A Geek With Guns

Views from a geek gun nut

Archive for the ‘Protecting Yourself and Others’ Category

When the State Won’t Protect You

Whenever I get into a debate about the right to carry firearms the conversation often turns to the person debating me claiming that I should rely on the police for protection. The Supreme Court has ruled on several occasions that the police aren’t required to protect you. The right to self-defense should be universal as should be the right to own the best tool for that job. Thankfully I live in a state where I have access to the ability to carry my firearm but others are not so lucky.

But what can you do if your entire community is vulnerable and the state is unwilling to protect you? In that case you have to band together with the other members of your community and work together in common defense. The Firearm Blog has a link to an article that discusses the method which the people of Obo, a small African village, use to defend themselves against roving marauders:

An old woman had died. Before burying the her, the residents of the village of Obo — in southern Central African Republic, just north of the Congolese border — gathered around a campfire to eat, drink, cry and sing in celebration of the woman’s long life. It was a night in March 2008, just another beat in the slow rhythm of existence in this farming community of 13,000 people.

Then the dreadlocked fighters from the Lord’s Resistance Army rebel group — tongo-tongo, the villagers call them — rose from their hiding places in the shadows and advanced toward the fire. Others blocked the paths leading from town. The rebels killed anyone who resisted, kidnapped 100 others and robbed everyone in sight.

The LRA forced the captured men and women to carry stolen goods into the jungle before releasing them. Boys and girls, they kept. The boys would be brainwashed, trained as fighters and forced to kill. The girls would be given to LRA officers as trophies, raped and made to bear children who would represent the next generation of LRA foot soldiers.

Much of Africa consists of poor farming villages such as this one. In addition to that many of this villages fall under various ineffective governments (lucky buggers there) that will refuse to offer aid to those who take defense into their own hands but also are unwilling or unable to provide defense for those who comply with the state’s demands of being disarmed and easy prey. Well the people of Obo had enough shit from the LRA and decided that shit was going to end:

Instead, Obo’s surviving villagers raised their own volunteer scout force (depicted above), armed it with homemade shotguns, and began disseminating intelligence on the LRA’s movements using the village’s sole, short-range FM radio transmitter.

The results of this do-it-yourself approach were encouraging. Since the attack three years ago, Obo has not suffered another major LRA invasion.

I think this proves the point that you can do a great deal of things with very little money or equipment. The citizens of Obo may not be able to afford shotguns but they certainly are willing to make them. They’ve been able to stave off any other major invasions from a likely superior fighting force. I did chuckle a bit when I read the following though:

But there’s a downside to DIY security. In arming itself and taking on intelligence tasks, Obo is essentially giving up on ever receiving help from Central African Republic’s impoverished government. That can only further undermine the government’s tenuous legitimacy — and could fuel wider instability in the future.

That doesn’t sound like much of a downside to me. Obo’s government did do jack shit to protect the villagers from the LRA so I have no idea why it would be a disadvantage to not receive any help from that state in the future. Of course this could lead to the Central African Republic’s eventual invasion and disarming of Obo but let’s hope it doesn’t come to that.

You know what another benefit of having a means of self-defense is? Being able to defend yourself against outside threats usually does amazing things are removing your fears:

The morning after the LRA’s March 2008 attack, the sun rose on a transformed community. Before, the tongo-tongo had been able to terrorize an entire village, kill scores of people and take more than 100 prisoners using just their machetes. During the 2008 raid, the LRA reportedly didn’t fire a single bullet.

After the attack, the surviving villagers were determined to never again be defenseless. “We are not afraid,” an Obo resident named Joseph told Invisible Children’s Adam Finck. “We are not afraid because we are the victims. They attacked us. They took our children. They killed others of us. That motivates us not to be afraid of them.”

This goes for both villages and individuals. Given a means of self-defense most people become less fearful for they have a means of controlling a situation involving an attacker. People generally fear that which they can’t control and if somebody is mugging your while you’re defenseless you have no control over the situation. On the other hand if you have an effective means of self-defense you gain some semblance of control over bad situations and thus are less fearful. It’s a great bonus to being able to save your own life as well.

I’m also impressed with Obo’s determination of keeping their fellow villagers safe. Some people often cry because they can’t afford a proper means of self-defense. Guess what? The people of Obo are very poor as well but that didn’t stop them either:

But the men of Obo knew they needed more than courage and manpower. Too poor for military-grade weapons or even the kind of firearms American hunters take for granted, Obo set about building an arsenal of homemade, single-barrel shotguns loaded with hand-packed shells.

Anything can be a weapon in the right hands which is why making possession of weapons illegal is pointless. But even if you can’t afford a proper tool for self-defense the chances are you can build something that will work in a pinch. If you can’t afford to buy a proper self-defense tool do as the people of Obo and build something that will work.

The Obo scouts represent a phenomenon found in many conflict zones. When government or occupying armies fail to provide security, vulnerable communities often organize their own forces. It has happened in northern Iraq’s besieged Christian communities, across Afghanistan and, most famously, in Sunni-dominated north-central Iraq, where volunteer “Sons of Iraq” groups helped turn the tide against Iraqi insurgents.

I like how they call this a phenomenon. I’d call it common sense as nobody likes to be victimized and those who live in conflict zones haven’t spent their entire lives being told that self-defense is impossible and you should rely on the government to protect your life. Of course the article also spews the following statist bullshit:

The downside of these DIY militias is the risk they pose to the long-term stability of their countries. Baghdad and the U.S. military struggled to stand down and reintegrate Sons of Iraq groups after security improved and they became unnecessary. NATO has canceled several Sons of Iraq-style initiatives in Afghanistan after sedition-minded warlords co-opted some of the militia groups.

The Obo scouts could entail a similar long-term liability to Central African Republic’s weak government. “The very act of civilians taking up arms outside of their government’s direct control is a potentially problematic issue without an easy answer,” Finck admitted.

Fuck you you statist pieces of shit. This is a great example of governments wanting control. If you are able to defend yourself that means the government has that much less control as you no longer rely entirely on them for your self-defense. Being capable of independence is what tyrannical statists fear most because it takes away their control over the lives of those living under them. On top of this the Central African Republic didn’t do shit to defend these villages so I don’t see where they have the right to talk about how it’s improper for civilians to defend themselves. It’s not like the government was rushing in to offer help.


Written by Christopher Burg

June 20, 2011 at 10:30 am

It’s Time to Use Pass Phrases

As computers have become more powerful shorter passwords have become more useless. This story does a good job of driving home the fact that short passwords are becoming meaningless:

The results are startling. Working against NTLM login passwords, a password of “fjR8n” can be broken on the CPU in 24 seconds, at a rate of 9.8 million password guesses per second. On the GPU, it takes less than a second at a rate of 3.3 billion passwords per second.

Increase the password to 6 characters (pYDbL6), and the CPU takes 1 hour 30 minutes versus only four seconds on the GPU. Go further to 7 characters (fh0GH5h), and the CPU would grind along for 4 days, versus a frankly worrying 17 minutes 30 seconds for the GPU.

And it doesn’t stop there:

It gets worse. Throw in a nine-character, mixed-case random password, and while a CPU would take a mind-numbing 43 years to crack this, the GPU would be done in 48 days.

Surely throwing symbols in there keeps you safe, right? Wrong! Take a password consisting of seven characters, mixed-case/symbols random password like ‘F6&B is’ (note the space), that’s gotta be tough for a bruteforce attack. Right? A CPU will take some 75 days to churn through the possibilities, while a GPU is done with it in 7 hours.

Basically short passwords are worthless and offer little if any security. Of course this isn’t the end of the world as other patches have been added to password-based authentication systems. For instance most systems have a time delay tossed in if you enter the wrong password too many times and other devices like the IronKey self-destruct if the wrong password is entered too many times. The first technique can greatly hinder the rate at which an attacker can access your system unless they’re working directly from a file containing password hashes (as they wouldn’t be hindered by operating system behavior). Most systems also use a value known as a salt which is tossed in with a password to create a hash making it far more difficult to brute force (as you have to try every possible combination of salt values and passwords).

It’s finally come time to begin using more complex passwords. This is difficult for many people as few are going to remember a password like “8*7wFWE12@#$iwkf” or anything similar. This is where the idea of pass phrases comes into play. Instead of using a word you use a sentence. For instance it’s going to be far more difficult to brute force a pass phrase like “This is my pass phrase which should be hard to brute force” than a ten character password. On the other hand pass phrases are potentially susceptible to dictionary attacks if the phrase you use is common so throwing in random characters for good measure is still, well, a good measure.

I will be completely honest in saying that passwords and pass phrases are becoming less and less viable as means of authentication. Some day we will have to move beyond them but as of right now the easiest option is to make more difficult passwords.

Written by Christopher Burg

June 10, 2011 at 10:00 am

The Best Data Protection is Not Having Data

Although I just got done talking about protecting your data via encrypting your hard drive there is a much better means of protecting data that I didn’t cover, not having it:

As both data storage and data processing becomes cheaper, more and more data is collected and stored. An unanticipated effect of this is that more and more data can be stolen and used. As the article says, data minimization is the most effective security tool against this sort of thing.

This advice applies to anything. If there is an absence of something it can’t be taken. If you don’t actually have incriminating data on your computer then it can’t be used against you. If you don’t have a television to steal then a crook can’t take your television. Unfortunately this isn’t very practical and the real problem is one of personal information that is stored by third parties.

Like it or not third parties store a lot of information about you. Even if you’ve never purchased anything online the government likely has countless documents relating to you and your identity. If you use a credit or debit card there is a record of every purchase you make, where you made it, what day you made it one, how much it cost, etc. Most people have cellular phones these days which means a third party, the cellular provider, has your personal information, a history of calls you’ve made or received, your location, etc. Even automobiles are starting to store more and more information about drivers.

I would love to see a world where the amount of data stored by third parties was kept at an absolute bear minimum. Sadly I don’t foresee such a world as personal data is valuable and thus people want to have it.

Written by Christopher Burg

May 12, 2011 at 11:30 am

If You Have a Credit Card Tied to Sony’s PlayStation Network Cancel It

I haven’t commented on the serious security breech Sony is dealing with involving their PlayStation Network but I thought I’d toss out a warning. It appears as though whoever broke into Sony’s network was able to walk off with account information for 24.6 million of Sony’s customers. Sony has listed that following information is likely compromised:

e-mail address
phone number
login name
hashed password.

In addition to the information above, the 10,700 direct debit records from accounts in Austria, Germany, Netherlands and Spain, include:

bank account number
customer name
account name
customer address.

That amount of personal information is perfect for malicious people wanting to perform targeted scams so watch yourself. Likewise if you have a debit or credit card tied to your PlayStation Network account call the bank that issued you the card and report it as stolen because it likely was.

Written by Christopher Burg

May 3, 2011 at 11:00 am

Never Bring a Knife To a Gun Fight

Even if you’re a fucking ninja you’ll still lose:

A Fayette County man attacked by a “ninja” with a sword quickly ended the encounter by pulling a gun.

“The only word that comes to mind is, ‘seriously?'” Santino Guzzo, 29, of South Union said today. “I know this isn’t a laughing matter, but how many people get attacked by a ninja? Really, a ninja?”

I’d like to point out that the confrontation was concluded without shots fired just in case somebody wants to make some comment about how this situation escalated unnecessarily. Many anti-gunners often claim introducing guns into a scenario ensures all confrontations turn into shooting wars but in reality that usually isn’t the case. An asshole with a blade because far less ballsy when his intended victim turns out to have bigger teeth.

A hat tip goes to Alexi for bringing this hilarity to my attention.

Written by Christopher Burg

April 29, 2011 at 12:00 pm

That’s Clever

I have to agree with Bruce Schneier that this is just plain clever:

The thieves glue down the “enter,” “cancel” and “clear” buttons on the keypad and wait until the customer goes into the bank for help before withdrawing money from their account.

The robbed customers have already punched in their PINs when they realize the keypad buttons are stuck. The unwitting customers either do not know that they can use the ATM touchscreen to finish their transaction, or become nervous when the keypad isn’t working and react by leaving the ATM unattended, Richmond Station police Capt. Richard Corriea said.

Since January, there have been four such thefts in the Richmond District alone, Corriea said.

Take note when you use an ATM check to make sure the keys are all in proper working order. Most of the time the simplest hacks are the most effective.

Written by Christopher Burg

March 22, 2011 at 12:00 pm

Wind Power in Minnesota

The greenies love to talk about how great wind power is and then proclaim that every state should start building wind turbines. Because the states of Minnesota is composed largely of suckers there have been several locations where wind turbines have been built. As the state likes to show off accomplishments to make an argument for their existence they put up a website that provides a live feed of the output of various wind turbines.

The problem is this website gives live feeds and most of the time the turbines site at producing 0kW. As I write this the only two places where the turbines are producing remotely usable power output are Olivia (~90kW) and Winthrop (~70kW). Most other areas are reading 0kW or less than 10kW. For the cost of constructing these behemoths it’s not work it. I’d say we could build a couple of nuclear reactors but that’s not kosher anymore due to the third nuclear incident in the 60+ years we’ve been using nuclear power.

Here’s the problem, wind power only works if there is wind. Minnesota isn’t known for extremely high winds so we’re not the best place to build these things. Maybe on a coastline it would make sense and there is generally higher winds but in Minnesota these things are mostly an expensive mistake.

Written by Christopher Burg

March 18, 2011 at 10:00 am