Operation: Red Flag

President-elect Trump has started naming his potential appointees and, if you’re a thinking man with a half a brain, they’re terrifying.  It’s like a clown car opened up behind the White House and he’s just taking them in the order they’re getting out.  The one that this missive touches on is his CIA appointee who has stated that using encryption “may itself be a red flag.”  Seriously, Mr. Pompeo?  Or, using encryption is because those of us using it prefer to keep the government out of our business as our founding fathers intended and not this Orwellian ridiculousness we’re being asked to pretend is the new normal.  Hell no.  Using encryption doesn’t make me a terrorist any more than buying Sudaphed makes me a criminal drug user.

 Clipart - Waving Red Flag

So, without further ado, may I present my plan.  Well, less of a plan and more of an idea that I hope takes off because….well…screw Mr. Pompeo. 

red flagRed Flags | Baer Law Firm

Basic Network Connection


Basically, if you’re running internet from Time Warner, Comcast or any of the large providers, you’re compromised.  Sorry – it’s just how it is.  Thankfully, there are things you can do about this.  There are VPNs, proxies and other variations on that theme.  I’ve used a LOT of these and I have some recommendations.

First and foremost VPNs.  VPN stands for Virtual Private Network and the simplest explanation is you are logging to their network and using their network to navigate the web and it sends the data back to you.  The theory, there, is that the only IP address visible is the one assigned when you log into the VPN – your own network IP address is not exposed.  So, think of it as a tunnel under a lake.  The only thing the world knows about it the opening from the other side of the lake from where you entered the tunnel.  So, there is some debate as to which are better and if there are any good free ones. 

I currently have four installed on my system that I use.  Each has its own set of pros and cons.

SecurityKISS

Let’s start with the one I use the least – SecurityKISS.  I’ve used it off and on for over a year and it’s pretty solid.  I get slightly reduced bandwidth speeds, but that’s to be expected.  The only real downside to this particular VPN is that it has a bandwidth usage limitation of 300MB, if I remember correctly, and that’s per day, I believe, and resets every 24 hours.  Now, it looks like they’ve simplified it since I started using and that’s not necessarily a bad thing.  It uses a client you can download and have pricing options that range from free to just under 90 euros a year. Of course, each price tier opens up more possible server connections as well as features. 

SoftEther / VPNGate

Another one that I use that is a little more complicated to set up is VPNGate / SoftEther VPN. The one thing I like about this is that once you get it set up, you load a list of potential servers and it displays the uptime, bandwidth and how many users are currently connected.

image

There are four ways to connect, each with their pros and cons and the VPNGate website has instructions to set up each method including one to use the OpenVPN client if you already have that in order to use other VPNs.  It’s also open source, so you won’t be restricted in your usage for using the “free” option, as they’re all free.

Windscribe

I started using Windscribe after I was doing research and really liked what I saw.  I liked it even more when I didn’t notice any discernable slowdown when using the VPN – even running a speedtest confirmed it.  Now, what’s interesting about this VPN is that there are ways, free ways, to increase your monthly usage cap. 

image

My current cap is at 15GB per month and, thus far, when I am going back and forth between VPNs, this has been more than enough.  There are two pricing options and they’re basically free and paying the yearly charge of ~$90 all at once or monthly.  I like the free option and was willing to do things like tweet a micro-testimonial to get an addition 5GB per month.

One of the interesting things to note is that not only can you use this on your Windows or MacOS system, but also your android device or even your router if it has been DD-WRT or Tomato flashed.

VPNBook

I’ve started using VPNBook a lot more, of late.  About the only things it disallows are pop connections and torrenting (except for, it would seem, the European servers).  It does pretty much everything else, is fast and pretty easy.

image As you see in the graphic, there, it supports a number of servers in a number of locations.  It tend to use the US1 and US2, though I’ll use the Canadian ones if I’m feeling frisky.  The only “inconvenience” is that the password to log into the VPN is provided by VPNBook on the web site.  I pinned the page in my browser, so it’s not too bad.  It’s pretty simple to set up and the instructions are clear and concise. VPNBook supports OpenVPN so is usable on Windows, MacOS, Linux, iPad and Android devices.  It also supports PPTP, but recommends the OpenVPN method.

TOR

“The Onion Router” or TOR can fall under “browser” as well, and that’s where I will discuss it more.  At this point, you just need to know that it is a distributed network designed to provide anonymity.  For the most part, it does, but my recommendation is to fire up a VPN and then load your TOR browser.

E-Mail


E-Mail is the most easily siphoned window into your personal lives.  There are some ways to mitigate this – webmail is, in theory one way, though it’s not any more or less secure than a standalone client if it’s not set up properly.  So – what do I use?  I’ve tried a ton of email clients over the years and the one I’ve settled on isn’t necessarily the one I’d recommend for end-to-end encrypted emails.

Confidant Mail

Confidant Mail might be a hard sell because it’s basically uprooting your existing emails (even though you keep your old email address) and putting them into a completely encrypted system. It’s not simplest to set up and seems to rely on you convincing everyone you communicate with to install and use Confidant Mail, as well.  Since it’s a standalone application it doesn’t run the same risks as do webmail or even standard pop/smtp-based email clients that employ message encryption.  It had a page dedicated to why it’s better than normal or even encrypted email.  It generates a public key via GPG when you set up the program, initially, and once that’s done you can upload the key to the servers so that people who are subsequently installing the program will be able to search for, find, and add you to their contact list.  I recommend checking it out, but something that I’ve had a bit of a problem over the 20 years I’ve tried using PGP is convincing my friends and family to also use PGP. 

Sigaint.org

Anything with “Making the three-letter agencies cry” in the tag-line is something worth looking into.  The only thing with Sigaint is that you really need to access it through your TOR browser. They have a clearnet address, as well, but it mainly serves to tell you to seek them out via TOR.  It’s a webmail client, so there are inherent risks, but they are quite open and honest, telling you not to trust them and to encrypt your emails.  Now, there is a “pro” option, as well, that for $32 for life, will allow you to use multiple protocols (pop3s, smtps, imaps), upgrade your email storage from 50MB to 1GB, full disk encryption, and a slew of other things to ensure your anonymity.  With the pro upgrade, you can also use an external email client – it says it’s been tested with Thunderbird, Claws and K9 Mail.  The free version is still very usable, though they recommend PGP-encrypting your emails before you send them, and I’ve had nary a hitch using it.  You basically get two email addresses – the clearnet version and the onion-specific version.  They both go to the same place, it just depends on the origin.  If you want no one to know who your are, this is the way to go.

ProtonMail

A fairly new service arrived earlier this year.  Basically, ProtonMail provides end-to-end encryption, a two-step authentication method (log into Proton Mail, then log into your mailbox), as well as the ability to send emails that will, in essence, self-destruct after a set amount of time.  It’s hosted in Switzerland and their servers never see plaintext anything – all the emails stored on the server are encrypted.  This has three cost/service plans where the free service provides you with a single address, a limit of 150 messages per day and 500MB storage.  The Plus tier is 48 euros per year and gives you a bit more while the Visionary tier gives you 20GB storage, 10 custom domains with 50 unique emails addresses and no limit on sending/receiving emails.  It’s 288 euros per year.  One interesting feature is that you can enable authentication logs which will tell you when your mailbox was accessed and from what IP address.  This is a solid choice and I’ve not had a problem with ProtonMail – and you can download the android app to access it from your phone or tablet, as well.

Trend Micro – Encrypted Email solution

I’m not sure what to do with this, since it’s more or less a service solution rather than a product solution, so you have several choices as to how it protects your email.  It looks decent enough, but also, to me, looks like there are several holes along the chain that could be problematic, but that’s just me worrying about anything that is not encrypted leaving your system and relying on something “out there” to do it for you.  It also looks geared towards small business, with a subscription system, so I’m not sure how useful it will be to an end user who wishes to employ it.  So, there you go – another option. 

Web Browsers


image

I have many browsers.  I want to try them all, see which ones work the best for my needs.  I will touch on them and let you decide for yourself if they will work for you, your privacy, your security.

Chrome

Yes, Chrome.  Mostly, this is because of the pile of extensions you can plug into it to give you whatever level of protection you wish.  I use the following plugins to great success:

    • AdBlock Plus (ad blocker…)
    • Anonymous Communication (secure chat client)
    • BitDefender Quickscan (real-time antivirus checking of web pages)
    • Block Site (offending site?  “Welcome to my kill filter, sucker.”)
    • Do Not Track (cuts down on sites abilities to track you)
    • DotVPN (VPN internal to the browser)
    • Ghostery (makes it easy to see who’s trying to track you)
    • Javascript Popup Blocker (popup blocker that handles most of the javascript-based ones)
    • NetCraft Extension (site information and phishing protection)
    • OneTab (not security, but bloody useful – collapses all tabs to a list on one page)
    • Performance Analyzer (measures the performance of web pages/sites)
    • Poper Blocker (my favorite popup blocker)
    • Request Maker (Log, edit and send HTTP requests)
    • Rubber Glove (removes common browser tracking ‘fingerprints.’)

Now, these come at the expense of performance, occasionally, and RAM usage, most of the time, but I haven’t been hit by any drive-by malware for a LONG time.  When used with a VPN (one of the ones listed above or just the DotVPN), it offers reasonable protection from snooping.

FireFox

After I spent a large amount of time getting the beta of FireFox up and running and customized to my liking, it decided to update to a newer version and wiped out not only all of my bookmarks, but my extensions, as well.  As you can imagine, that made me a touch salty, which is why I don’t use FireFox as often as I used to.  That said, I have a couple of addons/extensions that make FireFox more usable for me.

    • AdBlock Plus (ad blocker…)
    • uBlock Origin (an efficient blocker that is pretty customizable)

As I mentioned, though, I don’t use it much, anymore.  So, these two are by no means the extent of the addons or extensions out there, but they’re the only ones I’ve put back since being forced to start from scratch.

Epic Privacy Browser

image

They feel that your privacy is yours and yours alone.  It’s a solid browser and does just about everything I need.  The big things to take into consideration, here, are that

    • Private Browsing is *always on*
    • it automatically sends the “do not track” message to websites
    • it blocks all third party trackers and cookies
    • one-click on/off proxying which hides your IP address and encrypts your data (gets REALLY slow, sometimes, especially when inside a VPN tunnel)
    • it searches through its own proxy when obscures your searches from outside “eyes”

So, basically, it has just about everything you need, right out of the gate, to be private and mostly safe out there in the wilds of the internet.  I mentioned that it gets slow inside of a VPN.  A lot of things get slow inside a VPN tunnel, so it’s not a condemnation as much as a factual statement – in this case, however, you know why and can appreciate why your data is taking a bit of time to find its way back to you.  It does break some sites, of course, but has a “Quick compatibility umbrella” which expands and lets you pick and choose which safety mechanisms you are using in an attempt to return compatibility.  I use this browser a lot.

Opera

Opera was my first “go-to” browser after my FireFox kerfuffle.  It’s a solid browser and one that I’ve used off and on since it was initially released back in the land before webkit.  The one thing I miss is the ability to set how many data connections you wanted to hammer a site with to improve performance.  I think it’s still in there, but the bottom line is that, really, most connections are fast enough that it’s really fairly unnecessary unless you want to inadvertently instigate your own miniature Denial of Service attack which, by the way, web masters love. 

I only have a few extensions and they are “the usual subjects,” AdBlock Plus, and that’s pretty much the only ones for security. “Why,” you may ask.  Well, it has a nifty feature whereby you can toggle, on a tab-to-tab basis, the built-in VPN connectivity, which is through SurfEasy.  For the most part, it’s fast and can be routed through numerous countries for added protection.

Brave

It’s main goal is to limit the trackers and ads that slow down your browsing while at the same time protecting your private data.  It’s a good browser and I actually do find it faster when going to normally ad-laden sites.  Of course, part of that, too, is that I use a custom hosts file that nips most of that in the bud, but still, you can tell the difference.  It defaults to trying to run everything through https-everywhere, which is good.

image

The bottom line, for me, with this browser is that it’s in its infancy and each release makes it better.  It’s a solid browser, now, but doesn’t have everything to keep you off the grid…yet.

Vivaldi

After the big three (Chrome, FireFox and Opera) all flaked out in their own ways, I spent a lot of time looking for a browser that didn’t drive me nuts.  I test drove this for a few days and those days have turned into months.  I like it because it’s fast, does everything I want, and doesn’t do dumb stuff.  One of the selling points is that almost every aspect of the browser, and therefore your browsing experience, is customizable.  It’s not as secure as the others, but can take extensions to fix that, I’ve just been too lazy to, recently.  Well…when I want secure, I’ve got how many other browsers to choose from?

OWASP Mantra

“Elegant, clean and completely open source,” this browser is build with the security / penetration tester in mind.  The landing page has a slew of links ranging from your everyday to the Hackery section and a link directly to Shodan.  One of the things that stands out about this browser is the number of tools built in.  There are a lot.  I suppose I could list them out, but that’s pretty much what their web site is for – it discusses each one and does a better job than I could.  Honestly, it’s more for site testing than security, but as it takes FireFox extensions, you can add whatever you need, in this regard.  It is, nice, however, to have the ability to see what headers are being passed on to you and allowing you to edit them on the fly.  That’s good stuff, right there.

Maxthon Cloud Browser

This browser actually kind of tries to be a one-stop shop for you, providing a browser with many interesting security features like an encrypted password manager, right-click re-enabler, a cloud-based note/document storage area (1GB/free), and a provider of anonymous emailboxes.  All this translates to a web browser that is pretty solid for information gathering while you’re browsing the web.  It also defaults to duckduckgo as its search engine which, while it doesn’t return 1.5 zillion results like Google, it also returns mainly those things that have something to do with what you’ve searched for and not a bunch of ad placement crap.  I haven’t used it a huge amount because, well…nine browsers makes “equal time” hard.  That said, it seems to do well with ridiculously pop-up ridden sites like firstrowsports.eu, on which I watch hockey from the Ukraine and rugby from New Zealand and it plays the video with no fuss, no muss.  Not a security related feature, to be sure, but one that’s welcome, nonetheless.

Pale Moon

Developed by the save folks who develop FossaMail (which is what I use), this browser just received an overhaul.  This overhaul brought it up to “today’s browser standards” and in the process broke a couple of the nice security extensions it had going for it.  This will probably be fixed, in the near future, but fear not – important security extensions remain: AdBlock Latitude, Encrypted Web, and Secret Agent.  What this means is that you’re not going to see the majority of the ads out there, you’re going to be in HTTPS as much as possible and it will rotate the “User Agent” as not to leave a reliable fingerprint of the browser you’re using.  This is a good thing.  It will also alert you if a site tries to hijack requests and tries to redirect it to a different web site.  It will tell you the how, the who and the potential why: “Your web surfing may be subject to surveillance.” It’s a solid browser with a highly customizable landing page which is nice.  Check it out, but also check out the FireFox-based extensions that you can add to make it as secure as your paranoia desires.  Is it paranoia if you know it’s happening?  At any rate…

TOR Browser

As discussed, previously, this is the browser that works with the TOR network and will allow you to see deep/dark web sites and those sites with the .onion suffix.  It allows you to switch TOR circuits – or paths through the TOR network – in order to maintain anonymity if you feel that the current route/path/exit node has been compromised. Do remember that while the TOR model allows your data to be encrypted inside the TOR network, once your data leaves an exit node and goes to a site, the data in between the exit node and site is not encrypted by the TOR network, so continuing to use an extension like HTTPS Everywhere is always a good idea.  Now, what I do, for what it’s worth, is to fire up a VPN and then launch the TOR browser.  This way the TOR network connections are working within an already obfuscated network tunnel.  While not foolproof, it does increase the challenge for prying eyes/agencies.  While navigating through Onion-land is a bit more arduous and a bit slower, it is still a much safer alternative to bopping around in clearweb land.  There is also a “hardened” version that may be a version or so behind the currently available TOR browser, but has been modified to provide a lot more security.  I use this one almost exclusively.

….

You’ll notice there a browser missing.  Most folks in the IT world understand why it’s missing.  Perhaps you don’t.  Perhaps you love IE Edge.  Here’s the thing – it’s a screen door on a submarine, security-wise.  That’s pretty much what you need to know.  Any of the browsers above would be a much better choice when it comes to keep your data from “the man.”  In the interest of fairness, I will say, simply, that when I tried to “harden” IE, it broke.  I can no longer use it to browse the internet and it has become, inexplicably, the default PDF reader despite Acrobat Reader being installed.  It now, like Hodor, can only say one thing:

image

Encryption


This is where Pomeo is poking the bear.  I’m a firm believer in 1st, 4th and 5th Amendment rights as well as a strong heaping helping of “nunya.”  What’s “nunya,” you say?  If you grew up in the south, you know this is a rather sassy way of saying, “None of your business.”  Really, that’s how I feel about all aspects of my digital life.  I used to have an attitude of “fine, look around – I’ve got nothing to hide!”  What changed?  Well, for one thing, the Patriot Act.  Almost completely unconstitutional in its reach and just a wake up call that it doesn’t matter what the laws say, the government will find a way to wiggle around them.  Then came the hoo-hah about the iPhone in the San Bernadino terrorist case where some dunderhead tried to brute force *guess* the password to the iCloud and iPhone accounts and effectively wiped both clean.  Somehow, this was seen as Apple’s fault and so there was the huge floofle about how Apple should create a backdoor for law enforcement and Apple basically said, “Up yours,” as well they should.  What killed me about this, tangentially, was that if you search for “iPhone 5 unlocking/decrypting,” there are enough links that the FBI could have had it done in under 5 business days and for right around $150.  At any rate, as soon as that story hit the news, I hopped into my Android settings menu and encrypted the heck out of my phone.  You want anything?  You’re going to have to work for it, or at least lay out some cash.  Even though I’m not doing anything “wrong,” I’m not in any way shape or form going to make this easy for anyone who wants my data without a fight…or encryption key.

Drive Encryption

I absolutely encourage drive encryption.  Every Virtual Machine I create is encrypted and has to be decrypted, using the proper password, to even mount.  Once past that, the drive is encrypted and, finally, the user directories are encrypted with a different password for each user.  Seems like it could be considered overkill, doesn’t it?  Well, so what?  I think I mentioned not making it easy.

VeraCrypt

This is a very useful – and free – encryption program geared towards drive encryption, whether it is full disc encryption, partial disk, containers (encrypted files that act like drives but aren’t outwardly visible as such) and can even hide these encrypted volumes.  It’s free, actively maintained and based off of the TrueCrypt software package that was used by a multitude of corporate entities, including mine (TrueCrypt, not VeraCrypt) – and it (VeraCrypt) is SO much faster and less flaky than McAffee’s “Endpoint” software, in my experience.  You can select many encryption protocols and – and this is a wonderful “and” – you can even wrap them three deep, meaning your volume will first be encrypted with AES-256, then it will be encrypted with Blowfish, or TwoFish, and finally, on top of these two encryptions, it will encrypt a third time using Serpent, for example.  That’s my personal choice, but there are several combinations from which to choose.  This flexibility makes it exceedingly useful and, more importantly, pretty intuitive to use.  I recommend this to the moon and back for keeping your sensitive bits protected.

McAffee Endpoint Solutions

My experience with this product has been largely negative, but that might have to do with how it was implemented, so I’m disinclined to just dismiss it out of hand.  It’s only one of two in the list that costs anything, so you’ll need to take that into consideration.  I do know some folks who feel safer purchasing a commercial product – especially an expensive one – because they feel it’s more secure.  This could be.  I couldn’t tell you.  I just know that post-encryption, I’ve had better luck with VeraCrypt.  Honestly, the only trouble I have had with Endpoint is that it will suddenly and out of the blue simply disavow any knowledge of my passcode to decrypt the drive in order to use it.  This is frustrating in itself, but the process to recover it is not only a titanic pain, but – here’s the thing that throws giant red flags for me – with the recovery software, you are given a long series of numbers that will allow you to reset the password and, therefore, decrypt the drive.  Now, in a corporate environment – and one thing I do actually appreciate about the seemingly overly complex method for doing this that my employer uses – you can only access this recovery module after logging into the web portal, going to the “recover endpoint encryption” link and clicking it, then entering your credentials in, again, including a secret question, and only after satisfying this step will it allow you to embark on the rest of the journey.   Now, on the plus side, the price isn’t a deterrent.  Ranging from ~$20 for individual users to ~$5K for an enterprise license, it’s really not all that bad, comparatively.  That said, I trust VeraCrypt more.  Why?  Just because, really.  While the aforementioned folks feel more comfortable with a for-profit product, I prefer a product written by someone(s) whose only skin in the game is reputation.

Microsoft Bitlocker

I’ve never used Bitlocker.  It used to be only available on the Ultimate editions of Windows7 and, I believe 8.  I think it’s standard, now.  If it’s not, it should be.  At any rate, it functions very much like the above two solutions when it comes to encrypting entire drives.  You can encrypt your system (boot) drive with relative ease and, at this point in the game, I recommend that course of action. 

Symantec Endpoint Encryption

Now, I am pretty sure I haven’t used this, but I might have in a previous incarnation – I honestly don’t remember.  That said, from reading the literature and implementation documents, it seems like it’s on par with McAffee’s offering and does allow full-disk encryption.  I also boasts using PGP (Pretty Good Privacy) for it’s encryption of choice.  The company seems to be positioning this solution towards the enterprise customer, but you can get the Endpoint Encryption in a single license for $189.  So, again, I’ve not worked with it, so I can’t say one way or another if it’s the right product for you or your needs.  I’m just letting you know it’s out there and, frankly, the more encryption the better.

On-the-Fly / Individual file / Text Encryption

There are a long ton of solutions, here.  I’m going to focus on ones I’ve used and/or recommend.

Pretty Good Privacy (PGP)

The granddaddy of all public key encryption, this has going through a slew of changes, purchases, open source projects and version.  It’s been entertaining to watch, if not a little frustrating to keep up with.  Basically, the majority of things I’ll be discussing fall under this category, in some way or another.

Symantec

PGP, Inc. was purchases by Symantec, and so is included in the aforementioned Endpoint security package.  I’m mainly putting this here for completeness’ sake.  This isn’t to be confused with PGP Corporation.  Oh, wait…yes it is.  This is PGP if you want to pay for it.

OpenPGP

Standardized in the mists of history (1997), OpenPGP is available for all platforms, including iOS and Android.  This is pretty much the standard and everything derives from this.  It’s free.  It’s mostly easy to set up – the hardest part is thinking of a suitably secure password.  Their site has email encryption solutions, keyservers, and even a section for developers discussing signing their projects.  The email section provides a long ton of options/solutions.  Check them out.

PGPi

For historical purposes, only, I include the “international” version of the original PGP software and should be considered exceedingly outdated – it supports Windows 3.1/95/98/NT as well as the Amiga and OS/2.  So, why would I include it?  Because it’s fascinating to see how far we’ve come, really.  I love digging around in this stuff, so, I figured I’d share.

GnuPG (GPG)

This is what I use.  Take that for what it’s worth…I use it.  That doesn’t mean you need to use it or should use it.  I just like the setup of GPG4Win and it’s easy for me to work with.  The binary releases, should you not feel like downloading the code and compiling (./configure ./make ./make install), support Windows, Linux, MacOS, Android, OpenVMS, and RISC OS.  Integrated into the Windows shell, it makes encrypting/signing/decrypting documents, other files, directories and even drives painfully simple.  I recommend it.

Diplomat OpenPGP

I’m including this not just because they have their own OpenPGP solution for you, but a they also offer secure file transfer, which is nothing to sneeze at.  Now, while the OpenPGP product is free, the Diplomat File Transfer product is not.  It’s pricey, but when you look at what it does – securing file transfers, either P2P, FTP, FTPS and SFTP, as well as encrypting those files that are transferred with the private keys, meaning only the sender and the recipient can open the file(s) sent.  That’s pretty hoss.  This service will cost you, with the “basic” version *starting at* $595, the “standard edition” starting at $2,995 all the way up to the Enterprise version with the terrifying “Call for pricing.”  Still – if you’re worried about industrial espionage, how much is your data worth to you?

Again…make these folks work for it, where “these folks” can be, basically, anyone who wants to access your drive who isn’t you and, especially, without permission.  There are more solutions out there, but this should provide a good starting point. 

Cloud Storage


I know a lot of people that use either their own server or services like Dropbox to store files “in the cloud.”  There’s Dropbox, Mega.nz, and a whole slew of others, but they all share one thing: they’re searchable by the companies that set them up and in that light, anything subversive or  plain illegal in your file storage area can be found and you can endure anything from irritation all the way to outright pain.  That doesn’t sound fun.  So, let me recommend a few.  I’ve been using Keep2Share, of late.  It functions much like Dropbox, but I haven’t read any missives, recently, talking about k2c routinely scrubbing through user accounts looking for violations.  Let’s look at some other options, shall we?

Boxcryptor

This is a product that looks a LOT like what were talking about with Diplomat.  There are differences, of course, but as you get into the paid subscription versions, one of the big selling points is the end-to-end encrypted file transfer.  That said, the free version offers this, as well, just without as many bells, whistles and safeguards.  The free version features the ability to secure one cloud account, up to two devices from which to upload and save data, and Whisply integration which, for those who don’t speak weird corporate software naming practices, is their end-to-end file transfer encryption which will allow you to send out an unlimited number of links to the files you store there and these other folks don’t have to be boxcryptor users.  It also has a portable installation if you’re not wanting to, or can’t, install it one your system.

Tresorit

Aiming to not be a full service, encrypted cloud storage provider, it’s not free, but offers a lot of features.  Their claim, also, is that it would take 1,000 years to crack the encryption they use. I wonder if that will change with quantum computing?  At any rate, they offer a couple of tiers of service, with the personal level providing a terabyte of storage, access from 10 devices, password protected links and extensive file permission settings for file sharing.  The personal subscription is $30 per month, so $360 per year.  For small business and enterprise, it’s considerably more outlay, but is less per user.  Again, the enterprise model has the scary “Custom pricing,” which probably just means customizable for your business, but I still like seeing everything out in front of me.  One interesting thing that I like a lot is that it has a section for developers, offering a SDK to allow the end-to-end encryption to be integrated into your application.  The tagline, “No more data breaches” sounds good to me.  You have to request access, but I’m thinking that a software development company could benefit greatly from being able to tell clients/customers how secure their data will be.

Waula

LaCie’s solution was one I was going to discuss, but upon hopping to the site for more information, I got this:

<h2>Our services aren't available right now</h2><p>We're working to restore all services as soon as possible. Please check back soon.</p>Ref A: C544C6B0F1F84F22A420DB3DC53148B5 Ref B: F4B412192C8F55313E7D91E98DB04966 Ref C: Fri Nov 25 08:03:07 2016 PST”

so…you know.

nCrypted Cloud

This looks like another encrypted cloud service, though, it’s positioning itself more as a security layer on top of cloud storage.  Honestly, if the files are encrypted, I’m not sure I care how you get them there.  Well, that’s not entirely true, but you get the picture.  The personal version is free and for non-commercial use.  You get roughly the same features as on the company/enterprise-centric models, but without the longer audit trail, Active Directory integration and collaboration tools.  Now, there’s free, then there is the per-user cost for each level: $10.  The only difference is the number of users, at a minimum, that you are required to have: 25 for small business, 250 for medium business and 2,500 for enterprise-level. 

Honestly, I’m running out of steam.  For cloud storage alternatives beyond what I’ve laid out, here, I recommend this article.  It goes into greater depth than I have been and gives you pros and cons in a concise manner.  Concision has never been my strong suit.

Summary


Long story short, if you want to keep the government/hackers/pranking friends/ex-spouses out of your data/email/what-have-you, you need to secure it.  There are also ways to secure what you already have, for example, in Yahoo or Gmail. 

There’s an option for most webmail services to use two-factor authentication.  Use it.  You’ll be glad you did, especially when reports come out stating that Yahoo knew about data breaches as early as 2014 (and didn’t do anything until much later), and the recent Gmail breach. If it’s difficult for YOU, it’s going to be that much more difficult for anyone else.

Also, don’t use fingerprint or simple-pattern unlocking on your phones.  While a long PIN is a pain in the butt for you, just think how much of a pain it will be for someone who doesn’t *know* the PIN.

Stop using common passwords. While “ihatemyjob” is funny in ads, it’s horribly insecure and will take even an average computer a few minutes, if that, to crack.  Even throwing in a “!” at the end will delay the “crackening.”  That said, I’m a big fan of using symbols and numbers.  “Ih4t3myj0b!” will be that much more difficult to crack.

Above all, just don’t make it easy.  The more layers of security, the better.  The heftier the encryption, the better.  It doesn’t make you a terrorist, it makes you a pragmatist. Remember – This isn’t about hackers, anymore.  It’s about our government.

Chris Caffery – Your Heaven is Real

Chris Caffery – Your Heaven is Real

It’s funny…I remember seeing Chris on the “Gutter Ballet” tour and he just kind of hung back a little and let Criss do his thing.  From that point on, though, I’ve watched him grow as a guitarist, musician and producer.  His most recent work is something that we saw come to life through myriad postings on Facebook and it was an amazing process to watch unfold.  That’s kind of why I have resisted writing a review, to this point.  I had just finished producing an album, myself, so watching the process here, knowing what goes into it from a recording, producing, mixing and mastering stand-point, I have a different approach than I used to.  It kind of becomes a little club (you, the artist and thousands of his closest friends Smile ) watching a project grow and come closer and closer to fruition and wanting so badly for everything to pan out perfectly and become a sort of cheerleader.

That’s why *I* felt a little too close to it, even though I, really, had nothing to do with other than a few posts of encouragement along the way.  Then something changed.  I read a review.  Now, it wasn’t a horrible review, mostly.  It’s one of those that looks like it comes from a place of expectation that may or may not have been in line with what the point or purpose of the album actually was.  I feel a little sorry for the reviewer inasmuch as the full fury of Chris’ fans have been unleashed upon him.  For the most part, this is because the reviewer barely reviewed the music and, instead, chose to review Chris, himself.  That’s not how reviews work, really.  That said, as reviewers usually do, he brought it upon himself.  This is because no matter what your opinion is, someone will disagree.  Additionally, when you go after a person a lot of people care about, they’re going to push back, hard.  With that in mind – I’m going to talk about what I know with Chris, my perspective on the album and, towards the end, the music.

I’m not going to address much more of the other review, really, save for a couple points.

So, first and foremost, this is an 80s metal album.  Sure, there are some modern aspects to it, stylistically, but it conjures up — without sounding overly like — Savatage and Dr. Butcher with ease, and shows a lot of influence from those bands and from the songwriting he was exposed to, contributed to and learned from.  So, here’s where the divide, I believe, comes in.  I *love* hearing 80s metal musicians producing 80s metal.  I just do.  I loved a band from Richmond called Claude Zircle for exactly that reason — there were no pretentions.  They played their 80s metal hearts out, and that’s exactly what “Your Heaven Is Real” does.  Chris isn’t trying to win the nu-metal crowd.  He’s not looking for the prog-metal crowd.  He’s looking for people who enjoy honest, solid, metal.  In this, he delivered, in spades.  There’s something for every metalhead, here — there’s so much groove on this disc, it’s quite tasty.  If you don’t feel the 80s screaming through in “Just Fine,” I don’t know what to tell you.  The album, itself, also has a consistency across it — the tone, the energy, the love, the effort.

It’s funny, though, because it’s at this point in a lot of reviews where the comments start veering into “you’re a fanboy” or equally derisive terms that basically are implying that because you honestly like something and have good things to say about it, you’re a kiss-ass.  That always baffles me.  Me?  You get what you get.  If I like it, I say so, if I don’t, I say so.

Another aspect in which I felt a little too close to really review the album, objectively, was knowing the stories behind a lot of the songs, as revealed by Chris over the creation of the album via Facebook.  Once I know what something’s about, and how deeply personal these things are, and how much of an artist gets exposed by “putting himself out there” in a way that few people ever know — how the hell do you criticize that?  Even on the album I was just working on, it was much easier to be critical, as a producer, about musical and production choices, when I didn’t know that it was a song, for example, about the brutal hole left in the artist’s heart after the untimely death of his brother.  It’s at that point that it becomes the artist’s complete game – even as producer and mixer, there are things about which you just accept you have no say.  The same falls, for me, into that realm, here.  “Your Heaven Is Real” isn’t some attempt at a catchy chorus (have I mentioned that the song *crushes* and the chorus will get stuck in your head for a while?) without substance, but a very personal revelation about a pretty damned scary situation and brings, to me, two interpretations of the song that aren’t disparate — as a result of the experience, there’s a new appreciation of what is an isn’t real to Chris when it comes to the afterlife, and, really, it’s more of an affirmation and uplifting message than we’ve gotten from Chris, previously.  To me, that’s awesome — he’s in a happier place, which is exceedingly obvious if you follow him on Facebook.  Chris has always worn his emotions on his sleeve and produced music from the heart, and this is no different — something for which *I’m* grateful, though, I do understand how some folks aren’t always comfortable listening to songs that aren’t just about political rants, sex drugs and rock’n’roll, or any of the impersonal, banal topics we’ve come to expect in recent years.  That said, I’m in no position to criticize personal experience and expression for reasons I’ve mentioned before.

Oh, but make no mistake — Chris has socio-political rants, too, but there are more songs, here, about new and more personal topics, and are addressed with the same lack of compromise as “Pissed Off” though handled with more experience, wisdom and maturity.  What?  We all mature as we get older and, in this case, it just means the music is growing, proportionately, with Chris.  That’s not a bad thing.

I will address a comment from the review within one of the points from the review I wish to focus on, just because it’s something I didn’t have an appreciation for prior to last winter, when I was in a similar situation.  So, here’s the thing the review stated, “While the mix is clear, the overall sound is muddy and not sharp enough…” We’ll pair that with one of the comments on the review that stated, “…sounds like it was recorded on a PC.”  Here’s the thing — in several ways it probably was – so what?  There’s a lot of the home studio that is now piped through the PC to record and from what I’ve seen of Chris’ studio, I have no reason to believe any different.  Even in a larger studio, again, the trend is to pipe everything through a PC. That said, having just produced an album that was recorded in its entirety on a Mac (so, kind of PC…) and mixed/mastered on my studio system, I have a new appreciation for what went into this album.  I know how bloody hard it is to get a good, consistent sound that sounds good on your monitors, in your car, on your phone, and so on, and I also know what happens when you either don’t have the right monitors, the right angle on the monitors and the right distance from the monitors, ignoring the fact, for the moment, as to whether the room is treated, or not.

So, with that in mind, there are parts that I, as someone who has just spent time mixing songs until my eyes glazed over and my ears were so fatigued, and I dreamt of the songs for weeks, recognized right off the hop while listening to the album.  I believe it was on “Why” that I thought, “Ah, the monitors were <so>” when mixing the acoustics, as there were a couple of spots where they came hard through the back-side of the mix, on the sides a bit louder than probably intended, but was probably the result of a lot of late night sessions, you know – when pouring his heart and soul into this project.  It’s one of those things that I don’t think I would have given a second thought to if I didn’t have this stupid new quasi-curse of listening to albums like a flippin’ mixer/producer.  That said, “Why” is probably my favorite track on the album.

It’s kind of like once you’ve run your first kitchen as a chef, eating out is a whole different experience where you’re all at once over critical of everything and how you would do it differently, and here’s the thing — it doesn’t change the experiences of the people around you.  The real joy of a chef is peeking out from behind the swinging door and seeing someone take a bite of a dish you put your soul into and watching their eyes roll back and that “Mmmmmmmm…”  There’s nothing like it.

Likewise, as an artist, watching people start to close their eyes, bob their heads in rhythm and get taken to someplace else for a while through the music, that’s what it’s all about.  How they get there is subjective, and that’s I think what we’ve run into, here, with the review’s mention of “clear” yet “muddy and not sharp enough.”  One thing you learn pretty quickly when mixing an album is that your ears adjust.  So, if you’re working on a song, the small changes get absorbed into the song.  Try this — if you listen to music with your EQ flat, boost your treble up for about 5 minutes.  Now, change it back.  It sounds weird — even dull and kind of lifeless, doesn’t it?  Then, however, after another 5 minutes, it’s the “new normal,” again, and it just is how it is.  I would wager some of this happened not only when producing this album but when listening to it, as well.  I know it came into play on the one I worked on.  Good gravy, it did.  At any rate, the point is this — the mix is clean.  You can pick out every ingredient — the drums (Brian Tichy is absolutely on point), the bass, the guitars, the vocals, the spices (some synths, some choir-y parts).  There are times that the bass eats the kick, a little, but that’s also something that comes into play with this observation — this, like any album, depends upon that on which you’re listening to it.  In my case, I listened on my studio rig through my monitor speakers.  I’m very used to the tone on these, now, so I know their tendencies and I also have tried to keep them as flat as possible, response-wise.

So, this album is “flat,” and what I mean by that is that it’s not jacked one way or another, not over-bassy and not treble-heavy, and it is definitely not “lifeless.”  It has a good balance.  Now, there are places where there’s a little mud right in the 120-500Hz range where ALL the instruments want to play, but that is, to me, to be expected in metal, and, honestly, in pretty much everything short of piano concertos or pan flutes.  So, the clatter about “muddy and not sharp enough” really comes down to this — poke your EQ, sparky.  I know that when producing, there’s that goal that you produce an album that won’t “need” EQ-doinking, but reality comes crashing in when you realize every human on this planet has not only different tastes, but different ears that are more sensitive to different frequencies than others and, really, in order to make everyone happy, everyone’s going to have to put in a little effort.  Hmm…That came out funny, but I stand by it.

If you think a recording sounds a little dull, it may be one of a billion variables, but one of the easiest fixes, if you think a recording is muddy, is to poke the mid-high and high EQ sliders up a bit and maybe even scoop the mids a little.  I mean, growing up listening to metal on my little walkman with the 3-band EQ on the side, I adjusted it for just about every album I ever played in that thing, and I played a LOT of metal.  So, I guess my point here is that if you’re thinking it’s a bit muddy, tweak a bit, because the overall production is tight.  There are some places where it’s a little *too* flat, for my taste, but I’d rather have it flat and be able to adjust it to sound good to my ears than have it so jacked to one extreme or the other I a way that I can’t adjust it to my preference.  Those spots are also few and far between and don’t take away from the listening experience of the album.  It’s just something that, for better or worse, I pick up and hone in on, now, that I didn’t used to.

So, after all this, what do I think of that album?!  It’s a solid-ass effort from Chris that shows just how much he’s progressed as a musician and song-writer.  The songs are more involved, complex and produced with more dynamics and appreciation for white-spaces.  I appreciate the growth that’s gone into his vocals and, truly, he’s found his own voice and I dig it.  Again — 80s metal, man, 80s metal!  I enjoy the songs a lot.  I enjoy knowing the stories behind them.  I enjoy how the stories are told.  This album embodies what I wish more artists would try — honest, hard-working and just pure Chris.  Hmmm…I’m not saying other bands should try to be pure Chris, but try putting in the love and effort into their work.  It’s funny — the review that shall not be named inferred that Chris basically churned this out because he needed the money and some form of pity grab.  I have absolutely no idea where that came from.

For me, the standout tracks are the title track – a perfect, blistering opener – “Why,” “Hot Wheelz,” “I Never Knew” and “2-26-15,” which is elevated that much more if you know what that date means to Chris.  If you don’t, ask him.  That’s not to say that “Arm and a Leg” isn’t heavy as hell and well executed or that “Just Fine” isn’t a bad-ass jam that channels the 80s perfectly, or that there is any filler on this album.  It just means that those were the songs that I gravitated to, thus bringing this back to how subjective this all is.  I dig the album.  More to the point, I take the album as a whole – the effort, the late nights, the love and everything that goes into taking what’s in your heart and getting to unleash it on the world.  It’s the blistering solos, sure, but it’s also the person poured into it.  Take some time to get to know it and you won’t be disappointed.

In closing, “Your Heaven Is Real” is pure Chris and executed not flawlessly (though pretty close), but honestly — and it’s honestly a great album.

Losing My America

So, there’s this meme.  I had a very visceral reaction to it – it’s the one with the drill Sargent from “Full Metal Jacket” telling us in no uncertain terms that we’re losing our “beloved America” to “goat humpers.”  Honestly, that’s just offensive.  Because of our country’s history of racism and propensity to name-call, I know who and what this is talking about.

Honestly, I find that I’m losing MY America to intolerance and hate. #ScarSpangledBanner #TrueAmericanHate (BTW, the most recent Testament/Exodus tour was freaking amazing…just saying) It’s not some Muslim insurrection I fear because of the Muslims I know, most of them have better values and place more value on life and peace than their Christian counterparts in my life. If it’s about “growing a pair and acting like Americans,” it’s time to establish what that means and I, for one, don’t recall this country being founded on the “values” of hate, bigotry and ignorance. Isolationism and freedom, yes. Being an asshole, no. Well, maybe…there’s plenty of historical precedent, I suppose…

For me, it’s not anyone from any other country, race, religion or so-called-creed that’s undermining and destroying the fabric of our country, it’s those that perpetuate that to be American, you need to be an asshole who instead of taking time to understand the cultural differences, choose instead to call names. My America is being destroyed by my government’s insistence on sending my friends and family overseas to kill a fabricated and media-amplified enemy when the real problem is who holds the petroleum resources and something that could, really, be negotiated without threat of violence.  We’re just not wired that way, apparently, because it’s the more difficult way to do something. It’s harder to accept someone for their differences than to dismiss them as different and “other.” I’ve said it for years — we need to stop listening to so-called “war experts” and invest serious time and energy recruiting “peace experts.” I, for one, don’t want this world blown all to hell for my kids because people have forgotten how or think they’re too good to use their words…

It says, “Wake up and smell the bacon.”  I do like waking up to the smell of bacon, although with my thyroid medicine I can’t eat it until a bit of time AFTER my coffee. This is medicine prescribed through American health care, taken with Swedish coffee, in front of my American built (except for the Singaporean semiconductors, Taiwanese case, Thai hard drives…), sitting on top of a Japanese stereo receiver (studio setup…long story…). There’s a point to this — everything is from everywhere. We, as a planet, are together on our ride in this compressed and screwed up span of time, and we can choose to live our lives finding reasons to hate and kill each other, or we can choose to find our commonalities and work towards making this world a better place…and there are VERY few exceptions where discriminating against or killing someone makes a positive difference.

It’s not the Muslim you need to worry about, it’s the Extremist — and that goes to ANY religion or belief. You also have to see through the media representations and perpetuated stereotypes. You have to care enough to take the time to learn why a certain people or person does something in order to understand that it’s probably not a threat to the threads of your reality and, more likely than not, is just as odd to you as whatever you’re doing is to them…

So, to wrap this up in a tidy bow, if you feel being an asshole is the most important American value, then you are the problem, not the person who is trying to make a better life for his or her family by coming to what used to be called “the land of opportunity,” but, now, seems more to be “the land of intolerant bigotry.”  Makes you proud to be an American, doesn’t it?

Sometimes Our Masks Break

[Somehow, this never published.  Remedying that, now.]

If you’ve never suffered with depression and you’re spouting your opinion on how a person feels, I want you to stop.  Just…stop.  You have no idea.  You may think you do, but you don’t.  The only way you can even come close is if you’ve watched someone, closely, someone you love, perhaps, suffer with depression.  Even then, it’s kind of like watching someone with a cast, be it on an arm or leg.  You can sympathize with the person wearing the cast, but unless you’ve broken a bone, you have no idea what all is entailed in having your arm or leg immobilized for a month, with aching, itching, and that weird feeling of huge amounts of pent up energy that sits and almost tingles in futility, or with the doctor visits and pain killers and months of physical therapy, thereafter. Nor can you understand depression.  Not fully.

I don’t talk about my depression, really.  This is mostly because I feel it’s not anyone’s business but, also, because with the stereotypes and stigmas that are still pervasive in our society, most people are ill-equipped to know how to deal with someone who’s depressed.  It’s hard enough interacting and dealing with people, as it is, and this may just be from the depressive perspective since I only have one perspective and that’s it, let alone with people who are armed only with what mass media have told them about depression.  One of the biggest things is understanding and there’s so little of that in the world, today, that it’s naïve to think there would be much in this regard.  People tend to have a limited amount of understanding for something they can’t comprehend, fully.  That’s OK – I understand that.  I’m not criticizing someone who doesn’t understand depression, I’m just asking you keep your opinions to yourself when you tell me, or the rest of the world, how someone who is depressed must be feeling.  There’s no “must be” with no frame of reference.

Most recently, what Robin Williams’ death has brought to the fore is something that I’ve dealt with for most of my life, and it’s not just dealing depression. It’s dealing with someone you love feeling so emotionally injured, so depressed, so alone, so incapable of seeing any other solution in a great, wide world of solutions, as to kill themselves.  There aren’t a lot of people in this world equipped to deal with this, especially when it’s someone close to them, someone beloved.  I’m not an expert, by any stretch.  I’m just a guy, already someone who suffers with depression, who has the added burden of having two people in his life take theirs.

There have been people attacking Robin for his choice.  It’s almost as if they feel this was an easy choice made with no forethought or attention paid to consequence.  It’s almost as if they have no idea what they’re speaking of, at all, when it comes to depression and the suicidal thoughts that haunt individuals every waking moment of every day making it seem almost like a release from a chrysalis of confusion, silent suffering and emotional and physical pain.  Yes, it’s like those ads that have run in the last few years – depression hurts.  Physically.

Part of this, for me, is that this man, Shepard Smith, just suffered a loss, as did the rest of us, of someone he loved growing up and as an adult.  He’s angry that Robin has left him in this way.  That’s OK — I get it.  We all feel that way.  The difference is that when you’re surrounded by ignorant name calling and vitriol all day, as is the environment I glean from watching 30 seconds of Fox “News,” you react not as a reasonable adult, but as a schoolyard bully whose favorite teacher just announced she was leaving.  She’s now the worst person ever to walk this earth.   Likewise, Robin suddenly became a “coward.”  I’m not apologizing for this Smith person.  I don’t know him. I just know people like him.  Schoolyard bullies don’t react with compassion towards the person or situation.  They react by lashing out.

It’s easy to fall back to the pervasive thoughts from a less enlightened age (prior to the 1990s, really) where suicide WAS seen as cowardice by so many.  What’s hard is to FEEL and understand what a person so completely devoid of hope as to *kill* themselves is feeling, even a sliver.  One thing FoxNews has never been about is sympathizing with “other” and understanding someone else’s perspective.  I truly hope that this person never has to face this so-called cowardice in any aspect of his life other than vicariously and detached.  It’s not something I would wish on anyone.

Caught in a Mosh

Anthrax’s seminal hit rings true, these days, as I – and metal musicians, it would seem – have noticed that what was once a pit of frivolity and “good, friendly, violent fun,” as Exodus phrased it, has become a land of bullies and thugs.  The most recent artist to speak about it is Slipknot’s Chris Fehn, who puts it, rightly, when he says,

“I think, especially in America, moshing has turned into a form of bullying. The big guy stands in the middle and just trucks any small kid that comes near him. They don’t mosh properly anymore. It sucks because that’s not what it’s about. Those guys need to be kicked out.”

He’s right, you know.  It’s changed.  The pit, that is, has become some kind of supercharged gladiator ring rather than a place to bounce off of people and have a good time.  It’s an interesting dynamic, these days.  “In my day” (to sound 80 years old), which is to say back in the late 80s early 90s, pits were a bunch of folks skipping around in circles — rapidly.  You may catch an elbow in the mush, occasionally, but you kept skipping and laughing it off because you knew there was no “intent to injure” or anything other than just a good “mosh.”

At the most recent concerts I’ve attended, it’s some jackball who weighs 300 pounds lining up on one side of the pit and just going bowling across the middle and plowing into a bunch of folks on the other side who weren’t expecting it.   Add in a bunch of other Neanderthal-acting folks who are just throwing elbows, over-head fist swings and feet with no intent, it would seem, to do anything BUT injure, and that’s the state of things, it seems.  It sounds stupid as hell to say, but there’s no decorum, anymore, in a pit.

A notable exception, and a “pit” I could get on board with, occurred at the Týr show where it was a large group of people, arms locked at the shoulders, in a circle, facing inward, simply head-banging in rhythm.  Very interesting to watch and allowed the people right up at the front to enjoy the show without fear of being obliterated from behind by some ill-mannered moron.  That show was epic.  We also got to witness a “wall off death” executed perfectly, but in a way where, if you didn’t want to be part of it, you weren’t included in the mayhem irrespective of your opinion.

I’ve NEVER had to throw a good solid check in a pit, before, but I got to a point where I was just trying to keep the people who were on the outside from getting run over by the folks on the inside who don’t respect the boundary of the pit.   It used to be you would see someone get accidentally (or even intentionally) knocked down, you’d help them up and keep the pit moving.  Now, it just looks like the goal is to knock everyone down and be the last one standing.

I don’t know when this change occurred, but it is going to kill the concert experience for the fan who would LOVE to get close and SEE the musicians up close, but doesn’t want to get wrecked by someone who, in my opinion, doesn’t respect the musician or the music, let alone the other fans.  I spent half of the Conquering Dystopia show squaring off behind some kid who looked to be maybe 13, was obviously attending his first show, and was not only star-struck by being right up there with Jeff and Keith, but also rightly terrified by the morons who were just plowing into him.  It’s funny, though, because I gave Keith a “BAD KEITH!!” when he did the finger circle indicating, “mosh it up!” but not because I don’t want these bands to have a pit, but because I knew the people in this particular pit were not equipped, mentally, to do a pit “right.”  I tried to make it so this kid could watch the show looking forward, at the musicians, and not behind him, bracing for impact.  No one wants this kid, or anyone else, to think poorly of the band, the venue, or the whole magical LIVE experience because some folks can’t conduct themselves in and orderly, respectfully violent manner.  If the pit had contained itself to its circle and had limited itself to ping-ponging, skipping, hopping, rhythmic “slam-dancing,” it wouldn’t be an issue.  As it stands, when a show comes to town with band I enjoy, I have to ask myself if it’s worth the effort.  Maybe it’s just getting old and having back issues, and knee issues and thinking, “Strange…I’m actually here to see the band I paid money to see…”

Why Taylor Swift is Right and Why She is Wrong, But Why I Agree With Her

So, while not a whole lot of hoo-hah has been made about this, Taylor Swift made a move a few Thursdays ago that made a lot of people scratch their heads, a lot of people lash out at her and quite a few simply shrug and not care in a different way than they didn’t care before.  I went through all three stages, but also had another stage – I started to agree with her, in principle.  I don’t really agree with how she’s gone about it, but, let’s look at this, shall we…

Taylor has had Spotify – the cpu hogging music streaming app that supports about every platform out there – remove her entire back catalog from their rotation.  That’s a big deal because it’s a lot like calling every radio station in *the world* and telling them not to play your music, anymore.  Her quote on why, “And I’m not willing to contribute my life’s work to an experiment that I don’t feel fairly compensates the writers, producers, artists, and creators of this music. And I just don’t agree with perpetuating the perception that music has no value and should be free.”

My first take on this is that she was NOT a child of the early 80s.  My first copy of Metallica’s “Master of Puppets” was a copy of a copy of a copy of a copy that a friend handed me saying, “You HAVE to listen to this band, man!”  So, I got arguably Metallica’s best album for free, right?  Wrong-o!  What I got was a tape that had to be turned up to the full extent of the tape deck in order to get volume that was audible with, literally, no fidelity…and a burning desire for more Metallica!  That week, I purchased what are now kind of collector’s items but were all I could afford at the time, the “Whiplash – Remix EP” and “Creeping Death” picture disc with the original “Garage Days Revisited” on the b-side.  So, yeah, *records.*  At any rate – this “free” MoP tape of horrifying fidelity spawned a purchase rate that, over the past three decades has made Metallica, from just me, close to $500, give or take, in albums sales, concert tickets, and t-shirt sales.

I use this as an example because what Spotify is trying to do is be a sort of half-crazed fan that allows you to try new music based on what you say you like – like the guy with the crappy tape saying “You have to try this!” only through things like “Phil, 9 Suggestions For You” emails that tend to include bands I would never seek out on my own.  So, with that in mind, I find it hard to fathom why anyone wouldn’t want “free publicity,” except that’s the rub, isn’t it?  It’s a pittance these artists are paid every time a song of theirs is played on Spotify.  I had a brief discussion with an artist about this and the sad truth is that an artist gets between $0.001 and $0.005 and said artist must also work through a third-party aggregator which then siphons off profits from this paltry number.  For example, if you have a song that people LOVE and play 1,000 times, today, you will make between $1 and $5.  If you’re working with an aggregator that takes the minimum I’ve seen, you’re looking at 9% or $0.09 taken from what you make for this song off of Spotify, therefore, only leaving you with $0.91 of your own, and that’s if the company takes only the minimum I’ve seen – it could be as much as 30%, which would leave you with $0.70.

So, while this information might be dated, it’s OK for our purposes and that’s because, for what it’s worth, Taylor isn’t having any and I kind of agree.  I don’t like Spotify, really, and have sort of a contrarian relationship with it.  So, when I get a suggested band, my usual first though is, “won’t be listening to them, thanks.”  I know…bad Phil.  Still, if you’re an artist who has paid a LOT of money to record an album and are looking to recoup costs, services like Spotify are not really the way to go, I would think, especially in a world where initial sales are big indicators as to whether your record company will decide to deal with you for a next album.

Some of this is probably also coming on the heels of the U2 hit/miss release of their new album for free to the world via iTunes – whether you wanted it or not.  Personally, I was irritated on two levels by this.  The first is that it’s exceedingly presumptuous.  Music is a personal thing.  Me, I don’t like people screwing with my music collection or putting something in there that I’m not able to remove.  As a side note, I found it sad that Apple had to create a tutorial on how to remove U2 from your iTunes collection…  Secondly, I find it devaluing what U2 did, musically.  I haven’t listened to the album, so I can’t say whether it’s the best album in decades or drek, but what I can say is that it’s like telling the rest of the world one of two things: 1) “We’re so bloody rich, we don’t need the money, so have this album,” or 2) “We’re not sure this is going to sell, so, here, take it and please see us on tour where we actually make money.”

So, my takeaway is this – Taylor Swift was saying to the world, I value my music more than $0.001 to $0.005 a play and I have enough faith in my music that if my fans really want it, they will buy it.  I am OK with that.  I’m also OK with bucking the idea of the half-crazed tape trader that is Spotify.  Honestly, as someone who grew up on metal, it’s never been about the radio airplay, but always about the word of mouth.  Now, Taylor doesn’t have to worry about airplay; you almost can’t take a trip down the FM dial, let alone XM/Sirius spectrum, without tripping over one of her songs, but that exposure is worth more than a penny, here, or a dollar, there.  The hard truth is that it’s about building enough of a fanbase to come out to a concert which is, really, what ends up paying the bills.  I guess what I’m trying to say is that while there’s something to the “any exposure is good exposure” mentality of Spotify, there’s also the idea that your music that you’ve poured your heart and soul into is worth more than what Spotify has valued it.  That’s on Spotify.  That’s on the consumerist mentality.

After pondering on this awhile – and starting off kind of disagreeing with her – I actually have to side with Taylor on this.  The sad part of it is, if an artist who you know makes more than $1 to $5 a day on songs is getting uppity about the artists getting what they deserve via these services, you know that there are hundreds if not thousands of other artists out there who, while needing the pittance they’re getting from Spotify, wish they could do the exact same thing.

Open Letter to Guitar Center

Here’s the problem — I’m one of the minority: the left-handed guitarist.  I’m also not rich, not famous and not the best guitarist out there.  However, I do have money occasionally, and I sometimes get to feed the beast that is G.A.S. (Guitar Acquisition Syndrome).  My biggest problem is the in-store selection.

When I go in, I have pretty good ideas about what I want.  My choices, at least in my area (Dayton/Cinci Ohio), are exceedingly limited — an Ibanez Gi0 and Fender Tele.  I will say that for my last birthday, I hit all the local shops and threw down less than my wife thought I would to get a Schecter Omen-6 Extreme Diamond Series rather than some of the lefties we had found at other stores.  The point being, I did NOT spend the money at Guitar Center, even though that was the second stop on the trip.  I’ve bought there before, but not this time.  Part of that was I already HAVE one of the two models available in-store and wouldn’t buy it again without serious persuasion – like someone would have to pay ME.

I guess that comes to my next point — the in-store selection being dreadful is kind of be expected: we lefties are quite the minority.  That said, would it kill you to have more than 2 models in store?!  Even back in 1992 when I was looking for (and ultimately purchased) a new guitar at a LOCAL (to Norfolk, VA) shop, I had a choice from, basically, one lefty model per manufacturer, meaning I tested a lefty Fender Strat, Les Paul Custom, BC Rich Warlock, Jackson Stealth and PRS of some expensive persuasion, among probably 5 others.  I walked out of there with the Stealth EX, but the point is that I had a choice.  I, and other lefties out there, don’t get that opportunity, in-store.  Even *one* other model would be nice, but since you don’t know which type of player you’re going to get in there, predicting that a Schecter model or Jackson or Gretsch will be the one someone’s looking for, I know that makes it hard.

For the record, the quality on the Ibanez Gi0 is dreadfully cheap.  The bridge is the stuff of nightmares and the hardware is…suspect and cheap.  Just so you know.  I bought one when I had my other guitar torn apart replacing pickups but still needed to record.  Not a mistake I would make again.  If you’re really looking at a cheap (in price and not necessarily quality) guitar to feature, ESP has a number of inexpensive choices, as does Dean, as do Schecter and Epiphone.  This is something you already know, since they’re available online.  I know there’s the notion of inventory and keeping them on hand, taking up the space that one of the other righty guitars could use.  But here’s the thing — when I walked in and saw my choices, I turned around, left and took my money elsewhere.  I’m not buying a guitar unplayed and if there’s no selection in-store, then I’m going somewhere that will have one.

At any rate, this was brought on by the email sent out highlighting lefty models and got me thinking about how it’s well fine and good to have them online, but, again, I’m not buying without playing an instrument (buying a second instrument of the same manufacturer,  make and model notwithstanding) and when I walk into a store and get the “poor guy” sympathetic apologies from the sales staff because there are only two guitars of limited appeal available in store, it just feels a little disingenuous. If I, in the future, should find myself able to walk in with two grand to spend on a lefty and my choices are a $229 Ibanez drekster and a $400 Fender/Squire Tele, I’m taking my $2K elsewhere, just like I did with my $500.

Thank you for your time.