21 April 2016

Our Happy Places


by Brian Thornton

The Needles–Cannon Beach, Oregon
First light: 6:14.

At 6:10 I was up and dressed, slipping out of the room with deliberate movements, careful not to wake either my wife or my son.

We had discussed this scenario the night before. "I hope you do it," she said. "I think it'll make you feel so great."

Wise woman.

I was not yet three months old the first time I visited Cannon Beach, Oregon. My mother's family had been vacationing there for years by the time I was born.

My grandmother, born and raised a Nebraska farm girl, was always an early riser, and used to get up and out before the rest of us awoke, and take long, solitary, early morning walks on the beach. This was the subject of no little amusement on the part of the rest of my family.

But she was always finding interesting things on those early morning walks: colorful shells, wave-sculpted pieces of driftwood. Once she found a dead sea lion washed up on the sand. Another time she discovered a forty foot-long lifeboat lost in a storm by one of the luxury liners that plied the waters off the coast. (She got salvage rights on that one, and made the local paper, too.).

Most of all, she just seemed so happy after one of her excursions.

Once I was old enough, I convinced her to let me tag along from time to time.
Ecola Head Lighthouse

The memories we made on those mornings are some of my happiest. My grandmother could be close-mouthed and tart-tongued. Standing barely five feet, she was indomitable will personified. Her nick-name growing up was "Serious Dorothy."

On those walks I got to see another side of her. I got to see joy. And to share it.

That has stayed with me throughout my life.

In fact, when I went into the military, I picked the Navy, partly because of what I considered a life-long love affair with the sea. Turned out it wasn't the sea I loved, so much as the coast.

And in my five decades on the planet, I've seen a lot of different stretches of coastline, on a variety of continents. Wild coast, civilized coast, touristy coast, deserted coast. Hell, I live in Puget Sound, which has some of the loveliest coastline you'll find anywhere.

And yet none of it has the effect on me that Cannon Beach does.

For those of you unfamiliar with the place, it's the "Goonies Beach" (the stretch of coastline featured at the end of the film "The Goonies."). It's rocky and usually windy, and altogether magical. Its most famous feature is Haystack Rock: the largest free-standing monolithic coastal rock in the Northern Hemisphere.

Haystack Rock, with one of the Needles to its left. Who is that mysterious figure in the lower right-hand corner of this pic?
And on this particular Monday morning in April, with the sun not yet up, and the day promising to be both unseasonably warm and unseasonably sunny, I had the entire beach to myself.

It was just God, the Rock, and Me.

I came to Cannon Beach every summer of my youth, only ceasing to make the annual trek with my family when I went into the military at age 19, and couldn't make it home during that part of the year. And then there was college, graduate school, and carving out a career.

And sure, I've been back since, but not for any great length of time, and usually when the weather
was so bad you'd be hard-pressed to tell where the rain squall you were trudging through ended and where the ocean began. And I've also stayed on the Oregon coast since. But with apologies to Gearheart, and Seaside, Rockaway Beach and Manzanita, none of those trips, all fun, all involving family, has filled me up in quite the same way those childhood romps on Cannon Beach did.

I well recall my final childhood walk on that beach. I'd just turned 18, and had hurt my right knee working for a salvage company that same summer. So during the week my family spent at the beach, I spent the majority of it on a couch with a view of the ocean and my nose stuck in a book.

On our final day there, with everyone, Mom, Dad, Grandma, Grandpa, my brother, aunts, uncles and cousins all out of the house, I decided I'd been cooped up long enough, and started hobbling down the beach, brace and all. By the time I decided to turn around, I'd walked the five miles down to Hug Point!

That misty headland off in the distance, past the rocks? That's Hug Point. In the distance behind it is Arch Cape.
I can dimly recall what came after. My parents walking down the beach looking for me, looking relieved and happy when they encountered me, tired and happy (and with a throbbing knee!) returning up the beach. That, along with the pleasant stroll we shared up that stretch of sand, past the Rock and to our rental just north of it, that stands out in stark relief. But starting college a month later, feeling rudderless and eventually joining the navy, well, that's all kind of a blur.

But that last walk on the beach?

It was just the thing for me.

And apparently it still is.

Because on the first Monday morning in April of this year, I did the same thing. As before, it was our last day of vacation. Only this time my knee wasn't in a brace (still aches when it's gonna rain though, go figure). And this trip it was just myself, my wife, and my not quite four year-old son. And when I'd mentioned I was considering getting up early and walking the mile or so it took to get to Haystack from our hotel room, my late riser wife was all for it. She'd handle our son (no mean feat). I could have the time and the headspace and the experience.

Magic.

Just God, the Rock, and Me...

...And the spirit of my grandmother. And my parents walking beside me. And two days before, when I walked that beach for the first time with my own son. (Yep. That mysterious figure...).

We all have our Happy Places, the ones that are a part of us, and of which we are a portion (with apologies to the ghost of John Donne). Up until my most recent trip to mine, I'd been struggling with a couple of long-term writing projects, wondering whether I'd lost the touch that allowed me to write and publish ten books in six years.

I'm married. And a father. And if my latest tax return is to be believed, a home owner. Now don't get me wrong. I love being married. And I love being a father. But these roles don't come with a light load when it comes to responsibilities of the time and headspace-consuming varieties.

I'm not different from most guys at this stage in life. I've got distractions upon distractions upon distractions. For me, the kind of headspace required to write has been in short supply for some time.

And also for me, writing is a part of me. Not being able to get any real traction in a good long while had begun to make me feel I had a cramp in a muscle I couldn't locate. In its own way, my being blocked by lack of headspace/time had become its own variety of distraction.

I'd been feeling for a while like I needed to find some way to reset the mechanism. Too much precious time I'd spent in front of the monitor and keyboard, tapping away and getting nowhere. So when my wife asked where I'd like to go for my birthday this year, the choice popped right into my head.



And God love her, she made it happen.

It should go without saying that there's a happy ending to this post. Hell, it ought to go without saying that the impetus to write it in the first place has been the enduring sense of profound joy I've carried around with me in the weeks since our vacation at Cannon Beach, capped by my own solitary stroll, that lustrous Monday morning.

And as I and my personal ghosts communed on that not-so-lonely stretch of beach on that lovely, windy, sunny, gorgeous Monday morning, I felt light, as if relieved of a great weight. And as if the scales before my eyes had dropped, and I could see again.

And I'm writing, really writing, again.

And once and again, as i sit down to write, I embody wonder. While mentally reliving the youthful gambols of my more tender years, I give voice to glee. And through it all, I am the face of rapture.

The very countenance of joy.

.....Just God, the Rock, and Me...


20 April 2016

Grammar Police Procedural



by Robert Lopresti

Last year I was teaching a course at the university where I work and since it was what is known as "writing intensive" I invited a representative from the Writing Center to come talk to the class.  The Writing Center (now part of the library's Research and Writing Studio) is a place where students get assistance from specially-trained students on anything from creating a thesis statement to citing a term paper properly.

The writing coach (a pro, by the way, not one of the student peers) asked all of us to name our pet peeves in terms of grammar mistakes.  What bugs you when you see it in writing?


I had several to suggest, and that got me paying close attention to what was handed in as the course progressed.  In fact, I became so invested  I told the students they could get up to three extra credit points on the final paper, simply by not making the three mistakes that irritated me the most.  They didn't have to use these elements correctly; they just had to avoid using them wrong. 

Below is a list of my current complaints.  You will find the Evil Three at the top of the list.  Please add your own peeves in the comments.


Available at Zazzle
Apostrophe Abuse.  If you can substitute his for its then its does not get an apostrophe.   I will leave  other uses of the handy hangy-down thing as a student's exercise.  (Or an as exercise for the students.  But not as an exercise for the student's.)

Semicolon.  In Donald E. Westlake's wonderful posthumous book of essays, The Getaway Car, he offers a spirited defense of the poor abused semicolon.  If you don't like it, by all means, don't use it, but use a period instead, not a comma.  Thank you.

Affect/Effect.  I admit that until I taught this course I wasn't 100% confident on this one myself.  The problem is that, while affect is almost always a verb and effect is almost always a noun, they each do have uncommon uses with the opposite part of speech.  Try explaining that  to a freshman.

Lose/Loose.  This is one of those Spellcheck Curses.  People seem to lose the ability to spell lose.

Poorly/Badly.  I don't have a rule about this one.  It's just a mess.  I feel poorly usually means I am sick.  I feel badly could mean I regret or My fingers don't work.  Any thoughts?

Around/About.  I just noticed this one this week, although I have certainly heard it before.  An otherwise eloquent speaker kept saying things like "We talked around the subjects of blah, blah..."  This is fresh academic jargon for broadly discussed.  Sorry; talked around means avoided the subject of X.


Available at Labelmakers.
Times Less Than.  This one bugs me so much that i can tell you exactly where I was the first time I saw it.  It was an ad for cosmetics in a grocery store.  Here's the deal: if the sales price is  three times less than $40, it is minus $80.  You can find webpages claiming "times less than' is acceptable, but you can also find websites claiming Elvis Presley is married to Bigfoot.  Try this page for my side.

And by the way: a recent article in a prominent scholarly journal told us what we all suspected; People who correct each other's grammar are jerks.  Feel free to dive into the comments and join me in the jerk pool.



P.S.  All the typos and apparent errors you find in this column are placed there deliberately.  At least, you can't prove otherwise.

19 April 2016

Back Pain Attacks Writers and Readers


Do you love books? Reading them, writing them, anything to do with them?
And have you ever had back pain?

Chances are high that you said yes to both books and back pain. This is a site for mystery lovers, after all, and approximately 84 percent of adults get low back pain at some time in their lives.⁠1 ⁠2 So you and I are not alone.

(Wouldn’t that make a great birthday card? Happy 18th birthday! Party hard, because now you have an 8 out of 10 chance of hurting your back!)

So listen. I’m an emergency doctor who loves books. I decided to tackle this sucker by writing THE EMERGENCY DOCTOR’S GUIDE TO A PAIN-FREE BACK, which releases Thursday, April 21st.

Obligatory disclaimer: I am a doctor, but I’m not your doctor, so you have to go see your own health care  practitioner. All I can do is give you helpful advice on treatment and prevention.

I pored over research articles. I read other books and considered both traditional and integrative approaches, including acupuncture, yoga, and diet. What struck me is that some people want to give advice without anchoring it on research, so I’m proud to say that I included studies written right up until January 2016.

The other thing that struck me was that a lot of fact-based books were super dull, so mine is short, funny, and full of cartoons and pictures because hey, life is short.

Here are three tips for readers and writers:

1. You don’t have to be a book lover to get back pain. Even sitting all the time doesn’t automatically cause back pain⁠ 3, although it does predispose you to other problems (coronary artery disease, diabetes, breast and colon cancer ⁠4…I know! I’m full of good news today!). So try to get up and move throughout your day.

2. After you go see your doctor, you may well get diagnosed with non-specific low back pain. More than 85 percent of the time, we don’t find a particular cause.5 I consider that good news, because you don’t want the herniated disc, fracture, infection, or cancer. You want to get better. Fast. And to do that…

Kathleen can do it. So can you!
3. “Don’t tell me I have to exercise,” groaned more than one writer-friend on Facebook.
Yes, I’ve got triple good news for you. You do have to exercise once you get over your initial agony, or to prevent it in the first place. Exercise and education reduce your risk of a back pain episode by 25 to 40 percent, as shown in a 2016 meta-analysis by Dr. Daniel Steffens and colleagues at the University of Sydney. They considered 21 randomized control trials of 30,850 people.6

There’s no hard evidence on which type or amount of exercise is best. “It seems to matter less exactly what type of exercise you do than that you do it in a regular way,” said Dr. Timothy S. Carey, a physician at the University of North Carolina at Chapel Hill, who co-authored a commentary on the mega-study by Steffens.

So choose exercise that you like, and do it. Cardio, core, strength training, flexibility, and working your upper and lower limbs were all included in that mega-study.

Since we’re all busy, I developed a three-pronged exercise program where you can even work on your strength and flexibility in bed, at work, and while watching TV. My program is meant to be accessible to everyone. Look at my friend Kathleen. She’s a senior citizen, and she’s hitting it hard. With my book!

Click cover to preorder e-book now for a special price of $5.99 (regular price $9.99).
Direct Amazon.com link here.
Bottom line: most of us will get back pain sooner or later. As someone who loves words, you’re already at at advantage to prevent it through education. Keep reading and start moving, and you'll save your energy for more fun stuff like cat detectives and hard-bitten thrillers.


1 Deyo RA, Tsui-Wu YJ. Descriptive epidemiology of low-back pain and its related medical care in the United States. Spine. 1987; 12:264.
2 Cassidy JD, Carroll LJ, Côté P. The Saskatchewan health and back pain survey. The prevalence of low back pain and related disability in Saskatchewan adults. Spine. 1998; 23:1860.
3 Chen SM, Liu MF, Cook J et al. Sedentary lifestyle as a risk factor for low back pain: a systematic review. International Archives of Occupational and Environmental Health. 2009 Jul, 82(7): 797-806
4 Lee I, Shiroma EJ, Lobelo F et al. Effect of physical inactivity on major non-communicable diseases worldwide: an analysis of burden of disease and life expectancy. The Lancet. 380(9838): 219-229
5 Deyo RA, Weinstein JN. Low back pain. N Engl J Med 2001;344: 363-70
6 Steffens D, Maher CG, Pereira LS, et al. Prevention of Low Back Pain: A Systematic Review and Meta-analysis. JAMA Intern Med. 2016 Jan 11:1-10. doi: 10.1001/jamainternmed.2015.7431. 

18 April 2016

Care & Feeding of a Mystery Bookstore Part 2



More pointers on mystery bookstores:
Best laid plans of Mice and Technology Challenged Woman known as Jan Grape. I looked through several boxes of photographs and found ones I wanted to use in this article. Took my phone out and snapped photos of my photos. Got some fairly nice photos.

Oh dear, these are on my phone and my phone doesn't do email. Well, it would if I knew how to set it up but haven't been able to do that and haven't been able to get to Sprint store to get the guys there to help me. Got my tablet out and retook all the photographs. They turned out fairly well. Actually about as well as taking them by phone. Tried to send them to myself via email. That wouldn't work. And tablet is set to do email. in fact, that's how I do daily email. Have no idea why it wouldn't work. I was connected to Internet and could read and sent email but not the photos.

Finally, gave up and am just writing a few words about our bookstore and how we did things. What this will be is a bit of history but a little reminder of how authors can utilize their favorite Independent Bookstore if you are lucky enough to be near one.

First thing that is important is to remember most Indies have a limited budget to order author's books. However, if you live close to one then go in and meet the owner or manager. Tell them you write and who publishes you,  that you would like to do an autographing event and see if they are interested. Tell them your book is mystery, thriller, romantic suspense or whatever. If you have previous books, take one in and give it to the owner. If this is your first book, give them as much information as possible, a jacket cover or any reviews or blurbs. This might entail you making up a press kit. Also if you know there are other mystery writers in your area try to work out a joint signing with them.

We always enjoyed having 2 or 3 or 4 authors and have them do a panel discussion and/or a reading and that helps insure more people will attend. Because the other authors may have a following already and that will bring in more people. Also if you have a mail list or email list to give to the store that's even better. If you have any promotional materials tell the owner or bring them one if you have it. Find out if they might need a few extra dollars for refreshments. You can make cookies or candy and if you have another author or two see if y'all can pool money for coffee or soda. Most stores have a budget for drinks but offer and then let them tell you.

Also offer to get publicity out in your local newspaper. Maybe you can get someone to write a review for the paper's book section. Or if you have a favorable review already use it. Make up a poster, using your jacket cover and your photograph. If you don't have a jacket cover yet, call your editor and tell them you are trying to set up publicity for a book signing. Sometimes even a small press will do a couple of posters for you.

If you don't have an Indie store in your area, go to the big box store and get acquainted with their community or publicity director. See if you can get something set up with them to do a signing. Especially if you have a writer friend or two who might do an event with you.

Maybe next time I can get those photographs to make this all more interesting.



17 April 2016

RansomWare 3,
Recovery


 WARNING  In part 1, we discussed a nasty type of malware (malicious software) called ransomware and in part 2, we recommended preventive steps. In this final article, we explore options in the event your computer is attacked.

Don’t Pay

That’s the advice of most professionals. Besides filling criminal coffers, a better reason leaps out. FireEye Security and technical advisor Alain Marchant estimate only 60% of payees get their computer back intact. BitDefender estimates even dimmer odds, as few as half of those who pay see their files returned. Symantec hasn’t published figures but they’re also not optimistic about the odds of success.

The poor odds of successfully retrieving files has drastically impacted the ‘business’ of extorting stolen files. TeslaCrypt perps have taken two unusual steps.
  1. They set up a secretive TOR ‘dark web’ message center to facilitate payment.
  2. To prove they can actually decrypt files, they offer to decrypt a small (very small) file of the user’s choice.
Yet, as they try to extract payment, their pages hint at the myriad failures and pitfalls: «If step 2 goes wrong, then attempt this and if that goes wrong then try that and maybe try again in 10-12 hours… which may exceed the allotted time… blah, blah.»

Then consider the matter of who reaps the stunning profits from ransomware. It’s tempting to blame ordinary criminals but in fact, ransomware funds terrorist groups like Daesh/ISIS and al-Qaeda. State-sponsored extortionists include the obvious suspects, China, North Korea, and Russia. Technical authors Gregory Fell and Mike Barlow further accuse Iran and Israel of sponsoring attacks at the expense of the rest of us.

Ransomware is an international problem. The Russian security firm Kapersky Lab was reportedly hit with ransomware and thus turned their attention to addressing the problem. French security consultant Alain Marchant, who goes by the name xépée and cheerfully admits Marchant may not be his real name, has developed a client base of victims ranging from individuals to major companies. Here at home, developers of anti-virus products have trained their sights to the problem.

The Costs

Worldwide, malware sucks more than a half-trillion dollars out of the annual economy. Some target individual countries like Japan (TorLocker) and Russia (Kryptovor), but others are indiscriminate. The US alone loses $100-billion annually.

Cyber crime is lucrative and safe. While one or two man operations bring in as little as $1100-5500 daily, Symantec traced one revenue stream that amounted to $35 000 a day, a number consistent with a study by FireEye Security. At the upper end of the scale, Cisco’s Talos Group calculated the Angler exploit (CryptoWall, TeslaCrypt) each day targets more than 90 000 users, pulling in $100 000… every day.

Losing family photos is one thing, but businesses have lost their files, charities their revenue, hospitals their patient records, government agencies their data, and– in at least three cases– people their lives.[1],[2]

Practicalities

Acquaintances of ‘Mark’, a victim mentioned in last week’s article, casually recommended caving to demands and paying off, ignoring the odds and consequences. Those acquaintances may be well-heeled and untouched by ordinary concerns like money and terrorist funding, suggesting if one can afford it, why not? Fortunately, Mark had a friend to help see him through the worst of a bad situation.

If you are a victim, only you understand your circumstances or desperation, but treat pay-offs only as an absolute last resort. Be prepared for the worst– your payment may go for naught.

Easy Pickings

Chances are you’ve seen web pages or pop-up windows that claimed your computer has been damaged or compromised and to call ‘Windows’ or ‘MacOS’ where ‘professionals’ for a fee will help you stamp out this insidious nuisance, one they created, although they don’t tell you that.

These are usually simple browser attacks– JavaScript on a web page seizes control of your Edge browser, or Internet Explorer, Safari, Chrome, FireFox, etc. The good news is they’re relatively easy to defeat, although getting out of the situation can puzzle an average user.

In these cases, don’t panic and don’t call the toll-free number the bad guys so thoughtfully provided. You may want to call a friend for technical assistance, but you may be able to solve it yourself.

The key to recovery is killing the script, the little program abusing your browser. You may be able to simply close the page, and if so, job well done.

Another approach is to open the browser Preferences or Options and disable JavaScript. Once JavaScript if paused, you can close the web page at your leisure, alt-Æ’4 or the more nuanced ctl-w for Windows, cmd-w (⌘-w) for the Mac. Unfortunately, FireFox made the decision to remove the option to disable JavaScript, but add-ons like QuickJS, NoScript and Ghostery give users that option. For the Mac, typing command-comma (⌘,) normally brings up preferences, but the malicious script may thwart that move.

What happens if you can’t close the web page and can’t disable JavaScript? You have no choice but to kill the browser and restart with a goal of stamping out the offending window. Use the Macintosh Force Quit (⌘-opt-pwr) or the venerable Windows Task Manager (win-shft-esc). You may be able to right-click on the program icon to close it. When restarting Safari and Edge, use finger dexterity to close the offending window– you may have to force-quit and restart a couple of times to succeed. FireFox is helpful here: They provide a dialogue box asking which pages you want to reopen (or not).

Note that you may have to smack down more than one browser window. At least one exploit deploys two pages using one to reopen the other if it’s closed. Both pages need to be killed.

Trust Issues

As with other ‘exploits’ (short for exploitations in professional parlance), you can (and should) take the preventive measure of downloading an alternative browser to your computer, say Opera, FireFox or Chrome. If a bad script has nailed your Safari or Edge browser, you can fall back on an alternative until you can get help.

The other key step is not to download anything you don’t trust. Don’t fall for messages claiming your Java or Flash or SilverLight player needs to be updated. Be extremely shy of web mail that offers to upgrade Windows 10. The safe way to update is not to click on the helpful button, but to locate the official web sites and manually download any updates yourself. Make certain the URL says java.com, adobe.com, or microsoft.com (with or without the www.) and no variation like javaupdate.com.

In the past, professionals have disdained automatic updates and that’s fine for them. Let them micromanage if they will, but for the average user, I break with my colleagues and suggest automatic updates might prove safer. The reason is that if you already trust a program, then its updates are reasonably safe as well. At worst, you may get a message saying that FireFox must be restarted, although if you don’t restart immediately, the updates will kick in after you quit your current session.

Apple and Microsoft occasionally check for updates. While I approve of the automatic mode, I suggest running the update check one time manually so you know what to look for.

RansomWare

Thus far we’ve discussed the simplest form of ransomware that merely subverts your browser. At present, you’re more likely to encounter web exploits than the really nasty kind that takes over your computer by encrypting files and user programs.

True ransomware programs demand payments ranging from $200 to over $2300 ($475 appears average) in untraceable digital payments, up to tens of thousands of dollars when targeting hospitals, corporations, and crippled city and county governments. There is no single flavor of ransomware. At least half a dozen strains are extant plus offshoots and variants. Each makes up its own rules and demands. Early models sought cash transfers via Western Union and later Ukash, MoneyPak, and PayPal My Cash, but nearly all now demand payment in anonymous digital money– BitCoin.

The other characteristic found in most ransomware is the imposition of a deadline, after which the bad guys state they’ll refuse to restore your files altogether and at least one variant claims it will permanently ruin your hard drives, not merely beyond recovery but beyond formatting (a highly dubious claim).

The time limit serves one primary purpose, to apply pressure and rattle the victim, to preclude the user from thinking his way out of the dilemma. A time limit makes it difficult to gather information, tools, and help. The target may not have sufficient opportunity to order recovery tools or a second drive to work from or a create a bootable disc.

Besides your backup, you will need a reinstallation disc. These days, few computers come with installation DVDs. Some computers feature a bootable partition that contain tools and recovery programs. In other cases, you must download a so-called ISO file from the internet to burn to an optical drive (Blu-Ray DVD, etc)– but you can’t safely do that from your compromised system– you either need to boot from a trusted drive or ask someone to download a recovery ‘disc image’ for you.

As far as the threat to permanently wreck a hard drive, it’s hypothetically possible but unlikely. Black hats may alter your boot tracks or drivers, but those can be repaired with a disc formatting program. In the unlikely case that bad guys were to zap your drive’s firmware, they’d have to strike after the time limit they imposed. Long before then, an aware user should have powered down his computer.

Demanding Money with Menaces

British use the term “demanding money with menaces” regarding blackmail, extortion, and kidnapping for ransom. The threat of ransomware is clear: If you don’t pay, you lose your files. But if you do pay, you may still lose your files. Damned if you do, damned if you don’t, the track record is not good.

Beyond the substantial risk a victim will never see his files after payment, there are sound reasons for not paying or attempting to communicate in any way. The victimized may inadvertently expose more information than realized such as passwords and bank account information. My colleague Thrush says paying or trying to reach out tells the bad guys “they have a live fish on their line.”

If a victim attempts to reach his bank on-line, an infected computer can forward passwords and account information to the miscreants. Because the bad guys have control of their subject’s computer, they may be able to extract injurious information. A wise solution is to quickly disconnect from the internet to interrupt the outflow of information.

One-Way Communication

Security consultant Alain Marchant says about 12½% of victims opt to pay, but less than ⅗ of those cases see the return of their files even after payment. He suspects the percentage may be considerably worse because of under-reporting.

Marchant’s stats are highly consistent with FireEye reports. He attributes failures to restore hostage files to a number of factors.
  • There may be no hidden server that can unlock the files. The victim has only the criminal’s word such a server exists. Maintaining servers exposes the bad guys to risks they may not be willing to take.
  • Perpetrators may simply not bother. A one-man operation can easily bring in a minimum of thousands of dollars (or euros or pounds) a day, millions a year without lifting a mouse-finger. An extortionist whose biggest problem is hiding money from authorities may feel no obligation to release hostage files.
  • Hidden servers, if existing at all, may be taken down by its ISP, by government raid, by weather, by a denial-of-service (DoS) attack, by power failure or other outage, or by the bad guys themselves to evade detection. Perpetrators, particularly those on the move, may rely on laptops that are on-line only for brief periods. A perpetrator who can’t connect can’t repair the damage.
  • Because of a restricted ability to test malware, perpetrators’ programs may be bug-ridden and unable to recover the data. FireEye reports that files encrypted and then decrypted by TeslaCrypt turn out corrupted.
  • Perpetrators may not have the sharpest grasp of time zones, which may cause a premature trashing. Problems are exacerbated within one time zone of the Greenwich meridian and worldwide during daylight savings time changes. Ransomware does not take into account weekends, holidays, and banking hours.
  • Perpetrators may not have the sharpest grasp of exchange rates. For example, a ransom page may demand $300, but with worldwide reach, may receive $300 Canadian instead of US dollars and therefore not release the files.
  • Victims’ machines may be knocked off-line by the same problems above that affect perpetrators’ servers.
  • Victims’ drives may be so badly damaged, that recovery becomes impossible. Moreover, perpetrators may encrypt the very keys or tokens victims need to communicate with their bank.
  • Victims usually don’t possess a clear understanding of bitcoins. Some attacks require users to install modified TOR browsers to arrange payments. While these measures help perpetrators hide from authorities, victims lose time and possibly their files while trying to figure out the process.
  • Victims’ anti-virus software may belatedly catch and delete the ransomware program making recovery impossible.
  • Multiple malware infections may collectively interfere with each other. Victims may inadvertently exacerbate the problem by researching malware on the internet, triggering secondary infections that make recovery impossible.
  • Victim’s computers may reinfect themselves as drives are brought on-line.

Recovery

Clearly the odds of recovery are better with anti-ransomware programs, assuming data hasn’t been deliberately damaged beyond encryption. If at all possible, create and work from an external drive. You may find better success removing the computer’s hard drive and hooking it up to a clean computer. The idea is to keep the virus dormant while attempting to remove it and correct the damaged files.

At the end of the countdown period (typically 72 or 96 hours), some malware strains sabotage the rest of the hard drive, erasing boot tracks and directories. Marchant suggests it might be possible to turn back the clock in a PC BIOS by several hours to extend the period of analysis and recovery. For this to work, the computer must remain disconnected from the internet.

If there is an extant key, it may not reside in a remote server at all but could be buried in your machine. That can help assist programs in decryption.

Following are a few Mac and Windows resources to help in preventing and recovering from ransomware.

Be safe out there!

16 April 2016

The Man With the Golden Typewriter



by John M. Floyd


A couple weeks ago I did something unusual: I chose to ignore all the novels and short-story magazines in my towering to-be-read stack and bought a book of nonfiction. Or maybe not that unusual, since this was the third time this year that I've delved into NF. But the first two books were In the Heart of the Sea by Nathaniel Philbrick and Cities of Gold by Douglas Preston, and I knew before reading those that I would enjoy them because they were true-life adventure stories, sort of like Unbroken and The Perfect Storm. I had doubts about this one.

The book turned out to be a good choice. It's called The Man With the Golden Typewriter, a 400-page collection of letters from and to Ian Fleming. The letters begin in 1952, when he started work on his first book, and continue until his death in 1964, at the age of 56. During that time he wrote two works of nonfiction, a three-volume children's story, twelve James Bond novels, and two collections of Bond short stories. All the Bond books were created at Goldeneye, Fleming's vacation home in Jamaica. The letters, compiled by his nephew Fergus Fleming, provide a fascinating look into the working life and the personal life of a bestselling author at the peak of his success.

To me, the most interesting of the letters were those to and from his publisher, Jonathan Cape of London, and the editors and agents who worked with him on the novels. Other exchanges included those with readers and fans; with friends like Somerset Maugham, Noel Coward, and Raymond Chandler; and with film producers Cubby Broccoli and Harry Saltzman. Here are some excerpts:


To Michael Howard, editorial director at Jonathan Cape, April 22, 1953:

"In the course of the innumerable editions of Casino Royale which will now, I presume, flow from your presses, could you please correct a rather attractive misprint on page 90, line 13, and make the 'Ace of Spaces' into the 'Ace of Spades'?"

To Sir Winston Churchill (along with a gift copy of Live and Let Die), April 1, 1954 :

"It is an unashamed thriller, and its only merit is that it makes no demands on the mind of the reader."

From friend and editor William Plomer, May 31, 1954:

"Dear Ian . . . I have been through it [Moonraker] with minute care and a pencil & have applied both to your punctuation and spelling . . . you have a tendency, as the climax approaches, to increase the strain on the reader's credulity . . . Not pleased with the title. I should like Hell Is Here . . . I think you should be careful about letting your characters grunt, bark, and snarl too freely."

To actress Claudette Colbert, April 28, 1955:

"I am very sad that you will not be in Goldeneye next winter . . . I have little hope of getting out to Los Angeles this year. I was there in November and I have absolutely no excuse for another holiday unless Hollywood decides to film one of my books."

To Michael Howard (who'd just designed the cover for Diamonds Are Forever), February 14, 1956:

"Forgive the tropic scrawl. I am sitting in the shade gazing out across the Caribbean & it is heroic that I am writing at all."

To Raymond Chandler, April 17, 1956:

"Dear Ray . . . You after all write novels of suspense--if not sociological studies--whereas my books are straight pillow fantasies of the bang-bang kiss-kiss variety."

From editor Daniel George, regarding From Russia With Love, June 7, 1956:

"Similes should be used only when they are helpful . . . in the first chapter . . . you say the man's eyelids twitched suddenly like the ears of a horse. Up to that moment I'd visualized the scene perfectly. You destroyed my illusion by bringing in a horse . . ."

To Michael Howard, Feb 4, 1957:

"I have done nearly 40,000 of No. 6. . . Set near Jamaica. Called Doctor No, I think. A simple tale. It shouldn't be longer than 60, you'll be glad to hear."

To a complaining reader who knew his trains, July 19, 1957:

"Your quick eye has missed one grievous error [in From Russia With Love] pointed out by another train enthusiast. I gave the Orient Express hydraulic brakes instead of vacuum."

From William Plomer, June 28, 1958:

"My dear Ian, I have just finished Goldfinger, and it stuck to me like a limpet, or limpet-mine . . . I found the tension of the [golf] game tremendous. In fact I believe you could create extreme anxiety out of a cake-judging competition . . ."

To Plomer, March 29, 1960:

"I have just finished a giant Bond, provisionally called Thunderball . . . I have just begun correcting the first chapters. They are not too bad--it is the last twenty chapters that glaze my eyes."

To Robert Kennedy, June 20, 1962:

"Thank you very much for your charming note of June 1st . . . Over here we are all watching with fascination your gallant attempts to harass American gangsterism. If James Bond can be any help to you please let me know and I will have a word with M."

To William Plomer, regarding You Only Live Twice, September 11, 1962:

"I have no idea how Bond in Japan will turn out, but I have in mind an absolutely daft story in which Blofeld meets his match."

To Aubrey Forshaw, head of Pan Books, Ltd., May 20, 1964:

"I don't think much of Harry Saltzman's new jacket for Goldfinger. The golden girl looks like a man and there is far too much jazz about the film. Why the hell should we advertise Saltzman and Broccoli on one of my books? And on the back I see that Sean Connery gets at least twice the size type as the author."



The book is full of these little glimpses into the world of Fleming and Bond. I loved it.

If anyone's interested, here's a list of Ian Fleming's works:

Casino Royale (1953)
Live and Let Die (1954)
Moonraker (1955)
Diamonds Are Forever (1956)
From Russia With Love (1957)
Dr. No (1958)
Goldfinger (1959)
For Your Eyes Only (1960)*
Thunderball (1961)
The Spy Who Loved Me (1962)
On Her Majesty's Secret Service (1963)
You Only Live Twice (1964)
The Man With the Golden Gun (1965)
Octopussy and The Living Daylights (1966)*
The Diamond Smugglers (1957)
Thrilling Cities (1963)
Chitty-Chitty-Bang-Bang (1964-65)

*short-story collections


And here are the Bond movies, so far:

Dr. No (1962)
From Russia With Love (1963)
Goldfinger (1964)
Thunderball (1965)
You Only Live Twice (1967)
On Her Majesty's Secret Service (1969)
Diamonds Are Forever (1971)
Live and Let Die (1973)
The Man With the Golden Gun (1974)
The Spy Who Loved Me (1977)
Moonraker (1979)
For Your Eyes Only (1981)
Octopussy (1983)
Never Say Never Again (1983)
From a View to a Kill (1985)
The Living Daylights (1987)
License to Kill (1989)
GoldenEye (1995)
Tomorrow Never Dies (1997)
The World Is Not Enough (1999)
Die Another Day (2002)
Casino Royale (2006)*
Quantum of Solace (2008)
Skyfall (2012)
Spectre (2015)

*Casino Royale also appeared in 1954 as an episode of the TV drama series Climax! (Barry Nelson was Bond) and as a spy comedy in 1967.


Most readers know that Fleming picked the name of his hero from a real book called Birds of the West Indies by James Bond, but there are a Bentley-load of other interesting facts about him as well. And Fleming did actually own a gold-plated typewriter--a gift to himself for having completed his first novel.

Part of my interest in all this came from the fact that I had read all the Bond books when I was in high school--my mother made me hide them if the local minister came to visit (because, I guess, of the cover art)--and I've seen all the Bond movies, several times each. Apparently I'm not alone: In the book, Fergus Fleming says it has been estimated that one in five of the world's population has seen a James Bond film.

I now plan to re-read all the novels and re-watch all the movies, in order--I have all of them right here on my shelves--and I'm already halfway through Casino Royale. I don't have any caviar in the house or an Aston-Martin in the garage or any Turkish-and-Balkan-blend cigarettes to smoke while I read, but I do have a tux in the closet if I need it, and I try to imagine that my glass of orange juice is a medium dry martini with a thin twist of lemon peel.

And my OJ was shaken, not stirred.




15 April 2016

Lost and Found—and Tasty Too!


I've mentioned before—and often—how I was a big fan of the Nancy Drew books as a child, and while I respect and understand my colleague B.K. Stevens' frustration with them, I never experienced any of those feelings myself. I stayed—and still remain—enamored of both the character and the series. (I've even taught a Nancy Drew book in my classes at George Mason and plan on doing so again in the fall. Plenty to talk about there, which I'll likely revisit here when the time comes.)
So much of a fan was I that sometime in the late 1970s (or was it early 1980s?), I ordered a copy of The Nancy Drew Cookbook: Clues to Good Cooking, and while I can't remember the year, I do remember distinctly the moment of picking up that special order from The Book Cellar in Jacksonville, NC, and more specifically several layers of mixed emotions about it: excitement about the possibilities the book offered, since I also loved to cook (and still do); amazement at this joining together of two things I enjoyed so much; and—admittedly—a little self-consciousness about both those enthusiasms, there on the eve of my adolescence and clearly aware of how strongly each of them leaned toward "girl" stuff.

No matter. It was mine and, hesitations be damned, I loved it.

Fast forward to more recent years and to my wife Tara and I collating our respective editions of Nancy Drew on a shared shelf after we got married. Whose copy of each title was nicer? Which ones were we still missing? What to do with duplicates, and how to track down the ones we still needed?

And then: where was that cookbook that I know I had?

Despite my best efforts to go through the boxes of books I'd relocated from my parents' house to my own home, it never turned up—until a couple of weekends ago during a visit to North Carolina when I discovered some other boxes up in the attic, boxes of younger children's books, picture books, etc. Pulling those down to explore for my own son (who's now 4), I found that tucked in among that stash of books the title I thought had been lost for good.



Memory is a fickle thing, of course. Looking through the book now, I can't remember which recipes I might have made all those years ago. But I did immediately begin noting which recipes I wanted to try today. Many of them are fairly standard recipes, as you can imagine, the kind of thing I imagine might have been taught in Home Ec classes around that time; as the introduction from Carolyn Keense states, "Nancy's friends have helped with her cookbook and Hannah Gruen has lent advice. Bess likes rich foods, George the slimming ones. The boys are experts on barbecues, picnics and beach parties." Of course, all of the recipes come with clever names tying into the world of Nancy Drew. Among the ones I've got my sights on now: Hollow Oak Nest Eggs, Ski Jump Hot Chocolate, the Mapleton Milk Shake, A Keene Soup, and Missing Map Cheese Wafers. And we've already made one, which turned out simply delicious and which I decided might be worth sharing here.

The Ringmaster's Secret Chicken



4 chicken breasts
1 cup sour cream
1 tablespoon Worcestershire sauce
1/2 teaspoon red hot sauce
1/8 teaspoon garlic salt
1 1/2 teaspoons paprika
1 teaspoon salt
1 cup fine dry bread crumbs

Wash the chicken and dry with paper towels. Mix together sour cream, Worcestershire sauce, hot sauce, garlic salt, paprika, and salt. Place the chicken breasts in this mixture and leave in the refrigerator overnight to marinate.

Take the chicken out of the mixture and roll each breast in the bread crumbs. Put them in a large baking dish, arranging them in a single layer. Cover the dish and place in the refrigerator for at least 1 1/2 hours.

Heat the oven to 325°. Uncover the dish and bake the chicken for 1 hour and 15 minutes.

EXPERIMENT
Make your own bread crumbs: crush stale bread or crackers with your fingers, then sift them until you have a cup of fine crumbs.

Malice Domestic 

Two weeks from today, Malice Domestic will already be underway, as Barb Goffman previewed a couple of days ago in her own post—and congrats to her and to B.K. Stevens for being Agatha Award finalist in the short story category and to B.K. for also being a finalist for her YA novel Fighting Chance. I'm pleased that my book On the Road with Del & Louise: A Novel in Stories has been named an Agatha finalist for best first novel (the full list of finalists in all categories is here), and I'm thrilled to be appearing at several events throughout the weekend. Here's my schedule for the convention—busy busy each day!
  • Panel (as moderator): “Make It Snappy: Our Agatha Best Short Story Nominees,” with Barb Goffman, Edith Maxwell, Terrie Farley Moran, Harriette Sackler, and B.K. Stevens • Friday, April 29, 1 p.m.
  • Opening Ceremonies • Friday, April 29, 5 p.m.
  • Panel (as panelist): “New Kids On the Block: Our Agatha Best First Novel Nominees,” with Margaret Maron (moderator), Tessa Arlen, Cindy Brown, Ellen Byron, and Julianne Holmes • Saturday, April 30, 10 a.m.
  • Agatha Awards Banquet • Saturday, April 30, 7 p.m.
  • New Author Breakfast • Sunday, May 1, 7 a.m.
Looking forward to seeing old friends in a couple of weeks—and to making new ones too!

14 April 2016

If Only We Had LAWS Against This Stuff...


"If only we had LAWS against this stuff..." and other crazy statements:
Okay, a few reminders just to catch everyone up.
    Joop Bollen and then-Governor,
    current SD Senator, Mike Rounds,
    in happier days
    • Back in 2009, Joop Bollen was appointed to run EB-5 – which was a federal program designed to trade green cards to foreign investors for $500,000 a whack - by our former governor, current Senator Mike Rounds, who, when questioned recently about all of this, said, "The state of South Dakota would use different federal programs on a regular basis and you always assume that if the federal program is in place that they have a control process in place. We’re finding in some cases that that is not the case " (Mike Rounds interview).  Like when you put Joop Bollen in charge of that federal program, allowed him to privatize it in SDRC Inc., and told everyone what a great job he was doing?  (I swear to God, you can't make this stuff up... Sadly...)  
    • There's still as much as $120 million missing from the EB-5 program. 
    • For two years, the only person held responsible for any missing funds was Richard Benda, who according to our fearless AG shot himself in the stomach with a shotgun in a field because he'd embezzled $500,000.  
    AND NOW FOR THE LATEST !!!  HEADLINE NEWS !!!

    Image result for eb-5 south dakotaFirst of all, our own Attorney General, Marty ("I'm going to be running for governor in 2018, so I need to get something on paper") Jackley has FINALLY indicted Joop Bollen on five felony counts of violating SDCL 44-1-2, “unauthorized disposal of personal property subject to security interest.” In other words, Bollen used EB-5 money, transferred to his own private corporation, SDRC Inc., for his own personal purchases.   $300,000 here, $96,000 there, to a total of about $1.2 million. He sent some to Pyush Patel of Griffin, Georgia (who owns gas stations and has been participating in Bollen's corporation creationism since 2005), some Bollen just pocketed, and some (and this is my favorite part) Bollen spent on Egyptian artifacts from Christie's and the Harer Family Trust.

    NOTE: Bollen, through his lawyers, claims he's being scapegoated.  Mr. Bollen is also free on an unsecured $2,500 bond. (That should make you spit your coffee out in shock:  let's face facts, you'd have to post a lot more money than that if you'd just robbed a casino and gotten only $200 bucks.)

    NOTE WITH FACEPALM:  Nor has the Dutch born and raised Bollen been asked to surrender his passport.  Jackley said that “at this point” he “did not have concern” about the passport, “as long as we’re made aware of certain travel,” since Bollen has “significant ties financially to this community.” (Bollen Initial Appearance - dakotafreepress.com - once again, thanks Cory Heidelberger for GREAT coverage!)  Again, you'd have a rougher time of it if you'd robbed a casino and gotten only $200 bucks...

    And here's the best part: Right now our fearless AG Jackley - who, as I said, for 2 years has blamed Richard Benda for any and all EB-5 problems - is now blaming the whole mess on (drum roll, please!) a lack of tough laws making conflict of interest a felony! Personally, I would have thought that our laws making embezzlement, fraud, etc., felonies would have been enough, but apparently not.  We need more.  So it's really all the South Dakota legislature's fault...

    Oh, and one quick note about the Gear Up! scandal (6 people dead and counting) and the missing Westerhuis safe (The Chinese Are Coming). “I don’t know where that safe is at,” Jackley said. “I don’t know if it burned in the fire or if Scott Westerhuis took it out and threw it in the Missouri River.” (Jackley Conspiracy Theories, Argus Leader)  Feel free to insert obvious questions here:

     __________________________________________________________________________

    US District Attorney Marty Jackley.png
    Marty Jackley
    Meanwhile, Mr. Jackley, having apparently solved everything about EB-5 and Gear Up! (except that pesky $118.5 million in EB-5 money, the pesky $4 million in Gear Up! money, and the pesky missing Westerhuis safe), is far more interested in investigating the destruction of the Flandreau Santee Sioux Tribe's marijuana crop in November (some of the burning was shown on television) after the tribe suspended plans to legalize marijuana on its reservation.
    "I don’t think for a minute that they destroyed $1 million worth of marijuana. I don’t know where that went and it’s an open case. We never shut that case," Jackley said in an interview with Argus Leader Media. “We never got an opportunity to check what was destroyed." (Up in Smoke?)  

    Priorities, priorities...

    And now, repeat after me: "Life is always going to be stranger than fiction, because fiction has to be convincing, and life doesn't." Author Neil Gaiman.

    Will keep you posted, from South Dakota, where we talk like Mayberry, act like Goodfellas, and the crazy just keeps on coming.

     

    13 April 2016

    Nights in Berlin


    NIGHTS IN BERLIN is the fourth of Janice Law's period mysteries featuring the painter Francis Bacon. The first book takes place during the Second World War, and the next two follow chronologically, but NIGHTS IN BERLIN takes us back to Weimar Germany in the 1920's, when Francis is only a teenager - although far from innocent - some years before he begins his art career.
    Berlin, in the Weimar era, has a reputation for being wide open. "Life is a cabaret, old chum - " and you better believe it. Francis is sent off in the care of his uncle Lastings, in hopes Lastings will make a man of him, Francis being more than a little gay, but uncle favors a bit of rough, himself. He's also a scoundrel, working the black market, with a sideline as an informer, which turns out to be the part that proves dicey. Lastings is selling secrets to the highest bidder.  

    In the event, uncle takes it on the lam and leaves Francis to his own devices. Playing fast and louche, Francis lands a job as a hatcheck girl at a drag bar. It's good cover when British Intelligence recruits him - blackmails him, in point of fact - because Uncle Lastings was freelancing for them. Berlin is in political ferment, with Bolsheviks, Freikorps thugs, SA brownshirts (Goebbels just arrived as Nazi party gauleiter), Prussian reactionaries, all stalking each other with violent and criminal results.

    Francis is an entertaining guide to these wilder nooks and crannies, his voice alternating between the knowing aside and his native provincialism. There's something to the story of a Boy's Own Adventure, reminiscent of John Buchan, say, or Erskine Childers' RIDDLE OF THE SANDS. I think partly this is the age between the wars, revanchist, tribal hatreds boiling to the surface, but no real sense of the cataclysm about to swallow the Old World entire. It's also a function of our hero's age. Francis is old and wiser, and sadder, in the first three books of the series, whether London or Tangier or the Cote d'Azur, whereas turning the clock back, we see a previous, vanished Berlin, and through a younger pair of eyes. What contributes further to this is an avoidance of historical ironies. Hitler doesn't get a walk-on, or Sally Bowles, either. NIGHTS IN BERLIN is very much of the moment, as Francis inhabits it, and that lends it a sort of wandering air, the kid a little too much in pursuit of sensation for his own good.

    The politics are really a side issue. The story is how the experience imprints on Francis. What did he learn? he writes to ask his former nanny. That the most unlikely people can teach us odd and useful things. And with this in mind, he's off to Paris at the end of the book. Both enterprising and alarmingly fey, in some respects, Francis seems like something of a blank slate, yet to be written on. In other words, we're still in the opening pages. The rest are empty. Francis will grow into himself. As the world itself will, passing into the savage 1930's, and then the war years. Pages yet to be written.





    I jumped at the chance to read NIGHTS IN BERLIN. Janice had me at the title. I'm crazy about the premise, and the period, of course. I've lived in Berlin, I've read up on it quite a lot, I've written about it myself. I also recently discovered Philip Kerr's fabulous series of historicals, with the wartime German homicide cop Bernie Gunther. There's something endlessly fascinating to me about the city in the past century, with its many changes of clothing, Weimar, the Nazis, Occupation and the Cold War. I think if Berlin didn't actually exist, we'd have to invent it, as a metaphor, and for the purposes of fiction.