CAREFREE TRUTH

 

Letters from Readers & Events: 4/9/14

Part #1

Letters_from_Readers_%26_Events.html

(Lyn's note: Please feel free to send us any pictures you'd like included.  If your photos are for sale, let us know and we will put them under that category.  We have a special section for that purpose, and have just added some art as well.  Check out Tom Baker's photos for sale.  He's the photographer who took that gorgeous photo in the Carefree Gardens Photo Contest that was both the judges' first pick and the public favorite.  It's now featured on the Town of Carefree website, and will be the cover of the 2014 Gardens calendar that will be for sale later this summer at Carefree Town Hall.  If anyone would like to buy a print of any of Herbert's photos, all profits will be donated to one of the local non-profit organizations.)  Here's the link to this week's Pictures of the Week.

http://carefreetruth.com/Carefree_Truth/Photos_4-14-14.html

 

 

 

 

(Lyn's note:  I was driving on Tom Darlington on Friday and saw the new red light at the crosswalk.  It was very evident, and two cars were stopped to let pedestrians cross.  It seems to be a good solution.) 

 

 

Hi Lyn.  Well done on the write up with great photos and your comments before Council.  We’ll be heading over to the Carefree Bistro this weekend.  I spoke with the Carefree Bistro yesterday and was told that they will be open for lunch beginning sometime next week.  They are a welcome addition to our Town.

Best regards,

John Crane

 

 

Oh, it is wonderful.  I love it!  Thank you so much! :)

Eunice Bektas

(Lyn's note: Eunice and her husband are the owners of Carefree Bistro.)

 

 

 

Nice comments, Lyn.  They deserve it. 

Patty Schiano

 

 

 

Lyn, I watched the video and your comments. You are just a delightful person.

Joe Corpora

 

Good one!!!

David Schwan

 

Lyn,

Thanks for the shout out for Venues. You are always so supportive.

Catherine

(Lyn's note: Catherine, your onion rings are fabulous!)

 

 

ONION RINGS?????   My favorite thing, after strawberry ice cream.

Sara Vannucci

 

 

The following exchange began when I sent out Herbert's video of the

Carefree Gardens & Town Hall at night, decorated for Christmas 2013, to a few people.  He had originally published it to YouTube, but recently opened a Vimeo account.  Vimeo allows videos to be published in high definition, which makes a tremendous difference in the quality.  Click on the short video.  It's gorgeous.

https://vimeo.com/90708023

 

I got this back from Arthur Gimson:   

Lyn:

I forwarded your e-mail to a friend of mine who was the City Manager for the city of Troy, Michigan, which is the home of several Fortune 500 companies.

Arthur

 

Huuumph! Humbug. Spendthrifts at work. Must have cost a lot of money to be this impressive. FG

  

FYI…the Desert Gardens were a gift, donated by a nearby landscape company, estimated value $1 million.  The hardscape was installed, little by little over time.  There are some specimens of plants that are not found at the Phoenix Desert Botanical Gardens.  The Christmas lights are installed by the Town’s public works department with help from some volunteers.

By the way, the Town of Carefree has no property tax, has a fair amount of money in their reserves (it was $4 million when I last saw some numbers) and operates with a staff of 15.  Fire Department services are under contract with Rural Metro and the Town pays for a rent-a-cop through the Maricopa County Sheriff’s office (Joe Arpaio).

 

Good! Glad to hear the Gov't has a handle on reality. Best wishes, Frank

(Lyn's note: Desert Foothills Landscape donated our beautiful Carefree Gardens.  The primary volunteer who does the Christmas decorations each year is Councilman Glenn Miller.  Fountain Hills pays a company $70,000 to do their decorations, and they are not as nice as Carefree's, courtesy of our Public Works Department and volunteers like Councilman Miller.  Thanks for all you do, guys!)

 

(Lyn's note: The article below was submitted by one of our readers who for years worked at IBM.  This could explain the massive spam bombs I've been getting for the past 2 days.  Several others I know have been getting them too.) 

Major bug called ‘Heartbleed’ exposes Internet data

BY LINDSEY BEVER


April 9 at 12:30 am


A newly discovered security bug nicknamed Heartbleed has exposed millions of usernames, passwords and reportedly credit card numbers — a major problem that hackers could have exploited during the more than two years it went undetected.

It’s unlike most of the breaches reported over the past few years, in which one Web site or another got hacked or let its guard down. The flaw this time is in code designed to keep servers secure — tens of thousands of servers on which data is stored for thousands of sites.

That’s why some experts were calling Heartbleed the worst bug yet, something that should worry everyone who frequents the Internet or does business on it.

It’s as if someone went on vacation not knowing the lock on the front door was broken. Could someone walk in? Yes. Will they? Did they? Who knows.

Codenomicon, the Finnish security firm that helped discover the bug offered a chilling illustration of its danger:

We have tested some of our own services from attacker’s perspective. We attacked ourselves from outside, without leaving a trace. Without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication.

While companies were scrambling to implement a fix this week, nobody seemed to know whether any damage had been done.

(For more, see “Heartbleed: What you should know” in the Morning Mix)
The bug was found in a type of software called OpenSSL, which is used on servers to encrypt sensitive information to protect people’s privacy. At least 500,000 servers were reportedly vulnerable.
“You should care about this because — whether you realize it or not — a hell of a lot of the security infrastructure you rely on is dependent in some way on OpenSSL,” Matthew Green, a cryptographer and research professor at Johns Hopkins University, said on his blog. “This includes many of the websites that store your personal information. And for better or for worse, industry’s reliance on OpenSSL is only increasing.”
Through the security flaw, which is said to be one of the most serious uncovered in recent years, Heartbleed can access the contents of a server’s memory where private data is stored.
“Once an attacker has a website’s encryption keys, anything is fair game,” wrote Jill Scharr at Yahoo Tech. “Instead of slipping through a proverbial crack in the wall, he can now walk in and out the front door.”
A fix was circulated, but it was unclear how quickly and widely it was being implemented. Conflicting advice was given to consumers by Web sites and technology writers, some advising people to change usernames and passwords and others saying that such changes would be a big mistake.
“If a website is vulnerable, I could see things like your password, banking information and healthcare data, which you were under the impression you were sending securely to your website,” Michael Coates, director of product security for Shape Security, toldReuters.
It also means hackers can get copies of a server’s digital keys, and then use those keys to impersonate servers or to decrypt communications.
Experts were deeply worried about the bug, as Greg Kumparak wrote at TechCrunch:
When all the net security people you know are freaking out, it’s probably an okay time to worry. This afternoon, many of the net security people I know are freaking out. A very serious bug in OpenSSL — a cryptographic library that is used to secure a very, very large percentage of the Internet’s traffic — has just been discovered and publicly disclosed.
Very, very sensitive data often sits in a server’s system memory, including the keys it uses to encrypt and decrypt communication (read: usernames, passwords, credit cards, etc.) This means an attacker could quite feasibly get a server to spit out its secret keys, allowing them to read to any communication that they intercept like it wasn’t encrypted it all. Armed with those keys, an attacker could also impersonate an otherwise secure site/server in a way that would fool many of your browser’s built-in security checks.
Codenomicon created a Web site to answer questions about the bug, though the site might be too technical for some readers. Several sites devoted to technology published questions and answers for consumers, among them LifeHacker.
Researchers with Google and Codenomicon discovered the vulnerability. That prompted the Department of Homeland Security (DHS) to warn businesses of the problem on Tuesday and advise them to review their servers to see if they were using an infected version of OpenSSL.
In an alert issued Tuesday, DHS said the bug “could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys. … This may allow attackers to decrypt traffic or perform other attacks.”
Codenomicon said most Web users “are likely to be affected either directly or indirectly” because OpenSSL “is the most popular open source cryptographic library. … Your popular social site, your company’s site, commerce site, hobby site, site you install software from or even sites run by your government might be using vulnerable OpenSSL,” the company said.



Click here for part #2