Posts by tom dial

Re: Michael Brown

Michael Brown was not shot "while" or "for" running away after committing a crime. He was shot after assaulting a police officer who had stopped him while he was running away. When shot, he was advancing toward the officer.

The officer involved probably made a tactical procedural error during the stop, in putting himself in a position of some disadvantage in opposition to a larger and considerably heavier opponent, but Michael Brown made larger errors in assaulting and later advancing on an armed police officer.

1. Real evidence of actual abuse by governments is pretty thin in most countries with regimes that are generally regarded as liberal democratic (small l and small d) unless having the capability to abuse is taken to be equivalent to abuse itself. Indeed, that probably is true even under most regimes commonly thought of as oppressive, although the range of behaviors such governments ignore may be quite limited.

2. Security of such data clearly is a risk, but one that admits mitigation. Various key escrow arrangements that have been suggested included provisions intended to reduce the risk and increase the difficulty and cost of escrow database compromise. Risk never is zero, and all one reasonably can require is that it be quantifiable and small enough.

3, 4. There is no real basis to argue that key escrow would make encryption more difficult or less convenient, as collection, indexing, and storage necessarily would be automated. It could present additional points of failure (or not) depending on whether failure to escrow would cause failure of the basic communication. Communication for commercial transactions may not be an important issue, as for legal trade it often will be possible to obtain the details from at least one of the participants by a suitable court order.

5. The obvious answer would be to provide the escrowed key, as national laws may require, to the government of the originator and recipients. In many or most cases, that would be at most one, since most communications do not cross national boundaries. That obviously would present issues, but for most people and organizations they would not necessarily be overly serious. Those who wish to shield activities from any of the governments demanding escrowed keys would have the most reason for concern, followed by those with reason for concern about security of one of the repositories against criminals or competitors. Increasing the number of repositories clearly would increase risk of control loss, however.

6. The customary government approach to refusal to participate would be criminalization, with a combination of detection procedures and penalties sufficient to discourage it.

The point of the original post was not to argue for key escrow, which has very little to recommend it, but to note that it would not be less private than plain text communication and might not add a great deal of risk, for most people, most of the time, compared to encrypted communication without escrow. Other approaches to law enforcement access include enforcing backdoored encryption systems, probably a much worse choice, and judicial warrants demanding delivery of the decrypted message by the originator or a recipient, depending on details of jurisdiction and treaty arrangements, with punishment for noncompliance.

Re: Fight them at every turn!

In the US, the USPS has collected metadata for all first class mail for over a decade, following the anthrax letters that killed a few. That metadata, to be sure, is not nearly as reliable as communication data, since only the destination address information is functional.

Re: English is wonderful

There are rather a lot of people on the US West coast of Japanese or Chinese ancestry or origin, and not a few of them likely enough are employed by Microsoft.

Somehow, it does not seem this should have happened.

Re: Reg said that States cannot be pushed around by a federal regulator...

"This is about direct-to-consumer Wi-Fi." That does not seem to be true. The court decision contains only one reference to Wi-Fi, that the city of Wilson, NC "provides free Wi-Fi to its entire downtown area" in addition to the fiber optic Greenlight infrastructure that neighboring areas wanted it to extend, forming the basis for the issue at hand. That issue, reduced to the minimum, was whether or not the FCC, absent a clear statement in statutory law, had the authority to override Tennessee and North Carolina state laws in the case at hand. The court said that it does not, and issued a decision that the FCC order must be reversed.

Re: Reg said that States cannot be pushed around by a federal regulator...

I think the assertion that the "Feds gave the ISP's regional monopolies and huge subsidies to build the infractructure" is essentially incorrect and should be backed up with pointers to relevant sources. Most or all of the franchises, which in practice often became local monopolies or oligopolies, were granted by local governments, initially for delivery of cable TV. To the extent they now provide communication services they usually are regulated by state utility commissions. In fact, the cable companies became the superior competition for the telephone company monopoly, as those of us who started with 300 baud acoustic modems will remember, and as far as I know did it without significant public subsidies in densely populated areas.

Re: Single point of failure

I remember about 15 years back having my terminal screen wink out while working on a system a thousand or so miles distant at a US military data center. Not coincidentally, others nearby working on various other systems there had the same experience at the same time, and ensuing discussions with the SA revealed that all power to the main computer building had dropped because a contractor (WHO HAD BEEN TOLD) severed the cables from the oubuilding containing the substation, the redundant UPSs, and the backup generators. Power was restored around 6 hours later.

Re: #FeelTheJohnson

The old notion of tidy "left" and "right" classifications never were very accurate. For instance, on a number of issues, Sanders came across as a fairly hard nationalist - quite "right", while the Libertarian party (and candidate) support for LGBTQ rights and loosening on recreational drug use ("left") is a bit at odds with their rejection of foreign adventurism ("right"). The Democratic party, with Clinton, covers a broad spectrum as well. Trump is Trump, and it is nearly pointless to try to categorize him or his beliefs and policy positions, but down-ticket, the Republicans, like the Democrats, cover a range that is modified significantly by their perceptions of voter leanings in their state or electoral district, where they must compete with other relatively local candidates to gain a plurality or, in some cases, a majority, of the vote. Within such districts, the ideological spread between the major party candidates very often is quite small, and much smaller than the spread between candidates of the same party in districts a thousand or two thousand miles apart.

Re: @ AC

Gerrymandering affects single member electoral districts for the state legislatures and the US House of Representatives. Only 5 of the 538 electors are chosen from Congressional districts; gerrymandering is a non-issue.

First past the post has its good and bad points, but where there are at most two parties between them receive roughly nine votes of every ten, as has been true in most of the US for most of its history, it is relatively inconsequential except to those who aspire to replace one of them. And in some places where there is or was only one effective party, it was and is common to have runoffs between the two high vote getters.

Media bias certainly is a potential problem, but could be mitigated some by including Johnson in the debates along with Clinton and Trump (and Stein, too, if she could get enough poll notice).

Re: Known risks with quantifiable outcomes

There is uncertainty, to be sure, but it seems extremely unlikely that Jill Stein will draw enough votes to matter unless she can find a vice presidential nominee of Bill Clinton's caliber. Johnson/Weld is a different matter, however, and are likely, especially if they manage to get into the debates, to draw both Democratic and Republican votes, although substantially more from Trump than from Clinton.

Utah will be an interesting state to study, as the Democrats went quite heavily for Sanders and do not much like Clinton, while the Republicans went quite solidly for Cruz and have a rather strong distaste for Trump. I do not think either VP candidate will change that much. I suspect the bordering areas of Idaho, Wyoming, Arizona and Nevada are rather similar, although they are less likely to affect the electoral college breakdown.

Re: The one thing all the media, and this one too, won't be telling you...

Indeed, most five or six year old children in families with even the least degree of political awareness know whether they are Democrat or Republican (a few know that they are Libertarian, Socialist, or something else). The degree of change from that point is not zero, but it is quite low, almost certainly less than 20%. This is a very strange election cycle, however, and I suspect there are upwards of thirty or forty per cent. who, like me, are looking at the main alternatives, concluding that neither of them is a good match, and casting an eye in other directions. My own 6yo position was solid Republican, full of the implicitly transmitted knowledge that Harry Truman was the spawn of the devil, and although many years of education and observation convinced me that Truman ranked well among presidents (both earlier and later), I remained well within the Republican fold, with Libertarian tendencies - until now. I was prepared to vote for Bernie Sanders, had the Democrats nominated him, as a candidate of integrity and basic honesty who would be likely to engage politically with the Congress and accept the compromises necessary in a pluralistic, and political, system. I did not fear that he would, like the current president, decline to engage in political negotiation with the Congress and attempt to impose change by executive order when that non-engagement failed. As it is now, I expect to vote for Johnson and Weld who, like Sanders, are experienced political actors who seem likely to approach governing with a bit of honesty and willingness to be political.

It is true even after the excessive growth of executive power, that there are significant constraints on the president's freedom of action and power to direct things, that the policy inertia of the many government departments and agencies greatly mitigates the damage (or possibly good) even a President Trump or a President Clinton could do. But that is not to say, quite, that lack of greatness is all down to personal failings any more than great success all is a matter of individual merit and industry. Few can, by personal effort alone, lift themselves more than a notch or three, although many decades of experience confirm that government action alone is even less beneficial except to the agents who manage and deliver the benefits.

Re: Russian state actors?

While he had been a fair actor, Reagan also had long been a political speaker, and had served for two terms as governor of one of the larger states, so was better qualified than most of those eager to become candidates this year, and better qualified than any of the current bunch except possibly for Gary Johnson, who at least has served in an elected executive position, although as governor of a less complex and populous state.

Re: Technology and US Constitution Illiterate

Prohibiting use of encryption entirely would have no fourth amendment impact whatever. Doing so might infringe the first amendment, but that would be an entirely different issue.

"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

Clearly, a smart phone or computer can be thought of as an "effect" en this context, but the real content of this is that the government is prohibited from a range of activity -"unreasonable searches and seizures" - unless it follows procedures that were fairly well defined in the English common law long before it was adopted nearly entire by the US and have been refined and updated with some frequency in the succeeding 2+ centuries. Those protections exist as much for unencrypted or otherwise unsecured phones and computers as they do for those that are well secured.

A secured device will offer better protection against inadvertent or intentional government violation of civil rights, or undesired, unauthorized, and often illegal access by non-government entities. However, US governments have been able to gain authorization, with proper justification, obtained in the correct way, to search and seize as described in properly issued warrants. Under the US Constitution they have been able to do so for the last 225 years. Encryption does not change that except potentially to render the results of the search or seizure unusable, and that is properly a matter of concern for officials charged with enforcing the laws and prosecuting those who violate them.

See https://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution

I guess that Senator McCain and the others on the Armed Services Committee understand the Constitution reasonably well, although their understanding may be more in line with the actual provisions and jurisprudence than that of some others.

Re: Clinton who should be in jail.

The State Department, like numerous other agencies, has, and had, a secure network. These networks have no connection to the public internet or to the non-classified state.gov network. They may be located in secure areas (some classified material requires it). Due to their nature, these systems cannot be used for ordinary email, although it is possible they have email amongst themselves and to/from the governments Secure IP Routing Network. Hillary Clinton declined to use these facilities, and instead elected to have, and use for all her official State Department email, a personal off-premise server with RDP and VNC exposed on the public internet.

The compromise of the State Department non-secure network appears to have occurred well after Secretary Clinton's tenure, although that certainly does not eliminate the possibility it was compromised earlier as well. The State Department's Information Resource Management division may have been somewhat broken, but probably did not allow remote administration via the public internet, as Ms. Clinton's servers did.

Re: @Jimmy2Cows

First, my impression from occasional scanning of ordinary "white" newspapers is that very few IT related vacancies are posted there, and those generally have been for low level and insignificant positions for quite a few years.

Second, the implication that "black" potential applicants somehow lack the ability or wit to read the "white" press seems a bit condescending if not, indeed, quite bigoted.

Re: Interesting downplaying there

PAW: Based on the quoted Wiki, which I did not look at but do not dispute, the security status of the RNC private server would be primarily a private RNC matter, as clintonemail.com certainly was not, despite the claimed instruction to retain the email as possibly covered by the Presidential Records Act. Much of what happens in the White House is in the gray area between official business and political party business. That is not the case (or is not supposed to be) for communications by the Secretary of State acting in her official capacity.

Based on reports in The Register and probably elsewhere, it is likely that the RNC's servers, like gmail, yahoo, and most other commercial services, were considerably more secure than clintonemail.com.

Re: Interesting downplaying there

Executive orders covering some millions of people not legally resident in the US, for instance. The point is not that this is not something that should be done, but that it is something that, under the Constitution, requires action by the Congress, not the President alone. He didn't like the law of which he took an oath to ensure faithful execution, so he issued an executive order that executive agencies under his responsibility would not enforce it.

Comparing numbers of executive orders per president is pretty much meaningless.

Re: Interesting downplaying there

"Even still the Hidabeast should be disqualified from being POTUS."

No. She meets the qualifications (Over 35, US citizen by birth). It is up to the Democratic Party convention to determine whether to put her forward, and to the US electorate to decide about her fitness to hold the office.