How We Encrypt Data In MySQL With Go

A SaaS product needs to use security measures you might not ordinarily use in an on-premises solution. In particular, it’s important that all sensitive data be secured. Encryption plays an important role in information security. At VividCortex, we encrypt data in-flight and at-rest, so your sensitive data is never exposed.

We use Go and MySQL extensively at VividCortex and thought other Go programmers might be interested to see how we’ve integrated encryption into our services layer (APIs). (And if you’d like to learn more about programming with Go in general, please take a look at our free ebook The Ultimate Guide to Building Database-Driven Apps with Go.)

encryption.jpg
Image Source

Encryption Techniques

At a high level, you can think of two kinds of data encryption inside of MySQL or any similar data store. I’ll oversimplify for purposes of illustration. You can:

  1. Store the data in MySQL as normal, but encrypt the container that holds MySQL. Usually this means storing MySQL’s data on an encrypted disk volume. The protection? Broadly speaking, if someone gains access to a backup disk, they can’t see your data.
  2. Encrypt the data before sending it to MySQL. In this case the security boundary is pushed out further: even if someone gets access to the server, and can run SQL commands, they can’t see your data.

Each of these has advantages and disadvantages. These include ease of use, programmer overhead, ability to inspect (e.g. recovering from backups), searchability and indexability, and so on. There are a lot of things to consider here. Just a few:

  • Will data be exposed if backups are unencrypted? (Our backups are encrypted, by the way.)
  • Are sensitive values possibly in cleartext in query logs?
  • Will sensitive values be visible in status commands like SHOW FULL PROCESSLIST?

At VividCortex we err on the side of safety and security, rather than favoring convenience. There’s a fairly simple question that does a pretty good job of illustrating our goal: if someone succeeds in a SQL injection attack against our databases, will they see any sensitive data in cleartext? The answer needs to be “no.” This is a higher standard than on-disk encryption. It means that someone has to get access to the keys for the particular data they’re trying to decrypt, in order to see anything other than garbage. And those keys are not present or accessible on the database servers in any form, not even in-memory.

Making It Convenient

Convenience is important. If it’s too hard to do encryption, there’s an increased risk that it won’t be done. Fortunately, Go’s elegant interfaces for the database/sql package make the burden transparent to the programmer!

We learned how to do this from Jason Moiron’s excellent blog post on the Valuer and Scanner interfaces. Please read that if you haven’t yet.

To implement transparent encryption and decryption, we created a custom data type that implements the Valuer and Scanner interfaces. The implementation is straightforward and quite similar to Jason’s example of compressing and decompressing, except that we used encryption libraries instead.

Now our code is incredibly simple to use with encrypted values. All we do is define a variable of our custom type. For example, instead of

var password string
err = rows.Scan(&password)

We simply use

var password EncryptedValue
err = rows.Scan(&password)

It’s similarly simple to insert values encrypted into the database. Magic! This is why I often say that Go’s design, although it seems minimalistic at first, is actually very advanced and powerful.

Nuts And Bolts

The code is small. The exact details of all the code are not all that important for this blog post; much of it is about things that are out of scope here. The gist of it, though, is that we store values as byte arrays:

  • The first byte is an indicator of the version of our encryption algorithm used, so there’s a clear migration path for changes.
  • The next four bytes indicate which key we used to encrypt this value, so we have 4 billion possible keys.
  • The rest is the encrypted payload.

We can even change this in the future. For example, we can switch on the first byte’s value, if we want, to determine whether the key ID is in the next 4 bytes, or if it’s something more, such as the next 8 bytes. So we can easily expand the number of keys we can indicate. We can also, if we ever hit version 255, use that to indicate that the version number continues in the next byte. This is a standard trick used, among other places, by the MySQL wire protocol.

The result is that we have a simple and future-proof way to encrypt values.

Alternative Approaches

In addition to the approaches we’ve mentioned, there are several others. There are commercial projects designed to help ease the encryption and decryption techniques you might otherwise wrap around MySQL and perhaps fumble in some ways. There are encryption functions inside of MySQL—but educate yourself about those before using them. There are others, too, but you should be able to find all you need with a search.

Conclusions

By using Go’s built-in interfaces, we created a solution for transparently encrypting values in our database so that it’s never in the database in cleartext, either on-disk or in-memory. The code is easy for programmers to use, which improves our security posture automatically. All sensitive data gets encrypted in-flight and at-rest, and an attacker would have to have extensive access to our systems (an SQL injection wouldn’t suffice) to be able to decrypt the data.

We highly recommend that you use the standard Go interfaces for the power they give you. And please, ask your SaaS providers, including us, hard questions about security and how it’s implemented. Every service needs to be secure to make the Internet a safer place.

If you liked this and want to learn more about Go, you might also like our webinar about developing database-driven apps with Go and MySQL. Click below to watch a recording.

Watch the Webinar

Post Updated 7/31/2017


via Planet MySQL
How We Encrypt Data In MySQL With Go

Here’s What Everyone Says About How The Tesla Model 3 Drives

Now that the Tesla Model 3 is finally here in production form with the earliest deliveries going out last night, it’s time for the wave of driving impressions. Here’s what people are saying about how the Model 3 looks, feels and performs in the real world.

Article preview thumbnail

Tesla rolled out the all-electric Model 3 sedan late Friday, trying to do whatever it could to…

Read more

On paper, the Tesla Model 3 has a claimed 0-60 time of 5.6 seconds with the standard 220 mile range battery trim and a 130 mph top speed, or 0-60 in 5.1 seconds with the longer range 310 mile battery that tops out at 140 mph. Its platform is similar to that of the Model S and Model X, with a low center of gravity thanks to the low-slung, sled-like battery positioning.

It’s obviously the smallest car in Tesla’s current lineup, but still offers seating for five, enough storage up front for a carry-on bag, and a revised trunk opening from the concept model shown off last year. So what is like to drive the Model 3?

You can check out a brief video drive over on MotorTrend, who described the ride as sporty, with almost no body roll, decent steering feedback and sharp handling. From MotorTrend’s write-up:

The Model 3 is so unexpected scalpel-like, I’m sputtering for adjectives. The steering ratio is quick, the effort is light (for me), but there’s enough light tremble against your fingers to hear the cornering negotiations between Stunt Road and these 235/40R19 tires (Continental ProContact RX m+s’s). And to mention body roll is to have already said too much about it. Sure, that battery is low, way down under the floor. But unlike the aluminum Model S, the Tesla Model 3 is composed of steel, too, and this car’s glass ceiling can’t be helping the center of gravity’s height. Nearly-nil body roll? Magic, I’m telling you. Magic. And this is the single-motor, rear-wheel-drive starting point. The already boggled mind boggles further at the mention of Dual Motor and Ludicrous.

Electrek’s first impressions detail the interior, revealing that the Autopilot activation is now clearly labeled on the stalk on the right of the steering wheel with the other drive options. Also notable is mention that the regenerative braking on the Model 3 feels substantially weaker in the driving dynamics than on the Model S and Model X.

Electrek also noted that they weren’t too comfortable looking at the center screen for driving information, and that it would take time to get used to, from the write-up:

The left side [of the screen] is definitely more animated when in drive. The renders of the Model 3 and surrounding vehicles appear on the screen like they do on the instrument cluster of current Model S and Model X vehicles with Autopilot.

The area which shows charging information above changes when the car is in drive to display gears and speed of the car. There’s also a very small animation of the power consumption.

I wasn’t comfortable with looking at it too much while driving, but I have to assume that drivers could get used to it after an extended period.

For those curious about the build quality on the new Model 3, USA Today reported that the fit and finish was good, but of course this is a demonstration model that was probably carefully screened before issued for test drives. From USA Today:

The fit and finish of this Model 3, which was among a few dozen handed over to employees at a ceremony Friday led by CEO Elon Musk, was tight. Panel gaps were perfect. Doors open and closed with a solid thunk. Now, Musk just needs to, as promised, make 499,999 more a year to the same standards.

So where are the compromises? If the Model S and X scream high-tech science experiment, Model 3 whispers it.

As for interior volume, the best word came from Tim Stevens over at Roadshow, who said there isn’t much concern over fitting whatever you might need in the Model 3:

I’m six feet tall, yet with my short legs I sit tall and often struggle to get comfortable in the rear seats of even full-size cars. I had no problem in the Model 3. Instead of a traditional roof liner, there’s nothing but glass over your head in the back. While I do wonder what this’ll mean on a hot, sunny day, it does make for some very lofty seating.

And then there’s the trunk. Here I was concerned because the rear glass does not swivel upward, this is a sedan not a hatchback, and from looking at the earlier concepts it sure seemed like you’d be left with a narrow opening back there. But, the trunk, though shallow, opens up high and gets well out of the way. There’s actually a very large trunk opening and a plenty-deep trunk.

Two bags of golf clubs should be no problem. I bet you could even manage four.

Other than that, Top Gear had the only initial impression that mentioned an actual demonstration of Autopilot while in the Model 3, and the experience sounds on par with what we’ve come to expect with the semi-autonomous system in Tesla’s other cars.

All of these initial impressions were in the Long Range trim Model 3, which is priced higher at $44,000, and many of the test cars were apparently owned by Tesla staff and had been option well beyond that price point.

Overall, things look good for Tesla’s revolutionary new electric car, but of course nothing compares to long-term testing and the revelations of actual ownership. Still, this is a strong start, and if Tesla can deliver a sporty, reliable driving experience with a tight finish to all of its claimed half-million deposit holders, the Model 3 just might live up to its hype.

via Gizmodo
Here’s What Everyone Says About How The Tesla Model 3 Drives

Saturday Random Musings: Why the Left Would Win the Next Civil War

It’s a slow Saturday, so I figured I’d share some “shower thoughts” with you on a topic I’ve been pondering lately. The topic is pretty controversial and highly unpleasant, and this is mainly just me thinking out loud. But if it gets you thinking as well, then it was worth sharing.

I’ve been around pro-2A circles all my life, and whenever men meet and talk guns, there’s always a really large thing hanging in the air between them, and 99% of the time that thing goes unstated. But if it were to be stated, it might go something like this: “We may be talking ‘self defense’ or ‘home defense,’ but we all know the real reason we have these is ‘just in case.’”

And by “just in case,” I’m talking a Paul Revere, Minutemen-type situation. We take it as a given that we — our tribe, the people who are pro-gun and pro-liberty — will prevail in any armed confrontation, because after all, we’re the ones with the guns.

But what if we’re wrong? What if guns aren’t even close to being enough? What if the right tries to rise up for free speech and liberty, guns blazin’, and gets smacked right back down?

Yeah, I know — but don’t close this browser tab just yet!

Before you dismiss me and my musings, consider this question that’ll tell you all you need to know about where I’m really headed with this:

If you turned on the news tomorrow and realized that, holy crap, it really is time to grab your musket, can you name three people in your life right now who fit the following description: 1) you’ve talked to them recently about what the “red line” is, and you know that they’ll 100% agree with you that it has been crossed, and 2) you’ve trained with them in some sort of tactical-ish scenario (anything from 3-gun to paintball counts for our purposes), so you have some sort of reasonable expectation that you can depend on them to have your back in a gunfight?

I’m not really interested in seeing your answer in the comments below, because I’ve been around the block and know exactly how internet operators, keyboard commandos, and mall ninjas love to answer such questions on gun forums. No, those questions are for you to think hard about in your own mind, and to answer honestly for yourself.

You may be one of the few who can truly answer “yes” to the above; if you are, you have a good sense of how rare that is in pro-gun gun circles, and how totally unprepared the “just in case” crowd really is to form up into anything that looks even sort of like a unit, much less to operate their firearms under even moderate pressure outside of a controlled environment.

The beauty of the gun-owning civil liberties crowd is that it prizes the individual’s liberty and capabilities over all else, and the weakness of that same crowd is its emphasis on rugged individualism which discounts the power of institutions, organization, communication, and well-maintained networks.

It’s like this: Right-wingers are lone wolves, but left-wingers are pack animals. Anyone who’s watched a nature show knows that a lone wolf can pick off a few straggling members of a pack, but when the pack turns on that lone predator it’s all over with.

The Power of Activism and Organizing

I don’t really know who David Hines is, but he has recently produced a good series of tweets and an article about how and why the right will lose a domestic armed conflict. Here’s the gist of his argument, from the article:

The organizational capacity required to build a new world is the same organizational capacity have Lefties [sic] built to pressure government. So who’s in a better position to shape the big moment when it comes? Hell, if tomorrow civilization goes completely Mad Max: who’s got existing local networks of people who they’re used to turning out and doing stuff with on a regular basis? Answer to both questions: not the Right.

Passivists say activism accomplishes nothing. What it actually accomplishes is practice. Practice for networking, practice for turnout, practice for speed, practice working as a team. Anybody who’s ever tried to get five people together for dinner knows it’s a pain, but look at the airport protests after the travel ban, and see how many people the hard Left can turn out on next to no notice. Say the balloon were to suddenly go up: forget having a detailed and specific plan; in that first five minutes, do you — not some veterans’ network you’re hoping will salvage things, not some imaginary Great Man; *specifically you* — even know who you’re going to call?

The Lefties do. And that’s why righties who say the Right has nothing to learn from the Left are wrong. That’s because righties don’t read lefty books. I read lefty books and organizational manuals, and I can tell you: they’re smart.

In both the tweetstorm and the article, Hines goes on to describe how the organized (and newly energized and radicalized) left has spent its time in the trenches building networks that can be mobilized at a moment’s notice for marches and protests.

Cast your mind back to the distant past of six months ago, with the Trump inauguration protests. They were massive and historic, and not only were the numbers that turned out far in excess of what anyone can imagine the right pulling off, but the “pink pussy hat” protests had the full and open backing of our most powerful societal institutions: the media, tech giants, and the three-letter agencies that make up the Deep State.

I’m sure you’re thinking these protests accomplished nothing, but you’re wrong. As Hines points out, what they accomplished was the construction of a vibrant, energized left-wing network that’s still growing and operating and organizing and which knows it has the blessing of every large, mainstream institution in American society for what it’s doing.

None of those marchers may have held a gun before, but ask yourself this: who would you put your money on in an armed conflict, the group with guns but no organization, or the group with no guns but plenty of organization?

I know I’d pick the latter, because getting a large group together and organizing it for real-world action is massively harder than just acquiring a gun and learning how to do a bare minimum of soldiering with it. With some organization and logistics and institutional support, you can pretty quickly train up a group of grunts, equip them, and point them all in the same direction.

So the left is starting with an organized group of activists who know each other and have worked together in the streets, and all that remains is for them to equip and train them. The right, by contrast, is starting with a collection of strangers who happen to have some guns but who’ve never once taken to the streets in a group to try to change the world.

And when it kicks off, who will the establishment line up behind? Which side will find sympathy and support and cover for their activities (free legal advice and medical care and publicity for crowdfunding campaigns)? It sure as heck won’t be those who are maligned as Russian stooges and “literal Nazis” and fascists.

As Hines points out, the last time the Left resorted to organized violence, it had the explicit support of prominent institutions like the American Lawyers Association. The folks who bombed and shot and killed for the Left in the 60’s and 70’s later went on to garner accolades and professorships and, more recently, free Hamilton tickets.

The Real Problem with “Just in Case”

All of this brings me to the main shortcoming of the “just in case” mentality that pervades the 2A community, and is prevalent even (or especially) among those who actively train with firearms and actually maintain a network of like-minded folks who will have their back when it’s “go time”: a backup plan is great as far as it goes, but a positive, forward-looking action plan is even better.

If you look at the armed leftist groups that have arisen recently, like Antifa and the self-styled Redneck Revolt (i.e. Antifa with a spray-on farmer tan), you’ll notice a crucial difference between how they approach gun ownership and how the NRA crowd has traditionally approached it. Redneck Revolt in particular is not tooling up “just in case” — they’re tooling up because they full well plan on doing something physical, and they’re open about it.

In some ways, this is the difference in outlook between the conservative and the liberal. The conservative is always glancing back at the original American Revolution for spiritual inspiration while hoping he won’t see the day when we as a nation must revisit that bloody past, while the left looks ever-forward to the coming socialist revolution that hasn’t yet happened but for which they actively hope and work.

My ultimate point is that the real problem with “just in case” is deep and fundamental, in that it sets the right up for failure on a structural level. The “just in case” crowd has a backup plan they truly hope they won’t have to employ, while the armed left has an action plan for which they regularly train in anticipation of the opportunity to execute.

Conclusion: Forget about the Violence

I want to wrap this up with an exhortation to all sides, right and left, to swear off violence because really, neither side “wins” if it gets ugly. I’m certainly not advocating for civil libertarians and self-identified right-wingers to organize along the lines of Antifa so they can actively plan for a domestic conflict. Indeed, history and studies bear out that violent groups like Antifa do far more damage to their cause than good.

The majority of the country is sensible enough to understand that Americans assaulting other Americans over ideology is really bad, and they want none of it. We’re becoming ever-more-polarized by the day, but let’s hope this anti-violence attitude continues to hold, broadly.

No, I mostly just present the above as food for thought for anyone who thinks they bought a gun “just in case things get ugly,” and that they are therefore somehow “prepared” or that they have done something for some cause. They aren’t and they haven’t.

Really doing something involves a lot more than just buying some stuff and learning to operate it. And once you actually step outside and connect with other people in real life to begin working toward a common goal, you’ll realize that political organizing is a lot more rewarding and effective than silently prepping for war.

I may change my mind about any or all of the above, tomorrow. But for now, this is just my two cents, on a slow Saturday.

The post Saturday Random Musings: Why the Left Would Win the Next Civil War appeared first on AllOutdoor.com.

via All Outdoor
Saturday Random Musings: Why the Left Would Win the Next Civil War

Badass Woman Escapes Kidnappers Using A Manual Transmission And Nerves Of Steel

A college student in Columbia, South Carolina was kidnapped by three men at gunpoint. Fearing the worst, she used some Jason Bourne level problem solving and her manual transmission car to get away safely.

According to The State, 20-year-old Jordan Dinsmore found herself in one of the worst situations possible when three men approached her, pushed her to the ground and put a gun to her head. The publication reports that they forced her to drive her car and withdraw money from an ATM and then told her that she was going to be taken to a location to be raped.

Advertisement

But Dinsmore had one advantage, The Slate reports—when the men first put her into the car they couldn’t drive it because it had a manual transmission, so they made her take the driver’s seat. That is when she concocted a plan to escape. After she withdrew $300 out of the ATM, she got back into the car and left her seatbelt off, she hoped her kidnappers didn’t notice the seatbelt alarm chiming.

One of the men instructed her to drive to his relatives’ house so one of his friends could have sex with her. From The State:

“I was thinking somehow I have to get out of this,” Dinsmore said. “Can I crash the car? No, because it might knock me out and not them. Can I pull over or something? I have to get away from them.”

The Slate reports that she purposefully missed the turn and rolled her car into the intersection, threw her car in neutral, then she opened the door and jumped out, while the vehicle was moving at 35 mph.

Advertisement

Advertisement

Once she landed she screamed for help, a woman came to her and called 911. Dinsmore suffered only minor scrapes and bruises from her escape and her 2009 Scion even managed to be in pretty decent shape after the attackers crashed it, The Slate reports.

Dinsmore is a criminal justice major who hopes to someday be in the FBI knew that in these situations you have to do whatever you can to get away. From The State:

“If they get you out of the public eye, they’re going to do something worse to you and shoot you anyway,” Dinsmore recalled her mother saying.

Even though she managed to escape she still has trouble sleeping, but is thankful her attackers didn’t know how to drive a manual transmission car.

Advertisement

“I’m going to be driving a manual for the rest of my life,” The State quoted her as saying.

via Gizmodo
Badass Woman Escapes Kidnappers Using A Manual Transmission And Nerves Of Steel

Ever wondered why US Special Forces love the Chevy Suburban so much?

Chevrolet


reader comments
5

The United States Special Forces are perhaps the best tactical fighting force the world has ever seen. Whether it’s hostage rescue, covert operations, or a Bin Laden-esque kill-or-capture mission, the Tier 1 Operators of the US military are the ones to beat.  As any Boy Scout can tell you, being prepared is the key to success. For these operators, it’s about having the best training, the best intelligence, and the best equipment—whether it’s $40,000 night vision goggles that turn day into night or $60,000 blacked-out SUVs.

That last bit is why Chevrolet invited a small group of journalists to Fayetteville, North Carolina, home of Fort Bragg and the Joint Special Operations Command that oversees the Army’s Delta Force and several other elite units. The carmaker’s PR machine wanted to show how some former operators—the preferred term for members of the most elite special forces units in the US—use the Chevy Tahoe and Suburban SUVs in environments a bit more challenging than your typical Whole Foods grocery run.

Our destination was The Range Complex, a shooting range and training facility just outside Ft. Bragg that’s owned and operated by former Delta Force members. It’s a firearm enthusiast’s dream on 1,982 acres (8km2), complete with tactical pistol and rifle ranges out to 100 yards (91m), a 600-yard (549m) long-distance rifle range, a 50-yard (46m) competition training range, and a pair of live-fire shoot houses complete with multiple rooms and an overhead catwalk for instructors to supervise activities.

We drove from Raleigh to Fayetteville in Tahoes featuring Chevy’s new “Z71 Midnight Edition” package that gives the SUV a more sinister look, complete with black painted wheels, black Chevy-logo bowties, a black mesh grille, and black roof rack cross rails. It’s a good look for the truck and Chevy says its Midnight Edition trucks spend significantly less time on dealer lots than standard Tahoes or Suburbans.

Both of Chevy’s full-size SUVs are very popular with both military and civilian law enforcement agencies. That’s thanks partially to tradition (the Suburban has been around in one form or another since the 1930’s and is the longest running vehicle nameplate in the US) and partly to the features of the car itself.

They’re roomy, with space for burly soldiers carrying body armor, rifles, ammo, and the rest of their gear. These vehicles are also reliable and easy to work on, thanks in large part to GM’s worldwide parts supplier network. Plus, the SUVs prove quite durable—the Range Complex founder James Reese, a former Delta Force commander, told us a war story from the early days of the Iraq war when he and his commander came under fire on the infamous Route Irish in Baghdad while driving a standard Tahoe purchased off a dealer lot in Kuwait. The vehicle sustained more than 50 bullet holes, including five through the engine block, but it kept running long enough to get both occupants back to safety with non-life-threatening gunshot wounds.

“It looked like it came out of a movie,” Reese said. “That car and our training saved our lives.”

Not your average automotive press event

Of course, action is more interesting than words. With journalists (wearing kevlar vests) watching from above, five Range Complex instructors (all former Deltas) and a canine companion jumped out of a Tahoe and breached the shoot house. First the dog went in and took down a real person wearing a cushioned training suit (though the dog certainly went after him with gusto), then the four-man team continued to clear the rest of the building, quickly eliminating paper targets with precision. Sure, the Tahoe didn’t have to do much aside from pulling up to the building, but it put on a good show, complete with a Hollywood-esque sideways slide.

It’s fair to say that most Tahoe and Suburban buyers won’t likely be shot at or need to kick down a door to rescue a hostage — but Chevrolet gets priceless marketing every time the armada of Secret Service Suburbans passes in a Presidential motorcade or when tooled-up Tahoes show up in action movies. Even SHIELD director Nick Fury has a highly modified, self-driving version!

Chevrolet

Chevy says 79 percent of Tahoe and Suburban owners plan to buy another when it’s time for a new vehicle, placing this model near the top of the highest owner loyalty ranks within the industry. Sure, they don’t make any sense on the tiny streets of Europe or in big cities like New York or Boston—but out here, in the North Carolina countryside, they’re just about perfect.

via Ars Technica
Ever wondered why US Special Forces love the Chevy Suburban so much?

Walmart Sells Concealed Carry Clothing

WalMart is now selling a jacket specifically designed for concealed carry. While clothing designed for concealed carry has been available commercially for decades, WalMart’s move into the CCW clothing market indicates the ongoing “mainstreaming” of American gun ownership.

From WalMart.com:

Rothco’s Lightweight Concealed Carry Jacket has 2 inner pockets for concealed carry, one on each side, as well as 2 inner mag pockets on each side for ammo. The mirroring pockets on both the left and right, give the jacket a unique ambidextrous feature.

The jacket is a product of Rothco. It comes in Coyote Brown and black and sells for for $60 to $78. I haven’t examined onn, but its existence in WalMart’s inventory is a powerful statement about the normalization of the exercise of Second Amendment rights.

There are 200 million registered voters in the United States. The nation’s 16.2 million carry permit holders represent eight percent of all voters. Virtually all permit holders are eligible to vote, and virtually all of them are registered.

If we remove California’s 19.4 million registered voters (only 92,000 permits in the state) and New York’s 12.5 million (88,000 permits there), that means there are 16 million permit holders for 168 million registered voters in the rest of the country.

Outside of highly restrictive California and New York, permit holders account for 9.5 percent of registered voters. That’s a powerful and committed voting block.

President Trump appealed directly to these voters with his call to “end gun free zones on day one” and create national reciprocity. Meanwhile, it’s increasingly clear that permit holders are a force to be reckoned with in the economy, as well as the voting booth.

©2017 by Dean Weingarten: Permission to share is granted when this notice and link are included.

Gun Watch

via The Truth About Guns
Walmart Sells Concealed Carry Clothing

Watch: How To Build An AR-15 Upper

Patrick over at The Firearm Blog put together a video about how to build an AR-15 upper.  The video is well done and takes the tasks of building the upper and breaks it down into very clear steps.

On a personal note, as much as I enjoy putting an AR-15 together, I have never assembled an upper.  Part of the reason is, I do not have the tools.  I do not currently have a work bench or vice.

Three years ago I moved to the farm and have not built a shed, yet.  Once the shed is built, then I will get a vice and get my reloading equipment set back up.  When it comes time to build an upper, this will be the video to watch.

Now for the video.

All of the guys at The Firearm Blog make excellent videos.  For some reason I enjoy Patrick more than the others.  He comes across as a very honest and sincere person.

If I ever build an AR-15 upper, this will be the video I watch while doing it.  Patrick makes the assembly seem so easy that anyone can do it, and that is what people such as myself need.

Well done Patrick, keep up the good work.

The post Watch: How To Build An AR-15 Upper appeared first on AllOutdoor.com.

via All Outdoor
Watch: How To Build An AR-15 Upper

An action-packed new Star Wars animated series is on YouTube now


reader comments
5

The latest Star Wars story is already here, and it’s free on YouTube. It’s a series of shorts called Forces of Destiny, and each one delivers action, humor, and a genuinely heartfelt moment of heroism. The best part about the series, authored by Marvel alum Jennifer Muro, is that it fills in backstory on characters that you always wondered about. And yes, it’s canon.

Forces of Destiny is a 16-episode series, and the first eight were released this month. Eight more will come in October. The series is episodic, jumping around in time from Episodes 1 through 7 of the films. We see a lot of Rey (Daisy Ridley) and BB-8, though we also stop in to see Ahsoka (Ashley Eckstein) kicking butt, Leia doing spycraft, and Jyn Erso (Felicity Jones) being her usual chaotic good rogue. All the actors from the movies and TV series voice their characters, except Leia (RIP Carrie Fisher), who is voiced by Shelby Young.

Though each episode is only two to three minutes long, Muro deftly uses that short time to give us full character beats in the midst of the action. Lucasfilm Animation created the look of the show, which is heavily stylized. Think of it as halfway between Clone Wars and a really good Hanna-Barbera cartoon.

We talked to Muro at Comic-con about creating the series, staying in canon, and what it has been like to work on the first Star Wars YouTube story (see video above). Muro said Disney wanted a YouTube series to reach a younger audience, but she wrote it for exactly the same audiences who watch the films. Though the premise was to have a show that focused on the female characters, I never would have noticed that if Muro hadn’t pointed it out. These characters are all important protagonists whose backstories I’ve been curious about.

Case in point: what the heck was Jyn Erso doing before the events of Rogue One? We know she was getting into trouble, but what made her stand out as a person the Rebels could trust? In an episode called “The Stranger,” we find out that she was getting into dustups with Stormtroopers. But she wasn’t doing it to save the world; she just wanted to rescue an alien cat that the Troopers took from a poor street girl who had no other companions. I genuinely got choked up during this episode, because it’s such a sweet look at everyday acts of rebellion and kindness (also, I love cats).

We also get two episodes about Rey protecting BB-8 from bad guys, which helps explain their bond in The Force Awakens. I asked Muro if there was one episode she was excited to do because it filled in a plot hole. She said it was definitely the episode “Ewok Escape,” which explains how Leia got that fancy new dress in the middle of the Ewok village in Return of the Jedi. Hint: it involves fighting Stormtroopers with an Ewok pal.

Each episode begins with a voiceover from Maz Kanata (Lupita Nyong’o), who says:

The choices we make
The actions we take
Moments, both big and small
Shape us into forces of destiny.

It’s a surprisingly deep sentiment for a series of YouTube shorts, and the episodes so far manage to convey that message. This is one of those deceptively light series aimed at kids, like Steven Universe or Adventure Time, which pack a lot of nuance into their candy-colored worlds. Come for the fun three-minute diversion, and you’ll be thinking all day long about how heroism doesn’t always mean following the rules or winning awards. It’s about choosing to help people, in big and small ways, even if nobody ever knows what you’ve done.

VIDEO

Watch Forces of Destiny on YouTube! It’s guaranteed to cheer you up.

Listing image by Disney

via Ars Technica
An action-packed new Star Wars animated series is on YouTube now

Deadpool: Weird Version

Deadpool: Weird Version

Link

(PG-13: Language, Gross) Aldo Jones doctored up footage from the already pretty over-the-top 2016 flick Deadpool, adding a helping heaping of his own inimitable wackiness to the madness on screen. That helicopter head thing seems legit to us. And marrying Negasonic Teenage Warhead too.

via The Awesomer
Deadpool: Weird Version

$15 Magnet Hack Turns Smart Gun Into Regular Gun

Image: Armatix

Just like anything with a lithium-based battery has the potential to explode, just about any tech product that’s considered “smart” is potentially hackable. Which is why one clever hacker was able to break the Armatix iP1, a smart gun that is designed to only be fired by a person wearing a paired smartwatch.

The hacker, known as Plore, recently discovered that he could shoot the gun without wearing the paired watch by placing just $15 worth of strong magnets next to the weapon. He also managed to disable the weapon remotely by jamming radio signals so it couldn’t shoot. Plore built a $20 transmitter to emit the same 900 MHz frequency (also used by baby monitors and cordless phones) that the gun and smart watch use to send signals, overwhelming all communication between the device and weapon.

Still, even a hackable smart gun is more secure than an ordinary gun. It’s hard to believe that the average Joe Sixshooter would discover the hack, find an Armatix iP1, go buy the right type of magnets, then figure out how to execute the exploit when he could just buy a regular gun, which can be found almost anywhere in the US.

Advertisement

Advertisement

Smart guns cost thousands of dollars, but Plore said it only took $50 to perform all his exploits of the weapon. He said that he just wants to bring the issue to the attention of the gun’s manufacturers so they can make more foolproof weapons.

“Future smart guns might use different authorization mechanisms,” Plore told CNN. “But you’d want to make future smart guns robust against interference, intentional or unintentional, even if it doesn’t use radio signals.”

Armatix already caught wind of the hack and told CNN that when the gun was designed, “there was never the demand to avoid the usage by a well prepared attacker or a skilled hacker.”

Advertisement

Armatix’s initial attempts to sell the iP1 in the US were met with death threats and boycotts by gun rights advocates and smart guns continue to be a contentious issue in America. Officially, the NRA isn’t against “failed attempts to develop and market ‘smart guns,’” but it has continuously warned that such systems could lead to “a ban on all guns that do not possess the government-required technology.”

Others believe smart guns can offer a great amount of safety normal guns don’t have. Last year, then-president Barack Obama unveiled a plan to “expedite the development of smart gun technology” in response to gun violence, and back in 2015, San Francisco’s police chief publicly expressed interest in testing the technology.

Advertisement

[CNN]

via Gizmodo
$15 Magnet Hack Turns Smart Gun Into Regular Gun