• Home
  • Blog
  • Media
  • Contact Me
  • Newsletter
  • Bowlings Abroad
  • Nerd Farmer Podcast
  • Teaching Civil Liberties
  • Supporting Undocumented Students
Menu

Nate Bowling: American Teacher Abroad

Street Address
City, State, Zip
Phone Number

Your Custom Text Here

Nate Bowling: American Teacher Abroad

  • Home
  • Blog
  • Media
  • Contact Me
  • Newsletter
  • Bowlings Abroad
  • Nerd Farmer Podcast
  • Teaching Civil Liberties
  • Supporting Undocumented Students

Beloved, Use a Password Locker but Make Sure it's Not LastPass

March 26, 2023 Nathan Bowling

I use a password locker and think you should too but there's one provider you should avoid because they seem to have lost the plot

In a recent newsletter, I wrote about online security and password lockers. Password lockers allow you to create longer, randomized passwords that are more secure than whatever you’re likely to come up with and memorize. The locker then stores them in an encrypted file on your device. 

I spent most of Wednesday evening going through the annoying but important process of migrating my passwords off one of those lockers, LastPass. It’s a long story but I think it’s one worth sharing with you.

I started using LastPass in 2016. The service had its ups & downs. At one point, I paid for the premium version but they moved to a pricier monthly sub model and I slid back down to the free tier. The company provides an important service, but they’ve had an extremely rough run of things as of late that I think is worth detailing.

On August 25, 2022 LastPass detected "unauthorized" access to their servers. In their press statement about the incident, they buried this bit of terrible news in paragraph five:

“The threat actor was also able to copy a backup of customer vault data from the encrypted storage container which is stored in a proprietary binary format that contains both unencrypted data, such as website URLs, as well as fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data.

I am far from an expert in this area—that seems bad though. But it was really just the beginning. They followed that up with an announcement on September 15 about a subsequent breach that read roughly “Yeah, we were breached but your data and passwords are safe. Trust us.”

Then on November 30, they released a statement saying, “we have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information… We are working diligently to understand the scope of the incident and identify what specific information has been accessed.” 

This was followed by two other company statements encouraging customers to “stay vigilant” and follow “security best practices,” advice the company clearly should have been taking themselves. 

In January, the wheels started falling off the wagon as the company started to drip, drip more news about the access hackers were able to get.

On January 3, a John Doe filed a class action lawsuit on behalf of LastPass users over “failure to exercise reasonable care in securing and safeguarding highly sensitive consumer data in connection with a massive, months-long data breach.” This is when it finally hit me. They hadn’t been breached in August as an isolated incident. The hackers had ongoing access to LastPass’ servers for months. 

On January 23, LastPass admitted, “we also have evidence that a threat actor exfiltrated an encryption key for a portion of the encrypted backups.” Also on January 23, they reported, “the threat actor then exported the native corporate vault entries and content of shared folders, which contained encrypted secure notes with access and decryption keys needed to access the AWS S3 LastPass production backups.”

Again, I’m no expert in cyber security but you don’t have to be one to see where this is going. Hackers attacked LastPass and the company’s security infrastructure utterly failed. This is when I started exploring alternatives and talking about the issue on the Channel 253 Member Slack.

Then on March 10, Matthew Gault from Vice posted an episode of their Cyber podcast titled LastPass Isn’t Safe and Your Hiking App May be Tracking You. In that episode, Gault quoted Joseph Cox who summarized the situation succinctly:

“​​The hacker against LastPass was resourceful and persistent, but also that LastPass was not treating its own crown jewels with the serious security practices it should have. A LastPass engineer was accessing critical services from their home computer and network. LastPass had difficulty distinguishing between the activity of the worker and that of the hacker. The sensitive information—in this case, customers’ password vaults that need the user’s master password to decrypt, but could theoretically be brute forced at some point—were stored less in a bank vault and more in a closet.”

That was the last straw for me. The situation is clear: responsible internet users that have concerns about their security and privacy should use randomized passwords and password lockers but those lockers should absolutely not be on LastPass. They simply can't be trusted. 

This week I deleted my locker on LastPass and moved to a different service provider. In doing so, I changed my master password and will slowly change my passwords on essential services like banking and investment apps. This is a time suck for sure, but it sucks way less than finding my accounts drained or my zombie Twitter account got hacked and is promoting some crappy NFT project.

In Personal Tags Cyber Security, LastPass

The Already Forgotten War

March 19, 2023 Nathan Bowling

Tomorrow will mark the twentieth anniversary of the Iraq invasion, a competitor with the opioid crisis, Hurricane Katrina, and the 2008 financial crisis for defining event of our lifetimes. An estimated 200,000 Iraqis, 4500 US soldiers, and an additional 3000 military contractors lost their lives in Iraq

I am not the first member of my family to spend time in the Gulf. 

In 1991, when I was in seventh grade, my mom’s Army Reserve Unit, the 50th General Hospital, was activated for the first time since the Normandy landing. She was deployed to Saudi Arabia as a part of Operation Desert Shield to provide medical care in support of what would become the first of two US military invasions of Iraq. 

Military service is a tradition in my family. My father was a Warrant Officer in the Army and this was his route to the PNW. My brother was in the Army. My uncle was an Airmen, my step-father was drafted into the Army and wounded in the Vietnam War. I split the difference between my uncle and my mother and I enlisted in the US Air Force Reserves after high school. It felt like what I was supposed to do and I figured it would help pay for college. I enjoyed my time in the military. It gave me my first taste of travel—much of it in Texas.

But by mid-2002 the terrain changed. I publicly opposed the impending war in Iraq and my commentary about the war made for awkward situations during the waning days of my enlistment. I remember reading Norman Soloman’s Target Iraq and trying to explain the ways public opinion was being shaped in support of the war. I remember reading a PDF copy of Chomsky’s What Uncle Sam Really Wants and giving people highlighted copies of excerpts of the text. In 2003, I decided not to reenlist. I had become more a “college kid” than an “Airman”—those two aspects of my life having been at tension for years.

As the war went on, I remember being enraged listening to pols & pundits say “no one knew…” or “who could have foreseen…” as body counts soared and the nation soured on the war. It’s odd how clear those memories from twenty years ago are in my head because it seems like we’ve collectively forgotten about the Iraq War. 

The Iraq invasion was based on false premises from the jump.  The war was catastrophic, costing the lives of hundreds of thousands of Iraqis, wasting an estimated 2.4 trillion USD ($2,400,000,000,000) dollars of taxpayer money, and destabilizing much of the region. The war undermined American legitimacy in the region. It created a power vacuum that allowed extremist groups like ISIS to rise and allowed Iran to make the new government in Iraq another of its client states. The war inspired the largest protests in human history, damaging America's reputation and credibility with its allies. 

The Iraq invasion was a disastrous decision, a bipartisan blunder that passed  77-23 in the US Senate. All but the Ron Paul brand of Republicans were champions of the war and nearly 60% of Congressional Democrats supported it. My own Senator Maria Cantwell voted for it; 2016 Democratic Nominee, Hillary Clinton voted for it; Joe Biden voted for it, calling it “not a rush to war but a march to peace and stability.” But no one in the US political establishment ever faced any consequences for this failure. The cost was paid by the people of Iraq and the 7,000 US servicemembers and military contractors who died in the conflict. 

For my older students, the invasion is like Watergate is for people my age: a formative event with lasting repercussions that happened before I was born, like a memory belonging to someone else.

The Iraq War was the moment I learned America is allergic to holding people in power accountable. We saw this again during the 2008 crisis, poor Covid pandemic management, and are seeing it again with the current bank liquidity crisis. This allergy is arguably the defining characteristic of America’s political culture.

In Society, Politics Tags Iraq War

Cormac McCarthy and SA Cosby Are Masters of their Craft

March 12, 2023 Nathan Bowling

Blood Meridian is a book about the worst people possible, doing the worst things possible, along what we now call the US/Mexico border | Photo by Lisa Yount on Unsplash

We don’t know much about Cormac McCarthy. The 89 year-old is a recluse, residing near Santa Fe. His role in the culture relative to his presence in it are in inverse proportion. A while back, a Twitter account popped up purporting to be McCarthy. His publisher quickly explained it was fake because McCarthy doesn’t own a computer.  

We also don’t know much about McCarthy’s politics but the hints we get indicate he’s a Western traditionalist conservative. Sometimes his characters give us a glimpse of his worldview. Both Ed Tom Bell and the El Paso Sheriff from No Country for Old Men seem to be avatars for McCarthy, bemoaning the changing culture and the death of the world they knew and had once mastered.

McCarthy writes his novels and correspondence on a typewriter from 1958 and I swear I read somewhere that he built his house by hand. The dude is just different. McCarthy published Blood Meridian in 1985. He had been writing for at least twenty years by then but the grump didn’t do his first TV interview until Oprah made The Road one of her book club selections in 2007.  

Blood Meridian is arguably his most acclaimed work. It’s a laughably simple story. A group of marauding American mercenaries ride through the West killing, robbing, scalping, and assaulting Comanche and Apache Natives at the behest of the Mexican government. But their spree begins to include killing everyone in sight. They’re called the Glanton Gang, but their true leader is an unaging, grotesque, deeply philosophical, sadist, named the “the Judge,” who spends much of the book naked. He’s like Baron Harkonnen but in 1850. If you’re a remotely normal person, at this point you likely have some questions. 

The plot of the book is limited but what’s notable is the prose. McCarthy writes with a compelling locomotion despite the frequent deployment of slurs by his characters, constantly referring to natives as “savages,” and anyone darker than an albino as the n-word. This is a passage I dog-eared:

What is true of one man, said the judge, is true of many. The people who once lived here are called the Anasazi. The old ones. They quit these parts, routed by drought or disease or by wandering bands of marauders, quit these parts ages since and of them there is no memory. They are rumors and ghosts in this land and they are much revered. The tools, the art, the building — these things stand in judgement on the latter races. Yet there is nothing for them to grapple with. The old ones are gone like phantoms and the savages wander these canyons to the sound of an ancient laughter. In their crude huts they crouch in darkness and listen to the fear seeping out of the rock. All progressions from a higher to a lower order are marked by ruins and mystery and a residue of nameless rage. So. Here are the dead fathers. Their spirit is entombed in the stone. It lies upon the land with the same weight and the same ubiquity. For whoever makes a shelter of reeds and hides has joined his spirit to the common destiny of creatures and he will subside back into the primal mud with scarcely a cry. But who builds in stone seeks to alter the structure of the universe and so it was with these masons however primitive their works may seem to us.

None spoke. The judge sat half naked and sweating for all the night was cool. 

As I said, the story is not remarkable but the writing is. At times, I found myself asking why am I reading this, then coming across a passage like that and saying to myself “oh yeah, that’s why.”  

McCarthy released a new book last year called The Passenger. I tried it but didn’t finish it.  After reading Blood Meridian, I plan to return to it. 

Y’all Gotta Read this Man SA Cosby

SA Cosby is writing the best southern noir books in the game right now

As I’ve discussed prior, I am on a spree of crime and southern noir novels. It’s the genre of Elmore Leonard, sometimes McCarthy, and as of late the giant of the genre, SA Cosby. His forthcoming book is called All Sinners Bleed.  It’s his fourth novel; the first three: Razorblade Tears, Blacktop Wasteland, and My Darkest Prayer are all highly recommended. He writes with an authentic Black voice in a genre often rife with preposterous Black characters and clownish dialogue. 

The Obama Administration’s inability to deliver meaningful policy on matters of racial justice showed us the limits of representation as a force in politics. But representation and cultural competence in the subjects you’re writing are a must in works of fiction.  I’ve read far too many books and watched too many series with poorly written Black characters. They ruin otherwise wonderful novels and make me turn off  shows I otherwise enjoyed. There’s no universal Black experience but inauthenticity and a writers’ room that looks like Augsuta National leap off the page. The “Magical Negro” and the “Black bestfried as moral compass” are among the most tired tropes but there are legions of others. 

I pre-ordered All Sinners Bleed for its June release. I don’t think I’ve ever pre-ordered a book in my whole Blackity-black life but his writing is that good. 

I also mention Cosby here because his name came up in a recent episode of the podcast. I was chatting with Eil Cranor, an Arkansas based writer who also writes in the genre. I asked him who he reads or whose work he admires. The first name he mentioned was Cosby and we shared our mutual love for his work. Cranor is no slouch himself. His debut novel Don’t Know Tough is a slow burn that morphs into a page turner about a hard headed star football player named Billy Lowe and all the trouble that befalls him. I think both the book and my conversation with Cranor are worth your time.



In Culture Tags Cormac McCarthy, SA Cosby, Books, Southern Noir
← Newer Posts Older Posts →

POWERED BY SQUARESPACE