PDA

View Full Version : So why don't we write our own front end for the DROS system?


AJAX22
08-04-2010, 6:28 PM
I think even we all can agree that the ca dros system has a horrible front end which causes a huge number of problems (such as the inability to register a stripped receiver in a way that is not a long gun, or not being able to put aditional long guns on a pistol dros)

so.... What prevents us from writing our own bit of code to access the database? It would be a fairly simple project, and we could make a few small changes which would yield some substantial gains....

And it could be a for proffit venture... The new improved interface software could be marketed directly to ffl's

I know I would like the ability to build up any stripped receiver into either a pistol or rifle... And I would buy a lot more rifles if I could throw them on a pistol dros...

Your thoughts guys?

Librarian
08-04-2010, 8:15 PM
While you may propose a better technical solution, it will certainly run into the 'Not Invented Here" syndrome at CA-DOJ. An FFL that used non-certified-by-DOJ software would likely have problems at next inspection.

But sell it to DOJ ....

AJAX22
08-05-2010, 7:09 AM
Is there any reason why an ffl couldn't use an alternative front end? Why would doj approval even be needed? Their database can't tell wha is accessing it.. Is there anything in the law restricting what can be used?

elrcastor
08-05-2010, 7:15 AM
I doubt DOJ, would like it at all. If we could write our own front end it would actually completly comply with state/federal law and doj would loose a lot of their power.

AJAX22
08-05-2010, 9:30 AM
The doj doesn't like a LOT of the stuff that we do....

Frankly I'm of the opinion that the more they dont like it the further it advances our cause (assuming that we stay within the bounds of the law)

so is there any law which restricts what we are looking to do?

ptoguy2002
08-05-2010, 11:23 AM
Who wrote the existing software?
And who supplies it?
And who owns it?

ETA: Looks like verizon.

ptoguy2002
08-05-2010, 1:45 PM
Can I load my own personal software on my DOJ-issued PC?

Yes; however loading hardware or software to your DOJ-issued PC may invalidate/void the warranty.
So does the DOJ "issue" pc's?

FS00008
08-05-2010, 2:16 PM
Not that I know of... my favorite FFL bought his at Fry's.

Librarian
08-05-2010, 8:36 PM
The doj doesn't like a LOT of the stuff that we do....

Frankly I'm of the opinion that the more they dont like it the further it advances our cause (assuming that we stay within the bounds of the law)

so is there any law which restricts what we are looking to do?

Probably only DOJ getting in a snit about it.Barclays Official California Code of Regulations
Title 11. Law
Division 5. Firearms Regulations
Chapter 2. Department of Justice Regulations for the Centralized List of Firearms Dealers
Article 3. Compliance Inspections
Sectionž 4022. Firearms Dealer Inspections.

(a) The Department may conduct on-site inspections at a dealer's business premises to determine compliance with firearms laws pursuant to Article 4 of Chapter 1 of Title 2 of Part 4 of the Penal Code, ....

Another part of the DOJ FAQ: Can I use the personal computer in my store to submit DROS information?

Firearms dealers may use their own computers to submit DROS information if their computer meets the minimum configuration requirements and they have a magnetic card swipe reader. The DROS information is sent via a secure dial-in connection directly to the current DROS contractor, MCI. To determine the minimum PC configuration requirements to submit DROS information, contact the MCI DROS Service Center at 1-800-974-DROS (3767). Please note, however, that Macintosh computers cannot be used. To obtain a magnetic card swipe reader, contact the manufacturer, NewBold, at 1-888-855-7978 and ask for John Miller. You must inform the manufacturer that you intend to use the device with the California DOJ DROS Entry System. The cost for the device is $95.00 plus tax, shipping, and handling.

AJAX22
08-05-2010, 8:41 PM
If it will cause a snit, and its not illegal... I know some guys who'd be more than happy to implement it ;)

I wonder if the DROS system details are available through a record request?

socalblue
08-05-2010, 9:05 PM
Is there any reason why an ffl couldn't use an alternative front end? Why would doj approval even be needed? Their database can't tell wha is accessing it.. Is there anything in the law restricting what can be used?

Yes, in fact there are laws greatly restricting access to any DOJ system. Think about this - would you want anyone with an FFL able to look into AFS & see that data? Not to mention possibly being able to manipulate the various data sources?

That being said, the current software likely just creates a formatted data file that is sent to DOJ (I would assume that it is encrypted in some manner). In other words, never a connection to the actual data. Creating an application to replace the current front end would likely be a fairly straightforward task.

tankerman
08-05-2010, 11:02 PM
Wouldn't it be easier if it was CITRIX based?

Californio
08-06-2010, 11:20 AM
Knowing how old the iron the gubmint has its probably, EPSDIC:D

sfwdiy
08-06-2010, 12:38 PM
Wouldn't it be easier if it was CITRIX based?

Never make a suggestion to a government agency that has the potential to improve efficiency. They don't take kindly to that sort of thing. :p

--B

Librarian
08-06-2010, 1:40 PM
Knowing how old the iron the gubmint has its probably, EPSDIC:D

Those of us old enough to have worked that iron know it's EBCDIC - Extended Binary Coded Decimal Interchange Code (http://en.wikipedia.org/wiki/Ebcdic).

ASCII me a question! But not about IBM big iron, I was really a DEC guy.

DROS clients are PCs; don't know what the server side is.

AJAX22
05-17-2011, 3:37 PM
Ok, this topic has become newly relevant in a BIG way.

Is there any way to get a hold of the specifications of the data hand off between the server and the FFL's system?

zinfull
05-17-2011, 4:01 PM
When DROS first came out the DOJ did issue computers to the FFLs.

jerry

a1c
05-17-2011, 4:30 PM
We do. It's called iTrader. ;)

Mesa Tactical
05-17-2011, 4:52 PM
I would hope, but wouldn't be surprised if my hope was dashed, there was a simple XML schema to the data transferred. That way the front end could be browser based, even if the database server doesn't have a web server. This would allow the same front end to be used when the system inevitably moves to the internet. It would also allow the client app to be compatible with Macs as well as PCs.

So you need an HTML based front end that saves a file locally, then a little client (one for Windows, one for Mac, one for Linux, if that's how you roll) that simply parses the file, dials MCI, authenticates itself and squirts it across, then receives the confirmation.

If yo could get your hands on the data schema, this would be a pretty simple app.

Moto4Fun
05-17-2011, 5:11 PM
What if you could fill out your own DROS on your iPhone and just "bump" it to the FFL's hand held terminal and be done with it?! That's impossible though, someday we will have that kind of technology:rolleyes:

"Would you like me to email you your copy of the DROS?"

Moto4Fun
05-17-2011, 5:14 PM
While we're at it, I want an ap that gives me my real time 10-day jail countdown with a picture of my gun, and it gives me reminders with new random photos of my new gun. Is that too much to ask?

AJAX22
05-17-2011, 6:13 PM
This should be public information right?

Mesa Tactical
05-18-2011, 10:35 AM
This should be public information right?

Have you tried calling the DoJ Bureau of Firearms? (916) 263-4887.

You'll probably get the run-around at first since this is an unusual request, but the agents usually try to be helpful.

CHS
05-18-2011, 11:18 AM
Is there any way to get a hold of the specifications of the data hand off between the server and the FFL's system?

The DROS software is an ActiveX plugin that runs in IE. It is accessed via https, and I assume that all communications are encrypted.

It may be possible to set up a man-in-the-middle proxy server using something like Squid to relay the data and see what exactly is submitted to the DOJ.

And of course one can always run a sniffer, but that might not tell us anything except that yes, it's actually encrypted.

FS00008
05-18-2011, 1:06 PM
ActiveX? https only? Why is it so antiquated?????

FS00008
05-18-2011, 1:08 PM
Perhaps you could sell a new software pack on updated security and privacy alone.. Or on multi platform compatibility.

ldivinag
05-18-2011, 2:13 PM
ActiveX? https only? Why is it so antiquated?????

because the gov is hooked onto IE "technology" and never really left since it worked for them.

God forbid someone mentions open source to them...

trust me. i have tried. but i think the pencil pushers/head bean counters at most gov places cant use open source cause they have no one to sue.

and yes, i ran into that situation a few years ago while dealing with someone 3 levels above my pay grade...

sigh...

ontargetrange
05-18-2011, 2:55 PM
All,

You have missed the issue here. The DOJ does not run the software, they subcontracted it out way back when to MCI and they run it. DOJ just gets the data feed they are given from MCI.

So any front end support would have to be run through them first and approved by DOJ second. If it costs any money or takes any time to support this activity, you know they are going to say no.

G1500
05-18-2011, 3:33 PM
DROS clients are PCs; don't know what the server side is.

I'm going to say either mice or hamsters on wheels.