The Aurora Massacre: The Case For Armed Citizens

(And Why Gun Free Zones Don't Work)

This past week has certainly been one of tragedy.  My heartfelt prayers and thoughts certainly go out to the victims, the families and the people of my home town of Aurora, CO.  I was in high school when the Aurora Mall, where the theater is, was brand new. And the apartment of the alleged gunman is just down the street from where I went to junior high school.  The apartment evacuees were relocated to my old high school.  But what really is disappointing to me (not surprising, but disappointing), is that the gun control wonks are coming out of the woodwork to use the blood of these innocent victims as a means for forwarding their agenda.  So, since everyone else is “Monday morning quarterbacking” this massacre, I thought I would jump on the bandwagon as well. 

That theater was a “gun free zone.”  More massacres have been successfully carried out in gun free zones than at places where good people were allowed to carry their gun.  Virginia Tech, the 2008 Chicago Mall shooting, and Fort Hood, just to name a few, are stark examples of this point.  On the flip-side, just take a look at the New Life Church incident in Colorado Springs a few years ago.  The gunman was armed similarly to the Aurora shooter.  But an armed woman was present and took him down before he could cause more than only a few casualties.  I carry all the time for that very reason.

Without an armed person present, those people had ZERO chance.  With an armed person present, their chances sure as heck would have been greater than zero!

On a Facebook discussion thread there was a comment made that one armed person in that theater could not have stopped the gunman. That's a perfectly valid point.  While it may be true (that one armed person may not have stopped the gunman), one armed person would have distracted the gunman long enough to allow more people to escape, or for others to take action.   It doesn't take much to distract a gunman who is as narrowly focused as this guy was. He was focused on killing as many people as he could. What I am talking about here is the concept that I wrote about in a previous article of getting off of your "X" and putting the bad guy on his "X." The other concept alluded to here is what we in armed self-defense circles call “gaining the half-second advantage.”  If you can distract the bad guy for even half a second, you can at least do something to take swift action and change the outcome - hopefully to a good outcome.

Yes, he had body armor. But, as the media likes to spin things, they called it a "bullet proof vest."  There is no such thing.  Different levels of body armor can protect against certain levels of ballistic performance, but no body armor is completely bullet proof. And depending on what he had, it is quite possible that he only had a low level of ballistic protection.  This guy didn't seem to know a whole lot about guns, to be honest.  So it isn't a far leap to say that he probably knew even less about ballistic protection.  An armed person would have tried to at least penetrate the body armor, and if that didn’t work try for a more vulnerable area.  At that distance (within that theater - a movie theater is way less than 25 yards), a head shot with a handgun is not out of the question. A proficient person with a handgun could have stayed concealed just long enough to un-holster and get a well-aimed shot off, then move to become a huge distraction to the shooter and attempt to take him down.  Either way, if the gunman had someone shooting back at him, he wouldn’t have been trying to shoot the people who were trying to escape.  

This why I am an armed citizen

The bottom line here is that the gun control crowd has got to finally realize that gun-free zones DON’T work, and allowing citizens to practice their right of self-protection DOES work.  This has been proven time and again.  Most sheepdogs I know are well trained to keep moving, and find shots that have a low perceived penalty for a miss. The shooter's main threat at that point would be the moving sheepdog with the gun that is shooting at him, so he wouldn't dare turn his attention to anyone else. Many more people would then be able to escape.Top of Form

Bottom of Form

So what can you do to be more prepared?  Take some form of “Active Shooter Response” training.  Even if you don’t carry a gun, this type of training will give you a good foundation of things to think about to increase your chances of survival.  I took some of my training through the FEMA Independent Study Institute, and I refresh the training annually.  For those of you who do carry a concealed handgun, I also encourage you to keep up on your live-fire training and keep those skills sharp.  See my previous article about the need for continuous training to learn more ways to stay polished.

This was a horrible event.  But let’s not continue to enable future similar events with more criminal enabling “gun free zones” and this insane insistence on taking away people’s rights to self-defense.  If guns were banned, he would have found another way to cause harm.  As Charlton Heston once said:  

"Here's my credo. There are no good guns, There are no bad guns.  A gun in the hands of a bad man is a bad thing.  Any gun in the hands of a good man is no threat to anyone, except bad people."

 

Four Sheets of Parchment

The United States Constitution was written on just four sheets of parchment.  Compare that to a single bill today submitted by Congress that exceeds 2,000 pages.  And I’ll bet the Founders read every single word on every single page of that most precious of founding documents.  Not only that, but they understood exactly what they wrote!  Today, we can’t even get our legislators to be willing to make these huge bills available for us to try to read, much less read them themselves. 

Gary DeMar summed it up pretty well in an American Vision article

“The Constitution of the United States was written on four sheets of parchment. If you count the Preamble and all 27 Amendments (remember there were originally only ten), it comes out to 20 typed pages. If you don’t count the signatures and amendments, you’ll have a document of 11 typed pages. No single Amendment is a full page. Many are only a single sentence in length. The First Amendment covers a multitude of freedoms: religion, press, assembly, speech, and the right to petition the government. It does it with only 45 words. Those original four sheets, about 4500 words, were good enough to serve as a document to govern a nation.”

They give the excuse that the bills are too confusing for them to read.  They wrote them, didn’t they?!  And now they don’t want to read their own writing because it’s too confusing?  If that’s the case, then maybe they should take a lesson from the Founding Fathers and learn how to write things that are shorter and easier to read.  If they didn’t write these bills, then who did!?  Our Second Amendment which preserves our right to defend ourselves is only twenty-six words yet speaks volumes.  Come on – how hard is it to write something as simple, yet as explicit as that?

So what does this mean to us as gun owners?  Take one of the latest in gargantuan bills, the recent Affordable Health Care for America Act passed by Congress, and somehow allowed to stand by the Supreme Court.  In this monstrosity of a bill any number of amendments could spell gun control under the guise of “looking out for our health” and ensuring that we live in “safe environments” in our own homes.  Some say there is the possibility of further registration of every single entry of our medical records into national databases.  It takes only a little common sense for one to realize that buried in a bill that is over 2,000 pages long can be hidden any number of liberty killing amendments.  How about the prospect of turning you into a felon if you don’t buy the healthcare prescribed for you by law?  You do remember that felons can’t own guns, right?  At the very least, this represents further control of the American people by a government that is growing out of control.  

Here is what Gun Owners of America has to say about this bill:

“This bill will...most likely result in all of your gun-related health data being dumped into a government database that was created in the stimulus bill. This includes any firearms-related information your doctor has gleaned... or any determination of PTSD, or something similar, that can preclude you from owning firearms."

The bill will also create special "wellness" programs in section 112 which would allow the government to offer lower premiums to employers who bribe their employees to live healthier lifestyles -- and nothing within the bill would prohibit rabidly anti-gun HHS Secretary Sebelius from decreeing that "no guns" is somehow healthier.”

Hurt yourself reloading?  Need special glasses for shooting?  Have an accident at the range?  My suggestion is to find another explanation for those things to your doctor.  The health care bill above is but one example. There have been several pieces of legislation considered in the past few years alone that have been so huge as to be unreadable and un-comprehended by the average citizen.  Next thing you know, it will be determined that firing a gun produces too much carbon dioxide, and you will face more taxes when buying guns and ammunition if cap and trade is ever passed.

Now, more than ever, it is crucial that gun owners (and all citizens) get involved and educate themselves on every single bill that our law makers try to push through.  ANY bill can have the potential of containing anti-gun content and or amendments.  We must be paying attention every step of the way if we are to have a say in how these laws are passed. 

I know – this represents time out from lives, families and friends.  But our future as a country depends on our willingness to sacrifice a little in order to help secure our future as a nation.  With the voluminous amounts of text in these bills, and the hundreds of amendments being slipped in, an innocent looking and sounding bill can turn into a gun owner’s (or everyone’s for that matter) worst nightmare in a single moment.  We must take an active role in our own governance and make sure our elected officials hear our needs and demands.  In this very important election year - Please – get off the bench and get into the game.

Perceived Penalty For a Miss

A phrase that we often use in firearms training is the concept known as the “perceived penalty for a miss” (as in missed shot).  This idea of the perceived penalty for a missed shot can apply to any scenario in which you use a firearm, be it home defense, self-defense while out and about, or even while shooting targets at the range.  But for the context of this article, I will concentrate mainly on firearm use in home defense.

I am regularly on the lookout for news articles where firearms are used to save lives and protect property.  I recently came across an article about a man who shot a home invader, but then ended up accidentally shooting his wife as well.  This unfortunate incident clearly illustrates that in the course of defending our homes, not only are we responsible for the safety and protection of our families, but that we are also responsible for what happens as a result of our using deadly force as part of our home defense strategy.

Let me be perfectly clear about my own personal philosophy in this matter: Firearm ownership is an individual right that calls for individual responsibility.  I do not endorse in any way, shape, or form the legislating of every single aspect of firearm ownership.  Training, firearms storage, and safety are our individual responsibility as gun owners.  We already have thousands of laws governing firearms ownership – we don’t need any more.  They can’t even enforce the ones we have. 

We are individually responsible for taking it upon ourselves to maintain marksmanship proficiency with our firearms, and being able to simultaneously and quickly think past the front sight of that firearm when we choose to engage a threat.  In other words, we need to be able to quickly engage and stop a threat, as well as make sound decisions about that engagement based on risks and possible outcomes.  Once that bullet leaves the muzzle, it can’t be called back.  There will be consequences resulting from the defensive use of our firearm, and the final resting place of that bullet.

Click here to learn more: USCCA Membership

Something that we emphasize in firearms training over and over, and that I also see very heavily emphasized in the advanced tactical training I have taken to keep up my own proficiency, is the idea that this concept of a penalty for a missed shot is very closely related to a fundamental firearms safety rule.  The rule basically instructs you to know your target, know what is between you and the target, and know what is beyond your target.  If you understand and apply that basic rule, you will better understand and apply good decisions based on the amount of perceived penalty in case you miss your target.

Firearms and self-defense expert Rob Pincus of I.C.E. Training mentions that the perceived penalty for a miss translates to how worried you are that you will miss, or what happens if you miss.  What happens if you miss can be a factor of where you are in relation to the threat, in relation to everything else.  Are there other people, either seen or unseen, that can be in jeopardy?  What is behind that threat?  Can you move so that if you shoot at the threat, you shoot towards a more solid backstop where there is less of a chance of over-penetrating into a soft wall and hurting unknown people behind that wall?  This is an example of how training is an important factor in helping with decision making and will be discussed in part 2 of this series.  But I wanted to give an example of the types of things that come into play when thinking of the perceived penalty for a miss.
 

As I mentioned above, there will be consequences (outcomes), positive and negative, resulting from the use of deadly force in protecting your home.  For all of the scenarios below, a violent criminal enters your home with the intent of doing you and your family harm.  You are armed and intend to exercise your natural and legal right to defend your home.  So let’s take a look at just a few of the possible outcomes.

Scenario 1:  You engage the threat, your bullets hit their intended mark, and the threat is stopped.  No other people are hurt or property damaged.  The police come to investigate.  You are found to be a victim of a home invasion who successfully and lawfully protected yourself and your loved ones.

Scenario 2:  You engage the threat; your bullets hit their intended mark, but over penetrated and went through a wall.  Or some of your bullets missed the bad guy altogether and went through an interior wall of your house.  Another family member or pet may or may not have been on the other side of that wall – you didn’t know that when you fired the shot.  You later find out that you also wounded a family member.  The police come to investigate.  You may or may not be charged with negligence, but you will forever be emotionally scarred knowing that you hurt someone you love.

Scenario 3:  You engage the threat; you panic and shoot wildly hoping to hit the bad guy.  Your shots miss and go through some interior walls and some outer walls of your house, go into a neighbor’s house, and wound a neighbor.  The police come to investigate.  You are found to have negligently discharged your firearm and are arrested to face possible charges.

There are many other possible scenarios, and I won’t presume to know or report them all here.  But the above illustrate just a few of the very real and possible outcomes.  Again, minimizing risk while protecting your family member’s lives is what it’s all about.  The ultimate goal is for your family to be safe, and NO lives put in jeopardy.  Of course, when the criminal invader chose to enter your home and commit a violent crime, he or she made the decision that they were willing to take the risks of injury or death in doing so.  That’s a risk mitigation that is out of your control.  But what IS in your control is the ability to decide whether or not to engage the threat with deadly force, and if so to hit your intended target by building marksmanship and proficiency, and making sure that you know your target, what is between you and the target, and knowing what is beyond your target.

Now that you have an overview of the concept behind the “perceived penalty for a miss” and the background behind the thought processes for reducing this risk, we will now discuss getting back to basics and remembering the fundamentals of firearms safety.  In particular, the rule of knowing your target plays a big part in minimizing the risk of causing harm to others in a defensive incident.  

SHAMELESS DISCLAIMER: The strategies and scenarios depicted in this article are not all encompassing.  There are many possible scenarios and strategies – I do not presume to know them all.  Your own situation and environment will certainly vary, so you have to use common sense and be able to think through your strategy for yourself.  In other words – everything you read here is based on opinion derived from my most diligent research possible, and my own ability to think critically. I am not responsible for other people’s inability to use common sense or sound decision making skills. I and NCFST are not responsible for the actions taken by the readers of this article series.

 So having said all that, here are some suggestions for reducing the risk that a missed shot may cause unintended harm.  You need to think these through for yourself, and apply them in a way that makes sense for your own unique situations.

 

Know and APPLY The Fundamentals of Firearm Safety:  Think about and constantly remember those basic rules you learned when you were first introduced to firearms.  Then, actually APPLY those rules every time you handle firearms.  Whether you are going to the range, carrying concealed while out and about, or just having a ready firearm to defend your home, you are responsible for applying these common sense rules.  In case you need a refresher, here they are again:

• Always assume that every gun is loaded
• Always keep the muzzle pointed in a safe direction
• Always keep your finger OFF of the trigger until ready to shoot
• Always know your target, what is between you and the target, and what is beyond the target.

Know Your Home and What is Around Your Home:  Think about all the possible places where a home invader will enter and travel throughout the home, as well as what they might be looking for.  Think about where your family members will likely be in proximity to these places, and where you will be in the course of defending your home and stopping the attack.  Walk through your house and think about each of the walls – what is behind those walls?  Don’t forget floors and ceilings – what’s on the other side of those?  A basement, a bedroom, a bathroom, or other frequently inhabited area?  Think about those exterior walls.  What’s on the other side?  Are the houses in your neighborhood close together?  Do you live in a townhouse or apartment with a neighbor just on the other side of that wall?  What are the walls made of?

Know Your Plan of Action: What will you and your family do if you hear or suspect a break-in or the intrusion alarm goes off?  Can you all get to a safe room, or will family members be in areas scattered all throughout your home?  Can you all stay barricaded in one place until the police arrive, or will you be forced to go on a “room clearing mission” so that you can secure other family members?  “War Game” possible scenarios and think about how to get all of your family members to a safe room in case of an emergency.  If that’s just not possible, then think of where you would position yourself in any of your rooms in case you have to shoot.  Think of how you can reposition yourself in relation to the invader’s position in order to take a better and safer shot.  You need to be aware of your entire home and environment in order to minimize the risk of a bullet missing and going into an area where people may be.

Know Your Defensive Ammunition: Is the defensive ammunition that you use in your home defense strategy going to stop the threat, but also over-penetrate and go where you don’t want it to go?  Now is the time to think about other types of ammunition that are possibly better choices for home defense, such as frangible or “safety slug” ammunition.  Glaser Safety Slugs, for example, provide optimum penetration, yet fragment very quickly to prevent over penetration.  These rounds are a popular home defense round, and are available in many common handgun and rifle calibers.  Using a home defense shotgun with a shell containing non-lethal rubber balls as the first round, followed by rounds of bird shot or #4 buckshot is another popular choice.  You have to decide what types of ammunition and home defense firearms you are comfortable with.

Know and Constantly Improve Your Own Skills:  Being proficient is a huge responsibility, and perhaps the most important of all of these strategies.  Becoming highly proficient in firearms deployment for defensive uses may take a lot of your time, but the effort expended is beyond measure in its worth.  Do you regularly practice your marksmanship?  Do you regularly practice defensive skills such as drawing from a holster or shooting on the move?  When was the last time you took advanced formal training beyond just the basics?  Continuous training is extremely important.  Maybe participate in IDPA or defensive pistol matches on a regular basis.

Wrapping it All Up:

The penalty for a missed shot can be huge if you don’t prepare and you will never completely eliminate all risks.  The best you can do is to mitigate the risks to the extent possible, use due diligence in your preparation, and use some common sense in your actions.  Armed defense is an individual right, but with rights such as this come great individual responsibility.  Prepare, practice, and be sure to get back to those fundamentals from time to time.  Know and apply the basic safety rules of gun handling, know your environment, know your plan, and know your equipment.  Always strive to improve them.

Be sure to visit the NCFST blog where I have also posted this article series in its entirety.  You can also learn more about the use of firearms in home defense by visiting the new sister-site to the US Concealed Carry Association, the Home Defense Association of America. 

Be informed, be protected, and be safe!

Click Here To Join The NRA Today!

There’s an App for That!

Last time, I mentioned some of the reasons for being mindful of those smartphone apps that you install and the security concerns surrounding them.  This week, it’s back to discussions about firearms, and some examples of the firearms related apps that you can install on your smartphone.  I have an Android phone, so all of my examples this week are Android compatible apps.  But chances are that you will find many of these apps for iPhones as well.  You have to remember:  I’m a geek, so from time to time I use the technology I have at my disposal to enhance firearms knowledge and experiences.  Or, I just like to play with toys... whatever.

Searching for these apps is pretty easy.  When you go to the app store ("Google Play" for you Verizon Android owners) – the following search terms will help you find what you are looking for:  nra, firearms, rifle, rifle scopes, ammunition, ballistics, ammo, reloading, and other terms similar to these.  If you go to Google Play on your Android, just use the app names below for the search terms and you will find it.  Most apps are free or little cost.  I thought the small fee ($4.99) that I paid for the Nikon app was worth it because I have a few different Nikon rifle scopes, and they are covered in this app.  So here are a few that I have found to be particularly useful.

2012 is a critical election year for gun owners
It will be ALL or nothing - are YOU all in?
Join us and join the NRA!

NRA – National Rifle Association

Description:  Provides access to NRA news ILA Alerts, and the NRA blog.  Also has links to resources near you, based on your GPS location, and access to their social media sites such as Facebook, Twitter, and a Rep Finder.

Cost:  FREE

App Link:  http://www.androidzoom.com/android_applications/news_and_magazines/nra_cepbz.html

Strelok Ballistic Calculator

Description:Strelok is a ballistic trajectory calculator.  Small, handy and accurate. Field-proven accuracy since 2001.Supports imperial (yards, feet, inches, etc) and metric units.  Input all parameters, push button "Calculate!" and you will have vertical and horizontal values for rifle scope correction.  Also, you can select reticle from list and see wind and distance corrections on reticle without turning knobs. You can send by e-mail the reticle image with holdovers and ballistic table.  Supported reticles:  MilDot, NP-R2 (Nightforce), TMR (Leupold), and many more.

Cost:  FREE

App Link:  http://www.androidzoom.com/android_applications/sports/strelok-ballistic-calculator_pnsz.html

Nikon SpotOn

Description:Spot On Ballistic Match Technology provides precise aiming points for any Nikon BDC reticle riflescope and instant reference for sighting in other Nikon riflescopes with plex, MilDot or standard crosshair reticles.

All you need is a rifle, a Nikon riflescope and a rangefinder…SpotOn does all the work for you, showing you what the possibilities are before you ever fire a shot! Includes sections for handloaders, atmospheric conditions, and comparing loads as well as the ability to create and email a field reference chart.

Cost:  $4.99

App Link:  http://www.androidzoom.com/android_applications/sports/nikon-spoton-ballistic-match_bmxkj.html

DownZero Reloading Cost Calculator

Description:The Ammo Reloading Cost Calculator calculates the cost per round of reloaded ammunition.  The application provides input for quantity and price of the four components used to reload ammunition (Cases, Primers, Powder, Bullets).  Press the "Calculate" button to calculate costs for 1, 25, 50, 100, 500 and 1000 rounds. The user can also enter a custom number of rounds and the cost is automatically calculated.  A pie graphs is used to show a graphical representation of the cost % for each component.  The application also has an email feature that will allow the user to email the results using an email program on your phone.  The application can also be moved to an SD card.

Cost:  FREE

App Link:  http://www.androidzoom.com/android_applications/tools/ammo-reload-cost-calc_bpouw.html

Firearms Talk Firearm Gun Forum

Description:  Mobile application for FirearmsTalk.com, a general Firearms, Guns & Weapons community discussion forum.  Covers everything under the Sun shooting handgun, rifle, shotgun, rimfire, centerfire, revolver. From AR15, AK47, 10/22, 870, Glock to gunsmith, safety, competition shooting and hunting.

Cost:  FREE

App Link:  http://www.androidzoom.com/android_applications/social/firearmstalk-firearm-gun-forum_bckde.html

USA Carry Forum

Description: You get full access to the forums and the app is formatted to make browsing and posting MUCH easier on your device than through the web browser.

Cost:  FREE

App Link:  http://www.usacarry.com/usa-carry-forums-android-app-available-now/

Gunventory – Gun Inventory App

Description: Gunventory is a simple to use firearms inventory app allowing you to take your gun collection info with you.  Features: -Store make, model, caliber, serial, type, and purchase date;  -Button to search Google; -Set a password to protect your information

Cost:  FREE

App Link:http://www.androidzoom.com/android_applications/productivity/gunventory_yqrh.html

Refuse To Be A Victim - Smartphone Security - An Overview:

WARNING:  This article contains absolutely nothing whatsoever to do with firearms, but has everything to do with not being victimized by the bad guys who use the very technology we use on a daily basis to attack us.  Last week, I had the opportunity to attend the 2012 Rocky Mountain Information Security Conference (RMISC), which was hosted by the Denver chapter of ISACA and the Information Systems Security Association.  One of the breakout sessions I attended was Georgia Weidman’s talk on the glaring need for smart phone security.  Besides leaving with the thought “…what ever happened to the day when these things were JUST phones?!”  I was reminded of the fact that with the added technology and functionality, our “phones” need to be protected just as do our computers. 

Specific Dangers: Your smart phone does not just contain your contact list.  Many people are using their smart phones to receive email, store documents, input calendar items, keep notes, store passwords, and various other useful things.  So these devices now hold all kinds of potentially sensitive personal data that must be protected.  If a piece of malicious software (malware) gets installed on your phone, it can steal this data and send it off to the bad guys without you even knowing about it.  The SMS (text message) functionality, along with the Internet connectivity features, on these devices are often leveraged vehicles for “exfiltrating” your sensitive data.

Not only is your personal data at risk, but also other information, such as your phone’s identity (the information that uniquely identifies your phone on the network), your geographical location, and information about the hardware and storage on your device can be disclosed.    According to Ms. Weidman, the International Mobile Equipment Identification (IMEI) number that uniquely identifies your phone is as valuable to the bad guys as a credit card number, as this number is used by various apps to identify the smart phone as being yours when it logs on to the service.  GPS information is also used to identify where you are located when using the services that you are accessing with your phone.  Your phones can also connect to mobile WiFi hotspots, which means that they are as vulnerable to attack by malicious hotspots near your local coffee shop (disguising as legitimate hotspots) as is your laptop.  Be careful about the networks you are connecting to.
 

So what can you do?  Two things that really stuck out from this presentation, in terms of minimizing risks and ensuring better personal security, were the need for: 1) Having a security suite installed on your smart phone, and 2) Be careful what you download, and what permissions are being asked for.

Smart-Phone Security Software:  In case you weren’t aware of this already, there are various apps out there that will help provide added security for your smart phone device. The problem is, however, that the tradeoff for additional security is often reduced performance.  Do some research and find out which security suites have better reviews.  I use the Norton Mobile Security Suite for my Android, and so far I haven’t noticed any huge or unbearable performance hits.  Even the “lite” version will give you basic malware protection, but you can get additional features in the paid version for remotely wiping or locking your phone if it is lost or stolen.  This is kind of a cool feature – I set up my spouse’s phone as a “buddy” so that if my phone is stolen or lost, I can send commands to my phone remotely.  For example, if her specific phone number sends a “wipe” command to my phone, along with a password, I can wipe my phone remotely and erase all of my sensitive data.

There are various other security suites out there such as Avast, Kaspersky, and Lookout.  Take a look at the links, do some research and find out which ones have the features you need and the performance you want.  Each link gives reviews to help you see what others are saying about each product.

Application Security: If ever there was a need to read the fine print, reading those permissions that your new apps are asking for is it.  When you download a new app for a smart phone, the app will often tell you what permissions it needs in order to operate.  Every time you download a new app, go ahead and read that list of permissions and take note of what that app needs to access in order to function properly.  Here is a good article that further explains permissions and how you can get more information about each permission that is being asked for when you install an app.

Sample Android App Permissions

 

Smart phone security is every bit as important to keeping you from being an online victim as is protecting your computer.  In the coming weeks, I will take a look at some additional ways to stay safe by addressing specific smart phone issues.  It's up to you to Refuse to be a Victim!

Additional Resources:

• Article: How App-Based Malware Infects Android Devices
• Article: What Can a Zero-Permissions Android App DO?
• Bulb Security (Georgia Wiedman)
  
  ...Now – back to our regularly scheduled firearms programming.

How Long Until The Police Arrive?!

We often hear the saying that “when seconds count, the police are only minutes away.”  I had a chance recently to test that notion, albeit that the test of this often repeated saying happened quite by accident.  Still, it was an eye opening, although accidental test.  At about 5:30am, my alarm clock went off; I got out of bed, and in a bleary-eyed state of being went down stairs to let the dogs out.  Still half asleep, I walked right past the alarm panel, and forgot to turn the alarm system off before opening the back door.  You guessed it:  The alarm immediately went off.  I ran back to the alarm panel and frantically fumbled to put in my code to turn it off.  Finally got the alarm turned off, and I figured that ADT would probably call me to ask about the alarm.  But since I had reset the alarm right away, perhaps they would not call.  They would see the hour of the morning and figure that the owner forgot to turn it off before opening a door.

A few minutes passed, and I let the dogs back in when they scratched at the door.  I went to the stove to put on some water for morning tea, and sat back down on the sofa.  Finally, the phone rang – but it only rang once and stopped.  Possibly ADT calling?  Sometimes that happens – the alarm system takes control of the phone line and people who call can’t get through.  As it turned out, they next called my cell phone, which was on the end table, turned off and charging.  They called my wife’s cell phone – also turned off and charging.  Having seen an alarm, and not being able to contact the homeowners, they called the Fort Collins Police.  

So before I go on, let me say that I have nothing but total respect and admiration for the Fort Collins Police and the Larimer County Sheriff’s offices.  The men and women who make up our law enforcement agencies in our community do a thankless job on a tight budget.  I mean after all, the City of Fort Collins has found it important to pay artists thousands of dollars to put fancy paint jobs on all of the electrical boxes in town, but seem to be kind of stingy when it comes to funding our police and fire services.  In fact, I remember awhile back receiving a letter from ADT stating that the City of Fort Collins was piloting a program where, due to budget constraints, was ordering the police department to provide quick response to calls from the alarm company ONLY if a second verification could be obtained that an actual break-in was occurring.  Otherwise, they were to respond on an “as available” basis.  

So back to the story… Meanwhile, I went up to my office to check email and wait for the water to boil.  The water finished boiling; I went down to the kitchen and started my tea brewing.  Went back up to read the news, work on my web site, and do a few more things in the office.  Then a few minutes later, the dogs start barking wildly and shortly after the doorbell rings.  Yep – it was the Fort Collins Police.  I explained what happened, the extremely professional and friendly officers understood completely, and then left.  Let me just say that I am thankful that there were two of them responding to a potential home invasion, and not just a lone police officer.

So again – this story isn’t meant as any kind of criticism against our law enforcement community.  The men and women of law enforcement really are professionals and most deserving of our respect and gratitude.  Rather, this story is a testimony about the somewhat dubious thought processes of our legislators.  This is clearly another example (and there are many) of why it is that law abiding citizens should NOT be legislated against when it comes to the right to defending themselves or their homes.  From the time the alarm went off to the time the police finally arrived, I had time to let the dogs out, let them back in, boil a kettle of water, make some tea, check email, read a news story or two, and start doing some work on my web site.  

If someone had actually broken into a typical Fort Collins home at that time of morning, with the family there (and possibly still asleep), how much damage and injury could an intruder have done in that time?  In our family’s case – not much – we’re also armed and have a plan.  But still, several minutes elapsed before law enforcement arrived.  Give it some thought, folks.  Are you willing to hope for the best until help arrives?  Or are you resolute in developing a plan to keep your family safe?  Take a look at our past articles on defense in depth for the home, and stay tuned for more tips on staying safe and refusing to be a victim.

It also helps to know a little more about how home alarms operate in the United States to help understand what you can do to increase the priority level of your alarm event in the case of an actual break-in.  After writing the original version of this article for the news letter, security expert Wayne Crook, creator of "The Pistol Pad" sent me the following:

"Every alarm company in the USA and, to the best of my knowledge, every State by law or rule recognizes the following three (3) alarm response categories.

Priority 1 - Fire. Takes precedence over any other signals being processed by the central station. Emergency responders notified immediately.  No Verification Call to the location. This represents a catastrophic threat to human life and property.  Priority 1 – Fire devices can not be bypassed or disarmed; only silenced and/or reset.

Priority 2 - Panic. Takes precedence over any other signals (except Fire) being processed by the central station. Emergency Responders notified immediately. No Verification Call to the location. This represents a serious threat to human life.  Priority 2 - Panic devices can not be bypassed or disarmed; only silenced and/or reset. 

Priority 3 - Intrusion. Lowest level taking precedence over administrative communications only. May require one or more verification calls prior to notification of Emergency Responders.  Delays of 15 seconds or more may be required before any communication attempt to the central station is initiated following activation of an intrusion alarm.  This represents a threat to property only.  Priority 3 - Intrusion devices can be bypassed or disarmed.

For any monitored alarm system owner that has a panic button immediately available; even if the system is in full alarm with the sirens blasting, Push The Panic Button! This changes the status of your alarm signal from a Priority 3 - Intrusion to a Priority 2 – Panic and should significantly increase speed of notification to and response priority of Emergency Responders."

Source:  Wayne Crook, The Pistol Pad

  

So what can you do?  For starters, here are some important things to remember:

• Your alarm system is (or at least should be) only one part of a multi-layer system of defense for your home and your family.  If able, also call 911 and get the response rolling as soon as possible.
   
• Get a wireless "Panic Button" from your alarm company, but it in your safe room, and know where it is.  Use it to elevate the alarm priority so that the police will know that you are in fact being invaded and to respond at a higher priority.
   
• Get another "Priority 2 Panic" device such as the The Pistol Pad which can also serve to help increase the alarm priority.
   
• Have a plan – if your alarm does go off, or you hear the obvious signs of a break-in, be able to get yourself and your family to a “safe-room” that can provide protection and give you time to call 911, and again - upgrade that alarm priority level by pushing the panic button.
   
• Get trained in self-defense and defensive firearm use.  Your safe room will only keep you safe for so long from someone absolutely determined to get to you and do you harm.  Your firearm is your last resort for defense, but you need to know how to deploy it in an absolute crisis situation.

Principles versus Tactics

In order to know what you want to do (or are willing to do) in a given situation, you need to know which aspects of your strategy for doing it are absolutely non-negotiable, and which aspects are subject to flexibility.  Which aspects are you not willing to compromise?  And which aspects will you have to adapt to your abilities, resources, and practicality?  Ask any "sheepdog" about their willingness to step up and help others, and he or she will tell you that there are just certain things in our lives that are non-negotiable. 

One of the important things I have learned in my recent tactical firearms skills training at Makhaira Group is the concept of principles versus tactics.  A principle, as our instructor drilled into us over and over, is something that you are absolutely not willing to negotiate.  It is the “what” of your belief system. Tactics, on the other hand, are the “how” of your strategy to adhere to that belief system, the specifics of which may vary from time to time, but they still enable you to adhere to your principles.  These are the “enabling objectives,” if you will.  

The fact that I must eat to survive is an example of a principle.  But when I go to the cafeteria to eat, I am free to pick and choose what specific items I want to eat at that particular time.  But there is no more appropriate a place to discuss principles and tactics, in my opinion, than in the realm of self-defense and the defense of your family and others.

prin·ci·ple

  /ˈprɪnsəpəl/ [prin-suh-puhl]

noun

an accepted or professed rule of action or conduct: a person of good moral principles.
 

a fundamental, primary, or general law or truth from which others are derived.

a fundamental doctrine or tenet; a distinctive ruling opinion.

principles, a personal or specific basis of conduct or management: to adhere to one's principles.

guiding sense of the requirements and obligations of right conduct.

tac·tic

   /ˈtæktɪk/ [tak-tik]

noun

a plan, procedure, or expedient for promoting a desired end or result.

Here’s an example of a self-defense principle and its accompanying tactics:

Principle:  I will provide multiple layers of protection for my home and family against criminal invasions.

Tactics: An alarm system, a big dog, strong door locking hardware, and firearms in the hands of a proficient home owner, are all things that I might employ to provide my home protection.

Explanation:  The fact that I will protect my home and my family from criminal invasion or attack is not open for discussion.  It is non-negotiable.  And I don’t care what any one else's opinion is about whether or not I should be doing this.  But how I do it is a matter of which tools I wish to employ, and may be based on my personal preferences and/or the opinions and experiences of others.  

Let’s take the above tactics one at a time:  

The alarm system:  What if I don’t want, or can’t afford the alarm hardware and the monthly fees?  What if I am renting and the home owner will not allow me to install an alarm system on the premises? I can get simple alarm-like devices that make a loud noise when a door or window is opened, and mimics an alarm system.  I can post alarm signs in my yard that warn potential intruders that I have an alarm system installed.  The criminals don’t know the difference.  Criminals will select the easiest targets.  If your home offers even a hint of being more difficult to break into, they will move on to an easier target.  That psychological effect in and of itself is yet another tactic that I can employ.

The dog: What if I am allergic to dogs or just don’t want the responsibility?  What if my present dog is a small dog and I don’t want a larger one?  I can still put large dog bowls in plain view.  Anyone who looks in my windows sees a set of large dog bowls, but has no idea whether or not I have a dog, or what kind it is.  I can also get a motion detecting device that lets out a loud dog bark if anyone approaches the house. Again: criminals will select the easiest targets.  If your home offers even a hint of being more difficult to break into, they will move on to an easier target.

Door hardware: Do I use a deadbolt that requires a key on both sides, or one with a key-less knob on the inside? Do I also augment that with a hidden chain lock?  I didn’t say how many or what brand.  You can put 15 deadbolts on each side of your doors if you want.  But honestly, this is one place not to skimp.  Get good locks, install longer screws in the hinges and strike plates, and keep the doors locked at all times.  This is a simple tactic to employ.

Firearms: I may choose to use a shotgun for home defense today, but decide to use an AR-15 tomorrow.  Someone else may choose a handgun for their home defense.  I choose to keep my home defense firearms loaded all the time, but the state you live in may not allow that.  Your tactics for deploying will then be different.  But in choosing that a firearm is part of my tactics, I also know that the choices are virtually unlimited.

There are still other tactics not mentioned here that I can choose, or I may choose not to employ some of the above. But the important thing here is that you know what principles you are not willing to negotiate, and what tactics you select to meet those principles.  Principles helped found our country, and tactics helped win the wars.  Stick to your principles and don’t allow others to force you to compromise.

Refuse To Be A Victim - Secure Your Home Wireless Network

(Oh No – You Mean My Wireless Home Network is At Risk?)

Part of what we teach as part of the NRA's "Refuse to Be a Victim" program is online security to keep you safe while on the Internet.  The most common type of home network these days is a wireless network.  Wireless networking allows for much easier setup without all that cable installation that we had to do to set up our home networks back in the day.   But wireless networking brings with it some added security concerns that you may want to consider.  From where I sit in my office on the second floor of my house, for example, I can detect at least five wireless networks from here.  And not all of them are secured networks.  Practically anyone can join an unsecured wireless network and surf to their heart's content.  This article is intended to give you some ideas on how you can make your wireless network a little more secure.

WARNING:  There is a lot of "geek-speak" in this article.  If it doesn't make sense, just email me and I will explain it to you.

So now that your wireless network is all set up, no worries, right?  I mean so what if someone in the ‘hood' steals a little of your signal, connects to your network and surfs for themselves.  The cable company won’t know and the bandwidth they steal probably won’t affect you!  Well – here’s the deal with that:  If anyone can get on your network and surf the web, then that means that they can also get to the files on your computer(s) if they are smart enough – and these days it doesn’t take much to hack into an unprotected system.  They are completely bypassing your firewall and they are now on the inside. Inside and free to get to all of your personal information, tax records, personal letters, email files, you name it.  

But so what if they aren’t after your stuff, but rather just want an Internet connection so that they can surf for free – or worse, like doing illegal things – gambling, porn, child exploitation, download some copyrighted movies….  And it isn’t just your neighbors – it’s those nasty little WAR drivers, driving around with laptops and programs like Net Stumbler or AirSnort, scoping you out so they can come back later and steal your signal or hack your systems.  Then they can make maps of where all the wireless networks are located and share with their buddies.  

Small business owners, you should really listen up here – there are liability issues:  Guess who get’s tagged when someone decides to crack down on illegal Internet activities through your service provider’s records or other means.  You do!  Current legislation limits the ISP's liability for illegal activities, and the account owner becomes the responsible party since your name is on the account.  There may be no evidence on your computer, because you weren’t doing anything wrong.  But all they know from their investigations it that the suspicious traffic came to and from the connection into your network.  And after you get your computer back (after months of forensic investigation) you will be in the clear.  But can you do without your computer for that long?  Worse yet, can you do without your data for that long?  Stealing your signal for free Internet access is one thing.  Using your network for illegal purposes is another – and since you have no idea what the attacker’s real intentions are, you really should be just keeping unauthorized users off in the first place.  So, let’s just nip this little problem in the bud and protect ourselves by using some of the built in features of the wireless equipment and our own common sense.

Your New Router/Wireless Access Point:

You have just purchased that new combo router/access point and pulled it out of the box.  They are all configured the same, meaning that they all have the same default settings for administrative passwords, router name, IP address ranges, and network broadcast names (more on SSIDs in a bit).  Immediately change those factory settings.  Every bad guy in the world knows that the default password for a Linksys router is “Admin” and the default SSID – the network name that it broadcasts is “Linksys.”  These settings change slightly depending on manufacturer, but they are similar, and more importantly, they are all well known.  In other words, if you have a router/access point right out of the box and you don’t change anything before placing it in service in your network, all the little WAR drivers will know it, and they already know the information they need to log in to your router and change its settings to accommodate their needs.

At a minimum:

• Change the default password
• Restrict which addresses can access your network
• Encrypt to make your network a secured network
• Change the default wireless network SSID
• Disable wireless router management
• Give your router a name

If they can’t get an address, they can’t surf:

Two addresses are important:  The MAC address (physical address), and the IP address (logical address). The easiest of the two addresses to restrict on your wireless address is the MAC address, by the way.  The MAC (Media Access Control) address is an address that is hard coded into the network card on your computer.  This is often referred to as the physical address.  You can configure your wireless access point so that only the MAC addresses in your approved list will be able to connect to your network.  MAC addresses can be very easily spoofed, however, but the attackers have to know the exact MAC address(es) listed in your access point authorized list in order to spoof the right one.  This isn’t fool proof by any means, but at least it will give you something a bit more secure than no restrictions at all.

The IP (Internet Protocol) address is the "192.168.1.6" type address that computers use to communicate - often referred to as the "logical" address.  All computers on a network have an IP address if they want to communicate, especially if they want to communicate with your router to get to the Internet.  The IP address can be given to you automatically by what is known as a DHCP server (dynamic), or it can be hard coded (static) address.  If you use a router, by default your router is using its DHCP feature to configure these addresses on your computer for you.  If you are letting your router dish out addresses to your computers, then that means that they are likely to be available to anyone with a computer who can see your wireless network and “ask” for one.  This is simple – just don’t make any available!  Hard code all of your IP addresses into your computers, and tell your router not to make DHCP addresses available.  I set all of the addresses on my computers statically.   But one of the reasons this is a more complicated address to restrict is because using this method requires you to know something about IP addressing, subnet masks, DNS services, and default gateways.  Because of this complexity, many people do not use this method, but I'm a geek, so.....

If you do this also, you can go one step further and make the subnet mask for your network non-standard.  For example, many people at home use the private IP address range of 192.168.1.x.  The default subnet mask for this range is 255.255.255.0.  If you only have a few computers in your network, you can change your subnet mask to something like 255.255.255.240.  That mask will allow you enough address space for fourteen computers.  If you want more addresses, or need fewer addresses, you can adjust the mask you are using.  The added benefit is that even if the attacker hard codes in their own address to fit the range you are using, they have to guess the right mask or they won’t connect.

Encrypt your wireless traffic:

One way that eavesdroppers can find out things like passwords and other things that you would like to keep private is that they can “sniff” the traffic on your network and see it in plain text.  There are a variety of free tools out there, such as Ethereal, that allow people to see network traffic and get information right out of the very packets traveling across the network.  If you encrypt the traffic, however, it comes across as gibberish and they can’t see this information.  There are a couple of popular encryption schemes built in to home and small business wireless devices – WEP, WPA, and WPA2.  WEP, which stands for Wireless Encryption Privacy, is a slightly older and somewhat unsophisticated encryption scheme.  It is static, which means it never changes its encryption keys.  You would have to periodically define new keys or pass-phrases.  WEP is minimal security at best, but again it is better than nothing.  A newer wireless encryption for home users, WPA and WPA2 (Wi-Fi Protected Access) is a more dynamic encryption scheme, and is more secure than WEP.  The keys are dynamically changed during system operation, making it more difficult for someone to sniff your traffic and find out the pass-phrase used.  Not knowing the correct WEP or WPA keys and pass-phrases to enter into their computers makes even connecting to your network more difficult for the attackers as well.

 

The other thing that needs to be encrypted is your traffic between you and your router/access point management console.  In most home and small business routers, you simply use a web browser to log into and manage your router’s configuration.  The Linksys models (and most others) include the ability to select HTTPS (port 443) traffic between you and your router using an SSL certificate.  This will provide security in that eaves-droppers cannot see your router administrative password in plain text if they are using a program like Wireshark to “sniff” your traffic from afar.  Don’t confuse encryption with blocking access, however.  Anyone who types in the correct address for your router will be offered an SSL certificate, and they can choose to install it.  If they know the password, they can still get in.  What keeps them out is that they don’t have the correct password, and you don’t want to make it easy for them to obtain it.  This type of encryption keeps that password from being sniffed, and makes it more difficult to obtain.

 

Turn off the SSID broadcast:

The SSID is the network identifier that gets broadcasts by a wireless network access point.  As I mentioned earlier, a default setting for a Linksys access point SSID out of the box is “Linsys.”  You don’t need the SSID broadcast to connect because you can simply type in the SSID when you configure your computer(s).  If configuration gives you a problem, turn on SSID broadcasts, configure your computers, then turn the broadcasts back off.  The exception to this is earlier versions of Windows, such as Windows 98 and Windows XP without Service Pack 2.  Actually, there was a patch awhile back to ensure that Windows XP SP1 would connect without the SSID broadcast, but SP1 is about to become a non-supported product.  You really need SP2 and above (SP3 is the current Windows XP Service Pack Level) to take advantage of the Windows XP security features anyway.  But Windows XP is about to go end-of-life for security support (obsolete), so upgrade if possible.  Get Windows Vista or Windows 7 and you can really take advantage of much better security features.

 

Disable Wireless Management:

Disabling the ability to manage your router from a wireless connection will help ensure that people sitting out in the street stealing your wireless connection can’t get into your router and change settings.  You will want to have at least one computer that has a wired connection so you can connect to your router and perform configuration changes.  If you only have one computer, and it is a laptop, use the wired connection to connect directly to the router to do maintenance, and the wireless connection to provide your mobility and your normal day-to-day connections.

Additionally, you can ensure that “Remote Access” is turned off.  With remote access, you can come into your router from anywhere else that has an Internet connection.  I have mine turned on because I travel, and sometimes need to come in and make a change while I’m gone, in case the spouse or kids can’t get connected all of a sudden.  But if you don’t need it, the rule of thumb is to just turn it off. 

Other Security Measures:

Securing your wireless access points does not relieve you of the need to use other basic security precautions.  Just because you have a firewall doesn’t mean that a personal firewall program on each computer won’t do you any good.  I have my router locked down pretty well, but my personal firewall still alerts on, and blocks several inbound connection attempts.  Antivirus software, anti-malware software, and keeping your computer up to date with the latest patches are still important requirements. 

You play an important part in security too – if your personal firewall alerts you to something don’t just blindly say “Yes” to the event and move on, hoping for the best.  Question everything!  Just say NO!  You can look at your router’s logs to find suspicious activity so that you will know what further steps to take.  Look at the firewall logs for your personal firewall software also to find out who is trying to attack you, and what methods they are trying to use. 

 

Wrapping it All Up:

Wireless networking provides an easy and extremely flexible medium for setting up your home or small office network.  But remember:  your network traffic is now traveling through free space, there for the taking for the little WAR drivers and other eaves-droppers.  All kinds of things like passwords, personal data, and even access to the files stored on your computer is at risk.  Even the inexpensive router/access points give you a number of security measures you can implement to help keep you safe.  Nothing is fool-proof.  

This article mentioned some simple measures you can take to increase your chances of being safe and protecting your network.  Be sure to look into the specific configurations that your router/access point allows, and know what you can do with it.  Given enough time and effort, there is nothing that a hacker can’t break into.  But by securing your system you will more likely than not discourage a would-be hacker, and they will just move on to the other six networks on your block.  Don’t be a target – protect your computers, your network, and your data.

For more information, see:

• NIST Special Publication SP800-48: Wireless Network Security
   
• WindowsSecurity.Com: Wireless Network Security for the Home
   
• PC Magazine: Ten Steps to a Secure Wireless Network
   
• Microsoft:  How to Set Up Your Home Wireless Network