Mixed Feelings

I’ve got mixed feelings on Wikileaks, particularly when it comes to ongoing military action.

On one hand, Wikileaks seeks to bring unethical behavior by governments and corporations to light. I respect and support this.

On the other hand, there’s some information that should not be published, such as information detailing or identifying sources, as it can put people at great risk. I think that such information should have been redacted to protect the innocent. In addition, there’s the ethical issue of the whistleblower breaking an oath to reveal classified information to the public. Where does one draw the line?

Hopefully he made the right choice, and innocent people are not harmed as a result. I can only hope that I never face such a dilemma.

Training in Arizona

The Arizona Citizens Defense League emailed me to let me know that they’re participating in the Train Me AZ initiative.

With the Constitutional Carry legislation taking effect today, people in Arizona are no longer required to have a permit to carry a concealed firearm anywhere it is legal to open carry (a permit is still required to carry in certain places, like establishments that serve alcohol). Since getting a permit to carry a concealed firearm required that one undergo some sort of training and that such training is not required for permitless concealed carry, the Train Me AZ initiative was created to encourage people to seek out training prior to carrying firearms.

While I fully support the right for individuals to carry firearms without permits, I also strongly encourage people to seek out training to ensure that they’re well-versed in handing their firearm safely and in the complexities of applicable law.

Whether you carry openly or concealed, with or without a permit, take a training course (or many!) from a reputable, qualified instructor. Your life and future could literally depend on it.

CCWs for Murderers

That’s right, I believe Drew Douglas Grant, a person responsible for the intentional deaths of 4 children and a teacher, should be granted a permit for a handgun.

- Robb Allen, in this post.

Read out-of-context, this line is enough to send reasonable people into a fit of PSH…and rightfully so. Indeed, when I first read it, I was a bit taken aback. Upon reading the whole thing, however, I find myself agreeing wholeheartedly with Robb.

Go forth and read.

Don’t Think So

AccuWeather says the current weather in Tucson (heavy rains, thunderstorms, 95F temps, etc.) are “very good conditions for golf”.

Somehow, the idea of walking around outside with a long, wet, conducting metal golf club while wearing wet, conducting clothing, while standing on wet, conducting grass seems like a really, really bad idea.

This reminds me of a Terry Pratchett quote:

“Let’s just say that if complete and utter chaos was lightning, he’d be the sort to stand on a hilltop in a thunderstorm wearing wet copper armour and shouting ‘All gods are bastards’.”
– Rincewind discussing Twoflower (Terry Pratchett, The Colour of Magic)

That’s Unpossible

I have no idea how I managed to seriously scuff up my wedding band, being made out of extremely hard tungsten carbide that is supposedly unscratchable, in a bit over a month of married life, but I have. Now, to see if the jeweler will replace it.

I promise I’ve not been trying to gnaw it off, honey.

Overheard at the Rifleman House

Me: “Honey?”
She Who Must Be Obeyed: “Yes?”
Me: “Have you seen my pistol?”
SWMBO: “Which one?”
Me: “The Springfield XD-45. Looks like the Glock, but bigger and uglier, if such a thing was possible…”
SWMBO: “Nope. Haven’t seen it around.”
Me: “In most houses, people run around looking for keys they’ve misplaced. In this house, we do it with pistols…”

Turns out I had left the pistol in its case, which is still boxed up somewhere in the house, but I had temporarily forgotten where I had placed it.

Reminder About Permitless Concealed Carry

Just a reminder to fellow Arizonans: the new law that removes the permit requirement for concealed carry goes into effect on July 29th. Please wait until then before carrying concealed without a permit.

Also, please note that there are some perks to having a permit, such as discounts at the occasional pro-gun-rights eatery, as well as bypassing NICS checks on new gun purchases, and interstate reciprocity.

NRA Magazines Digital Editions

The NRA offers digital versions of its various magazines online for subscribers. Every month, they send an email containing a link to the magazine.

However, they seem to make it rather difficult to access: one needs to login with one’s member information, then view the magazine via some silly browser plugin. A PDF version is available, but accessing it requires a few more clicks to download, and a few more to unzip.

Why not just provide a direct link to the PDF version? That’d seem to be considerably easier. Rather than require logins, why not just send a unique URL to each subscriber so they can ensure that only subscribers can access it? Making it a multi-step process ensures that most people will simply continue to receive paper magazines, costing more money. I’m a professional geek, and even I am a bit frustrated with them.

C’mon NRA, get with the times…

Posted in NRA

On Openness

Last night I had the pleasure of having dinner with several members of the local free unix group. While the conversation was interesting, stimulating, and extraordinarily geeky, a particular exchange struck a chord with me.

We were discussing opportunistic encryption and how, despite its shortcomings, it’s still better than nothing1. Several of us lamented that implementing strong security is often hard, and usually beyond the abilities of most average users. Thus, having opportunistic encryption on the server end (e.g. having webmail, IMAP, POP, SMTP, etc. connections use SSL by default) can often add security to an otherwise insecure connection without needing any action on the user’s part.

One of the other folks at the meeting mentioned that if we had a completely open, transparent society, then we wouldn’t need to worry about such security, as there’d be no secrets to protect.

An interesting concept, to be sure, but not one I can really see taking off; people have too many secrets.

Perhaps it’s not secrets on the scale of nuclear weapon schematics, orders of battle, or other secrets of that magnitude, but most people have information that they either wish to keep to themselves or share with a limited number of people without that information being known to the general public: medical records, business plans, love letters, financial information, etc. Most people have a reasonable belief and expectation that their phone calls and emails are private, even though such communications are almost always insecure. This, I think, needs to change — private citizens need more control over their personal information, particularly when their information is stored and transmitted by third parties.

Take, for example, Facebook: people post an enormous amount of personal information to Facebook on a daily basis, and feel comfortable doing this because Facebook allows various degrees of control over who can access that information2. Whether or not they should feel comfortable posting personal information online is an entirely different matter, but users do have some degree of control over their information and they can choose to not post their information in the first place.

On the other hand, look at ChoicePoint. They gather information from a huge variety of services, collect it, and sell it. The amount of data they store is staggering. There’s a lot of issues with ChoicePoint which, to me, relate to control of information: private citizens are not ChoicePoint’s customers, and have no leverage or ability to change the information collected or stored by the company. Once the company has the information, they’re unlikely to let it go.

As a personal example, I recently moved from Tucson to another city in Arizona to live with my wife. I filled out the change-of-address form with the USPS. She filled out the forms with various government agencies to change her last name after the wedding. Suddenly, we’re bombarded with mail saying, in general, “Welcome to the neighborhood, [last_name] family! Here’s [various_commercial_offers] for new residents!” She’s lived at that address for years. We don’t want this crap, nor did we sign up for it, yet our names and addresses have become public record by the simple act of changing my address and her changing her last name. At the very least, there should be a means of preemptively opting-out from the disclosure of this information to entities outside the post office and government. Same thing with voting records — evidently voter registration information is public, including one’s name, address, and telephone number (I’m not sure about political affiliation, but I wouldn’t be surprised if it were public.). Every election cycle, we get bombarded with political mailings and phone calls, with no means of opting-out from them.

My wife and I have no problem with certain information being used for legitimate purposes. For example, the post office needs to know my new address so they can forward mail. This is fine. The Social Security Administration and Motor Vehicles Department need to know that my wife changed her last name. That’s also fine. We even understand that credit and insurance companies need to have some means of evaluating how much of a risk a potential customer might be, and that some information must be shared (( Though it’d be nice if information-sharing was prohibited by default, and that one would need to authorize an individual company before they’d have access to the information. Of course, a creditor would rightly refuse to offer credit to someone unless the individual authorized that company, but right now that data is basically free-for-all.). But we do have major problems with a lack of control over personal information.

In short, the default state for information relating to private citizens should be “private”, and individuals should have the ability to control the distribution of their personal information. Basically, it’d be nice to have Fourth Amendment-type protections against corporations, as well as government. Cryptography only goes so far, but it can help.

Public companies and governments, on the other hand, are a completely different matter. With certain limitations (trade secrets, legitimate national security interests, etc.), I think that information should be open and transparent to the public, particularly when an organization interacts with private citizens or their personal information.

  1. For example, STARTTLS for SMTP offers no protection from a man-in-the-middle attack, as certificates are not checked against a list of trusted authorities. However, this is no different than if the message was sent over an unencrypted link, but STARTTLS offers protection against passive wiretapping. []
  2. Of course, that information can always be re-published by users who are authorized to see it, or through security breaches and other nefarious methods. []