8 8 2021

The thing I love about not having a thing for such a long time is that space that is new for its invention. My mom’s friend invited us to dinner on Friday after a swim and a kayak. We enjoyed an evening on her screened in porch in a peaceful setting, a pink dogwood tree whose petals have been cream colored for several years, along with a creamy sunset that dissolved our faces into impressionist Monets long after dusk. A feeling of being somewhere familiar, among friends, after for so long having been alone, that place is here for everyone to enjoy.

Here are some of my favorite things: skin-on, bone in chicken thighs seasoned with Penzey’s shallot pepper. This seasoning has everything: rosemary, salt, and something indescribable that I will refer to for the moment as the third heat, as proclaimed by Tracy Jordan, the fictional character based loosely on Tracy Morgan played by himself on TV show 30 Rock. In the context of the show, the third heat was a term the actor used to describe himself, the affable and often understood in its celebrity paradigm Tracy Jordan, played by Tracy Morgan, an actor portraying a parody of himself.

There is something about the idea of direct experience and its capacity for understanding through first hand vs. second hand knowledge that touches on the idea of tasting good food. The idea that parody is an allegory for second hand knowledge of something in itself is inauthentic as I was not there the first time it happened to participate actively in its rendering, or maybe I have been there many, many times in the past but it’s suddenly new for me again. How in a sunset when our appearance distorts into nothing as we look at each other after the sky falls, the perception is imperfect. The perception is still imperfect but I see something, and that is a new appreciation for familiar things.

Root vegetables

P1110821

I love food, so much so that I tend to have a strained relationship with it. Not that I always use food to problem solve, but I eat when I’m bored, nervous, or otherwise unoccupied.

I consider a scene in the TV show 30 Rock where Alec Baldwin’s character, Jack Donaghy, attempts to quit drinking. So instead of drinking, he knit a sweater.

30 Rock Replace the Ritual

I often defer to this mantra when changing my habits. Lately I have been eating more vegetables and when I am watching TV instead of sitting down I’ll paint at my easel. I don’t know if the art is that good, but it makes me happy and it is an activity that I lose myself in entirely.

The following recipe is something I tried today. I hope you enjoy it.

Prep time: 20 minutes

Cook time: 1 hour

Total time: 1 hour 20 minutes

Equipment:

1 Butcher knife

1 pairing knife

1 peeler

1 spoon

1 9″ x 11″ Pyrex dish

1 small bowl for optional sauce

Ingredients:

4 orange beets, peeled of blemishes, cut into four chunks

handful of rainbow carrots, scrubbed

1 butternut squash

1 bunch scallions

1 bunch basil

4 cloves garlic

1-2 Tbsp Extra Virgin Coconut oil

1 spoon

Optional Sriracha Greek yogurt sauce:

1 Tbsp Sriracha sauce

4 Tbsp Greek yogurt

Directions:

Preheat oven to 400ºF

Prepare vegetables:

Peel and chop butternut squash into 2″ x 3″ blocks. Set aside in Pyrex dish.

Wash four orange beets.  Scrub and peel blemishes off. Cut and quarter beets. Set aside in Pyrex dish.

Wash rainbow carrots. Peel if desired. Cut off root and end tips. Set aside in Pyrex dish.

Wash scallions. Pat dry. Finely slice. Distribute evenly over vegetables in Pyrex dish.

Crush and finely chop garlic cloves. Sprinkle evenly over in Pyrex dish.

Pour coconut oil evenly over vegetables in Pyrex dish.

Cook in preheated oven at 400°F for one hour.

When finished cooking, let sit for five minutes.

Optional Sriracha and Greek yogurt sauce:

Mix Sriracha and Greek yogurt together until blended in small bowl. Scoop desired amount on top of vegetables.

 

 

 

I got the Jack

I enjoy the song at the ending credits of Bojack Horseman. In this Netflix cartoon show, Will Arnett plays a has been, washed up actor from 1990’s sitcoms in which he plays a horse. I am comfortable with him this way, and it ranks among the face cards in a deck of Will Arnett-themed playing cards.

I came to this conclusion because I tend to always see Arnett as different versions of Gob Bluth from Arrested Development. In 30 Rock he played the villainous Devon Banks. Although wearing more expensive suits and even more frustrated at his own incompetence, Will just seemed to be playing a version of Gob that exists on a darker time line. So the cartoon version of Will Arnett in horse form is an easy re-calibration of him into the Bojack of Gobs.

me likey

I have never been part of a focus group, but I have an idea in my mind of how one would work. In one of my favorite TV shows, 30 Rock, Alec Baldwin’s character leads a focus group asking which new name would be best for The Girly Show wherein Jack Donaghy flashes a carton of hot pizza in front of a group of people, saying,

“If you say you like TGS better, I’ll give you some pizza. Everyone likes pizza.”

And herein lies the focus group: there is a point on the Venn Diagram in which what you want to hear and what they want to know correlates with free food.

Changing the headline

When I think about security, I wonder about how things are affected by it. Simply from the appearance of something feeling safe, one might do a number of things: take a walk at dusk; let a baby pet a pit bull; use a zip line over a thirty feet drop over rocks. At one time or another, someone decided these things were OK to do so they did them. Without the appearance of something being dangerous, someone still might reflect on those risks and brave the consequences. You don’t have to be brave to do them, but knowing what you do can result in injury is one component that someone may or may not consider before doing anything.

I know a girl who rode a zip line in Vermont who fell onto a pile of rocks. She suffered a concussion that changed her ability to process loud noises. For a year and a half after the fall, she could not read or use the computer for more than minutes at a time. She could not be in the same room as two other people who were speaking in regular volume. Indoor lights bothered her, so she wore sunglasses during the day. Before her accident, she was able to process sound, read books, and log onto Facebook without experiencing illness or needing to wear protective eyewear. She could run, jump, and yell and she was like a wild animal, but her injury changed her, if for a moment.

I feel like people know so much nowadays, about the dangers of things. The risks involved in anything are so great. We know how in an instant all we thought to be guaranteed might vanish or somehow slip away. This is not unlike how when we use the computer, we assume things will be secure. The simple click of a button affords us this. Now and again I realize how with simplicity I rely on convenience to be there, technology never to fail, and people to go on how they did the day before and the day before that.

Because as people we are reliant on our past experiences to help predict future outcomes, since yesterday was somehow fine, I am confident that tomorrow will be the same way. This is a human error, how we can be so over-confident on the future based on past results. This is how people can do seemingly silly things based on the appearance of security, the mark of one day being measured by the prior day’s success. What we can see with our failed logic is a pattern that reads similarly to a gambler in a casino, or a thrill seeker in life. The measure of security is not from the precautions we have taken to assure we are immune to threat, but the ignorance of real attacks that might happen in the absence of any precaution whatsoever.

The inability for people who use wireless technology to protect their connection is a gamble that everyone takes. In a study published in the Communications of the ACM, Chenowith, Minch, and Tabor used a college campus to study the behavior (Chenowith, Minch, & Tabor, 2006, p. 135).  The study examined “wireless user vulnerabilities” and “security practices” in an attempt at measuring the users whose connections are not protected (Chenowith, et al., 2006, p. 135). The study also tallied the wireless devices “compromised by malicious applications”, such as viruses, worms, and surveillance software (Chenowith, et al., 2006, p. 135).

Our goal was to directly investigate how well wireless users are securing their computers and the threat level associated with wireless networks. Using a university campus wireless network, we performed a vulnerability scan of systems shortly after users associated to campus access points. The scans were performed using Nmap (www.insecure.org), a popular open source scanning tool. The results of the Nmap scans were used to determine the proportion of wireless users not using a firewall, the prevalence of malicious applications, and the proportion of users with open ports. (Chenowith, et al., 2006, p. 135)

The reason the surveyors used the population they did was its direct representation of use of wireless networks by the general population. Other than user authentication, there are no security measures (such as WEP) in place on the wireless network, although users agree at login that their system patches are current, that they are using an anti- virus program, and that they understand they are subject to university computing policies (Chenowith, et al., 2006, p. 135). If users desire additional security, they must provide it themselves (Chenowith, et al., 2006, p. 135). This environment of minimal network-level security and heavy reliance on user initiative makes the campus wireless network reasonably representative of public hotspot-based wireless networks in general (Chenowith, et al., 2006, p. 135).

Subjects for the study were authorized users of the campus wireless network. The total university population includes 18,599 students and approximately 2,100 faculty and staff. The university is a commuter campus with a non-traditional population of 15,779 undergraduate students (average age 26) and 1,663 graduate students (average age 36), with 54% female and 45% male (1% unspecified). Most students live off campus, and many have part-time jobs or full-time careers, often with one of several local high-tech firms. We view the non-traditional nature of the student subjects as a positive factor for the study as we believe it makes them more representative of the general public and workforce than traditional students would be. (Chenowith, et al, 2006, p. 135)

Since the study is a mirror of the real world, the results are used as a measurement of the steps people take or do not take to secure their wireless connections in the general population.

The results of the study are illuminating. The data of the Nmap scan shows that 304 computers (9.13% of the 3,331 computers) were not using a firewall (Chenowith, et al., 2006, p. 136). Even with a firewall enabled, systems can have open ports (Chenowith, et al., 2006, p. 136).

Since any open port is a potential security risk (Chenowith, et al., 2006, p. 136), the study measured open ports, and found 287 computers (8.62% ) scanned had at least one detectable open port (Chenowith, et al., 2006, p. 136). Of the 287 computers with detectable open ports, 189 (65.85%) had at least one open port with well-known vulnerabilities. Of the 287 computers with detectable open ports, 98 (34.15%) had no open ports with well-known vulnerabilities (Chenowith, et al., 2006, p. 136). Simply put, when a user had open ports, more than 65% of the time at least one of these was a port that posed an important security risk (Chenowith, et al., 2006, p. 136).

The most frequently open ports are also some of the most dangerous. The top three open ports were designed for file and print sharing across computer clusters and can potentially be exploited by attackers through null sessions. (Chenowith, et al., 2006, p. 136)

Individual systems can use “null sessions” (no username or password required) to establish connections between computers using these ports. It is well known within the security community that it is possible for an attacker to exploit null sessions and gain access to a system through one of these ports. (Chenowith, et al., 2006, p. 135)

Malware can do a lot of things, including keystroke logging, username and password detection, and online monitoring of web activity. What this does is allow someone else besides yourself to silently view and capture your personal information, including credit card accounts, personal emails, google search history, and social security number.

A total of 17 computers (0.5% of the computers scanned) had at least one malware application installed. Although a small number relative to the total number of wireless users, the existence of malware is important because any one of these infected systems may be used to launch attacks against the larger client population. (Chenowith, et al., 2006, p. 136)

Many infected computers had multiple malware applications present. Of particular interest, and somewhat alarming, is the presence of network monitoring and packet sniffing applications. Of the 17 infected computers, 12 also had at least one network monitoring/packet sniffing application. The most common network monitoring tools found were Nessus, Bigbrother, and Netsaint. (Chenowith, et al., 2006, p. 136)

Are the vulnerabilities in a system consistent within every user? No. However, on shared networks, the connection is only as secure as its most vulnerable link. In the cases where 17 computers were already infected with malware, these hubs were bastions for potential attacks on every other computer in all 3,331 computers. If everyone is as ignorant as the least protected user, then everyone is under threat of attack.

Is the technology worth the risk? This question is asked in a more meaningful way, especially when users who also carry work laptops and mobile devices with them outside of work expose their company to security breaches. The threat is real, but the question remains. Is it worth it? Do you feel lucky? I am reminded of so many things when I think about this risk, among them an episode of the NBC TV show 30 Rock. In one episode, Tracy Jordan (Tracy Morgan) and Jack Donaghy (Alec Baldwin) are talking about how to change the public’s perception of Tracy.

Jack:

Everyone thought Prince Hal was a drunken wastrel. But when he became king he transformed himself into a wise and just ruler. He changed the headline. That’s what you have to do, Tracy. If you’re open to it, I’m very good at giving advice. For instance, with your obit[uary] problem. You’ve spent years creating a certain public image, but you can change that. You just have to do what Prince Hal did.

Tracy:

You know something, Jackie D? That thing I said earlier about Prince Hal got me thinking. I have to change my headline.

Jack:

Yes, that’s what I just said. Now if I can help you…

Tracy:

No, no, no Jackie D. I don’t need your help. I’m Tracy Jordan. When I go to sleep, nothing happens in the world. (Gentlemen’s Intermission)

Sometimes we all want to be Prince Hal. If we go to sleep, nothing happens in the world. We are not at risk. Nothing bad happens. This is the same approach that so many take when securing their computers at home. If the risk never comes to bear, it all might be best left to chance.

References

Chenowith, T., Minch, R., & Tabor, S. (2010). Wireless Insecurity: Examining User

Security Behavior on Public Networks. Communications of the ACM, 53(2), 134-138. http://eds.a.ebscohost.com/eds/pdfviewer/pdfviewer?sid=043d2ad0-0c4c-47a3-b75a-0d0faef42c18%40sessionmgr4004&vid=1&hid=4210.

Gentleman’s Intermission. (2015). Retrieved from

http://www.30rockquotes.net/seasons/season_5/30rockquotes_gentlemans_intermission.cfm.