Be careful this Holiday Season, stay alert.

Criminals, love those of us that don’t pay attention to our surroundings while out shopping. People preoccupied with a smartphone, as they walk to or from their vehicle. They look for the inattentive person that they can get to without being seen. Then they snatch whatever you may have, or worse, enter your vehicle as you do. As you park, take a moment to look around before getting out. Criminals will notice you being alert, and are less likely to choose you, as a target.

As you come and go at home, make sure you look around, to notice anything that is out of the ordinary. A person walking or standing nearby that you don’t know. Or vehicles, driving slowly, that are unusual for your neighborhood. A person that appears alert and aware of their surroundings, is a less desirable target. We hope you stay safe and healthy as the New Year ends for all of us. Here are a couple of things that happened in the last week, in my neighborhood.

The Lone Rider

With the attitude towards police these days, criminals are feeling emboldened. In our capital city, located 20 miles south of us, they have nearly the same crime rate as Chicago. One of its denizens apparently came to case out the neighborhood just before Christmas.

I was in the office here around midnight, just finishing an old black and white western. I noticed out the window a vehicle coming “very” slowly down the street. It stopped and after a few moments, it moved on down to the place directly across from us. It backed into that driveway, and slowly went back the way it had come. Then stopped just beyond our fence, and next to an empty lot.

It sat there about 5 mins, then turned off its lights. I saw someone get out of the car, wearing a hoodie, and they walked back down past our house on foot. Then they crossed the street that our street dead ends at, and stood on the side of the road, near the bushy area next to the pond. Then they walked back to the vehicle, turned around and drove to our intersection. They turned left towards the main road, sat a few moments, then went out into the main road and did a U-turn slowly. They then drove slowly past our house out front.

I had called the police and gave them a description of the vehicle and the hoodie, I couldn’t tell if they were black or white. The police were there very quickly. Two units turned onto our street, just as the car, which had circled our area, was returning. They stopped him up the street, just out of sight. The vehicle was registered to someone from the capital city, Montgomery.

I have no doubt, that he was casing the houses. The place, right across the street, sits in total darkness, as does the old place next to us, where an elderly man lives alone. We have a bright streetlight that we lease from the power company that shines on our property really well.

Random yard work?

A knock on the door around noon, would see a black male standing there. Wearing a backpack and a beanie type wool cap, a bicycle parked not far from him in our yard. He started giving a story that he lives in a house way down the road, he had 5 brothers, they live with him in the house he owns. Yea, right. He continued on how he just kicked out 3 of them, because they don’t work and pay their share. His sister and mother just died from covid. He was $22 short of keeping his lights on. That was the jest of the conversation.

Meanwhile, Max is just behind my leg looking at the guy, with every hair standing up on his back. Dogs, can sense bad people. The guy, said he was looking for yard work. My first thought, this is the end of December, there hasn’t been any grass that needed mowing in over two months. 

I told him, that we were so broke, I couldn’t “pay attention”. Wish I could help, but things are tight. So he left on his bicycle and headed down the road, to his next attempt. 

They just seem to come out of the woodwork with pitiful stories around this time of year. His Nike Airs, and the pristine looking bike, didn’t help his story, either.

So, be careful, keep your eyes open, and be aware of unusual things around you. People coming to your door, if they are up to no good, will notice things behind you, and your demeanor, to size up whether there may be things worth risking a break in, or forced entry.

Stay safe and healthy. Comments always welcome.

How to check for a password breach, involving you.

Email I received. (Email hidden)

This morning, while going through some very old emails that I had somehow overlooked (not good, I know), and found a notice of a breach, from a site I had used while taking a security course online. Of all the places I would not have guessed it would be, it was “Gravatar” when I had originally signed up with them years ago, before WordPress acquired it. While some of you may already be aware of this breach, I thought I would share it for those who are not. I hope some of this information, on how hackers get, and use your password helps you understand the importance of a strong password.

Apparently in October 2020, Gravatar suffered a data breach which exposed 113,990,759 accounts.

In October 2020, a security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing globally unique avatars. 167 million names, usernames and MD5 hashes of email addresses used to reference users’ avatars were subsequently scraped and distributed within the hacking community. 114 million of the MD5 hashes were cracked and distributed alongside the source hash, thus disclosing the original email address and accompanying data.

If you’re ever curious

Way back then, when starting my Blog, I was rather dumb and had used a simple password. While this site, alerting me to the breach, doesn’t know your password, they just notify you when your email is involved with a breach. I learned how passwords are cracked while taking a cybersecurity class. The password I had chosen, back then, was a pretty weak one that would probably be found in a word-list used by most security auditors and hackers. I changed it this morning. If you’re ever curious if your information has been “possibly” compromised, you can visit the site, and test your password. Basically, when you test your password, it is compared to all the lists (word-lists that hackers use) and if found, it lets you know what breach it was found in, and the date, so you can go change that password to something stronger. The site is “Have I been Pawned”. Pawned being a slang word used by hackers to denote a compromise of something.

I have used this site for years, and the man running it is a well known security speaker.

Many users are unaware of how hackers work to get passwords. So here is a crash course, on what a word-list is, and how it can be used by nefarious persons.

Your password is known only to you, unless you share it. A password, you create for a site, is then “encrypted” as a “hash”. A hash is a result of the encryption and looks more like a string of numbers. For instance, if I were to use Superman as a password, and the site used MD5 hash encryption, it would now look like this 527d60cd4715db174ad56cda34ab2dce. No one would glean “Superman” from that.

One hash at the time.

However, when a data-breach occurs, The bad guys get the password hash. Sometimes they even get the username as well. While this in itself is unusable, because all they see is the “hash” for the password, they then utilize a program that is capable of taking huge lists of words, turning them into “hashes”, and then comparing each “word hash” to see if it matches your password hash, in this case “Superman”. One hash at the time. Now, this may sound time-consuming, but computers are fast. My computer, during the security course, processed 138,000+ hashes or “hash comparisons” per second. Or 102 hashes every millisecond. “Superman” can be found in standard word-lists in about milliseconds. Imagine what several computers linked together could do. This is why, choosing a good password is important. Never use a regular word, such as a name, object, or subject, in other languages, unless the words are strung together, such as our example here, Ihabcouch@2endtables

Where do these word-lists come from? Word-lists, are simply a file of words, one word per line. They are generated from Dictionaries, Bibles, Foreign languages, names, events, anything a person might use for a simple password. Added to the list are passwords that have been cracked and leaked online by hackers. Sometimes a website (even large ones) have been found to have forgotten to encrypt the passwords, and they were stored in the database in “plain text”. Those are found, leaked, and added to the circulating word-lists. So if your account was involved in a data-breach, and you used a simple password found in a list, then they now have your email maybe your username, and password. They go to your email account, plug in your password and wreak havoc using your account for spam.

How big are the lists? Amazingly small, and large. I’ve seen pretty effective lists of about 120 MB that contains around 10,937,952 words. Then you have lists that are 5+ GB and larger, so use your imagination of how many words and combinations of words would be in that list.

passwords like 12345678

Many times while working on someone’s machine, they had to provide the password for me, at which time I always counseled them to change it, when the work was done. No one, not even me, should have that password. It is yours and yours alone. I would find passwords like 12345678, password, iloveyou, ilovebob. Yes, these were actually seen by me. Or a person on a website about flowers using Rosebud, Camellia, etc. I worked on my brother-in-law’s computer once, and he had his first name, as his email password! Although it was long enough, it was simply a name in any list of people’s names.

I hope this helps understand why it is important to have a good password. Not just something simple for the sake of “senior moment” memories, of which I have. Michelle describes my attributes as, “The compassion of a rock at times, attention span of a gnat, and memory like a leaky bucket.”

Password Tip

I sometimes use my home and items to make up an easy, strong, memorable password. Like, I have a brown couch & 2 endtables
Ihabcouch&2endtables Comes out to 20 characters, upper and lower case, a symbol, and a number. Yet after using it several times, repeating it as I type, and remembering to use the & symbol for the “and”. Since it’s not in a word-list, a brute-force cracking would take 42 quintillion years.

If you have questions, please feel free to ask them in the comments.

Note: information contained herein, is for educational purposes only, to assist others in a more secure online experience.

Update: 12/06/21 8:46pm

The service, “Gravatar” has stated they don’t consider this a “breech” of user data.

Many Gravatar users were not satisfied with the service’s explanation that all of the information users entered was public, which disqualified the incident from being labeled a breach. In the same explanation, however, the service claims the API was abused, instead of admitting that it was vulnerable and could have been better protected.

Source

It would appear to me, that even though they claim, the information of users entered is public. Yet in the same breath state the service API was “abused” which means it was used for other than its intended function by someone without permission to do so. I call that a hack or breach, by any other name. You can follow the source link above, and make your own determination.

It’s “Safe” to say, I’m getting started on a new day.

It’s almost 6 am here, and still dark, compliments of the crazy time change. Just when I was getting used to the old time, we go and change. Such is life.

Today, will be a standard Fall day here in the South. Morning sees you wearing a hoodie, so you can sip coffee on the patio outside, by this afternoon, you have to get the sunscreen out of your pocket, or wherever you could put it. You almost need to carry it around your neck, on a lanyard, during this part of the year.

The last two mornings, I have noticed the house down the street didn’t have the Christmas lights/security lights on, after about 5:30 am. He must have put them on a timer. Getting bad these days, when a redneck has to ration the use of Christmas lights. First light is appearing now, so the world is waking up.

Annabelle asleep.

Speaking of waking up. Our Great Dane is sound asleep on the couch, where she isn’t supposed to be. I sure wish I could sleep like that. There are times, when I think she was born, boneless. At least, she doesn’t snore. I have the corner on that activity, at least that’s what Michelle says.

Finally, managed to reorganize the main outside shop, during the last two days. We decided, since the move last year, that driving eight miles each way, just to hope what we were looking for was there, was just too much. Not to mention, I can use that $45 a month on something else, like me! We moved the contents here in a hurry, some of the days it rained, so we had to rush. Boxes, were stacked willy-nilly (is that a phrase?). I felt like I needed a hard hat just to enter it. As the picture shows, you couldn’t walk more than about six feet in. Now, it is stacked as neatly as possible against the far end of the shop wall. We are going through it about four to five boxes a day. Sorting, and taking a lot of it to the thrift stores for others to use, and hoard.

The junky wood to the right? Is an old bed frame I tore apart, or as we say around here, “Energetically, disassembled”. With wood selling by the ounce these days, it never hurts to have some scrap lying around. Lord knows, you sure can’t afford the real stuff from the stores right now. Won’t be long, and some old dog houses, will become prime material for many.

I suppose today, I will start back on the safe restoration. A friend gave me a safe since they were moving, and no place to put it. Super heavy, it has been through one fire, so I am stripping the paint and cleaning up the dial in preparation for restoring the dial and freshening up the paint for the numbers.

The thing weighs a ton! It was all two large men could do, to pick it up and place on a wheeled dolly, to get it over the door jamb. It is a Hall-Herring-Marvin fire-rated floor safe. From research, it is about 100 years old. 26 inches tall and 28 inches deep. Still works fine. It was left to the lady by her father, who passed on at the ripe age of 83. She couldn’t get it open with the instructions he left her.

The combination numbers were correct, but the method of using the numbers was wrong. I managed after looking up various information on that safe to figure out the correct method. She was happy, to get some old mementos from her father out of the safe. In the picture, the dial appears gold, it is actually brass. I had cleaned it up before the picture, as it was all black with white numbers, and I didn’t like the way it blended into the front so much. I will repaint the main dial black, and the numbers white, but leave the brass ring around it natural. Not only that, but I need to sand blast the skirting along the bottom of it, to remove age-old rust. The heavy metal wheels on the bottom still function.

On a side note, you never know what you will find from the past. She was shocked, to see two satanic ritual books inside the safe. He was a devout churchgoer. I’m thinking maybe I need to call in a priest, to bless the thing. Especially, since I opened it on Halloween!

That’s about it here, for my life in the fast lane. I hope you’re enjoying this Wednesday.

Reflections of a Weird Wednesday.

I’m trying to get back into the swing of blogging. I’ve been gone for a couple of months, and have missed everyone. Not only that, but I feel better health wise, and that has kept me occupied with projects around the home. Now that I am caught up, I can see more things around me.

I have stopped watching the news, just too much craziness, and stupidity, which I have never had a tolerance for. I keep up with just enough news to be informed, but not overloaded. For this weird Wednesday I’ll share a couple of crazy things I have noticed.

1. Since moving here, the neighbor two doors down, and on the opposite side of the street, are apparently true Southerners. If you’ve ever heard the comments by comedians about people in the south leaving up Christmas lights year round, then this is it. Their front porch is adorned with multicolored lights around the top and down the main front porch supports. They even flash. One has to wonder if this is a new version of security lights. Perhaps a would be intruder might think twice about breaking into, or messing around, a house where the occupants run Christmas lights year round. It’s the only house on the entire street with flashing Christmas lights.

2. It came to my attention this morning, that D.C. Comics has gone full “Woke”, Their new Superman character, will be “Bi-Sexual” and feature a scene of kissing his new “friend” who is a male reporter. There are times, lately, where one has to wonder if it’s safe to leave the house.

3. 150 miles to our south, in the Mobile, Alabama area. Recent heavy rain and flooding has driven alligators from the swamps into the nearby towns. They are reportedly wandering through yards, city streets and parking lots. A public warning has been issued in that area. Imagine going out to get the morning paper, and having to beat an alligator with a stick, to get there and back.

Anyway, I’m trying to swing back into the blogging saddle and visit everyone again. Now, I plan to paint this small house on the outside. Anyone that can paint a straight line is invited to come on down to the deep south, and help me. We’ll have BBQ on the grill!

That’s all for this morning, time to start a pot of tea, and then get on with the day.

Any Christmas lights in your neighborhood?