We Should All Be Feminists

We teach girls shame. “Close your legs. Cover yourself.” We make them feel as though being born female they’re already guilty of something. And so, girls grow up to be women who cannot say they have desire. They grow up to be women who silence themselves. They grow up to be women who cannot say what they truly think. And they grow up — and this is the worst thing we do to girls — they grow up to be women who have turned pretense into an art form.
—  Chimamanda Ngozi Adichie, We Should All Be Feminists by way of Tumblr

The Decline of Civic Knowledge

A short clip

Former Supreme Court Justice David Souter

Former Supreme Court Justice David Souter being frighteningly prescient about the decline of civic knowledge in America and the effect of that decline on the state of our democracy.

“if something is not done to improve the level of civic knowledge, that is what you should worry about”

The full clip of the show that mentioned the clip.


I need to post this, as a precaution to all of you who sit on the sidelines and let people pollute the public discourse with unsubstantiated nonsense, with outright lies, with hate, with misinformation.  In today’s world, some people are attacking the rights of others, are attacking the environment and the concepts of good government.  We have to fight these people.

Here is a little list that I found for 4 grade students  at :


Here’s a list of 10 things you can do right
now to be a better citizen.

  1. Volunteer to be active in your community.

  2. Be honest and trustworthy.

  3. Follow rules and laws.

  4. Respect the rights of others.

  5. Be informed about the world around you.

  6. Respect the property of others.

  7. Be compassionate.

  8. Take responsibility for your actions.

  9. Be a good neighbor.

  10. Protect the environment.

4 is a little troubling.  Taken with 10, I hope you can see the problem.  To protect the environment, you have to confront those who are attacking it.  To fight against racism and sexism and xenophobia, you have to confront those people who practice it.


A smart thing to do with your email and passwords

I use 3 different email accounts.  My hotmail account is for most things.  I use a gmail account for project work, and another account used strictly for financial institutions and ecommerce sites.  When I get an email that says it’s from a financial institution, in my hotmail account, I know it’s a phishing scam. I am going to open up a new account for financial institutions, because, I am careful and cautious.  I am going to test using the new Brave Browser strictly for financial institutions and ecommerce notifications.  In any event, I am not going to use the same browser to surf, for Facebook, for reading BBC America, The New York Times, The Boston Globe, Google News and (ugh The Boston Herald).  You get the picture, right.  Separate things, use LONG and STRONG Passwords and dual factor authentication, and whatever other security steps are offered, whenever possible.  Do not reuse passwords for sensitive accounts. If you have sensitive notes, like passwords do not store them in a file called passwords.  Do create a file called passwords or whatever and put some fake accounts and passwords in it.  That’s called a honey pot, so hopefully if you get hacked, the thieves will at least be slowed done while they check out the accounts in this file.  Use something that encrypts the file.  Create another file in a location that maybe has a lot files and name it something innocuous and use that for you sensitive notes.

Long and Strong Suggestions

Long is better than short, MUCHmuch better, look up entropy in passwords. At least 8 characters (12 is better).  (Don’t get upset if a site like your library only lets you use 4).

See : https://xkcd.com/936/

Use a mix of upper and lower case letters, numbers and special characters.  Do not use anything in the dictionary or that looks like a date. Do not repeat characters.

How you remember this crap is an art.  One example of how I had a set of passwords a while ago was the routes that I drive, ie 93 (to) 3 (to) 6 (to) 28 to go to Martha’s Vineyards along with some personal acronyms.  Personal acronyms (passphrases) can be anything, the initials of the main characters in you favorite TV show, the first letters of your top 5 favorite meals, the first letters of an obscure quote you like, the ingredients in your favorite recipe.  Anything.  It may be personally identifiable with you, but, it will be easier for you to remember, and that’s a good thing.   But if you’re known for being a fisherman, don’t use simple fishing lines (yuck). The idea is use a phrase you can remember easily as the key to typing your passphrase (ie password). 

Here are is another guy’s ideas to follow on character substitution:


From : https://en.wikipedia.org/wiki/Password_strength#Human-generated_passwords

A better requirement would be to require a password NOT to contain any word in an online dictionary, or list of names, or any license plate pattern from any state (in the US) or country (as in the EU). In fact if patterned choices are required, humans are likely to use them in predictable ways, such a capitalizing a letter, adding one or two numbers, and a special character. If the numbers and special character are added in predictable ways, say at the beginning and end of the password, they could even lower password strength compared to an all-letter, randomly selected, password of the same length.

Avoid character repetition, keyboard patterns , dictionary words, letter or number sequences, usernames, relative or pet names, romantic links (current or past) and biographical information (e.g., ID numbers, ancestors’ names or dates).

The closer to random you get is better.  That being said, do not drive yourself crazy with the rules.  If it is greater than 8, has nothing in the dictionary, avoids the first and last letter trap, does not use sequences; but, has a character repeated, THATS A LOT BETTER THAN WHAT YOU PROBABLY USED IN THE PAST.

Here are some more suggestions on how to use some kind of character substitution and rules for your passphrases as personal acronyms to incorporate the rules for uppercase, lowercase, numbers and special characters :

At least 1 from
   : [ ] { } < >.

Example type an o as <> or  [} or {} or  [], c is { or [ pr ( , d is : 

At least 1 from
   ~ ! @ # $ % ^ & * ( ) _ - + =

Type number as some kind of combination + - from top of keyboard
Type @ for 2 or @ for  (2 -1)  etc

At least one number
   5 is 5 is 5

At least one capital letter
   i CAPITALIZE the second "component or acronym" in my pass phrase

Balance out frequently used letters with infrequently used ones
Frequency of Alphabetic Characters in the Dictionary
    s is Z, E is Q, a is x

And Roll Your Own that are easy to remember
    g is gee,  M is $,   p is +

You can use a picture on a website, an obscure reference on your facebook profile or a post, or a written obscured cheat sheet as a reminder for rules and passphrases when you are away from your encrypted list of passwords and rules.

If your passphrases are too short, string a couple together, along with the numbers of the nearest highway, or the highway you hate the most etc.

More examples of quotes to use as passphrases.

You can use signs or directions or whatever:

Only you can prevent fascist liars in 2017. 
Two Steps to Save a Life
Danger Construction Area
Quality Assurance Inspection Station
the african xylophone is called A marimba
I need to paint that room


Long and Strong Analysis:

NIST Special Publication 800-63 of June 2004 suggests the following scheme to roughly estimate the entropy of human-generated passwords:

The entropy of the first character is four bits;
The entropy of the next seven characters are two bits per character;
The ninth through the twentieth character has 1.5 bits of entropy per character;
Characters 21 and above have one bit of entropy per character.
A “bonus” of six bits is added if both upper case letters and non-alphabetic characters are used.
A “bonus” of six bits is added for passwords of length 1 through 19 characters following an extensive dictionary check to ensure the password is not contained within a large dictionary.
Passwords of 20 characters or more do not receive this bonus because it is assumed
they are pass-phrases consisting of multiple dictionary words.

by way of

The NIST research that prompted these guidelines are outdated, however, you can get a general idea of how what you think of random, is not really random, and that long is better.

Here is another password scheme to consider; however, it puts trust in external entities.  If a knowledgeable insider exploits one of these entities, then everyone is screwed.


I can’t wait to use a biometric like a finger print, or a key fob like the one paypal uses.

Another thing to keep in mind, the security guys are really, really bright.  There is a lot riding on them getting things right; but, they are a contentious lot and with there caveats come a whole shit load of theoretical possibilities.  The greater risk in the computer environment is called social engineering:

(in the context of information security) the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.

Never, ever, let anyone you do not trust access your computers!  Microsoft is not calling people and telling them about errors.  The IRS will first skin you alive, in the courts, before they ever call you.  People fall for this everyday.  Phishing scams is a topic for another day.

Google Fi and a leap backwards 40 years

I have bitches about the Fi service.  I never had an iPhone, so I can’t compare it to, say Verizon / Apple service.  I can say, the phones are fantastic, the price is good, the service is responsive.  I would probably not switchy for anything else.

If you want a good phone and service:

For each friend you refer as a new subscriber, we’ll credit you both $20 after they’ve been active for 30 days. Terms and conditions apply.

Wifey and I have Google Project Fi phones.  Google did a fantastic and game changing  job of scaring the other mobile vendors into cutting their costs.

It really was a fantastic thing. https://fi.google.com/

In a leap back of around 40 years:

1) You cannot use a Google Fi phone, to retrieve voicemail from another Google Fi number.

I have just learned that I can get access to voicemail from the Project Fi website. Its called “Google Voice”. If you search for “get my voicemail for Project Fi” through google, you will not find it.

2) I killed my phone, I suspended my service.  The message you get when you try and call me is, “Sorry, we cannot complete this call as this time.  Please try again later”

Well, if you wait 10 days or so, that will be true; but for now, no.  No way to change it.  At least the “phone” company would say, that number is out of service or temporarily unavailable.

3) I have had a number of other bitches about the Fi service.  Do you think google keeps a record of my email service requests?  No.  When it suits them, they can store every key click I have ever made.  If I wanted to go back and point out that; here are a few things you might think about changing, nope, no record.


If I ask Ok Google on my phone just about anything coherent, I get a really good response. Its baffling how brilliant, and how clueless, Google can be.


Mother by AMDJ

Dearest sweetest Mother dear,
We loved you so while you were near
We held you close so you might hear

How blessed we were to call you mother
Like you we know there was no other

Dearest sweetest mother dear
It was your time; you had no fear
At peace, in joy we shed our tears

Enveloped in memories of a laugh, a hug, a kiss
We find solace in your eternal bliss

Thank you Mom.