Advent Conspiracy — What’s Missing

One of the tenets of the Advent Conspiracy is to Love More.

Love Well -- One of the Tenets of the Advent Conspiracy
Love More

I have had pleasant memories of Thanksgiving when I was alone.  It was in college that I had my first experience of being away from my family for Thanksgiving.  Traveling 600 miles from Hope College to my home was a daunting task.  I did so my freshman year and both myself and my parents agreed that the trip was expensive and hurried, although it was so good to be home.  For my parents, it was a long-awaited acknowledgement from their somewhat rebellious son that home is a good place to be.  So it would be that I remained in Michigan for subsequent Thanksgivings.

What was a blessing was that the college campus being a community of students, faculty and families in the town.  They were all aware that many students would not be returning to their homes.  So it was truly a blessing when I received an invitation to join a family for a Thanksgiving dinner.  Aside from the incredibly excellent cooking of my hosts, there was the opportunity to dine with two noted theologians.  Something I certainly did not merit.

When I first wrote this essay I was going to wait till the final week of Advent to discuss loneliness, but two events occurred that caused me to change my priorities. First, my mother’s memorial service was held in early November 2014. The other event was the service I attended at the country church I attended as a youth. The pastor, staying true to the church calendar, shared a message on honoring the memories of those who passed away. Many people, even Christians, do not realize that Halloween is followed by All Saints Day and many Christian traditions have used that day to honor those who have recently passed on. The pastor’s message was a Christmas message, oddly enough. The pastor asked that we remember who was missing.

As is immediately apparent in my own family, the elderly who have lost a loved one are often confronted with the deepest loneliness. I can’t begin to imagine what my father experienced, to see someone who was by his side for over half a century pass on.  When Christmas rolled around his family members resided in remote cities or countries and many of his friends were far away or dead. The home was empty except for a pet. So in our journey to love more, it can best begin with those who are nearest to us, considering those in our family who may be going through the holiday season living alone.

Then there are those who are without family nearby. Not too long ago I had a conversation with my daughter and she commented how lonely she felt. I said, “Isn’t it ironic you are in a city of 14 million and you are lonely?” I relate because I resided in a city when I was single and just out of graduate school. Amidst 2 million people I felt lonely.  No matter where you are, it is difficult to be far from the ones you love.  Juneau is famous for having people who are hundreds, if not thousands, of miles away from family. In some respects it is akin to living overseas or in a different country, 850 miles from Seattle.  This is a time to remember Coast Guard families and keeping our eyes and ears open for people we know who will not be able to fly down south to rejoin their family. It was four years before my family could scratch together the funds to fly down south.

Finally, amongst the “missing” are those simply alone because they are homeless.  Many of us may have rolled up our sleeves and volunteered at the Thanksgiving or Christmas kitchen. But having a homeless person invited to your home? You can’t be serious! To be quite honest, most of our readers may have to make this a project for the coming year. To be truly meaningful, setting aside a part of your Christmas-tide for a homeless person or family requires a personal investment in their life. Otherwise, it is a bit patronizing. In the course of your charity work you can make a commitment to be personally invested in one or two people you are serving. It goes beyond cooking at the Glory Hole. It requires you to get out from behind the kitchen counter. When that happens, having them over for a meal during Christmas is much easier.

Yet maybe the homeless are not over there at the Glory Hole. Look around and you will probably see someone you know who is going through a financial crisis, a lost job or a sudden emergency. They may not be homeless, but they are close to it. Showing you care about them, that you are praying for them and willing to have them over for dinner can be a huge blessing.

It seems that the title of this essay should be “Who is Missing,” but it is the what that defines the value of family:  love, warmth, acceptance, laughter, good cooking, wonderful memories.  These are aspects of life that are difficult to replace.  When you extend a welcoming hand to people who are lonely, you help fill the emptiness.

Love More.

================================

Please note that Advent Conspiracy is a movement started by a handful of concerned Christians desiring to recapture the true meaning of Christmas.

================================

Please check my web site for a listing of more technical and literary publications.

Advertisements

Spam Filtering: Mastering Your E-mail

 

It is now a fact of life that e-mail traffic is largely spam, unwanted solicitations for your time and money, if not worse. I recall in the days of the mailbox that spam was the latest sweepstakes offer. That’s quite tame compared to the dozens, if not hundreds, of daily spam offers we encounter.  Spam cannot be avoided, but it can be controlled.

This does not have to be so. The most effective way to control spam is to note your internet behavior. Most people have one e-mail address, whether it corresponds to a friend, a bank or the guy needing money for his Nigerian grandmother. There is no better solution than to divide up your e-mail into unique e-mail addresses. (This is discussed at length in “A Method to the Madness.”)

This article focuses on how to effectively use spam filters. And it is a journey I have undertaken to understand spam filtering. Like just about everyone who reads this blog, I had one personal e-mail address. I was between jobs so I was hitting a lot of job sites on the web. It was then that I realized some were not quite what they appeared to be. When I began working at the University of Alaska (UAS) I had my personal e-mail address (which was used primarily for consulting work) forwarded to my work address. Before long the UAS account was being hammered by “job opportunities.” To add fuel to the fire, this was at a time when a faculty member’s e-mail address was posted onto a web page. Filtering, at this point, was a desperate battle of survival. Mix in about a 50-100 students, message management was a nightmare.

Introducing Filtering

Filtering has come a long ways since 2003 when I moved up to Alaska. I picked up on it quite readily. I started teaching the concept in security classes. I have seen various tools that provide filtering at different levels. For you, the average user, about all you see are the junk mail controls on your e-mail software. There is more to filtering than that. Filtering is done at several levels.

  • Your Internet Provider or Host
  • Your mail server
  • Your e-mail client software

 

For most folks, what they see day-to-day is their e-mail client software and they’ll see a folder called “Junk” or “Spam”. What they don’t see is that Internet providers and hosting services (like 1and1.com) have been utilizing anti-spam measures of their own.

  • Spammers need an e-mail server to do their work. The message must start from somewhere. That is getting harder to do these days using conventional channels. Mail service providers have been utilizing digital certificates to authenticate who they are, which it makes it more difficult to service traffic from rogue servers. Mail servers on the Internet send messages to “relay servers”, which in turn are capable of detecting spam traffic and blocking abusers.
  • Mail service squelching eliminates bulk e-mails. Most people do not encounter this problem until they volunteer to send newsletters to the 100 member gardening club. That’s when they discover an exciting new feature from the Internet provider – squelching. The messages start to drag, then get very inconsistent, and then get corrupted. You go to your provider’s web site and see in very fine print – “Send messages to as many as 50 recipients.” Once you go over that limit, the message delivery rate is sent to the bottom of the pile as messages may or may not be delivered. In other words, your Internet provider is not in the business of bulk mail.

 

From data I gathered during my days at UAS I detected that the UAS mail filter (which was my “Internet provider” so-to-speak) was filtering about 1500 messages a week for my account! They provided faculty and staff with a tool to check theses messages which provided a great deal of insight regarding the volume of spam. And that holds true for what your Internet provider these days encounters. Messages, which are unambiguously spam, are zapped before it ever gets to your mailbox.

The second layer of filtering is with your e-mail server. Most people have only an Internet provider, but if you have a hosted site ( like for your personal web page or business ), you will notice that your e-mail service has a filtering feature that affects all the people who are listed under your domain. If you had an address such as juneauflowers.com, and you had 12 employees, you can set spam filtering that affects all employees. This can remove another significant level of messages in which your employees may be tempted to open. You may also note that tools like SpamAssassin may be employed at the server-level.

 

1and1_spam_filter

No one is more aggressive at doing this than government web sites and high-security business sites. In my work with volunteer organizations, I implore people, over and over again, do not list your government office e-mail address. Invariably, newsletters are blocked by mail filters. If you subscribe to an e-mail server, you can also control quite specifically the type of traffic that comes to your employees.

The third layer is your e-mail client, the software you use on your computer or smartphone. You may have noticed that your mailbox may have a folder called “Junk” or “Spam”. These folders are used to collect spam and deposit into Junk folders. You usually get a message with a summary of the filtered messages. If you discover this is an error, you can right-click on the message and mark it “Not Junk”. Below is an example how you configure Thunderbird to filter junk mail, as well as decipher e-mail scams and messages with viral payloads.

thunderbird-1

What is interesting about this layer is that you are introduced to the fact that an e-mail client is “trained” to identify junk mail. In reality, the spam filters of your e-mail server are also “trained,” albeit at a different level. Your spam filter is asking you to move into the Spam/Junk folder any message you do not trust or want. The next time that message arrives, it may see a similar message in the Spam/Junk folder and automatically mark the message as spam. Be patient. It may take a while for the software to learn. Another thing to note is read carefully which messages are being filtered in the event a sender you care about gets marked as “junk.” For example, my health care insurance provider had, for some odd reason, their messages filtered. The solution was to right-click over the message and mark it as “Not Junk”.

The fourth layer are “rules”. Thunderbird, my e-mail software, calls it “Message Filtering” while Outlook calls it “Rules”. In both cases, you have the ability to filter out messages based on who they come from or specific phrases. This is the last defense of filtering where all other measures fail. This feature is not only for spam, but for doubtful messages, or for general, routine messages that clutter up your mailbox and you wish to keep them out of the Inbox. As an enterprise administrator, my mailbox is pounded by automated messages. These are all handled by rules, which direct these messages to specific folders. This enables me to communicate more effectively with my colleagues while also tracking notifications.The final filter is yourself. Be smart. If the message is unsolicited, use common sense. What do you know about a grandmother in Nigeria? Are there links in the message which are different than the sender. Is their an attachment from somebody you do not know. When in doubt, delete it.

thunderbird-2

In Conclusion

As I said at the beginning, learning the art of spam filtering is a journey. Take some time, beginning with your e-mail software. See which features it provides for filtering and virus protection. See which features your Internet provider employs for spam filtering. Make one change at a time and measure how it affects your e-mail traffic.

E-mail: A Method to the Madness

Memo to the Clinton Campaign:  How We Use  E-mail Determines the Risk

I had finished writing this piece when the latest blow-up over the Clinton e-mails grabbed the headlines.  I’ll speak on that later because what I wrote below pertains to them as much as to you.  Needless to say, whether you are Sarah Palin or Hillary Clinton, how you handle e-mail has significant repercussions.  

The Curse of Spam

The E-mail Symbol: By Fabián Alexis - https://github.com/fabianalexisinostroza/Antu, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=49947397

There was a time when e-mail was king, so much so that Time-Warner paid billions for AOL, a large dial-in portal.  It was AOL, combined with the likes of Tom Hanks and a blockbuster film You’ve Got Mail, that symbolized that small moment in history when anybody could have their own e-mail address, and it usually ended with @aol.com.   The social trends of that time showed people of all ages infatuated with exchanging messages, much as folks do today with Twitter and Facebook.
Hayes External Smartmodem
I come from a time prior to that phase, when “being connected” was simply having this thing next to your computer called a modem that enabled you to send messages through what was called a “bulletin board service.”  The BBS often included chat rooms where like-minded people could exchange messages that were reasonably spontaneous.  It was technology like this that spiced up films like Tron and War Games.

There was a time when e-mail was falling under it’s own weight as common folks saw their accounts swarmed by unwanted messages, some of which infected their computers, even to the point of duping some of their money.  It was given a curious label:  spam.

When Facebook arrived on the scene, folks were given the possibility that connecting with friends provided a safer way to exchange messages.  As a technology, Facebook has been very successful in providing that environment.  Socially, however, people discovered that opinions and photos passed amongst friends would eventually be observed by not-so-friendly faceless observers.

Twitter, while currently popular, is Facebook on steriods.  Here, people exchange short messages and photo snippets.  What emerges from this is a generation of younger people who are now beginning to realize that “adulthood” is when you discover that you want your own life.  Shut off Twitter, ease up on Facebook.  Read a good book, the kind with paper.

E-mail has matured.  For commerce and government, it serves as a valuable way to communicate with customers and citizens.  Yet this medium of communication is still filled with risk.  For average people, it is very frustrating.  I have personally seen how the trust-issue in e-mail has made communication through e-mail very unreliable for non-profit groups.   Let’s just say it is far less reliable than the US Post Office.

While teaching security at UAS I set up an experiment to evaluate where spam came from.  I set up a “honeypot” mail server.  It was here that I began to experiment with e-mail servers, accounts, and e-mail forensics.  The first thing I learned was that it was only a matter of one day before my server was being probed for open relays (using the server as a conduit for spam).  The fun part was tracking back the requests.  I often wondered why a software company in Calcutta was so interested in my server.  Another attempt was traced back to a law firm in the southern part of Memphis, Tennessee.

Yet what really got my interest was how our behavior affects our exposure to spam.  It was then that I started using e-mail accounts for specific aspects of activity on the Internet to measure how the usage of an e-mail address generates spam.  It was intriguing to see how my “internet behavior” affected my security.  In conclusion, how we use our e-mail accounts determines the degree of exposure to spam.  From this experience, I began to change the way I use e-mail.

The Solution:  Multiple E-mail Accounts

There is nothing sacred about having just one e-mail address.  Yet I often get this quizzical look from people when I give them an e-mail address.  It is clear that many people cannot understand why I use multiple e-mail accounts.  For less than $15 a month you can actually register your own domain (like for your family), obtain your own website and get with it up to 600 e-mail accounts. ( See 1and1.com )  Otherwise, you can set up multiple accounts with Gmail, Hotmail, Yahoo and your local internet provider.

  • First, the most important e-mail activity you conduct is with businesses.  Not just any business. The big boys, like the bank or your stock trading provider.  Use this account rarely and wisely.
  • Second, in answer to the question, “So why do you use the same e-mail for your bank as you do when you visit some strange website to send a greeting card to your daughter?”  Much of our activity on the Internet is high-risk.  Many of these sites ask for  your e-mail account as the account name or as a way to confirm changes to your account or as a way to advertise.  I use an e-mail account reserved for what I view as the high-risk activity.   This account is used whenever I visit a website and wish to register but remain uncertain it is safe.   In my experience, this account will be hit hard.  I often cycle through a new account every two years because the volume of spam gets annoying.
  • I reserve an e-mail account for friends and family.  This does not guarantee reduced risk, but it makes it easier to identify messages from those closest to you.   Spam really sticks out like a sore thumb for this type of account.
  • I have also used a unique e-mail account for organizations, such as the local Rotary Club or my church.  With the advent of mail services like Constant Contact, more and more organizations are able to deliver mail that is safe.   Yet the greatest vulnerabilities are from organized groups that are small enough to use their personal e-mail accounts with a couple of dozen other folks added. Each Reply-to increases the odds that at least one of those accounts will be compromised, at which time all the other addresses will be targeted.  Once again, spam looks strangely out of place.
  • Another idea to explore is dedicated e-mail addresses.  These addresses can service special-purpose sites like E-Bay, Facebook or Craig’s List.  Notice how these sites represent a fundamental shift in how you use the Internet, which exposes you to more unknowns.

After almost ten years, I have had to change only one e-mail address.  That was the one associated with  the highest risk traffic.  The other accounts have been providing safe, reliable messages for several years.

As noted above, registering your own domain is probably the easiest way to rationalize your e-mail addresses.  Services like 1and1.com provide low-cost services for setting up your own web page and e-mail service.  If your name is Jane Smith, you will probably be the 4,368th Jane Smith on Gmail.  But if  you register a domain like JaneSmith.name, all your addresses will have the same ending.  You may create an e-mail for web surfing like AlaskaGirl@JaneSmith.name.  For the bankers and stock brokers, you probably want to keep it simple, like MrsSmith@JaneSmith.name.  And one more important thing – high security e-mail usage should require the most complex, unique password.

The important objective is controlling your e-mail.  Having official or personally significant messages buried in spam traffic risks financial confusion or loss, as well as missing that important note from your best friend.

What About Google?Gmail Logo, By Fabián Alexis - https://github.com/fabianalexisinostroza/Antu, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=49947844

I think everyone on the planet will have a Gmail account some day.  What is attractive about Gmail is that it is only one part of “the Google cloud” experience.   Once you start poking around you will discover the G-Drive, a calendar, a chat service, etc. etc.  If you have the propensity to use Google services, then be careful.  Once a Gmail account is spammed, it can make all those other services difficult to enjoy.  For that reason, I still consider the Google cloud an experiment.  One rule of thumb I follow is whether the use of a cloud service will enhance the intuitive interaction of applications I frequently use.  I enjoy watching You-Tube channels.  My Google account makes it easy to move from my desktop to my tablet or smartphone.  That same intuitive experience, however, can make it just that easy to compromise all those services.

So how do I protect myself using Google services?  Simple.  Use it for entertainment.  Use cloud services in much the same way as you diversity e-mail.    Diversify where you put your photos and documents.    Nothing about my finances or taxes is kept on the Google Drive.  Yet I love it for the not-so-serious things.    It’s great for moving documents and photos between devices and people.   Travel is another great use of cloud services like Google.  But I do not use my Gmail account for banking nor do I use it for high-risk Internet activity.  The Gmail account is important enough to me that I do not wish to see it spammed to death, but because of its versatility it is too risky for financial services.

Can of Spam

And what about the Clinton e-mails?

The bombshell is how John Podesta’s e-mail was hacked.  Their troubles are the result of being unbelievably naive and amateurish on the use of e-mail.  Clinton’s use of a private server was probably discovered long before the FBI knew about it.  The black hat community is quite observant of activity on the Internet, especially when the search string is “clinton.”  It is also apparent that they had the bad habit of using the same address to exchange campaign strategy and ordering out Chinese.  Finally, it is interesting to note that Podesta got tricked through his use of the Google cloud service.

The other lesson we learn from the Clinton affair is that every person you send messages to provides one more portal into your world.  It is virtually impossible to conceal yourself or the messages you send to others.  It has been my experience that I often discover the oddest things while doing ordinary tasks.  I can only imagine that any officer of the law can attest that intelligence in the cybersphere expands three dimensionally.  While investigating one matter they discover information affecting a different case.  This is what happened with Clinton when emails were discovered while investigating Anthony Weiner.  The private server was revealed through a Freedom of Information request regarding the Benghazi affair.

In Conclusion

E-mail is safe to use if used wisely.  If you can’t master more than one e-mail account, can not differentiate messages from the quilting club from a notice from your bank from a Nigerian who needs money for his grandmother, then you will be in serious trouble.  But I believe most everyone reading this essay can have more than one e-mail address and use all of them judiciously.  Diversify your use of the cloud as well.  Don’t put all your eggs in one basket.

Happy e-mailing everyone.