Firearm & Gun Forum - FireArmsTalk.com

Firearm & Gun Forum - FireArmsTalk.com (http://www.firearmstalk.com/forums/)
-   NFA/Class 3 & FFL Discussion (http://www.firearmstalk.com/forums/f47/)
-   -   ATF ruling--electronic A&D books (http://www.firearmstalk.com/forums/f47/atf-ruling-electronic-d-books-6881/)

Musket 09-10-2008 02:36 AM

ATF ruling--electronic A&D books
 
FYI, from NSSF:
************

Major ATF Ruling Authorizing
Electronic A&D Books

Following discussion with the National Shooting Sports Foundation (NSSF) -- the trade association for the firearms industry -- and many industry members, the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) announced yesterday a major new ruling authorizing federal firearms licensees to use electronic (computerized) acquisition and disposition records provided the software used satisfies certain ATF requirements set forth in the ruling signed by Acting Director Michael Sullivan.

FFLs will no longer need to seek a variance from the Director of Industry Operations to keep a computerized A&D book.

"NSSF would like to congratulate ATF, and in particular the leadership of Acting Director Sullivan, on helping to reduce the paperwork burden on industry," said NSSF Senior Vice President and General Counsel Lawrence G. Keane. "We look forward to continuing to work with ATF on other ways to utilize technology to aid America's firearms manufacturers and retailers to reduce their paperwork burden while continuing to permit ATF to protect public safety."

The ATF, at the urging of NSSF and firearms retailers, is expected to launch a voluntary E– Form 4473. This is a development which will save retailers time and greatly reduce the likelihood of entry violations.

NSSF's Mission Statement
"Our purpose is to provide trusted leadership in addressing industry challenges and in delivering programs and services to meet the identified needs of our members."

Click here to visit the NSSF Web site and see how we accomplish this mission.

COPYRIGHT © 2008 by National Shooting Sports Foundation, Inc. Permission is granted for broadcast, publication, retransmission to e-mail lists, Web sites or any other copying or storage, in any medium, online or not, if 1) the text is forwarded in its entirety, including this paragraph, and 2) no fee is charged. "Bullet Points®," "National Shooting Sports Foundation®," "NSSF®," and all other trade names, trademarks, service marks, logos and images of the National Shooting Sports Foundation appearing in this publication are the sole property of the Foundation and may not be used without the Foundation's prior express written permission. All other trade names, trademarks, service marks, logos and images appearing in this publication are trademarks or registered trademarks of their respective owners.

cpttango30 09-11-2008 01:04 AM

I see one problem with this. If a firearms dealer is keeping an electronic record of all firearms transactions. It needs to be done on a computer that is not (NOT) connected to the Internet in any way.

They should not use a wireless network either. If they have to use a wireless network they need to install a physical firewall between the computer and the Internet and use the highest amount of encryption over their wireless network which is WPA (Wireless Protected Access). For no reason should the dealer run a wireless network and use Wired Equivalent Privacy (WEP) which means it offers you the same amount of protection as a wired network would. I personally would not have a wireless network anywhere close to the computer that had these forms on them.

Windows has holes MAC OSX has holes. Linux would be your best and safest operating system to use with this why? Well no one writes viruses for Linux because the guys that write viruses are running Linux not windows xp or vista. Linux is also open-source and has hundreds of thousands of people making changes to the OS all the time so a backdoor on your Linux might not be unlocked on mine. Their is really no sure fire way to keep these records safe. If these records are on a computer they can be obtained no matter what. Short of a fire that totally melts the Hard drive there is a way to recover data. If the computer is hooked up to the Internet it is only a matter of time before someone opens an email and gets virus, trojan, worm, or something nasty on it. So me personally I would not buy from a store using this. That is the Network Engineer in me. I have a buddy that can hack your computer in a matter of a few minutes and retrieve 99% of your data in a few more minutes.

So to me this is not a good solution as of right now. If the FFL does do this it should be on a laptop that either goes home with him at night or goes in the biggest nastiest safe in the building

Musket 09-11-2008 01:51 AM

well, not being all that tech savvy, and not an FFL holder, I cant really comment. I just thought it would be of interest to folks...:)

cpttango30 09-11-2008 11:23 AM

What is going to happen is people are going to be less secure with their records and then they are going to lose them to a computer crash Blue Screen of Death (BSOD) or something like that. Or they are going to have the computer compromised or stolen outright. That gives them access to social security numbers and personal information. Then not only do they know some of the guns you just bought they know your address, your name and social. So they are going to steal your id along with your guns.

I don't see this as being a good thing myself.

bkt 09-11-2008 05:22 PM

Quote:

Originally Posted by cpttango30 (Post 40016)
I see one problem with this. If a firearms dealer is keeping an electronic record of all firearms transactions. It needs to be done on a computer that is not (NOT) connected to the Internet in any way.

They should not use a wireless network either. If they have to use a wireless network they need to install a physical firewall between the computer and the Internet and use the highest amount of encryption over their wireless network which is WPA (Wireless Protected Access). For no reason should the dealer run a wireless network and use Wired Equivalent Privacy (WEP) which means it offers you the same amount of protection as a wired network would. I personally would not have a wireless network anywhere close to the computer that had these forms on them.

Windows has holes MAC OSX has holes. Linux would be your best and safest operating system to use with this why? Well no one writes viruses for Linux because the guys that write viruses are running Linux not windows xp or vista. Linux is also open-source and has hundreds of thousands of people making changes to the OS all the time so a backdoor on your Linux might not be unlocked on mine. Their is really no sure fire way to keep these records safe. If these records are on a computer they can be obtained no matter what. Short of a fire that totally melts the Hard drive there is a way to recover data. If the computer is hooked up to the Internet it is only a matter of time before someone opens an email and gets virus, trojan, worm, or something nasty on it. So me personally I would not buy from a store using this. That is the Network Engineer in me. I have a buddy that can hack your computer in a matter of a few minutes and retrieve 99% of your data in a few more minutes.

So to me this is not a good solution as of right now. If the FFL does do this it should be on a laptop that either goes home with him at night or goes in the biggest nastiest safe in the building

Why can't an FFL have a wireless network for his primary computer, but a secondary computer without a wifi card (either an older laptop or a new desktop), and hardwire his FFL computer directly into his router. Use SSL to transmit sensitive data and don't worry about wireless signals being intercepted.

I take umbrage, incidentally, at your comment that we Linux users are the ones writing viruses. :D Sure, we laugh a lot at Windoze users who have to reinstall their OS every so often, but we're not the black hats.

cpttango30 09-11-2008 10:52 PM

no not everyone is a black hat. I ment no slight towards you other OS users.

You and I can talk SSL and that but really how many FFL's are in the know about tht kind of security. most banks don't encrypt your data set over the net from an atm machine. If the ATF wants this done then I think they need to set standards for the FFL dealers as far as security and encryption of the FFL data.

anm2_man 09-12-2008 01:15 AM

I don't think BATF is supporting this via the internet. What they are doing is now allowing any FFL to keep his books in EXCEL or via a custom software application. The problem before was that if you wanted to do this, you had to get a variance to keep the records electronically. I know of several EXCEL macro's that are available for this function.

I don't think there are going to be any more privacy issues than there were when hardcopy books were required. There are more issues today when you use your Credit card at the grocery store.

cpttango30 09-13-2008 01:05 AM

Quote:

Originally Posted by anm2_man (Post 40169)
I don't think BATF is supporting this via the internet. What they are doing is now allowing any FFL to keep his books in EXCEL or via a custom software application. The problem before was that if you wanted to do this, you had to get a variance to keep the records electronically. I know of several EXCEL macro's that are available for this function.

I don't think there are going to be any more privacy issues than there were when hardcopy books were required. There are more issues today when you use your Credit card at the grocery store.

I personaly don't want anything to do with electronic copy's of a 4473 floating around. It is to easy to get the information off a computer unless you have a system like the pentagon who gets 1 million + attacks everyday.

Slickrick214 09-18-2008 06:39 AM

Quote:

Originally Posted by cpttango30 (Post 40077)
What is going to happen is people are going to be less secure with their records and then they are going to lose them to a computer crash Blue Screen of Death (BSOD) or something like that.

Lol. One of my teachers use the Blue Screen Of Death jokingly all the time. I agree though if this program is hooked up to the internet it won't take long before its hacked.

Blue Screen Of Death
http://technabob.com/blog/wp-content...06/11/bsod.gif

Gunsmith65 04-03-2009 08:01 PM

My 2 Cents.

Electronic data keeping is perfectly safe and lessens the amount of paperwork and storage for dealers.

That said, I agree that anyone who decides to use electronic means of data keeping should be aware of problems such as hard drive failures, security, and theft.

Hard drive failures can be mitigated by a regularly scheduled full backup on separate hard drive/s. Both need to be malware and virus scanned daily or at the very least every other day if you are wired (or wirelessly) connected to the internet. Weekly if not connected and you are transferring data from a connected source.

Security is important and I agree, use more incryptioin than the WEP. Use your firewall and any additional security that you can get. We have a responsibility to keep our customer's information confidential.

Theft applies to both hard and electronic formats. Both need physical security and electronic needs the added software security. Or hardware, as CPTtango30 suggested, and don't connect your database computer to the internet.

I think there are pluses and minuses with both methods. You just have to be committed to whichever method you use and deal with the extra paperwork or deal with the extra electronic security.

Me, I am electronic all the way. I doubt my laptop will be connected to the internet anyway but just in case, it will have my desktop as backup and all the extra security I can get. Hey, it's deductable. Why not. :)

GS


All times are GMT. The time now is 11:12 AM.

Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.