Tuesday, October 14, 2014

Summary of 1994 CSICOP conference

I just stumbled across an old Usenet post of mine which summarizes a small part of the CSICOP conference held in Seattle June 23-26, 1994 (PDF of conference program; PDF of conference announcement mailing) with Robert Sheaffer's reply. I don't recall if I wrote the further followups, and didn't find any in a brief search. My 1992 Dallas CSICOP conference summary and a number of others may be found at the Index of Conference Summaries on this blog.

Path: bga.com!news.sprintlink.net!hookup!yeshua.marcam.com!charnel.ecst.csuchico.edu!nic-nac.CSU.net!news.Cerritos.edu!news.Arizona.EDU!skyblu.ccit.arizona.edu!lippard
From: lip...@skyblu.ccit.arizona.edu (James J. Lippard)
Newsgroups: sci.skeptic
Subject: Re: News of the CSICOP conference?
Date: 11 Jul 1994 15:59 MST
Organization: University of Arizona
Lines: 110
Distribution: world
Message-ID: <11JUL199415590395@skyblu.ccit.arizona.edu>
References: <forb0004.229.0036889A@gold.tc.umn.edu>
NNTP-Posting-Host: skyblu.ccit.arizona.edu
News-Software: VAX/VMS VNEWS 1.41    

In article <forb0004.2...@gold.tc.umn.edu>, forb...@gold.tc.umn.edu (Eric J. Forbis) writes...
>I'm surprised that so little has been written about the recent conference on 
>this group. Please, any who attended, tell all!

I had intended to write up a summary of the Seattle conference similar
to the one I did for the 1992 Dallas conference (which may be found
in /pub/anson/Arizona_Skeptic on netcom.com, in vol. 6 somewhere, over
two issues).  Events conspired against me, however.  My flight did
not arrive until the conference had already begun on Thursday night,
and I was quite disappointed to miss Robert Baker's presentation in the
session on alien abductions.  I also brought only an old school notebook,
which I found contained only two blank sheets of paper in it.  Then I
planned to view Becky Long's videotapes of the sessions afterward, but
her camera's battery recharger broke.  So the following is all from memory.

I arrived at the conference on Thursday evening and was surprised to
find that the main conference room was completely full and an overflow
crowd was watching via closed-circuit television.  This was the largest
CSICOP conference to date.  I believe that for the alien abduction and
False Memory Syndrome-related sessions there were over 700 attendees.
(I seem to remember somebody telling me that, but we know how unreliable
human memory is.)
   I showed up in the middle of a presentation by Thomas Bullard, who was
very impressed by what he claimed were amazing consistencies between
the accounts of abductees.  He argued against the claim (made by Baker?)
that the motifs in abduction stories can be traced to "Close Encounters
of the Third Kind" by pointing out the same motifs in earlier abduction
claims.  (Yeah, but what about earlier appearances of "Grey"-like aliens in
other science fiction?)
   Next, John Mack spoke about why he was speaking at a CSICOP conference
and discussed the "intense polarization in ufology" between skeptics and
believers.  He said that he was a skeptic about UFO abductions and that
he considers it to be an unsolved mystery.  At times he sounded like
John Keel or Jacques Vallee--suggesting that aliens are interdimensional
creatures that can't be reduced to any known categories of human thought.
Like Bullard, he appealed to the consistency between testimonies.
I wrote down a series of questions he had for CSICOP and skeptics:

   1. Why so much vehemence in these attacks? [on him, on abduction claims]
   2. Why so much certainty?
   3. Why do we attack the experiencers themselves?
   4. Why do you attack writers of your own commissioned reports who
      don't come up with the conclusions you want?

I have no idea what the last question is supposed to be referring to,
since CSICOP does not commission research.  It sounds like a question
more appropriately addressed to MUFON regarding its treatment of
investigators of the Gulf Breeze UFO sightings.

   Since Nicholas Spanos died tragically in an airplane crash just a
week or so before the conference, at the last minute clinical psychologist
William Cone from Newport Beach, Calif. was brought in.  (He was already
a conference attendee.)  He began by saying that he didn't bring any
slides, but if the whole audience would just look at the screen, research
shows that about 2% of us would see things on it anyway.  Cone said that
he has worked with a few dozen abductees, including some in locked wards
of mental institutions.  He argued that abduction research that he has seen
is very badly done, with the researchers imposing their views on their
subjects.  He offered a number of possible answers to the question "Why
would anyone make up stories like this?":  (1) for the money (he gave
a specific example from his own experience), (2) for notoriety and
attention (he said that he's had abductees tell him they had never told anyone
about their experience before, and then show up on a tabloid TV show a
week later), (3) for identity with a group of people.
   He seemed to rebut most of the claims made by Bullard and Mack about
abductees.

   Also added to the program was abductee and hypnotherapist Sharon
Phillip (?), who was brought in by Mack.  She described her own
UFO sighting/abduction and promoted the usefulness of hypnotherapy.

   Also present was Donna Bassett, who passed herself off as an abductee
in Mack's group and then went public in the _Time_ magazine article
about Mack.  She stated that, just as women have been doing for
centuries, she faked it.  She had very strong words of criticism for
Mack's methodology and claimed that his clients are telling Mack what
he wants to hear, but say other things behind his back.  She accused him
of not getting informed consent from his clients about what they are
getting into.

   Mack replied by saying that he could not discuss her case because
of confidentiality, but that he was not convinced that she *wasn't*
really an abductee.  (He implied that he had reasons for thinking
this that he was not at liberty to discuss.)  He flat out denied
parts of her story, such as the part about his breaking her bed
while sitting on it from his enthusiastic reaction to her story about
being on a UFO with JFK and Kruschev.  He also suggested that Phil
Klass had put her up to her hoax, since her husband had worked with
Klass at _Aviation Week_.  This prompted the biggest outburst of
anger that I witnessed at the conference, from Klass, who stated that
he had not seen the Bassetts for many years and heard about the hoax
in the media like everybody else.  He subsequently contacted them,
and was responsible for Donna Bassett's being invited to the CSICOP
conference.

   There followed a series of audience questions and answers, including
several which expressed concern about Bassett being brought into the
conference without Mack's knowledge.  Some of these concerned audience
members changed their minds when told that Mack was already well aware
of the specifics of Donna Bassett's charges as a result of the _Time_
story.

Well, that was Thursday, June 23.  I'll comment further later about
the two Friday sessions and Carl Sagan's keynote address,
the three Saturday sessions and the luncheon talk about CSICOP and
the Law, and the Sunday session--or perhaps others can jump in.

Jim Lippard               _Skeptic_ magazine:
lip...@ccit.arizona.edu  ftp://ftp.rtd.com/pub/zines/skeptic/
Tucson, Arizona           http://www.rtd.com/~lippard/skeptics-society.html

Newsgroups: sci.skeptic
Path: bga.com!news.sprintlink.net!hookup!yeshua.marcam.com!MathWorks.Com!europa.eng.gtefsd.com!howland.reston.ans.net!math.ohio-state.edu!usc!nic-nac.CSU.net!charnel.ecst.csuchico.edu!csusac!csus.edu!netcom.com!sheaffer
From: shea...@netcom.com (Robert Sheaffer)
Subject: Re: News of the CSICOP conference?
Message-ID: <sheafferCsy5EI.n1t@netcom.com>
Organization: NETCOM On-line Communication Services (408 261-4700 guest)
References: <forb0004.229.0036889A@gold.tc.umn.edu> <11JUL199415590395@skyblu.ccit.arizona.edu> <Jul13.044226.32392@acs.ucalgary.ca>
Date: Thu, 14 Jul 1994 20:11:05 GMT
Lines: 31

>In article <11JUL199...@skyblu.ccit.arizona.edu>,
>James J. Lippard <lip...@skyblu.ccit.arizona.edu> wrote:
>>   I showed up in the middle of a presentation by Thomas Bullard, who was
>>very impressed by what he claimed were amazing consistencies between
>>the accounts of abductees.  He argued against the claim (made by Baker?)
>>that the motifs in abduction stories can be traced to "Close Encounters
>>of the Third Kind" by pointing out the same motifs in earlier abduction
>>claims.  (Yeah, but what about earlier appearances of "Grey"-like aliens in
>>other science fiction?)

I was going to comment about this at the conference, were it not such a
mob scene that getting to a microphone became nearly impossible:

Bullard was right to object to Baker's statement that 'all these grey
aliens come from the 1977 movie CEIIIK'. (Bullard went on to cite some
pre-1977 examples).

However, Marty Kottmeyer makes a pretty good case tracing the origin of the
_genre_ to Barney Hill who in March 1964 (date from memory: beware FMS)
sketched an alien that had supposedly abducted him. This drawing was
subsequently widely published. Marty found out, however, that an episode
of _The Twilight Zone_ had aired with a nearly-identical alien, just
A FEW DAYS before Barney made his sketch. (The individual sessions with
Dr. Benjamin Simon were all carefully dated and transcribed, and fan
books tell when each _Twilight Zone_ episode first aired.)

-- 
    
        Robert Sheaffer - Scepticus Maximus - shea...@netcom.com
  
 Past Chairman, The Bay Area Skeptics - for whom I speak only when authorized!


        "As women and as lawyers, we must never again shy from raising our
         voices against sexual harrassment. All women who care about
         equality of opportunity - about integrity and morality in the
         workplace - are in Professor Anita Hill's debt."

                     -- Hillary Rodham Clinton, 8/9/92, at an American Bar 
                        Association luncheon honoring Anita Hill

        "I want to make it very clear that this middle class tax cut, in 
         my view, is central to any attempt we are going to make to have 
         a short term economic strategy and a long term fairness         
         strategy, which is part of getting this country going again."   

                     -- candidate Bill Clinton, ABC News Primary Debate,
                        Manchester, New Hampshire, 1/19/92                        

Friday, April 25, 2014

Spam email from Christine Jones for governor campaign

I received the following spam email today (a link on the email claims, falsely, that I opted in for it in October 2013) from the Christine Jones for governor campaign.  Jones is a former GoDaddy executive who looks like a terrible candidate for governor of Arizona.

Dear James,

        As a Republican candidate for Governor, I am frequently
asked where I stand on the issues important to our state-issues
ranging from immigration and education to economic development
and healthcare.

        At a recent forum I was asked one of the single-most
important questions that a candidate for political office can
face. The question was, "Where does your moral compass come
from?"
        At three years old, I climbed onto the Sunday School bus
that drove the neighborhood kids to the local evangelical church.

It was there that I learned about God and His Son, Jesus. Since
then, I have let my personal relationship with Him be my moral
compass.
        One of my life phrases is, "Do the right thing because
it's the right thing to do." I am not interested in making
excuses or politicizing important issues. I am interested in
doing things based on conviction and personal belief. As
Governor, I can promise you that I will adhere to my moral
compass.
        If you would like to hear more about my story and why I
am running for Governor, I invite you to join me Tuesday, April
29th, from 6:30-8:00pm at New Life Community Church of the
Nazarene in Show Low. I hope you can make it!

        Best,

        Jones for Governor, Inc · Primary
        PO Box 13087
        Phoenix, AZ 85002-3087, United States
        Paid for by Jones for Governor, Inc.

Wednesday, January 01, 2014

Books read in 2013

Not much blogging going on here lately, but here's my annual list of books read for 2013:
  • Ross Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems (2nd ed)
  • Deborah Blum, Ghost Hunters: William James and the Search for Scientific Proof of Life After Death
  • Peter Burke, A Social History of Knowledge: From Gutenberg to Diderot
  • J.C. Carleson, Work Like a Spy: Business Tips from a Former CIA Officer
  • Ronald J. Deibert, Black Code: Inside the Battle for Cyberspace
  • Daniel Dennett, Intuition Pumps and Other Tools for Thinking
  • Cory Doctorow, Homeland
  • Sir Arthur Conan Doyle, The Complete Sherlock Holmes (re-read, thanks to free Kindle edition)
  • Roger Ebert, Life Itself: A Memoir
  • John Forester, Novelist & Storyteller: The Life of C.S. Forester, vol. 1 & vol. 2
  • Martin Gardner, Undiluted Hocus-Pocus: The Autobiography of Martin Gardner
  • Adam Gorightly, The Prankster and the Conspiracy: The Story of Kerry Thornley and How He Met Oswald and Inspired the Counterculture
  • Jason Healey, editor, A Fierce Domain: Conflict in Cyberspace, 1986 to 2012
  • Jenna Miscavige Hill: Beyond Belief: My Secret Life Inside Scientology and My Harrowing Escape
  • Daniel Kahneman, Thinking, Fast and Slow
  • Gene Kim, Kevin Behr, and George Spafford, The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win
  • Dani Kollin and Eytan Kollin, The Unincorporated Man
  • Jon Krakauer, Three Cups of Deceit: How Greg Mortenson, Humanitarian Hero, Lost His Way
  • Phil Lapsley, Exploding the Phone: The Untold Story of the Teenagers and Outlaws Who Hacked Ma Bell
  • Daniel Loxton and Donald R. Prothero, Abominable Science! Origins of the Yeti, Nessie, and Other Famous Cryptids
  • David W. Maurer, The Big Con: The Story of the Confidence Men
  • Philip Metcalfe, Whispering Wires: The Tragic Tale of an American Bootlegger
  • Torin Monahan, editor, Surveillance and Security: Technological Politics and Power in Everyday Life
  • Dale K. Myers, With Malice: Lee Harvey Oswald and the Murder of Officer J.D. Tippit
  • Adam Penenberg, Virtually True
  • Lewis Pinault, Consulting Demons: Inside the Unscrupulous World of Corporate Consulting
  • Stephen Pinker, The Better Angels of Our Nature: Why Violence Has Declined
  • Ann Rowe Seaman, America's Most Hated Woman: The Life and Gruesome Death of Madalyn Murray O'Hair
  • Karl Sabbagh, Shooting Star: The Brief and Brilliant Life of Frank Ramsey
  • Oliver Sacks, Hallucinations
  • Jim Schnabel, Remote Viewers: The Secret History of America's Psychic Spies
  • Tom Standage, Writing on the Wall: Social Media, The First 2,000 Years
  • Will Storr, Heretics: Adventures with the Enemies of Science
  • John Sweeney, The Church of Fear: Inside the Weird World of Scientology
  • Jesse Walker, The United States of Paranoia: A Conspiracy Theory
  • Lawrence Wright, Going Clear: Scientology, Hollywood, & the Prison of Belief
I made progress on a few other books (first three still not finished from last year):
  • Mark Dowd, John McDonald, and Justin Schuh, The Art of Software Security Assessment: Identifying and Avoiding Software Vulnerabilities
  • James C. Scott, Seeing Like a State: How Certain Schemes to Improve the Human Condition Have Failed
  • Michal Zalewski, The Tangled Web: A Guide to Securing Modern Web Applications
  • Richard Bejtlich, The Practice of Network Security Monitoring
  • Mary Douglas and Aaron Wildavsky, Risk and Culture: An Essay on the Selection of Technological and Environmental Dangers
  • James Grimmelmann, Internet Law: Cases & Problems (v2; v3 is out now)
  • Douglas Hofstadter and Emmanuel Sander, Surfaces and Essences: Analogy as the Fuel and Fire of Thinking
Top ten for 2013:  Ebert, Kahneman, Wright, Anderson, Pinker, Seaman, Walker, Sacks, Deibert, Dennett.  Runners Up: Blum, Kim, Miscavige Hill.

(Previously: 2012, 2011201020092008200720062005.)

Wednesday, October 30, 2013

How to use Google Authenticator with OpenBSD, OpenSSH, and OpenVPN--and why you might not want to

I thought that Google Authenticator might be a quick and easy two-factor authentication solution for VPN access to my personal network, so I did some Google searches to see if that were so.  I found quite a few sources describing how to set it up with systems that use Linux Pluggable Authentication Modules (PAM), but very little about using it with BSD Authentication on OpenBSD.

The most promising link I came across was to an implementation of Google Authentication for OpenBSD that was last updated in early 2013, based on Google's PAM code, but I couldn't get it to work.  It compiled and installed, and the googleauth code for generating a secret (and a very insecure way of generating a QR code to use to import it into the Google Authenticator application) worked fine, but I couldn't successfully use it for console login, OpenSSH login, or OpenVPN login.

I also found the standard OpenBSD port for openvpn_bsdauth, which compiled, installed, and worked successfully for password authentication by adding these lines to my OpenVPN configuration:
script-security 2
tmp-dir <path to dir writable only by _openvpn user>
auth-user-pass-verify /usr/local/libexec/openvpn_bsdauth via-file

This also requires that the authenticating user be put into the _openvpnusers group.

I was unable to get the via-env method to work, however.

I next tried the standard OpenBSD port of login_oath, which implements the OATH toolkit, which uses the same time-based TOTP protocol that Google Authenticator uses.  This turned out to do the trick.  Once installed, you create a secret key that the server authentication will check against and store it in your home directory (one thing I liked about googleauth is that it stores the shared secret in a system directory to which the user doesn't have access; better still is the suggestion of keeping the secrets on an auth server as totp-cgi does).  The documentation recommends creating the secret (which the user doesn't need to know except for the initial configuration of the Google Authenticator client application) by doing:
openssl rand -hex 20 > ~/.totp-key
I then needed to convert this from hex to base32, which is simple enough to do with the method the documentation recommends, which is using the perl module Convert::Base32 (OpenBSD port p5-Convert-Base32) and a short script like:
#!/usr/bin/perl
use Convert::Base32;
open (FILE, "/home/vpnuser/.totp-key");
$secret = <FILE>;
close (FILE);
$code = pack ('H*', $secret);
print encode_base32($code)."\n";
The resulting code can be manually entered into Google Authenticator.

To use Google Authenticator as a login method, I updated the login class for the user I wanted to use in /etc/login.conf so that its last two lines were:
:auth=-totp,passwd:\
:tc=default:
This allows either Google Authenticator or password authentication at the console, but only Google Authenticator via OpenSSH or OpenVPN as I configured them.  Instead of using "-totp" you can also use "-totp-and-pwd" which requires the entry of both your Google Authenticator code and your password (in that order, with a slash in between them) in order to authenticate.

For OpenSSH, I added the following lines to my sshd_config:
Match User <vpnuser>
     PasswordAuthentication yes
     AuthenticationMethods publickey,password:bsdauth
I don't allow password authentication at all for other users; for this user, an SSH public key must first be used, then Google Authenticator must also be used before a successful login. [Updated 1 Nov 2013 to add:  After a reboot, this ssh config failed with a log message of "fatal: auth2_update_methods_lists: method not in AuthenticationMethods".  Removing the ":bsdauth" made it work again (it works since the "password" authentication method will use BSD Authentication by default), but this looks like an SSH bug.]

So why might you not want to do this?  While Google Authenticator ensures that what is used over the network as a password is better than a typical user-selected password, it effectively stores a shared secret in plaintext at both ends of the connection, which is far less secure than SSH public key authentication.  If the device where Google Authenticator is present gets compromised, that secret is compromised.  And as the above link about totp-cgi points out, if you use Google Authenticator with the same secret across multiple machines, that secret is only as secure as the least secure host it's stored on, and using different secrets for different machines doesn't scale very well with the application.  A password safe with randomly generated passwords, stored in encrypted form, is probably a better solution in most cases. [Updated 2 November 2013: Authy uses the same TOTP mechanism as Google Authenticator, but encrypts the secret key on the client side.  That encryption is really more obfuscation than encryption since the key is based on phone attributes and can potentially be reverse engineered.]

As I've set it up, I'm still relying on SSH public key authentication for SSH logins, and on certificate authentication for VPN logins, in addition to Google Authenticator.  For the case of logging into my VPN from my laptop and having Google Authenticator on a separate mobile device, it does seem to be a security improvement (though I welcome anyone to show me that the gains are illusory).

UPDATE (July 31, 2019): Note that you should make the .totp-key file in the user's home directory owned by and only readable by root, or else you're effectively permitting that user to do passwordless doas/sudo, since passworded doas/sudo will use the TOTP mechanism for authentication. That won't stop the user from removing the .totp-key file and replacing it with their own, but at least that action becomes detectible. To prevent removal, on OpenBSD you can set the file to be immutable (schg flag) and run at securelevel=2. But a better solution would really be to put those secrets somewhere outside of the individual user's home directory.

UPDATE (October 22, 2019): The OpenVPN authentication with 2FA is broken in OpenBSD 6.6, it now leads to user/password authentication failures. Not sure why yet.

UPDATE (October 22, 2019 #2): Looks like it may have been user error, it works now, though I did update my _openvpnusers group to the new number (811) from the old one (596), but the number itself shouldn't be hardcoded in openvpn_bsdauth, so that shouldn't have had an impact.

UPDATE (30 October 2022): Also see Solene Rapenne's blog post on this same topic.

Friday, April 05, 2013

Matt Dillahunty and disbelief by default

In his recent talk at the American Atheist convention on skepticism and atheism, Matt Dillahunty states (at about five minutes in) that skepticism does tell us what to believe in the case of untestable claims--that the default position is disbelief.

But no, the default position has to be nonbelief, not disbelief.  To disbelieve in a proposition is to believe in the negation of the proposition, to believe that the original proposition is false.  And Dillahunty already said that (a) we should proportion our belief to the evidence and that (b) the proposition in question is untestable, meaning there is no evidence for or against it.

The position he describes is logically inconsistent.

We know that there are untestable propositions that are true.  We shouldn't believe that they are false simply because they are untestable. We should only believe they are false if we have good reasons to believe they are false; in the absence of that we should be agnostic.

(Added 5:36 p.m.: What are the implications for the above argument if it is the case that untestability does not entail lack of evidence or reasons?  What about if we distinguish evidential from non-evidential reasons?  And if we take the latter course, what does that say about proposition (a), above? Left as an exercise for commenters.)

Saturday, March 09, 2013

Isaac Funk and the Widow's Mite

One of the more interesting and better documented cases of surprisingly accurate information from a spirit medium that is described in Deborah Blum's fascinating book, Ghost Hunters: William James and the Search for Scientific Proof of Life After Death (2006, Penguin Books), is the case of Isaac Funk and the Widow's Mite (pp. 260-262).

Funk, of Funk & Wagnall's Dictionary, had been visiting a medium in Brooklyn, New York in February 1903.  About his third visit, he subsequently described the following (in Isaac K. Funk, The Widow's Mite and Other Psychic Phenomena (1904, Funk & Wagnalls), pp. 159-160, now in the public domain due to copyright expiration):
About eleven o'clock the control named "George," in his usual strong masculine voice, abruptly asked: "Has anyone here got anything that belonged to Mr. Beecher?" There was no reply. On his emphatic repetition of the question, I replied, being the only one present, as I felt sure, who had ever had any immediate acquaintance with Mr. Beecher: "I have in my pocket a letter from Rev. Dr. Hillis, Mr. Beecher's successor.  Is that what you mean?" 
The answer was: "No; I am told by a spirit present, John Rakestraw, that Mr. Beecher, who is not present, is concerned about an ancient coin, 'The Widow's Mite.' This coin is out of its place, and should be returned. It has long been away, and Mr. Beecher wishes it returned, and he looks to you, doctor, to return it." 
I was considerably surprised, and asked: "What do you mean by saying that he looks to me to return it? I have no coin of Mr. Beecher's!" 
"I don't know anything about it except that I am told that this coin is out of place, and has been for a number of years, and that Mr. Beecher says you can find it and return it."
I remembered then that when we were making "The Standard Dictionary," some nine years before, I had borrowed from a gentleman in Brooklyn--a close friend of Mr. Beecher's, who died several years ago--a valuable ancient coin known as "The Widow's Mite."  He told me that this coin was worth hundreds of dollars, and, under promise that I would see that it was returned to the collection where it belonged, he would loan it to me. ... 
I said to the control, "The only 'Widow's Mite' that has ever been in my charge was one that I borrowed some years ago from a gentleman in Brooklyn; this I promptly returned"; to which the control replied: 
"This one has not been returned." And then, after a moment's silence, he said: "Do you know whether there is a large iron safe in Plymouth Church?" 
I answered: "I do not." 
He said: "I am impressed that this coin is in a large iron safe, that it has been lost sight of; it is in a drawer in this safe under a lot of papers, and that you can find it, and Mr. Beecher wishes you to find it." 
I said: "Do you mean that this safe is in Plymouth Church?" 
He said: "I don't know where it is. I am simply impressed that it is in a large iron safe in a drawer under a lot of papers, and has been lost sight of for years, and that you can find it, and Mr. Beecher wishes you to find it. That is all that I can tell you."
Funk goes on to inquire of his business manager, who insists that it was returned, and of Mr. Wagnalls and Wheeler, who knew nothing of the coin, but Wheeler, a skeptic, suggests that it's a good test.  Funk asks a cashier, who remembers the coin, but also says that it had been returned, to investigate.  After twenty minutes, the cashier returns with an envelope containing two "Widow's Mites," which was located in one of two safes (the large iron one), in a drawer under papers.

The two coins are a smaller light-colored one and a larger black one, and Funk recalls that the smaller one was used for the illustration in the dictionary and that it was the genuine article, while the other was a fake.  He returns to the medium, and asks which coin is the right one.  Contrary to his belief, the medium (as "George") says that it is the black one, and that the friend of Mr. Beecher's to whom it belongs is a man associated with a large ladies' school in Brooklyn Heights.  Funk recalls that it was borrowed from Prof. Charles E. West, head of a ladies' school in Brooklyn Heights.

Funk sends both coins to the Philadelphia Mint for examination, and they determine that the medium is correct, the black one is the correct one, and the wrong one was used for the illustration in the dictionary.

Funk notes that the preface of the dictionary notes, regarding the illustrations, contains the description "The Widow's Mite (which was engraved from an excellent original coin in the possession of Prof. Charles E. West of Brooklyn, N.Y.)."

Funk's book provides a number of affidavits supporting the recounting of events, including that only two people present with the medium knew of Funk's connection to the coin (Funk and Irving Roney, the latter of whom provided an affidavit), that no one knew that the coin had not been returned, and that the cashier staff had no knowledge of the coin which was in the safe in their office.

The coin was returned to West's son, who also provides an affidavit stating that he was unaware that the coin had not been returned and assumed that it had been.  Funk says he dined repeatedly with the elder West prior to his death, and the coin was never brought up.

Funk proceeds to list a series of facts about the case and some possible explanations (pp. 168ff), and finds difficulties with fraud, coincidence, telepathy and clairvoyance, and spirit communications as explanations, though he appears to favor the last of these.

Funk presented the case to a number of eminent scientists of the day, including William James, Alfred Russell Wallace, and William Crookes, of which those listed were all associated with the SPR or ASPR and each suggested spirits as a possible explanation.  Many of the other scientists and philosophers, however, suggested fraud or deception (see table in Funk's book, pp. 177-178).

As presented in Blum's book, this case seems more impressive than it does with all of the details in Funk's account.  What I find suspicious are that the medium is located in the same city as the person from whom the coin was borrowed, that the connection between the owner of the coin and the illustration was published in Funk's dictionary (omitted by Blum), and that although the son had forgotten about the coin being loaned out, he thought "it altogether likely that his father told at the time other members of his family, and possibly some persons outside the family" (Funk, p. 174).  All that it would take for the fraud hypothesis would be that the medium had heard, second-hand, about the never-returned coin, and speculated that it had been forgotten and was kept in a safe (and perhaps offered a guess about which coin was genuine; that information has no clear source from the details recounted).  Funk infers that because West never brought up the coin that he had forgotten about it, but that is an assumption on his part--perhaps West made periodic complaints about it not having been returned, but didn't mention it to his son.  Funk suggests, based on class distinctions, that no one in the medium circle other than himself would have known that West even existed, which seems a highly questionable assumption.

Wednesday, March 06, 2013

The Decline (and Probable Fall) of the Scientology Empire

My talk from January 19, 2013 to the National Capitol Area Skeptics is now online!

Thanks very much to the NCAS for professionally recording and editing this video.

I've included some notes and comments below.


  • 0:50 & 42:29 "Advanced Teachings" available at all Advanced Orgs are up to OT V. Advanced Orgs can deliver through OT V; OT VI & VII can only be obtained at the Flag Service Organization (FSO) in Clearwater, FL, and OT VIII can only be obtained on Scientology's cruise ship, the Freewinds. See: http://www.xenu.net/archive/ot/
  • 8:01 German U-boat -- I should have said Japanese submarine
  • 9:14 Photo is often claimed to be from 1968 but is really from 1959-60, so Cleve Backster probably wasn't the source of Hubbard's claim, as I originally said in the talk (also see my previous blog post on this topic).
  • 10:53 Aleister Crowley is pronounced "crow-lee," not "craugh-lee" (I have apparently have not broken a bad habit of following Ozzy Osbourne's pronunciation).
  • 13:59 the Fraser Mansion, though referred to by Scientology as the "founding church" from the 1970s to 2010, wasn't the original building. The original building, at 1812 19th St. NW, is now a museum called the L. Ron Hubbard House (though his house was across the street), which the church acquired in 2004. The Fraser Mansion is now Scientology's National Affairs Office.
  • 14:11 The first use of the name "Church of Scientology" was by the Church of Scientology founded in Camden, N.J. in Dec. 1953; the first Church of Scientology corporation was in Los Angeles (Feb. 1954, which became the Church of Scientology of California in 1956), the Church of Scientology of Arizona was incorporated that same year. Hubbard's organization while he lived in Phoenix was the Hubbard Association of Scientologists, International (HASI), founded in Sep. 1952. All HASI assets were folded into the Church of Scientology of California in 1966.
  • 31:07 "Division 20" should have been "Department 20."
  • 32:43 "bad status" -- Scientology "conditions" are a scale, like the tone scale, that your "ethics" are in, which are positive or negative. For each condition there is a "conditions formula" you are supposed to apply to get to the next better condition. Those assigned to the RPF are put in a condition of "liability" (the rag on arm mentioned is a sign of the condition of liability). See: http://www.cs.cmu.edu/~dst/Library/Shelf/wakefield/us-11.html
  • 41:07 PIs following the Broekers--mainly Pat Broeker; after one apparent attempt to leave (described in Lawrence Wright's book, Going Clear), Annie Broeker remained in Scientology until her death. Tony Ortega describes the testimony of the two PIs, who spoke out for one day before their lawsuit with Scientology was settled: http://tonyortega.org/2012/11/29/scientologys-master-spies/
  • 43:22 Lawrence Wright's book says that "Int Base" and "Gold Base" are two different bases at the same location; "Int" being the international headquarters and "Gold" named after Golden Era Studios.
  • 1:05:35 "dog was drowned" -- Judge Swearinger's dog, Duke, a miniature collie, drowned, it's not certain that it "was drowned."
  • 1:07:10 "unable to attend uncle's funeral" -- Hubbard died on January 24, 1986; the Challenger explosion was January 28, 1986.
  • 1:17:43 St. Louis Ideal Org.  The pictured Masonic Temple is not the St. Louis Ideal Org, which is still under construction. (Thanks to ThetanBait on YouTube for this correction.)
  • Narconon's drug purification program involves vitamin (esp. niacin) megadoses, but "injections" is not correct.

Tuesday, January 01, 2013

Books read in 2012


Books read in 2012:
  • Scott Atran, In Gods We Trust: The Evolutionary Landscape of Religion
  • Andrew Blum, Tubes: A Journey to the Center of the Internet
  • Henry A. Crumpton, The Art of Intelligence: Lessons from a Life in the CIA's Clandestine Service
  • Robin Dreeke, It's Not All About "Me": The Top Ten Techniques for Building Quick Rapport with Anyone
  • David Edmonds and John Eidinow, Rousseau's Dog: Two Great Thinkers at War in the Age of Enlightenment
  • Bart D. Ehrman, Did Jesus Exist? The Historical Argument for Jesus of Nazareth
  • Misha Glenny, DarkMarket: How Hackers Became the New Mafia
  • Grant Foster, Noise: Lies, Damned Lies, and Denial of Global Warming
  • Torkel Franzén, Gödel's Theorem: An Incomplete Guide to Its Use and Abuse
  • Andy Greenberg, This Machine Kills Secrets: How WikiLeakers, Cypherpunks, and Hacktivists Aim to Free the World's Information
  • James Hannam, God's Philosophers: How the Medieval World Laid the Foundations of Modern Science
  • Sam Harris, Lying
  • Joseph Heath, Economics Without Illusions: Debunking the Myths of Modern Capitalism
  • Edward Humes: Monkey Girl: Evolution, Education, Religion, and the Battle for America's Soul
  • Ronald Kessler, The Secrets of the FBI
  • Susan Landau, Surveillance or Security? The Risks Posed by New Wiretapping Technologies
  • Declan McHugh, Bloody London: A Shocking Guide to London's Gruesome Past and Present
  • Robert A. Melikian, Vanishing Phoenix
  • Mike McRae, Tribal Science: Brains, Beliefs, and Bad Ideas
  • P.T. Mistlberger, The Three Dangerous Magi: Osho, Gurdjieff, Crowley
  • Evgeny Morozov, The Net Delusion: The Dark Side of Internet Freedom
  • Eduardo Obregón Pagán, Historic Photos of Phoenix
  • Parmy Olson, We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency
  • Bruce Schneier, Liars and Outliers: Enabling the Trust that Society Needs to Thrive
  • Ali H. Soufan, with Daniel Freedman, The Black Banners: The Inside Story of 9/11 and the War Against Al-Qaeda
  • Neal Stephenson, REAMDE
  • Cole Stryker, Epic Win for Anonymous: How 4chan's Army Conquered the Web
  • Tim Weiner: Enemies: A History of the FBI
  • Jon Winokur (compiler & editor), The Big Curmudgeon
  • Tim Wu, The Master Switch: The Rise and Fall of Information Empires
I made substantial progress on a few large books:
  • Ross Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems (2nd ed)
  • Mark Dowd, John McDonald, and Justin Schuh, The Art of Software Security Assessment: Identifying and Avoiding Software Vulnerabilities
  • Stephen Pinker, The Better Angels of Our Nature: Why Violence Has Declined
  • James C. Scott, Seeing Like a State: How Certain Schemes to Improve the Human Condition Have Failed
  • Michal Zalewski, The Tangled Web: A Guide to Securing Modern Web Applications

(Previously: 2011201020092008200720062005.)

Saturday, September 22, 2012

Capitalist vs. socialist bombs

While reading Ross Anderson's massive tome, Security Engineering: A Guide to Building Dependable Systems (second edition), I came across this paragraph in section 19.7 on "Directed Energy Weapons" (p. 584):
Western concern about EMP grew after the Soviet Union started a research program on non-nuclear EMP weapons in the mid-80s.  At the time, the United States was deploying 'neutron bombs' in Europe--enhanced radiation weapons that could kill people without demolishing buildings.  The Soviets portrayed this as a 'capitalist bomb' which would destroy people while leaving property intact, and responded by threatening a 'socialist bomb' to destroy property (in the form of electronics) while leaving the surrounding people intact.
This reminded me of a science fiction story I read in Omni magazine at about the time in question, which Google reveals was "Returning Home" by Ian Watson in the December 1982 issue.  In the story, the Americans and the Soviets attacked each other, the Americans using neutron bombs which killed all of the Soviets, and the Soviets using some kind of bomb which destroyed essentially everything except the people.  The ending twist was that the surviving Americans ended up migrating to the Soviet Union and adopting the Soviet culture.

Friday, August 10, 2012

The myth of fingerprints

I've been reading Ross Anderson's epic tome, Security Engineering: A Guide to Building Dependable Distributed Systems (2nd edition, 2008, Wiley), and have just gotten into the chapter on biometrics (ch. 15).  Section 15.5.2, on Crime Scene Forensics, points out three major criminal cases where fingerprint matches have been in error, including the Brandon Mayfield case which I wrote about at this blog back in 2007.  Anderson points out that law enforcement agencies have claimed to juries "that forensic results are error-free when FBI proficiency exams have long had an error rate of about one percent, and misleading contextual information can push this up to ten percent or more" (pp. 470-471).  It's probability at work:
Even if the probability of a false match on sixteen points [the UK standard, the U.S. has no minimum] were one in ten billion (10-10) as claimed by police optimists, once many prints are compared against each other, probability theory starts to bite. A system that worked fine in the old days as a crime scene print would be compared manually with the records of a hundred and fifty-seven known local burglars, breaks down once thousands of prints are compared every year with an online database of millions. (p. 471)
One of the other two cases Anderson discusses is that of Scottish policewoman Shirley McKie, who was prosecuted on the basis of a 16-point fingerprint match found at a murder scene and could not find any fingerprint examiner in Britain to defend her.  She found two Americans who testified on her behalf that it was not a match (Anderson shows the crime scene print and her inked print on p. 469; the crime scene print is heavily smudged).  McKie's own fellow officers tried to convince her to give false testimony about her presence at the crime scene, which she refused to do.  She was acquitted, but lost her job and was unable to get reinstated.

The third case Anderson mentions is Stephan Cowans, who was convicted of shooting a police officer after a robbery in 1997.  He was convicted, but argued it was not his fingerprint.  After Cowans was able to get crime scene evidence tested for DNA which was found not to match, a re-examination of the fingerprint also found that there was no match.  So six years after his conviction, he was acquitted on appeal.

Further evidence of the errors which can arise from fingerprint examination comes from two studies by psychologist Itiel Dror which Anderson describes.  In one study, five fingerprint examiners were each shown a pair of prints, allegedly the falsely matched prints from the Mayfield case, and asked to point out the errors.  Three examiners gave explanations for the non-matches, one said that they did, in fact, match, and one was uncertain.  In fact, the pairs of prints were each purported matches by the corresponding examiner from a recent criminal case, so only one of the five was still certain that a match testified to in court was in fact a match upon re-examination with a skeptical mindset.  In a second study, Dror gave each of six experts eight prints that they had matched in previous cases, and four of the six gave inconsistent results.

Anderson points out that belief in the infallibility of fingerprint evidence has the effect of promoting carelessness by examiners, not giving proper critical scrutiny to the method or its assumptions in changing conditions (e.g., the increase in the number of fingerprints to match against in the age of the computer), and increasing the negative consequences of cases of failure.  In the McKie case, Anderson points out, "there appears to have arisen a hierarchical risk-averse culture in which no one wanted to rock the boat, so examiners were predisposed to confirm identifications made by colleagues (especially senior colleagues).  This risk aversion backfired when four of them were tried for perjury." (p. 472)

Itiel Dror's two papers (references from Anderson, p. 923):

IE Dror, D Charlton, AE Péron, "Contextual information renders experts vulnerable to making erroneous identifications," in Forensic Science International 156 (2006) 74-78

IE Dror, D Charlton, "Why Experts Make Errors," in Journal of Forensic Identification v 56 no 4 (2006) pp 600-616; at http://users.ecs.soton.ac.uk/id/biometrics.html

(Previously, which includes reference to Simon Cole's book on fingerprint evidence which shares the title of this post.)