A staff writer for the Valley Star, and Independent Student Newspaper wrote an article that has some serious inadequacies. I tried to comment on the article using both a Facebook account and by creating an account with the Valley Star site. Neither was effective. I don't know if they've stopped taking comments because the article is packed with inaccurate statements or if their site is simply broken. I took time from some very important work to comment on that article, so I'm posting it here.

The article is here http://lavalleystar.com/cm/2.900/sections/opinion/continued-lack-of-gun-control-means-no-end-to-tragic-campus-shootings-1.2856084#.T5SxdO0Tu2w ... << MORE >>

When I hear a person resort to name-calling during a discussion, it
tells me that the person has no facts that support their position. This
is clear in the article "Don't mix guns, college", on page B1 of Sunday's Globe (2012-01-15).
Yvonne Abraham uses a number of insults, apparently because her side of
the argument lacks factual support. Terms like "Gun Nut Paradise",
"lunacy", "assault weapons", and "loopy" indicate, to me, that she knows
that the facts are against her, and that she must get people riled up in
order to gain support for her side.

She raises a number of issues without illuminating them with facts,
perhaps because her opinion about guns runs contrary to the facts.

First, she says "approved bills allowing people to drive around with
loaded rifles and shotguns". She lists this as a bad thing. I'm not
sure precisely why she believes that this is a bad idea. I can speak
from my own experience and up-bringing. I was taught that guns are bad,
and grew to understand that we should ban all guns, because there is no
need for anyone to have a loaded gun, ever. Fortunately, for me, I was
also taught that I should understand the world around me, and that I
should do so by seeking out facts. The facts in this case indicate that
we are not less safe when people are permitted to carry guns. In fact,
guns are used to stop crime far more than I was ever told. Many
estimates range from 800,000 to 2,500,000 times per year. One study
estimated the number at 1,500,000. That particular study was sponsored
by the U.S. Department of Justice. That's 1.5 million times per year
that a person used a gun in Defense. Maybe loaded guns are not so bad?

She also indicates that it's bad that a bill would allow people to
"carry concealed guns without permits". This is already the case in
Vermont, Alaska, Arizona, and Wyoming. One argument in favor of
Constitutional Carry, as this is called, is that a criminal will carry
regardless of the restrictions. If that's the case then do you want the
criminals to know that they're the only ones who are carrying?
Furthermore, numerous studies show that when you allow people to carry
legally the murder rate goes down. The reverse is true as well.
Eliminating legal concealed carry causes the murder rate to go up.

She does bring up the Virginia Tech shootings, but she misses the basic
arguments. She says "Gun advocates argue that if students there had
been armed, Seung-Hui Cho, who killed 32, wouldn't have gotten very
far." and then she says "the thought of a firefight would hardly have
deterred him". Deterrence is not the point in this instance. There are
many different kinds of crime. In the case of an insane shooter who is
bent on killing as many people as possible before being killed
themselves, there is no deterrence. That person cannot be deterred.
They can only be stopped. For just a moment let's consider the Virginia
Tech case. He killed two people in a dorm first. Then he went to an
academic building, chained the doors from the inside, and walked around
the building, shooting people. He did so until armed resistance
arrived, in the form of police officers. The argument for allowing
campus carry is that one professor or student who was armed might have
stopped Cho from killing any others. While it is terrifying to think
that some of this could have been prevented, it is important, because
this will happen again. People go crazy, and in some cases they need to
be forced to stop. Wishing for it, and hiding behind desks does not
make it stop.

She mentions that it would be bad to have "college students with no
weapons training", but there are several reasons that this is not a
rational point of view. First, the law does not prohibit staff and
faculty, therefore not all those permitted to carry will be students.
Second, some students will, doubtless, be trained. Carrying a gun is
not a singular act that occurs in a vacuum. Many people who carry are
interested in competition shooting as well as self defense. This
mind-set causes people to seek out training.

There's another point that she neglects entirely. In some cases people
have reason to want to protect themselves. Some examples include a
person battered and/or stalked by a former spouse, a person who assists
law enforcement in their efforts against criminals, and a person who
appears to be an easy target for crime due to stature, age, or other
factors. All of these people are prohibited from arming themselves on
campus. Furthermore, in a state like Massachusetts, where no guns are
permitted on any school grounds, law abiding people cannot even drive
into the parking lot. This means that people are disarmed to and from
school, whether they work at a school or are simply picking up or
dropping off a child. Prohibiting campus carry disarms honest people
throughout their daily lives, putting them at risk both before and after
they are on the campus itself.

The worst part about prohibiting campus carry is that it is not
enforced. There are no check points or inspections. We have trouble
keeping the dishonest from carrying toothpaste onto airplanes. Do we
think that we can stop criminals from carrying guns onto college
campuses when we don't even indicate clearly where these campus borders
are located? The very notion that making it illegal to carry on campus
makes it safer is preposterous. The sane, honest, law-abiding people
who you want to be armed are prevented, and the insane, dishonest
criminals know that the honest folk will be unarmed.

It's actually very clear when one considers things dispassionately. I
know that this is hard. It's taken me a number of years to get here.
It is, however, critical for the safety of all that we allow concealed
carry. Consider who will obey such a law, especially in a place like
Massachusetts where there are more than 100 places of higher learning
and more than 1900 elementary, middle, and high schools. An honest, law
abiding person thinks "I may drive into the school parking lot today, so
I better leave my gun in the safe at home." A criminal thinks "I better
keep it hidden so nobody sees it." An insane murderer doesn't think.
We prevent the sane person, and we do nothing to deter the dangerous people.

Getting back to the original point, while I may understand the feeling
that "guns are bad", the very notion of ridiculing one's opposition
without any understanding of their point of view is quite arrogant. (I
feel I can say that, because I used to do it.) In the continuing debate
about gun control there are people of good conscience on both sides of
the issue. Rather than simply declaring the other side as wrong, I
suggest that intelligent people try to understand how a likewise
intelligent person could be on the other side of the issue. Once we
have obtained such understanding we have a possibility of change that
is well considered and good for all. If we resort to calling each other
names then everyone loses.


--
-Vik

Vik Solem, CISSP, RSO
vik@truesecurity.us
617-544-7233
141 Memorial Pkwy, #115
Randolph, MA 02368

From what is written in this AP article, it appears that Benjamin Colton Barnes shot four people and then fled into Mount Rainier National Park. There he shot and killed park ranger Margaret Anderson. If this is true, and I have no reason to suspect that it's not, then he's a murderer, and I'm very happy to watch the full weight of the criminal justice system land squarely on his head. How could any sane person feel otherwise?

We have a deadly criminal who is running from law enforcement. He's killed a law enforcement officer. Naturally it's the perfect time to blame a gun law. (Following is from the AP article linked above and referenced at the bottom of this entry.)

    Bill Wade, the outgoing chair of the Coalition of National Park 
    Service Retirees, said Congress should be regretting its decision 
    to allow loaded weapons in national parks. He called Sunday's 
    fatal shooting a tragedy that could have been prevented.

The idea is that Barnes would not have fled into the National Park if it had been illegal to do so. How would that work? What would his thought process have been? "I just shot 4 people. I need to run. I have my vehicle full of survival gear, and there's that forest right nearby. Oh, wait. It's illegal for me to take my guns there. Hmmm. Maybe I'll leave my guns at home, or maybe I'll make sure to flee someplace where guns are not illegal."

Seriously? We should make it illegal to carry a gun for protection in order to prevent a murderer from carrying a gun? That's beyond silly. That's irrational thought, and it's insulting to present it as a viable alternative.

Unenforced restrictions on carrying firearms are useless. They require self-enforcement, which will only be done by law abiding citizens. Therefore, any unenforced laws that restrict carrying a gun will always disarm law abiding people while encouraging criminals. One alternative is to enforce the restrictions. Of course this would require checkpoints where we invade everyone's privacy. Imagine TSA checkpoints at every entry to every school, restaurant, and church. Perhaps checkpoints every time you want to enter a national park or travel from one town to another? That is, of course, lunacy. The alternative is laws that punish criminals with minimal restrictions on those who are not criminals. A law abiding citizen should be permitted to carry concealed as they like. As soon as they commit a serious crime, then things should change. For exampe, it's not illegal to own or to carry a crow bar, but the moment you break into a house, that crow bar becomes a tool for burglary. At that point carrying a burglary tool can be punished. The moment you became a criminal the items you were carrying took on a whole new meaning. We need to think about guns in the same way. We are safer as individuals, and as a nation, if we encourage law abiding people to own and (with proper training, please) to carry firearms.

-Vik
Vik Solem, CISSP
Phone: 617-544-7233
Email: vik@TrueSecurity.us
Web: http://TrueSecurity.us/


Reference:
Article URL.

China is getting serious about their
Space Program. The United States needs to start making things happen, or we'll be left behind.

Do we want to have the moon and orbital platforms owned and controlled by a Socialist country that has an abominable record on Human Rights?

-Vik
Vik Solem, CISSP
Phone: 617-544-7233
Email: vik@TrueSecurity.us
Web: http://TrueSecurity.us/

In case some servers appear unavailable over the next few weeks, there's a new attack for DoS'ing web servers using little bandwidth.

from SANS
A new vulnerability advisory by security firm n-runs [1] describes how hash tables in PHP5,Java,ASP.NET and others can be attacked with deliberate collisions in the hash function, leading to a denial of service (DoS) on the web server in question. Microsoft have already responded with an advisory [2] of their own, other vendors are likely to follow.

from Security Week
Several vendors are currently working to resolve a hash collision vulnerability, which if exploited can trigger a denial-of-service condition on multiple platforms.

from cryptanalysis.eu

SANS publishes a good security newsletter called "Ouch!". In the
July publication there's some excellent information about what you
can do to protect yourself in Facebook.

http://www.sans.org/newsletters/ouch/current_ouch.php

-Vik

Vik Solem, CISSP
viksolem@acm.org

This is an example where your ATM card can be used and you don't know
it's happened until you get your monthly statement. Read those
license agreements carefully. With the advent of online banking some
banks don't give you as much time to challenge a charge as they did
in the past.

The Wall Street Journal is reporting that $217,00 was skimmed from
some banks on Long Island in April and May of this year.

http://online.wsj.com/article/
SB10001424052748703302604575295082741170878.html?mod=googlenews_wsj

Check your accounts cafefully.

-Vik

Never underestimate your adversary. In first picture you see what
appears to be a normal ATM.

http://twitpic.com/4pko1

But there's a camera which is used for recording your PIN.

http://twitpic.com/4pknu

And the card slot has a skimmer mounted on it so that the bad guys
can read your card right as you slide it into the machine.

http://twitpic.com/4pkn3

Here's the skimmer removed.

http://twitpic.com/4pkmn

Here's a close-up of the camera.

http://twitpic.com/4pkmj

So, what's the big deal? Well, you go to the ATM, insert your card,
enter your PIN and get your cash. You leave with your cash, and you
don't know that the bad guys just recorded the magnetic stripe from
your card and saw you enter your PIN. They then use that data to
pull $100 per day from your account until you find out and cancel the
card number. Or, perhaps they use another ATM machine to make other
mischief with your account.

The bank doesn't know anything is wrong because it's your card number
and your PIN, and if their fine-print says that you're responsible
for the security of your PIN then it might be your problem to fix.

Know your risks and manage them carefully.

-Vik
Vik Solem
Email: vik@TrueSecurity.us
Web: http://TrueSecurity.us/

My son wanted to get a part time job while in High School, so he went to the website for one of the large drug-store companies.  The application (which was hosted at a different site) required his Social Security Number (SSN) as part of the application.  He asked me about that, and I cautioned him that he should not provide his SSN because he had no legal relationship with the company running the web site, and he therefore had little recourse if they were to give away his personal information.  He was not too happy with this, but I agreed to check with the main company.