This woman owed $15,000 in property taxes on her condo. The government took her home and auctioned it off for $40,000 (a fraction of what it was worth). They kept all of the money, and not just what they were owed. She is suing, claiming that the overage was an unconstitutional taking. The case has made it all the way to SCOTUS. The state claims that the woman didn’t lose out because the mortgage and her HOA fees are cancelled under state law.
I agree that the woman is the victim of an unconstitutional taking without compensation. Whether or not her mortgage and HOA fees are still payable is a different issue, and doesn’t change the fact that the state took what was never theirs to take.
The article mentions a Detroit case where a homeowner lost a home due to owed taxes, the state auctioned it off for $1, and the winning bidder subsequently sold the home for over $300,000. The article then mentions that a SCOTUS ruling may force local governments to sell properties for their fair market value, and not simply auction them off for a fraction of what they are worth. I believe that they SHOULD be forced to sell for fair market value. After all, if I sell a home to myself or to an associate, the IRS will certainly force me to pay taxes on the capital gain at fair market value.
County and local governments complain that such a system would cripple local government property tax collection, but that is horse hockey. We don’t (or at least aren’t supposed to) determine the constitutionality of a law by how much money the government will lose on the deal.
When you send your child to a private school, you do so because that school offers a better education than does a public school. One of the ways that they do that is by controlling the environment through different rules than are present in public schools. You agree to those rules when you enroll, and this is especially true of religious based private schools.
Congress wants to pass a law requiring that SCOTUS adopt a code of conduct. I don’t think this is Constitutional. Any rules for SCOTUS would be in Article III of the Constitution, and there is nothing there granting Congress authority over the Supreme Court. If they want to do this, an Amendment would be required.
It will be interesting to see how SCOTUS reacts to this. The left wants badly to bring this court to heel, or even impeach a justice or two.
So the tweet that was the subject of this post was taken down. It was a video of several black children, two of them toddlers still in diapers. They were telling two white police officers that they were “white mother fuckers” and saying things like “fuck you bitch” and “I will fuck you up”
In somewhat related news, I got several emails this morning from blogger. A dozen of my posts were deleted from my old blog over there. (For example, this post) The reason given? They violated an unstated community standard. I haven’t posted over there in two years. It doesn’t matter. Every one of my posts on Blogger moved to this server when the blog moved, because I knew this was coming.
Blacks are being raised to hate whites and to hate police, even from a young age. There is no saving people when they are being raised from cradle to grave to believe that you are the enemy. They believe themselves to be your enemy, and whether or not YOU think they are your enemy doesn’t matter.
They hate you, they hate everything that you stand for, and want to destroy you. Your opinion or feelings on the matter just aren’t their concern.
How many data points do people need? Yeah, I know what you are thinking- “This isn’t what ALL of them believe. These kids are outliers.” Ok. Take some of these facts to heart. According to surveys of US blacks conducted by Pew research:
Colorado is now the most crime ridden state in the US. A former cop complains that the police are leaving the profession because they don’t like all of the monitoring and second guessing that they are being forced to endure.
“Law enforcement in Colorado is facing a historic recruiting, retention, and morale crisis,” Evans said. “Nobody wants to be a cop. The cops that were cops are fleeing the profession in droves. And that’s the second prong of this kind of two-pronged issue that’s driving crime up in Colorado.” Specifically, according to Evans, one of the policies that “broke the back” of law enforcement was the passage of SB 217.
According to Evans, two parts of SB 217 are particularly demoralizing to law enforcement. The first was the requirement that every encounter be extensively documented, adding significant paperwork to an already demanding job, and the second was a body camera requirement.
One of the officers admitted in court during the trial: “We went out that evening and concealed our presence so people wouldn’t flee and we’d be able to get close enough to shoot them… and we were actually having fun shooting them”
“You seem like an argumentative person. You need to take your hand, go like this, and pull your head out of your ass. Don’t mess with me, I am not the guy you want to mess with. You hear me??”
Even people like me, who worked with cops for decades and haven’t had so much as a traffic ticket in more than 20 years, yet get threatened with death because a cop wants to prove who is boss now see police for what they are- criminal gangs with badges.
Cops have no one to blame for this but themselves. There are loads of bad cops out there. Now we can argue as to just how many of the cops out there are bad, but they have to take responsibility for the “thin blue line” nonsense where cops are not cleaning up the problems in their own ranks because they view the very public that they are supposed to serve as being the enemy. Get rid of your own bad cops, clean up your own ranks.
The police are making enemies of both sides in this conflict.
There are many people who say that they don’t trust some version of online business, whether it be passwords, password wallets, or some other version of encryption security. They claim that by keeping their passwords on paper, that this is a higher level of security than storing it on their computer. They are right, and they are wrong. The answer to this lies in the way that encryption works. I am greatly simplifying this, so it will be a bit easier to understand.
All digital encryption works using the same basic principles. Digital encryption is simply a very complex math problem where there is a formula that permits only one answer to a problem posed by the number that is put into it, the password. The output that results from the password being run through the algorithm is called the hash. There can only be one hash for each password. Password hashing is typical on the server side when the server operators don’t need to know the plaintext password, they just need to demonstrate that the user knows the plaintext.
A common hash function is Message-digest algorithm 5 (MD5), which takes a message of any length as input and converts it to an output of a fixed 128-bit hash value length to be used for authenticating the original message. Here are a few examples of what a hash looks like:
When you enter your password into a website, it is converted into a hash. If the hash matches the one that is on file, the website grants you access.
Small changes matter a lot – Take a look at examples 1 and 2. Just one digit has been shifted, from an “o” to a “0.” This is a very small change, and yet the second output is unrecognizable from the first.
The output length never changes – The input in example 3 is considerably longer than the other examples, yet it produces an output of the same length (32 characters). You could input an entire book into the md5() hash function and you would still get a 32-character string as the output.
Repeatable – An input will always give the same output when hashed using the same function. If this weren’t the case, they would just be generating a random output, which would be useless for passwords. (I included the same function in example 1 as example 4 just to see if you were paying attention.)
Knowing that hashes are the same length regardless of the password you choose, you might be tempted to pick a short, memorable password. In fact, you should do the opposite. The password you choose is critical for keeping your data secure. Why is that?
MD5 isn’t the only hashing algorithm. There are others, like the SHA-2 hash code family, one widely used today, with algorithms that are longer and harder to break. The names of SHA-2 algorithms are connected to length, so SHA-224 represents 224 bits in length. The same format works for SHA-256, SHA-384 and SHA-512. The more bits in the hash, the more complex and difficult it is to break, and the longer an input password that can be used.
If a website is hacked, cybercriminals don’t get access to your password. Instead, they just get access to the encrypted hash created by your password. It’s impossible to reverse a hash function, so trying millions of combinations to try and produce the same hash (a brute-force attack) is the way that hackers have been attacking passwords.
So that’s what they do. They breach a website because they want the hashes. Banks, Home Depot, Amazon, all of the breaches that you hear of where passwords are compromised, that’s what they are after. That’s what happened to LastPass, as well. They got the password wallets, which included the hashes for the master passwords.
Once a cybercriminal obtains password hashes from a website, the real process of password hacking begins. This process happens offline, on the cybercriminal’s computer. Cybercriminals put combinations of characters into a hashing function until a hash that matches yours is created.
Because the functions themselves are well known, password cybercriminals can easily calculate hashes for known words and other commonly chosen combinations. Then they scan for known hashes using commercially available cracking tools. These dictionaries go far beyond simple words. They include prefixes, suffixes, the practice of changing letters for numbers (e.g. 1 instead of l), and much more. This means weak passwords can be broken very quickly. Humans suck at random. That’s why human created passwords are garbage.
A long password is better, because it takes more to guess a long password than a short one. A random one is better, because this foils dictionary attacks. Not reusing passwords is a way to keep a hash found on one website from being matched with others.
69% of people admit to sharing some passwords with others
71% of people admit to using common passwords like p@ssw0rd, their pets’ names, or children’s birthdays
72% of people admit to reusing the same password on 4 or more accounts
56% of people claim that they would not use passwords at all if they could
The average user has 25 online accounts but uses just 6.5 passwords to protect them
So why does all of this matter? If you write your passwords on a piece of paper and then burn the paper, no one will ever get the passwords, but the hackers don’t care. They want the hash so they can brute force your passwords. It doesn’t matter if YOU use electronic password storage, because any company that you do business with does, but in the form of hashes. Using a password notebook like this one keeps the password out of electronics, but that doesn’t secure the hash.
They are so fast, that number-only passwords are useless. Even if you choose a good combination of letters, numbers, and special characters, passwords of eleven characters or less will be brute forced before a company even notifies the public of the breach. A series of leaks over the past few years containing 100 million passwords have given hackers dictionaries of passwords from people in different walks of life. The ever-growing list of leaked passwords allows programmers to write rules that make cracking algorithms faster and more accurate; password attacks have become cut-and-paste exercises that even script kiddies can perform with ease.
That’s why I was so pissed at LastPass for not disclosing the breach for months. How long is your password, what does it consist of, and how would it fare if the black hats had the hash to play with for 3 or 4 months? What if the black hat uses more than one computer?
That’s why, for now, I recommend that you use a randomly generated password comprised of numerals, special characters, uppercase, and lowercase letters, and your password should be no fewer than 17 characters long. Do not use words, even with common misspellings. Dictionary attacks live on words like p@ssw0rD123.
Diceware has a flaw in that it is susceptible to dictionary attacks. There are only 7,776 words in the diceware word list. Using that list to generate 4 words results in 3.6 quadrillion possible word combinations. That’s a lot for a human to guess, but a trivial exercise for a computer making a few billion guesses per second. If no other randomness is inserted, a 4 word password generated by diceware would be cracked in less than 3 hours. There was a time when diceware was a good idea, but increases in computing technology have made it useless.
That same technology makes other schemes just as useless: fingerprints, facial recognition, and others. A strong, random password and a hardware key are currently the only secure methods for identifying valid, authorized users.
There are new hashing algorithms that complicate the process of cracking, like SHA512, Bcrypt, or PBKDF2. The complexity of the math involved limits the speed of those cracking computers to less than a 10,000 guesses per second, which greatly increases security. However, it costs money for a business to stay current with this kind of technology, and many companies just aren’t willing to spend the cash. That means it is up to YOU to keep your password long and complicated.
Don’t be complacent. There was a time when an 8 character password was nearly impervious to attack.
