the earliest opportunity and the atoms disassociated, rather than being schlepped across country). &c, &c. Online banking is here to stay.

So, on to why bootable OS CDs won't work. First I'll do the consumer side, then the bank side. And then I'll go over why they don't solve the problem anyway.

The consumer side: I have on my desk a multitasking POWERHOUSE undreamed of, say, 20 years ago. Skipping the rest of the hyperbole, it is vanishingly unlikely that I have to close down my other applications to open up an online banking application. Nor would I want to - I balance my checkbook not by pen and paper, but by database. By doing this I don't have to worry about arithmetic errors, puzzling out handwriting, etc. And to avoid data entry issues, I don't hand-type information into the database, I retrieve it via the internet. Likewise, I schedule outgoing payments in my financial management program. There's a positive benefit to doing so, I don't have to give a third-party permission to debit my account, and the timing of doing so is ENTIRELY under my control, across multiple financial institutions and payees. The communications between this application and my banks is encrypted, but essentially (S)HTML. It essentially includes the functionality of a web browser. And you want me to give up the incredible power of automation and communication for security? Fat fricking chance. This gets worse if I'm a business owner, incidentally. As a private person I could manage my finances via paper if I wished, though it would be much harder, and significantly more expensive. It would be essentially impossible to do so as a small business owner, certainly not if I wish to stay on the right side of the tax man and the bar association.

The bank side: A CD is made of atoms, and they are atoms that do not replace other, more expensive atoms. They aren't even passive atoms; the CDs have to be made available to customers, and thus schlepped about the country, inventories have to be managed and refreshed from time to time, technical issues need to be supported (and tech support comes attached to some very pricy atoms indeed, even if they are located on the other side of the world). The bank wants nothing to do with them. All they do is reduce costs; and costs are passed on to the customer. Period - by definition a for-profit company passes all of its costs and a markup on to the customers.

But, let's say you've convinced me; your bootable OS CD also has a financial management program that can write to the local storage device, so I can take advantage of the power of my computer while still keeping an un-breachable wall of security around the OS. Let's say you've convinced the bank that the CD will reduce the costs associated with online bank fraud; the OS booted from the CD is immune to Trojans and other malware.

It is still not secure. Lets start with distribution: at some point these CDs must be mastered. That mastering plant is an extremely vulnerable single point of failure. Get your malware on at the source, and you've slipped past every defense; plus it's very expensive to repair the damage. You have to reship EVERY infected CD, doubling your costs.

You have to ship the CD. Do I need to go into the kind of man-in-the-middle attacks possible if you ship them directly to the end user via the mail system? It's trivial for Eve to insulate herself from mail fraud by using mules, and not much more trivial to use unwitting mules. I wouldn't count on the high cost of atoms to deter the black hats - ATM skimmers work despite being made of atoms, not bits.

But if you ship them to the bank, they have to be kept in a secure location, or the supply of CDs can be tainted by inserting the malicious ones into the supply. Which defeats the purpose of having online banking in the first place, which is reducing the amount of walk-in traffic to branches. And since it must, by definition, be available to the public, you can't secure the data on it from an attacker.

It doesn't stop phishing: even if no bank actually offers downloadable ISO images, the phishers will...

Each bank is vulnerable to the least secure of them. Either the bank requires that only their own secured CD be used to access their online banking, or they cannot enforce use of a CD-booted OS. And they can't actually enforce use of their own CD, the most they can do is enforce use of their own CD or malware CDs targeted at them, since the malware CDs will be able to perfectly mimic the targeted bank's CD. For that matter, who in their right mind is going to reboot their machine each time they want to change banks in the middle of a session?

There are minor issues as well - what if bank A doesn't offer the financial software customer b wants to use? The CD must be updated from time to time as additional features (including security) are added, not to mention drivers for hardware etc.

Bootable CDs are a terrible solution that is being pushed (in large part) by the anti-Microsoft crowd for the purposes of gaining a beachhead for non-Microsoft OS. I'm not going to trivialize the problem; I suspect it's overblown. To the individual, compromise of the bank account is horrific, but I wonder how much per bank customer, or (more appropriately) per banked dollar, is lost annually. I suspect that systemically available fraud insurance would be a better approach (though you run into some moral hazard issues there).

(Originally posted on my Livejournal – some minor clean-up editing has been done)

Reminder about term limits

Senator Grassley would have been term-limited well before now, out under almost all proposals I’ve heard.

Term limits don’t just affect the Ted Kennedies and Barbara Boxers, they affect the Chuck Grassleys and the Paul Gramms; and leave the bureacrats unaffected.

Still don’t have flying cars

But it’s an amazing world we live in where I can run across George Armstrong Custer’s account of the Great American Desert, point at it, and have it delivered through the ether to my very own Instant Book-like Device.

NCIS: What’s up with the last two eps

What’s with all the sic transit gloria mundi, reminders that they once had a chick named Kate on the show before she was callously murdered by one Ari David, brother of her replacement, and that both Tony and McGee have stunted their careers to stay on Team Gibbs?. They essentially spent two eps hammering this into the foreheads of the viewers.