Submitting Personal Information with[out] SSL

2013/09/14 Life, Programming, Security, Server Admin 21 comments 
UPDATE:As of September 24 2013 
TeachingChile.com is completely wrapped in SSL.  
~Thank you!

This post is no longer entirely relevant. TeachChile.com has updated their site and wrapped it in SSL. Thanks guys!

https://teachingchile.com

 

URL: http://teachingchile.com/apply_online/machform/view.php?id=6

TeachChile.com has an online application process that requires the submission of quite a bit of personal information including your Passport Details over plain text. Seriously? I almost feel like someone’s playing a prank here.  with SSL and ‘secure websites’ being pretty well understood it’s mind boggling to see websites like this still exist requesting personal information including passport number be submitted via plain text non-secured form data. What’s more amazing is that the lack of SSL is just one of what seems to be a whole ton of security-ignorance which pretty much guarantees anyone submitting data to these guys gets their identity (all their submitted data) jacked.

Wha? Google shows some love.

What makes it more astonishing is the domain was registered in 2005 and ranks #1 for “Teach in Chile” on google(us) and ranks really well for quite a few other keyword phrases. With the potential traffic exceeding thousands of visitors a month – I wonder how many fill out that insecure form?

Source: http://www.semrush.com/info/teachingchile.com

Google gives the page that links to the Non-SSL encrypted page a PageRank of 3.
http://teachingchile.com/to_apply.htm – With all the crazy search listing algorithms and such you’d think Google wouldn’t demonstrate much appreciation for this.

WTF? Guess until you find a stored form!

Saved forms can be easily brute forced!  Now this is so far over the top I’m not sure what to make of it but it offers to let you save the form if you provide an e-mail address like so:

Save Form & Resume Later

and upon saving you are presented with a ‘special link’ which at a quick glance looks like a simple 10 character alphanumeric hash.

Link to permanently saved form.

http://www.teachingchile.com/apply_online/machform/view.php?id=6&mf_resume=f4e2cdde3a

As far as I can tell that is permanent unless they purge the system of old resumable forms at some point. But to drive my point home – all one has to do is generate hash values 10 alphanumeric characters long. The following function ‘should’ generate those hashes.  Can’t say I checked but it is quite that simple.

function generate_random_hash($length=10){
 $chars = '0123456789abcdefghijklmnopqrstuvwxyz'; // Our Hash Building Alphanumeric Soup
 $char_count = 1; // Counter for how many characters our hash is (as it loops and grows)
 while($char_count <= $length){
   // Add random chars from our alphanumeric soup until we hit our target length
   $hash .= substr($chars,rand(0,35),1);
   $char_count++;
 }
 return $hash;
}

Replace the ‘special’ part of the resume URL with generated hash & test for live data.

There can’t be more then 6.something quadrillion hashes possible used to uniquely identify the  saved forms are in their database.  6 Quadrillion is a lot, don’t get me wrong but it’s really not if you break the work down across 1 thousand, 10 thousand or even more computers it becomes pretty easy to pull the task off in a very short period of time, even if approached in a slow enough manner as not to bring their web server down.  I’m digressing though – this isn’t the school of brute-forceology.

Verifiably Exploitable Platform…

If I were to assume TeachChile.com was using Mach Forms (which they are) based on ‘machform’ being in the url or some other simple means then a quick Google search for existing (and very well documented) Mach Form exploits might apply. The latest exploit having been uncovered less than two months ago.  *shakes head* … I’ll just stop there on the topic of exploits.

Just 1 of 1,000+ Other Sites on the Server

With over 1,000 other sites likely hosted at the same IP address (server) I wonder what the odds are that the server itself isn’t entirely compromised already? Source: http://www.reverseip.us/?url=teachchile.com

Running across this situation on a legit website isn’t something that happens anymore. I’m blown away by the seemingly legitimate operation being run on TeachChile.com.  Beyond notifying their contacts I’m not sure what else to do about it.  Should anyone beyond their posted contact be notified of this? Lets hope this application isn’t to teach web development. ^_^

The purpose of this post!

Be very aware of what you’re doing when you release personal information online.  In this case It’s pretty safe to assume that data submitted to TeachChile.com will become property of some nefarious individual. Unless you have some otherwise unobtainable insight in to what happens to your data after you submit it – be cautious.  It doesn’t take much for a web server to fall victim to an automated attack, especially and very specifically DATA because that’s what everything is all about anyway.  Nobody reads the ‘terms of use’ or ‘disclaimers’ anyway (and in many cases, neither do the writers of those things so they don’t identify how your personal information is being securely managed anyway; further – there is no code enforcement to ensure what you’re reading is in fact what happens) so it’s best to assume all the data you’re submitting to a website is going to be retained indefinitely by an individual or a staff that isn’t specifically driven by keeping your data safe. Most techs are extremely trustworthy however often quite lazy.  It doesn’t take much oversight for a whole database, server or better yet a cloud driven limitless data storage asset to become the property of an attacker.  It’s often just a password between the evil attacker and your personal information.  

Don’t EVER submit your Social Security Number or Passport information online.  Just don’t. Perhaps try using your dog or cat’s social security number as a temporary placeholder. ^_^

Helping our comunity by publishing the monthly newsletter

2013/09/03 Work No comments

Katherine Heights Townhomes

Z and I volunteered to create the monthly newsletter that gets delivered to all the residents of our community here in Katherine Heights. Our goal is to establish a publishing schedule, workflow, design template and ‘system’ in which most of the newsletter process could be automated. Since we’ve managed printed newsletters & digital E-Mail Marketing campaigns in the past we saw a clear opportunity to organize and implement a bit of organization. With a little structure & intent the whole process of creating, editing & publishing the newsletter should be much more efficient and error resistant through the automatic re-use of existing articles, schedules and so on.

This month we established the publishing schedule, basic workflow and setup & implemented the tools with which we (the front office, or whoever wishes to be responsible for it) will manage and maintain future publications.

We’ve been using podio to support many of our projects as well as our business workflow so it didn’t take much effort to setup a Podio Workspace for the Katherine Heights Newsletter.  Adding apps for Article management, built in version-monitoring for simple editing, discussions, reader input (both signed & anonymous), an events calendar and tied it all together with a publishing schedule to keep us on track.  With the workflow and information framework in place, starting in October we’ll be exporting data from Podio directly in to the newsletter template for printing.

If all goes well, by November we will have nearly completely automated the creation of every subsequent month’s newsletter.  A step up in quality, a step around unnecessary labor and errors, and a step in toward enhancing community involvement as we begin making the resources available for external input.  I’m excited – I love it when technology makes things easier rather then being a point of frustration. With a small amount of documentation created and stored in Podio I hope to see this more simple, efficient system stick around for a long time to come.

Here’s the front and back of September’s Newsletter.

[September-Front] [September-back]

Podio – Simple & Effective Workflow Resources

Migrating web hosts.

2013/08/30 Server Admin 5 comments

I’ve migrated more web hosts then I care to count yet it seems to remain for the most part a mystery and magic trick to migrate a hosted web service ( in this case I’ll stick to general web hosting ) from one server to another without fault or downtime.  In other-words a seamless migration.

I recently migrated a miscellaneous handful of web sites and associated services from GVO (Possibly the worst hosting company I have ever worked with) to Site5 (reasonable, affordable, simple hosting).  Here’s how I went about the seamless transfer.  In this case both hosts had cPanel & WHM however due to the websites on GVO being setup as add-on domains rather then standalone accounts I wasn’t able to just backup the whole picture in a single file and publish it to the new server.  The intent was to properly setup each domain as it’s own account (grouping some domains within a single account when it made sense to do so)

Logically the whole operation breaks down to individual domains or sets of domains most often simply redirecting to a single primary domain.

Information & Resource Gathering

Identify the Domain’s Registrar, owner and management credentials or the person responsible for managing (paying for) the domain name itself. This might be Godaddy, NetworkSolutions, etc. This information is easily sourced through a WhoIs Query.

Identify the Domain’s Name Servers and again, source the management credentials for the Name Server Zone File. Name servers are NS1.SOMETHING.COM and NS2.SOMETHING.COM and so on.  This information can be sourced from the Whois data as well. Managing a domains Zone File is often done within the existing hosting account’s control panel.

Review the domains Zone file.  Grab a copy of it even.  It’ll reveal all the sub-domains, redirects, mail server exchanges & so on.  These are all the items you’ll want to make sure migrate properly if necessary.

zone-file-editor

^^ simple zone file records ^^

Simple (standard?) web hosting can be broken down in to three primary elements.

  1. Files
  2. Database(s)
  3. E-Mail System

Files can usually (simply) be copied from the old server to the new server.  Keeping the file permissions in tact during the transfer is healthy otherwise ya end up with file upload folders like you find in WordPress that no longer allow files to be written to them.  This can get especially complicated in old school LAMP environments where apache runs as a single user. This is however this is not the case in most windows environments.

FTP User Accounts – Sometimes a client will have multiple FTP user accounts for various reasons – don’t overlook them.   Occasionally I’ve run in to situations where clients (or I) have setup automatic backups over ftp/sftp both to and from the web host.  Identifying the things you’re going to break before you break them is always handy.

Databases are another simple acquire -> post situation.  Given phpMyAdmin or MySQLDump just export the databases from one entity and then import in to the next.  I create new username/password combinations for simple websites and CMS systems like WordPress,etc. If for whatever reason you are unable to duplicate the previous hosts database name, user name and password you’ll want to update the configuration files for the website if it did make use of a database resource.   A last note on databases: It’s been a few years since I’ve seen any issues migrating from one database version to another but it’s still worth noting that if you’re migrating between different DB versions (such as MySQL 5.7 and 5.8) – be prepared for problems. Try and upgrade the old database or import and update the data before trying to import between database versions.

Consider purging the junk – It’s easy to simply copy all databases to a new host.  It’s prefer to not let the clutter and waste build on web servers.  I always think in the back of my head that eventually some old unused piece of code or database entry will be used to exploit something so it’s best purged when possible.  In most cases it’s not necessary but if files and content are not being actively used then their only real use becomes the target of exploits.

E-Mail systems are (in my opinion) best operated outside of the web hosting environment but since email hosting comes as part of the standard package of web hosting you’ll often find e-mail accounts and the mail exchange are all on the same machine.  I’ve been a fan of Google Apps for Business for my own e-mail which requires no changes during a host migration – just remember to maintain the same MX entries in the domain’s Zone File.

Setup the New Host

Matching the existing setup – configure the new host environment.  Transfer files, Databases, E-Mail accounts, etc.

To ensure no changes are made to the files and database (CMS content) on the old server while setting up the new be sure to disable any login systems, FTP accounts, etc.

After I think I’ve got everything setup on the new server properly but BEFORE updating any DNS, NS or otherwise making the new host live I add an entry to the Zone File on the old server or Name Server management resource that points to the new host and begin testing the environment with a subdomain of the existing domain. I also add the same detail to the new host just for the sake of consistency.  This is generally enough to test most CMS systems with little trouble.  While I’m making updates to both the old and new host’s Name Server Zone File configurations I also add a subdomain (A) record targeted at the old host.  It’s come in handy a time or two. In this case

  • (A) site5.domain.com  =   IP.Address.of.New.Host
  • (A) gvo.domain.com    =   IP.Address.of.Old.Host

Now – after doing as much testing as possible, get someone else to review what you’ve done.  Generally speaking the customer or client is not a good target for this task.  Just !ping another tech with whom you share system administration tasks, resources, and so on.  A quick review isn’t much to ask and will help make sure that nothing blatantly obvious was overlooked.

While your work is being reviewed setup some simple automated backups.   Don’t rely on your host in any situation as the sole overseer of the content you rely on them to maintain.  I’ve played every role there is from managing simple reseller hosting accounts to maintaining dedicated, collocated & self hosted servers and in the last 12 years I have seen catastrophic failure twice.  The first time – there were no backups outside of the host that crashed and I lost years of resources so no matter how wild or far fetched a failure would have to be to truly atomize everything beyond any capacity to recovery it – it can and will happen.  Prepare for it!

Then….

FLIP THE SWITCH

Update the domain name Zone File primary (A) record to the new server & then update the DNS entries of the domain at the registrar to the new site.

…and test. test. test.  Everything should be green – bring on the client to verify every page is perfect.  Run a link checker, monitor system logs, etc.  I use UptimeRobot as a 3rd party resource to see if my sites kick rocks outside of my own monitoring.  If you seamlessly migrated from one host to another then none of your uptime monitoring tools should have complained.  Further – google webmaster shouldn’t complain either.

I’m sure I skipped a bunch.  I’ll add it as I realize what those things are.

 

My Girlfriend is a Hacker…

2013/08/24 Life 25 comments

The definition of ‘Hacker‘:

A “computer hacker,” [then,] is someone who lives and breathes computers, who knows all about computers, who can get a computer to do anything. Equally important, though, is the hacker’s attitude. Computer programming must be a hobby, something done for fun, not out of a sense of duty or for the money. (It’s okay to make money, but that can’t be the reason for hacking.)

~ Brian Harvey (University of California, Berkley)

The fact that Zahira is an amazing tech has been obvious for quite a while however it really set in yesterday as I walked past her desk.  On it were the following things:

  • an iPhone 3G displaying what looked like a linux console.
  • a 21″ LCD extending the desktop of a Dell [model] laptop running Ubuntu Linux (BackTrack) testing our Netgear WNDR3700v2
    • After disabling WPS on the wireless router it seemed to advertise that it had WPS enabled.
  • a Dell i5105 running Linux Mint Cinnamon x64 – Her favorite Operating system second only to OSx Mountain Lion.
  • a 27″ iMac w/Terminal, Google Chrome, iTunes & the Console [log viewer] app visibly running and Synergy operating in the back ground allowing her to use the iMac’s Apple keyboard and trackpad seamlessly across all three devices.
  • an iPad leaning against it’s protective shell displaying a paused YouTube video.
  • an iPhone 4Gs in an Otter-box minus the rubber external shell so it fit in the iHome doc.

Seeing Z surrounded by linux and an an android icon laid over a CLi on the phone brought it home.  As long as I’ve known her Z’s demonstrated the same attitude toward tech which is essentially and very simply being intrigued by virtually every tech ‘thing’.

What I really enjoy though is the awesome moments of revelation when something she’s been working on -clicks- and all the dots come together.  I love helping everyone with their technical issues but it’s been quite a while since I’ve seen the glow of self gratification after all the research comes together and she figures it out.  It’s nothing short of inspiring. ^_^  It’s awesome.  And of course she’s always working on something cool while we progress through the actual IT ‘work’.

For example:

There’s a Dell D630, Dell E6400 and a Toshiba Satellite A135 S7404 sitting in my office right now running OSx.  A couple months ago with a couple hard drives in hand and a bunch of support tools she set out to install Mac OSx on every PC she could get her hands on. hehehe.   Then as if to contrast the situation: she helped me prepare, develop and use our “install anything” network boot environment which has since been used to deploy our own highly customized versions of nearly every Microsoft operating system on any device that supports PXE booting.  Perhaps the icing on the cake i that most all of the really interesting projects get reverted and undone shortly after their launch due to some reason or another – often times simply the lack of appropriate licensing but that never derails the completion of the project.

I believe her iPhone 4Gs, iPad and iMac are currently running stock iOS ^_^ and according to the network management resources on our gateway – her iPad and iMac (in that order) are not only the 1st and 2nd largest consumers of bandwidth on our network but those two devices alone out-weigh all the other devices on our network combined.!.  She consumes and retains information like it’s easy. lol

According to our logs – I’m a wierdo with a secret lust for ad networks and tracking servers while Zahira has watched all of YouTube a couple times. Which brings about my last major note for this post.  I am perpetually blown away by how good she is at not only researching and finding information that leads to logical answers but in the same effort of digging for information she makes it seem effortless to bring it all back and put it together in writing that she publishes for others (and myself) to consume. No matter the topic she produces the most amazing results.  When we were re-structuring TechnologyBytes business model she produced an intense Employee Handbook and business brochures.  While developing Think Smart, Inc as the Marketing director during startup phase she created quite literally everything from the logo, Mission Statement, Investor Presentation, business plan, marketing plan, brochures and many more marketing pieces.  All while proactively managing her own web presence, maintaining all her sites and writing all the original content.

 

Zahira, You’re amazing.  You’re pure inspiration and I’m blessed to be graced with your presence every day in and day out!  Thank you so much!  I love youl <3

 

A couple sites Zahira actively maintains:

A couple social profiles for the real Zahira Schmidt ^_^

Bio-Identical Hormone Treatment & James Abernathy

2013/05/29 Work No comments
Photo of James Abernathy

James Abernathy, PhD.

One of my favorite parts about developing business systems is that I’m always being introduced to new things or even just the idea of things my creative mind hadn’t even had the slightest notion of prior to being introduced while absorbing a new business model surrounding the product or idea.  This pairs well with another detail of business i’ve learned and find true and it is that the individual (personality and character) behind a business often shares many very strong similarities with the product and business model they represent.  James Abernathy is a great example.  Having recently joined forces with him and Tiffani Huckles representing True You Hormones which has teamed up with Think Smart to both further expand our collective health and wellness resources, I now have the pleasure of working in the same facility as James every day often working together.

Arabic and Java

2013/05/21 Laguage, Life, Programming No comments

Rosetta Stone in hand and Netbeans on screen I’ve taken to two new languages.  I have for quite a few years now wondered why I don’t have a firm grasp of Java and considering I’m an avid developer capable of effectively supporting furthering development of applications sourced in Perl, Ruby and PHP (yeah, I’m a web developer – ya got me) there’s really no reason why I shouldn’t have a solid grasp of Java at least to the level of being able to comfortably support an open source project if nothing else.  What makes the deal really sweet thought is that Zahira is brilliantly intelligent beyond any claim I could make here and she’s motivated to learn and understand the use of Java so that just seals the deal.  I’m personally 100% confident Java will be commonplace in our household within months.

On an entirely different thought process I have become the average american and seemingly let go of any ability to be understood by any means other then this sad representation of written and spoken language most of us call English.  Normally when I felt like this I would force feed some spanish and submerse myself with a vacation or enlist someone to communicate with me in spanish at some semi-regular interval.  This time however I’m in an awesome new situation in which many people in my immediate bubble can speak in Arabic so I’m taking the opportunity to jump in and for the first time in my 30 years of espanglish existence I am taking on a truly new language. The notion of copy/pasting some Arabic here crossed my mind but I’m at such a lack of knowledge that I’m going to submit this post and begin dedicating some time to understanding it right now.

Live Love Life!

A few Android Apps I’m fond of

2013/04/09 Android, Favorites 2 comments
Google Keep for Android Icon

Google Keep

I’m still mutilating phones as fast as ever. It seems I can find a new piece of corning gorilla glass’ weak point in moments upon first contact. Chaos or Fruedian slip … out of my hands and on to the which happens to be a more more ninja-esk structure… You get the idea.

Now, if this post could preclude the destruction of the next semi-functional droid I acquire – I’d be in good shape. ^_^

Any suggestions outside of a huge damage-proof shell for the next phone?  I’ll gladly replace broken phones over wrapping one in a huge damage resistant shell.

Learning to develope cCBT support software

2013/03/17 Work No comments

As the use of Information Technology resources continue being developed to allow every industry on the planet to operate more and more efficiently the education or collective knowledge required to effectively create useful software or business support systems grows with an equally fine tuned and focus.  It’s amazing to look back even 13 years ago where if you had a primitive understanding of HTML and could piece together a couple pages online that resembled a catalog listing products, prices and contact information to allow the viewer a means of ordering the listed products offline then you were generating revenue.  A couple years before that I and most everyone I knew at the time were in amazed with having access to simple services like Geocities and Hotmail.  Capitalism and Information Technology have been a happy couple every since those days which brings me closer to the topic at hand.

Amazing things happen at that long lost place we used to call the bleeding edge.  One used to be able to hang out there if you exercised a relatively sharp IT skill set and weren’t afraid to try something new. All you had to do was grab someone with a sharp industry specific skill set and collaborate to summon what I lazily categorized as business efficiency software.  Just make some business process more efficient or more cost effective then smile and watch that edge you’re on bleed.

Snapping back in to reality now – it’s 2013 and you can still create more efficient business support software and systems with just a healthy IT skill set and a solid drive to make things happen.  But, to find the bleeding edge and create something awesome in today’s market requires an amazing amount of skill in business, effective collaboration skills, an amazing capacity to communicate ideas across knowledge or language barriers and of course it’s all ideally based on a solid foundation of IT skills and experience.  I see a lot of stress put on individual personal capacity within the movers and shakers of today’s functional business class.  The results produced by people with the drive and capacity to absorb and create are nothing short of amazing and it’s those results that have aloud all of us to further close previous barriers and gaps making this world a very small place if you overlook the distance walking to Mc Donalds and let the Dominoes delivery parrot tell you a story while updating you as to the status of the materialization and delivery of your pizza. lol.

I’m partnered and working with Randee Van Ness, CEO of Think Smart, Inc and a Certified Cognitive Behavioral Specialist amongst an impressive list of educational achievements.  Randee created, grew and saw through to the successful exit of a local medical practice offering Cognitive Behavioral Therapy programs combined with nutritional counseling with an optional food delivery program.  The focus for us now and the big picture for Think Smart, Inc. is to modify the local business model she designed, enhance the CBT service programs to cover a larger range of health issues while restructuring the delivery to make  the services available online nation wide.  As you could imagine the integration with and development of the web based support software and systems makes use of a lot of technology further complicated by the sensitivity of the data and the need for everything to support the CBT model of fact-based results-driven change.  This means everything must not only be infinitely secure, exchange vast amounts of data of every type from static text and images to live, crystal clear video and audio, log all the data and technically demonstrate change within each individual case and comparatively across all.  It needs to do all this without coming across as complicated, better yet – it needs to be appealing in it’s use from the consumers perspective.

The whole topic is yet again made more entertaining by the fact that the idea hasn’t really grabbed hold in the US leaving a couple small companies (two of which don’t offer cCBT in English) to even get an idea of the playing field from. ^_^

I’m on it.!.  Lets make something epic!

Dust off the digits as daily digression… err, life documentation dawns again!

2013/01/15 Uncategorized 20 comments

There’s a major change of lifestyle that takes place when you ( in this I actually mean I ) take a major change of lifestyle.  Who knew? ^_^  One day I’m as close as one can get to virtually living online and then over night, because that’s how long it took to launch a physical storefront, my entire focus and drive polarized and although I got deeper in to the field of Information Technology and it’s effective use in today’s work environments none of my daily activities retained any of their previous repetitious foci.  A massive effort is undertaken, a directionally proportionate amount of education, experience and personal growth occur as an I created and grew an IT services company with a small team of partners that ultimately directed me back here.  A couple years in the real world operating a brick-n-mortar computer repair & IT services company happened fast.  I look forward to the highly structured yet equally fast pace web services again.  This should be an even more intense continuation of the epic journey I keep livin’ n’ lovin’ called life.

My focus with this effort is to shake up and then sharpen a few skills I could previously perform without thought.  Skills like documenting reality in the now and quickly writing instructions that can be easily translated in to action at the lack of my presence.  The desired result is ultimately attain excellence and far exceeding all expectations in reference to my work performance as the director of technology (Officially, the CTO) of Think Smart, Inc. I will be facilitating it’s hyper-efficient development on it’s way to the blindingly brilliant company it’s already materializing to be.

Every time I look back on the crazy path behind me I realize I’ve done some intensely great things, some very cool things and some immeasurably crazy things but I believe that even after focusing on and achieving one awesome interest after the next, my focus right now has got to be the greatest, most rewarding one yet! Even considering the occasional anxious concerns, fears and other associated discomforts due to the given path – It doesn’t get any better than this. No path, team, or destination compares.  This already won. ^_^

Time to focus for a bit.  I look forward to detailing a relatively nonsensical blend of life and work here as I did in the past.

Think Smart, because it’s good for ya.

If you haven’t met my counterpart Zahira Schmidt, here’s a couple links.  

Welcome to Colorado

2011/05/20 Work No comments

Wholy crap. I live in Colorado!   Yeah, the fabric of time n’ space totally shredded and here I am!  It all started when I took a nap in the car after driving through an intense snowstorm…  I followed the rabbit.

Colorado is undeniably beautiful.  I love this place. I’ve met some great people here and really enjoy the overall feel of the place. Having four seasons -every- day is a little intense at times but that’s what layers are for. There’s somethin about snowpants over a swimsuit that just works. ^_^

I’m the President of TechnologyBytes, a Computer repair, IT and Web Services Center @ 1348 N Academy Blvd, Colorado Springs, CO 80909 (719) 422-5010 which I operate with my Dad. We’re just getting settled in but we’re open 8 to 8 every day & if you can set the fresh paint smell aside we’ve got great pre-launch pricing.!.

I’ve never been so centrally located. There’s tons of people, stuff, traffic, places and craziness every square block. I love it. Being closer to stuff like my nieces & nephews is also very cool. Since both of my brothers decided to go military I figured the kids might need some uncorrupted corruption. ^_^ My Sister Crystal (My brother Matt’s wife) says Matt n’ Chris do in fact live here. I have yet to see them since I’ve been here but that should change soon. Active duty insanity has them over seas right now. Liam and I kick it… Usually burning stuff. =) Crystal n’ Matt’s house is fun. Hehe.

« Older Entries   Recent Entries »