Saturday, October 7, 2017

Why Good People Should Be Armed

 
 
So, consider the following - if you can, be armed always. Yes...I know. But consider the implications. Of those who died facing an armed attack, how many would have willingly disobeyed unconscionable laws in order to stay alive? If it is difficult, learn to conceal the weapon better. At the very least have a knife with which to stab an enemy to death.
 
Always carry a reload - and a knife. Need we say anything more. Learn to reload without thought and learn to draw the blade the same way.
 
Learn to shoot accurately at distance. One may not always be able to have a rifle at hand, but with practice one can develop skill with a handgun to engage the rifleman.
 
More ammo is better. You can't kill the bad guys if you run out.
 
If You Are Armed... If You Are Decisive Enough... If You Are Accurate Enough... If You Are Violent Enough... when someone crashes through your gate and opens up with an AK-47, the answer to this problem is at hand. If you allow yourself to be unarmed because of some law, policy, or regulation... then you just die. Never be unarmed! Be skilled with your weapons, for you never know when you may have need of them.
 
Both Federal and state laws restrict the average person’s right to buy, carry, and use firearms even though the U.S. Constitution specifically states that "the right of the people to keep and bear arms shall not be infringed;" a right the U.S. Supreme Court has held is an individual right.
 
"On June 26, 2008, in District of Columbia v. Heller [554 U.S. 570 (2008)], the United States Supreme Court issued its first decision since 1939 interpreting the Second Amendment to the United States Constitution.  The Court ruled that the Second Amendment to the U.S. Constitution confers an individual right to possess a firearm for traditionally lawful purposes such as self-defense." (Law Library of Congress 2008)
 
Two years later in 2010 the Court ruled that the 2nd Amendment is applicable to the states through the 14th Amendment's Due Process Clause. Veronica Rose, Chief Analyst for the Connecticut General Assembly wrote:
 
In McDonald v. Chicago (561 U.S._ (2010)) the court held that an individual's right to keep and bear arms is incorporated and applicable to the states through the 14th Amendment's Due Process Clause. Writing for the majority, Justice Alito observed: "It is clear that the Framers and ratifiers of the Fourteenth Amendment counted the right to keep and bear arms among those fundamental rights necessary to our system of ordered liberty" "The Fourteenth Amendment makes the Second Amendment right to keep and bear arms fully applicable to the States." In a separate concurring opinion, Justice Thomas wrote that the 2nd Amendment is fully applicable to states because the right to keep and bear arms is guaranteed by the 14th Amendment as a privilege of American citizenship. (Rose 2010)
 
Similarly, we see that "The carrying of arms in a quiet, peaceable, and orderly manner, concealed on or about the person, is not a breach of the peace. Nor does such an act of itself, lead to a breach of the peace." (Wharton’s Criminal and Civil Procedure, 12th Ed., Vol.2: Judy v. Lashley, 5 W. Va. 628, 41 S.E. 197).
 
Restrictions on the possession and carrying of firearms, both openly and concealed, substantially interferes with an individual’s right to self-defense. However, the right to self-defense is generally recognized in every state. The following example from Washington State is similar to what one may find in court ruling from several other states.
 
In State v. Hull (Wash. Ct. App. Dec. 18, 2014) the court held that the Washington Constitution expressly secures a “right of the individual citizen to bear arms in defense of himself, or the state.” The court concluded that this provision and the Second Amendment “are most reasonably read not as creating a right of self-defense but as lending support to the existence of an unenumerated right to self-defense retained by the people or fundamental to due process,” though the court also noted that some other courts “have read constitutional guarantees of a right to bear arms as implicitly guaranteeing a right to self-defense.”
 
A quotation sometimes attributed to Thomas Jefferson, though actually a passage from Cesare Beccaria's “Essay on Crimes and Punishments” that Jefferson included in his own "Legal Commonplace Book" states: "Laws that forbid the carrying of arms...disarm only those who are neither inclined nor determined to commit crimes. Such laws make things worse for the assaulted and better for the assailants; they serve rather to encourage than prevent homicides, for an unarmed man may be attacked with greater confidence than an armed one." (Thomas Jefferson Encyclopedia 2015)
 
“According to U.S. Bureau of Justice Statistics data, having a gun and being able to use it in a defensive situation is the most effective means of avoiding injury (more so even than offering no resistance) and thwarting completion of a robbery or assault. In general, resisting violent crime is far more likely to help than to hurt, and this is especially true if your attacker attempts to take you hostage, such as sometimes happens in a carjacking situation. Most often with gun defenses, criminals can be frightened away or deterred without a shot being fired. Estimates of these types of defensive uses of firearms are wide ranging, from a low of 65,000 to 82,000 annual defensive gun uses (DGUs) reported to the U.S. Department of Justice's National Crime Victimization Survey (NCVS), to a high end of some 2.1-2.5 million annual DGUs, but they seem to occur at least as often (if not far more often) each year as misuses of firearms by violent criminals.” 
 
If the right to keep and bear arms is a right guaranteed by the US Constitution and by several state constitutions, a right determined by the US Supreme Court to be an individual right, and if the constitutional guarantees of a right to keep and bear arms implicitly guarantees a right to self-defense, how can we then be told that we may not carry a firearm when and where we choose?  
 
Placing restrictions on where a person may carry firearms causes them to suffer a loss of their Constitutional freedoms, and that loss “unquestionably constitutes irreparable injury”.
It has long been established that the loss of constitutional freedoms, “for even minimal periods of time, unquestionably constitutes irreparable injury.” Elrod v. Burns, 427 U.S. 347, 373 (1976) (plurality opinion) (citing New York Times Co. v. United States, 403 U.S. 713 (1971)).” — Caneisha Mills et.al. v. District of Columbia, No. 08-7127, U.S. Court of Appeals for the District of Columbia, July 10, 2009
 
Laws restricting when, where, and how a person may be armed are clearly unconstitutional.
The General rule is that an unconstitutional statute, though having the form and name of law is in reality no law, but is wholly void, and ineffective for any purpose; since unconstitutionality dates from the time of its enactment and not merely from the date of the decision so branding it. An unconstitutional law, in legal contemplation, is as inoperative as if it had never been passed. Such a statute leaves the question that it purports to settle just as it would be had the statute not been enacted.
 
Since an unconstitutional law is void, the general principles follow that it imposes no duties, confers no rights, creates no office, bestows no power or authority on anyone, affords no protection, and justifies no acts performed under it...  A void act cannot be legally consistent with a valid one. An unconstitutional law cannot operate to supersede any existing valid law. Indeed, insofar as a statute runs counter to the fundamental law of the land, it is superseded thereby.
 
No one is bound to obey an unconstitutional law and no courts are bound to enforce it. (16 Am Jur 2d, Sec 177 late 2d, Sec 256)
 
Does owning and carrying a firearm make you safer? Look at the pro-gun arguments and there are plenty of studies that says it does. Look at the anti-gun arguments and there are plenty of studies that says it does not. But the bottom line is that it does not matter. In the United States the right to keep and bear (own and carry) arms is a right guaranteed to the individual citizen. No legislative body, administrative agency, or executive order can legally take this right away from the American People. Laws, rules, and regulations that attempt to criminalize “the carrying of arms in a quiet, peaceable, and orderly manner, concealed on or about the person” serve as another example of the problem over criminalization in the United States, and the creation of a ‘Nanny State’ where government attempts to address issues by placing restrictions on the personal choices and freedoms of the people.
 

Why Good People Should Be Armed
https://youtu.be/20RoAfflGCM

Best 7 minutes on gun control I have ever seen!
https://www.youtube.com/watch?v=B5ELyG9V1SY
 
 



Online Guide to Security Responsibilities

 
The Defense Human Resources Activity has made their "Online Guide to Security Responsibilities" available as a downloadable folder.  There is a lot of good security information here, and you can run it like a web-page by clicking the "home.htm" file once you have downloaded the folder.
 
Download your copy from: http://www.dhra.mil/perserec/osg/
 
 
 


Friday, October 6, 2017

Kitestring

 
 
If you went missing, how long would it take for someone to notice that something was wrong and send help? Even after someone noticed that something was wrong, would that person know where to begin looking for you? Commonly offered personal security advice is to always let someone know where you are going and when you can be expected to return. This is good advice, but may not always be easy to do if you live alone, work odd hours, or frequently do things on the spur of the moment.
 
By using Kitestring (https://www.kitestring.io), you can automatically notify friends, family, or some other emergency contact if you go missing; without having to inform them of your every activity or ask them to check up on you every time you go off by yourself.   
 
Kitestring is an app that let you set a pre-selected check in time, and set a message to be delivered at that time if you fail to respond to a check-in message. If you fail to check-in at the designated time Kitestring sends a notification (your message) to whomever you have listed as your emergency contact. Kitestring lets you quickly set a check-in time of 15 minutes, 45 minutes, 2, 5, or 12 hours with the push of a button, or set a customized date and time of your choosing. At the end of the selected time, Kitestring sends you a text message which says: "Your Kitestring trip is over! Please reply ‘OK’ within 5 minutes so we know you’re okay." (You can adjust the amount of time that you have to reply to this message.) If you do not check in, Kitestring sends your alert message to your emergency contact(s). Alerts come from "kitestring@tepwireless.com" so it is a good idea for you to ask your emergency contacts to add this e-mail address to their safe list. You don’t want your emergency messages sent to your contact’s spam folder. It is also a good idea to explain Kitestring to your potential emergency contacts, and let the system send them a test message just so that everyone understands how the system works, and more importantly how to respond if a Kitestring Alert is received.  
 
Kitestring gives you three trips per month for free, or for three dollars ($3.00) per month you have unlimited use of the service, along with other upgrades like multiple notification addresses and the option of selecting a duress code to use with the Kitestring app.  
 
There are many places that Kitestring could be useful. With unlimited use you can even use Kitestring to check up on you as you travel to and from work or class every day.  Anytime you would like someone to check up on your safety and well-being, Kitestring gives you the option of setting a check-in time for a little extra peace of mind.
 
 



Wednesday, October 4, 2017

Self-Destructing E-mail

 
 
When you send an e-mail, that message can sit in the recipient’s inbox forever. Even after it has been read, and perhaps replied to, the message is still there. If the recipient replies to your message, a copy of the message along with the reply is now saved in that person’s sent e-mail folder. If the recipient of your message forwards it to someone else there may be copies of your original message stored in e-mail inboxes anywhere in the world, all without your knowledge.
 
One way to help control the dissemination of your e-mail messages is to use self-destructing e-mail to send sensitive information. Self-destructing e-mail deletes itself after being read, or after some period of time chosen by the sender. Self-destructing e-mail works by storing your message on a server, and sending the intended recipient of that message a link where he or she can open and read your e-mail.
 
Once someone clicks on the link and opens the e-mail it is deleted from the server - thus self-destructing, or it is deleted after a set period of time whether it has been opened and read or not. 
 
Of course, the recipient of your self-destructing e-mail could copy and paste the text of the message to another document, or take a screenshot of the message when it’s open. However, the idea of a self-destruction e-mail isn’t to keep the content out of the hands of the intended recipient, rather it is to keep the e-mail out of the hands of others. 
 
As with all e-mail services, the administrator of the mail server has the ability, at least in theory, to compromise your e-mail. Therefore, as with any e-mail, sensitive information should be encrypted before being sent. 
 
There are various self-destructing e-mail services available. Depending on the service you choose, the options available for your message may vary. Some allow you to set different message destruct times, others offer a password option so that the message recipient needs to know the password in order to open the link containing the message. Some services send the link to the message directly to the intended recipient, others just provide you with the link to the message, and you have to send that link to your intended message recipient by some other means.
 
Some self-destructing e-mail services include:

 
 



Tuesday, October 3, 2017

TOX Chat

 
Tox (https://tox.chat) is a free, open source, decentralized peer-to-peer messenger, that uses end-to-end encryption to protect your communications.
 
Some of the features of Tox include:
  • Instant messaging
  • Voice (VOIP) calls
  • Video chat
  • Screen sharing
  • File sharing
  • and... Group chats

Because Tox is a decentralized peer-to-peer messenger, "Tox has no central servers that can be raided, shut down, or forced to turn over data - the network is made up of its users."

Tox also employs end-to-end encryption for all its communication. "Tox uses the cryptographic primitives present in the NaCl crypto library, via libsodium. Specifically, Tox employs curve25519 for its key exchanges, xsalsa20 for symmetric encryption, and poly1305 for MACs."

Tox is a good system when working from a desktop or laptop computer. It makes an interesting replacement for Skype if you are looking for more security in your conversations. 
 
It must be understood that Tox is still in development, but both  µTox and qTox are available and so far seem to work quite well. For those of you who are interested in cyber-security and COMSEC, Tox is certainly worth a look.
 
 

 
 



Monday, October 2, 2017

Two Factor Authentication (2FA)

 
Two Factor Authentication, or 2FA, adds an additional verification step, and thus additional security, when logging into your on-line accounts. This additional step helps protect your account in case your password is compromised. According to the Electronic Frontier Foundation (EFF) "Two-factor authentication (or 2FA) is one of the biggest-bang-for-your-buck ways to improve the security of your online accounts."
 
Two Factor Authentication works like this, first you go to your account’s login page and enter your user name and password as normal, after validating that your user name and password are correct you are sent a single use authentication key to complete your login. This authentication key may be sent as a SMS/Text Message or you may obtain it from an App such as Google Authenticator or Authy App. With some web-sites, such as Paypal and eBay you can also purchase a physical token which will generate the authentication key when you push a button on the device.
 
 
With Two Factor Authentication turned on in your accounts, a person must both know your login and password, and have possession of your smartphone to receive the verification code.
Just a few places where you can use Two Factor Authentication include: Amazon, Apple, Dropbox, eBay, Evernote, Facebook, GoDaddy, Google, Hushmail, Instagram, LastPass, LinkedIn, Microsoft, PayPal, Pinterest, Protonmail, Slack, Snapchat, Telegram, Tumblr, Twitter, VK, WhatsApp, WordPress, and Yahoo Mail. There are many other places that you can use Two Factor Authentication, and I recommend that you check with all of your on-line banking, shopping, and utility accounts to find out if they offer this service to their customers. Whenever Two Factor Authentication is available, you should use it.
 
You may read articles that claim Two Factor Authentication can be defeated. Yes, this is true. All security can be defeated given enough skill, time, and money; but it’s far easier to compromise an account protected by just a password than it is to compromise an account protected by a password and Two Factor Authentication. Adding Two Factor Authentication to your accounts doesn’t make them un-hackable, but it does make them much harder to hack. When you make your accounts harder to hack, you defeat that subset of adversaries that lack the skill to overcome the increased security provided by Two Factor Authentication.
 
 
The best Two Factor Authentication is provided by hardware tokens. Examples include the FIDO U2F Security Key (https://goo.gl/uGXLcQ) and the YubiKey4 (https://goo.gl/1jxKvQ).  The next best option is using an App such as Google Authenticator or Authy App. Finally, there is Two Factor Authentication sent by SMS/Text Message, which still provides good security but is, at least in theory, easier to defeat than the other two methods.  
 
So, yes I personally use Two Factor Authentication on all of my accounts where it is available; and I recommend it to anyone who wants to add another layer of security to their own accounts on-line.
 

 
 




Sunday, October 1, 2017

Order Free Government Publications


It is often possible to obtain free publications and security awareness material from government agencies. Here are just a few government agencies from which you can order free publications. These publications are available as both a printed product and a downloadable product (i.e. PDF file).

I have listed just a few examples of the publications available, but if you search these web-sites you may find other items of interest.

Community Oriented Policing Services Publications
  • Intelligence Analysis for Problem Solvers 
  • Law Enforcement Intelligence, 2nd Edition
  • The Integration of Crime Analysis in to Patrol Work: A Guidebook
  • Crime Analysis for Problem Solvers In 60 Small Steps

FTC Free Publications for America's Consumers
  • Identity Theft - What To Know, What To Do
  • Identity Theft - Military Personnel & Families: What to Know, What to Do
  • Data Breaches - What to Know, What to Do
  • 10 Things You Can Do to Avoid Fraud

U.S. Postal Inspection Service
Fraud-Prevention Videos (Download for Free)
  • Protect Your Identity: Identity Crisis
  • Internet Fraud: Web of Deceit
  • Fake Check Scams: Truth or Consequences  
  • Telemarketing Fraud: Dialing for Dollars

U.S. Government Printing Office
  • Your Disaster Checklist
  • Consumer Action Handbook
  • How to Spot Frauds and Scams
  • Money Smart for Older Adults: Prevent Financial Exploitation

FEMA Ready Publications
  • Getting Ready for Disaster - One Family's Experience DVD
  • Bio Attack DVD
  • City Under Siege DVD
  • Be Smart. Take Part. Create Your Family Emergency Communication Plan
  • Be Smart. Protect Your Critical Documents and Valuables
  • Improving the Public's Awareness and Reporting of Suspicious Activity
  • Community Preparedness: Simple Activities for Everyone - DVD

National OPSEC Program - Interagency OPSEC Support Staff
Free OPSEC CD / DVD / Publications and Training

Operations Security Professionals Association
Free OPSEC Resources and Training

NSA - Best Practices for Keeping Your Home Network Secure (Updated 28 September 2016)

National Institute of Standards and Technology (NIST) Publications
  • Cyber Threat Intelligence and Information Sharing
  • Making Email Trustworthy
  • Protection of Controlled Unclassified Information
  • IT Security
  • Guide to Protecting Personally Identifiable Information
  • Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)