FCC Repeals Net Neutrality because … WHY?

The FCC has repealed Net Neutrality as pressured by Congress and the President. Just … wtf?

HOWEVER: Note: Congress just passed a tax law nobody really understands. And economists have no idea if the projections are in any way realistic. They literally do NOT know what will happen, just that they lowered corporate taxes and eliminated the health care mandate. I’ll get back to that topic.

To distract all of us, in obvious post-dystopian style, they repealed NetNeutrality. Hence everyone who cares about equality and has a voice is now distracting everyone from the tax bill which reduces equality further. #awesome

From the NYT on the repeal of Net Neutrality by Ajit Pai of the FCC

https://www.nytimes.com/2017/12/14/technology/net-neutrality-repeal-vote.html

Here are …. well at least as many as they can figure out, the congressmen who voted for it and just how much money they were paid to do it.

https://motherboard.vice.com/en_us/article/7xwknx/republican-members-of-congress-fcc-letter

Net Neutrality works like this.

You go to the gym. You pay for a gym membership. The gym is a business and it’s gotta pay the bills. I’m cool with that. When you lift, there is etiquette..  but basically we all share the same machines or weights. Sometimes we have to wait in the same line if the gym is busy. That’s life.

Now…. imagine going to the gym in an alternate universe without Net Neutrality. It works like this:

Or…. if you are poor. Or small. Or different. You can only use the first three machines and you have to wait to do it.

If you are middle class, you get to use the first 6 machines but you also have to wait,just not as long.

BONUS ROUND! – If you are in Government or RICH you get to use all 500 machines at the gym with no wait.

The site https://www.battleforthenet.com/ describes it like this;

Cable companies are famous for high prices and poor service. Several rank as the most hated companies in America. Now, they’re lobbying the FCC and Congress to end net neutrality. Why? It’s simple: if they win the power to slow sites down, they can bully any site into paying millions to escape the “slow lane.” This would amount to a tax on every sector of the American economy. Every site would cost more, since they’d all have to pay big cable. Worse, it would extinguish the startups and independent voices who can’t afford to pay. If we lose net neutrality, the Internet will never be the same.

They literally just broke the Internet. #WTF

I’m speechless. Excuse the pun. But feel free to google a few terms.

And the tech sector should realize it’s own values: if Apple doesn’t think it’s worth a few Billion Dollars of repatriated earnings to defend Net Neutrality and support the EFF, if Zuckerberg doesn’t buy his own congressmen, if Microsoft doesn’t use it’s leverage to defend free speech, then Silicon Valley needs to accept that WE ARE PART OF THE PROBLEM.

Mac OS High Sierra Turns on User Tracking by Default Again

Apple – I’m disappointed in y’all for adding/enabling “significant locations” to my laptop in the latest update to Mac OS High Sierra. “Frequent Locations” as it is called in IOS, being added to laptops is just as bad as when you added to the iPhone. It can put people in danger. And at a time when we are having a national debate on the predatory behavior of so many people. 

Readers – Has your laptop said “You were just at xyz yesterday. Why not submit a rating?” Yup. That. 

How to turn off Significant Locations

 

Step 1 – In Settings go to Security and Privacy

location services tracking
Turn off location tracking but not all of location services

After unlocking it Step 2

Frequent Locations is NOT needed and unsafe
Frequent Locations is NOT needed and unsafe

Step 3

The Map Showing Every Place You Go – Clear History First

Step 4 – After Clearing History

Clearing History Will Prompt You to Reconsider

Step 5 – Uncheck Frequent Locations

Uncheck Frequent Locations After History is Cleared

Why is turning of significant locations important? Because if your laptop gets stolen and it’s not encrypted and / or uses a weak password, then they get to know every place you frequent (like your home, work, gym, grocery store, you name it. Even how long you stay there.

Company issued laptop? Your boss could learn you are interviewing. Or that your sick day was really just a day to go to the beach.

Victim of domestic violence? That person could track every place you go, like to a shelter or the authorities. And they probably have access to your computer.

Have nothing to hide? Maybe some of your friends don’t want their address stored in your laptop for advertisers to cross reference.

Traveling? Authorities in another country could determine the location of your family and friends for coercion. And at the border people can now be compelled to turn over their social media logins. You may think you have nothing to hide, but if you care for others, then you owe it to them to maintain reasonable privacy.

Tracking people has far more down sides than up sides.

And Apple – burying those tracking settings where normal humans can’t find them to protect themselves isn’t cool. It just makes phishing scams easier and literally threatens people’s lives if abused. Please stop.

Marissa Mayer Testifies Russian Agents Behind 2013 Yahoo Attack

Nov 8, 2017.  From the Reuters article regarding former CEO of Yahoo Marissa Mayer’s testimony before Congress:

WASHINGTON (Reuters) – Former Yahoo Chief Executive Marissa Mayer apologized on Wednesday for two massive data breaches at the internet company, blaming Russian agents for at least one of them, at a hearing on the growing number of cyber attacks on major U.S. companies.

Having spent the majority of the last three years doing almost exclusively InfoSec and Security on the Tendenci SaaS Cloud, not by choice but out of necessity, I do feel a bit of vindication as they confirm the facts. This is DATA people. Not opinion. I see it every day.
Tendenci has always kept logs, but never before have we had to have three (and sometimes four) sets of logs kept in different locations. Log verification, audit, cross references, searching through millions of logs DAILY. Just the expense … it’s frustrating for us in the security community for several reasons:
  1. We can’t talk fully openly about it for confidentiality reasons

  2. We sound kra-kra.

  3. When we do, everyone thinks we are crazy and it’s a conspiracy theory.

It turns out reality is like an idiom, what everyone initially thought was wrong and like so many other things, people get silenced. That shit Cray . Oh, and that reference doesn’t mean what you think it means either. Because Jay-Z is smart as f*ck and he is making a damn point.

All I can say is … what he said. Because THIS shit is Cray.

NSA tools release to Dark Web Date 2014 (likely earlier imho)

Kaspersky tools removal update. But keep reading – it gets better:

http://www.mcclatchydc.com/news/politics-government/congress/article180707721.html

Now for the punchline – They’ve documented that Kaspersky, a Russian company close to Putin, was hacked by Israel. Kaspersky security researchers have confirmed the NSA hacking tools existence when they discovered it in the spring of 2014. The article;

http://www.businessinsider.com/russia-kaspersky-lab-nsa-spy-us-computer-2017-10

In a statement, the company (Kaspersky) said it stumbled on the (NSA) code a year earlier than the recent newspaper reports had it (ed: Comey stated summer 2015), in 2014. It said logs showed that the consumer version of Kaspersky’s popular product had been analyzing questionable software from a U.S. computer and found a zip file that was flagged as malicious.

And it further states, again from the article:

Kaspersky’s Equation Group report was one of its most celebrated findings, since it indicated that the group could infect firmware on most computers. That gave the NSA almost undetectable presence.

Kaspersky later responded via email to a question by Reuters to confirm that the company had first discovered the so-called Equation Group programs in the spring of 2014.

So a Russian antivirus software found a zip file with NSA hacking tools in 2014. Hacking tools that target Microsoft and other business software, again, in the Spring of 2014. Confirmed by Israeli Security researchers who hacked Kaspersky.

Now, what they found was a compressed, portable, easily emailed or traded via email even as nobody else had the signatures to detect. A zip file.

A zip file.

For those unfamiliar with the industry, by the time an exploit is being traded in a 7 z it’s long been in the wild. That is the commodity phase of the economic curve.

The economics of the dark web have been researched and are well documented (hint: look at DEFCON and Blackhat presos from a few years back.)

If you are a reporter or security researcher – keep digging. Basic economics say it had to have been being traded early 2013 for high bids with a quick pricing decline as is typical with shrink wrap software.

It remained unpatched. Every company using common business software was, and probably still is, an open book. A trivial metasploit script and your movies, your directional drilling tech, your seismic data, patents, medical history, your porn habit, email, fb, you name it, was and probably still is wide open.

Bottom line: My opinin is the timeline of the NSA hacking tools being released is 2013. If not earlier. (But I’ll stick with my mid-2013 estimated release to the wildebeasts estimate.) NSA let them into the wild as discovered by Russians (current media puts this at 2014) who were then hacked by our allies Israel. Israel then reported this to the US.

And we did nothing. Think about it.

Just add that up and you get Russia hacking US companies and associations using our own tools paid for by YOU. NSA hacking tools discovered and reported to the US by our allies in Israel. 2014 or earlier.

What did NOT happen was responsible reporting to vendors like Microsoft who only patched it when the Shadow Brokers released it on github in 2017.  Thus from 2014 (or earlier), our allies, our foes, and our own security agencies did nothing to protect US intellectual property, infrastructure, companies, jobs, and people.

Noodle that one.

…. this story will continue to unfold. And if you are an investigative journalist, maybe ask around the community politely regarding who’s zoo had the code and when.

Update;  http://www.theregister.co.uk/2017/10/25/kaspersky_nsa_keygen_backdoor_office/

Triangulate Shooter Location with Mobile App – Possible?

Text exchange with a friend about how to defend crowds from threats like the shooter in Las Vegas.

[redacted section]




Yup, saving the world, or trying to, one bear at a time.

Triangulating on a sound with data from thousands of willing opt-in smart phones is possible. Pitch, yaw, acceleration, relative volume compared to those in proximity to normalize. Calculate position from last known good if towers go out.

Mesh grid relative to each other if no service. Share UDP 5353 and change multicast DNS into a “people finder”.

The app, when turned on, would send a cascade of data flowing in with lots of noise. The analysis is the same thing anyone who has done log analysis with an ELK stack is familiar with. Have a buffer of say 10 seconds backwards until triggered.

With a few datasets from simulations (like having 30 people in a room and see if the app can figure out who blew the dog whistle.

Sensor based smart phone triangulation is one way we could defend ourselves in an attack on any soft target.

Note: the concept is somewhat related to what we are building at somarobotics.com. However I’m putting it out there because I’d love to see someone build a system to automatically respond and help.

tragedy in las vegas – a city that changed my life years ago

Nothing can explain away the tragedy that happened last night in Las Vegas. A terrorist act by a cowardly American white male terrorist. And nothing SHOULD explain it away. It’s inexcusable in every way.

A wise person recently told me that “POTUS is not the problem. He is a symptom of the problem.” I believe they make a valid point that we have major issues that have been building for years. And we need to STOP IT.

Now is a time to support the families.

But very shortly, we need to have some serious dialog …. and the burden of finding the right balance of legislation falls 100% on the gun lobby itself.

On a positive note, this is how I think of Las Vegas. Still.

Lake Las Vegas

PS: There are no links in this post because there are much smarter people than me working together with the victims right now and I have no desire to distract. 

Even if we lived in a color-blind society

From the article:
 
“Here’s the thing: Even if we lived in a color-blind society, that would be a dangerous sentiment. After all, freedom of expression is right there in the First Amendment. And our brave soldiers didn’t fight and die so that everyone stood during the national anthem. They fought so people could have the right to make a choice about whether or not they wanted to stand. That’s the whole damn point of the First Amendment.”
 

Equifax Breach via Apache Struts Framework

Equifax Hack via Apache Struts

As reported last Friday, the 2017 Equifax personal credit reporting agency had a data breach of 143 Million people’s identities. It started in May 2017 and is just now (August 2017) being disclosed. It is going to impact all of us. Sources:

  1. Equifax data leak could involve 143 million consumers
  2. PSA: no matter what, Equifax may tell you you’ve been impacted by the hack
  3. Did Lack of Visibility into Apache Struts Lead to the Equifax Breach?

From the second article on the Equifax breach linked above, this portion really galls me:

… not only are none of the last names tied to your Social Security number, but there’s no way to tell if you were really impacted.

It’s clear Equifax’s goal isn’t to protect the consumer or bring them vital information. It’s to get you to sign up for its revenue-generating product TrustID.

Earlier it was revealed executives had sold stock in the company before going public with the leak. We also found TrustID’s Terms of Service to be disturbing. The wording is such that anyone signing up for the product is barred from suing the company after.

The following phrase alone, if true, combined with Equifax literally trying to monetize their security errors, is what gives capitalism a bad name:

The wording is such that anyone signing up for the product is barred from suing the company after.

I have to believe the Equifax PR team is working for PharmaBro or Putin trying to make them look good in comparison.

Note: Equifax has changed the indemnification, but only under duress imho. Furthermore 30 days free credit monitoring by the company that released your data and then you will have to pay monthly still seems wrong. But to be fair, here is their update:

Questions continue to be raised about the arbitration clause and class action waiver language that was originally in the terms of use for the free credit file monitoring and identity theft protection products that we are offering called TrustedID Premier.
(Editor: well ya, duh!?)

We have removed that language from the TrustedID Premier Terms of Use and it will not apply to the free products offered in response to the cybersecurity incident or for claims related to the cybersecurity incident itself. The arbitration language will not apply to any consumer who signed up before the language was removed.
(Editor: but did you fire the person who did it in the first place?)

I get it. Nothing is secure. If the NSAs hacking tools get stolen and OPM loses all of the data on security clearance checks on our own people, then truly nothing is safe. I get it.

What I do not understand is a company as large as Equifax not being prepared for something like this. That Equifax did not announce it promptly. That Equifax executives sold stock before announcing it. That Equifax then attempted to indemnify themselves. That Equifax is using the crisis to sell a monitoring service that you have to pay for after 30 days. A service to monitor YOUR data that THEY lost control of!

This boggles the mind of a PR Professional.

The Internet was not built for e-commerce – it was built for knowledge sharing in a “walled garden”. Therefore keeping sites secure is not possible. Any security professional will tell you best practice is to white-list good guys (selective inclusion) as opposed to trying to find every attack and block it. Therefore the difficulty at a high level is primarily in identifying and blocking bad actors.

I hate to say it folks, but we are playing whack-a-mole with your identity and money.  It will always be an uphill battle to maintain security on the Internet and you will never ever be 100% safe.

As reported by Black Duck (awesome people btw), the specifics of the attack on Equifax are currently easily exploitable on similar sites.

This is like Hurricane Harvey – it’s not even close to over.

some bi-partisan good news – uptick in crime is a bump in overall decline

We get plenty of bad news so let’s talk about crime trends again. From the article:

Using the FBI numbers, the (crime) rate fell 50% between 1993 and 2015, the most recent full year available. Using the BJS data, the rate fell by 77% during that span.

Click the image below for actual facts about crime in America (And here’s something to listen to while reading to make it more dramatic.)

Pew Research on Crime Decline in US

http://www.pewresearch.org/fact-tank/2017/02/21/5-facts-about-crime-in-the-u-s/ 

More from the article:

Property crime has declined significantly over the long term. Like the violent crime rate, the U.S. property crime rate today is far below its peak level. FBI data show that the rate fell 48% between 1993 and 2015, while BJS reports a decline of 69% during that span.

and then there is the disparity created by the advertising supported media that influences our brains. We are gullible.

Public perceptions about crime in the U.S. often don’t align with the data. Opinion surveys regularly find that Americans believe crime is up, even when the data show it is down.

Although it’s not all good.

Many crimes are not reported to police. In its annual survey, BJS asks victims of crime whether or not they reported that crime to police. In 2015, the most recent year available, only about half of the violent crime tracked by BJS (47%) was reported to police.

Bottom line? Stay thirsty for the facts my friends. We can’t always drink the kool aid. Or the same thing. Stay thirsty for knowledge because knowledge is power.

There is no media really, only advertisers selling scary stories in the media. People Tweet alt-official-news, fake news or real news alike. So I think it’s healthy to point out (again) a few positive overall societal trends we are experiencing.

#peace

WSJ Data on Financial Decline since 2016 Election

Make no mistake, say “pro business” and then create “market uncertainty” and you get a LOT less job creation. Wall Street Journal last weekend. Data is data. Constrict capital and people like me can’t create jobs even if we want to.

Drop in Liquidity for Business 2017
post election drop in cash flow

The headline? It’s incorrect. Ask anyone – what happens when people lose access to capital? #duh

The FBI confirms NGOs and Associations are Targets of Russian Hackers

James Comey Testimony on Russian Hackers Targeting Nonprofits and NGOs
James Comey Testimony on Russian Hacking Includes Acknowledgement of Russians Specifically targeting NGOs and Nonprofits

Growing Tendenci – The Open Source AMS, has been eye opening. I didn’t realize fully why our clients were constantly being attacked. Even behind all of our firewalls, scanners, ACLs, malware, rootkit detection, antivirus, third party scanners, multifactor, use of Honeypots, we don’t store credit cards, and then still even more custom security measures we’ve developed in house.

I mean seriously, it’s not like you’re going to scan a site we host and not have it logged and inspected and blocked aggressively when possible. Nothing is hack proof obviously. But our security practices are  FAR beyond the norm.

I didn’t have the luxury of questioning the motive. We do.

When necessary, we have engaged authorities for assistance. So it was interesting to see this from former FBI Director James Comey’s testimony:

Source: http://www.politico.com/story/2017/06/08/full-text-james-comey-trump-russia-testimony-239295

BURR: Okay. When did you become aware of the cyber intrusion?

COMEY: The first cyber — there was all kinds of cyber intrusions going on all the time. The first Russian-connected cyber intrusion I became aware of in the late summer of 2015.

BURR: And in that time frame, there were more than the DNC and the D triple C that were targets?

COMEY: Correct, a massive effort to target government and nongovernmental, near governmental agencies like nonprofits.

BURR: What would be the estimate of how many entities out there the Russians specifically targeted in that time frame?

COMEY: It’s hundreds. I suppose it could be more than 1,000, but it’s at least hundreds.

Let me repeat that last part for emphasis in case anyone who works with Associations and Non Profits needs some ammo to take back to their board about why they can’t host for $10 a month on a cheap hosting site.

COMEY: The first cyber — there was all kinds of cyber intrusions going on all the time. The first Russian-connected cyber intrusion I became aware of in the late summer of 2015.

COMEY: Correct, a massive effort to target government and nongovernmental, near governmental agencies like nonprofits.

BURR: What would be the estimate of how many entities out there the Russians specifically targeted in that time frame?

COMEY: It’s hundreds. I suppose it could be more than 1,000, but it’s at least hundreds.

Those words should weigh heavily on people in the NPO/NGO sector. It is worthy of mention to everyone using an AMS system. To be secure, you need to be able to inspect your own code if you host with us or somewhere else. Please do so with Tendenci at https://github.com/tendenci/tendenci/  . Security is a process, not a magic pill.

The motives for these attempted hacks are above my pay grade. Just know if you feel you are being targeted, well, it isn’t paranoia if they really are out to get you. And they really are out to get you.

And please don’t click that link in your email. Please. Just don’t do it.

Stay vigilant my friends.

PS – two other facts I can add. I can personally confirm it was in the hundreds just based on our client base. This does NOT mean they breached, but targeted? Yes. And second, by my estimations it started in earnest in 2013, not 2015.

PPS – and now we start the count down before they take my blog offline with DDOS again. Whoever “they” is. All I see is a matrix at this point… and I’m ok with that oddly enough. Because if the Zombie apocalypse is real in downtown SF, then everything else is possible too.

Disclaimer: This post is NOT about the President. Or about former FBI Director Comey’s testimony as it relates to our elected Zombies on both sides who vote party over the people they represent.  No, this post is about a small part of Comey’s testimony that relates to Associations and Nonprofits. It applies if they use Tendenci or not. Whatever the motive of the Russian hackers, the fact is that associations and nonprofits are being singled out for attacks. This is a fact of your current reality.

Prince was a Trickster

Prince was a trickster, the best kind of god for social scientists and apparently the verge agrees as well. There are numerous books on this, the last I read was called Trickster Makes This World: Mischief, Myth and Art.

Tricksters have always been with us

Are they tricksters or merely pranksters? That is up to you to discern, but that is the point, right? They stole the sun and the moon while we “took the time to watch the flowers in the garden” while doing yoga.

As one review of the book Trickster by Lleu Christophe points out

Hyde gives equal time to the Native American Coyote, the Chinese Monkey King and India’s Krishna. At first glance, these characters are merely pranksters; humorous, sometimes annoying and occasionally dangerous ne’er do wells who disrupt the normal flow of things. As the title of this book suggests, Hyde believes tricksters are much more than this. He makes a convincing case that tricksters are essential in both preserving and transforming societies. Without their disruptions, cultural stagnation would result. He points out that tricksters can either help to maintain the status quo or bring about radical transformation.

To quote two of my favorite tricksters, Pablo Picasso and DuChamp,

Everything you can imagine is real. – Pablo Picasso

Now to quote DuChamp, an artist who “refused to repeat himself”, now that is a challenge. Every quote is subjectively abrogated by another quote from the past or the future like the a religious text – was it situationally appropriate? DuChamp stated this himself.

I have forced myself to contradict myself in order to avoid conforming to my own taste. – Marcel Duchamp

To ponder that, if a trickster’s response is situationally appropriate is in and of itself a huge trick. Did in fact the Raven steal the sun and the moon, one, or both? Perhaps more importantly, we all know that Pablo Picasso was never called an asshole.

As for DuChamp, you can reinvent, but it takes energy to constantly come up with a unique identity. DuChamp still needed a vehicle to wrap the thread around, a thread to follow back out of the woods if he got lost.

To begin to understand Duchamp takes someone way smarter than me. I choose to view his work like the bobbin of time.  We are just the blameless victim of observation. Maybe the thread broke, or maybe thread did not break. At least a cat didn’t die in the discovery process. right? Regardless like the genius before his time that he was, Duchamp gave us Rrose Sélavy to at least provide one example guide, like the math equations with odd numbers solved in the back of our calculus books, so that we might oddly enough, solve the evens.

marcel-duchamp-rose

These threads are strings. The strings are wrapped around bobbins of tricks and truth. And these bobbins are not the tiny bobbins that went in your parents’ sewing machines. These strings are the messy bobbins of someone working a weave. The bobbins are large with varied widths and inconsistencies from the vagaries of human behavior and therefore our resulting inconsistent craftsmanship.

bobbins for weaving
weaving bobbins

Damn the Industrial Revolution! Of course ManRay was there for DuChamp to accommodate the birth of the DuChamp’s trickster alter ego – Rrose Sélavy:

Rrose Sélavy, the feminine alter ego created by Marcel Duchamp, is one of the most complex and pervasive pieces in the enigmatic puzzle of the artist’s oeuvre. She first emerged in portraits made by the photographer Man Ray in New York in the early 1920s, when Duchamp and Man Ray were collaborating on a number of conceptual photographic works. Rrose Sélavy lived on as the person to whom Duchamp attributed specific works of art, Readymades, puns, and writings throughout his career.

Is the Trickster dead? Well one of the greatest tricksters of all time, we just lost in Prince.  I must point out the brilliance: Die Antwood, the collaboration between  “rappers Ninja and Yolandi Visser (often stylized as Vi$$er) and DJ Hi-Tek” (source)

To get a straight stand alone “test-of-time quote” from DuChamp I imagine would be like  trying to get a straight answer from Die Antwood, some of the most brilliant tricksters to emerge in years.. Their collaboration makes no sense, until you realize they’re fucking with you.

They. Are. Fucking. With. You.

 

And the most guilty of all, of fucking with us, is Prince. So let’s go crazy because he already predicted it. Partying like it’s 1999 was stolen from us by a bunch of computer nerds warning about the two-digit date big. We have NEVER partied like it was 1999.

You know what we can do? We can and should go crazy. If you aren’t already there yet, join us, because we look the same as you, act the same, obey the law and act ethically, but I am told there is an ethos that emerges when you “go crazy”. I don’t know, I’m not there yet, but it is a worthy topic of discussion.

Lyrics to Prince’s Let’s Go Crazy from

 

Because people who have no hopes are easy to control

Gmork: Foolish boy. Don’t you know anything about Fantasia? It’s the world of human fantasy. Every part, every creature of it, is a piece of the dreams and hopes of mankind. Therefore, it has no boundaries.
Atreyu: But why is Fantasia dying, then?
Gmork: Because people have begun to lose their hopes and forget their dreams. So the Nothing grows stronger.
Atreyu: What is the Nothing?
Gmork: It’s the emptiness that’s left. It’s like a despair, destroying this world. And I have been trying to help it.
Atreyu: But why?
Gmork: Because people who have no hopes are easy to control; and whoever has the control… has the power

via Tiffany Imogen

brain malware – ars technica

The logos were repeatedly displayed, but only for milliseconds at a time, a span so short that subjects weren’t consciously aware of them. By measuring the brain signals at the precise time the images were displayed, Bonaci’s team was able to glean clues about the player’s thoughts and feelings about the things that were depicted.

https://arstechnica.com/security/2017/01/in-not-too-distant-future-brain-hackers-could-steal-your-deepest-secrets/

Completely possible in the near future.  Buy brain branding / influencing malware on the dark web. Coming to an AR game near you. 

Or reverse the sensors switch to UP and tiny shocks delivered for negative feedback to images as well. 

I don’t view this as science fiction. This will happen unfortunately. 

It’s a hack more insidious than the “infect two friends to get your data back.” Speaking of the infect-two-friends malware everyone says “I would never do that!” I point out that it’s really “infect two people you know” malware and not everyone you know is a friend. If a person is broke and they know their ex will open their email, and they can plausibly deny sending it, you know the rest of the story. 

Cindi Crigler – Celebrating the Life of a True Friend

Cindi Crigler is one of the most beautiful people I have ever known. Best friend to my wife, our families have been intertwined for 15 to 20 years, we aren’t even sure of the exact date of when we all connected. Cindi loves us so much she adopted our backyard chicken when we were looking for a home! I could go on, and have written three different tributes, and they all digressed into thoughts I can’t publish.

All I can say is that truly amazing people are still out there. They are humble and quiet and strong as hell. Because love conquers all. Cindi personified that. Words from her family are below the images. Please read them.

Cynthia Farlow Crigler
1958-2017

Cynthia Farlow Crigler,58, passed away peacefully at her home in Houston, surrounded by her loved ones on Tuesday, January 3rd, 2017.

Born in Fort Worth, Texas to Frank and Clare Farlow, Cindi grew up in Houston with her siblings Julie, Allison, and Katherine. Cindi was a carefree spirit and a beautiful light that shone brightly on this earth. Her smile, laughter and gentle soul cannot be erased. Together with Michael Crigler, she had four children and 8 grandchildren. Her beautiful family was her greatest joy and proudest accomplishment. She had a love for all living things and always kept a menagerie of animals. Her life has been a tapestry that she has woven with different fabrics, full of vibrant colors.

She is survived by her parents Frank and Clare Farlow, her step-mother Jan Farlow, and her siblings: Julie Farlow Grote, Allison Farlow Simmons and Katherine Farlow Richardson. She is also survived by her children and grandchildren: Shannon and Mike Taylor and their children Zoe and Chloe; Jamie and Oliver Salgado and their children Vince and Lyla; Casey and Jeffrey Poche and their children Aidyn and Ali; and, Mikey and Taryn Crigler and their children Nate and October. Lastly, a special thanks to her loving partner Stephen Dean and all of her close friends who have supported her throughout her life.

A celebration of life will be held on Saturday, January 7th, 2017. In Lieu of Flowers, donations can be made in her name to TWRC Wildlife Center www.twrcwildlifecenter.org.

Published in Houston Chronicle on Jan. 6, 2017

See more at: http://www.legacy.com/obituaries/houstonchronicle/obituary.aspx?page=lifestory&pid=183374597#sthash.NESlitY8.dpuf

leonard

dance me on and on…..

And perhaps another take with Monica Bellucci reveals the song in another light.

And if we stay with the tango theme, well of course you’ve got a few that are must includes such as Francesca Gagnon.

And then of course Halie Loren does it, sways with justice, as well.

WordPress Configuration for Security

WordPress security is important. Because of WordPress’ popularity, because it IS A GREAT PRODUCT, it is also targeted more than any other CMS on the web.

What to do? Let’s keep it simple and look at three easy things you can do in less than 5 minutes to increase your security.

  1. Install Jetpack from WordPress https://wordpress.org/plugins/jetpack/ and then remove all of the other individual plugins that overlap with the functionality of Jetpack.
  2. Make sure your wordpress site is set to automatically update to the latest version
  3. DELETE any non-active plug-in and any non-active theme from your site.
secure your wordpress site
3 easy things to secure your wordpress site

To up your game a bit I would add a few more items as “highly recommended”

  1. Test your site now with Securi’s free scanner https://sitecheck.sucuri.net/ and maybe consider purchasing one of their security plans https://sucuri.net/website-antivirus/signup
  2. Install an SSL certificate on your web site. These can be purchased from a number of sources like godaddy, free but short lived ones are available from letsencrypt. Or you can get really serious about it and work with a security professional like my friend Jason Palmer http://www.jasonpalmer.com/ .

Data on why you need to secure your site from the Securi blog at https://sucuri.net/website-security/website-hacked-report . Some graphical excerpts below:

securi-website-hack-report-q1-2016

not-patching-causes-most-infections

Security starts with the basics – use good passwords, use muti-factor authentication, keep your software up to date and have a plan in place to restore backups.