MY JUST DESSERTS

>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<

>>>>>>>>>><<<<<<<<<<

I have been very busy going to the VA for physical therapy, trying to regain a full range of motion and my strength, enough to walk and hopefully get back on my two wheeler. My therapist tells me I am making progress. But, that I have a long way to go. In my younger days, I spent a significant amount of time as a gym rat. As a matter of fact, my last duty assignment, I was the Command Fitness Coordinator and Gymnasium Manager at the Fleet Anti Submarine Warfare Training Center, in San Diego, California. Having this in my past, is helping me to recover, rather than discover my health.  rare word to the wise:

DO IT WHILE YOU'RE STILL YOUNG. 

OR AT LEAST START TODAY.

YOU NEVER KNOW WHAT OBSTACLES YOU'LL NEED TO OVERCOME IN YOUR FUTURE

I'll be blogging sporadically until I either get up and be gone like the breeze. or I come to the realization that what once was, will never be again. Once I reach that tipping point, I'll reconsider the direction of my life and my blog. But until then, THANK YOU, for your support, friendship and encouragement...

><{{{(°>><{{{(°>><{{{(°><°)}}}><<°)}}}><<°)}}}><

I hope you noticed the recent addition to my sidebar.

the advert for Roba Dolce Gelato.

In return for posting that advert for one month, the good people at Roba Dolce agreed to send me some samples of their products.

When I returned home from PT on Wednesday, there was a large frozen goods shipping container on the front porch, from Warwick, Rhode Island. 

I was expecting 1 or 2 single serving containers at best. This particular box was much too large for something so meager as a couple of 6 oz cups of ice cream Gelato.

The box contained four 6 oz cups of frozen confectionery. And five large 36 oz cartons of my JUST DESSERTS.

Flavors of the small containers were:

Raspberry, Almond Fudge

Lemon

Blood Orange

Mango

All four were delicious. The Raspberry, Almond Fudge was surprisingly, the best of the four. Despite my preferences for simple pleasures, I do have an educated epicurean palate. And in my world travels I have sampled foods of all sorts, flavors and descriptions. I have been to Valencia, Spain and have seen and eaten true Valencia Oranges. They are extremely sweet and the pulp and juice is "BLOOD RED" in color. 

The Roba Dolce Blood Orange Sorbeto was excellent, and placed a close 2nd behind the RAF.

Next in line of my favorites was the Lemon Sorbeto. Tart and tangy.

The Mango was good. But rather disappointing. Domestic Mangoes don not have the same level of flavor or sweetness as the ones found in Central and South America. And the mangoes from the Caribbean Island of St. Vincent are so sweet that when the juice dries on your hands, sugar remains.

The 5 large containers have the same 4 flavors, with the addition of CHOCOLATE CHUNK. But since I don't eat Chocolate, my review will be second hand.

A NEW AMENDMENT TO THE US CONSTITUTION

Governors of 35 states have filed suit against the Federal Government for imposing unlawful burdens upon them. It only takes 38 (of the 50) States to convene a Constitutional Convention.
This will take less than thirty seconds to read.

The new 28th Amendment is an idea that we should address.
For too long Americans have been too complacent about the workings of our Congress.  Many citizens have no idea that members of Congress can retire with the same pay, $165,200 per year, FOR LIFE, after only one term.

AND that they specifically exempted themselves from many of the laws they have passed (such as being exempt from any fear of prosecution for sexual harassment) while ordinary citizens must live under those laws. 

The latest corruption was to exempt themselves from the Healthcare Reform... in all of its forms. 

Somehow, that doesn't seem logical. We should not have an elite that is above and apart from the law. I truly don't care if they are Democrats, Republicans, Libertarians, Greens, Independents, Communists, Nazis or Whatever. This elitist self-serving above the law mentality must stop. And we can't expect them to impose this upon themselves. We must do it for them, and for us.

COPY the text of this post and email it to 20 people, or re-post it on your blog, in three weeks, most people in The United States of America will have the message. This is one proposal that really should be passed around.

Proposed 28th Amendment to the United States Constitution: 

 

 "Congress shall make no law that applies to the citizens of the United States that does not apply equally to the Senators and/or Representatives; and, Congress shall make no law that applies to the Senators and/or Representatives that does not apply equally to the citizens of the United States."

THE WARRIOR SONG

####################><####################

####################><####################

NOW, WHERE DID THAT COME FROM? PT2

In yesterday's example, I showed you how to trace an email back to it's point of origin. I made seem so easy, that the questions came in asking; "If it's that simple, Why can't you catch all those bad guys?" Well the example yesterday was a bit unusual. And was obviously written by someone who either was very inexperienced and unschooled as to the use of email headers, or she didn't care who found the pc that sent the message (It wasn't her computer to begin with).

A skilled email fraudster isn't so glib about loosing one of his OWNED systems. And generally uses a technique known as FORGED HEADERS to make source impossible to trace. 

Lets look at what a set of forged email headers might look like:

From collegebabe@aol.com  Mon Jun 7 16:54:12 2003
Return-Path: collegebabe@aol.com
Received: from trademeca.co.kr (unknown [211.219.20.86])
         by mail.someplace.com (Postfix) with SMTP id 2304964253A
         for ; Mon, 7 Jun 2004 16:54:10 -0500 (EST)
Received: from smtp0422.mail.yahoo.com (80.237.200.67)
         by trademeca.co.kr (211.219.20.86) with [Nmail V3.1 20010905(S)]
         for from ;
         Thu, 3 Jun 2004 15:55:00 +0900
Date: Thu, 3 Jun 2004 11:34:52 GMT
From: "Pamela" collegebabe@aol.com
Subject: Hey buddie! What's going on? 

The Received: headers tell the real story of this poor forgery, but you have to examine several of these to truly understand the details. This particular e-mail is identifiable because it doesn't make any sense for a person with an AOL account to use one of Yahoo's e-mail servers to relay e-mail through a server in the .kr top level domain, which is Korea.

Furthermore, a DNS lookup failed to find smtp0422.mail.yahoo.com, so this IP address doesn't exist. Even if it did, the IP address 80.237.200.67 belongs to a network in Germany, which I discovered by checking the online American Registry for Internet Numbers (ARIN) database. Chances are that collegebabe@aol.com had absolutely nothing to do with it. 

 

LET'S TRY ANOTHER

Delivered-To: NUNYA@gmail.com
Received: by 10.14.53.6 with SMTP id f6cs241029eec;
        Wed, 19 Jan 2011 17:25:50 -0800 (PST)
Return-Path:
Received-SPF: pass (google.com: domain of randomrights@gmail.com designates 10.150.54.8 as permitted sender) client-ip=10.150.54.8;
Authentication-Results: mr.google.com; spf=pass (google.com: domain of randomrights@gmail.com designates 10.150.54.8 as permitted sender) smtp.mail=randomrights@gmail.com; dkim=pass header.i=randomrights@gmail.com
Received: from mr.google.com ([10.150.54.8])
        by 10.150.54.8 with SMTP id c8mr1483694yba.350.1295486749756 (num_hops = 1);
        Wed, 19 Jan 2011 17:25:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:date:message-id:subject:from:to
         :content-type;
        bh=HaPN8FFW++8MwYEugOSew94FjrPmlsWKi1gG+mbcHxU=;
        b=Xtge1v5RQnC/y+CkvV/WLbXhqBoQp4xc1ozy+a0+qBjDcGDuqwkFrchmbs2UClLC3F
         RXsfyCTauaL5V5Zu+Q9VASqqKGFB9nan2/wqYGFS0WEHEfDKGsBIAO2oeb4/UkSOuJs1
         RikipehrxIS+Ep1yq0GwxqjAT/tr++wjXr8ww=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:date:message-id:subject:from:to:content-type;
        b=DA3UCn1lbPa8czDANmPYLwzAa/TKfWJGuYUfIOyP056BpoLhA2Kme3kYwNgAtdll46
         RU9sy/SR+bw9yctvG0ua0+qS6swO7HJ/5eqPAQboIWc6hYilCIxlenDFfnAxVfN3OjV2
         myseLjasj0Zml3IoFwy9gQiJ1iXbX9GNoAU7k=
MIME-Version: 1.0
Received: by 10.150.54.8 with SMTP id c8mr1483694yba.350.1295486749743; Wed,
 19 Jan 2011 17:25:49 -0800 (PST)
Received: by 10.147.125.13 with HTTP; Wed, 19 Jan 2011 17:25:49 -0800 (PST)
Date: Wed, 19 Jan 2011 20:25:49 -0500
Message-ID:
Subject: here goes.......
From: random
To: NUNYA@gmail.com
Content-Type: multipart/alternative; boundary=00151748df088799af049a3d036f

--00151748df088799af049a3d036f
Content-Type: text/plain; charset=ISO-8859-1

In this elaborately forged example, the person appears to be trying to put so much info, no one will want to drag through all of it to find the give away. However, with only a tertiary knowledge of  internet communication protocols, you will immediately notice the impossibility of this being a legitimate message.

1. There are several RECIEVED BY: 10.150.54.8 and 10.147.125.13 but they don't follow protocol, because they don't have a corresponding FROM: statement.


2. NOTICE THAT EVERY IP ADDRESS LISTED IS IN THE CLASS "A" ADDRESS AREA 10.0.0.0

10.14.53.6
10.150.54.8
10.147.125.13

Addresses in this range are reserved for a special purpose. And while it may be perfectly legitimate for the recipient's address to be in this range. In fact it's also possible for the sender to have a 10.0.0.0 address. Outside of your private network, a 10.0.0.0 address is not routable, and no legitimate SMTP SERVER will have a 10.0.0.0 address.

So, while these messages cannot be traced back to their source. At least you know that the message was sent by a person with intent to defraud you.

What's that you say? 

You don't have a degree in Computer Science? 

You have no idea what a CLASS "A" ADDRESS is? 

Before yesterday you never heard of EMAIL HEADERS?

Isn't there some little software program that will parse an email header for me?

Yes! you're in luck

DOWNLOAD SAM SPADE 1.14

click HERE

http://www.softpedia.com/get/Network-Tools/Network-Tools-Suites/Sam-Spade.shtml

BE SAFE OUT THERE. THE INTERNET HAS A DARKSIDE.

NOW, WHERE DID THAT COME FROM?

OR

HOW THE DETERMINE THE ORIGIN OF AN E-MAIL MESSAGE.

You just received an email message. 

It could be giving the good news, you had just one European Lotto. Or some long-lost relative died unexpectedly in Nigeria and left you $82 million. Or your friend was obtained by authorities in South Africa while attending the World Cup and then sent off an e-mail asking you to send them money.

Have you ever wondered where those messages come from? Wouldn't it be nice if there was some way to trace the message? Some record of where the message had been, since it was sent by someone, and all the little relays in between. 

What if I told you; just such a record exists, for every e-mail ever written? It's true! It's called the HEADERS. today I'm going to show you how to find and decipher an e-mail header.

LOTTO SCAM

Exhibit A

Looking at this message we can see 

tcspain-wcart@sbcglobal.net

sent this message to "UNDISCLOSED RECIPIENT"

This little trick is accomplished by tcspain-wcart@sbcglobal.net, sending this message to herself, and then BCC (Blind Carbon Copy) to you and everyone else on the sucker list. This is done to keep you from seeing that 500 other people won the same 750,000 British pounds. Which just might cause suspicion to the reader. And it prevents authorities from being able to locate and notify other persons on the sucker list. This is one bullet proof method to remove a record of all the BCC recipients. because no record is made. It was designed that way, in the RFCs.

(RFCs Concerning e-mail)

So what do we care about them? Nothing! Right now our main concern is to find out from whence this message came. In Microsoft Outlook 2007, the headers are found by clicking on

The headers are the text located in the window labeled "Internet headers" duh!

and they look like this:

The top shows it was delivered to krippledwarrior@Gmail.com. But we already know where it was delivered, we want to know where it came from? A header marks the newest information at the top of the list. So the information we want is down at the bottom. Where the message originated from?

Received: from [69.22.170.126] by web83406.mail.sp1.yahoo.com via HTTP; Thu, 16 Dec 2010 05:47:37 PST
X-Mailer: YahooMailClassic/11.4.20 YahooMailWebService/0.8.107.285259
Date: Thu, 16 Dec 2010 05:47:37 -0800 (PST)
From: tcspain-wcart@sbcglobal.net

All of that gobbledygook is computer-ese for the user named 

tcspain-wcart@sbcglobal.net, at the time and date indicated, uploaded a message for delivery from the Internet node identified by IP ADDRESS 69.22.170.126

Yea!BIG DEAL. How does this help us? you ask.

Exactly who is 69.22.170.126?

Lets ask google

type in:

whois 69.22.170.126

and you get

What are the odds that the SYS ADMIN for the European LOTTO lives in Chicago, Illinois? 

Not very!

But maybe the owner of the PC assigned IP ADDRESS 69.22.170.126 is completely unaware that her PC sent the message. She may have become the victim of any number of virus infections that actually load a Mail Server and send spam for fun and profit. Or she maybe a victim, forced to respond as part of a "bot" net (robot network). Which can be forced (without owners consent) to perform any number of illegal activities.

If you're feeling particularly civic minded, you may alert the authorities 

by clicking HERE

www.cybercrime.gov

Coming Clean. or, Grand Theft Auto

1955 Fairlane

CALL THIS

EXHIBIT "A"

My mother's 1955 Ford Fairlane 

This is the first car I ever drove. I was approximately 9 years old, I found myself sitting behind the wheel, in the driveway, pretending I was on the freeway. Turning the steering wheel back and forth testing the limits of the steering mechanism. Marveling at the fact that after releasing it, the wheel always spun back to center. 

Then on a whim I grabbed gearshift lever, pulled it toward me and down and the car immediately began to roll forward down the driveway. I probably went a grand total of 10 feet, at maybe 1 to 2 mi./h before I managed to put it back in park. This was my first encounter with the exhilaration of acceleration. That adrenaline rush that filled me full of excitement at 2 mi./h, now requires speeds in excess of 100 mph to equal.

I have a lot of childhood memories about that car. But I'm going to limit this to my first joyride. In keeping with true confessions and coming clean, please allow me to introduce this:

1963 T Bird

LABEL THIS

EXHIBIT "B"

This was my second car theft."JOY RIDE"  

1969, me a 17 year old, testosterone overdosed, adrenaline junkie. I was never allowed to drive my mother's car. For some unknown reason back in 1969, in rural North Carolina, 17-year-old males had a bad rap with Insurance companies. The man was keeping me down Insurance Company, charged exorbitant prices, which  kept my mother from putting my name on the policy. 

I would beg and plead, bargain and barter, wheel and deal, cajole and plead with her to let me drive it "Just Once."

And she would always politely explain how it was so important for her to be able to get to work, she couldn't risk losing the car in the event there was an uncovered accident. Or if the Insurance Company found out somehow and canceled her policy. She would be unable to go to work. We would all starve, and become homeless  And an unending litany of traumatic events would unfold and lead up to ARMAGEDDON.

40 years later I completely understand that logic. But, back then it was just another adult excuse that made very little logical sense to me.

Then one night, the keys to the car were laying on the kitchen counter. My mother was asleep on the couch, the Tonight Show playing on TV. I don't remember what triggered it. It wasn't like in the movies, where an angel sits on one shoulder and the devil sits on the other, helping you weighed the odds against the benefits. I simply reached down, picked up the keys and headed out the door. The Thunderbird in 1963 at 390 cubic inch engine, and the muffler systems emitted a deep, throaty sound. So to avoid the possibility of awakening my mother, I put the T Bird in neutral, rolled into the street, and down the road about 100 yards before I started it. It was no easy feat as the car had power steering and required every ounce of my strength to force the wheels to comply.

When I made to the two-lane blacktop I stress tested every part of that car. Starting with the hole shot burnout that smoked the tires for a 100 yards. Turning a couple doughnuts in the parking lot of a local Jiffy Mart put big smiles on my face. Rather than press my luck further I drove the car back home. My plan was to come down the road with just enough speed to be able to cut ignition and coast up and my mother driveway, go back in the house and put the keys down bed. However, I underestimated the car came to a stop about 12 feet from where it had been parked originally. Not very far off. But, something that would definitely have been noticed.

I spent a very long time sitting there, trying to decide what to do next. I had three choices:

first choice: Leave it right there and deny deny deny.

second choice: Roll the car back out into the street, down the road, start it and try again.

third choice: start the engine and drive forward 12 feet.

I turned the ignition, tapped the accelerator and the engine sprang into life. Simultaneously my mom appeared at the drivers side door, hands on hips eyes glaring daggers. I opened the door and submitted myself to her rage. However, it became evident quite early in her lecture that she believed she had caught me trying to leave, rather than actually returning after the fact. I never once corrected her on that assumption. I let her go to her grave, believing she had caught me before I stole a car. 

I'm sorry mom.

You used to say: "I hope when you grow-up,  you have children just like you."

I'm so thankful that you were my mother, and for you not getting that particular wish fulfilled.

Since 1684

I  am an UN-APOLOGETIC AMERICAN!! 

I pledge allegiance to the flag of the UNITED STATES OF AMERICA, and to the REPUBLIC for which it stands, one nation under GOD, indivisible, with LIBERTY and JUSTICE for all!! 

I grew up reciting this every morning in school. 

We no longer do that for fear of OFFENDING SOMEONE!! 

GOD BLESS OUR CONGRESS

GOD BLESS OUR SENATE

&

GOD BLESS OUR PRESIDENT

Give them the wisdom, courage, guidance and courage to represent this Great Nation.

I have a cousin. Well actually I have several cousins. But one in particular, David, (son of my mother's second oldest brother) who did an extensive family history look up. His work (before the invention of ancestry.com) yielded some facts about my family.

In 1684 

My great, great, great, great, great, great, great, great, great, grandfather (approx, 10 generations), moved from a rural area of what is now known as Germany. 

His name was;

SHELUMIEL SWINEFERT

HE married a 13 year old French Immigrant, and the first of my American Born forefathers began life in Colonial Pennsylvania. In keeping with a European family Tradition,  Shelumial was the moniker hung on the first born male descendants, until sometime in the late 19th century. At which time it changed to Ralph, and continued in that tradition to the generation just before mine (My Grandfather, and his eldest son were named Ralph). And to my knowledge there are no new Ralphs in the clan.

For some unknown reason, the spelling of the last name changed after arriving in America, to:

SWINEFORD.

And military service is a hallmark of my family's history. From various sources (Official, Personal and public reports), documentation shows a member of my family served under arms during every war the US has ever been involved in. From the American Revolution, when Schalumial Jr enlisted in the Continental American Army, up until my service during Operation Desert Shield/Storm. A period of  218 years.

The American Revolution 1775-1783

The War of 1812 1812-1815

The US CIVIL WAR 1861-1865

One official report commends Shelumial Swineford, for his bravery and marksmanship skills repelling Confederate forces at a little town in Pennsylvania called Gettysburg.

The SPANISH AMERICAN WAR 1898

WORLD WAR ONE 1917-1918

My Paternal grandfather, Paul was a dough boy during WWI. And served in the trenches near France and Belgium.

===================================================
WORLD WAR TWO

My uncles:

Richard Swineford, US Army, 101st Airborne Division The SCREAMING EAGLES, fought against superior German forces during THE BATTLE OF THE BULGE in Bastogne, Belgium.

____________________________________________________

Homer Swineford US Army Air Corp, top turret gunner on board a  B-17, FLYING FORTRESS, during bombing missions over Germany.

B-17 Flying Fortress

______________________________________________

Robert Swineford, USMC, served in the Pacific Theater, during the ISLAND HOPPING CAMPAIGN. Which included places like Tarawa, Peleliu,  Leyte, Luzon, Anguar and Iwo Jima.

==============================================

KOREAN WAR 1950-1953

My father, Robert. PFC, USMC

My Father's Decorations

==============================================

VIETNAM WAR 1960-1975

My Father, Robert Gunnery Sargent, USMC

______________________________________

Me, 

STG1 US Navy

==========================================

Operation DESERT SHIELD-DESERT STORM 1990-1991

ME, 

STGCS(SW) USN

===================================

The LAST WARRIOR IN MY FAMILY

STGCS (SW) US NAVY (ret)...

GOD BLESS AMERICA

AND I RESOLVE TO NEVER ABDICATE MY RIGHTS:

TO FREE SPEECH, 

TO PUBLISH MY OPINIONS, 

TO CRITICIZE MY ELECTED OFFICIALS.

TO KEEP AND BEAR ARMS

TO WORSHIP MY GOD

OR

TO WAVE MY FLAG

I WILL SPEAK MY MIND

AIR MY GRIEVANCES

AND

VOICE MY COMPLAINTS

DESPITE WHATEVER RECENT TRAGEDY, INCIDENT OR CALAMITY IS CURRENTLY BEING EXPLOITED BY PROGRESSIVE LIBERALS IN AN EFFORT TO CONVINCE THE POPULATION  TO REMOVE OUR GOD GIVEN, CONSTITUTION AFFIRMED RIGHTS AND LIBERTIES.

SO HELP ME GOD.

PRINTERS E-MAIL iTunes -n- PASSWORDS

HOW WELL DO YOU TRUST YOUR PRINTER?

If you use a modern laser printer, you should be aware that every page printed by the printer contains coded information about you. Specific details about you, your printer and its location are encoded on every page printed by the printer. This information has been known about since 2004, when it was declared via the freedom of information act, that printer manufacturers placed that encoding mechanism in their printers at the request of the United States Government, in an effort to stem the tide of counterfeiting US currency.

But, did you know that your HP printer, that harmless looking device sitting next to your computer, may actually provide hackers the ability to remotely execute programs on your computer?

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01623905

Version: 6
HPSBPI02398 SSRT080166 rev.6 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2009-02-04

Last Updated: 2010-10-13

Potential Security Impact: Remote unauthorized access to files

Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY

A potential security vulnerability has been identified with certain HP LaserJet printers, HP Color LaserJet printers and HP Digital Senders. The vulnerability could be exploited remotely to gain unauthorized access to files.

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01623905

STATES IN PART:

 

References: CVE-2008-4419
SUPPORTED SOFTWARE VERSIONS*: 

ONLY impacted versions are listed.

HP LaserJet 2410 with firmware prior to 08.113.0
HP LaserJet 2420 with firmware prior to 08.113.0
HP LaserJet 2430 with firmware prior to 08.113.0
HP LaserJet P3005 with firmware prior to 02.043.1
HP LaserJet P3015 with firmware prior to 06.043.2
HP LaserJet P4015 with firmware prior to 04.049.0
HP Color LaserJet CP4025 with firmware prior to 07.20.7
HP Color LaserJet CP4525 with firmware prior to 07.20.7
HP LaserJet 4250 with firmware prior to 08.160.4
HP LaserJet 4350 with firmware prior to 08.160.4
HP LaserJet 5200 with firmware prior to 08.062.0
HP Color LaserJet 5550 with firmware prior to 7.014.0
HP LaserJet 9040 with firmware prior to 08.112.0
HP LaserJet 9050 with firmware prior to 08.112.0
HP LaserJet 4345mfp with firmware prior to 09.120.9
HP Color LaserJet 4730mfp with firmware prior to 46.200.9
HP LaserJet 9040mfp with firmware prior to 08.110.9
HP LaserJet 9050mfp with firmware prior to 08.110.9
HP 9200C Digital Sender with firmware prior to 09.120.9
HP 9250 Digital Sender with firmware prior to 48.091.3
HP Color LaserJet 9500mfp with firmware prior to 08.110.9
 

BACKGROUNDFor a PGP signed version of this security bulletin please write to: security-alert@hp.com

___________________________________________________

E-MAIL HACKS:

HACKING GMAIL

READ THIS BOOK IN PDF FORMAT.

A comprehensive HOW TO, manual. presented here in the spirit of

FULL DISCLOSURE

Remember what I taught you before about listing your email address in open?

If you must post it, do it like this:

krippledwarrior[at]gmail[dot]com

It prevents bots from recognizing it as an address and may help keep you off some pretty nasty spam lists.

_____________________________________________________

iTunes

//////////><\\\\\\\\\\

50,000 iTunes ACCOUNTS HACKED AND FOR SALE IN CHINA

If you're an iTunes customer, you may want to pay very close attention to your account activity, especially if you have your payment account information conveniently integrated into your iTunes account to enable seamless purchases.

Some 50,000 iTunes accounts are on sale on TaoBao, the Chinese equivalent of eBay. Listings offer access to iTunes accounts priced from 15 cents to $30. One of the accounts could be yours.

An intrepid reporter for the Chinese Global Times, named Zou Le, broke the story. Le paid $5 for an iTunes username and password, and got access to credit card details and the address of an American iTunes customer.

_____________________________________________

PASSWORDS

THE ROOT OF ALL EVIL in cyberspace is your password. Or more accurately the strength of your password. Under absolutely no circumstances should your password and your login name be the same. That happens to be the very first step in every algorithm used to crack passwords.

The sequences of common letters and numbers is usually next, such as:

qwerty

123abc

abc123

asdfghjkl;

and of course:

password

I highly recommend you do away with passwords completely and use a PASSPHRASE instead. Rather than a single word, use and easy to remember sentence or phrase. Most security conscious places will require the use of passphrase of at least eight characters, with at least one of them being a numerical value and one uppercase letter. 

However, an in-depth knowledge of passwords and how they're parsed will teach you that a minimum length of 14 characters is your safest bet. Maybe teach you how to build an unbreakable, uninhabitable, unforgettable passphrase. Please do not use the passphrase I'm using here as an example. The whole freaking Internet is watching.

somethingslearned

is the passphrase were going to work with.to make this standard compliant we need to change a little;

Somethingslearned

note the S, moves us closer to compliance. Only the numerical value is missing so let's change some of the letters for numbers that resemble the letters.

S0m3thingslearned

note 0 and the 3 in place of the o and that e.

. This to the extreme yields:

S0m3thingsl3arn3d

another trick would be to transpose a consonant, in this example, the letter s is nicely replaced by the number 5.

50m3thing5l3arn3d

but we lost our capital letter, so let's change it to:

50m3thing5l3arn3D

and if you're feeling extremely paranoid you can substitute ASCII characters.

For example:

° is created by holding down the 

key 

and typing 248 

on the numeric key pad.

using that symbol to replace the "o"yields:

S°methingslearned

IF YOU DON'T KEEP YOUR INFORMATION SECURE. 

IT ISN'T YOUR INFORMATION.

SOME COMPUTER SECURITY ISSUES

********************************************************************

Microsoft Security Bulletin Advance Notification for January 2011

Issued: January 6, 2011

********************************************************************

This is an advance notification of security bulletins that Microsoft is intending to release on January 11, 2011.

The full version of the Microsoft Security Bulletin Advance Notification for January 2011 can be found at http://www.microsoft.com/technet/security/bulletin/ms11-jan.mspx.

This bulletin advance notification will be replaced with the January bulletin summary on January 11, 2011. For more information about the bulletin advance notification service, see http://www.microsoft.com/technet/security/Bulletin/advance.mspx.

To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications on http://www.microsoft.com/technet/security/bulletin/notify.mspx.

Microsoft will host a webcast to address customer questions on these bulletins on January 12, 2011, at 11:00 AM Pacific Time (US & Canada). Register for the Security Bulletin Webcast at http://www.microsoft.com/technet/security/bulletin/summary.mspx.

Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.

This advance notification provides a number as the bulletin identifier, because the official Microsoft Security Bulletin numbers are not issued until release. The bulletin summary that replaces this advance notification will have the proper Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the bulletin identifier. The security bulletins for this month are as follows, in order of severity:

Critical Security Bulletins

===========================

Bulletin 2

  - Affected Software:

    - Windows XP Service Pack 3

    - Windows XP Professional x64 Edition Service Pack 2

    - Windows Server 2003 Service Pack 2

    - Windows Server 2003 x64 Edition Service Pack 2

    - Windows Server 2003 with SP2 for Itanium-based Systems

    - Windows Vista Service Pack 1 and

      Windows Vista Service Pack 2

    - Windows Vista x64 Edition Service Pack 1 and

      Windows Vista x64 Edition Service Pack 2

    - Windows Server 2008 for 32-bit Systems and

      Windows Server 2008 for 32-bit Systems Service Pack 2

      (Windows Server 2008 Server Core installation affected)

    - Windows Server 2008 for x64-based Systems and

      Windows Server 2008 for x64-based Systems Service Pack 2

      (Windows Server 2008 Server Core installation affected)

    - Windows Server 2008 for Itanium-based Systems and

      Windows Server 2008 for Itanium-based Systems Service Pack 2

    - Windows 7 for 32-bit Systems

    - Windows 7 for x64-based Systems

    - Windows Server 2008 R2 for x64-based Systems

      (Windows Server 2008 R2 Server Core installation affected)

    - Windows Server 2008 R2 for Itanium-based Systems

    - Impact: Remote Code Execution

    - Version Number: 1.0

Important Security Bulletins

============================

Bulletin 1

  - Affected Software:

    - Windows Vista Service Pack 1 and

      Windows Vista Service Pack 2

    - Windows Vista x64 Edition Service Pack 1 and

      Windows Vista x64 Edition Service Pack 2

    - Impact: Remote Code Execution

    - Version Number: 1.0

 ______________________________________________________________________

AND FOR MY FRIENDS WHO USE APPLE/MAC 

know this:

Apple surpasses Microsoft in security vulnerabilities
You probably heard Apple surpassed Microsoft as top tech dog in May. Well, here's another area where Apple beat Microsoft this year: security vulnerabilities.

In its recently released half-year report, Danish security firm Secunia found that Apple surpassed Oracle this year as the software developer with the most vulnerabilities.

Apple and Oracle were followed by Microsoft, which has held the No. 3 spot in Secunia's list since 2006. Others in the top 10 list of software vendors with most vulnerabilities were HP, Adobe Systems, IBM, VMware, Cisco, Google and the Mozilla foundation.

This is particularly interesting when you take into consideration how many new iPhones iPods and the new iPads that have been purchased this recent Christmas.

SOPHOS

has a free anti-virus software for Mac

CLICK HERE

to get it.

PINK SATURDAY

HAPPY 2011

AND IN HONOR OF MY

FASHIONISTA

NICNACMANIAC

I HAVE TO APOLOGIZE TO HER FOR ALWAYS SAYING

I'VE NEVER OWNED OR WORN ANY THING PINK.

GOING THROUGH OLD PHOTOS

TO SCAN.

I FOUND THIS

TAKEN IN KAMIKURA, JAPAN

NEAR THE SITE

OF

THE GREAT DIBUTSU

IN 1978

THE HAT WAS MADE BY AND GIVEN TO MY BY THE 70 YEAR OLD MOTHER OF MY NEXT DOOR NEIGHBOR IN NAGAI, JAPAN, JUST OUTSIDE OF YOKOSUKA.

SO, NERINA.

I'M SORRY FOR MISLEADING YOU FOR ALL THIS TIME.

BUT, I'M PRETTY SURE THIS IS THE ONLY

PINK

IN MY ALBUMS.

____________________________________________________

HAPPY 2011