Changes coming to CHL-TX.COM

Even though I have more than 30 years experience as a programmer, I am fairly new to web programming (after all, from my perspective, the Web is fairly new). That, and a severe lack of available time has led me to finally get some programming help on this website. Sometime next week, I will have the first cut at a real, automated registration process, which I expect will allow me to reclaim a substantial amount of the time that I have been using to process registrations by hand (with the occasional embarrassing error).

Since I am a programmer, I will be maintaining and expanding the site myself (mostly). Another thing that I plan to do fairly soon is replace the funky blue default Wordpress template with something a bit more appealing — and readable. The only holdup at this point is finding one I like well enough to pay money for.

I also plan to give this blog a bit more focus than I have in the past. So far, I have been writing about whatever happened to be on my mind at the time, and the result has not been very consistent. I will be planning my posts around the following subjects:

1) Recent changes in Texas law, and implications on concealed carry
2) Book reviews on gun-related subjects (I read a lot, but I will be starting another separate blog for general book reviews on non-gun topics)
3) Tips and techniques related to concealed carry
4) Occasional snippets from my CHL and NRA courses
5) Answers to any questions that I have gotten from my CHL students that I had to research. If I had to go to DPS legal to get an answer, chances are that others can benefit from what I learned.

One thing I do NOT plan to cover, even though I am heavily opinionated on the subject, is politics. The blogosphere already has more than enough political pundits. I will, however, add some of my favorites to my blog roll.

I haven’t decided how often I want to post, but I think I will try for at least once per week, probably on Wednesdays, which is currently my least-cluttered day (I brought my laptop with me so I could post at lunch today, but the real reason is that I expected my Saturday CHL class to completely sell out today, which it did, and I wanted to be able to update my website when that happened).

Another item on my plate is working out a co-teach arrangement. So far, I have two prospects for co-teaching. One is my brother Thomas, who has recently retired from the Austin Fire Department, and the other is Mike Teaff, who has assisted me in the past with range testing. Co-teaching would have several benefits, including enabling me to handle more classes, give students more than one perspective, and make it much easier to organize and manage each class. If you are a qualified CHL (and/or NRA) instructor, and you would be interested in a co-teach arrangement, please drop me a line.

Phishing and social engineering

My ‘little’ brother (also a CHL Instructor) has been collecting and investigating phishing and related scam emails lately. Here is one of the ‘better’ ones, employing some fairly sophisticated social engineering:

From: REGIONS [email deleted to protect the clueless]
Date: Sat, Feb 6, 2010 at 4:39 PM
Subject: REGIONS INTERNET BANKING
To:  [deleted: one of my little brother's emails]

REGIONS INTERNET BANKING

Dear Customer

Attention! We have just upgraded our online portal.

Please click the link below and enter your account information.

You have 12 hours to confirm account information or your account will be blocked.

To Get Started, Please Click On Restore Your Regions Account Access.
Please visit [url deleted to protect the clueless]

Regions provides individual investors with sound financial advice  whether from your local branch or our expert investment services.

Thank you for using Regions Online Banking.

Equal Housing Lender (c) 2010 Regions Financial Corp. All rights reserved.

The website is fairly well-designed, too. It looks like a true banking site and uses the premise that your account will be shut down if you do not sign in.

If you examine the links on the page, you will see that they all forward to the page you are already looking at. It points out that,”if you have not checked your account since July14th, your account must be updated”. Then it gives you a place to put your username and password. If you don’t know your password, you can enter you secret answer(s) to your secret question(s) [generally: your place of birth, your mother's maiden name, your father's middle name, or the name of you favorite pet]. If that does not work for you, then it allows you to enter another site that will allow you to use your credit card, SSN, and some other information to re-access your Regions Banking Account.

Most people only have one or two usernames and passwords that they use for all secure sites. Entering them in the first page will send these to the scammer. Next, if you go to the page to answer the secret questions, that gives them the information that most people don’t bother to think about being secure. Then, you are sent to a page that allows you to use your credit card, SSN, and other info to finally get ‘access’ to your account. It doesn’t really even matter if you don’t have a Regions account (I don’t); the scammer now has everything it needs to implement a successful identity theft.

According to Little bro’, this is the sort of scam his ex-wife would definitely fall for. Every. Time. (He didn’t say which ex, but I can guess )

BTW, here’s my way of dealing with passwords. I use PWGen (a free, open-source password generator available through SourceForge). I generate the longest, most secure password that a particular website will accept, and then store the result in a spreadsheet, which I have encrypted with a passphrase that I don’t use anywhere else. There is also a free, open-source program called KeePass, which does something very similar, but I’ve found that the spreadsheet approach works a bit better for me, because I add a column to record the last date each password was last changed — and I change them on a regular schedule.

Video is the new ‘net cancer

I have had some semi-serious interest in internet marketing for some time now, although I have been thoroughly turned off by MLM and other obvious scams targeted to the innumerati. I subscribe to a number of IM newsletters, and I have observed a disturbing trend that has popped up and spread like a metastasizing cancer all over the web. That cancer is Video. More and more email newsletters consist solely of a link to a site that has little other than an embedded video. I’m guessing this is the logical response to the desires of the short-attention-span generation.

One of the things that internet marketers try to do is arrange things so that whatever they are offering takes up so much of your time that you don’t have any left to spend with the competition. Video accomplishes this very effectively. With video, you basically have to take the time to watch/listen at the speed of the spoken word (generally less than 100 words/minute). Worse, I have started seeing video posted using technology that prevents you from being able to download for later watching. Such a time commitment also appears to make customers more loyal (“I have all this time invested in this program, I have to continue to get my money’s worth”). With only a few exceptions, the videos that I have seen lately have an order or magnitude or less information per unit time than the written word, and the pictures are usually worth much less than a thousand words each (they are usually powerpoint slides or something equally banal). It seems that video has become an information sink instead of a source.

I can read the written word at about 10-20 times  the rate that information is presented in a video. And I’m finding that ‘information’ presented via an internet video invariably consists of vapid ‘testimonials’ and so-called “social proof”, and I’m frustrated that I can’t just skim through and read the conclusion (which boosts the effective reading rate to well over 10,000 words/minute). But no matter, the ‘conclusion’ is always “sign up and send money”. And the ‘product’ is more and more geared towards ‘duplicating’ the process of selling ‘information’ about how to make money on the internet.

I have been unsubscribing from newsletters (and RSS feeds) with links to videos, with a few exceptions. For instance, USCCA generally does a good job of producing short videos that illustrate techniques that would be difficult to describe using just the written word. But then, I pay for the USCCA newsletter, and I decided to do so after seeing that they used video in a manner that enhances the presentation instead of just lengthening it.

I’ve pretty much made up my mind that the “pay me $ to learn how I make $ on the internet” is 100% scam, and I have been very careful to avoid that ‘business’ model. I really want to sell something that will add value to my customers’ lives. BTW, I do not have an affiliate relationship with USCCA (hence no link in this post; you will have to look them up on your own), although I may consider one in the future. I’m just a satisfied (for now) customer, and a bit jealous that I didn’t come up with something like that first.

Independence Day Parade in Plano

Now that I’m no longer president of the Plano Early Lions Club (http://www.planolions.org), I should have a little more time for other things — including being more active in some projects that I had to delegate to others last year.

One item I really look forward to is passing along the button that says “Everything’s my fault this year!” to Lion Gordon Settle when I see him on Friday. I’ve already reassigned the president@planolions.org email address to him. Lion Gordon is a real go-getter, and I will be working to make his presidential year better than mine was.

The next big thing coming up is the Independence Day Parade, which is hosted by the PELC each year. This will be the 3rd year since we took it on. Unfortunately, the economy has hit us hard, too — so the parade will be somewhat smaller this year.

Which may not be entirely a bad thing. Saturday is likely to be really warm, and it will be good to be done before the heat of the day gets really out of hand. If you are planning to come out to watch it, be sure to cover up with sunscreen, bring plenty of water, and wear a brimmed hat!

CPR and First Aid

I now have an up-to-date CPR card good for two years; I took the CPR refresher course yesterday, and also took the basic first aid course. I’m thinking of becoming an instructor for that, but there is a substantial cost-of-entry barrier, so I’ll just think about it for a while.

The cost of getting CPR training is not very much, and the time to do the training, along with basic first aid, is about 3.5 to 4 hours. It’s a good skill to have — especially if you are ever involved in a deadly force incident. Stopping to render aid to the low-life that you just stopped from murdering you makes it a lot harder to make you look like a villain on the witness stand. Always remember that carrying a gun is NOT politically correct, and about half of the population does not believe that you really have the right to own a gun, much less carry one.

And there is always the possibility that you might be able to help somebody you care about, too.

Starting a new blog

I have tried posting book reviews before (a couple of years ago), but I was doing it by hand in HTML, and it got so tedious that I eventually gave up. Now that blogging is all the rage, I thought I would try using blogging software to do my book reviews, and cover some of the books that I have read that I found useful as background material in my CHL courses, particularly in the “Non-Violent Conflict Resolution” portion of the course that was mandated by the Texas state legislature. While the “Non-Violent Conflict Resolution” portion of the course is probably not all that useful for the purpose envisioned by our state legislature (it can be used to prevent a potential conflict situation from getting out of hand, but it probably won’t help much in a life-threatening situation), I have found related material that is definitely useful for other real-life situations such as managing employees, selling stuff, or improving your relationships with people you care about. Or even seducing a member of the opposite sex (not covered in my CHL course; it’s an exercise left to the student…).

I will also be posting about my experiences as a Texas CHL instructor, but the main thrust of this blog is intended to be reviews of books, magazines, and other articles that are relevant to the CHL holder.

One of the features of blogging software is that others can comment on my entries. It will be interesting to see how that turns out. I have been warned that most ‘comments’ are likely to be blogspam, so I will be at least initially requiring all commenters to register, and I will be manually moderating comments at least at first — provided I actually get any. Unfortunately, this means that it may be several hours before your comment appears. Once you have a comment approved, I will enable subsequent comments to be entered without moderation.