Category: reason

False Positive begins with a scene of lurid promise: a shot of a blood-soaked woman wandering down an otherwise empty New York street. Since the cast—Ilana Glazer, Justin Theroux, Pierce Brosnan—and the cinematographer (Pawel Pogorzelski, who shot both Hereditary and Midsommar for director Ari Aster) bring substantial cred to the film, even if the three actors aren’t horror stars, we settle in for some sort of cool surprise. Or at least something a little less nutty than what we eventually get here.

The picture was scripted by Glazer and director John Lee, who worked together on Glazer’s Comedy Central show Broad City. It’s an update of Rosemary’s Baby, with the Satan-worshipping geezers of that film replaced by the sort of smug, manipulative men whose mission in life is to undermine women at every opportunity. I hear you groaning.

But since the story is set in the world of reproductive medicine, the movie’s pointed feminist POV is unobjectionable and generally effective. When one familiar question comes up—”Does your doctor claim to know more about your body than you do?”—it stokes the plot and raises a real-world issue simultaneously.

As the movie gets underway, we meet a well-to-do Manhattan marketing whiz named Lucy Martin (Glazer) and her husband Adrian (Theroux), a surgeon. Lucy has been trying to get pregnant for two years with no luck. Adrian tells her he’s going to take her to see Dr. John Hindle (Brosnan), one of the world’s top fertility specialists. This is rather odd. Since Hindle was Adrian’s mentor in medical school, and the two men have remained close, why didn’t Adrian bring Lucy to see the older man much earlier—say, two years ago?

With his suave demeanor and distinguished beard, Hindle radiates professional eminence. But he’s also a little weird. As Lucy reclines on an examination table with her knees spread, the celebrity medico, peering around beneath the sheet covering her lower body, addresses his comments to Adrian, who’s hovering nearby. Injecting a huge syringe full of his signature pregnancy medication into Lucy, he says to Adrian, “This is good stuff.”

The medication works almost too well. Lucy does get pregnant, but a sonogram reveals that she’s carrying three babies: two males and one female. “I would strongly recommend keeping the boys,” Hindle tells her, explaining that the female isn’t strong enough to survive. (Men again!) But later, at home, Lucy tells Adrian she wants to keep the girl. Adrian reluctantly agrees to go along with her wishes, but late that night we see him sitting in a dark room furtively tapping at a laptop.

Since it’s clear early on that there are no otherworldly elements in the story, we can probably dismiss as little in-jokes fact that “Adrian” is the name of Satan’s son in Rosemary’s Baby, and that “Wendy”—which is what Lucy wants to call her forthcoming daughter after disposing of the two boys in her womb—was the name of the girl who mothered the Lost Boys in Peter Pan. The actual reason for the gaslighting and other malign things going on in the film is not supernatural, but very much of-the-moment.

The movie gets crazier as it goes along, but it’s not without virtues: Glazer especially, playing it straight, is appealing in a new way. But the picture would have been much improved by ending about 10 minutes before it actually does. This would have deep-sixed the boldly ridiculous concluding segment, which involves bizarre levitations and Dr. Hindle firing off lines like, “God doesn’t make babies, I do!” The final scene, which is grotesque and preposterous at the same time, will someday surely be the answer to a film quiz question about the worst visual ideas in a mainstream movie.

from Latest – Reason.com https://ift.tt/2UxeP2V
via IFTTT

Despite much whining on the part of law enforcement about the alleged perils to public order posed by encryption, it’s no secret that cops can often bypass measures intended to protect privacy. Now, documents obtained by Vice‘s Motherboard describe just how police agencies use one tool to extract data from Apple devices. It’s more evidence that officials aren’t stymied by encryption half as often as they claim, but just want to paw through our information without effort or expense.

“‘How to unlock and EXTRACT DATA from Apple Mobile Devices with GrayKey,’ the instructions, seemingly written by the San Diego Police Department, read,” Vice‘s Joseph Cox reveals of the documentation obtained with a public records request. “The instructions describe the various conditions it claims allow a GrayKey connection: the device being turned off (known as Before First Unlock, or BFU); the phone is turned on (After First Unlock, or AFU); the device having a damaged display, and when the phone has low battery,” he adds.

GrayKey’s existence isn’t a revelation, though the documentation provides interesting insight into its capabilities. Georgia-based Grayshift openly markets the product on its website, including a recently released version that works on Android phones.

“Annual licensing for GrayKey with iOS and Android support begins at USD $9,995,” the company notes.

Malwarebytes Labs got a glimpse of a GrayKey device in 2018 and published images along with a description of its operation.

“GrayKey is a gray box, four inches wide by four inches deep by two inches tall, with two lightning cables sticking out of the front,” Thomas Reed wrote for the security firm. “Two iPhones can be connected at one time, and are connected for about two minutes. After that, they are disconnected from the device, but are not yet cracked. Some time later, the phones will display a black screen with the passcode, among other information. The exact length of time varies, taking about two hours in the observations of our source.”

That two-hour extraction time still seems valid based on information on the Grayshift website. GrayKey uses a brute-force approach to gain access to devices, and the instructions obtained by Vice reveal that alphanumeric passcodes offer greater challenges to the approach than number-only codes—especially if users avoid using real words. Even after a device is returned, the intrusion isn’t necessarily over. “As part of a feature called HideUI, GrayKey also allows agencies to install the agent which surreptitiously records the user’s passcode if authorities hand their phone back to them,” Cox cautions.

But Grayshift wasn’t the first company to help law enforcement agencies break into encrypted devices. In 2016, Apple repeatedly told the FBI to pound sand when asked to bypass the privacy protections on its phones. The FBI then turned to Cellebrite, based in Israel, to gain access to a locked iPhone.

“Cellebrite, the Israeli company, said its sales increased 38 percent in the first quarter to $53 million as more police departments bought its tools to hack into suspects’ phones,” The New York Times reported earlier this month, indicating the company is still active in that market (that very busy market, I’ll add).

“[H]igh-profile cases in which law enforcement cannot access the contents of a phone overshadows a more significant change: the rise in law enforcement’s ability to search the thousands of phones that they can access in a wide range of cases,” according to an October 2020 report from Upturn, a nonprofit that scrutinizes police use of technology. “Our records show that at least 2,000 agencies have purchased a range of products and services offered by mobile device forensic tool vendors. Law enforcement agencies in all 50 states and the District of Columbia have these tools.”

“We found that state and local law enforcement agencies have performed hundreds of thousands of cellphone extractions since 2015, often without a warrant,” the report adds.

That doesn’t mean that tech companies are complacent about hacking tools and flaws in their security. Grayshift “is constantly in a cat-and-mouse game with Apple, which tries to fix security issues that GrayKey takes advantage of,” observes Vice‘s Cox. The result, undoubtedly, is improved technology all around, with vulnerabilities ultimately detected and closed off not only to law-enforcement contractors, but also to criminal hackers.

That said, police and intelligence agencies aren’t restricted to waging technological cold war against cryptographers and tech companies; they also rely on old-fashioned sneakiness. After taking down Phantom Secure, an organization that specialized in offering secure communications to criminals, law enforcement set up a fake outfit to take its place.

“In an innovative effort, the FBI, with the help of the Australian Federal Police, launched their own encrypted communications platform and supplied more than 12,000 devices to hundreds of criminal organizations that operate around the globe,” the FBI announced on June 8. Needless to say, the provided devices protected nobody’s privacy and resulted in hundreds of arrests.

So, law enforcement would seem to be doing just fine, sucking the information out of the vast majority of targeted devices (often indiscriminately) while occasionally running up against the occasional tougher nut. Even in those cases, some jurisdictions allow for the issuance of warrants to compel the surrender of passwords, or else. That’s a lot of arrows in cop quivers.

But governments still insist that “tech companies should include mechanisms in the design of their encrypted products and services whereby governments, acting with appropriate legal authority, can gain access to data in a readable and usable format,” as a multi-national manifesto signed by the United States reiterated just last fall. Privacy protections of any sort, no matter how frequently bypassed, just seem to offend the sort of people who go into government.

That said, turnabout is fair play. Matthew Rosenfield, the security researcher who, as Moxie Marlinspike, created the Signal secure messaging app, says it’s possible to install software on your own device that will compromise the technology police use to extract data.

“[W]e found that it’s possible to execute arbitrary code on a Cellebrite machine simply by including a specially formatted but otherwise innocuous file in any app on a device that is subsequently plugged into Cellebrite and scanned. There are virtually no limits on the code that can be executed,” he wrote in April of this year.

The privacy wars won’t be cooling down anytime soon.

from Latest – Reason.com https://ift.tt/3wZPflB
via IFTTT

According to people who have been there, space smells like “a burnt almond cookie” and “gunpowder.” Or possibly “seared steak, raspberries, and rum.” While those are hardly conventional scents for an everyday perfume, the concept of capturing the high frontier in a bottle was intriguing enough for me to help fund a Kickstarter campaign last July. The project had the added appeal of claiming to have extracted the fundamentals of Eau de Space from NASA via “determination, grit, a lot of luck, and a couple of Freedom of Information Act (FOIA) requests.”

Despite a great initial pitch, the perfume finally arrived after months of poor communication in what may be a metaphor for space exploration itself: extremely late, a bit banged up, and smelling unpleasantly of burning chemicals.

from Latest – Reason.com https://ift.tt/3wVrjjl
via IFTTT

N.J. Gov. Phil Murphy has signed into law the Fair Chance in Housing Act, which bars landlords from asking  about criminal history on housing applications. The only exceptions are if the prospective tenant is a registered sex offender or was convicted for making meth in federally assisted housing. After making an offer, landlords can run a criminal background check on a potential tenant. They would then be able to deny housing to those who were released from prison for first-degree offenses within the past six years, second- and third-degree crimes within the last four years, and fourth-degree crimes within the past year.

from Latest – Reason.com https://ift.tt/3qqw6GZ
via IFTTT

Finally, it’s infrastructure week.

President Joe Biden and a bipartisan group of 10 senators today announced that they’d reached an agreement to spend $1.2 trillion, including $579 billion in new funds, over eight years on transportation, waterways, and broadband internet.

“We have a deal,” said Biden outside the White House. “None of us got all we wanted.”

A White House fact sheet says that $312 billion of the new funding would be spent on transportation, including $109 for bridges and roads, $49 billion on public transit, $66 billion on passenger and freight rail, and $25 billion on airports.

Electric vehicle infrastructure will get another $7.5 billion, as will electric buses and public transit. There’s also $20 billion for an “infrastructure financing” program that will, per the White House’s fact sheet, “leverage billions of dollars into clean transportation and clean energy.”

Sen. Mark Warner (D–Va.) said that the $20 billion will be used to attract $180 billion in private financing for infrastructure, reports The New York Times. That sounds similar to President Donald Trump’s plan to use $200 billion in federal funding as seed money to spur $1.3 trillion in infrastructure investments from state and local governments and private infrastructure companies.

Ports and waterways would get $16 billion more under the plan. There would also be another $11 billion in spending on safety projects.

Another $266 billion will go toward “other infrastructure,” including $65 billion for broadband, $55 billion for water infrastructure, and $73 billion for electrical grids.

How will all this be paid for? That’s a good question.

Biden has already committed to not raising taxes on Americans earning under $400,000. His administration has said this rules out a gas tax increase or similar user fees. His initial proposal to pay for infrastructure with a corporate tax hike was a non-starter with Republicans.

The fact sheet his administration put out today lists a number of possible pay-fors that both sides could agree on, without actually attaching numbers to how much money any of these would generate.

They include repurposing unspent COVID-19 relief funds, including unused unemployment insurance dollars; extending expiring customs fees; using 5G spectrum auction proceeds; selling off some of the government’s strategic reserve of oil; and public-private partnerships.

Warner, the Times reports, also said that the package would include $40 billion in funding for the IRS, which would then be used to go after unpaid taxes. This, he claims, will bring in $100 billion in new revenue. (The Committee for a Responsible Federal Budget estimates that $40 billion in new IRS funding would bring in only $60 billion in new revenue.)

The White House also asserts that the infrastructure package will partly pay for itself through the “macroeconomic impact of infrastructure investment.” The fact sheet includes no mention of imposing fees on electric vehicles, which Sen. Susan Collins (R–Maine) had suggested as a way of funding infrastructure.

Washington Post reporter Jeff Stein tweeted out harder numbers on all these pay-fors:

OK source confirming main pay-fors in bill:

– $100 billion net from IRS enforcement ($40B in new spending)
– $100B public private partnerships
– $80B UI "program integrity"
– $65B spectrum sales
– $60B dynamic scoring
– $30B in toll credits
– $25B in recouped UI ARP supplement

— Jeff Stein (@JStein_WaPo) June 24, 2021

As more details about the package are firmed up, we’ll hopefully get more information on how Congress is supposed to pay for this new spending.

A lot of the spending figures released today will likely change as lawmakers get to work actually drafting a bill. Both the House and Senate are currently working on a five-year surface transportation bill that has to pass by September when the authorizations for most transportation programs expire.

from Latest – Reason.com https://ift.tt/3d7E6as
via IFTTT

The anti-crime agenda that President Joe Biden announced yesterday is heavy on gun control measures that cannot reasonably be expected to have a substantial impact on surging homicide rates. In particular, the benefits of cracking down on “rogue gun dealers” are bound to be slight, since only a small percentage of criminals buy firearms from federally licensed retailers.

Under the Biden administration’s new “zero tolerance” policy, gun dealers who “willfully” violate federal law will automatically lose their licenses “absent extraordinary circumstances.” That includes dealers who “willfully violate the law by failing to conduct required background checks, falsifying records, failing to respond to trace requests, refusing to permit ATF [the Bureau of Alcohol, Tobacco, Firearms, and Explosives] to conduct inspections, or transferring firearms to persons who are prohibited from owning them.”

One glaring problem with that plan: According to a 2019 report from the Bureau of Justice Statistics (BJS), just 7 percent of criminals who use guns buy them “under their own name from a licensed firearm dealer.” Furthermore, such transactions are legal as long as the buyer is not disqualified from owning guns. A licensed dealer who sells a gun to someone who does not yet have a felony record, even if that person later uses the gun to commit a crime, is not violating federal law, let alone doing so “willfully.”

A dealer is violating federal law if he fails to conduct a background check or if he knowingly sells a firearm to someone who is legally disqualified. But even assuming the Biden administration’s new policy deters the “rogue gun dealers” who deliberately sell firearms to illegal buyers, people with felony records can always enlist people with clean records to buy guns for them. While such straw purchases are illegal, the dealer is willfully violating the law only if he knows that the buyer is acting on behalf of someone else.

In any event, the “zero tolerance” initiative will have no impact at all on the vast majority of guns used in crimes—something like 93 percent, according to the BJS study, which was based on a 2016 survey of prison inmates. The survey found that 43 percent of inmates who had used a gun obtained it “off the street or from the underground market,” 25 percent got it “from a family member or friend, or as a gift,” 7 percent “found it at the scene of the crime,” and 6 percent stole it.

The Biden administration plans to attack the underground market through “multijurisdictional firearms trafficking strike forces.” That attempt to prevent illegal gun sales probably will be about as effective as the government’s efforts to prevent illegal drug sales. With hundreds of millions of guns already in circulation, there will be far more than enough to supply every criminal in America even if the feds manage to snatch a few of them.

Biden wants to “strengthen our gun background check system” by expanding it to cover private sales, which would require new legislation. Needless to say, underground dealers who specialize in serving illegal gun buyers are unlikely to follow that requirement. So are millions of otherwise law-abiding Americans who simply want to sell a gun or two without the hassle and expense of going through a licensed dealer so a background check can be completed. The experience of states that already notionally require background checks for all gun transfers suggests that compliance would be the exception rather than the rule.

Biden claims “we know that if there is a strict enforcement of background checks, then fewer guns get into the hands of criminals.” Based on blocked purchases, he says background checks “have thus far kept more than 3 million guns out of the hands of…convicted felons, fugitives, domestic abusers, and others prohibited from being able to purchase a gun.” But the categories of prohibited gun buyers are absurdly broad, encompassing millions of Americans who have never demonstrated any violent tendencies. And judging from what typically happens after a purchase is blocked, few rejected buyers pose serious threats to public safety.

According to a 2018 report from the Government Accountability Office (GAO), background checks “resulted in about 112,000 denied transactions in fiscal year 2017.” Someone who tries to buy a gun even though he knows he is not legally allowed to own one is attempting a felony. If he lies on the ATF form that people have to fill out when they buy guns from federally licensed dealers, that’s another felony. But in fiscal year 2017, the GAO reported, the ATF thought just 12,700 of those 112,000 blocked buyers were worth investigating, and U.S. attorney’s offices had prosecuted only 12 of them as of June 2018. Justice Department officials told the GAO “prosecuting denial cases can require significant effort and may offer little value to public safety compared to other cases involving gun violence” (emphasis added).

A 2004 report from the Justice Department’s  inspector general sheds further light on the sort of gun buyers who are typically flagged by background checks. If the FBI cannot complete a background check within three business days, the dealer is allowed to complete the sale, so the ATF is sometimes tasked with seizing guns after the fact from people who are not legally allowed to own them. The inspector general noted that there were often delays in retrieving weapons from prohibited buyers, partly because “ATF special agents did not consider most of the prohibited persons who had obtained guns to be dangerous and therefore did not consider it a priority to retrieve the firearm promptly” (emphasis added).

Presumably some would-be gun buyers who fail background checks plan to use the weapon for criminal purposes. But contrary to what Biden seems to think, stopping someone from buying a firearm at a gun store is not the same as preventing him from obtaining one, as the data on sources of crime guns demonstrate.

The “assault weapon” ban that Biden once again urged Congress to pass is even less plausible as a response to rising homicides. The firearms covered by such laws account for a tiny fraction of the guns used in homicides, and there are plenty of equally lethal alternatives, as Biden himself has conceded.

Biden also mentioned banning “high-capacity magazines,” meaning magazines that hold more than 10 rounds, which come standard with many of the most popular handguns and rifles sold in the United States. He obscured that point by saying “there’s no possible justification for having 100 rounds in a magazine.” In practice, the real issue is whether standard-capacity magazines holding, say, 12, 15, or 20 rounds are useful in some self-defense situations. The current and retired police officers who always insist that they be exempt from state restrictions on magazine capacity certainly seem to think so.

Biden is not even willing to acknowledge that the Second Amendment has anything to do with self-defense. “No one needs to have a weapon that can fire over 30, 40, 50, even up to 100 rounds unless you think the deer are wearing Kevlar vests or something,” he said. Biden thought that comment was so clever that he repeated it: “Like I’ve said before: What do you think, the deer are wearing Kevlar vests?”

Biden’s lame joke is of a piece with his previous remarks about legitimate gun use, which suggest he thinks the Second Amendment is mainly about hunting rather than the fundamental right to armed self-defense. That misconception makes it hard to give him the benefit of the doubt when he touts new gun controls that have little or nothing to do with the problems he claims to be addressing.

from Latest – Reason.com https://ift.tt/2UCMjgv
via IFTTT