Gun Free Zone

The big one out front…

We are shutting down our subscription-based services. The original goal was to generate enough recurring income per month to pay the costs of the site. We don’t like asking for donations, and I thought this was a good model.

We considered other models, moving to a pay for views, something like Substack. The other option was to shut the site down completely.

It costs money to run this site. Not a lot in the grand scheme of things, but it all adds up. We have a few things that we pay for, along with the resources.

We aren’t going away.

J.Kb. has hit on the idea of selling swag. His first offering will be a moral patch. It has been designed, it looks good, we’ll be setting up an option to purchase them on the site shortly.

We are also going to be selling “Supporting Person”. I’m not sure exactly what yet. This will allow you to donate money directly to the running of the site.

For those that have already paid for the upcoming year. Thank you very much. I hope that you will consider that membership a “donation”. If you feel strongly, please contact me at awa (at) troglodite.com.

I intend to continue the Friday Feedback articles. Multiple reasons, one is that it is a day when I don’t have to research and invest time to write. The second is that it gives you a place to comment without being off-topic.

If you can think of swag you’d like us to consider, please let us know.

Thank you for staying with us. We are glad to have you with us.

I believe I have the routine established by now and enjoy getting the dopamine fix. I had two goals when I began doing gym: one was to develop my physical capacity as in being able to walk longer, get some muscle tone and basically not collapsing after some moderate work at home. The second one was 100% vanity.

When you lose a boatload of weight, the skin does not retract neatly to cover your new physique, but a lot of it just hangs like and old oversized damp clothes. Exercise helps and in some cases a lot, but I have to come to the realization that some locations in my body will remain fugly no matter my better efforts.

I am proud on how my arms look and almost not having any of that hanging skin. My legs? Eh! not so much. My above-the-belly-button stomach is not doing bad, especially that I am torturing myself with abdominals after my hernia surgery. My lower belly? That is going to be either plastic surgery or one of them “sport performance compression shorts” which my wife jokingly (and admittedly truthfully) refers to “tactical girdle for men.”

And yes, I have at least a pair, but they do compress, and I have to keep going to the bathroom to pee.

The good news is that no naked selfies of me will be found in the Interwebs now or in the future.

Video one:

Looks like this possibly happened over the weekend. After NYPD officers take away an illegal scooter , all hell breaks lose between migrants and NYPD officers. This happened on West 70th St in NYC
This footage was sent in. pic.twitter.com/0urOt4xbHH

— Viral News NYC (@ViralNewsNYC) September 4, 2023

And Video 2:

Bushwick Brooklyn at a men migrant shelter
NYPD officers were confiscating illegal bikes and scooters when migrants started attacking the NYPD officers pic.twitter.com/xLw9ToqLHa

— Viral News NYC (@ViralNewsNYC) September 7, 2023

These videos have two things in common: They are about two-wheeled transportation and the migrants in question are Venezuelan. I can tell by their accent and slang they did not come from the best parts of their respective cities.

“Motorizado” in the Venezuelan slang means somebody who rides a motorcycle as basic mean of transportation, but it is more than that, it is a quasi-criminal culture. Is motorized ghetto behavior (Are you allowed to say ghetto anymore? Oh well) and they are a cancer impossible to remove in Venezuela.

I have posted some of their activities before:

Here it is raining, so they take over an overpass tunnel waiting for the storm to pas whil blocking all other traffic because, fuck you, we are Motorizados.

And the Government uses this mob culture to extend their grip on the population.

Motorizad0 Union (Chavistas)

And they do have the obligatory armed branch (Colectivos) in charge eliminate any counter revolutionary activity the government sees fit to suppress.

And the Motorizados are now settled in the Big Apple. That is going to be fun to watch.

Dear New York City: You are so fucked up.

Today’s article is a heck of a ride. Buckle up, my friends. I’m sure some of you will agree with me, and others will not. Regardless, it’s an interesting and informative (and horrific) story that needs to be told, because I firmly believe it’s happening on many fronts. As with everything I write about, there are problems on both sides, and blame, and shame.

Virginia School Kept Teen Transition Secret

A Virginia high school student ran away from home and was sex-trafficked through multiple states — in part because her high school failed to tell the child’s parents she identified as a male and was relentlessly bullied for it, a suit alleges.

Anytime a media outlet starts with “sex trafficked through multiple states,” you know it’s going to be a shit show. I feel so bad for the child involved. There are so many failures in this, at so many levels, that it’s really difficult to lay it out. I’m going to try, though.

Read More

One of the dirty facts about technology is that it will always be used to abuse people.

Those wonderful field telephones? Yeah, they work just fine as a torture device.

The first photographs were interesting, but photography really took off when they started taking “pornographic” images.

The story is that the first really popular recordings were of women “talking dirty” or making “those sounds”.

The Internet is not really different, and before the internet, all the other methods used for transmitting data from computer to computer. As soon as the techies were able to actually visualize the data, they used it to send pornographic texts and images.

Unfortunately, one of the nasty types of filthy is child pornography. It exists on the Internet, and the good guys have been working to shut it down from day one.

I once owned an Internet Service Provider. A dial-up service. You would tell your computer to connect to the internet. It would call a modem at my service, and we would give you a temporary IP address for the duration of your call. Shortly after you disconnected, somebody else would dial in and get the same IP address.

When you connect to a remote computer over the internet, your computer has a unique, at that moment, IP address. That is how the remote computer knows where to send the responses.

When using certain security tools, you connect to a node. Your computer is now known to have connected to that particular node. That node then encrypts your incoming messages and sends it to another node in the secure network. At some point, your packet pops out of the secure network and goes to its final destination.

The remote computer then responds to your node by sending it back to the secure network, never knowing your IP address.

VPNs work similarly, but have other issues. The biggest of which is that there is a one-to-one mapping from your computer’s IP address to the address you are assigned while using the VPN. That mapping can be captured in logs.

How does this all relate to Subpoenas?

We got a couple from law-enforcement for records.

We did keep logs. I’m good at keeping logs. I use them to figure out who is doing things on my equipment and how that relates to over all services.

One of the cases was from Customs. The first thing it said was that we could not tell the target that we were going to be providing data. They then asked for all of our logs for an extended time period.

We told them, “No. You will provide enough information for us to do a targeted data retrieval.”

They then told us, “We are tracking child pornography.” I was all for that. I finally got them to give us specific time periods.

They wanted all the data for those periods. That is IP addresses to people.

We did our own analysis of those time periods, identified the one commonality, extracted that data, provided it to law enforcement.

We got back a “Thank You”. It made us feel good.

As a good service provider, I want to protect your data as much as possible. I do not allow law enforcement to go on fishing expeditions.

We also got a subpoena from the FBI. Again, they wanted all the records for an extended period. We contacted them and got nowhere. Our lawyers told us, “Give them what they asked for or go to jail.”

So we did. They had told us to “fax the logs” to them and gave us a toll-free fax number.

We pulled the data they were requesting. We randomized the order, so it was no longer in sequential order. This was then turned into PDFs. We applied a noise pattern to the PDFs, randomly flipped pages upside down, then hit the send button.

One of our modems called their fax and started talking FAX at it. Our software then proceeded to attempt to send 11,000+ pages of logs.

We got disconnected after about 200 pages. I reached out to the people at the FBI that were requesting the information and asked them what they wanted to do. They refused to answer.

So we told our computer to resend if it failed.

Five days later, they told us they no longer needed our logs.

In both cases, we went out of our way to:

1. Make sure that the “request” we got from law enforcement was legit
2. Make sure that the “request” was actually an order
3. That the order legally required us to comply
4. That the order was as limited in scope as it could be.
5. That we did our utmost to protect our clients.

Liberty Safes done fucked up. They should have waited for a subpoena. Having gotten that subpoena, they should have responded and kept their mouths shut.

None of my safes or lock boxes have original combinations. For mechanical locks, this is good enough. The mechanical locks don’t have magic by passes. You can observe that yourself.

For keyed lock boxes, the locks have been replaced. The circular keys are fairly standard. I went to a locksmith in a different county and purchased replacement locks with cash.

That wasn’t paranoia. That was stupid on my part. I had lost the keys to my big lock boxes in a move and needed to get into them. I drilled the lock out, then was able to open them, since I destroyed the lock, I needed to replace them. Oh, the boxes were empty because we were moving them.

The locksmith I contacted was working out of a work truck that was close to me that day, he didn’t take credit cards, so I paid in cash.

I refuse to get biometric locks nor locks with electronic keypads. If they have biometric locks, then the courts can forcibly unlock them with you. Did you lock your phone with facial recognition? No problem, two burly cops hold you up, and they point your phone at you and “bing” it unlocks.

Did you use a fingerprint to lock your phone? Same thing, they just have to run your finger of the reader and they are in.

If it is electronic, then I have reliability concerns. And it suggests that there can be multiple allowed combinations. Many of the electronic pads come from the factory with an option for you to have multiple codes to unlock.

Now, this is a bit different from the High-end electronic locks. I’ve seen one where you spin the dial to generate enough electricity for you to then rotate the dial to enter the combination. The location of the numbers on the dial changes after each charge spin. Each time you enter a combination, it discharges.

This means that the owner can attempt to unlock it as many times as they need/want. The bad guy can’t use mechanical assistance.

Both on Twitter and in the comments of this blog have I seen the sentiment, “I hope DEFCON hack these locks.”

Fuck DEFCON.

I swear these people do more harm than good.

Yes, thete is value in a security company hiring hackers to test their products.

Having hobbiest hackers hacking stuff and then putting videos online, I think does more harm than good.

Everything comes at a price. The more secure something is, the more that security will cost.  Everyone has to decide what security they will accept at the price they’re willing to pay.

Perfection is the enemy of good enough.

Putting tips and tricks to compromise security systems online only puts at risk people who can’t afford the highest levels of security as the knowledge of how to hack it goes from esoteric to ubiquitous.

I don’t need DEFCON assholes figuring out how to open every Liberty safe and then posting that where every petty thief can find it.

Liberty or S&G might react by fixing that, but it puts the millions of people who already own Libery safes at risk.

We have turned off the restriction on who comments. It is now back to the old method. If you have an account, and you are logged in, that will work. If you are not logged in, then it will ask for your email, name and optional website.

More info tomorrow.