Search for older items…
We’re coming up on the 27th anniversary of the release of Delphi, a programming system that pretty much defined a big chunk of my career. It’s always been a great “secret weapon” in building fantastic software, and I’m proud to say I helped steer it for a few years back in the early 00s.
This year, we lost one of the core members of our team from back then, Danny Thorpe. Generations always come and go, but this one hit kinda close to home. We weren’t best friends, you know, just reasonably good ones. And this year, the anniversary makes me think back to the members of our team who aren’t around any longer.
There’s a lot of reasons to love working with Delphi. I guess I just didn’t realize there were a lot of ways in which the building blocks within it and behind it carry the echoes of all those old friends. But there they are.
I’m going to go back this weekend and reinstall my old copy from back then just so I can do the ‘team’ hotkey and raise a glass to our old friends, those who are both here and those who are gone.
Happy anniversary, everyone ).
Are you people that stupid?
I used to think “No, they can’t be that dumb. They have to see this.” But apparently it has escaped notice.
I genuinely would not have thought so, but I guess someone has to spell this out for you.
You MUST stop treating the Republicans as a political opponent. They are no longer “another party.” They are an avowed enemy of the United States of America, a genuine domestic enemy. And you are failing to protect us from them. While they wage an un-declared war against the people of the USA, you amble on merrily forward, pretending that your big old “Infrastructure Bill” is going to matter after Jan 20 2024.
While you screw around, they are establishing with State legislatures the option to ignore election results and install their own people in office. That is a DICTATORSHIP. It is not the United States. They are extinguishing the USA and you are sitting by, idle.
Republican governors are establishing their own “state civilian military” forces, and you sit idle, thinking that the Justice Department will fix things. Do you have any idea what those forces are for? You haven’t thought about it much, have you? You think it’s some kind of idle fantasy of theirs, don’t you?
Let me spell out the situation for you, using a hypothetical situation that is likely to unfold next year.
November 2022: The House of Representatives becomes majority Republican due to gerrymandered districts. A new Speaker of the House is appointed, likely to be a Trumpist such as Jim Jordan, or worse.
December 2022: A MAGA militia member cultist assassinates President Biden and VP Harris. Trumpist is 3rd in line of succession and is sworn in as 47th President.
December 2022: Protests nationwide against the MAGA takeover occur. Republican States with “civilian military” gun down protesters indiscriminately. Locally, any allegations or charges of murder are dismissed using the Rittenhouse trial as precedent/justification.
Throughout 2023: Republican State legislatures “reform” elections to be submissions of an electoral slate that they approve, ignoring any outcomes suggested by voters. The Federal Legislature is either completely stonewalled, or is in Republican hands. If the latter, the Filibuster is dismissed and Republican legislative agenda – which enshrines their one-party rule forever – is passed, signed by the “President”, and rubber-stamped by the “Supreme Court”.
2024: gerrymandering re-captures the Senate for the Republicans if they don’t already have it, and a combination of gerrymandering and vote dismissal further entrenches the House in the hands of the Republican Party. The Presidential election results are dismissed by State legislators, and Republican slates of electors are the default state of being for the United States.
At this stage of the play, legislation becomes driven wholly by Trumpist Republicans. Elections are no longer of any consequence, and “democracy” as we know it in the USA is dead. With gerrymandering the norm to claim legitimacy, Trumpists and sleaze-bag Evangelical Theocrats start amending the Constitution with rubber-stamp State Legislatures. The USA as we know it is dead.
This sort of fascist takeover has already happened in several countries worldwide. It must be seen for what it is: an attack on the USA, aided by an organized foe within our borders waging an un-declared war against us, funded by internal dark money and extranational money.
We’ve seen just how insane and violent these Trumpists are – they cannot be allowed to lay hands on the levers of power within our country again. If you have any inkling of history at all, you know where this leads.
The strongest military force in the world cannot be taking orders from these lunatics. QAnon followers with access to nukes? Delusional fanatics with nuclear weapons? By 2030 we’d be in a nuke fight with China.
And you want us to be excited about your goddamned infrastructure bill?
If you care in the slightest about the future of the world, you had best take this seriously. They already tried a coup in 2020. They are refining their process and taking steps to guarantee its success in the coming months and years.
And if you stand idle, it’ll be you they end up sending to the gulag. Assuming they don’t just publicly execute you on camera, on the front steps of the Capitol building.
Sooo…my Cisco Meraki subscription runs out next month, and Cisco doesn’t want to talk to me about what their re-licensing options are. I like my MX64, the interface is really nice, and the device is super effective. But I can’t find out what they want to charge me for a fresh license, or even if they will sell me one. Their partners wouldn’t respond, they themselves wouldn’t respond, so I took the logical next step.
And I upgraded to a Fortinet firewall. I wanted a NGFW with full-service features, Fortinet’s got it. I wanted one that had a great rep, they got it. I wanted a good, clean UI, and they got it. Well, mostly they got it. I’ll say this – Meraki’s UI has Fortinet beat on intuitive nature, clean look, and logical division of features. It’s just better. But Meraki’s UI has a flaw: it is entirely cloud based. If I have a problem with my firewall, chances are high that I can’t reach the internet. And that means I have no method to work with my firewall unless I happen to have all the CLI memorized and the Meraki unit decides to be kind to me while trying to authenticate my login with Putty.
So I got myself a little Fortinet, a model 40F. Much like the Cisco offering, Fortinet uses the same web interface and commands across the board of their product line, so if you learn one you can run them all. Nice touch, that.
And much like the difference between the UIs, the setup had a similar situation. Fortinet just required a bit of a push over the finish line, and it was a frustrating push. With the Meraki, it was quite literally a plug-it-in-register-go affair. You could add more complicated configs after setup, but if all you needed was an above-average firewall that would let you go after setup, that was the bomb. I had it in and running in ten minutes.
Next-Gen v. Traditional Firewalls You keep hearing about “NGFW” devices in network circles, but what exactly are they? Briefly, traditional firewalls worked on a port-and-IP basis, blocking undesirable connections by simply turning away traffic that wasn’t addressed acceptably. Maybe it came from the wrong country, or asked for a port that wasn’t “open”. This is called “intrusion prevention.” NGFW devices do that too, but additionally they can inspect the contents of the packets that are accepted, and are able to filter traffic that contains unacceptable content. For example, a NGFW might know to look for viruses or dangerous payloads in email traffic. As well, the NGFW is usually enabled with frequent updates to its library of dangers, or it may even perform cloud-based real-time inspection to catch zero-day threats. A Fritz!Box just doesn’t do that.
Not so much the Fortinet.
Which is why I’m writing this: I want you to be able to do a fast setup and avoid the stress I had.
So let’s go through it, shall we?
When you get your new device, you pop open the box and the first thing you see is a “quick start” manual, which will do you no good at all. I’ll explain why shortly.
Beneath that, you’ll get a net cable, a power adapter (standard wall-wort with various national plug adapters), and of course the device itself sealed up in a plastic bag. As well, a little sticky that has some simple steps on it.
Position yourself within arms’ reach of your internet modem/router, and lay your things out around you in easy reach. Have a laptop or other computer powered up and ready here. Minimally you’re going to need the Fortigate device, its power adapter, two patch cables (LAN cables), and your computer.
Important: Don’t Get Ahead Of Yourself. I had this device up in my office, getting it revved up to take over from the Meraki, and I was setting port forwards and a bunch of other stuff prior to the following steps. That was a mistake that cost me a few serious head-scratches. Some of that stuff conflicted with the basic setup and cost me time.
1. Follow the instructions on the sticky, but not in the order given.
Do the “Cloud Setup” first. Go register your name and enter the “cloud key” like it says.
Next, assemble the power plug and plug the little critter in. Attach your laptop or other computer to the device using the included cable. Turn off WiFi if it’s on, and either enable DHCP (in which case you then need to tell your adapter to renew its IP) or set it to IP 192.168.1.1 with a subnet mask of 255.255.255.0.
If you have a mac or an iPhone, do that Apple stuff. Whatever.
Open a browser and go to HTTPS://192.168.1.99. < Note the “S” there. Gotta have that. The device by default won’t feed you a page if you’re not on HTTPS. You should at this point be given a web page interface to the device. By the way, the login is “admin” with no password. It’ll prompt you to change that when you enter.
By the way, go look for my article on passwords. You want to set a good one for your firewall. And keep it safe in a manner that you won’t forget it.
It will also prompt you to register your device. Ironically, you won’t be able to, so just tell it “later”.
If it does not give this to you for some reason, get your vendor on a chat line or a phone line and have them walk you through enabling the web GUI (details can be found here: https://kb.fortinet.com/kb/documentLink.do?externalID=FD34688). I didn’t have this problem, so I don’t anticipate it to be common on new devices.
All good so far? I hope so.
2. Plug the Fortigate in to your modem/router.
I have a “Fritz!Box” 7490 here (yeah, I run multiple firewalls in a chain, call me paranoid if you have to), but this will work from a regular modem or other router, too. The physical structure of your network when you do the setup should break down into the following:
Wall Socket > modem/router > Fortigate device
Where “>” represents a physical cable (it might also be wireless, but I’m not getting into that here). So the wall cable goes into the “WAN” or “Internet” port (or whatever similar word they’re using on the brand you have). You’d normally then have 2-4 “LAN” ports beside that which are supposed to lead to your computer or a switch or something.
Take the second of your patch cables and plug it into the “WAN” port of the Fortigate (the first is running from the Fortigate’s LAN port to your PC), and the other end of it should go in one of those LAN ports on your modem/router.
Wait a few seconds, and then in the UI page of the Fortigate, navigate the left-side menu to Network > Interfaces. You should see at the top of this page a little indicator showing which ports are active on the device.
You can hover over the ports, by the way, and they’ll give you a read of the connection details. Nice touch there, Fortinet, I appreciate that attention to detail.
This would be a good time to go into your modem/router and fix the IP it gives your Fortigate, just so you have a record of it somewhere.
3. You’re all done! Happy surfing. No, just kidding, this is just where they dump you on the side of the road.
No, really. This is where they leave you. On my old Meraki, that’d be fine, because I could get out to the internet from here and start goofing around and playing World of Warships or reading stupid Facebook posts. But really, you’re not done here. If you try to get out to the internet (go ahead, I’ll wait) you’ll find that your browser just gives you the finger. Usually in the form of “DNS can’t be resolved” or something equally useful. Also, in the Fortigate dashboard you’ll see under “Licenses” that none of them are confirmed and there’s a red bar that says “Unable to connect to Fortinet servers” or something like that.
@Fortinet – here’s where you guys dropped the ball. A couple of simple defaults would have saved me (and who knows how many other people) a few hours of grief and head-scratching.
Are you still at the “Network > Interfaces” page? If not, go back there. You have to configure something. In my case (with a model 40F) there aren’t too many interfaces to choose from, and mine is called the “Physical Interface”. Yours probably shows up as “wan” or something similar.
Double-click on its name or right-click and choose “edit”.
Here’s what you get taken to next – most of it won’t need to be modified, you just need to review it and be passingly familiar with what’s in here:
The items highlighted in red there are ones you need to pay attention to.
- Alias – give your WAN connection a meaningful name. Even if you only have one WAN hookup, it doesn’t hurt to name it after your router or your ISP so you know what you’re looking at.
- Leave role as “wan”. If you’re using others, then you probably know enough that this article isn’t telling you anything new.
- Depening on how your modem/router hands out IPs to equipment, pick the appropriate style here. My Fritz!Box is set up to use DHCP, and I’ve told it to always give the Fortigate the same IP when it sees it, so that’s the route I took here. If you prefer to fix the IP within the device itself, then you’ll want to set it up on Manual.
- DNS – confirm that your DNS server is set correctly. If you don’t know what I’m talking about, ignore this for now. I prefer to use Google’s DNS servers for my stuff, so the Fritz! Hands that off when an IP is requested. Your mileage may vary.
- Default gateway – for the Fortigate, its default gateway out to the internet will be your modem/router. Ensure that this value represents the IP that your modem/router presents inside your walls (not the value it uses on the world-facing side).
Record your default gateway value in notepad or something. You’ll need it shortly.
4. Here’s The Biggie
We’re at the point where the biggest “missing link” should have been.
@Fortigate – again, a short add here will save your customers some grief.
Devices like a regular modem/router or regular commercial firewall products that you can buy at MediaMarkt or Best Buy, etc., have a default rule in them: “If I get traffic coming in on the LAN ports, and the address isn’t in my house, squirt it out to the internet to find its way.”
That rule doesn’t exist here on the Fortigate. Which is why if you try to reach a Google server right now, your system will tell you to go spin. So, we have to create it and give it to the Fortigate, so it knows that it should do its job.
Navigate on the left-hand menu to “Network > Static Routes”. There’ll be a big bag of nothing there. At the top, choose “Create New”, and you’ll get this:
Leave “Destination” alone. That represents the address of the packets the firewall receives. Grab that “Interface” drop-down and choose the Wan interface you configured (you did give it a good name, right?) a few moments ago. It should populate the Gateway Address for you automatically, but if it doesn’t, you can enter it because you recorded it in Notepad or something when I told you to. 😊
When you’re done, it should look like this:
In computer-speak, we’re creating a default static route that’ll go into the route table of the device. In human language, that means “When the firewall sees an address on a packet it doesn’t recognize, it throws it out the window into the Internet to get handled.”
@Fortigate – Really folks, you should just include this as a default. Experienced users can always delete or disable it. How many people buy a firewall and then don’t have a default like this?
Don’t worry about Advanced Options or anything, just make sure to “OK” it.
At this stage, I re-booted my firewall (just pull the power and put it back in) to get it to take up the new route. I suspect if you go get a coffee or something instead it will eventually pick up the rule and apply it without this, but I didn’t want to wait.
Now that the static route is in, you should be able to connect to the internet from your firewall. At the top right of the page, you’ll see an option for a command-line interface:
Click on that, and in the faux terminal that pops up, enter:
execute ping 220.127.116.11
You should be getting back something that looks like this:
You can also now connect out from your computer connected to the firewall.
The dashboard of the Fortigate should now also show under “Licenses” which ones are active, and that red “unable to connect” bar should be gone.
By the way – you can now safely set up your port-forwarding rules. If you’d done so before this, your default way out into the internet would have conflicted with rules already governing the default gateway, and you’d be wondering why the Fortigate won’t accept your default route outwards.
That sucked, for about a half an hour.
5. You’re in the Home Stretch now
So, you bought a firewall, and you’re all set to connect to the internet. But this isn’t just some plain old Fritz!Box, this is a Next-Generation Firewall that can protect you in all manner of ways that you should expect out of a 21st Century product.
But as with the “tell it to send my traffic to the internet” case, we have to actively tell the firewall to use those abilities.
@Fortigate – really? You ship all these cool features and you ship with them disabled? The FW can’t ask “what am I licensed to turn on” and then turn that stuff on in a policy for the user? At least provide some basic enabled stuff, folks.
Let’s turn on the goods you paid for.
This is the stuff you pay annually for, the really solid protection measures. You might have bought your device without any subscription, in which case you can skip this step, but I suspect you wouldn’t shell out that kind of bank just for an intrusion-protection brick.
In the left-hand menu, head for “Policy & Objects > IPv4 Policy”. There will be one or more rules already present in that bucket. What you want is the one that is titled “internal > [your WAN name here]”. Open that one up and edit it.
You’ll get a screen something like this:
First, give it a name. I use “Default Permitted” because this policy will by default permit someone to issue requests out to the Internet, and will only interfere if the target has some issue. Hence, by default it permits the traffic.
Incoming interface refers to where the firewall is seeing the traffic originate. In this case, it will come from my internal network. Outgoing is where the traffic wants to go – in this instance, out the WAN into the wild, wild internet.
Source/Destination should be “all” in this case. I’m defaulting to allow almost anything, after all.
Schedule – how or when is this rule going to run? You can create rules that apply only during office hours, or ones that turn off when the kids are at school, etc.
Service – this refers to what protocols are covered (HTTP, mail, pings, yadda yadda). Kind of a poor choice of name for a pack of protocols.
Action – in my case here, “accept”. If I wanted to shut everything down by default then I’d use deny. If, for example, I was operating a high-security bank or defense contractor, I’d probably start with “deny” and add exceptions for accept. But, this is my home network, and I want my Netflix, so Accept it is.
The Firewall/Network options should be left alone. If you’re comfortable enough to dork around with those, you don’t need to be listening to me ramble on.
Now, here’s what you paid for: “Security Profiles”. By default, these things are turned off. Turn them all on. Your device will eventually complain to you if you don’t have a license to run a particular profile, and you can turn it off then. This section should have been called services, because really that’s what they are – paid services that add value beyond just the hardware and the Fortinet SOC chip.
Take note of the “Web Filter” – you’re probably going to want to go in and adjust a few things there, as this is what governs the content filter for your network. For example, I occasionally play on pokerstars, but gambling sites are by default blocked. So I wanted to loosen that rule a bit. I also wanted to block certain types of site from my net which my kid doesn’t need to see, so reviewing those settings was pretty important.
Once you’ve enabled what needs to be on, make sure “Enable this policy” is green and “OK” this to apply it. The line entry should now look a little bit like this:
6. You’re All Done! Seriously, this time. Time to wrap up.
So, from the perspective of a home or small business, you should now be good to go. If you are going to implement a security fabric, that’s really beyond the scope of this little how-to (and if you’re familiar with that angle of Fortinet’s stuff, you probably didn’t need this guide anyway).
Anyway, I hope this helped to walk quickly through the setup of your new Fortigate, without all the hair loss and whiskey drinking that my own setup ended up putting me through. If it did help you, let me know in the comments. Makes me feel good to know that I helped at least one person avoid the trouble.
Happy (safe) computing 😊.
This all seems like a lot of trouble…
Yeah, admittedly it is a bit of a pain in the ass. But I have to say, as an IT person reading the news, the cost of a NGFW is pretty worthwhile. In the case of Fortinet, you pay about six to eight hundred euros for the device itself and a one-year subscription to the security services. It’ll be a two or three hundred per year after that. Other vendors of similar quality cost about the same. That’s not cheap.
But then, losing my entire ripped video or music collection would represent a few hundred hours of work that would have to be re-done. Worse still, losing the first eight years of digital photos of my kid would really chap my ass too. And I haven’t even touched on the potential for identity theft or potential monetary loss if my digital bank statements got stolen. Or if my network somehow became compromised and my work laptop got exposed. I think it’s safe to say that anyone who runs their business on computers needs the kind of protection a NGFW offers.
None of these problems is a certainty, and none of them is even a probability. I know my stuff, and I’m not likely to have a fault in my own behavior. Likely being the key word. I can still make mistakes. Hell, even Jason Momoa has a squad of bodyguards. Jason freaking Momoa.
I’ve got a family now. My kid has figured out how to download stuff to her tablet (thanks, Google, for the Family Link – I know exactly what she’s getting into now). My mother doesn’t necessarily have the same paranoid instincts I do about mail attachments. My wife is pretty darn sharp, but she can make an error just as I can. Who knows what some cretin in a professional hack-farm is designing right now to screw everyone over with?
I know I won’t necessarily be prepared to deal with it. So, I outsource it to the best minds in the business. They will see the news about that guy before I ever do, and will be working on a fix before I’m done with my coffee that morning. They’ll jet it into my device while I’m still getting dressed.
I like that.
Unfortunately, ‘taking the high road’ is what led us to where we are now. Taking the high road fails to oppose people who don’t give a shit what road you’re on. I’ve been extremely vocal about this stuff for probably the last fifteen years – mainly because I can see where it is headed.
In fact, it’s why I left the USA to live overseas in 2008. It comes down to this: it only takes one side to wage a war. When that side has determined that war is its preferred / only option, they will proceed. Pretending that isn’t happening by the other side(s) only enables it.
The Republican party has been sleepwalking into war against our citizenry for the last thirty years.
They’ve had outlets for their (often religiously-inspired) violence overseas during much of that time. However, their latest batch of leadership took the racist trappings of the Teabaggers and dressed it up with the criminality of the Trump family, while adding in Trump’s own sympathies for the American Nazis and the KKK.
And those fucking people *NEVER* just “walk away” from power.
They (individually) almost had their hands on the brass ring. Their own guy did have it there, and despite the leashes on it, he nearly brought our country down. They can *see* it is in their reach. These filth are compelled to grasp for power, in their urge to abuse others with it.
For those who committed crimes while Trump was in office, Trump included, pursuit of that power is quite literally a life-or-death struggle.
So FOX, OAN and Newsmax, these are just the “pravda” wing, the modern apparatus that Joseph Goebbels would have jumped for joy to have at his beck and call. And they know they can pave their way to fortune with the racism, with the hate. So they’ll keep blathering it on, because that’s how they keep pulling in support for their attempts to create their own version of “America”.
And the only way to fight them without actually barricading the doors and burning down their office (which I think I would prefer), is to call them out for shame, for ridicule, for prosecution.
It won’t end there. They’ll never stop coming back, until we kill enough of them and their children to convince them that this is a bad path they are on. By opposing them though, one encourages others of good nature to oppose them as well, and it fights the fear that these would-be dictators want to use against the rest of us.
So yes, speak out against them. Even if you’d never pull a trigger against their forces. It might not feel like you’re doing much, but you’re signaling that what they are saying is not okay – you recognize it. And you endorse speaking out against it by your own action.
But be ready – it won’t end with just talking. They *will* convince themselves that war is the way, and when they stop sleepwalking it, we had better be ready to put them down like the rabid dogs they are.
I mentioned prosecution earlier. Justice must be served upon them, as I said in the title of this post. Prosecution, you ask? Yes, prosecution. There is a crime here, being committed in front of cameras and in broad daylight. Almost daily it is being committed. What might it be, you wonder?
Accessory After The Fact. Also, Misprision of Felony.
The perpetrator determined to be an Accessory After The Fact is someone who assists someone who has committed a crime, after that person committed said crime, with knowledge that the crime was committed, and with intent to help that person avoid arrest and/or punishment. It is a form of obstruction of justice, and can be prosecuted as such. So when Elise Stefanik steps in front of a camera and tries to levy blame onto a primary victim of the Jan 6th Insurrection – trying to deflect blame onto Nancy Pelosi, who was a target for assassination by the insurrectionists – she is committing felony obstruction of justice and is an Accessory After The Fact.
When Representative Andrew Clyde downplays the insurrection and claims the Republican terrorists were no more than “tourists”, he is an Accessory After The Fact.
When Trump himself attempts to gaslight the media with his blather of “so much love” and fabricates that the police “greeted them with open arms”, he is an Accessory After The Fact.
Misprision of Felony is itself a felony crime, prosecutable against anyone who, having knowledge of the commission of a felony, conceals said crime and does not as soon as possible bring that crime to the attention of a a judge or other civil / military authority under US code.
So when we do find that Jim Jordan, or Lauren Boebert, or their staffers have knowledge of collaboration with insurrectionists and failed to report those crimes, they are guilty of misprision.
And these crimes must be punished to the fullest extent of the law. To fail to prosecute invites a repetition of those crimes. These people, and their ideology, must be ended.
On top of that, we have discovered now that to allow fascist ideology to go unpunished invites insurrection. The American Nazi party, and all of its offshoots, as well as the KKK and its offshoots, are long past due to be declared as terrorist organizations, their membership hounded down and exited from society with extreme prejudice. People need to be made aware that their choices to follow vicious and anti-American agendas come with severe consequence.
We have coddled these freaks for far too long.
About a year ago, I wrote “The Perfect (Digital) Storm“.
In it, I stressed “Authoritarian Behavior” as a key element to a dystopian hellish future.
Some few months earlier, I wrote “The Worst Enemy We Have Ever Faced As a Nation“.
In that, I pointed out that the Republican party had become a nation-eating cancer.
To quote Ian Malcolm (Jeff Goldblum’s character in “Jurassic Park”): “Boy, do I hate being right all the time.”
Since writing those pieces, we’ve found out that Trump not only incompetently handled the Covid-19 crisis, he intentionally mishandled it, leading to the 2nd-Degree Murder of over 500,000 Americans alone. We’ve seen him – and the entire Republican party behind him – use police to attack crowds of peaceful protesters. We’ve seen the Republicans attempt an overthrow of a fair and lawful election on Jan 6, 2021, which was also an attempted assassination of the 1st and 2nd in line of succession. We’ve been watching a slow-motion coup as Republican state legislatures enact laws that dismiss the results of elections they don’t favor.
It’s time for people to step up and act.
I fully support not only an investigation of the Jan 6 insurrection, but expulsion of all Republican members of Congress or the Senate who voted against such an investigation. And so should any and all persons regardless of political party, if they hold even the slightest loyalty to the USA.
Because attempted insurrection must be punished.
ON TOP of that investigation, I think it behooves everyone to recognize something *extremely* important here: the Republican party has begun its metastasis into a violent terrorist group.
As an organization it must be treated as a domestic terror organization, and its donors and supporters put on notice that any further support will be considered support of terrorism.
I warn anyone within sight or earshot – if you fail to treat them as what they show you they are, you encourage their action. They have already led an attempted multiple assassination and coup attempt.
They do not understand “reason” or “compromise”. They only understand violence.
Hence it must be visited upon them with such severity that no individual member will be willing to broadcast or act upon his/her support of their “cause”. Their leadership must be tried and have justice visited upon them in the harshest form, and we should not be afraid to sit more than a few of them in the chair upon conviction.
The *only* reason we are seeing this happen today is because we were too timid and allowed prior Republican administrations off the hook for their crimes. So emboldened, Republicans no longer take “justice” seriously. Why should they?
And if we do not harsh down on them now and demonstrate that their brand of crazy carries unbearable consequences, they will do this again. And eventually they will succeed.
And when they do, the US will be run by a pack of violent half-wits who will believe any crazy conspiracy theory they are fed – which will include and result in the execution of gays, Jews, liberals, or anyone else who opposes them.
I recently upgraded the home network here, and pulled a load of stuff back in from my AWS cloud. Not because I thought AWS was bad or anything, I just needed to satisfy some geekdom here in the house, and this seemed like a good way.
So…long story short, in the last eight weeks or so I’ve become comfortable with SuperMicro mainboards, lots of RAM, replacing Xeon CPU coolers, setting up iSCSI on Synology NASes, Installing and maintaining Hyper-V (I was going to go vmWare, but the cost for me as a personal user was prohibitive…and I refuse to run command-line trash unless I absolutely have to).
And Installing Jira.
First problem I encountered, Jira forgets to let you know that you don’t have the correct JVM version running on your machine, and it doesn’t bother to carry it along with itself, nor does it direct you to pull a copy down, so swing on by the Java page and get the latest-greatest onto your server in advance.
Now, Jira’s base demo install with its own bundled database is pretty simple. Pull it down, let it run, record the account names you give it, voi-la, done.
But if you try to get it to load on MS SQL Server, you better have a steady supply of blood pressure medicine, or you’d better read on.
Pertinent details: this is running on a Microsoft Windows Server 2019 Standard edition virtual machine, hosted within a WS2019 DataCenter edition host computer. The guest VM has an external switch, so it can reach out to the internet (for now, might change to internal only in a while) when it needs to.
My SQL server uses a named instance, which is both good sense and as it happens “best practice” in Microsoft circles. This seems to have escaped the notice of the folks at Atlassian, though, because Jira doesn’t know a goddamned thing about named instances. Maybe that’s because the folks who write it are using Java, and that’s always been a solution looking for a problem. Anyhow, my personal gripes with Java aside, for some reason Jira appears to be ignorant of how MS SQL uses named instances.
When it installs, Jira creates a configuration file called “dbconfig.xml” within its installation directory (to be specific, in the [Atlassian directory]\Application Data\Jira directory). Pretty simple little file, contains only the details necessary to connect the JDBC driver to the host database for your Jira install. When Jira’s service app wakes up, it reads from this file in order to get its parameters set correctly.
In order to get that file built properly, Jira will ask you for details regarding your setup during its installation. It’s the second thing you’ll see when you start up. Looks just like this:
As you can see here, you pick your DB type from the drop-down, give it the host name as either a resolvable name or an IP (in my case I used a name), a port (1433 is standard for SQL Server, more on this later), the name of the database you created for Jira to use, the login name, the login password, and a schema name for it to use.
Most developers would test this once the wrote a step of this importance. You’d think a company with the kind of cash Atlassian has could afford a proper QA team to put this through its paces, wouldn’t you? Yeah, I was surprised as well. The install screen’s code completely borks up the dbconfig file.
Once you realize that the regular install will simply not proceed (because “test connection” and “next” both bomb, timing out because it can’t even connect to your server), you’ll end up discovering that there’s this little Java applet called “config” which you can invoke from within the Jira directory. You have to get to it through a command line, but it has a handy little GUI into which you enter data similar to the above. But then config borks up the file in a similar fashion.
What you end up with is something like this (value you entered appear as “YOUR_SOANDSO_HERE” in Red):
<?xml version="1.0" encoding="UTF-8"?> <jira-database-config> <name>defaultDS</name> <delegator-name>default</delegator-name> <database-type>mssql</database-type> <schema-name>YOUR_SCHEMA_NAME_HERE</schema-name> <jdbc-datasource> <url>jdbc:sqlserver://;serverName=YOUR_SERVERNAME_HERE;portNumber=1433;databaseName=YOUR_DB_NAME_HERE</url> <driver-class>com.microsoft.sqlserver.jdbc.SQLServerDriver</driver-class> <username>YOUR_USERNAME_HERE</username> <password>YOUR_PASSWORD_HERE</password> <pool-min-size>20</pool-min-size> <pool-max-size>20</pool-max-size> <pool-max-wait>30000</pool-max-wait> <validation-query>select 1</validation-query> <min-evictable-idle-time-millis>60000</min-evictable-idle-time-millis> <time-between-eviction-runs-millis>300000</time-between-eviction-runs-millis> <pool-max-idle>20</pool-max-idle> <pool-remove-abandoned>true</pool-remove-abandoned> <pool-remove-abandoned-timeout>300</pool-remove-abandoned-timeout> <pool-test-on-borrow>false</pool-test-on-borrow> <pool-test-while-idle>true</pool-test-while-idle> </jdbc-datasource> </jira-database-config>
Schema name is fine. That’s no problem. Same with your user name and password. The problem is in the assembly of the “URL” line there. In the case of a server running MS SQL with a named instance, Jira is going to need more, and correct, information. That URL line will have to end up looking something more like this:
Notice the following:
1. The semicolon preceding “serverName” is removed.
2. The serverName should include the instance name, just as you would when logging into SSMS or literally any other software program on this freaking planet.
3. You must add an additional parameter, “instance=[insert your instance name here]”, following the server name and preceding the databaseName.
4. The parameter “portNumber=1433” is removed (including a port # reference on an instanced connection string will confuse MS SQL, and will override the instance with the port number – so if your instance uses a different port #, that’s yet another problem).
There are a few threads running around on the net which allude to various aspects of this solution, but I was never able to find all of the points needed to correct the situation in one post. Hence, I am attempting to include them all here. I posted to this effect on the Atlassian community as well (where one of their “community leaders” had some particularly bad advice).
The final file should read something like this (substituting your own values where I have “YOUR_SOANDSO_HERE”, of course), as this is taken directly from the final working dbconfig.xml which got me up and running:
<jira-database-config> <name>defaultDS</name> <delegator-name>default</delegator-name> <database-type>mssql</database-type> <schema-name>YOUR_SCHEMA_NAME_HERE</schema-name> <jdbc-datasource> <url>jdbc:sqlserver://YOUR_SERVERNAME_HERE\YOUR_INSTANCE_NAME_HERE;instance=YOUR_INSTANCE_NAME_HERE;databaseName=YOUR_DB_NAME_HERE</url> <driver-class>com.microsoft.sqlserver.jdbc.SQLServerDriver</driver-class> <username>YOUR_USER_NAME_HERE</username> <password>YOUR_PASSWORD_HERE</password> <pool-min-size>20</pool-min-size> <pool-max-size>20</pool-max-size> <pool-max-wait>30000</pool-max-wait> <pool-max-idle>20</pool-max-idle> <pool-remove-abandoned>true</pool-remove-abandoned> <pool-remove-abandoned-timeout>300</pool-remove-abandoned-timeout> <validation-query>select 1</validation-query> <min-evictable-idle-time-millis>60000</min-evictable-idle-time-millis> <time-between-eviction-runs-millis>300000</time-between-eviction-runs-millis> <pool-test-while-idle>true</pool-test-while-idle> <pool-test-on-borrow>false</pool-test-on-borrow> </jdbc-datasource> </jira-database-config>
Notice you have to have the instance name in both the servername, and in the new “instance” parameter. And you delete the port parameter if it is present. And before you ask, yes, I do rankle at the thought of storing my password in an unencrypted text file on disk. However, if someone has access to that disk, there are a host of far larger problems that will have already taken place. All of which are bigger than someone having my Jira SQL password.
And that should get you past the problem with dbconfig.xml. I hope this helps someone else who will of course run into this problem, at least until 2024, which is when Atlassian will be discontinuing sales of its software products and moving everyone onto the Atlassian cloud. (I have to wonder if they made that decision because they had so many damned problems with their installations.)
Anyhow, I anticipate more than a few customers will be in process of migrating away from Atlassian products when that happens. I know of several major firms who won’t stand to have their information stored on a non-approved cloud platform, and Atlassian’s will have some serious hoops to jump through to win approval. As well, there are lots of little firms who simply don’t want to get tied into a monthly bill if they can run something on-prem.
Now I don’t want to give the impression here that I hate Jira. Quite the contrary. I’ve been using it for over a decade (almost two), and the only reason I fought with this goddamned thing for so long was because I want it to work, I want to use the damned thing. And I wrote this up in the hope that others will be able to work with it, too. Am I ashamed of whichever coder made this grotesque error? And the QA staff that let it escape into the wild? You bet I am. And I hope the shame of this makes them fix it.
But if they don’t, well, that’ll be a sad day when I finally decide enough is enough and end up moving to GitLab or something.
Well, at least my top 10 :). I got asked to do one of those challenges on FB, and wrote up my top ten with a few notes on them, and I figure it’d be better to put them all together into one post here in the spirit of Halloween!
To start, a few honorable mentions:
The Shining – great film, very creepy, but unfortunately it has lost some of its grab on me over time. I do really appreciate seeing nods to this film appear in the most innocuous places though (like the carpet in Toy Story).
From Hell – wow, production values out the roof on this. A fantastic cast, a very bad-ass villain, and a neat jab at British royalty while they’re at it.
Lost Boys – great film from my teenage years. Still holds up as fun and cool, but not insanely horrifying.
They Live – an enduring message and a really fun concept piece. Plus, the longest fight scene known to man which was translated into the crowning glory of a South Park episode.
Dog Soldiers – this film is a real sleeper, and you can almost smell the inception of “Aliens” in it. Man, oh man, what a crappy situation to get stuck in!
What Lies Beneath – very cool piece, Harrison Ford gets to stretch his skills, and a fun watch all around.
Dark Water – Jennifer Connolly plays the lead in this ever-so-creepy ghost story. But, it doesn’t quite hold up against the top 10.
And starting at #10:
Speaking of “Aliens”, most of the memorable members of the cast of that film appear in this one, and it’s an absolute blast. Though the main character is a little dim (whether as a result of an insufficient script or some wooden acting), it isn’t him you’re here to see. You want to see this traveling band and all their hijinks. I remain convinced that this film was originally a fever dream conjured up, that became one of two scenes around which the entire film revolves (you’ll know them when you see them).
Coming in at #9, a classic that might have lost a little in the SFX department since its release, but which still carries a lot of weight.
A classic film, characterized by a score that probably won John Williams the chance to really just blast his career sky-high, and a notable great tactic that not enough horror films use: saving the reveal for last. Sure, you know it’s a shark. Sure, you know that person just got eaten. But you don’t *see* it directly till late in the game, which leaves it all up to your internal emotions to deal with.
And those emotions didn’t like that, no sirree. Not one bit.
“Get to the choppah!!!”
One of Schwarzenegger’s best action films also happens to be a horror movie! After an initial setup establishing the characters as a bad-ass recon force, unleashing a metric ass-ton of ammunition, suddenly finding the tables turned. The titular creature picks off these high-skill commandos one by one as they realize that they themselves are being hunted, and being turned into gruesome trophies.
The horror value comes home in the realization that all our fancy hardware doesn’t mean anything in the face of this superior technology, it’s still going to kill you. It spawned one good sequel (Predator 2), and a host of others ranging from “meh” to “bleh”. It also was notable for its cross-over comic books which featured the “Aliens” from James Cameron’s universe. (The films of which were total turd-burgers, I’m afraid.)
This film also spawned a host of great quotes, which persist even today.
And #7 is…
Invasion of the Body Snatchers (1978)
Realistic people caught up in a terrible, wicked alien invasion. What’s more, add in no sleep, mutations, and a truly *awful* ending for people you end up caring about. Soul-draining, in more than one way. This was from an era when Americans were actually brave, and we didn’t expect horror movies to auto-magically end well.
And this one, in that regard, does not end well.
Coming in at #6 is…
Whoa. It isn’t just about the vomiting. It’s Max-von-Freaking-Sydow versus a legion of Hell. It’s rampant cross-abuse. It’s all that and so much more. Pazuzu for the win.
Did I mention crab-walking?
Oh, and due to the extreme number of tragedies and deaths related to the production of the film, the producers actually called a genuine priest to literally perform a genuine exorcism on the set?
Or that two of the actual actors (“Burke Dennings” and Father Karras’ mother) died before the film was released?
Or that seven other people related to the production (in addition to the two above) also died during production?
We dip back into the vampire genre and come up with our #5…
Before you go all crazy on me, I’m not talking about the 1979 mini-series (though that had a lot going for it at the time, not the least of which was James Mason playing as Straker, and Bonnie Bedelia being all “sexy next-door neighbor” on us). Oh, no. This was something different.
This was 2004. Rob Lowe plays Ben Mears, Donald Sutherland as Straker, Rutger Houer is Barlow, Andre Braugher as Matt Burke, and a bunch of others you’d recognize. This was a fun, extensive, and chilling version of the original novel (which you should read anyway).
A lot of Literature professors seem to find allegory in this story to an outbreak of disease, and while they aren’t necessarily wrong, I think Stephen King would say “Jesus, guys, shut the fuck up. It’s a vampire story, this is what would happen if you had a vampire invasion in a small town.” And it is.
This isn’t some shitty “oooohh, the ancient vampire is in love with me” bullshit. These are monsters. They eat us. And a death at the hands of a vampire condemns the dead to follow in the footsteps of the beast that slew you. A particularly good moment is seen in a hospital with a victim on her first evening of “unlife”.
It’s a great story and a really fun ride. When your friends and family are…corrupted…and…overridden…by an alien bloodlust, the horror creeps in. And when you’re forced to deal with that face-to-face, that’s when it really kicks you in the teeth. Childhood nightmares, come to life.
Combine that with good old-fashioned normal people living out their lives, as they get snuffed out one by one, and you’ve got a match made in hell.
We’re getting into the real meat of the horror genre now, coming in at #4 is….
This came out when I was 12 years old, and it scared the living shit out of me.
Ridley Scott is a master of imagery. Not necessarily science, but imagery he is as much a god as when you talk about guitars and the names Eric Clapton or Mark Knopfler come up. And Scott’s goal of attacking people with H.R. Geiger’s techno-sexual-horror images was aimed just right…not just at me, but at the entire world. Let’s put aside the physics problems. This was a masterpiece of a film. It created an entire world, not just one little haunted house.
The universe is infinite, filled with infinite possibilities. And some of them might be the most horrific things one can imagine. This was one of those things.
Sliding back into vampire territory. Behold the absolute best vampire film I’ve ever seen, at #3:
Let the Right One In
(an Americanized version of this was released under the title “Let Me In”, which is almost as good as the Swedish original)
An adolescent, misfit boy meets a new friend – a girl of seemingly his age, who just moved in across the apartment complex with her (grand)father…? Things rapidly get strange, and the girl turns out to be a vampire, who shows a significant interest in protecting him from the school bullies. Loads of cool scenery, lots of cool vampy things going on.
And it isn’t until the very final moment of the film that you discover the really, truly, horrific thing that has taken place here.
Taking a detour from the priors, we now focus on the first horror film to also introduce humor as a way of ramping up the emotional investment, while still revealing the terrible nature of the subject matter. Coming in at #2 is…
An American Werewolf In London
Winning well-deserved awards for its practical special effects (including the Academy award for “Best Makeup”), this film follows the journey of two ill-fated American backpackers trekking across some seriously troubled moors. Written by John Landis (“National Lampoon’s Animal House”, “The Blues Brothers”), this film sports a compelling story of the Werewolf curse set against metropolitan London with a soundtrack of absolutely perfect tunes. It remains one of my favorite go-tos around Halloween simply because it never gets old for me. The humor, the sadness, the astonishing transformation scenes, a truly unique werewolf, and an absolute carnage in Picadilly Square? What’s not to love in this film?
“I’m sorry I called you a meat-loaf, Jack!”
And finally, we reach #1. A little precursor: most monster movies, even Alien, boil down to one big problem. They’re just a guy in a monster suit. Sure, CGI loosened up that rule a little. But it’s still always just a guy in a suit. Two legs, two arms, a head, maybe a tail. Guy in a suit.
Tonight’s winner turns that on its head. This #1 is a monster wearing a man suit. I know, I know, you’re muttering “You gotta be f***ing kidding me,” but no, I’m serious. This was the coolest, cleverest, most wicked monster there’s ever been. We couldn’t even give it a proper name. That’s because #1 is…
Lock yourself up for months in an isolated station with maybe a dozen other people. And at least one of them is actually a vicious, disgusting monster just waiting for its chance to not only kill you, but *become* you. It can get you with the tiniest exposure, or it can catch you alone and violently consume you.
This film was based on a book written in 1938, which I read when I was probably ten years old. Great story. Magnificent casting, paranoia, body horror, awesome practical effects and a terrifying enemy combine to make the most awesome horror film I have personally ever seen.
So…there they are, my top ten favorite horror films. Maybe some of you have coincidant lists, maybe I missed a good one along the way. I’d be glad to hear about it if you think I did miss one, let me know what you think.
We’re in trouble.
All of us.
Black, white, men, women, all political parties, all factions, we’re all in this.
What kind of trouble?
Life-threatening computer trouble.
Hold on there, you say. My PC isn’t waving a knife around. What’s got me so crazy?
It’s a confluence of things, really.
Back in 1991, hurricane Grace had pretty much petered out and was getting ready to expire in the North Atlantic, when it happened to bump into – and merge with – a storm system blowing off the Canadian Maritimes. When the two systems combined, they produced what would eventually become “The Perfect Storm”. This storm system was so violent that it induced waves that were over seventy feet (and in fact could not be measured, as the sensor devices in place couldn’t go high enough to report accurately), obliterated the unsuspecting fishing boat Andrea Gail, and inspired both a non-fiction book and a fictionalized film.
So when I title my article The Perfect (Digital) Storm, you can get some idea that I am not kidding around here. This stuff is serious.
Here we go. Buckle up.
There are a half-dozen major technologies and non-technical trends in place and in use today, which are all dangerously close to being combined. When they are, there won’t be a single person on the planet safe. Here are a few biggies:
Behavioral Prediction Software
Have you ever been thinking about buying something, like perhaps a lawn mower or a new kitchen appliance? Where you hadn’t told anyone you were even thinking about it, but you had decided “Okay, I need this,” and you were probably going to start shopping for one soon?
And then, that same day, Facebook or eBay or your news site starts spamming advertisements in their banner or skyscraper zones that have exactly that thing advertised for you?
That’s the result of behavioral prediction software.
All those privacy settings in your browser or computer, see, those are directly related to how marketing firms identify who is in the buying mood for what. They also predict your “journey,” the path you will take from one page to another, one site to another.
You experience behavioral prediction every time you visit an eCommerce site of a major retailer. Ever been browsing and suddenly you have a popup saying “save 10% when you buy today”? That’s because that site’s prediction software has observed your path, and realized you’re only a step or two away from abandoning the site without buying something.
This kind of software is also evident when you try to purchase an air fare online: have you noticed that it almost never costs the same amount when you view the same flight from different sites, different physical locations, different times of day or week? There is a “Big Data” AI reviewing those factors and deciding what is the optimal price to put on those fares to garner the most overall money for the seats on that flight.
A British firm, “Cambridge Analytica”, used behavioral prediction software to manipulate the election results of the US 2016 Presidential election, as well as that of British Parliament and the Brexit referendum. By pushing out “quizzes” across Facebook and other social media platforms, they built profiles of individuals to then identify what kind of messaging to put in front of those individuals to induce certain behavior – such as staying at home rather than voting, getting out to vote, and so on. Have you seen one of those “I scored a jillion points on this free IQ test” things shared on a friend’s timeline? That’s one of those tools. “Can this picture of a deaf and blind puppy get a million likes?” is another way they get to you – using emotional blackmail to get hold of your personal info and that of those connected to you.
Behavior prediction is also being used by the Chinese government in major cities (such as Beijing, Hong Kong, etc.) to identify citizens and other persons who are what they consider “anti-social” and dangerous to the State (which, in this case, means dangerous to its dictator, Xi Jinping). A person’s ‘social score’ is built based on his/her actions and the values of those actions in their management system – and behaviors are being stacked into a prediction model to determine who might become “problematic.”
Personal Recognition Software
You’ve seen it in movies (facial recognition in 2008’s “The Dark Knight”, for example). You may have even used it (biometric identification of your iris or finger). This is a way of using your body in the same way police can use your fingerprint – there are certain unique combinations of features (your cheek height relative to the position of your right eye, for example, or the width of your chin or nose) which add up to a unique profile. Even twins don’t have the same value.
As I mentioned – it works in the same fashion as a fingerprint. When forensics experts review a fingerprint, they are looking for a unique combination of whorls, lines, connections, etc. to build a “profile.” In digital terms, this equates to building up a unque value (combination of numbes and letters) which are tied to your identity. Your fingerprint gets translated into a bunch of 1’s and 0’s, the combination of which can only be created by reading your finger and using the same procedure.
This can be a wide variety of personal features. The top of your head, how you walk, the motion of your arms, many different things can be used to build a profile of an individual.
The EU has recognized the gathering of this sort of information as a potential infringement of privacy rights, and led by Germany, instituted the “GDPR” regulation for securing of personally-identifiable information. Seems they learned a bit about what happens when a government spends too much time paying attention to the identity and behavior of its citizens.
Basically, a camera paired with the correct software can identify you walking down the street in the same fashion as you can identify persons you know from a long way away. But they do it really rather more quickly than you can. It builds a profile watching you, or a part of you, and compare that profile’s “score” against its database of known profiles, producing a value-match that expresses varying degrees of certainty. Most often we hear that as a percentage – “85% match” “99% match” and so on.
AI is a very much-abused term these days. Most laypersons hear the term and think “Terminator” or “robot”. But let’s first separate it from what it isn’t, by introducing a contrasting term – “general intelligence.” General intelligence, in this context, is self-aware and self-motivating intelligence – a true ‘mind.’ You are a form of general intelligence, as is your dog or cat, birds, even to a much lesser degree flatworms. AI, as we know it, so far is very specifically tuned intelligence that is itself not self-aware (it doesn’t recognize itself as an individual separate from other things), nor is it self-motivating (it does not decide one day “I am going to spend time making a sandwich” without someone else feeding it this idea).
AI is a combination of technologies that enables digital machinery to make a decision regarding its own purpose on its own. For example, a paperclip-manufacturing software might observe seasonal demand and anticipate that it needs to order additional raw materials in July, in advance of a busy August. It does not identify itself as an actor, and neither does it truly “understand” its job. It merely serves as an active model of what takes place in the manufacture of paperclips.
Often people will confuse “AI” with machine learning, or decision-support software. Machine learning and decision support are often included in an AI, but they themselves are not AI. AI can use the output of both systems in its own decision-making process, though.
AI has been put into use in the military, as well. Target identification, path-finding, and a number of other tasks have been subject to military use.
Often, certain decisions are pushed into an AI’s domain – such as, for example, when to stop a car in heavy traffic (self-driving vehicles). In some cases medical diagnostic software is deciding on diagnoses and recommendations for treatment – these are not yet in production, but are being tested alongside live doctors for potential deployment. Autopilot software has been deciding how to fly planes for years. The stock market is largely driven now not by the perceived value of a company’s future, but by the estimation of software programs attempting to determine whether a company’s stock value will rise or fall in a given period of time. The 2008 financial crisis suffered a much amplified blow to market values because of such software – the fall precipitated software judgment that values would continue to fall, which induced selling behavior, which accelerated falling values, inducing further selling, and so on.
These decision-making systems are slowly becoming a form of general intelligence. How do we, how will we know when these things genuinely are one, though?
Answer is, we really don’t. We don’t know the answer to this any more than we know a consistent definition of information versus data.
When you consider your own mind, taking a step back and considering how thoughts pass through it, you may find a surprising amount of randomness in there. Among all the various sensory inputs that are being registered and ignored or acted upon, your mind itself tends to bubble up random bits of memory, interconnected bits, even invented concepts. Your brain has been trained over many years to filter out elements which are irrelevant to the current and strongest path, which is generally the conversation you are having, the film you are watching, or the article you are writing.
An artificial general intelligence will probably self-congeal from among a similar case, where thousands of various inputs as well as internal processes fight for the attention of the central core thought processes. This is probably a topic for a dozen other papers or articles, and as cool as it is, it is beyond the scope of this piece.
But AI has a direct impact on the topic at hand: specifically, lazy decision makers relying on something they view as a “magic carpet ride” to shift the responsibility of decision making onto an automatic system.
A benefit to such a system is that should something go wrong, they can blame the system, or the engineers who built it. As well, decision makers who desire above all speed in decision making, these people will desire a system on which they can push important decisions that are time-sensitive. The system can decide faster than the observe-pass on info-human decides-return decision-act cycle can produce an answer. This is a legitimate concern in military decision making, if a valuable target shows itself for only a few moments. But let’s not be so antiseptic about it – we’re talking about people. Enemies, yes, but still people.
And that means command staff among the military, wanting to push a kill decision into a drone, to reduce reaction time to identifying a potential target.
Aircraft, automobiles, buses, trains, trucks, drones, a wide variety of self-moving machines are being enabled via GPS and navigation software to be able to navigate and maneuver to desired locations without human assistance. Self-driving cars are anticipated to be available commonly in the next few years. Aircraft are capable of a complete flight from takeoff to landing now without a human hand on the controls. Remote drones can perform a variety of missions autonomously, and can loiter over a target area for extended periods. They are literally ticking time bombs.
If the last four years have shown us anything, it is that about three out of ten people have a strong desire to control the other seven, possibly kill two or three among those seven, and that they will go out of their way to exert that power over them. They also happen to be simplistic people, who are prone to violent tendencies. These people form a “power core” behind dictators worldwide.
And as was demonstrated last century, when they seize control of the mechanisms of power in a nation, mortal disaster follows for hundreds of thousands, if not millions of people. People die.
In the USA, the Republican party has demonstrated its disregard for the traditions of its country and that it has a motivation solely for raw power – and that it is willing to repeat the crimes of last century by opening concentration camps on the Southern border of the country to isolate “undesirables.” Genocide has already been committed according to the letter of the law, though mass murder has not yet taken place. Police kill black people indiscriminately.
Facebook’s CEO, Mark Zuckerberg, seems to show little concern and is willing to let his platform be used in support of this. Twitter as well.
In Russia, Putin collects power to himself and he refuses to let it slip away.
In Hungary, Poland, and Turkey, traditional democracies are falling and becoming dictatorships.
The Saudis have demonstrated their murderous nature against their own and even against American residents.
These are people who experience little remorse at committing crimes against people not of their political / religious / tribal identity. They don’t view these as crimes. Their leadership will attempt to enact laws that enable such acts and remove their criminality.
China is putting millions of Muslims into concentration camps as I write this, with the endorsement of President Trump.
Trump himself has demonstrated himself as incapable of either empathy or compassion.
Bringing Them All Together
What I am describing here are:
- Prediction of behavior
- Projection of violence
And when you put them in the same room, you have a situation where one can construct and project military-grade power with very few humans having a hand on the tiller.
Imagine, for example, the royal house of Saud in Saudi Arabia – their biggest fear is an uprising among the common people leading to an overthrow of their family. It is in their interest to kill any potential leadership of such an uprising.
Now imagine a behavioral prediction system which takes the histories and behavioral cues of past and current “revolutionaries” to build profiles of individuals who can potentially develop into future revolutionaries.
And imagine them purchasing drones from the USA or other technically-capable countries which are capable of self-navigation over areas where such individuals live, armed with long-range missile or sniper weapons, and which are enabled with recognition software that can identify such individuals from range.
And those drones are equipped and enabled to kill those people.
Such systems are already being used today. The US military uses drones to track, identify, and kill individuals labeled as terrorists or active military agents in combat zones. The US has not yet pushed a “kill decision” into an automated drone, instead relying on the system giving human decision makers a % likelihood of identification.
And these drones are nearly invisible from the ground. Their active camouflage and ultra-quiet motors make them almost impossible to detect.
Whether you like the prospect or not, your behavior is available for an ambitious (or, for those of you active on social media platforms, routine) program to assemble. It is exceedingly likely that your face has already been entered into the database of “Clearview”, a company specializing in facial recognition.
Whether you like it or not, even the USA is committing actions based on “loyalty” to the current administration – purging those perceived as disloyal, and hiring yes-men into positions of control. Courts are being stacked with unqualified but ideologically compatible persons. Police are using facial recognition of protesters to sieve through their past records, looking for outstanding warrants or infractions that can grant them a plausible excuse to arrest protesters.
And legislation is being fronted at every level to enable discrimination and even violence against “undesirables” – mostly it seems ‘Christian’ causes are being put forward as justification to discriminate against LGBTQ persons. The USA already has a lengthy history of racism against non-whites, as well.
The current administration has demonstrated it is willing to commit crimes against humanity to achieve its goals, and has gone out of its way to praise and offer aid to white supremacists, the Nazi party, and other dictatorial groups.
The tools are in their hands, and they have demonstrated that they are rapidly shedding the moral restrictions that hold people back from using their power to abuse and kill people to further entrench or enrich themselves. The Republican-controlled Senate has demonstrated that it is fully in line with the administration, and the “conservative”-controlled Supreme Court has telegraphed its willingness to overlook crimes committed by them.
Time is proverbially – and literally – short.
And this warning takes into account intentional use of these technologies. I haven’t even begun to explore accidental use of them.
One demonstration of an infantry robot armed with a large-capacity magazine on an assault rifle body nearly killed a stadium full of observers, and would have done had it not been tackled by an observant soldier supervising the robot. Its target identification package suffered a glitch that disabled its ability to distinguish friend, so all were foe.
Drones have often been indiscriminate in their deployment of high-explosive missiles. They have a long record of high collateral damage.
Other non-military systems have suffered catastrophic failures for the simplest of reasons. A multi-billion-dollar Mars probe self-immolated because a single developer made an error in using Imperial measurements rather than metric. Denver International Airport suffered a multiple month delay in opening at millions of dollars per day lost, because software developers refused to accept that their chosen tools were simply incapable of handling the real-world traffic of the airport.
Does anyone seriously believe that software designed for military use would be immune to such problems? And when armed with lethal machinery under software decision making, that an error would be without impact?
What Can Be Done?
We have to review our place in this grim picture.
As individuals, what can we do against this?
First, vote. Stand in line for hours if you have to, but vote. Even if it feels pointless, vote. Failing to vote is not a protest, it is a surrender.
Are you an educator? Do you know one? Insist on ethics courses for all students, or at least for computer science requirements in your university / college / higher education facility. Demand your institution be transparent in its support of government-sponsored research programs. Oppose those programs which you know to be wrong.
Spend time discussing these problems with those around you. Make the issue known, and advocate avoidance of putting wartime decision making in the hands of machines.
Oppose dictatorial policies and parties.
Do you have spare time? Run for a local office. State legislator. School board. Anything. Get involved. If you are not ambitious for such office, that makes you the ideal candidate – it is our responsibility as ethical persons to remove and replace those in office who are amoral or unethical.
Get in touch with your national representatives and make your voice heard. Ensure that democratic values are supported.
Advocate for a human military. Fighting machines detract from the fear of war that should be present for everyone involved. Every development of new technology in the past two centuries that was lauded as “too frightening to make war viable any longer” have had the opposite effect: they’ve made it easier to wage war, and they’ve resulted in a casual attitude towards what should be the gravest of actions a nation can take.
An army of robots makes waging war easier and cheaper, and that army can be easily turned against its own people, should a party in power decide it does not want to relinquish that power.
Most importantly: If you are a US citizen, abandon and oppose the Republican party. This will be particularly difficult for persons who consider party affiliation to be something deserving of blind loyalty. This group has demonstrated itself to be a front – it has no values in common with American democracy, and deserves no further voice in the democratic process. Join the Lincoln Project if you are a Republican.
I do not recommend joining the Democratic party, though I do support many of its members. No, I simply recommend you oppose the Republican party in whole. They no longer represent anything even mildly resembling the Ike Eisenhower era figures – they are characterized by three faces: Donald Trump, Roy Moore, and Mitch McConnell. All are anti-Democratic, all are unabashed racists, both the first two have lives irrevocably stained by sexual abuse of partners and children. And the Republican party was just fine with all of that.
The party pushed back on their respective candidacies, right up until it was clear that they were going to be the nominees and would not drop out – at which point the party threw in and got behind them. In short, the Republican party was more interested in ensuring a win than it was with putting a child molester and rapist into the most powerful seat(s) in the land.
In short, supporters of the Republican party are the sort of people who would exercise the technological power this century is on the verge of granting us, to eliminate those who would oppose them. The Senate’s handling of the Trump impeachment under McConnell should resonate as a clarion call that spells out that no abuse of power is unacceptable to them, so long as it is performed in service to their party’s continued power.
And the slide into dictatorial political machinery won’t stop unless we stop it. We’ve already seen the Republicans throw us into war – killing thousands of American soldiers and hundreds of thousands, if not millions, of Iraqis – for the sole purpose of winning an election. The killing of persons, citizens or no, on our own ground is coming if they are not stopped.
Going forward, these technologies are not going to go away. We are going to need a renewal of the Geneva Conventions, and a whole new set of laws and oversight on how to utilize information technology when mated with potentially lethal combat machinery and tactics. We will need politicians with good ethics (and yes, there are some) who can craft appropriate measures to govern their use. We cannot rely on the Republicans to be so forward-thinking.
Boycott businesses that support Republican candidates or the party, and make it known to them the reasons you do so. Stop giving to churches that obviously favor them. Make it expensive for a business or church to throw its support behind such candidates.
Technology, and time, always march forward. What we do with the tools that time and tech hand us is what will define our future. We can no more ban them than we can stop the sun from rising and setting. So it is up to us as a people – of a nation, of the world – to demand responsible use of these new technologies, and to prevent their use in service of an industry that has already proven itself too costly in human lives.
The solution to this problem is one of ethics, and politics. And the time we have to address this issue before it is upon us physically is running out.
You are at war.
Every last one of you.
I have said this many times – Trump and his allies are traitors to the United States. They despise everything it stands for. This last week has demonstrated that clearly, and if you don’t “get it”, then you are part of the problem.
I have also said this, many times: It only takes one side to start a war.
Well, they have brought the war to your doorstep. It is rampaging through your streets as we speak.
The “very fine people” of the KKK and the neo-Nazis, and their allies within various corrupted police forces, have turned a broad swath of non-violent protests into riots, in a successful effort to ignite a “race war”. In this case, not one where black people have taken up arms against the US, but where white-trash racists have taken up arms against black people and their supporters.
And Trump is finally stepping up to declare himself THEIR leader. Not the leader of the USA, but just the leader of the bad actors.
It should be abundantly clear to you all that he has allied himself with the worst of our international enemies, and now he is shoring up support with the worst of our own people.
Their goal is to kill you.
No bullshit. That is the only way they will ever be happy. Any dissent with their aims is to put yourself into the “enemy” camp and they are incapable of acting any other way. They *will* kill you. And your children. And anyone you are friends with.
We’ve seen this movie before, people. Hitler did it. Stalin did it. Mao did it. Kim Jong Un did it. Hussein did it. MBS is doing it. Putin does it. And there are always those who are happy to serve their kind.
They rise up, people don’t take them seriously, and then they gin up a reason to stage a coup and decapitate the existing government, to replace it with their own loyalists in the fragments left behind.
Today, what you are seeing in the news, that is the United States having a Reichstag Fire.
It is not, however, too late.
The good news here is that Trump and his supporters, despite being violent assholes, are also generally pretty fucking stupid. There are exceptions – William Barr being a good example – and those are the dangerous actors behind the throne, as it were.
They are also, to a person, cowards. They bluster when they have the advantage, but they have zero personal courage. And that’s what makes them hate you. They envy your courage, your independence, and your happiness.
And they will do everything in their power to drag you beneath them.
Because that is the only way they can feel good. By establishing a false sense of superiority through strength, they can convince themselves that they are morally superior. This is why White Evangelicals line up behind Trump – they’ve been raised from childhood to have an inferiority complex and to assume simplistic, idiotic traits like the color of one’s skin to be indicators of worth. It’s what makes them fools and cowards, it’s what enables Trump to con them over and over again.
Trump has called out his intention to unleash the US military against protesters (which is an illegal order, for the record). He has called out his intention to sic the US law enforcement agencies against “antifa” (a non-organization which is defined by its opposition to fascism). Antifa, by the way, having no “membership”, means anyone who opposes a fascist dictator – by definition, if you oppose Trump, you can be labeled antifa.
Think that over.
Those States which are not run by corrupted Republican officials must declare themselves in opposition to Trump’s actions. Media outlets must declare Trump’s actions unlawful and violent. The US Military is bound by law to dismiss the President’s illegal orders. Those police forces which remain uncorrupted must dig out and destroy the threats to our citizenry.
On the assumption that there will actually be an election in November, individual citizens must re-check their registration status and get their votes in, on paper, and keep a copy for their own records to supply it in case it is needed for validation.
It would also be advisable to arm yourselves. Because those violent hicks supporting Trump – both in and out of uniform – won’t think twice about using violence against you. Being cowards, if they know there is a good chance of coming to harm themselves, they will avoid confrontations with anyone other than unarmed and defenseless persons.
I cannot impart in words how saddened, how let down, how disgusted I am with the state of things today. None of this brings me anything akin to joy.
It does strengthen my resolve, however. Resolve to support the country I grew up in, the United States and those people loyal to one another – because that is who the US is, it is her people. And being loyal to the US is being loyal to one another, our neighbors.
War is being fought against us. Against our people. By those we thought stood with us. We’ve seen other countries go through this, we’ve fought this war once before already.
Sadly, it must be fought again. Outside of the Trump supporters, no one wanted this war. But here it is, on our doorstep once again.
And we must take a stand here.
I will end with a quote from Elie Wiesel:
“We must take sides. Neutrality helps the oppressor, never the victim. Silence encourages the tormentor, never the tormented. Sometimes we must interfere. When human lives are endangered, when human dignity is in jeopardy, national borders and sensitivities become irrelevant. Wherever men and women are persecuted because of their race, religion, or political views, that place must – at that moment – become the center of the universe.”