2

TDot’s Tips: Tighten up your digital life

Posted by T. Greg Doucette on Jul 16, 2010 in TDot's Tips

Hey everybody :)

Today was another mediation day in court as part of my volunteer work with the ADR Clinic at NCCU Law. My co-mediator and I only had two cases, but they both involved actions seeking protective orders to prevent one party from contacting the other.  The first case involved a lady being harassed by one (or more) of her fiancé’s ex-girlfriends, including being the target of a fake Facebook profile, a fake profile on some dating site, and so on.

The lady being harassed was justifiably upset, and had initiated a criminal investigation along with bringing every piece of documentation she had to the court hearing. But the ex-girlfriend accused of doing the harassment was adamant that she wasn’t involved at all — claiming that in fact another ex-girlfriend was impersonating her.1 :crack:

The whole hearing was filled with talk of IP addresses, passwords, email accounts and other Computer Science-y stuff.2 I’m convinced they were both being less-than-honest, but at least they got this particular issue resolved for now.

But given how much of our lives are now online, and how trivially simple it is to compromise our digital security, I thought I’d share a handful of easy tips to help you tighten up your digital life :)

Quick disclaimer: In computing, there’s no such thing as “total” security. Everything can be hacked with enough time, ingenuity, and computational effort — and anyone who tells you otherwise is lying to you ;) Your objective as a user is just to make sure that the time / ingenuity / effort that would have to be spent to compromise your security is worth more to the attacker than the value of what you’re securing.

====================
1) STRENGTHEN YOUR PASSWORDS
====================

Passwords are so ubiquitous online that even non-tech-savvy computer users often have several of them. The problem is that we have so many passwords on so many sites that they’re almost impossible to remember without making them simple, which also makes them easy to compromise.

There are a variety of ways hackers try to break passwords. “Dictionary” attacks use regular words as password guesses. “Brute force” attacks try every possible password combination. “Rainbow tables” are used to try and crack encrypted passwords. The list goes on.

You can limit the success of these attacks by making some really simple changes:

  • The longer a password, the better the security. This makes intuitive sense to most people but you’d be surprised by how many folks have passwords of only 6-8 characters. Your password should ideally be twice that long or more, which in turn requires far more effort on the part of hackers to figure it out.
  • NEVER use regular words in your password. Remember those “dictionary” attacks I mentioned? They use dictionaries of common words/names/places (often coupled with numbers) to guess a password. If you’ve only got regular words as your password, odds are good it will be compromised.
  • Use all available character sets. If you’re a user of the Latin alphabet (ISO 8859-1) you typically have 4 groups of characters you can use in fashioning a password: lower-case letters a-z, upper-case letters A-Z, numbers 0-9, and symbols like $ and @. The vast majority of passwords only use one or two of these groups, and that makes them much easier to hack. For example, someone with the 8-character password “thomas08” is only using two groups, so a cracking program only needs to try at most 2.1 billion possible combinations before guessing it correctly (since there are 26+10 possibilities for each character and therefore 36^8 possible passwords). That seems like a lot, but a typical brute force attack using just one computer can guess 30 million passwords every minute. So in the very best case scenario, where the password only gets figured out on the very last guess, this password will be cracked in a little over two months. But slightly tweaking that password to something like “tHom@s08” makes it far more difficult: now all four character groups are used and there are 94 possible options for each character in the password (26 lower-case, 26 upper-case, 10 numbers, 32 symbols) so a hacker needs to try over six quadrillion combinations (94^8 possibilities) — or guessing 30M passwords a minute for roughly 386 years.
  • Don’t re-use passwords across multiple sites. This common-sense principle is also frequently ignored. Password security not only depends on the strength of your password but also the strength of protection used on the website storing it. If something happens where Facebook or Google get hacked and your password is compromised, far more damage can result if you use that same password at other sites. Whenever possible, use a different password at every site you access to limit the problems caused by a security breach.

====================
2) TURN OFF UNUSED SERVICES
====================

Computers are useful even when they’re disconnected from the rest of the world, but the really fun stuff only happens when computers talk to each other. Accessing websites, sharing files, using Bluetooth accessories — each of these options uses a different “service” on your computer, basically opening a tunnel to the outside world through which other computers can communicate with your own.

If you’re not using a specific service, but the service is still turned on, it’s basically the equivalent of leaving a door to your house wide open. Someone may not come in and steal anything… but why take the chance? :P

Turn off all network services you’re not going to use. The exact details of how to turn things off varies greatly depending on your operating system so I’ll skip detailing it here, but a quick Google search on “turn off unused services” will get you results on how to turn things off in Windows XP, Windows Vista, MacOS X and more.

====================
3) BOOST YOUR WI-FI ENCRYPTION
====================

Wireless communication is rapidly replacing wired networks as the preferred choice for home and corporate users. Wi-fi networks provide far more flexibility in terms of how and where we can use a network, but it comes with a significant security tradeoff: electronic eavesdropping by hackers using readily-available software.

To limit the impact of eavesdropping, encryption algorithms have been developed to secure the data being broadcast over a wi-fi network. Unfortunately some of the most widely used algorithms — specifically Wired Equivalent Privacy (or WEP) — are also the weakest. The WEP algorithm is often the first choice presented to a user setting up his/her home router, even though it has been deprecated by the IEEE because it is inherently insecure. Any WEP-protected network can be compromised in 5 minutes or less with publicly-available software :surprised:

And once someone has access to the unencrypted contents of your wi-fi network, they get to see everything being transmitted by your computer (including websites, passwords, account numbers, and so on).

If at all possible, you should be using at least WPA2 security with a key that follows the same strong-password techniques I mentioned in #1 above. Even the most-secure WPA2 network can be compromised, but it will take so much time/effort that all but the most-determined hackers won’t bother to try.

====================
4) FACEBOOK: LOCK DOWN YOUR PROFILE WITH LISTS
====================

Despite all the outrage regularly heaped on Facebook (not without justification) the social network site deserves some credit for at least trying to have a robust privacy architecture. In addition to being able to restrict access to “Friends” or “Friends of Friends” or “Everyone”, you can also create lists to include whoever you designate — and these lists can, in turn, be used to limit access to parts of your profile.

For example, if you’ve got “friends” on Facebook who you don’t know that well, you can create a list like “People I Don’t Know”, put those folks on it, and then change your privacy settings so no one on that list can see things like your wall or your date of birth or your photo albums.

The reverse also works well: you can block access to sensitive info for everybody (like employers ;) ) and then allow access to selected lists with bona fide friends on them.

The whole process can be tedious and time-consuming, but can be a great help in protecting your identity.

====================
5) FACEBOOK: BE CAREFUL WITH REGIONAL NETWORKS
====================

While we’re on the topic of Facebook privacy settings, many folks join regional location-based networks (“Raleigh/Durham” for instance) without realizing the security implications.

Many of your profile’s security settings are configured by default to allow access to your friends and your networks. But since no email address is required to join a regional network, basically those settings enable literally anybody to join a regional network that you happen to be in, and then have access to your entire profile unless/until you lock it down.

I’ve never joined a regional network myself for that reason, but if you decide to join one make sure to adjust your privacy settings to limit what people in your networks can see.

====================
6) BE AWARE OF WHAT YOU SHARE…
====================

People like social networks because of the sense of intimacy they provide, and that in turn tends to create “overshare” — disclosing information that you’d never reveal if you noticed thousands of people were watching (which they typically are on Facebook and elsewhere).

For example, how many of you have your full date of birth (including the year) on your Facebook profile?

If you raised your hand, did you know that in many states someone’s name and full date of birth are the only things needed to access things like their full voter registration profile… which almost always includes a residential address? Most of us would never randomly announce our birthday in a room full of people, but we do it online without thinking. Complete DOB’s on Facebook profiles are a stalker’s dream come true.

This and other information gets shared with everybody every day on social networks. Be aware of what information you’re revealing publicly and how it can be used by others.

====================
7) …AND CONFIGURE PASSWORD-CHALLENGE QUESTIONS ACCORDINGLY
====================

Another example of the security implications of overshare: learning the answers to password-challenge questions.

Those of you who paid attention to the 2008 presidential elections may recall that Sarah Palin learned this the hard way. On most websites, if you’ve forgotten your password typically you can answer one or more “challenge questions” that are supposed to have answers only you know. Figure out the answer, and you get access to the password or the ability to create a new password.

One of the most common challenge questions: “what is your mother’s maiden name?”

Seems innocuous enough, until you notice that the vast majority of women on Facebook include their maiden names in their profile, and many of the mothers have their sons/daughters linked to their profile. I actually once fell into this category: I have my mom listed as one of my parents, but she has her maiden name as part of her profile. So because of that I had to go through several websites and change my challenge-response questions.

The same applies to other information as well. A close friend of mine once blew me off when I told him he needed to do a better job securing himself online, insisting to me that his information was secure and that he’d buy me a fifth of vodka if I could hack one of his accounts. The challenge question to access the website for his student loans was “What was the color of your first car?”… and his profile picture on both AIM and Facebook was him standing in front of his ’98 Wolfpack red Mustang.

Needless to say I enjoyed the vodka :D

Go through all of your challenge-response questions on each site you use, and make sure the answers are information that can’t be easily figured out from your publicly-accessible information on Facebook, Twitter, a blog, or any other sites you use. Otherwise you might be unknowingly giving access to your information to anyone who wants it badly enough.

====================
8) SEARCH FOR YOURSELF PERIODICALLY
====================

Don’t hesitate to occasionally do a search on your name to see if anyone is impersonating you or has compromised your information. We can get free copies of our credit reports each year to verify our financial health, but few folks realize they can easily check the internet to detect if their information has been compromised as well.

Besides, odds are good potential employers are going to do a Google search on you as part of their background check anyway. Shouldn’t you already know what they’re going to find? ;)

====================
9) LIMIT WHAT E-COMMERCE INFO YOU STORE ON VENDOR SITES…
====================

Along with your passwords being at the mercy of a website’s security, the same is true for any credit/debit card information you store with a vendor. Stories of vendor databases being hacked and credit cards being revealed are all over Google yet people still choose to store that information on vendor sites for the sake of convenience.

Don’t do it.

I know it’s annoying to go grab your credit/debit card when you want to make an online purchase, especially if it’s a website you use frequently. But the inconvenience that can be caused by your credit card being compromised by hackers is far bigger than the minor inconvenience of entering in a number each time you use it.

If you do choose to store credit card information online, see if your banking institution provides an automatic card number generator. These are slowly becoming more common with banks and essentially let you create a bunch of “temporary” card numbers linked to your real account, with different restrictions on how long they last or how much money can be charged to them. Using these temporary numbers limit the fallout if a vendor’s database gets hacked.

====================
10) …AND MOVE QUICK IF SOMETHING IS WRONG
====================

If, God forbid, you have the misfortune of having your identity stolen — or being harassed by your fiancé’s ex-girlfriends — make sure to move quickly.

Certain information about you is logged every time you do something online. For example, just by reading law:/dev/null or any other blog your computer has shared your IP address (the numeric address designating what computer you’re using to access the site), the browser you’re using, your operating system, and so on. Almost every single site you ever access, especially things like social networks or financial institutions, keep all this information in case it’s ever needed by law enforcement.

The catch is that a lot of this info is only stored for 30 days. If someone has hacked into your email or your Facebook account or something similar, you’ve got a narrow window of time to notify law enforcement to help catch the people responsible. And if someone has obtained your financial information, usually you have to notify your bank immediately to use any identity theft protection they might offer.

Theft of your personal information is one of those instances where procrastination is a certifiably Really Bad Idea™ ;)

***

Hope y’all find this info useful :) And if you have any computing security tips of your own, feel free to share them in the comments! :D

Postscript: I’d also like to thank professors Sammie Carter and Dr. Annie Antón for their respective Introduction to Computer Security and Privacy Policy, Technology & Law classes at N.C. State. Even though I was among their worst students, I promise I really did learn some things :)

—===—

Past TDot’s Tips entries:

  1. It was at least a plausible claim, as the criminal investigation had apparently implicated two other ex-girlfriends in addition to the defendant in this case :crack: []
  2. It was entertaining watching their reactions when they found out it was my major at NC State. []

Tags: , , , ,

 
3

Summer and my Goldilocks problem…

Posted by T. Greg Doucette on Jul 15, 2010 in The 2L Life

Summer hasn’t exactly turned out quite like I expected.

The first half of it was entirely too fast for my liking, with summer session classes taking the concept of “intensity” to a whole different level as professors crammed 15 weeks of lectures into 5 weeks of classes. It turned out for the best — the single-minded focus helped me earn my first two bona fide A’s of my tenure at NCCU Law — but I’m a fan of being able to occasionally breathe every now and then without feeling like I’m wasting time doing so ;)

The second half, on the other hand, is going entirely too sllloooooooowwwwww for me. I’ve only got mediation work with the ADR clinic on Mondays and Fridays keeping me busy, and the days in between are completely structureless. Normally during the academic year that’s great because it means I have a free day to dedicate to a typically lengthy to-do list.

Having that degree of freedom 5 days a week, though, is having the exact opposite effect: since I know I’ll also be free tomorrow, and the day after that, and the day after that, I keep putting off doing anything productive and have a growing backlog of stuff to finish in a shrinking window of time :beatup:

Case in point: I’ve got 4 draft blog entries still to proofread (2 from last week and 2 from this week) along with updating y’all on the Spring final exams I got back and the GPA cutoffs I extracted from the registrar’s office for Monday’s entry on class ranks. Not to mention posting the URLs to Twitter and Facebook so I can continue the shameless attention-whoring I started last month ;)

And that’s just the blog. I’ve got a laundry list of projects I need to work on for UNCASG and SBA before 1L Orientation kicks off, and at some point I really need to clean up the kitchen before things start growing in there.1 :sick:

Still in search of a summer structure that’s “just right”. If any of y’all find it, let me know. Until then have a great night! :D

  1. Of course instead of doing it now, I’m writing this blog entry and then heading to bed so I can get up for mediation in Raleigh in the morning ;) []

Tags: , , , ,

 
-

In case you missed it…

Posted by T. Greg Doucette on Jul 14, 2010 in In Case You Missed It

…all of the entries from last week have finally been edited and posted, following what I’m pretty sure had become the single greatest writing backlog I’ve ever had in my life :beatup:

Here’s a quick listing to help you get caught up, in chronological order:

Sorry again for the delay y’all  :oops: Hope you enjoy! :)

Tags:

 
1

Things I will not be doing with my law degree #1

Posted by T. Greg Doucette on Jul 13, 2010 in The 2L Life

Mediating hearings involving Medicaid and the NC Office of Administrative Hearings :beatup:

Yes, I do realize it’s probably not the best idea in the world to swear off potential employment options during one of the worst legal economies ever.

But… ugh.

Earlier today I headed down to Raleigh to join the good folks over at Carolina Dispute Settlement Services, to help mediate a pair of cases as part of my volunteer work with the ADR clinic at the North Carolina Central University School of Law. The cases for today were both from the NCOAH, which basically deals with just about any kind of dispute or claim involving the state government — including reductions in allowed Medicaid services.

Essentially the state has hired a contractor to evaluate Medicaid services on a person-by-person basis each quarter, and to determine during that quarter the number of “units” (15-minute increments of service) a given patient is allowed to receive. The patient and his/her physician(s) are notified and given the chance to appeal if they don’t like the number of units authorized. In appealing a determination, the patient or his/her physican(s) (dubbed the “Qualified Professional” or Q.P. in the hearing) have to prove the services reach the threshold of “medical necessity”; fail to do so and the appeal gets dismissed.

The first case was so flagrantly absurd that alarm bells kept going off in my mind that this had to be Medicaid fraud. The patient was only going to therapy once a month. The “Qualified Professional” who was representing her in the hearing didn’t know some of the most basic medical terminology1 and clearly had no clue about her treatment history.2 The argument against the reduction in allowable service hours kept focusing on “the team” — the group of physicians administering treatment — and whether “the team” would have enough money to operate without the added units… not on whether the patient needed or would benefit from the treatment.

And during the questioning back and forth it came out that some of the “treatment” involved things like a physician’s assistant going to the patient’s home and driving her to the grocery store and back. In other words, not actual treatment :crack:

The lady representing the State of North Carolina (justifiably) refused to budge, and the hearing was over 15 minutes after it started with the appeal essentially withdrawn… and me wondering why we even have Medicaid if it can’t be properly administered.

Then we have another hearing a few hours later, and my mental pendulum ends up swinging to the opposite extreme…

The patient was an adult male with mild retardation, who was sexually molested by his mother regularly up until he got married, and hasn’t been able to successfully keep any kind of regular employment since because he talks to anyone who will listen (including co-workers) about his sexual trauma. He has since married a woman 20 years his senior, who has 4 kids of her own (3 of whom are also mildly retarded), and they’ve moved in with one of the daughters-in-law in what is charitably described as a non-conducive environment for developing normal familial relationships. Meanwhile the mother keeps pleading with the patient to divorce the wife so the mother can have him back, the patient is depressed and insists on having sex with his wife at least 3x a day to keep him happy, one of the daughters is also depressed and has gained so much weight from eating that she’s on the verge of death, etc etc etc.

The story goes on, but you get the picture.

The rep for the State tried to make the argument that physicians can’t rehabilitate someone who was never habilitated, basically saying it wasn’t Medicaid’s job to help this particular individual and he needed to look elsewhere for treatment. Fortunately the patient’s representatives in this case were the polar opposite of the QP in the earlier hearing, with two physicians, the treating psychiatrist, and a manager of the medical firm all at the hearing and responding with boatloads of data and medical information pretty thoroughly detailing the medical necessity of continued treatment.

Even though I was there as a “neutral” third party, while the parties were talking back and forth I could feel myself getting angry that the government was even considering cutting treatment for this guy, when they allowed any treatment at all (even if it was a reduced quantity) for the first case :mad:

The hearing for that one took over an hour, but eventually the representative for the State acquiesced and agreed that the patient would get the extra units of treatment per week requested in the appeal… at least for the next 90 days, when the case comes back up for another review :beatup:

It was an interesting learning experience, but I don’t see me being able to do this type of stuff professionally. I’m already not a fan of doctors or government so I end up hating both sides. And honestly sitting through a long detailed analysis of the travesties facing some folks receiving indigent care (like the 2nd hearing) really crushes the spirit.

I’m not trying to be Pollyanna-ish and pretending like those travesties don’t exist, I’m just saying I’ll let someone with the emotional stamina to deal with it every day handle these cases while I devote my time to locking up people who do things like molest their developmentally-challenged children into their 20s…

Hopefully the rest of you had a more cheerful day than I did :) Have a great night y’all! :D

  1. For example, the different between a delusion, a hallucination, and an intrusive memory. I’m not medical expert, but I know enough to know these are 3 different things. The “QP” did not :crack: []
  2. Pausing the hearing multiple times to turn to the patient and ask information about her treatment, but not letting the patient speak herself. []

Tags: , ,

 
-

Learning what I already knew

Posted by T. Greg Doucette on Jul 12, 2010 in The 1L Life

Class ranks got released today, and I got to re-learn what I already knew from my 1L GPA: I’m a decisively average student :beatup:

I rank 62 out of 157 1Ls. That puts me at a hair’s breadth inside the top 40%.

At least it's better than undergrad ;)

The chart to the right shows where I’m at, though not much else. I’m not sure if the registrar will be allowed to provide us with the GPA cutoffs for a given percentile, or how many of those in the bottom 50% are folks going home for not making above a 2.0 — if I can get that info I’ll update the chart to something more meaningful.

I did notice that if we were at 157 1Ls in April (I think this # excludes the evening students), that means we had already lost 12 of the 169 folks who started in the day program back in August. My assumption is that we’ll lose about 20 more students due to the GPA cutoff, putting our cumulative 1L attrition near the historical 20%ish mark. That’s all just speculation though.

On the bright side, I consider this a remarkable improvement over my undergraduate career :D

When I finally made it through N.C. State my 2.612 GPA placed me firmly in the bottom 25% of our 166 graduating seniors in the Computer Science Department, a byproduct of my spending far more time advocating for students through the Student Senate and UNCASG than I did writing code in front of a computer. My chronic bad grades were sufficiently legendary that I was even introduced to someone at a CSC function as “the George W. Bush of N.C. State’s Computer Science Department” — because I “can successfully run the world, but can’t successfully pass [my] classes.”1  :beatup:

One year and a strict-C curve later, and I’ve vaulted from the bottom quartile to just short of the top third with a mere +0.066 change in GPA.

It might not net me any BigLaw job offers or a spot on the law journal, but I’m gonna go ahead and call that a success ;)

Heading to bed so I can get up early for some hearings tomorrow — observing and/or co-mediating a pair of Medicaid appeal cases from the NC Office of Administrative Hearings ::joy:: Have a great night y’all! :D

  1. Though, for the record, I still considered it a compliment because I’m still a W fan :P []

Tags: , , , ,

 
1

Anyone else get a random spam spike?

Posted by T. Greg Doucette on Jul 11, 2010 in Technology

Anyone who runs or reads a blog knows comment spam is a royal pain in the @$$. Fortunately there are software tools like Akismet that screen out most of the mess. The (minor) tradeoff is that you have to go through the comments flagged as spam just in case there’s a false positive.

Here at law:/dev/null we’ve averaged about 6 spam comments a day pretty much since we started, with an occasional jump here or there to a dozen or so. But for some reason over the past couple days there’s been a huge spam spike. Here’s a screenshot of my Akismet stats:

Random spam spike...

Anyone else had similar spam activity over the past 48 hours? I haven’t made any recent software changes that would expose the blog to attack, so I’m assuming it’s just elevated botnet-type activity. But I’d like to see if this is a localized phenomenon in case I need to take more steps to harden the server.

Insights from fellow blawgers are appreciated :)

I’m also going to work on some back-end tweaks before going to bed tonight. If somehow I accidentally block you from commenting, send an email to tdot [at] lawdevnull.com and let me know so I can fix it :*

Tags: ,

 
1

I see why the 2Ls enjoyed this so much…

Posted by T. Greg Doucette on Jul 10, 2010 in The 2L Life

…the whole “mentoring 1Ls” thing, that is :)

Over the last 1.5ish weeks I’ve had a handful of incoming Legal Eagles ask for insight into their professors, tips for Orientation, and other general advice on what they can expect in their first year at the North Carolina Central University School of Law.

It’s been a lot of fun interacting with them over the past couple days — partly because I just enjoy being a teacher/mentor in general (the highlight of my time in Student Government next to saving students $25M+), but mostly because it brings back memories of the uncertainty and curiosity and excitement and general cluelessness that came with being a 1L myself ;)

I think the SBA is going to be compiling an FAQ on things we wish we would have known as 1Ls, so I may defer posting anything on that score until the FAQ gets wrapped up. But if you’re an incoming student at NCCU Law and you’ve got questions, feel free to ask! :D

Tags: , , ,

 
2

Don’t say I didn’t forewarn you

Posted by T. Greg Doucette on Jul 8, 2010 in Randomness

From almost a year ago:

Disclaimer for any of you who become regular readers:  any time I write that I’m going to do/say/explain something “tomorrow” or “soon” or “shortly” or any other chronologically-oriented word that would indicate a time horizon in the relatively near future, add at least a week or two to it.

The blog posts from vacation are coming. Really. Promise.

:beatup:

Tags:

 
-

I’m still here

Posted by T. Greg Doucette on Jul 6, 2010 in Randomness

Sorry for the long disappearance y’all. I’ve been on a mini-vacation for most of the past week and have a half-dozen draft entries in a not-quite-ready-for-publication state that I planned on posting during that vacation… but things didn’t quite turn out that way :beatup:

I’ll try to get them up over the next 12ish hours now that I’m back in the Bull City :)  If you’ve sent me an email and I haven’t gotten back to you yet, I’ll reply by the end of the day!

Tags:

 
-

Spontaneity FTW

Posted by T. Greg Doucette on Jul 5, 2010 in Randomness

One of the things I’ve always hated about most vacations is how the last day usually gets wasted. Packing, traveling home, unpacking, etc etc etc — it’s a pretty blah way to end an otherwise-fun excursion.

So 雅雅 and I decided to fix that with a random side trip down North Carolina’s Outer Banks :D

Even though I frequently take the back roads home to visit Nan & Pops, and I’ve been to Elizabeth City State University several times back when I was President of the UNC Association of Student Governments, I never actually made it the extra few miles to North Carolina’s oceanfront. It was a totally different experience compared to what I was accustomed to growing up in the most populous city in Virginia.

I don’t know what exactly I was expecting, but what I found definitely wasn’t it. And I mean that in a good way :)

But I’m getting ahead of myself. First we crossed over the state border and stopped in Moyock, the global headquarters of Xe Services LLC (formerly known as Blackwater). The folks at the visitor’s center in Moyock loaded us up with various maps of the Outer Banks area, and we continued on our way south down US Highway 158 S.

One of the spots on the map was a shop called Lammers Stained Glass & Gifts. Originally we were planning on skipping it — folks selling stained glass didn’t exactly strike us as something worthy of “tourist attraction” status — and I actually did drive past the building as we headed south. But after seeing the shop on the drive-by, deciding it looked interesting, and concluding we had plenty of time for sight-seeing, we turned around and went in.

I’m glad we did :D

First, the place is almost comically huge. From the road it looks tiny, and even the room where you enter through the front is only about the size of my living room (roughly 187ish square feet). But then you walk in… and notice there’s another room. You walk into that room… and see another room.  You go in there… and see another room.  Then there’s a long hallway.  To another room.  Attached to another room.  Attached to a whole separate building. :crack:

Just in case there's any doubt about my career aspirations ;)

We’re talking almost 9,000 square feet total, with nearly every single inch packed with various types of stained glass, crystalware, ornaments, frames, jewelry, and various other odds and ends. The building in the back is a practical warehouse of antiques with all sorts of cool stuff you’d typically see on a show like Pawn Stars or something.1

Given my future vocation, I decided to grab something for my living room window before we left :)

After spending about an hour at Lammers Glass, we then resumed our journey south and east to the Outer Banks, then pivoted north toward the Currituck Beach Lighthouse.

As we’re driving through Duck up toward Corolla (where the lighthouse is located) one of the things that is hard not to notice is how isolated everything feels.  NC Highway 12 is basically just a two-lane road in most places. It seems like a phenomenal place to vacation2 but the first thought that ran through my mind while I was driving was “wow it must be a real pain in the @$$ to evacuate during a hurricane.” :beatup:

The whole area is incredibly beautiful. We got to the Currituck Beach Lighthouse about 45 minutes after leaving Lammers, and walked around the lighthouse grounds to check out the guardhouse and such. 雅雅 didn’t like the idea of paying the entrance fee to climb the lighthouse3… but really didn’t like the idea of waiting around while I climbed it, so we both started up the spiral staircase of the ~15 story structure.

View from the bottom (L); View from the top (R)

The view at the top was pretty amazing :) I took a bunch of photos to stitch a 360º panoramic view together, but until I get around to finding some software for that purpose you’ll have to settle with this single shot of the Atlantic Ocean :P

After hanging out at the top for a few minutes to snap photos and soak in the view, we headed back down and then ventured over to the gift shop.4 Some of the items in the shop reminded us that we needed to check out Corolla Beach, so afterwards we decided to see how far north we could get on NC-12. Feral horses roam all through the northern reaches of the Outer Banks, but the whole area is only accessible by 4-wheel drive vehicles because it’s not paved — you basically have to drive along the shoreline until you get to Carova Beach, adjacent to the Virginia border.5

But with my non-4WD Ford Focus, we decided discretion was the better part of valor and turned around about a quarter-mile in once I noticed the sand starting to pile high :beatup:

From there we headed south back toward Duck (population: ~500), where we stopped for lunch at the Sunset Grille & Raw Bar. Their outdoor seating area is set on the Currituck Sound so we got to enjoy the view while enjoying a superbly-cooked cheeseburger, french fries, and sweet tea :) After that I pulled out my BlackBerry, consulted Google Maps, and we decided to head south toward the Wright Brothers National Memorial down in Kill Devil Hills.

We checked out the building, which includes exhibits on the history of the Wright Brothers, pieces of the planes they built (as well as a replica), and other historical items about flight such as the first military aviation folks, the first female pilot, and so on. After that we ventured out toward the granite markers that designate where the Wright Brothers’ plane landed on each of their 4 test flights… and came to a realization.

Before reading further: don’t judge me please :oops: ;)

For whatever reason, when I learned about the Wright Brothers in my K-12 education I had the impression they took off from the nearby hill where the monument stands. I never really got the big deal, since if they took off from the hill and landed on the ground below they weren’t really “flying” so much as gliding to the ground. But standing there, seeing the piece of railroad track they used to take off, realizing (20+ years later) they took off and landed from the same height — I could only imagine the exhilaration they must have felt by that achievement!

Thinking I must have just been remembering my childhood years wrong, I told 雅雅… who admitted thinking she got taught the same thing. Maybe that’s a weakness in the current K-12 curriculum since we came from 2 entirely different states but both recalled getting taught something inaccurate? :beatup:

Anyhow, at this point 雅雅 and I were both pretty exhausted from all the walking around but I couldn’t resist heading over to the aforementioned hill so I could check out the monument. Similar to being at the top of the lighthouse, it’s a long climb but the view from the top is worth it :) I recorded some video on my camera phone to give you an idea of what it’s like.  I start off facing the Atlantic and circling around clockwise. The field you see at the start and end of the video is the area where the Wright Brothers made their first successful flights; the sound you hear is the wind whipping around like crazy :beatup:

After heading back down the hill and checking out the recent additions in the pavilion — which includes a replica of what Kitty Hawk and Kill Devil Hills were like back in 1903 as well as information chronicling the history of flight since then — we once again consulted Google for the nearest tourist-worthy attraction and decided to head over to Roanoke Island.

On our way there we happened to pass by the Lone Cedar Cafe, owned and operated by state Senator Marc Basnight (D – Manteo). President Pro Tempore of the North Carolina Senate, Basnight is widely considered the most powerful politician in North Carolina. He never went to college but is a tremendously huge supporter of the 17-campus University of North Carolina and ensuring NC students have the ability to pursue a quality higher education in this state :surprised:  Even though I’m a fairly conservative Republican, and I disagree with the Senator on a fairly wide range of issues, I consider myself a Marc Basnight fan just based on his support for higher education.6

This live oak is 400+ years old!

Roanoke Island is home to the Lost Colony and is part of modern-day Dare County, named after the first child born in the Americas to English parents. Once we got on the island we headed north just before realizing it was getting near closing time for government agencies. We skipped past the NC Aquarium and instead headed toward the Elizabethan Gardens, an English pleasure garden built half a century ago in tribute to the colonists. The whole trail through the gardens is about 1.5 miles. I’ve never been a garden type, but I see why people enjoy stuff like this ;)

Particularly cool was a super-massive-huge live oak tree that is 400+ years old — basically meaning it was there in that same spot when those colonists first set up shop on the island! :eek:  It’s pretty neat being able to stand underneath a tree and imagine that someone four centuries ago once stood in that exact same spot of that exact same tree :)

By the time 雅雅 and I finished checking out the gardens, it was a hair past 7:00pm and time for us to start making the 3.5-hour drive back home to Durham (we had left Virginia Beach around 9am :surprised: ). We took US Highway 64 W, following along the Alligator River before seeing endless fields upon fields of North Carolina’s famed agriculture.

After driving for about 2 hours we decided to stop for dinner in Robersonville, a teeny-tiny town of roughly 2,000ish people7… and home to the most technologically-advanced Bojangles’ restaurant I’ve ever seen :crack:

The building was brand new, and included all of the “green” tech stuff you’d expect from a new building. The registers had the gizmos in the front where customers can swipe their own credit/debit card (an anomaly for Boj’s restaurants in the Triangle). There was free wi-fi. Even the bathrooms had Dyson Airblades — the first time I had ever seen them, and which worked surprisingly well.

Needless to say it was a fitting end, having dinner at a tourist-worthy Bojangles’ after all of the other bona fide tourist attractions we spent the entire day checking out :D

Folks who have worked with me know I’m an obsessive planner, and I’ve never been one to randomly take the day off and go somewhere out of the ordinary. But once I’ve cleared some days in my calendar as “time to go adventure” days, I absolutely love not having the slightest clue where I’m going and instead just figuring it out as I go along. I’ve spent a ridiculous amount of money over this past week, but it has undoubtedly been the single best vacation I’ve ever had for that reason alone: no work, no Student Government, no class, no excuses for staying tethered to life back home — just taking a few days off to unwind and explore without a set schedule or agenda.

It’s good to be back in the Bull City of course, but that was definitely a blast :) And it reminds my why I’ve made North Carolina my home for the past 12 years ;)

  1. Including restored gas pumps from back in the early-1900s :surprised: []
  2. Definitely more laidback than Virginia Beach. Example: it’s possible to find parking :beatup: []
  3. She’s afraid of heights []
  4. Where I picked up a lighthouse ornament for the Christmas tree :spin: []
  5. It’s pretty cool if you pull it up on Google Earth, seeing the development in Carova Beach totally separate and apart from… everything. I’m determined to buy a Hummer or something so I can go check it out some time in the future :D []
  6. Which is actually a bit weird, because many of my predecessors in the UNC Association of Student Governments dislike him for various reasons even though they’re much closer ideologically to the Senator than I am :crack: []
  7. N.C. State has over 33,000 students, by contrast. []

Tags: , , , , , ,

Copyright © 2021 law:/dev/null All rights reserved. Theme by Laptop Geek.
Find TDot on Twitter or on Google+.