I only regret that I have but one life to lose for my country.
On the day of Nathan Hale’s execution, a British officer wrote of Hale, “he behaved with great composure and resolution, saying he thought it the duty of every good Officer, to obey any orders given him by his Commander-in-Chief; and desired the Spectators to be at all times prepared to meet death in whatever shape it might appear.” Nearly ten years ago, I viewed Edward Snowden as a slightly nerdier, yet similar patriot to the greats. I wanted to believe he was serving his country, and was unfairly targeted by the state for standing up for those beliefs. Much of tech did too, which is why this is an important discussion to have. It’s affected how the tech community views and interacts with government in many ways, with all of the prejudices it brought into play. For all the pontificating since then about freedom that Snowden has done, his taking up permanent citizenship in Russia, and his silence since the beginning of the war with Ukraine (except, more recently, to criticize the US once more), today I rather see the pattern of a common deserter in Snowden, rather than the champion of free speech that some position him as. If Snowden is to set the narrative for how tech views and responds to government, then our occasional criticism of his own behavior should be fair game.
During his time in Russia, we have seen the whistleblower system work effectively here at home. The details of Trump’s Ukraine call, and the subsequent freezing of security aid seems rather relevant today. More impressively so, this same whistleblower system Snowden criticized worked against a sitting president having no capacity for restraint. The fruits of it were significant, and the process brought both public dissemination and a full press by congress to protect the whistleblower. Mr. X, whose identity is still somewhat contested, was a hero. He stood up to the bully, knowing better than most how lawless the tyrant was, and of the angry mob he commanded. What happened to X? Very little, certainly far less than the charges Snowden brought on himself or the freedoms he gave up by not using the right channels. Instead of following process, Snowden fled the country under the Obama administration, who was a teddy bear compared to Trump. Snowden rejected this government process, insisting the whistleblower system was corrupt, using it as justification to leak classified documents, shortly before departing the country. In 2020, he asked us to excuse him again while he applied for Russian citizenship “for the sake of his kids”. Yet even in being proved wrong by a true hero like X while the country lived under a tyrant, Snowden continues to hide from the consequences of this terrible miscalculation.
First they came for the socialists, and I did not speak out— Because I was not a socialist.
Then they came for the trade unionists, and I did not speak out— Because I was not a trade unionist.
Then they came for the Jews, and I did not speak out— Because I was not a Jew.
Then they came for me—and there was no one left to speak for me.
Post-war Confessional, Rev. Martin Niemöller
Watching the world respond to Russia with quiet acquiescence has been nearly as horrifying as watching the events themselves unfold. Our lines in the sand have always been drawn exclusively around our country club. Instead of action, we offer compliance to a deranged man’s orders to stay, as if his obedient dog. Through our inaction, the world has professed that human life in Ukraine is not equal to human life elsewhere. The words “never again” were, in an instant, exchanged for a simple “meh”.
I am in disbelief. It has been sobering to watch the world refuse to stand up to evil, to instead allow the innocent to continue to be murdered, solely because they don’t serve American or European interests. Even American businesses – one by one leave, yet are too scared to use their remaining influence or capabilities to become a much needed megaphone inside Russia, still afraid to defy Russian law even though Russia has become lawless herself. The time for compliance is quite over. Bridges must be burned, and the leaders on them.
Will we really stand idly by while this country’s fresh embrace with democracy is snuffed out by a warmonger? How humiliated we should be to stand by and watch the innocent be helplessly murdered at the pleasure of such a tiny little man. America, the home of the brave, unwilling to hear the screams for help of those who don’t serve our interests. Where is this bravery we speak of? Has our own freedom been of any significance if we won’t rescue the oppressed? Instead, we choose to sacrifice their lives to preserve our own. Such bravery.
If we are not willing to take up the cause of the innocent, we’ve lost far more than we stand to risk by answering the call. Our identity as a people hinges on our willingness to sacrifice for those in need. God and history will judge us one day for these sins.
Our ancestors swore never again. We’ve let them down immeasurably. The brave courage of former generations puts us to shame. Freedom is no longer worth fighting for, unless it interferes with our own Twitter posts. We’ve become desensitized to oppression, and in the process become prisoners of a different kind.
Wash and make yourselves clean. Take your evil deeds out of my sight; stop doing wrong. Learn to do right; seek justice. Defend the oppressed. Take up the cause of the fatherless; plead the case of the widow.
Anyone who’s read my blog knows that I am not a fan of video game grading. Grading companies, in my experience, do marginal quality work, and at a superficial level that cannot be audited once an item has been sealed. The holy plastic WATA box is all too often used to convince sellers that their item somehow has more value than it actually does, and buyers the frustration of passing over finds because of greedy sellers who drank the kool-aid. Overall, video game grading has done more harm to the hobby than good.
I was lucky enough to find one seller who must have been frustrated that their VGA graded game hadn’t sold for the inflated prices they were led to believe they could get for it, and so I made a reasonable offer on it based on what an ungraded sealed copy would cost me. They accepted. I decided to use this as an experiment to crack open the enclosure and audit VGA’s work, and thought I’d share my findings so that the community would know what to expect a graded game actually looks like behind the plastic.
“How can you have money,” demanded Ford, “if none of you actually produces anything? It doesn’t grow on trees you know.” “If you would allow me to continue.. .” Ford nodded dejectedly. “Thank you. Since we decided a few weeks ago to adopt the leaf as legal tender, we have, of course, all become immensely rich.” Ford stared in disbelief at the crowd who were murmuring appreciatively at this and greedily fingering the wads of leaves with which their track suits were stuffed. “But we have also,” continued the management consultant, “run into a small inflation problem on account of the high level of leaf availability, which means that, I gather, the current going rate has something like three deciduous forests buying one ship’s peanut.” Murmurs of alarm came from the crowd. The management consultant waved them down. “So in order to obviate this problem,” he continued, “and effectively revalue the leaf, we are about to embark on a massive defoliation campaign, and. . .er, burn down all the forests. I think you’ll all agree that’s a sensible move under the circumstances.” The crowd seemed a little uncertain about this for a second or two until someone pointed out how much this would increase the value of the leaves in their pockets whereupon they let out whoops of delight and gave the management consultant a standing ovation. The accountants among them looked forward to a profitable autumn aloft and it got an appreciative round from the crowd.”
Douglas Adams, The Restaurant at the End of the Universe
Ask any frustrated retro-gamer, and they’ll tell you the past couple of years have seen a fake market bubble to jack up game prices. What appear to be credible allegations of fraud and collusion have surfaced between grading companies and auction houses, such as WATA Games and Heritage Auctions, which hopefully will mean fair prices will start to return to a hobby that was previously only frequented by hardcore nerds, rather than investors. But along with this fake gaming bubble came another new phenomenon: fake, high dollar “premium” Nintendo collections. One particular peeve of mine is the introduction of fake “test market” NES sets appearing on auction sites. A “test market” system is a reference to the first hundred thousand units sold as part of a limited release in 1985, before Nintendo knew whether the consoles would be viable. Nobody wanted to carry video games after Atari crashed the market in 1983, and so Nintendo USA, without telling their Japanese parent company, promised retail stores a refund for any unsold systems and a 90 day line of credit. They ended up selling nearly 62 million consoles. Those first 100,000 trial market systems are now considered by collectors to be the Holy Grail.
They’re also fraught with fraud, due to the prices they can fetch, especially if you find one graded. Many fraudulent test market systems include a few genuine components from the original box, but were either missing parts or pieced together. Because they came with the full caboodle – the Zapper, R.O.B., controllers, and two games – a lot of pieces can get lost or broken over time. The replacement parts included at auction often include retail parts from after Nintendo’s worldwide release, severely diminishing their value. Any test market system today could easily include post-release cartridges, light guns, robots, controllers, manuals, boxes, or even circuit boards; buyers and sellers generally believe there’s no way to tell the difference. All too often, someone will buy an empty test market box and throw something together with junk from eBay, selling a $200 system for thousands. In some extreme cases, even the original NES main board would be swapped out for a release board, leaving the only authentic parts the plastic shell! Such fraud can happen with individual games too. These shenanigans ruin the legitimacy and the value of the asset. Fakes have always existed, but with the inflated prices sellers think they can get these days, hobbyists and collectors stand to lose a lot more money than ever thought. Up until recently, test market systems have been considered “a real treat” when found in great condition, but thanks to a manufactured gaming bubble, they’re now fetching big money – and with that comes a lot of people looking to rip you off.
Little fanfare has been given to the story of a glitch in an experimental AI game from 2019, but the results seem rather poignant to me. To summarize, the AI decided that committing suicide at the beginning of the game was the best strategy because the game was too hard, and it meant fewer pointsRead More
The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and disenfranchised twelve-year olds. Let us stop and reflect on the stupidity and pettiness of this argument. What the Biden administration really should be thinking about is whether to close @potus and get the White House off of Twitter completely.
Social media, especially Twitter, has year after year been on a steady course of devolving into one of the most toxic and unpleasant public gatherings on the Internet. Long before Trump took office, social media was the leading source of disinformation, threats, harassment, toxicity, and division. Combined with a platform that adopts thought-terminating loaded language hash tags (e.g. #StopTheSteal) and abbreviated messaging that lacks critical thought, Twitter has long been a platform designed to capitalize on the cult phenomenon. Twitter has been not only markedly complicit, but in a position to profit off of the toxicity, disinformation, and abuse it allows by the Trump administration and other public officials who’ve started emulating the behavior.
Over the past few months, a small group of individuals have been impersonating me online using fake email addresses, shell accounts, and other mediums. These individuals are skilled at social engineering, and are also criminally dangerous. So far, the purpose seems to be attempts to gain access to confidential information, and to create proxied (MiTM’d)Read More
If you watched yesterday’s senate judiciary hearings with CEOs from Twitter and Facebook, two things would have stuck out to you. First, why is Jack Dorsey addressing the senate from the kitchen department at an IKEA? Second, how did a judiciary hearing about misinformation campaigns somehow turn into a misinformation campaign itself? At the heartRead More
As the angst and stir-craziness start to set in from the world suddenly being forced into lockdown, I’ve seen a lot of articles about working from home, by people in all walks of life, from programmers to astronauts. Most of them offer practical beginner advice, like go outside, plan a schedule, etc. etc. That’s all good advice to take in, but after a few weeks, you’re probably realizing there’s a lot more to making this work well. As the reality of our predicament is starting to sink in, it’s important to start thinking about the psychological demands of working from home. I’ve spent the better part of my 25 year career working from home, and when I started thinking about what, if any, wisdom I could share on how to make it work well, found that I’d come up with a lot of the same things I’d already shared in a post two years ago, Living With Depression in Tech. Working at home has some fantastic benefits, but also challenges that go far beyond basic discipline development. Being productive and successful at home comes down to changing your perspective – focusing on the impacts you’re having, believing in what you’re doing, and finding ways to grow and thrive on your own so that you can maintain your drive over the long haul.
I’ve been trying to avoid writing about depression for a while now. Almost nobody in tech wants to talk about things like this. A stigma still very much exists around mental illness, and in tech with all its flaming, trolling, and fragile manhood egos, people have learned to be thick-skinned. It’s taken me years to realize that I never stopped struggling with depression throughout my dysfunctional childhood, and I’ve carried it through my teens and adult life with me. I was diagnosed and medicated as a teen, but didn’t fully understand that it still haunted me, playing the same old record grooves in my brain in adulthood. As my thyroid disease began accelerating, I needed to work even harder to maintain balance or the world would come crashing in. Struggling through my career and relationships, things became easier after I understood what was going on inside of me. I feel a certain responsibility to bring to light what is likely a widespread issue in the tech community.
Depression can manifest itself in various forms for different people, and my story isn’t “everyone’s” story. I can only write from my own personal experiences. Most of this has had lifelong personal struggles unrelated to work, and while one can probably deduce this, the focus of this post is handling professional challenges. You might identify with some of these issues, and that’s great if this post helps, but it also shouldn’t be used for self-diagnosis. Depression has been far worse than the details I’m willing to share publicly, and if you think you may be depressed, you should seek professional counseling.
I have no background in psychology; I’m just sharing what works for me. I have no background in medicine either, and having been on and off medication, I can’t recommend one way or the other. I do know that all medication has its limits, so learning how to cope is an important part to having a complete life plan. At the end of the day, I can’t solve your depression (or mine), but I can share how I’ve coped with it, and won some victories. This is a survival story that hopefully might have some meaningful advice for others.
The current young generation will soon have grown up without ever knowing what it’s like to not have social media. They’re also growing up without a sense of how society was before social media came into play. Whether you use social media or not, it’s likely affected your life because it’s changed how people relate to one another – including you. While there are many good aspects of social media and the concept of bringing people together, there are also many negative changes it’s had on how we relate to one another.
I’ve spent a lot of time observing others and how social media has affected them online over time, and seen the problems it can create. For me personally, I’ve never been happier to be off of social media than the past year or so when I finally ditched Twitter for good. Twitter is a creepy and toxic place, which seems to be exactly what their CEO wants it to be. I found that I didn’t like the person I had to become in order to stay on it. Most social media is a dumpster fire, but Twitter was a particularly awful experience. It simply isn’t worth the stress and distraction in order to relate to a bunch of randos on the Internet whose only goal in life is to cause misery. Social media doesn’t deserve to have the power to change you, but they do. Getting back to the humanity of relationships is almost like waking up from a bad dream: you’d almost forgotten the goodness in what normal relationships with others (professional, friendships, etc.) feels like.
So at the risk of the next generation never knowing what it’s like to have a normal relationship with others, I’ve written down just a few of the things that are important in building friendships and other types of relationships – things social media seems to have endangered… at least, from the perspective of this old Gen-X’er. Writing all of this makes me really miss how people were before social media existed.
I was just a teenager when I got involved in the open source community. I remember talking with an old bearded guy once about how this new organization, GNU, is going to change everything. Over the years, I mucked around with a number of different OSS tools and operating systems, got excited when symmetric multiprocessing came to BSD, screwed around with Linux boot and root disks, and had become both engaged and enthralled with the new community that had developed around Unix over the years. That same spirit was simultaneously shared outside of the Unix world, too. Apple user groups met frequently to share new programs we were working on with our ][c’s, and later our ][gs’s and Macs, exchange new shareware (which we actually paid for, because the authors deserved it), and to buy stacks of floppies of the latest fonts or system disks. We often demoed our new inventions, shared and exchanged the source code to our BBS systems, games, or anything else we were working on, and made the agendas of our user groups community efforts to teach and understand the awful protocols, APIs, and compilers we had at the time. This was my first experience with open source. Maybe it was not yours, although I hope yours was just as positive.
It wasn’t open source that people were excited about, and we didn’t really even call it open source at first. It was computer science in general. Computer science was a brand new world of discovery for many of us, and open source was merely the bi-product of natural curiosity and the desire to share knowledge and collaborate. You could call it hacking, but at the time we didn’t know what the hell we were doing, or what to call it. The environment, at the time, was positive, open, and supportive; words that, unfortunately, you probably wouldn’t associate with open source today. You could split hairs and call this the “computing” or “hacking” community, but at the time all of these things were intertwined, and you couldn’t tease them apart without destroying them all: perhaps that’s what went wrong, eventually we did.
I’ve filed the following safety issue with the NHTSA, after spending considerable time attempting to explain this safety issue to Chevrolet only to get incoherent answers by people who don’t appear competent enough to understand the problem. If you’ve been in an accident caused by GM’s speed control, it’s possible that this may potentially have comeRead More
Back in the late 1960s, University of California, Berkeley, published its first public BSD licenses promoting free software that could be reused by anyone. A few years later, in the 70s, BSD Unix was released by CSRG, a research group inside of Berkeley, and laid the foundation for many operating systems (including Mac OS X) as we know it today. It gradually evolved over time to support socket models, TCP/IP, Unix’s file model, and a lot more. You’ll find traces of all of these principals – and very often, core code itself, still used 50 years later in cutting edge operating systems. The idea of “free software” (whether “free as in beer” or “free as in freedom”) is credited as a driving force behind today’s technology, multi-billion dollar fortune companies, and even the iPhone or Android device sitting in your pocket. Here’s the rub: None of it was ever really free.
This brief post will show you how hackers are able to download an App Store application, patch the binary, and upload it to a non-jailbroken device using its original App ID, without the device being aware that anything is amiss – this can be done with a $99 developer certificate from Apple and [optionally] an $89 disassembler. Also, with a $299 enterprise enrollment, a modified application can be loaded onto any iOS device, without first registering its UDID (great for black bag jobs and the intelligence community).
Why not to rely on self-expiring messaging apps
Now, it’s been known for quite sometime in the iPhone development community that you can sign application binaries using your own dev certificate. Nobody’s taken the time to write up exactly how people are doing this, so I thought I would explain it. This isn’t considered a security vulnerability, although it could certainly be used to load a malicious copycat application onto someone’s iPhone (with physical access). This is more a byproduct of developer signing rights on a device, after it’s been enabled with a custom developer profile. What this should be is a lesson to developers (such as Snapchat, and others who rely on client-side logic) that the client application cannot be trusted for critical program logic. What does this mean for non-technical readers? In plain English, it means that Snapchat, as well as any other self-expiring messaging app in the App Store, can be hacked (by the recipient) to not expire the photos and messages you send them. This should be a no-brainer, but it seems there is a lot of confusion about this, hence the technical explanation.
As a developer, putting your access control on the client side is taboo. Most developers understand that applications can be “hacked” on jailbroken devices to manipulate the program, but very few realize it can be done on non-jailbroken devices too. There are numerous jailbreak tweaks for unlimited skips in Pandora, to prevent Snapchat messages from expiring, and even to add favorites in your mentions on TweetBot. The ability to hack applications is why (the good) applications do it all server-side. Certain types of apps, however, are designed in such a way that they depend on client logic to enforce access controls. Take Snapchat, for example, whose expiring messages require that the client make photos inaccessible after a certain period of time. These types of applications put the end-user at risk in the sense that they are more likely to send compromising content to a party that they don’t necessarily trust – thinking, at least, that the message has to expire.
Below is a letter I’ve sent to Royal Media today regarding a journalist who has gone far beyond his ethical and professional boundaries to harass and attack me. Why you ask? Because I didn’t think a particular subject I was researching was credible enough yet to warrant a story. I wanted to bring this to the attention of the tech community as a lesson to be very careful about which journalists you choose to speak with. When you have new findings to share, the choice of which journalists you discuss them with can be harmful if you choose unethical or unprofessional reporters, who are not willing or able to come to an understanding of the details surrounding your work.
Unfortunately, this is not the first time I have had to deal with less than ethical journalists. If you recall, I’ve recently had to deal with a smear campaign from a ZDNet writer, who seemingly used her position in journalism to launch a libelous attack against me, motivated by my religious beliefs (or what she thinks they are), with the full support of the ZDNet staff, who never took any action. Sadly, today, any hack can become a “reporter”, in today’s sense of the word, regardless of what kind of journalism training, or even ethical training, they’ve had. News agencies rarely hold their own writers accountable, especially in tech, where misogyny / misandry thrive, and where personal attacks generate headlines.
It’s been an incredible six years watching Ballistic grow from a humble trajectory computer to top the charts as the App Store’s most popular field firing system. Ballistic has grown organically – a rarity in this industry – through word of mouth, and nothing more. Not a single penny was ever spent on advertising to grow Ballistic, and yet it’s been featured in the NRA’s rifleman magazine, reviewed in a number of online magazines and blogs, and is now used by many world class competition shoots, military, and police sharpshooters. It has become a trusted name in the industry, and for that I am deeply grateful to all of you who have told your friends about it, and helped support the product with great ideas and requests.
Many of you have been asking me when an Android version is coming, or when other platforms will be supported, or new hardware that’s just now coming out, and are eager to see Ballistic continue to grow in capabilities. There are a lot of great new things that can be done with Ballistic, and I think there’s much more in store. I can’t do all of this alone, though, and so I’ve been in talks over the past few months with a team who has the resources to take the Ballistic suite of products to the next level.
In a response from Apple PR to journalists about my HOPE/X talk, it looks like Apple might have inadvertently admitted that, in the most widely accepted sense of the word, they do indeed have backdoors in iOS, however claim that the purpose is for “diagnostics” and “enterprise”.
The problem with this is that these services dish out data (and bypass backup encryption) regardless of whether or not “Send Diagnostic Data to Apple” is turned on or off, and whether or not the device is managed by an enterprise policy of any kind. So if these services were intended for such purposes, you’d think they’d only work if the device was managed/supervised or if the user had enabled diagnostic mode. Unfortunately this isn’t the case and there is no way to disable these mechanisms. As a result, every single device has these features enabled and there’s no way to turn them off, nor are users prompted for consent to send this kind of personal data off the device.
The President expressed troubling concern over Clayton Lockett’s botched execution, which left the poor thing writhing in pain before he died of a heart attack. While the President may sympathize with a convicted murderer and rapist, I don’t, and neither should you. Here’s why.
I recently gave an interview with Forbes discussing the technical implications of a case recently heard by the Supreme Court about warrantless mobile phone searches. The technical reasons for not allowing this to go on are many, including the most severe penalty of potentially destroying evidence that you would otherwise need to prosecute a case (should the suspect be found to have committed a crime). There is a far more important dimension to this SCOTUS case, however; the ruling to come could potentially change the face of our constitutional rights as it pertains to data.