• I love the sound of this song. Here is the movie version:

    And a very pure version:

            
  • Ally's homemade turkey a la king.
    Ally’s homemade turkey a la king.

    Last week I cooked up a turkey breast that had been lurking in the freezer for a while. It was a lovely treat, and we really enjoyed it. However, with just a few of us here at the house these days, even cooking up just a breast is a bit much. I decided I would make turkey pot pies out of the leftovers, some of which we’d eat right away, and some that could go in the freezer. The grocery store was sadly lacking in pie crusts, and I’m just not great at making them. So I decided to try Turkey a la King, because it was sort of an inside out turkey pie. The end result was incredibly delicious, and we really enjoyed it! I hope you do, too.

    Ingredients

    • 4 tbsp butter or margarine
    • 1/2 medium yellow onion, finely chopped
    • 1 medium carrot, peeled, finely chopped
    • 1 stalk celery, finely chopped
    • 5 tbsp all-purpose flour
    • 2 cups low-sodium chicken broth
    • 1-1/2 cups milk (oatmilk also works)
    • salt and pepper to taste
    • 1-1/2 lbs cooked turkey breast, cut into 1″ chunks
    • 1 cup frozen peas or mixed vegetables
    • 1/2 cup mashed potatoes
    • 1/4 cup chopped fresh parsley
    • Warm biscuits or puff pastry shells for serving

    In a large skillet or cast iron pot, melt the butter over medium high heat. When the butter is bubbling slightly and is completely melted, add in the carrot, onion, and celery. Cook for about ten minutes, until the vegetables are softened.

    Add in the flour, and quickly stir to coat all the vegetables as evenly as you can. Immediately whisk in the broth, milk, and salt and pepper. Add the liquid slowly while whisking rapidly throughout, to achieve a silky smooth finish. This part should take about five minutes to complete. Add in the turkey, potato, and peas, and stir occasionally until the dish is warmed through, about ten more minutes.

    In a large skillet over medium-high heat, melt butter. Add mushrooms, onion, carrot, and celery and cook, stirring often, until softened, 8 to 10 minutes.

    Serve the turkey mixture over top of the biscuits or puff pastry shells, and sprinkle with a bit of fresh minced parsley for color and flavor.

    Notes:
    So traditionally, this would be made with 8 oz or so of sliced mushrooms. I didn’t have any on hand, so this is my version of the more traditional recipe. I used an old fashioned biscuit recipe for this, but you could do any biscuits, including the “quick” ones on a box of Bisquick.

    If you find that your finished product isn’t thick enough, you can fix it in one of three ways. First, you can use the traditional route, which is to make a roux in another pan and then add the roux to the boiling turkey mixture. Stir well, and it should thicken. Second, you can make a slurry (a tablespoon of flour or cornstarch with just enough cold water to make a thin paste) and add that to the boiling turkey mixture. Stir, and it should thicken up. The third, and inarguably the easiest method, is to add a teaspoon or so of potato flakes to the mixture. Simply sprinkle potato flakes on top of the boiling turkey  mixture, and then stir. Continue to add more potato flakes a little at a time until the desired thickness is achieved.

            

  • There are two parts to access control, the first is authentication, the second is authorization.

    Authentication is the process of proving you are who you claim to be.

    There are three ways to prove you are who you say you are, something you know, something you have, or something about you.

    When you hand your driver’s license to the police officer at a traffic stop, you are authenticating yourself. You are using two-factor authentication. The first part is that you have that particular physical license in your possession. The second is that the picture on the ID matches you.

    After the officer matches you to the ID you provided, he then proceeds to authenticate the ID. Does it have all the security markings? Does the picture on the DL match the picture that his in-car computer provides to him? Does the description on the DL match the image on the card?

    He will then determine if you are authorized to drive. He does this by checking with a trusted source that the ID that he holds is not suspended.

    People Are Stupid

    While you are brilliant, all those other people are stupid.

    So consider this scenario. Somebody claims that they can read your palm and figure things out about you. Your favorite uncle on your mother’s side of the family is Bill Jones. You laugh and reply, you got that wrong, James Fillmore is my favorite uncle.

    So, one of the more common security questions to recover a password is “What is your mother’s maiden name?” Do you think that the person who just guessed your favorite uncle incorrectly might do better at guessing your mother’s maiden name?

    It was assumed that only you know that information. The fact is that the information is out there, it just takes a bit of digging.

    The HR department at a client that I used to work for liked to announce people’s birthdays, to make them feel good.

    She announced my birthday over the group chat. I went into her office and explained that she had just violated my privacy.

    The next time you are at the doctor’s office, consider what they use to authenticate you. “What is your name and date of birth?”

    I lie every time some website asks for my date of birth, unless it is required for official reasons.

    Finally, people like to pick PINs and codes that they can remember. And they use things that match what they remember. What is a four-digit number that is easy for most people to remember? The year of their birth.

    You do not want to know how many people use their year of birth for their ATM PIN.

    In addition, it is easy to fool people into giving you their password. We call that phishing today. But it is the case that many people will read that their account has been compromised and rush to fix it. Often by clicking on the link in the provided e-mail.

    A few years back, I was dealing with a creditor. They have a requirement to not give out information. A blind call asking me to authenticate myself to them. I refused. I made them give me the name of their company as well as their extension and employ number.

    I then looked up the company on the web. Verified that the site had been in existence for multiple years. Verified with multiple sources what their main number was. Then called the main number and asked to be connected to the representative.

    Did this properly authenticate her? Not really, but it did allow us to move forward until we had cross authenticated each other.

    Biometrics

    If you have watched NCIS, they have a magic gizmo on the outside of the secure room. To gain access, the cop looks into the retina scanner. The scanner verifies that pattern it scans with what is on record and, if you are authorized, unlocks the door.

    Older shows and movies used palm scanners or fingerprint scanners. The number of movies in which the MacGuffin is the somebody taking a body part or a person to by-pass biometric scanners is in the 1000s, if not higher.

    So let’s say that you are using a biometric to unlock your phone. Be it a face scan or a fingerprint scan.

    The bad guys (or the cops) have you and your phone. While they cannot force you to give up your password, they can certainly hold the phone up to your face to unlock it. Or forcibly use your finger to unlock it.

    Biometrics are not at the point where I would trust them. Certainly, not cheap biometric scanners.

    It Doesn’t Look Good

    We need to protect people from themselves. We can’t trust biometrics. That leaves “something they have”.

    When you go to open unlock your car, you might use a key fob. Press the button and the car unlocks. That is something you have, and it is what is used to authenticate you. Your car knows that when you authenticate with your key fob, you are authorized to request that the doors be unlocked.

    If you are old school, and still use a physical key to unlock your home, the lock in your door uses an inverse pattern to authenticate the key that you possess. It knows that anybody who has that key is authorized to unlock the door.

    Since people might bypass the lock or make an unauthorized duplicate of your key, you might add two-factor authentication. Not only do they have to have something in their possession, they must all know the secret code for the alarm.

    Two-Factor Authentication

    Two-Factor authentication is about providing you with something that only you possess. You need to be able to prove that you have control of that object and that the answer cannot be replayed.

    Consider you are coming back from patrol. You reach the gate and the sentry calls out “thunder”. You are supposed to reply with “dance”. You have now authenticated and can proceed.

    The bad guy now walks up. The sentry calls out “thunder”. The bad guy repeats what you said, “dance”. And the bad guy now walks through the gate.

    This is a “replay” attack. Any time a bad guy can repeat back something that intercepted to gain authentication, you have a feeble authentication.

    The first authenticator that I used was a chip on a card. It was the size of a credit card, you were expected to carry it with you. When you tried to log in, you were prompted for a number from the card. The card had a numeric keypad. You input your PIN. The card printed a number. That number was only good for a short time.

    You entered that number as your password, and you were authenticated.

    There were no magic radios. Bluetooth didn’t exist. Wi-Fi was still years in the future. And it worked even if you were 100s of miles away, logging in over a telnet session or a dial-up modem.

    How?

    Each card had a unique serial number and a very accurate clock. The time of day was combined with the serial number and your pin to create a number. The computer also knew the time, accurately. When you provided the number, it could run a magic algorithm and verify that the number came from the card with that serial number.

    One of the keys to computer security is that we don’t store keys in a recoverable format. Instead, we store cryptographic hashes of your password. We apply the same hash to the password/pass phrase you provided us and then compare that to the stored hash. If they match, the password is correct. There is no known methods for going from the hash to the plaintext password.

    That security card had some other features. It could be programmed to have a self-destruct PIN, or an alert PIN, or a self-destruct after too many PIN entries in a given amount of time.

    When it self-destructed, it just changed an internal number, so the numbers generated would never again be correct. If the alert PIN was set up, using the generated number would inform the computer that the PIN was given under duress. The security policies would determine what happened next.

    Today, we started to see simple two-factor authentication. “We sent a text to your phone, enter the number you received.” “We emailed the account on record, read and click on the link.”

    These depend on you having control of your email account or your phone. And that nobody is capable of intercepting the SMS text.

    A slightly more sophisticated method is a push alert to an app on your phone. This method requires radio communications with your phone app. The site requesting you to authenticate transmits a code to your phone app. Your phone app then gives you a code to give to the site. Thus, authenticating you.

    There are other pieces of magic involved in these. It isn’t a simple number, there is a bunch of math/cryptology involved.

    Another method is using your phone to replace the card described above.

    I authenticate to my phone to prove I’m authorized to run the authenticator application. There is a 6-digit number I have to transcribe to the website within 10 seconds. After 10 seconds, a new number appears.

    I’ve not looked into all the options available, it just works.

    The cool thing about that authenticator, is that it works, even if all the radios in my phone are off.

    Finally, there are security keys. This is what I prefer.

    I need to put the key into the USB port. The key and the website exchange information. I press the button on the security key, and I’m authenticated.

    Another version requires me to type a passphrase to unlock the key before it will authenticate to the remote site.

    Conclusion

    If you have an option, set up two-factor authentication. Be it an authenticator app on your phone or a Yubico security key. It will help protect you from stupids.

            

  • Data security is the protection of your data throughout its lifecycle.

    Let’s pretend you have a naughty image of yourself that you don’t want anybody else to see.

    The most secure way of protecting that image is to have never taken that image in the first place. It is too late now.

    If you put that image on a portable USB drive, then somebody can walk off with that USB drive. The protection on that image is only as good as the physical security of that device.

    Dick, the kiddy diddler, who is in the special prison for the rest of his life, kept his kiddy porn on USB thumb drives. They were stored around his bed. Once the cops served their warrant, all of those USB drives were available to be examined.

    They were examined. Dick was evil and stupid.

    The next best way is to encrypt the image using a good encryption tool.

    To put this in perspective, the old Unix crypt program implemented an improved version of the German Enigma machine. It was improved because it could encrypt/decrypt a 256 character alphabet rather than the original 27 characters.

    Using the crypt breakers workbench, a novice can crack a document encrypted with the Unix crypt command in about 30 minutes.

    At the time, crypt was the only “good” encryption available at the command line. The only other was a rot-13 style obfuscation tool.

    In our modern times, we have access to real cryptography. Some of it superb. We will consider using AES-256, the American Encryption Standard. This is currently considered secure into the 2050s at current compute power increases.

    AES-256 uses a 256-bit key. You are not going to remember a 256-bit number. That is a hex number 64 characters long. So you use something like PGP/GnuPG. PGP stands for Pretty Good Privacy.

    In its simplest form, you provide a passphrase to the tool, and it converts that into a 256-bit number, which is used to encrypt the file. Now make sure you don’t forget the pass phrase and also that you delete (for real) the original image.

    Now, if you want to view that image, why I don’t know, you have to reverse the process. You will again have the decrypted file on your disk while you examine the image. Don’t forget to remove it when you are done looking.

    We can take this to a different level, by using the public key capabilities of PGP. In this process, you generate two large, nearly prime, numbers. These numbers, with some manipulation, are used to encrypt keys. These are manipulated into a Public Key and a Private Key. The public key can decrypt files encrypted with the private key. The private key can decrypt files encrypted with the public key.

    The computer now uses a good random number generator to create a 256-bit key. That key is used to encrypt your plaintext file. The key is then encrypted with your “Public Key” and attached to the file.

    Now you can decrypt the file using your “Private Key”.

    This means that your private key is now the most valuable thing. So you encrypt that with a pass phrase.

    Now you need to provide the pass phrase to the PGP program to enable it to decrypt your private key, which you can then use to decrypt or encrypt files. All great stuff.

    I went a step further. My PGP key requires a security fob to decrypt. This means it requires something I know, a pass phrase, plus something I have, the security fob.

    This means that there are two valuable items you have, the private key and your pass phrase. Let’s just say that those need both physical and mental protection. You need to make sure that nobody can see you type in your pass phrase, plus your pass phrase has to be something you can remember, plus it has to be long enough that your fingers can’t be read as you type it.

    And, don’t ever type it on a wireless keyboard. You would have to trust that nobody is intercepting the transmission from the keyboard to the computer system.

    In addition to that, most keyboards are electronically noisy. This means that the electrical interference that is given off by your keyboard can be read and used to guess at key sequences.

    Finally, you need to make sure that nobody has installed a keylogger to capture every key you type. These can go inside your keyboard, or just plug into the end of your USB cable.

    All of this is painful to do. And you need to go through the decryption phase every time you want to look at your secret document.

    So we can use disk encryption.

    The idea here is similar to PGP. You generate a large block of random bits. This will be your encryption/decryption key. This block of random bits is then encrypted with a pass phrase. When you mount your disk drive, you need to “unlock” the decryption key. Once that is done, the data on that disk is accessible in plain format.

    You can tell your computer to forget the key and then none of the data is available. You can unmount the file system and the data is protected. You can turn off your computer and the data is now unavailable and protected.

    Of course, they might have your pass phrase, in which case they will just use it to decrypt your key.

    But there is a neat thing that you can do, you can wipe the decryption key. If this is done, then even with your pass phrase, there is nothing that can be done.

    The government has strict requirements on how to erase magnetic media, disk drives, magnetic tapes, and the like. For magnetic tape, they use a machine that has a strong magnetic field. This field will scramble any data on the tape if used correctly.

    This is not good enough for disk drives, though. The “short” version of erasing a magnetic disk is to write all zeros, then write all ones, then write random numbers. This will make it difficult to recover the data. The longer version, “Gutman”, requires 35 passes.

    Sounds good, let’s do it on a test drive. Here is a 12 TB drive that is 75% full. The 75% doesn’t help us. We still need to erase every sector.

    Our SATA 3, 6 Gbit I/O channel is not our bottleneck, it is the time to write the data. That is 210 Mbit/second. So more than five days, per pass.

    If we have encrypted the drive, we only have to wipe a few sectors. That can be done in far less than a second.

    But, it gets better. You can buy “secure” drives. These drives have the encryption built in. You send a magic command to the drive, and it wipes its key and makes the entire disk just random bits, nearly instantly.

    This key on disk method is what Ceph uses, under the hood.

    Of course, that is only part of the solution, the next part is on the wire encryption. This requires still more.

    Conclusion

    The biggest issue facing people who are trying to create secure environments is that they need to make sure that they have identified who the black hat is.

    • Will they be able to physically access your equipment? Assume yes.
    • Will they be able to tap into your network? Assume yes.
    • Will they be able to physically compromise your keyboard? Maybe?
    • Will they be able to take your stuff?
    • Will they be able to force you to give your pass phrase?
    • Will they be able to access your computer without a password?
    • Will you be able to boot your network from total outage without having to visit each node?
            

  • You might have heard the phrase, “He’s forgotten more than you will ever know.” When dealing with somebody who is quietly competent, that is almost always the case.

    I was there at the start of the Internet. I watched our campus get X.25 networking. Later, BITNET. I watched email get dumped into the UUCP queues and see magic happen as email dropped into a black hole and reappeared where it was supposed to. The magic of ARPANET, later to be The Internet.

    I was part of the team that transitioned the Internet from routing tables (Host tables) into the Domain Name System. I watched as we moved from vampire taps on 10Base2 to RFC bayonet connectors. Having to explain over and over that you can’t plug the cable into your computer, you plug the cable into a T and terminate the T. The T then connects to your computer.

    The magic of 10BaseT with low-cost hubs instead of expensive switches that “real” network switches cost.

    Listening to the stories of Ethernet cards costing “only” 10K because they had bought so many of them.

    Today I installed another new NIC into one of my nodes. This NIC cost me $33. The SFP+ module was another $15, call it $45. This gives me a MMF fiber connection, good for up to 300 meters at 10 Gigabit Per Second.

    This makes three nodes connected at 10 Gbit. 1 Node at 2.5 Gbit. The rest are still at 1.0 Gbit. When I have finished upgrading the nodes, each will have a 10 Gbit NIC. They will have either MMF LC fiber connectors or 10 Gbit RJ45 copper connectors.

    The only reason for the RJ45 copper is that I need to add some more SFP+ routers with extra ports.

    What I Forgot

    When we installed our for 100BaseT NIC’s, we did some testing to see what the throughput was and how it affected the host computer.

    What we found was that the interrupt count went through the roof, bogging the computer down. At full speed, more than 75% of the CPU was dedicated to network traffic.

    The cure for this was to increase the packet size. At the time, this was a big issue. Most networking devices only accepted 1500byte Ethernet Packets. If your input packet is larger than the MTU of the egress port, then the packet becomes fragmented. There are issues with IP fragments.

    A newly introduced change in the specification allowed Jumbo packets. The normal size of a Jumbo packet is 9000 bytes.

    Once we did the upgrade, everything got faster. We actually had network attached drives which were faster than the physically attached drives.

    When setting up a VPN, you need to set the packet size going into the VPN to be smaller than the MTU of the physical network. The VPN will encapsulate packets before they are transmitted. This makes the packet larger. If you are sending a packet through the VPN with a size of 1500, and it is going on to a physical network with an MTU of 1500, every packet of 1500 bytes will be fragmented.

    I have been slowly bringing up an OVN/Open vSwitch configuration. This allows a virtual machine or a container to move from host to host, maintaining the same IP address and routing path.

    I’ve done a couple of live migrations now. The perceived downtime is less than 15 seconds. There were no dropped packets during the migration. Just amazing.

    The OVN setup is complex because there are many options that need to be set up, and there are tools to do all of it for you. Unfortunately, the overhead of OpenStack and learning it is something I’m not ready to do. So I’m doing each step by hand.

    When my virtual machines were on the same host as the egress bridge, everything worked. If the VM was on a different host within the OVN cluster, ICMP would work, but TCP would not.

    Turns out that I had not set the MTU of my physical network correctly. I’ve been slowly updating the networking configuration on all of my nodes to use jumbo packets. As soon as I did that, my cross node networking traffic started working!

    Happy, happy, joy, joy.

    There is more testing to perform. This might also be a fix for the firewall glitch of a few weeks ago. Once I have a couple of more nodes on the OVN cluster, I can proceed with designing and testing a redundant network design, with failover.

    It was a good day. Oh, I brought another 12 TB of disk online as well.

            

  • When people begin to prep, there’s this mental thing that happens… they begin to store things in buckets. For some, it’s cat litter buckets. For others, it’s the big white buckets you can often get for free at grocery stores. They’re usually five gallon size, and they have a hard plastic exterior which is difficult for mice to chew through, and a plastic handle that’s decently rugged. The cat litter ones are usually more squarish in shape, which is great for holding ammo, candles, square tins (like Spam), and the like. The white ones are round, and are awesome for rice, wheat, lentils, coffee, etc.

    For me, the five gallon bucket was too small after a while. I started getting piles of the things, and I didn’t like it. So I switched from those to Sterelite bins, the light grey ones. Those are alright, but if you stack them more than two high and they’re heavy, they will buckle under the weight. Those were replaced with good quality rigid Rubbermaid bins. The Rubbermaids last, have mouse proof (so far at least, and we’re talking ten years or more in a farm house with tons of mice) exteriors, and a decent seal at the top as well. You can stack them three high if they’re heavy, and four high if you make the top one light.

    Once I reached the bin stage in my prepping, I began making single-item bins. This bin was labelled “rice” and contained countless smaller bags or boxes of rice. That one was labelled “wheat” and another was “beans.” You get the general idea. I thought this was an amazing idea! Everything was neat, labelled, easy to find… just perfect.

    And then we had an emergency with a power loss of a few days. Suddenly, I had to find our emergency stores in the dark, in the basement. I had to crack 5 gallon buckets and big plastic bins to take out one or two things, and then seal them up again. It wasn’t fun. It made carrying things up the stairs more difficult. I got frustrated.

    Now, I make multi-purpose bins. One bin sits in the hallway, tucked into a quiet corner. Each grocery trip, I pick something up and stash it in the bucket. I make sure each bucket has a good mix of protein (canned meat and fish, powdered eggs, peanut butter, a can of nuts, and you name it), carbs (instant potatoes, rice, pasta, flour), and fats (mostly in the form of natural fats in the cans of meat and fish, but sometimes I find canned butter and the like, and also small bottles of vegetable or olive oil). Toss in some paper plates, matches, a P-38 can opener, some fuel and one of the folding mini stoves, along with plastic forks or spoons and a couple of mags of ammo, and you’re all set. Each bucket is self-contained. I can grab ANY bucket, and know it has a bit of everything, and that it’ll be just different enough from the next bucket to ensure my family doesn’t get bored with single-flavor nutrition.

    (more…)

            

  • Post Schedules

    The current scheduling is that I post once per day, unless Ally takes Tuesday Tunes.

    Monday: Ally — Food
    Tuesday: Chris — Tuesday Tunes
    Wednesday: Ally — Politics, From Behind Enemy Lines
    Thursday:
    Friday: Chris — Friday Feedback, Ally — Prepping
    Saturday:
    Sunday:

    I’m trying to do at least one Legal post per week. They take a long time to read, write and document. At times, it is overwhelming. A single case might have a few hundred pages per filing with hundreds of filings.

    Court Progress

    Some of the cases that I have been filing have started moving again. There is always the speed bump in the circuit courts after oral arguments and before they issue their opinion.

    Prepping

    Ally has been writing a series on how to prepare. If you would like to contribute an article, please send it to us as a LibreOffice, Google Doc, or a Microsoft Word document.

    Bragging Rights/links

    Ally wants to start a page of cross-links. If you make something that you want people to look at, send us the link where people can get it and a couple of paragraphs describing it along with a single image.

    Smears

    One of the things I noticed many years ago was that if a dogcatcher in bod ump boondocks makes a stupid remark, and they are a Republican or conservative, the media shoves a microphone into every well-known Republican demanding that they renounce said dogcatcher.

    Some well-known Democrat does something outlandish or says something outlandish and there are crickets.

    One of the things I think I am noticing is that conservatives are being smeared, in general, by the left searching out the little man, standing on a soapbox in front of 3 people spouting stupid stuff (and two are his mother and father, the third is the reporter). They take whatever this little man says and amplify it to an extreme.

    This makes it seem like there is a loud call on the right to do the stupid things the little man talks about.

    The other smear, of course, is directed at Trump. Some has-been model claims that he was hanging with Epstein, and while with Epstein touched her in a sexual manner without her consent.

    Reminds me of the Borking of Judge Bork. The slander of Justice Thomas. The public lynching of Justice Kavanaugh.

    Feedback

    Have a fantastic weekend. We’d love to hear from you. Ask a question, send us on a topic hunt, share a news site of interest.

            

  • If you want to see a case take years and years, it goes something like this:

    The plaintiffs file a suit and request a Temporary Restraining Order to enjoin the defendants while the court hears briefings and arguments for a Preliminary Injunction.

    If the losing party wishes, they can appeal to the circuit court. This will be placed on the emergency docket. The emergency docket is sometimes called the “Shadow Docket”, if the court leans right because it sounds bad.

    There is a three—judge administrative panel which examines these petitions on the emergency docket. They can grant a stay or grant an injunction lasting until the case is resolved at the circuit level. They can also decline to do anything, remanding the case back to the lower court.

    If the administrative panel decides to accept the case, they will either grant a stay pending the outcome or leave the case in the same stance as the district court put it. They will then place the case on the schedule for a merits panel to hear the case.

    Once the case is docketed for a merits panel, the parties start submitting briefs plus copies of everything filed in the lower court. Amicus briefings will also be filed.

    Depending on the urgency the administrative panel placed on resolving the case, the case could be heard in a few months or much later. This is determined by putting the case on the fast track or the normal track.

    Once it is in a track, a merits panel will be assigned to the case. They will set a schedule. This will state when they want briefings filed, responses filed, responses to responses filed, and when they want to hear arguments. If one of the parties wants, they can request extensions to the deadlines.

    After the panel hears the arguments, they will deliberate. When they have come to an agreement, one of the judges on the winning side will write the court’s opinion. The other judge will write their dissenting opinion. This can take multiple months.

    The Fourth Circuit had a situation where they heard the case and the two judges had written the opinion of the court, but the third judge was not willing to provide the dissenting opinion. Per custom, the final opinion was not issued until the dissenting opinion was ready.

    This lasted so long that even the Ninth Circuit had heard a 2A case and given their opinion. As had the Seventh, Second, and First circuits had as well.

    Once they were ready to release the opinion, the Fourth Circuit pulled the case from the merits panel and re-heard the case en banc.

    So the case is now a year from when it was first filed.

    After the en banc panel has issued their opinion, the loser can seek certiorari from the Supreme Court. They will not grant it because the case is too young. The case has been going for a year or more at this point, but it is still at the very first stage of the case.

    Back at the district court level, the judge could put everything on hold pending the outcome of the appeal process. Or they might move forward with the case.

    The next step in a court case is the request for a preliminary injunction. The TRO is designed to stop something while the court has time to evaluate the request for a preliminary injunction.

    The purpose of a preliminary injunction is to put something on hold until the court has reached its final judgement.

    The case has now spent many, many months in appeals, it is now back in the district court. The court issues its order regarding the preliminary injunction.

    And the entire process starts all over again. The losers can appeal, the case then wallows in the quagmire that is the appeals process before the case starts its way through the district court again.

    At the point where the case starts to move forward, the state is going to argue that the plaintiffs do not have standing, that the case should be dismissed for reasons. Depending on the state of the law that is being defended, the state might be attempting to delay the case or to move it more rapidly.

    A strange thing happens when a law is enjoined, the state moves rapidly and the courts move rapidly to reach a stay or to have the injunction overturned. The same state, with the same players, can’t move at faster than a sloths’ pace when their law is there infringing on The People.

    There are multiple paths forward for the court and parties. One is summary judgement. In a summary judgement, the court is asked to decide based on the base filings. This should be how most Second Amendment cases are decided.

    Judge, the state is infringing on my right to bear arms. The court: State! Stop infringing! Done.

    Both parties can request a summary judgement.

    Another path forward is for the case to go to trial. In Second Amendment cases, these are most often bench trials. A bench trial is when the judge acts in place of a jury to make determinations of facts.

    Most of the cases we are following are having full trials. The parties involved know that they are developing a facts base to support their appeal.

    The bottom line is that these cases take a long time and far too much money.

    That is why this case is an outstanding win for us.

    They Gave Up!

    That’s right. The case was kicked to a magistrate judge for mediation. On September 30th, the Mediator reported that the parties had reached an agreement and the case was settled.

    Accordingly, the Parties stipulate that the Court shall grant and issue a Permanent Injunction, ⁣ pursuant to Plaintiffs’ challenge in this above-captioned action to the Firearms Ban under the Second Amendment as incorporated to the States through the Due Process Clause, enjoining Defendants, and their respective employees, agents, representatives, service providers and/or contractors, from enforcing the Firearms Ban or other bans on firearms against the Plaintiffs and other CHA tenants who are otherwise qualified to own, possess, transport, and use firearms under federal, state, and local law.
    No. 90 Hunter v. Cortland Housing Authority, No. 5:23-cv-01540 (N.D.N.Y.)

    This is a full win. There are still some restrictions on displaying firearms. It is still forbidden for guests to have firearms on CHA property. But this is a win.

            

  • I watched the devastation of Helene as it tore through the Carolinas region. Entire towns are gone, and when I say gone, I mean they no longer exist. They are buried beneath rubble and mud in a level of destruction not seen (IMO) since the Galveston hurricane of 1900. I have heard reports of over 300 dead, and I think that’s ridiculously low. I know that the “official” number is currently 95 (as of this writing, 10/15/24), per NCDHHS. That number is just offensive. People on the ground are stating bluntly that they’ve seen piles of bodies.

    Milton, too, was a force to be reckoned with, especially right after Helene. It spared the Carolinas, but hit Florida, and did so hard. I’ve heard of 17 deaths so far, and it’s well reported. There are news people in Florida, walking through the very wet, sometimes partially submerged neighborhoods. A number of houses are demolished, thanks to the tornadoes spawned during Milton’s arrival.

    These two disasters are NOT the same. Please know, I’m not meaning to disparage any of the people involved in either hurricane. To anyone who has helped, in any way, you deserve kudos, love, support, and praise. But the response is just not the same, and the disasters are of entirely different levels.

    Just as an example, “FEMA has approved more than $96 million in housing and other types of assistance for over 75,000 households.” (FEMA) and “FEMA has approved more than $177.6 million for over 56,900 households.” That means in NC, each of the households has gotten about $1280. In Florida, each household has gotten about $3093.

    What?

    And that’s just the reported stuff, right from FEMA’s website, which is probably quite biased. Florida, which wasn’t hit even remotely as hard, which hasn’t been rocked by watching loved ones swept away by violent mudslides they had NO warning of, have gotten more than twice what the folks in NC have gotten.

    And people wonder why the folks in NC are “hunting FEMA” right now?

    (more…)

            

  • The Heller opinion clearly stated that the right to keep and bear arms was an individual right. That was the holding.

    To get to that decision, the Supreme Court did their standard analysis. First, is the plain text of the Constitution implicated by the proposed conduct? Second, what is this nation’s historical tradition of regulation in this area?

    Can I call a politician stupid? The congress might create a bill that makes it illegal to make ad hominem attacks on politicians. The president could sign that bill into law. I could then be arrested for violating that law.

    That doesn’t mean that the law is constitutional. Regardless of what the congress might have said while contemplating the bill, claiming that “hate speech isn’t free speech”. The law must be evaluated in light of those two questions, is the plain text implicated and what is the history of regulation regarding speech.

    Looking at the constitution, before the Bill of Rights, there is nothing in the enumerated powers granted to the State that authorizes them to limit speech. Thus, the law is unconstitutional. The state would argue that “promote the general welfare” authorizes them to make the law.

    We can go a step further, we can look at the amendments.

    Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.
    No. 90 Hunter v. Cortland Housing Authority, No. 5:23-cv-01540 (N.D.N.Y.)

    Here we have a more clearly defined restriction on the authority of the state, Congress shall make no law … abridging the freedom of speech, or of the press. The conduct at hand, making speech, implicates the plain text of the First Amendment. It then becomes the state’s burden to prove a historical tradition of regulating speech.

    The state cannot find historical regulations restricting speech because it is mean; therefore, the law is unconstitutional.

    The Supreme Court used the same methodology when deciding Heller. They first looked to see if the plain text was implicated. That required them to analyze the language of the Second Amendment.

    Knowing the games that the circuit courts had been playing, they defined almost all the words. They used dictionaries from the time. They used dictionaries from multiple sources. Plus, they compared the words as used at the time.

    This was part of dicta. Some inferior courts understand dicta and follow the guidance of the Supreme Court. Others do their best to twist the words. Often the inferior courts are more interested in what the Supreme Court didn’t say than in what they did say. Frequently, the inferior courts will say something like, “The Supreme Court didn’t say that 2+2=4, they said that 2+3=5. Since they didn’t tell us what 2+2 equals, we will just have to do our best.” Then proceed to hide a divide by zero to get an answer that says that 2+2=3.1415, getting pi in the face later when their opinion is vacated.

    After establishing that the plain text covered the proposed conduct, the Supreme Court moves to the next stage, looking at this nation’s historical tradition of firearms regulation. In that historical analysis, they found that there were no laws that were analogous to a weapon ban, unless the weapon was both dangerous and unusual.

    The Case at Hand

    Barnett v. Raoul is a challenge to the PICA passed in Illinois. The People originally sought a preliminary injunction. They got it from Judge McGlynn. The state then appealed to the Seventh Circuit court. There, the administrative panel consolidated the case with other challenges to PICA. They stayed the preliminary injunction, allowing the law to stay in effect. They denied the requests for a preliminary injunction from the other parties and put the case to the merits panel.

    This was not unexpected. The Admin panel had both Judge Easterbrook and Judge Woods on it. Both are statist and have often ruled against The People. Judge Easterbrook is most famous for having been overturned in McDonald v. Chicago.

    Amazingly, the Merits panel had the same three judge panel as the original administrative panel. The circuit court heard the case quickly. They were under scrutiny by the Supreme Court.

    The Supreme Court had denied cert in a different case, with Justice Thomas writing that if the case was delayed for the plaintiffs (good guys) to petition for rite of cert. again.

    Having heard the case, the merits panel sat on their opinion. The Second and Fourth were sitting on their opinions as well. Most of the Second Amendment cases were locked in, waiting for the Circuit Courts to issue an opinion.

    The Seventh Circuit was the first to issue their opinion. First, they found that they were not guilty of the two-step shuffle. That they had always been faithfully applying text and history. Because they were using text and history before Bruen, their earlier work was still good case law.

    That case law found that the plaintiffs had not proved that “assault weapons” were arms under the plain text of the Second Amendment.

    They remanded the cases back to continue the process.

    Judge McGlynn did not allow any delay tactics. His case was argued on September 16th, 17th, 18th and 19th of 2024.

    It is now time for the Court to analyze the briefings and testimony to determine the facts of the case and to reach conclusions of law.

    Both parties will submit their proposed findings of fact and conclusions of law. This is what they want the court to find/agree with.

    On October 21st, the state of Illinois submitted their brief. There are 3585 pages, 58 exhibits, 2 attachments and an appendix.

    Some facts are just that facts. They are easy to verify and check the veracity of. Others are opinions stated as facts.

    The state says that PICA was enacted after July 4th. This is true and a fact. They identify that particular July 4th as the 4th of July when an asshole shot and killed 7 people.

    It is not relevant to the Constitution that the shooting took place. Nor that the bill was enacted before or after that date. But it is a fact.

    The state also wants the court to agree that the shooter used an AR-15 rifle and a 30 round magazine to kill 7 and would 48 people that July. Again, a fact but not relevant. The state then repeats that PICA was enacted after July 4th.

    A more important date was the date when Bruen issued.

    Here is an example of an opinion, dressed up like a fact.

    A. The rifles the Act defines as assault weapons are semiautomatic versions of firearms specifically designed for and employed by the military.

    Is the AR-15 a semiautomatic version of a firearm specifically designed for the military? Yes and no.

    The AR-10 was a select fire weapon that Armalite designed for military sales. The AR-15 was a redesign, also for the military, using the lighter 5.56×45 cartridge. The original AR-15 was field tested in Vietnam, as the AR-15. The design was adopted and standardized as the M-16.

    A new product was developed by Colt for the civilian market. It used the same name, AR-15. The differences were to make it capable of semi-automatic fire only. The simplest modification was the removal of the select fire control group and not drilling the hole for the auto-sear.

    The early AR-15 SP1s out of Colt were M-16s without an auto-sear and with the hole for the auto-sear missing.

    What is the state’s goal?

    The state wants the district court to find that the weapons and magazines banned by PICA are not arms, as defined by the Seventh Circuit court.

    To accomplish this, they need to have the court find that AR-15s and the ilk are really modifications of the M-16/M-4 platform.

    The real trick in this that it is the plaintiff’s burden to prove that something is an arm protected by the plain text. The state does not carry that burden.

    This is the difference between presumed innocent and presumed guilty.

    Regardless of anything that happens in Judge McGlynn’s court, PICA will stay in effect for the foreseeable future.

    It is likely that Judge McGlynn will issue his opinion with a short administrative stay to allow the state to appeal.

    The Seventh Circuit administrative panel will issue a stay pending the merit panel issuing their opinion.

    If the merit panel finds for the plaintiffs, the state will seek a rehearing en bloc. This will take time.

    If the merit panel finds for the state, I hope the plaintiffs file a petition for certiorari with the Supreme Court.

    It is likely that the Seventh Circuit will actually hold the case until the Snope case is decided by the Supreme Court.

    Regardless, cases are starting to move again.