Come to Jesus moment for SCADA developers
Published January 22, 2012 | 
A couple of years ago, Firesheep created a come to Jesus moment for many of the most popular web sites on the internet. It demonstrated for anyone interested (no skill needed) that not using SSL was bad, and that anyone’s account could be hacked. All responsible websites have responded by increasing their security and the internet is a better place for it.
At the S4 Conference SCADA systems were put under the wire brush and found as insecure as those websites targeted by Firesheep. Iran learned the hard way that SCADA isn’t secure with Stuxnet.
SCADA is designed by industrial engineers for industrial engineers, and not by computer security experts… and it shows. At the conference flaw after flaw was exposed which if exploited could cost billions and even cost lives. Unlike a Facebook account, SCADA controls physical processes and when something goes wrong, bad physical things can happen. The conference attendees speculated that there will be a Firesheep moment for SCADA and that the industry will have to react.
I agree and disagree. I do think that if I were to buy a new SCADA system, I’d be able to find a wide range of improved security offered. I also think that I’d find systems that were upgradable and that could be easily patched in the future against evolving threats. What I don’t see is any reasonable expectation that the existing fielded systems will ever be fixed. The flaws extend beyond the server farm and into small control boxes scattered around power plants and industrial sites. This is more like IE 6 than Firesheep. No matter how much Microsoft has tried, IE 6 still lives on. It will take touching every single flawed box and potentially redesigning every single system to secure them. Firesheep was countered by using SSL at the servers. If countering required each user to replace their laptop, we would still hear about Firesheep.
I don’t know if there will ever be an event that causes industry to touch all of those boxes and to upgrade them. Those boxes are a sunk cost and they just work.. so why change them. It will be easier for industry to implement procedural changes to reduce (but not eliminate) the risk. Some industries such as nuclear power plants may make the effort, but will the dairy farm? Additionally, I doubt that any warranty associated with these boxes included this. They work as designed, so therefore the fact that they were designed without sufficient security isn’t something likely covered under warranty.
The people that wrote Stuxnet were targeting a specific set of SCADA controllers and intentionally prevented their software from attacking outside of a narrow set of parameters. They were unable to prevent collateral damage, but they did go out of their way to do so. The worse case scenario for the SCADA industry (both manufactures and users) is someone releasing a variant of Stuxnet that is as discriminating as a nuclear weapon. Remember the Conficker virus? You know, the one that infected 15 million windows computers. It didn’t care who you were. Now, put the Stuxnet payload on something as nondescript as that, and you’ll get the worlds attention. You will also cause physical damage across a wide range of industries.
It is unlikely that the industry will recall their boxes and replace them for free. It is also unlikely that most industries will pay to replace their SCADA systems with newer secure ones. The best we can hope for is that industries start building response plans for when their SCADA systems are compromised. At some point some virus is going to be released into the wild that does impact SCADA. It may be something that was designed to target a small population, but who’s controls were poorly designed. It may be something designed to show off the skills of some 15 year old hacker… I don’t know… but it will happen. The question isn’t if or when, but how will industries respond and how well are those contingency plans written.
Sea Sheperd’s Drone
Published December 26, 2011 | Now, this is interesting. I just read a story about the Sea Shepherd activist organization has now deployed a drone to track Japanese whalers. If you aren’t familiar with Sea Shepherd, it is an anti-whaling organization that follows the Japanese whaling fleet and attempts to disrupt their operations. You can watch their activities on a reality show.
Well, they just got a donated drone, and are now using it to track the whaling fleet. This is pretty cool. This is also an interesting use of the technology that probably wasn’t thought of by the drone inventors. It makes me wonders where this technology may go in the future. What would happen if Occupy Wallstreet had a drone overhead constantly, alerting them as to what the police were doing? How would constant monitoring change police tactics? Does the police shoot down the drone before evicting the protestors?
In this case, Sea Shepherd and the Japanese whalers are in international waters so there is not police that will claim jurisdiction. I have to wonder how the Japanese will respond? Will they even try to shoot down the drone? I would doubt that they have anything on board the ship that will effectively shoot down a drone. Maybe they could get lucky with a harpoon, but I doubt it.
This is an interesting development in this multi-year conflict between Sea Shepherd and the Japanese whaling fleet. As the technology continues to develop it will continue to influence this battle. Just wait until someone decides to bring along torpedoes.
Lightsquared vs GPS
Published December 24, 2011 | There has been several experiments showing that Lightsquare’s systems interfere with GPS frequencies. Lightsquare is now seeking a ruling to put the blame on the GPS manufactures and therefore be permitted to roll out it’s system while forcing the GPS manufactures to fix their systems. If this goes through it will be a disaster. First of all, the GPS systems in question are already out in the market, and Lightsquare’s isn’t. Even if this was the fault of the GPS equipment, there is not economical or technical way to update every GPS device, especially those that are securely embedded inside of systems.
But, this is not the GPS manufacture’s fault as Lightsquare will have you believe. GPS receivers are just that, receivers. They only listen for the GPS signal that is broadcasted from the satellites above. The GPS signal is very weak, and therefore the receivers must be sensitive to pick them up the signal. If Lightsquare is broadcasting too close to the GPS frequencies, or on the GPS frequencies, of course these sensitive receivers will pick it up. Welcome to basic radio theory. GPS receivers have been around for many years, and have evolved. In the beginning it took a long time to pick up a satellite and only a few could be picked up at a time. That wasn’t good enough for either military or commercial use (no good if your GPS only starts working after you arrived at your destination), so they pushed up the sensitivity and improved the processing. Now they have GPS receivers that can find your location quickly, just like we want it. The outcome of this is that a small buffer is needed around the frequencies to ensure that they aren’t accidentally interfered with. That is the price we pay to have a GPS system that works, and that is the frequencies that Lightsquare wants to use.
Sorry Lightsquare. Much of our civil infrastructure, consumer electronics, and military systems rely on GPS. If your systems are going to interfere with them then you lose. If your system was already deployed and GPS was new, then the roles would be reversed. You are the one coming late to the frequency party and therefore get stuck dealing with the outcome of several years of evolution of GPS.
I like what Lightsquare is trying to do, and I do hope that they can find some frequency band that will work for them. However, the GPS bands must remain off-limits. It is unfortunate for any company that has a good idea, and believe that they have a right to develop systems that border on the GPS, that their plans get screwed. The Government did a poor job of laying down a foundation for frequency management. There was no way to do it well, given that no one had any idea as to how wireless technology would evolve. The FCC has done its best with what it has, but it is stuck with many legacy decisions and systems that abuse the frequencies they are given. At some point we’ll have to make the same transition as we did with standard to digital televisions, but this time with military radios, satellite communications, and commercial wireless devices. It will be a challenge and will likely take several hundred years to complete. Until then, Lightsquare and others like them are stuck with what we have, no matter how unfair it may seam.
Best of luck Lightsquare, but stay away from my GPS… it is often the only thing that knows where I’m going… and I’d like to get there someday.
What should the future of TSA be?
Published December 9, 2011 | The Transportation Security Administration was created after 9/11 to prevent 9/11. It was the classic knee jerk reaction to events that had already occurred. The proponents of TSA will point out that since there hasn’t been another 9/11 type of event since then, that TSA is working. The opponents of the TSA will point out that terrorist can learn and perhaps they haven’t been trying to highjack airplanes since 9/11. Either way, a lot of money and technology has been thrown at TSA, and it is debatable that it has been a good investment.
The Super Committee failed. Our deficit is beyond reason and growing fast. Our government is struggling with trying to cut expenses and raise income. Perhaps now we can finally look at the TSA with an objective eye, and make some common sense changes. Wired had a good article summarizing TSA’s performance as “Insider: $56 Billion Later, Airport Security is Junk”. It is a good read and they make some excellent arguments. For this discussion, I’m going to limit the discussion to TSA and airports. They really have a responsibility outside of just airports, but that is where most of the easy changes can take place.
First of all, what is the objective of the TSA? It should be to prevent airplanes from being highjacked, blown-up, or shot down. This is good, but the reality is that you can never foresee every possible threat, and there is no way to prevent everything. This is an effort in risk management, and the best we can hope for is to catch and prevent stupid and/or crazy folks that attempt to either highjack or blow-up an aircraft. You may be able to prevent the stupid terrorist/criminals from accomplishing their objectives, and while doing so, you may raise the difficulty level for the more capable terrorists such that they target less defended targets (which exists everywhere).
So, what should we do with the TSA? Here’s my recommendations:
- Reduce passenger screening back to pre-9/11 levels. Stick with the basics, an ID check and a metal detector. Let us keep our shoes on, and allow liquids back on the plane. Let me keep my laptop in the bag. Focus on preventing a bunch-up of passengers which is a more attractive target than blowing up a plane. Keep guns and large knives off the plane and prevent the obvious stupid and/or crazies from acting out on the plane.
- Keep the hardened cockpit doors. This is one of the few things that the TSA did that makes sense. If someone can’t get to the cockpit, then they can’t highjack the airplane.
- Educate travelers that it is still their responsibility to violently suppress anyone trying to highjack the plane. The passengers and flight attendants are the first and last defense against someone acting out on an airplane. After 9/11 this was clear and I even had pilots remind passengers of this… now, so many years later, we may be forgetting this. Just put out some reminders, I think most travelers would understand it.
- Increase the background checks of airport and airline employees. Anyone that has unfettered access to the aircraft should be checked. It is much easier to damage or sabotage an aircraft from anywhere but the passenger cabin. I’d be more worried about a rouge employee than a crazy passenger.
- Monitor the area around the airport better. Here’s a hard one. If someone was going to try to shoot down a commercial aircraft, they aren’t necessarily going to be on the airport. They could be next to the airport, or even a few miles away. They just need to be in the path of the aircraft when the aircraft is low enough to be hit by whatever they are shooting at it. Accomplishing this effectively will be nearly impossible, so the best you could hope is to have some cameras monitor the likely areas and to dispatch folks to investigate if something suspicious happens. So, when that van suddenly stops at the end of the runway and folks jump out, you send someone out to see what is going on. The best you can hope for is to increase the terrorist risk so they don’t try it. I wouldn’t put too much into this area, but you might be able to catch the obvious if you are lucky.
- Most importantly, educate travelers that there is a risk and that TSA can’t prevent everything and that it isn’t going to try. Just admit to the public that something bad may happen and that that sucks, but it is a fact of life. If they understand that every dime spent on the TSA is a dime not spent on education, or another dime added to our deficit, they would understand. The TSA doesn’t produce anything. They do not contribute at all to our Gross National Product. If people are treated like adults and they understand the risk and costs associated with minimizing every risk, I don’t think you’d get a huge backlash from folks when the TSA backs off from their very expensive tactics.
So, there are some of my ideas. They pretty much match up with what others are saying. I don’t know if the politicians have the willpower to dramatically reduce the scale and cost of the TSA without giving their political opponents the “they are soft on terrorism” stick to beat them up with. It is simple common sense that addresses the reality of the situation. It may be an uphill battle to apply some common sense here, but given our financial situation, it is worth making the effort.
How the Government Goes About Creating a Crappy App
Published November 23, 2011 | Rich Jones posted a wonderful piece on gun.io on this horrible mobile application that the Occupational Safety and Health Administration (OSHA) created. He estimated that he could have done it for about $600, so he submitted a Freedom of Information Act (FOIA) request to find out how much this piece of crap cost for the Taxpayers. In total, the Android App, IOS App, and the Blackberry App (which was never released) cost slightly over $200,000. That’s right, a $600 app for $200, 000. On top of the $200,000 for the applications, the source code isn’t publicly available as it is considered a trade secret by the contractor Eastern Research Group.
Rich goes on asking how this could happen. Well, I don’t have any inside information on how OSHA did this application but I can hypothesize how this happened. Rich goes on how he’d like the system to work, and I applaud him for that vision. Now, let me work through the likely steps that resulted in this piece of crap.
- Somewhere near the top of OSHA a Senior Executive Service (SES) manager decided that OSHA “needed an App”. Everyone in Government is doing Apps, and OSHA is not going to let everyone have one but themselves.
- The poor manager assigned to this task has no technical or coding background. He or She is a mid-level manager, just trying to put food on the table. When he asks the Boss “What do you want the App to do?”, the answer is something like “I don’t care, just make an App and leave me alone about it.” Here’s the first major problem… there is no actual reason for the App, and no one has thought this through.
- The manager must now write a Request for Proposal (RFP) for the development of the App. This process takes about six months if you are lucky, and you must go through multiple legal and contracting reviews. Any creativity or vision will be stripped out of the RFP as too risky or unusual. The RFP will have language such as “The Contractor shall produce an App that provides users information about OSHA”. There won’t be any mock-ups, diagrams, or use-cases… it is all just words.
- The RFP will be a Firm Fixed Price (FFP) contract which allows the Government from taking any risk, or requiring constant management of the contract to ensure that everything is going according to plan. A FFP contract means that the Government provides the contractor (ERG in this case) a flat fee for the App. If it costs ERG $600 to make the App, then the rest is profit.
- The RFP “goes out on the street” for proposal. The Government waits for about thirty or sixty days for responses. Contractors will write a proposal and the proposal that is “technically acceptable, lowest costs” wins. Now, there are two poison pills for new and smaller companies. The first is that they are judged on “past performance”. So, if you don’t have any, it counts against you. In reality no past performance equals a neutral score, but you can’t take biases out of the people reviewing the proposals. Secondly, the RFP contains a lot of boiler-plate requirements which are very costly to satisfy. Only companies that have made it their business to get Government contracts get Government contracts. It is just too difficult for others to break into the business, but occasionally it does happen. Most often a company will leverage one type of contract for another. So, if a company runs an IT Help Desk, they will suddenly consider them a software development house, with the often predicted bad results.
- The contractor will take as much time to do the work as possible, even if they aren’t really working on it. For a FFP contract, you don’t want to deliver too early. That would give the Government the chance to complain and force changes. But if you wait until just before the end of the “period of performance”, there isn’t enough time for the Government to react, so they just accept what was delivered.
- Finally, but the time the App is actually delivered the SES has moved on to another job, and the new SES’s response is “we have an App, why?, okay… might as well publish it”.
There you go, from poorly defined requirements to a somewhat functional App. This is not how it can happen, but this is how the system is designed to work. It could be redesigned and changed, but that requires an act of congress, and they haven’t really demonstrated their capabilities to pass well thought out and written laws lately.
Rich also goes into the inability to gain the source code. The default data rights for such a contract are Government Purpose Rights (GPR). GPR is kind of like open source, but only within Government channels. This assumes there the mid-level manager understands something about data rights. If not, the contractors will likely try to slip in even more restrictive data rights in their proposals. If the manager is a rebel, they could push for “unlimited rights” which would all OSHA to release the code, but that really takes a lot of effort, and assumes that one of these companies is even willing to accept that contract clause.
Rich makes some good points in his rant. Unfortunately, the established government contracting process has been established to maximize profit while minimizing productivity. In many ways it is a works program. Now, I’m sure that isn’t the true stated purpose of it, but is how it ends up. I would like to see the system change, but I’m not sure writing my congressman will help in this case.
Posted in Computers, Politics | 
Android, ERG, Government Contracting, iPhone, OSHA | 
Leave a commentIs Privacy Dead?
Published November 17, 2011 | I was in a class today with a bunch of engineers. We were taking a class on how to migrate legacy computer systems into a services based architecture. Okay, so not that exciting. One of the engineers stated that we should go to a single national ID in order to avoid having to make the different state systems work together. I countered with the fact that the Constitution doesn’t give the Federal government that power, and that it is a State right. He countered that “they” know everything about us anyway and there is no privacy, so why not give up State issued IDs for Federal ones?
Now, this guy isn’t stupid.. thick headed at times yes, but not stupid. If smart people not only feel that privacy is dead, but then don’t blink an eye about giving up more privacy or more rights, then I think we have a big problem. My reaction was to ask him to think about what we should do to restore our rights instead of being happy with giving them up.
I’m reminded of the ongoing debate about GPS trackers and the Government having the authority to request your phone records to include location information without a court order. I was happy to see at least one judge today declare that such requests are unconstitutional and require a warrant.
When our Founding Fathers … uh… founded this Country we didn’t live in an electronic jungle. Privacy was easy as closing the door. Today, we have mobile tracking devices in our pockets, and we send all of our communications over the internet where it is easily accessible. IF the Founding Fathers were writing the Constitution today I would have to believe that they would place strict limits on the Federal Governments ability to wiretap, request ISP records, place GPS trackers and so on. I’d find it hard that they would just prevent the Government from searching your “papers” as it is currently written. The Colonists left England to escape a heavy handed Government.
But instead, we have a Government that is constantly trying to push the boundaries of what is Constitutional. They want more and more powers to avoid requesting warrants and there is even speculation on a secret interpretation of the Patriot Act. Shouldn’t these folks fall on the side of the Constitution and placing limits on Government? Why does the Government want so much power? With all of the abuses that we know of, do we really want the Government (or business for that matter) to know where we have been moment to moment, everything we’ve done online, every email we’ve sent, and so on? I would like to think not.
While privacy may be dead in practice, I like it. Instead of bemoaning the loss of privacy, why aren’t we working to restore privacy in America? Privacy is not a human, not a living thing that once dead can’t be brought back to life (zombies excluded). It is a concept and principal, and if loss, can be found again and restored. We can make changes to our existing laws and social norms to bring back privacy, we just have to make the decision to do so. We can start by erring on the side of privacy and the 4th Amendment.
Maybe it is a pipe dream, but America was built on dreams.
Government Lying Bad, FOIA Lying Even Worse
Published November 4, 2011 | The Department of Justice just dropped a proposed change to the FOIA rules that would have allowed the Government to lie in response to a legal FOIA request. It is shameful that the DoJ even thought such a rule was necessary. Last time I checked, the DoJ suppose to work for the people, not any specific Government agency or service. If you can’t tell us due to national secrets, then tell us that, but don’t claim that you “don’t have it”, when you do.
I suspect there is a fair amount of lying or “reinterpretation of the request” that already happens, but it should never be sanctioned. I’m glad to see the rule dropped and while it won’t guarantee protections from lying, it will at least be better than with sanctioned lying. The Government is disliked by many of the folks it suppose to protect because of the cloak of secrecy that has risen over the past ten or twenty years. Even with all of the campaign promises of transparency, there is more secrecy than ever. But we should never give anyone the right to lie. If you can’t or won’t tell us, be honest about it.
Virus Takes Down AF Drones…WTF
Published October 8, 2011 | Wired has an article on a computer virus that has infected the Predator and Reaper control stations at Creech AFB. Someone screwed up big here. First of off, why was infected media introduced to the classified system? Secondly, why wasn’t there a clean backup that they could use to restore to?
These systems operate on a classified network. So, either the bad guy has access to the classified network and introduced the malware there (not a happy thought), or someone broke the rules and transferred media from the internet to the classified network (another no-no). Now, there are always exceptions to the rules, but in those cases all media should have been scanned prior to connecting them to the classified network. So, what happened here? Someone screwed up. Someone didn’t follow the rules assuming that they didn’t apply to them, or that what they were doing at the moment was too critical to slow down and follow the rules. Maybe the system they use to scan media was broken, or perhaps it wasn’t loaded with the right virus signatures. Either way, something went wrong.
Secondly, why don’t that have a clean system to backup from? This is a weapon system, not a video game. In the article they go on about how they had to build the system from scratch again and again, always resulting in the same re-infection? Why? Doesn’t the system have a clean backup? With the advent of virtual machines, snapshots, backup tapes, replication, and so on… you’d think they should be able to backup without a problem. Now, the exception would be if the virus is hiding in some firmware and if that is the case, they are in more trouble that they realize.
I guess the real last question is why are they using Windows at all? Why is the military using a commercial grade operating system that is the largest target on the planet for viruses to run a critical weapon system? Shouldn’t this be on SELinux? I bet the decision was made in the name of convenience and cost savings… so, how convenient is it now? Saving money? We need to realize that if IT systems are weapon systems, then we need to treat them as such. This isn’t the same as my PC at home. People generally don’t die if my PC goes up in smoke at home, but what happens if someone through the virus learns how to insert commands to a Reaper. How does it look when the Reaper fires a missile at friendly troops… and we learn that it was the result of someone highjacking the system. If they can highjack people using their bank’s website, they could certainly do this… and learning the system through a keylogger is the first step in that direction.
The Predator program has been an insane success. It went from a science project to a major weapon system overnight. Had it gone through the traditional acquisition cycle, it would have likely failed. However, in its rush to be fielded, they took shortcuts such as their selection of operating systems. It might be time now to rethink this. If you are going to go with Windows, then you need to secure it correctly. If you are a critical system, then you need to be able to boot from a clean backup. Yes, this means more engineering and more costs, without any obvious operational value… but it also means that you can continue to operate through these type of issues. Mission availability and robustness should be a valued operational characteristic. I doubt that this incident will cause anything to be changed. I just hope that it won’t take one of our UAV’s to be highjacked and the death of friendly troops to finally make us change how the system is designed and used.
Thanks Steve
Published October 8, 2011 | As everyone on this planet probably knows by now, Steve Jobs has died. I came late to the Cult of Mac and it wasn’t until not only was I ready to spend that kind of money, but also that they had developed an ecosystem worthy of me paying so much for a computer. Up to then I had been a Windows guy, and I always had an arsenal of utilities just to keep the machine working.
Steve was very lucky. Not only did he have a vision, but he also had the tenacity and resources to make his vision into reality. I think most importantly, he learned from his mistakes. It must have been something for him to see Apple take off based on his vision. How proud he must have felt for himself and his team, when the world’s shoppers embraced his vision with their checkbooks. I would guess it would be like being the head of NASA as the first man stepped on the Moon.
I don’t know if anyone else could duplicate Steve’s success. There are certainly many people out there with great visions, but few are as lucky to be surrounded by just the right opportunities and resources as Steve was. I would like to think that we will see more like Steve come out into the open.
Steve was a Buddhist, and if he is correct, he will be likely reincarnated. I like the concept and believe it myself. There may be a newborn somewhere with Steve’s soul, wailing away in his Mother’s arms. I have to wonder what such a baby will grow up to be like. Maybe someday in a few years we’ll see this rising star of a man and realize him for what he is, Steve 2.0. Until then, the world will morn his loss, as well as the loss of all who have passed.
Thanks Steve for the vision you brought to this world, and all of your hard work. Best of luck in the new life, and enjoy your iPad in your iCrib.
Electronics and the Fourth Amendment
Published September 24, 2011 | I don’t believe that the Founding Fathers of our country could have ever imagined today’s electronics. There is no doubt that if you showed up with an iPhone back then you’d be declared a witch or wizard, and probably strung up by your neck. When they wrote the Forth Amendment, the notion of a search was limited to physically going through one man’s physical possessions. Even letters were possessions, and there was nothing stored on a a network accessible outside of one man’s house.
The Fourth Amendment reads:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
The word in question today is “unreasonable”. Today, law enforcement has the ability to intercept your phone calls, read your emails, see your online files, and otherwise invade your online life. At what point does law enforcement need to obtain a Warrant for such action? What is unreasonable? I would think that back when the Consititution was being drafted, barging into someone’s house without cause would be “unreasonable”. But, is maintaining a computer program that inspects every email sent for terrorist keywords unreasonable? It isn’t like there is necessarily a person reviewing every email, and unless your email gets flagged, no one is the wiser… right? Or, is law enforcement using something like Harris’s Stingray cellphone tracker unreasonable? It allows law enforcement to track you even if your not talking on your cellphone.
To me, any searching technique that is completely unnoticeable by the target should be considered unreasonable, and subject to getting a Warrant. Unless you have some level of probable cause, you shouldn’t be tracking my online life, period. That is the difference in our countries ideals and those of Iran or China. Yes, there are possible consequences if criminal actions are missed, but casting a wide net in an unjustified fishing expedition isn’t the American way, unless you think McCarthy was right. I don’t, and I don’t think that America is full of criminals and terrorist… there are certainly a small number of bad actors, but that doesn’t justify putting every American into a surveillance society.
If you are being searched, and within search I include surveillance techniques such as GPS tracking and cellphone tracking, the target should have a chance of catching you which doesn’t involved tearing apart your own car. I have no problems with the police going up and down my road, and if they see someone walking in my yard late at night, I don’t think it is unreasonable for them to stop the person (even if it is me). If I am in public and I’m talking on my cellphone, and someone overhears me planning a crime, again… fair game. I just draw the line at law enforcement using techniques that should require a Warrant without getting one. If they can’t do the legwork necessary to get a Warrant, then maybe there is no cause for them to conduct a search in the first place.
I am sure that there will be cases where someone does something horrible that could have been stopped under the ideal surveillance society, and there will be pressure to pull another Patriot Act out of the hat, giving even more power to law enforcement. I hope that we can all realize at that point that sometimes bad things happen, and there is nothing, anyone can do about it. It is better to tear our Constitution apart in an effort to prevent the unpreventable, or should we improve our ability to respond to such crisis better.
I’m proud to be an American and I do think that our Constitution and the protections it provides us is what makes this country great. I also believe that we have destroyed much of the meaning behind the Constitution for our “own protection” with very little benefit. Maybe someday we will have the courage to rollback many of the laws that impend on our rights, but I don’t know. As for the Fourth Amendment, it is perhaps the most abused Amendment we have, and it sorely needs protection. Let’s hope that those fighting to make the courts come down on the legal protections or lack of protections that American’s have succeed. If nothing else, let’s get it on the record that the Fourth Amendment is no longer valid, and if that is the case… let’s see how a repeal of the Fourth Amendment would be welcomed by the American public. For some reason I don’t think the average American would take to kind the idea of repealing the Forth Amendment, but for right now what they don’t know, doesn’t hurt them… right?
Posted in Intelligence, Politics, Technology | Fourth Amendment, Law Enforcement, Search | Leave a comment