How to PROPERLY Secure Your vBulletin Forum

After spending a couple of hours on a post, I inadvertently forgot to:

1. Copy my work
2. Log back in
3. Recreate the title
4. Post my work

However, no message forum user should ever have to remember to follow these four steps during a single session. Unfortunately, since one of my favorite message forum’s installation of vBulletin does not preserve the post (it does on most other vBulletin forums, including my own), the inevitable result is that the post (and my time) is lost.  A user’s long, hard work winds up being met with the following message, along with the complete loss of his or her work:

vBulletin Login Timeout

Therefore, I’m going to ask them again to please change the timeout from its current setting.

Here’s why: Overly short timeouts are the least effective way to increase forum security. By changing other parameters, you can make your forum many millions of times more secure than by greatly inconveniencing users with puny timeouts.

 

Only slightly complicating this problem is the fact that there are two issues at work. Actually, there are many, but given what the admins can quickly and easily change, it only involves two issues: Brute-force attacks and man-in-the-middle attacks. The login timeout involves man-in-the-middle attacks. Put simply, while you’re logged in, someone listening in to the data transmissions between your computer and the forum’s servers can easily locate the session key. However, that’s useless to them unless they’re able to crack it while the session key is in play, then use it to log into using the sniffed user’s account, and change their password, e-mail information, etc.

All that nets them, however, is that individual user’s login credentials. It cannot hack the system itself. Furthermore, even the guest session uses a 32 character session hash. Given 96 available characters, that’s a keyspace of 2.70819E+63. In case you’re wondering, and according to Steve Gibson of Gibson Research Corporation, it would take a massive cracking array capable of one hundred trillion guesses per second at least 6.22 thousand trillion trillion trillion centuries to exhaust this session hash. If one wanted to be 99.9999% certain it couldn’t be found, then it would still take 6.22 billion trillion trillion centuries to crack.

Not only is that an extremely long time, more than a trillion trillion times longer than the age of the entire universe, it’s also the reason why maintaining a short login time is not merely petty, but it’s pathetic, as well.

Let’s work through some examples to see how this works:

Given:
– Login timeout: 20 min
– Min password length: 7 characters
– Max number of retries: 5
– Retry lockout: 15 minutes

Example 1: Change login timeout to 10 min

Result: This halves the time a man-in-the-middle attack can intercept a login. However, these attacks are only good during that particular session. Unless the attack cuts off communication with the user, the moment that user logs off, that key is cleared and the attack is halted. In the meantime, users are greatly inconvenienced by constantly being booted off the server every time they grab a lock snack, make dinner, or are busy working on a long post.

Result: It only makes the bad guys work twice as hard.

Bottom line: Login timeouts are so pathetically and ridiculously ineffective (see the 6.22 trillion trillion trillion centuries explanation above) that it’s best to set them to 12 hours, if not 24 hours, and use other, far, far, far more effective means as described below:

Example 2: Change the min password length to 8 characters.

Result: Since 96 characters are available for passwords, this makes the bad guys work 96 times harder. That’s 48 times more effective than halving the login timeout.

Bottom line: Increase the min password length to 8, thereby gaining 48 times more effectiveness in deterring a brute-force attack.

Speaking of passwords, you can also enforce a ban on dictionary passwords and/or the use of at least one each of upper, lower, numbers, and special characters. That results in an increase in security of between several thousand-fold to trillions.

Example 3: Reduce the max number of retries to 2 (total of 3 tries)

Result: This halves the number of times a brute-force approach can crack the password. However, if the min password length is set to 7, that’s 75,144,747,810,816 possible passwords. Thus, instead of giving them 6 chances to work miracles, you’re giving them 3 chances to work miracles. Regardless, merely by using reasonable values for the max retries and retry lockout, you’ve already defeated the brute force approach, completely.

Bottom line: It’s better to leave it at 5 retries.

Example 4: Increase the Retry Lockout to 30 minutes.

Result: This just ticks people off. The whole point of combining the use of the min password retries and retry lock out is to limit the long-term ability of anyone to brute-force attack any particular user’s login.

Bottom line: Leave it at 15 minutes.

With 5 total tries and a retry delay of 15 minutes, you’re limiting the system to a maximum of 20 tries per hour, or 480 tries in a 24-hour period. Compared to 75,144,747,810,816 possible passwords, that’s nothing. Well, actually, it’s next to nothing. Specifically, it’s 6.387671e-12. Put another way, you’re at least 99.999999999361% “safe.” However, that’s simply by combining an attempt limit and retry lockout with an 8 character password minimum. Those who use a 9 or 10 char password receive 96 to 9,216 times more protection.

With all of the above in mind, here’s an expert vBulletin administrator’s advice:

Recommended Settings:

– Login timeout: 24 hours (1,440 min)
– Min password length: 8 characters
– Enforce no dictionary words: Yes
– Enforce the use of upper, lower, numbers, and special chars: No
– Max number of retries before lockout: 3
– Retry lockout: 5 minutes

Now, if you’d like to double the trillion trillion trillion centuries (or more) level of protection afforded with the settings above, for just $18 a year, you can Convert Your vBulletin Installation to HTTPS (SSL/TLS).

Facebook’s “Malicious Software” May Be Hacking Its Own Users

Facebook keeps saying I have some sort of “malicious software.” That’s totally bogus, as I’m running the leading anti-virus software, have run a second leading anti-virus software, and have run three different highly acclaimed anti-malware packages to scrub my system.
 
Furthermore, the problem occurs only after I attempt to log on, regardless of the computer, network, or ISP.  Meanwhile, anyone else who logs onto Facebook using my computer has absolutely zero problems and receives no such error message.
I’m not the only one experiencing this problem.  Here are some links to others who are experiencing the same or similar issues:
 

 – Jack Yan & Associates

Another by Jack Yan & Associates

There are even four pages on Facebook’s user community wherein a growing number of people are reporting the same issue.

These facts and the details I provide below form the basis of my belief that Facebook’s “malicious software” detection is either riddled with errors or is totally bogus, perhaps even Facebook’s way of getting people to download their “partnered” anti-“malicious software” on an individual’s computer in order to spy on users’ machines.

When this happened two weeks ago, I wrote them the following letter.  I promised I would hide this blog post if they permanently removed the “malicious software” flag in their system.  After five days, they did just that and I was able to log in.  This morning, however, I receive the “malicious software” message again, so I made this blog post visible once more, and will likely keep it until Facebook publically acknowledges that at the very least, their “malicious software” flag has nothing to do with whatever Facebook detects on a users’ computer (it can’t, due to the browser’s security), but rather, it’s tied to individual user accounts.

Dear Facebook:

On the afternoon of June 6th, 2017, while in the middle of typing a post on Facebook via my primary FB account, I received the following popup message from Facebook that states:

“Hi (name), we’re continuously working to keep your account secure. We’ve noticed that this device may be infected with malicious software. To continue to use Facebook, you can either use other devices or clean this device by downloading the scanner provided by Facebook and Trend Micro.”

Screenshot:

 

malicious software

In your Terms of Service, under Section 2, “Sharing Your Content and Information,” you specifically state, “You [the user] own all of the content and information you post on Facebook.”

Since that’s indeed the case under U.S. Copyright Law, why are you blocking MY access to MY information?

I am an IT security specialist with 29 years of experience. I have written 24 security-related articles for Network World, and authored security-related documentation during my 20+ years as an officer in the U.S. Air Force.  Therefore, please take me seriously when I affirm this problem does not exist on any local computer which I have used to log into Facebook, but rather, on your network, and specifically, my account on your network.

Just to be absolutely certain, however, I conducted the following series of tests:

I tried “other devices.” In fact, I tried 7 completely different machines:

  • neighbor 1
  • neighbor 2
  • public library 1
  • public library 2
  • friend’s
  • my spare computer
  • my local machine

I tried them in 6 different geographic locations, using 3 different ISPs:

  • Comcast
  • Qwest/CenturyLink
  • Peak Internet

I also tested two browsers (Chrome and Firefox) on all of those, along with Opera on two of them.

In all seven cases (19 test cases, total), the following results remained consistent:  Logging in with my primary account resulted in the “malicious software” error message on all machines, locations, and ISPs, but logging in with any other account resulted in a clean login regardless of machine, location, or ISP. Of these 7 machines, four were running Norton Security, and the other three ran Kaspersky, Avast, and AVG.

Therefore, it is unequivocally clear that this issue is not a problem inherent in any of the local machines, subnets, geographical locations, browsers, Internet Service Providers, or antivirus software.

Rather, it is most certainly a problem with either Facebook’s servers in general, or with my primary Facebook account as hosted on your servers.

Since that is without a doubt the case, running your mandated software from any four of your partners on my local machine would accomplish absolutely nothing, yet risks unauthorized disclosure of my personal information, infection of my computer, or even the introduction of a virus at the local machine’s administrator level by whoever hacked my Facebook account.

To be quite fair, as a direct result of your non-communication policy, I have absolutely no way of knowing whether or not this “malicious software” pop-up is legitimate or if it is itself a malicious hack of my account designed to get me to run ransomware as an administrator on my local machine.  At the very least, the way you go about holding the account hostage and forcing us to download the software not from one of your security partners but from some other site is highly suspicious.

However, to that end, I made a note of your partners: Trend Micro, Kaspersky, ESET, and F-Secure. I then proceeded to use their trial versions (only three had trial versions) to thoroughly scan and clean my machine.

I then repeated the above tests to see if my local machine had absolutely anything to do with the issue, at all.

No. The results of the tests remained the same. Furthermore, five people successfully logged onto Facebook using both my primary and backup machines, regardless of their geographic location, the browser used, or the ISP.

Clearly, my machine is not the issue.  It’s my account.  Either Facebook wrongly blocked my account with their “malicious software” hack, believing that a virus exists on my side of their firewall (absolutely not, as has been abundantly demonstrated by the test procedures given above), or my account has been hacked from inside of Facebook’s firewalls by someone who really is trying to use it as a way of hacking my local machine.

Facebook:  The problem resides solely on your side of the net. Please stop trying to get us to run your software on our machines.  We’re already running the world’s best anti-virus and anti-malware software, including from at least one of your four security partners.  As I have clearly demonstrated, there is absolutely nothing I can do on my end that will fix this problem, and that includes running your mandated software.  The problem is on your end.  Fix the problem on your end, and the problem will be solved.

Thank you.

Again, I am an IT security specialist with 29 years of experience. I have written 20+ security-related articles for Network World, and authored security-related documentation during my 20+ years as an officer in the U.S. Air Force.  Therefore, please take me seriously when I affirm this problem does not exist on local computers, but rather, on your network.

Sincerely,

Name witheld by request
M.S. Management (Project Management)
MBA (Technology Management)
B.S. Finance, Insurance, and Business Law

 

 

Anne Graham on How God Could Let Something Like This Happen

“Billy Graham’s daughter was interviewed on the Early Show and Jane Clayson asked her “How could God let something like this happen?” (regarding the attacks on Sept. 11).
 
“Anne Graham gave an extremely profound and insightful response. She said “I believe God is deeply saddened by this, just as we are, but for years we’ve been telling God to get out of our schools, to get out of our government and to get out of our lives. And being the gentleman He is, I believe He has calmly backed out.
 
“How can we expect God to give us His blessing and His protection if we demand He leave us alone?” In light of recent events…terrorists attack, school shootings, etc. I think it started when Madeleine Murray O’Hare (she was murdered, her body found recently) complained she didn’t want prayer in our schools, and we said OK.
 
“Then someone said you better not read the Bible in school …. the Bible says thou shalt not kill, thou shalt not steal, and love your neighbor as yourself. And we said OK.
 
“Then Dr. Benjamin Spock said we shouldn’t spank our children when they misbehave because their little personalities would be warped and we might damage their self-esteem (Dr. Spock’s son committed suicide). We said an expert should know what he’s talking about. And we said OK.
 
“Now we’re asking ourselves why our children have no conscience, why they don’t know right from wrong, and why it doesn’t bother them to kill strangers, their classmates, and themselves. Probably, if we think about it long and hard enough, we can figure it out. I think it has a great deal to do with “WE REAP WHAT WE SOW.”
 
Funny how simple it is for people to trash God and then wonder why the world’s going to hell.
 
Funny how we believe what the newspapers say, but question what the Bible says.
 
Funny how you can send ‘jokes’ through e-mail and they spread like wildfire but when you start sending messages regarding the Lord, people think twice about sharing.
 
Funny how lewd, crude, vulgar and obscene articles pass freely through cyberspace, but public discussion of God is suppressed in the school and workplace. Are you laughing?
 
Funny how when you forward this message, you will not send it to many on your address list because you’re not sure what they believe, or what they WILL think, of you for sending it.
 
Funny how we can be more worried about what other people think of us than what God thinks of us.
 
Pass it on if you think it has merit. If not then just discard it… no one will know you did.
 
But, if you discard this thought process, don’t sit back and complain about what bad shape the world is in.
 
God bless you as you share it with friends. No Nation or people can ever survive or succeed without Jesus Christ.

Three Strikes Against James Comey

This morning’s news was abuzz with liberals attempting to further obfuscate the firing of former FBI Director James Comey:

“Acting FBI Director Andrew McCabe told lawmakers Thursday there has been “no effort to impede” the Russia investigation…” ”

This strongly supports the fact that Trump did NOT fire Comey to impede any sort of investigation.

“…and said former FBI Director James Comey continues to have “broad support” in the agency even after the White House claimed he lost the trust of his employees.”

I hear that Comey was well-liked, that he was a good leader of men.

That doesn’t for one second negate the Department of Justice’s claims that both his decisions and actions routinely violated both FBI and Department of Justice policy, and in ways which undermined the trust of the American people — from BOTH political parties — over the last year.

Ok, liberals, I’m going to stretch your brains a bit. Hopefully, most of you can handle it. This goes for conservatives, too, as most of you haven’t read Deputy Attorney General Rosenstein’s recommendations on Comey, either. This memorandum was sent to AG Sessions, who in turn recommended Comey’s dismissal to President Trump, who considered the matter, concurred, and sent Director Comey a termination letter.

This letter details precisely WHY Comey was fired:

May 9, 2017

MEMORANDUM FOR THE ATTORNEY GENERAL

FROM: ROD J. ROSENSTEIN

DEPUTY ATTORNEY GENERAL

SUBJECT: RESTORING PUBLIC CONFIDENCE IN THE FBI

The Federal Bureau of Investigation has long been regarded as our nation’s premier federal investigative agency. Over the past year, however, the FBI’s reputation and credibility have suffered substantial damage, and it has affected the entire Department of Justice. That is deeply troubling to many Department employees and veterans, legislators and citizens.

The current FBI Director is an articulate and persuasive speaker about leadership and the immutable principles of the Department of Justice. He deserves our appreciation for his public service. As you and I have discussed, however, I cannot defend the Director’s handling of the conclusion of the investigation of Secretary Clinton’s emails, and I do not understand his refusal to accept the nearly universal judgment that he was mistaken. Almost everyone agrees that the Director made serious mistakes; it is one of the few issues that unites people of diverse perspectives.

The director was wrong to usurp the Attorney General’s authority on July 5, 2016, and announce his conclusion that the case should be closed without prosecution.

It is not the function of the Director to make such an announcement. At most, the Director should have said the FBI had completed its investigation and presented its findings to federal prosecutors. The Director now defends his decision by asserting that he believed attorney General Loretta Lynch had a conflict. But the FBI Director is never empowered to supplant federal prosecutors and assume command of the Justice Department. There is a well-established process for other officials to step in when a conflict requires the recusal of the Attorney General. On July 5, however, the Director announced his own conclusions about the nation’s most sensitive criminal investigation, without the authorization of duly appointed Justice Department leaders.

Compounding the error, the Director ignored another longstanding principle: we do not hold press conferences to release derogatory information about the subject of a declined criminal investigation. Derogatory information sometimes is disclosed in the course of criminal investigations and prosecutions, but we never release it gratuitously. The Director laid out his version of the facts for the news media as if it were a closing argument, but without a trial. It is a textbook example of what federal prosecutors and agents are taught not to do.

In response to skeptical question at a congressional hearing, the Director defended his remarks by saying that his “goal was to say what is true. What did we do, what did we find, what do we think about it.” But the goal of a federal criminal investigation is not to announce our thoughts at a press conference. The goal is to determine whether there is sufficient evidence to justify a federal criminal prosecution, then allow a federal prosecutor who exercises authority delegated by the Attorney General to make a prosecutorial decision, and then – if prosecution is warranted – let the judge and jury determine the facts. We sometimes release information about closed investigations in appropriate ways, but the FBI does not do it sua sponte.

Concerning his letter to the Congress on October 28, 2016, the Director cast his decision as a choice between whether he would “speak” about the decision to investigate the newly-discovered email messages or “conceal” it. “Conceal” is a loaded term that misstates the issue. When federal agents and prosecutors quietly open a criminal investigation, we are not concealing anything; we are simply following the longstanding policy that we refrain from publicizing non-public information. In that context, silence is not concealment.

My perspective on these issues is shared by former Attorneys General and Deputy Attorneys General from different eras and both political parties. Judge Laurence Silberman, who served as Deputy Attorney General under President Ford, wrote that “it is not the bureau’s responsibility to opine on whether a matter should be prosecuted.” Silberman believes that the Director’s “Performance was so inappropriate for an FBI director that [he] doubt[s] the bureau will ever completely recover.” Jamie Gorelick, Deputy Attorney General under President Clinton, joined with Larry Thompson, Deputy Attorney General under President George W. Bush, to opine that the Director had “chosen personally to restrike the balance between transparency and fairness, departing from the department’s traditions.” They concluded that the Director violated his obligation to “preserve, protect and defend” the traditions of the Department and the FBI.

Former Attorney General Michael Mukasey, who served under President George W. Bush, observed the Director “stepped way outside his job in disclosing the recommendation in that fashion” because the FBI director “doesn’t make that decision.”
Alberto Gonzales, who also served as Attorney General under President George W. Bush, called the decision “an error in judgement.” Eric Holder, who served as Deputy Attorney General under President Clinton and Attorney General under President Obama, said the Director’s decision”was incorrect. It violated long-standing Justice Department policies and traditions. And it ran counter to guidance that I put in place four years ago laying out the proper way to conduct investigations during an election season.” Holder concluded that the Director “broke with these fundamental principles” and “negatively affected public trust in both the Justice Department and the FBI.”

Former Deputy Attorneys General Gorelick and Thompson described the unusual events as”real-time, raw-take transparency taken to its illogical limit, a kind of reality TV of federal criminal investigation,” that is “antithetical to the interests of justice.”
Donald Ayer, who served as Deputy Attorney General under President H.W. Bush, along with former Justice Department officials, was”astonished and perplexed” by the decision to “break[] with longstanding practices followed by officials of both parties during past elections.” Ayer’s letter noted, “Perhaps most troubling… is the precedent set by this departure from the Department’s widely-respected, non-partisan traditions.”

We should reject the departure and return to the traditions.

Although the President has the power to remove an FBI director, the decision should not be taken lightly. I agree with the nearly unanimous opinions of former Department officials. The way the Director handled the conclusion of the email investigation was wrong. As a result, the FBI is unlikely to regain public and congressional trust until it has a Director who understands the gravity of the mistakes and pledges never to repeat them. Having refused to admit his errors, the Director cannot be expected to implement the necessary corrective actions.

You can also read photocopies of all three letters, at The New York Times article entitled, “White House Announces Firing of James Comey.”

So, STRIKE ONE.

***

Intermission:  The Comey Chronology:

Comey

***

But this isn’t all.  There’s another reason Comey may also have been fired.

20 years ago James Comey was an attorney on the Senate Whitewater Investigation looking into the conduct of President Bill Clinton and first lady Hillary Clinton. The investigation was to determine whether Bill Clinton used his political position as governor of Arkansas (in the 1980s) to push through an illegal loan to benefit Bill and Hillary’s business partner in Whitewater.

Several people involved in Whitewater went to jail, but no criminal prosecution was in the cards for Bill and Hillary. Remember James Comey was the Deputy Special Counsel for the Whitewater investigation.

In Christopher Anderson’s book, “American Evita: Hillary Clinton’s Rise to Power”, Anderson gives details of the New Square offenders pardon by Bill Clinton (they had been convicted of bilking the government of $30 million dollars). Christopher Anderson relates that at Hillary’s urging Bill gave clemency to 16 Puerto Rican terrorists who took the lives of 16 Americans and wounded many others.

Anderson tells us that Hillary admired the Marxist Carl Oglesby and Saul Alinsky. It is from her admiration for Saul Alinsky that she formed her belief that “the only way to make a real difference is to acquire power.”

The pardon of billionaire Marc Rich (who traded illegally with America’s enemies including Iran) by President Bill Clinton was something that everyone knew reeked of impropriety after learning that Rich’s wife donated $450,000 to the Clinton Library.

Again, James Comey oversaw investigations of the pardon matters as well. Unbelievably, James Comey did not recommend charging the Clintons in any of these matters. Wouldn’t it be fair and balanced to give news coverage to these facts?

The Clintons controlled Comey for DECADES.

So, STRIKE TWO

***

But even that’s not the end of it!  No…

Trena Jarnagin-Blackburn Here’s the real reason COMEY got fired.
BOMBSHELL: Young Congresswoman Gets Comey Fired, Here’s What He Was Hiding

Re: Former FBI Director James Comey and Rep. Elise Stefanik

The firing of James Comey comes as a relief to most patriotic Americans who lost trust in his leadership over his handling of the Hillary Clinton investigation, but most people don’t know all the events that led up to President Donald Trump actually firing him. It involves a young congresswoman, who uncovered Comey’s explosive secrets, and that’s all Trump needed to get rid of the disgraced FBI Director.

This will blow your mind.

Rep. Elise M. Stefanik (R-NY) is the youngest member of congress at 32 years old, and on March 20, she singlehandedly finished Comey’s career. Not many people were paying attention to a junior congresswoman questioning the FBI Director, but what she uncovered is pure gold. Remember, at this time, Trump had accused Obama of wiretapping him and the Democrats were accusing Trump of colluding with Russia.

During questioning, Rep. Stefanik lured Comey into a trap. She got Comey to admit that a counter-intel investigation into the Russia-Trump connection started way back in July 2016. Think about that; this is so fishy because Trump had just been nominated by the GOP, and immediately, the Obama White House starts a bogus investigation trying to link Russia to Trump. That’s called a political witch hunt.

But, that’s not all.

The damning admission leads to questions about wiretapping private citizens like Trump and his staff. Then, Comey tripped up and couldn’t recover. Rep. Stefanik knew Comey was required to alert congress about this investigation into Russia and Trump, but he couldn’t do that, could he? If Comey followed the rules set out by the Department of Justice, he had to inform congress, but if he did, the GOP would have blown up and exposed this as an obvious political witch hunt to destroy their presidential candidate.

“On March 20th the mask fully came off. Comey was a solid Black Hat. The March 20th appearance before congress was the final straw in showcasing just how politically corrupt James Comey was,” The Conservative Treehouse reports.
Rep. Stefanik cornered Comey on the timeline and got him to stumble and squirm.
She asked, “When did you notify the White House, the DNI, and congressional leadership [of the bogus investigation]?” Comey immediately started sweating after admitting that it’s protocol to inform congress quarterly and the investigation started in July 2016. Then, came the kicker. Comey didn’t inform congress until March 2017, only after he had no other choice as these hearings were set to begin.

Watch as Rep. Stefanik outsmarted Comey and lured him into admitting he was in essence spying on GOP candidate Trump for former President Barack Obama. One other point of note, James Comey outright lies by claiming there was no active DNI (Department of National Intelligence), which is entirely false since James Clapper was Obama’s DNI.

The Conservative Treehouse weighed in, explaining, “Former FBI Director James Comey intentionally kept congress in the dark on his investigative activity. Our system of checks and balances are specifically set up to stop this from happening, and to keep a watch on the ‘watchers.’ Director Comey subverted the oversight for his own political purposes.”

There is no defense for the former FBI director acting alone and not notifying congress of what he is doing through the established protocols. It doesn’t matter who the FBI director is. Comey should have been fired on March 20th after he told congress he was intentionally not allowing them oversight over his conduct.

So, when the liberal loons accuse President Donald Trump of firing James Comey to stop an investigation into Russia, that’s a pile of crap. They have investigated it ad infinitum, and they can’t prove a damn thing because it is something the Obama White House and former Director Comey invented way back in July 2016.

So, STRIKE THREE.

***

When then FBI Director James Comey attested to Hillary’s criminal wrongdoing just a couple of weeks before the election, I was elated, as the truth was being confirmed by a credible source, the principle investigative agency of the U.S. Federal Government.  Sadly, it was a great litany, but it ended in…  NOTHING.  That’s

Anti-Trumpers Are Knuckle-Dragging Obstructionists

Trump blasts the LYING media as obstructionists.  He never derided all media.
 
If you’re getting your anti-Trump sentiments from mainstream media, you just might be an idiot. At the very least, you’re grossly misinformed. For example, this morning, Yahoo! “News” claimed that Donald Trump slammed the Constitution, calling it ‘archaic.’
 
Nope. That’s disinformation. It’s propaganda. Pure lies. That is NOT what Trump said – AT ALL.
 
To find out what he actually said on Fox news I did an amazing thing. Ingenious, really. I headed over to Fox news and actually *GASP!* watched the video. You should try it, sometime, instead of gulping the first swill you find on your first click before chucking your spear where they tell you.
 
It’s called “confirmation,” and as it turns out, there, libtards, Demoncraps, and anti-Trumpers, it’s been around for a long, long time, possibly as long as 10,000 years. You see, before we learned to confirm the facts, every time Ug thought Og had slighted him in some way, Ug shoved a spear through Og’s chest.
 
That’s precisely what you antis are doing to Trump. You’re acting like knuckle-draggers, biting off on the first bit of information you hear and swallowing it hook, line, and sinker before acting on it, chucking a spear through Trump’s chest.
Here’s a thought: Stop it. Grow a brain.  And YES, this most certainly applies to all obstructionist members of Congress and the Supreme Court, as well as mainstream media.  Who’s bringing down our country?  You are.
 
What Trump slammed was the mainstream media, along with Demoncraps in Congress, calling both “obstructionist.” As clearly evidenced by his Supreme Court nomination — picked by Trump because Neil Gorsuch actually is a Constitutionalist — Trump fully supports the Constitution.  Trump may not like the media’s lies, but he supports their Constitutional right to whine like the babies they are.  Gorsuch slid through both parties with a 100% vote when he was appointed as a Federal judge. Demoncraps had zero objections. Gorsuch didn’t change. The Demoncraps are simply being obstructionists, whiny little children who, because they can’t have their way, they’re making it difficult for everyone else around them, even if it means spoiling the whole vacation, er, country.
 
Those of you who continue to regurgitate mainstream media news picking apart Trump are ALSO whiny little children who, because you can’t have your way, you’re making it difficult for everyone else around them, even if it means spoiling the whole vacation, er, country.
You, too, are obstructionists, and for no good reason whatsoever.  You’re idiots, and no, the lies that you’ve been spoon-fed by the mainstream media are not a good reason for your very bad, childish behavior.
 
GROW UP. You are ADULTS, or at least you’re supposed to be.

Why Playing Minecraft Is Good For You – Even As An Adult

Many parents think games like Minecraft are a complete waste of time.  As a retired Air Force officer and aviator, and having been an engineer, an accountant, a salesman, a systems analyst, a database developer, and now well into my (hopefully) final career as an author (novelist), I can see both the downsides as well as the benefits of letting your kids loose on Minecraft.

You see, even at age 53, I’m a Minecraft player, too.  🙂

It all began six years ago, when my son, who was 11, said he wanted a laptop.   He had crafted a few good reasons why, but the moment he said, “Mom’s computer is too slow,” I knew right then that he was going to use it to play games.  I have no absolute objection to playing games.  After all, I played computer games, beginning with Pong.  PongBefore that, we had pinball and literally hundreds of other mechanical arcade games.  Looking back through history, it seems like humans have long developed a knack for keeping both their bodies and their brains occupied when they weren’t either gathering food, crafting various items used for survival and enjoyment, or waging war.  As for me, I grew up riding bicycles, playing kick the can, hide and seek, soccer, swimming, football, chess, and reading lots and lots of magazines and books.  And Batman.  Even though I knew it was corny way back then, I still watched Batman, along with Gilligan’s Island, Star Trek, and Emergency.

Buying my first computer in 1986 opened up the world of PC gaming, including flight simulators, hacked versions of old Atari arcade video games, card games, a DOS-based version of Monopoly (very cool), and… coding.  You might not think of programming as a “game,” but to me, it was indeed a game.

In fact, I learned how to get my computer, a Wyse PC+, to sit up and beg.

Wyse PC+The computer came with two 360k floppy drives.  After a frustrating month of swapping floppies in and out every time my two-floppy word processor wanted to save data to my data floppy, I replace one of the floppies with a Seagate 30 MB hard drive that used RLL technology.

“Specifically, RLL bounds the length of stretches (runs) of repeated bits during which the signal does not change. If the runs are too long, clock recovery is difficult; if they are too short, the high frequencies might be attenuated by the communications channel. By modulating the data, RLL reduces the timing uncertainty in decoding the stored data, which would lead to the possible erroneous insertion or removal of bits when reading the data back. Run-length-limited codes were widely used in hard disk drives until the mid-1980s and are still used in digital optical discs such as CD, DVD, MD, Hi-MD and Blu-ray. This mechanism ensures that the boundaries between bits can always be accurately found (preventing bit slip), while efficiently using the media to reliably store the maximal amount of data in a given space.”  (Source)

I observed that the initial interleave was set to 5 in order for the hard drive to reliably work in the original IBM PC, with its Intel 8088 processor running at 4.77 Mhz.  My computer, however, had an Intel 8088 processor that ran at 9.54 Mhz, twice that of the original IBM PC, even then it was less than half as thick.  In fact, it fit very nicely into my suitcase, surrounded by soft, cushioning clothes.  All I needed at my destination was a monitor…

By changing my computer’s clock rate just a few percent, I was able to re-interleave the hard drive using Spinrite, originally written as a hard drive interleave tool, from 5 to 4, resulting in a noticeable 25% performance improvement.  With some tweaking, I managed to push the clock rate just enough to achieve a interleave factor of 3, resulting in a theoretical 67% performance improvement, although testing revealed about a 30% miss rate, resulting in an effective interleave factor of 3 for 70% of the time and 4 for 30% of the time.  The net effective performance improvement was 54%, as both calculated and measured.

That’s a win.  🙂

I also tinkered with pretty much all other aspects of my computer, including the graphics card, the fan, I/O devices, installing first a used 300 baud modem, then later, a new 2400 baud modem, and eBBS software, which annoyed my roommates to no end before I bought a second phone line I really couldn’t afford.  But the eBBS software brought me into the world of programming, even though I’d taken a mainframe Fortran course (WATFIV) two years earlier.  I learned a PC version of Fortran, pretty much mastered GWBasic, and tinkered with Pascal.  I also learned all — and I do mean ALL — of the commands of DOS so thoroughly that I rarely needed anything more than my rapidly growing collection of batch programs to tackle any problem with either my own or my friends’ computers.  That, a vacuum cleaner, some electrical contact cleaner and Q-Tips, and my copy of Spinrite would fix 90% of people’s PC problems.

So, to be honest, all this actually began about 31 years ago.

But I digress…

In buying my son a laptop, I was hoping he would follow suite, first learning to tweak his own system, then learning some programming so that he could modify his own IT world.

He found a better way — well, a different way — to occupy his time and train his mind.

In reality, aside from changing a few of Windows’ invasive privacy settings while avoiding malware like the plague, there’s not a lot of tweaking one can do these days.  Instead, a little more than a year after getting his laptop, he called me up because he wanted to show me his cool new game, “Minecraft.”  The problem was, he was in California with his Mom whereas I lived in Colorado.

No problem.  Whoever had lead him to Minecraft had also shown him how to use LogMeIn Hamachi so that we could establish a virtual LAN through the Internet.  One that was established, I simply watched him play Minecraft through a remote access window on my own computer while listening to him describe it.

Cool.

It wasn’t until more than a year later, however, during one of his summer visits, that I actually broke down and spent the $26.95 to buy a copy of Minecraft for my own machine.  He was enjoying it so much, kept showing me the worlds he was building, and kept asking me to get a copy so that we could play together over my LAN.  He pointed out that we would also be able to play together over the Internet, using LogMeIn.

Well, that settled it.  Ever since his mom left when he was only five, I’ve busted down every door and barrier that arose in order to spend time with my son.  Long gone are the days when fathers weren’t an integral part of the development of their children. These days, fathers change diapers, co-sleep, bottle-feed, play with, nurture, comfort, encourage, guide, teach, and otherwise spend a great deal of time with their 0-23 month-olds, helping answer their question of, “Can I trust the world?” with a resounding, “YES — with caution.” I was the one who helped my son learn how to navigate a jungle gym without slipping and hurting himself, beginning at just four months.  He was an early crawler. I was the one who put the double papasan cushion on the floor and let him crawl all over me, catching him when he fell off — but only until he could catch himself, or learned how to take a tumble. I was the one who helped him learn that playing with spiders was a no-no, particularly the black ones with the red hourglass on their bellies. I was the one who… You get my drift. The idea that only “Mother” should be the only one considered in the “Significant Relationship” block of Erikson’s stages of psychosocial development is steeped in 18th century stoicism.   In fact, it’s rarely been the case either throughout history or throughout the world, and certainly isn’t the normative case today.  We Dads love our kids.  🙂

Which is why I agreed to join my son on this journey known as Minecraft.  That and the fact that I was laid up following ankle surgery with nothing to do but recover for the next three weeks while my son stayed with me finishing up his summer visitation.

It took me a few seconds to learn the basic controls, a few minutes to get to the point where I could go where I wanted, and a few hours to learn there were realistic dangers like gravity and a bunch of partially realistic dangers known as “mobs.”  A few days later I was more helpful than not, and after a couple of weeks, I was working alongside my son digging for ores, processing them, chopping down trees, hunting for food, farming, and building strange, wonderful, and fun structures.

I didn’t start taking screenshots until after he left for the summer and I had another three weeks convalescing.  I really didn’t want to spend any time time mindlessly watching TV, but just writing seemed a bit boring.  So, I spent my time in Minecraft.  A LOT of time.

Here’s one of my earlier creations, in the distance, finished by the end of the summer in 2013.  It’s a house designed to look like an Imperial walker.  It comes complete with a helipad, fireplace, and interior pool.  It’s also connected to the horse barn through an underground passageway beset with traps for the unwary, heh-heh…  In the foreground you see the 2014 beginnings of some rather large castle grounds.

Dad's Castle Grounds

In the next screenshot, you’ll see my Skycastle, created on one of my favorite servers set to hard mode.  It was difficult enough to merely survive in this environment, much less build.  I built this during the winter of 2013-2014.  Up there are complete quarters, lookouts in all directions, flowing stream, full ore processing stations, an anvil, a potions stand, and enough wheat, carrots, and potatoes to keep me fed forever.

Well, the Minecraft “me,” anyway.

Skycastle

During this time, my son didn’t lose sight of his friends, parents, or schooling.  His mom limited his time on his computer, made sure he focused on his studies, and sent him outside to play with his friends on a regular basis.

As for me, between the Fall of 2013, when I began my first masters, and the Spring of 2016, when I finished my second masters, I continued to play Minecraft as a way of constructive relaxation.  During that 2-1/2 years, I doubled up on classes, managing not only to complete two masters degrees, but two concentrations, as well, while maintaining top GPAs so that I graduated at the top of my class.  Between all of the honors, veteran, and other cords, stole, tassel and pins on and around my graduation gown during graduation in Denver, one of my professors jokingly remarked, “Good God!  Overachieve, much?”  I sponded by saying, “What, this stuff?  I got this while playing Minecraft,” which left him somewhat perplexed.

Ah, Minecraft.

Minecraft has an amazing effect on the human brain.  In Minecraft, one is tasked with finding food and shelter while besieged with hunger, mobs, and natural dangers like falling from cliffs, drowning, being crushed while mining, and stumbling into pits of lava.  All of these things can kill you, which on most servers will send you back to your original spawn point, unless you’ve reset that by building and sleeping in a bed, at which point dying will send you to your bed.  That and dying drops all of your stuff, which you must quickly retrieve lest others get it, before the stuff disappears altogether.

But that’s just surviving, the first milestone of Minecraft.  The second milestone is thriving.  Players thrive when they’ve managed to successfully hunt, build self-sustaining farms, process ores into tools, armor, and fun stuff like clocks and maps, all while building some really cool digs (homes) that are good at keeping mobs and the weather out while actually being enjoyable places in which to “live.”

Throughout the game people team up, not only because two hands are better than one, but for companionship and to exchange ideas.  Two people on an adventure of exploration are much more likely to survive, as well.  If one person runs out of food, the other will share.  One person can build a quick shelter against mobs while the other one hunts for food before the sun sets.  Some players are content to gather wood, coal, and various ores while other players have mastered the crafting arts — turning those ores into useful items like tools, armor, and potions.

Some players excel at engineering ingenious traps while others excel at designed various automated structures both for convenience as well as protection.  And some players simply excel at designing really neat structures!  I like to think of these people as the future architects and designers of our world (the real one).

Minecraft both exercises and trains the brain.  In addition to building excellent eye-hand coordination, kids and adults alike learn to prioritize activities.  Faced with real-world hurdles like hunger, shelter, finding supplies, crafting tools, hunting, farming, and storing up harvests for times of plenty, everyone who plays with others online also learns to cooperate with others, coordinating their actions, even collaborating to secure wins in various competitions between sets of players.

Finally, there’s the huge aspect of creativity and innovation.

Minecraft is a relatively clean slate, with realistic boundaries.  Whether a player wants to just have fun sight-seeing, they’re a griefer (destroys the creations of others), they want to build a house, run a farm, or just create fantastic structures and contraptions, they all have the fairly wide-open freedom to create.  One can build simple things, or one can build fantastic structures and contraptions.  People have built everything from replications of their city halls to the Taj Mahal.  This collection shows full-scale recreations like a full-scale Minecraft version of the U.S.S. Missouri (BB-63), to Hogwart’s Quidditch grounds, to a Babylon 5 White Star class advanced warship, to Japan’s Royal Palace to a massive Rube Goldberg machine, to, well, this:

As you can see, literally, the sky is the limit when it comes to Minecraft and creativity.

And if you’re wondering, no, neither Minecraft nor Microsoft paid me a thin red dime to write this article.  I merely wanted to share my lengthy, yet very fun experiences with Minecraft, beginning with a lot of horsing around with my son on various servers, but also including a lot of time I spent honing my Minecraft skills creating various structures and contraptions until…

I really didn’t have much drive to continue.

That’s right:  These days, I rarely play Minecraft.  Like most human endeavors, most Minecraft players reach certain limits of autonomy, mastery, and recognition beyond which it no longer holds much interest.  We’ve moved on to new endeavors.  For me, that’s writing my second novel.  For my son, it was on to more challenging games, but also onto school work in high school, where he’s doing quite well.

So, should we have skipped Minecraft altogether?  Heck no!  By playing Minecraft, I have trained all sorts of areas of my brain in many different ways that a non-Minecraft player has never experienced.  I found it helped me in my two masters programs and both concentrations, primarily by helping me prioritize various elements of team assignments, and think about the ways various elements fit together in three-dimensional representations.  This ability to understand how various elements of a complex situation relate to one another is someone rare, particularly for a 53-year-old.  🙂

Nope.  I wouldn’t trade any of my Minecraft time.  Alas, it’s time for me to take what I’ve learned and move on.  After all, I have a novel to finish, possibly two, and then there’s the matter of finding gainful employment for at least a decade.

Even so, I might pop into one of the old servers from time to time, just to say hello.  🙂

Bottled Water Is NOT Good For You

I’ve seen several lists comparing the heath and safety aspects of bottled water over the years. Consumer Reports put out one such list a few years back. While the debate between tap water and bottled water will undoubted rage on forever, even distilled water will absorb the harmful toxins found in plastic water bottles.
All quotes below are taken from Dr. Marchese’s article entitled, The Truth About Plastic Water Bottles.  You can read more about Dr. Marchese’s qualifications, here.
 
“The manufacture of plastic bottles takes place in stages. Typically, the plastic bottles used to hold potable water and other drinks are made from polyethylene terephthalate (PET), because the material is both strong and light.”
 
Now, here’s the real kicker…
 
“#1 PETE or PET (polyethylene terephthalate) – used for most water and soda bottles. The ingredients include resins made from methane, xylene and ethylene combined with the chemical ethylene glycol and other chemicals. These have flame retardants and UV stabilizers added.”
 
Additionally:
 
“In general, polystyrene plastic leached the solvent styrene, polycarbonate plastic leaches bisphenol-A, polyvinyl chloride and polyethylene terephthalate leach phthalates. This accounts for #1, #3, #6, and #7.”
 
And now, for the coup de grâce:
 
“Both phthalates and bisphenol-A are known hormone disrupting chemicals, often called hormone mimicking compounds. Studies show that both phthalates and BPA have adverse health effects in humans and are linked to infertility, premature puberty, asthma, allergies, menstrual cycle irregularities and breast cancer and prostate cancer.”
 
Thus, when you drink bottled water, you ARE drinking phthalates, one of the more toxic HDCs out there.
 
NOT GOOD!

So, what can you do?

First, avoid as many sources of phthalates as possible.  This article lists a number of sources along with recommendations for avoiding the harmful chemical.  One of them, of course, is to avoid using plastic bottles for any substance you ingest.  That includes water.

Second, because phthalates and other harmful contaminants from a variety of sources can still make their way into your water, it’s a good idea to filter your water using a high quality, multi-stage water filtration system.  The old adage, “you get what you pay for” doesn’t apply, here.  There’s both a good deal of fear and a great deal of misinformation out there, and many water filtration companies are capitalizing on that with sensational claims and ridiculously overpriced products.  For example, you can buy two nearly identical three-stage inline water filters at Home Depot and Lowes, but the only factual difference between the two is that one of them costs $200 and the other costs almost $500.  My point:  Do your homework and choose wisely.
Third, avoid using any sort of plastic water bottle.  Keep in mind that most water bottles you buy are either made of plastic or contain plastic liners, even ones made of stainless steel.  There’s nothing wrong with a stainless steel water bottle that does not contain a liner.  In fact, it can be easily washed by putting a quarter teaspoon of dishwashing detergent inside, filling it was warm water, and thorough shaking it for about twenty seconds.  Stand it upright for several hours, shake it well, then invert it in a cup for several hours.  Empty, rinse thoroughly, and enjoy!
If you want a really top-notch system, you’ll need four things, in the following order, beginning with the input of city water:
1.  A whole-house sediment filter.  About $60.
2.  A water softener (only required in areas with hard water).  Several hundred dollars.
3.  A three-stage water filter than removes fine sediment, common chemicals, with a final stage comprised of activated charcoal.  This can either be a whole-house model, or (recommended) a unit installed under the sink next to the last item.  About $200.
4.  A reverse osmosis system.  About $200.
Please note that many reverse osmosis systems come with a two-stage filter, including the $179 GE Reverse Osmosis Filtration System from Home Depot.  This unit combines both #3 and #4, above, saving you a considerable amount of money.
Finally, a word about distillation systems.  These systems typically have one gallon capacities and can churn out a gallon of “distilled” water in a few hours.  To do that, however, they require a considerable amount of electricity, often $10-$20 a month, and the final product is often little better than what you put into the system.  The reason for this is that distillation evaporates both water and other substances with similar boiling temperatures as water, and then proceeds to condense both the water and those other substances as well!  For example, most such units are incapable of separating water from ethanol, even though ethanol boils at 78.4 °C while water boils at 100 °C, a difference of more than 10 deg C.  Commercially distilled water is produced using multicyclic (continuous feed, steady-state, with reflux) fractional distillation.  Put simply, that’s way beyond the capability of a countertop distillation unit.