I have recently published my white paper on securing your home computer on Infosecwriters.com. For those of you who are interested it is at http://www.infosecwriters.com/texts.php?op=display&id=342
In my opinion this article fills a void in that it is a step-by-step guide aimed at novices and the average home user.
Hope some of you will read and enjoy it. Comments and constructive criticisms are always welcome.
Rick
I refuse to join any club that would have me as a member. - Groucho Marx
Monday, December 19, 2005
Cell Phone Security
Again, compliments of Bruce Schneier... http://www.schneier.com/blog/archives/2005/12/cell_phone_comp.html
Apparently Rogers Communications has fraud detection software, but chooses whether or not to shut off a phone based on the subscribers ability to pay.
As some of you know, I work for a telecommunications company that is also in the cell phone business... fortunately not Rogers. I wonder if this could happen to us???
Rick
A child of five would understand this. Send someone to fetch a child of five. - Groucho Marx
Apparently Rogers Communications has fraud detection software, but chooses whether or not to shut off a phone based on the subscribers ability to pay.
As some of you know, I work for a telecommunications company that is also in the cell phone business... fortunately not Rogers. I wonder if this could happen to us???
Rick
A child of five would understand this. Send someone to fetch a child of five. - Groucho Marx
Airline Security
Another insightful comment from Bruce Schneier in the latest edition of Cryptogram (Dec 15, 2005).
"Maybe people who have watched MacGyver should never be allowed to fly."
This comment hits the whole thing right on the nose. As I have stated before...the restrictions imposed on passengers have very little to do with security, and more about a political attempt to placate constituents.
Fortunately, it looks like Mr Schneier's and others words are starting to be heard.
http://www.schneier.com/blog/archives/2005/12/airline_securit_4.html
Hopefully this is a sign that the DHS and others are starting to see that it is best to not do "movie plot" security and start to focus efforts in areas where security can actually do some good.
Rick
Outside of a dog, a book is man's best friend. Inside of a dog it's too dark to read. - Groucho Marx
"Maybe people who have watched MacGyver should never be allowed to fly."
This comment hits the whole thing right on the nose. As I have stated before...the restrictions imposed on passengers have very little to do with security, and more about a political attempt to placate constituents.
Fortunately, it looks like Mr Schneier's and others words are starting to be heard.
http://www.schneier.com/blog/archives/2005/12/airline_securit_4.html
Hopefully this is a sign that the DHS and others are starting to see that it is best to not do "movie plot" security and start to focus efforts in areas where security can actually do some good.
Rick
Outside of a dog, a book is man's best friend. Inside of a dog it's too dark to read. - Groucho Marx
Monday, November 28, 2005
The Human Side of Security
Mi2g's response to the SANS Top 20 list generated an entertaining discussion on the Dshield mailing list (http://www.dshield.org/mailman/listinfo/list). The discussion was winding down when a post by David Rice suggested an appendix be added to the Top 20 list to address Mi2g's concerns. For those of you unfamiliar with the Top 20 list, it is formatted like a Top 20 item.
Quoted in it's entirety (with Davids' permission)...
"I would recommend ammending the SANS Top 20 to include the following:
H1. Humans
H1.1 Description:
The species Homo sapiens supports a wide range of intellectual capabilities such as speech, emotion, rational thinking etc. Many of these components are enabled by default - though to differing degrees of success. These components are implemented by the cerebral cortex, and are under the control of the identity engine which runs as me.exe. Vulnerabilities in these
components are the most common avenues for exploitation.
The human brain is both locally and remotely exploitable through techniques such as unhealthy self-talk, low self-esteem, government propaganda, commercial marketing, sales representatives, phishing, social engineering, and magic tricks. For most of these vulnerabilities, exploit code is publicly available. Attacks exploiting these vulnerabilities have been seen
in the wild. An example of a large-scale attack involved exploiting a flaw in the brain's music handling routine where thousands of people purchased David Hasselhof's album "Looking for the Best."
Earlier versions especially Neanderthal and Homo Erectus do not enable rationality and intellect by default and are therefore considered "secure by default" (of course, extinction dramatically reduces a species' attackable surface area). Due to environmentally-derived improvements, Homo sapiens have a much broader mental capacity which increases the exploitable surface
area significantly.
H1.2 Systems Affected
All versions after Homo sapiens 1.3.27.5234a
H1.3 How to determine if you are at risk
- Ask yourself the question, "Who am I?" If answered, the system is at risk.
H1.4 How to Protect Against Vulnerabilities
- Unfortunately, patches to Homo sapiens have resulted in significant and harmful sequela such as holy wars, cola wars, communism, reality TV, and global warming; therefore, the current version of Homo sapiens is considered unstable and non-patchable. An upgrade/replacement from the open-source genomics community is eagerly awaited. In the mean time, consider the
following:
- Deny yourself admin rights.
- Determine if the vulnerability exists in a non-essential component that can be removed. Please take caution when determining this as it could break functionality if there are other services that depend on the component in question. If necessary, consult a physician.
- In some cases, exposure to the vulnerability could be removed by disabling the corresponding service. Please note: disabling me.exe will make the system unrecoverable. Make sure a backup disk is available. "
Thanks David for a great laugh!
Rick
Quoted in it's entirety (with Davids' permission)...
"I would recommend ammending the SANS Top 20 to include the following:
H1. Humans
H1.1 Description:
The species Homo sapiens supports a wide range of intellectual capabilities such as speech, emotion, rational thinking etc. Many of these components are enabled by default - though to differing degrees of success. These components are implemented by the cerebral cortex, and are under the control of the identity engine which runs as me.exe. Vulnerabilities in these
components are the most common avenues for exploitation.
The human brain is both locally and remotely exploitable through techniques such as unhealthy self-talk, low self-esteem, government propaganda, commercial marketing, sales representatives, phishing, social engineering, and magic tricks. For most of these vulnerabilities, exploit code is publicly available. Attacks exploiting these vulnerabilities have been seen
in the wild. An example of a large-scale attack involved exploiting a flaw in the brain's music handling routine where thousands of people purchased David Hasselhof's album "Looking for the Best."
Earlier versions especially Neanderthal and Homo Erectus do not enable rationality and intellect by default and are therefore considered "secure by default" (of course, extinction dramatically reduces a species' attackable surface area). Due to environmentally-derived improvements, Homo sapiens have a much broader mental capacity which increases the exploitable surface
area significantly.
H1.2 Systems Affected
All versions after Homo sapiens 1.3.27.5234a
H1.3 How to determine if you are at risk
- Ask yourself the question, "Who am I?" If answered, the system is at risk.
H1.4 How to Protect Against Vulnerabilities
- Unfortunately, patches to Homo sapiens have resulted in significant and harmful sequela such as holy wars, cola wars, communism, reality TV, and global warming; therefore, the current version of Homo sapiens is considered unstable and non-patchable. An upgrade/replacement from the open-source genomics community is eagerly awaited. In the mean time, consider the
following:
- Deny yourself admin rights.
- Determine if the vulnerability exists in a non-essential component that can be removed. Please take caution when determining this as it could break functionality if there are other services that depend on the component in question. If necessary, consult a physician.
- In some cases, exposure to the vulnerability could be removed by disabling the corresponding service. Please note: disabling me.exe will make the system unrecoverable. Make sure a backup disk is available. "
Thanks David for a great laugh!
Rick
Thursday, November 24, 2005
Mi2g and the SANS Top 20
First we have to get this out of the way...I have been a contributor to the SANS Top 20 for the last 4 years. I think it is a great piece of work, with a very specific focus...to help system administrators focus their efforts.
Which brings us to Mi2g...http://www.mi2g.com/cgi/mi2g/press/221105.php
This has been headlined in at least one place as "Mi2g disputes SANS Top 20". I don't see it that way at all. I will not get into what reasons Mi2g has to release this article. I am sure they did it for purely altuistic reasons. Once you filter out the sensationalism and obvious self-promotion, the article is bang on. Security is not a technical problem, it is a system that starts with people, policy and processes. Technology is merely the means to support the 3Ps.
The interesting thing is that during the deliberations for this years Top 20 list, we talked about all of the human side of the security equation, and whether or not to include it in the list. But in the end we decided that that wasn't the point of the project.
It is my fervent hope that small companies and novice admins will address the human side of the equation, but if they don't, the Top 20 is a great start.
Rick
SANS Top 20
The SANS Top 20, 2005 edition has been released. It is available at:
http://www.sans.org/top20/
For those of you who are security neophytes, or those of you who have just been hiding under a rock, The SANS Top 20 list is a collection of vulnerabilities that have been released in the last year which you should have already remediated. If you haven't remediated them by now, you are probably dealing with the aftermath. (-8
Even so, it is excellent reading. Of course I am biased. (-8
Rick
http://www.sans.org/top20/
For those of you who are security neophytes, or those of you who have just been hiding under a rock, The SANS Top 20 list is a collection of vulnerabilities that have been released in the last year which you should have already remediated. If you haven't remediated them by now, you are probably dealing with the aftermath. (-8
Even so, it is excellent reading. Of course I am biased. (-8
Rick
Tuesday, November 01, 2005
SPAM, SPIM even SPLOG, but what do you call SPAM messages in blog comments?
As a security professional I have heard of SPAM, SPIM, even SPLOG, and Phishing and Pharming, and lots of other seemingly nonsense names, but today I may have found a new one.
Since posting my previous blog about DRM and rootkits, I have received two SPAM messages via anonymous comments to that blog post. I have since deleted them. Is there a name for that type of SPAM or do we need a new name? Perhaps BLAM? (-8
Rick
Since posting my previous blog about DRM and rootkits, I have received two SPAM messages via anonymous comments to that blog post. I have since deleted them. Is there a name for that type of SPAM or do we need a new name? Perhaps BLAM? (-8
Rick
Digital Rights Management as a RootKit?
I was reading Mark Russinovich's column on the SysInternals blog at http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
Let me start by saying that in this case Sony's DRM definitely crossed the line, by modifying the system to hide itself from the users. They need to be stomped upon. End of story.
But it got me to thinking about a basic premise of Rootkits, or more precisely about the premise of detecting Rootkits.
First a little background. For those or you who are security neophytes a Rootkit is (To use Mark's own words)"
"Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden."
So what this basically (or maybe not so basic) means is that Rootkits utilize capabilities which exist on a system to modify the system to subvert the normal capabilities of the system in order to hide stuff (files, executables, back doors, etc) that the installer of the RootKit doesn't want people to find and/or remove.
The assumption behind RootKit detection software such as chkrootkit, or RootKitRevealer is that even though the capabilities utilized by the RootKit could be utilized by legitimate applications, that there is no legitimate reason why legitimate applications would want to or need to utilize these capabilities.
Forgetting about the ethics of DRM utilizing these capabilities, it does shake this premise. DRM is a legitimate application, and it is utilizing capabilities that were considered to have no legitimate use. Does this mean that applications should avoid utilizing these capabilities, or does the security world have to reconsider whether those capabilities have a legitimate use?
For reference, F-Secure has waded into this debate and decided that Sony's DRM stuff this is malware.
http://www.f-secure.com/v-descs/xcp_drm.shtml
Myself, I have to agree!
Rick
Let me start by saying that in this case Sony's DRM definitely crossed the line, by modifying the system to hide itself from the users. They need to be stomped upon. End of story.
But it got me to thinking about a basic premise of Rootkits, or more precisely about the premise of detecting Rootkits.
First a little background. For those or you who are security neophytes a Rootkit is (To use Mark's own words)"
"Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden."
So what this basically (or maybe not so basic) means is that Rootkits utilize capabilities which exist on a system to modify the system to subvert the normal capabilities of the system in order to hide stuff (files, executables, back doors, etc) that the installer of the RootKit doesn't want people to find and/or remove.
The assumption behind RootKit detection software such as chkrootkit, or RootKitRevealer is that even though the capabilities utilized by the RootKit could be utilized by legitimate applications, that there is no legitimate reason why legitimate applications would want to or need to utilize these capabilities.
Forgetting about the ethics of DRM utilizing these capabilities, it does shake this premise. DRM is a legitimate application, and it is utilizing capabilities that were considered to have no legitimate use. Does this mean that applications should avoid utilizing these capabilities, or does the security world have to reconsider whether those capabilities have a legitimate use?
For reference, F-Secure has waded into this debate and decided that Sony's DRM stuff this is malware.
http://www.f-secure.com/v-descs/xcp_drm.shtml
Myself, I have to agree!
Rick
Friday, October 07, 2005
Firewalls are dead!!
From SC Magazine http://www.scmagazine.com/news/index.cfm?fuseaction=newsDetails&newsUID=7e41c682-23df-4065-beb3-e7bd85c2284e&newsType=Latest%20News&s=n
The specific comment I want to rant about today is about the death of firewalls...
"At the same event a TippingPoint VP predicted a swift end to firewalls. Gregory Fitzgerald, the IPS company's VP of marketing argued that the technology would soon be overhauled.
"Who cares if companies are pushing out firewalls now?" said Fitzgerald. "With more and more technology requiring open ports [such as VoIP] security has to be elsewhere to ensure the networks remain safe.""
When are these security vendors going to realize that this sort of soundbyte does nothing to help security practitioners do our jobs?
There is a nugget of truth in what he says. As modern applications require more and more ports to be open firewalls become increasingly like swiss cheese. It does to some degree decrease their usefulness in protecting that particular application! This is an extension of the old adage of "You can't deny what you must permit". This adage tells us that you need to apply a defense in depth strategy and protect the server, operating system and application as well by providing mitigating strategies such as IDS/IPS, server hardening, application monitoring, host based IPS, log correlation, etc..
But this does not mean the firewall is dead. It is still a useful defense mechanism for preventing attackers from mapping your network and providing a first level of defense to the servers, and operating systems which house the applications.
Guys like this may succeed in selling more of his companies IPS products, but they just make security architect's lives more difficult when application architects say "So and So said firewalls are dead, so we are not going to deploy one in our Internet facing application". Eventually we will get the firewall deployed, but only after wasting a lot of precious time.
Sorry, we are understaffed as it is. We don't need this kind of help.
The specific comment I want to rant about today is about the death of firewalls...
"At the same event a TippingPoint VP predicted a swift end to firewalls. Gregory Fitzgerald, the IPS company's VP of marketing argued that the technology would soon be overhauled.
"Who cares if companies are pushing out firewalls now?" said Fitzgerald. "With more and more technology requiring open ports [such as VoIP] security has to be elsewhere to ensure the networks remain safe.""
When are these security vendors going to realize that this sort of soundbyte does nothing to help security practitioners do our jobs?
There is a nugget of truth in what he says. As modern applications require more and more ports to be open firewalls become increasingly like swiss cheese. It does to some degree decrease their usefulness in protecting that particular application! This is an extension of the old adage of "You can't deny what you must permit". This adage tells us that you need to apply a defense in depth strategy and protect the server, operating system and application as well by providing mitigating strategies such as IDS/IPS, server hardening, application monitoring, host based IPS, log correlation, etc..
But this does not mean the firewall is dead. It is still a useful defense mechanism for preventing attackers from mapping your network and providing a first level of defense to the servers, and operating systems which house the applications.
Guys like this may succeed in selling more of his companies IPS products, but they just make security architect's lives more difficult when application architects say "So and So said firewalls are dead, so we are not going to deploy one in our Internet facing application". Eventually we will get the firewall deployed, but only after wasting a lot of precious time.
Sorry, we are understaffed as it is. We don't need this kind of help.
Thursday, July 21, 2005
I thought the Moon was made of green cheese!
To commemorate the 36th anniversary of the Moon landing, the good people of Google have put together NASA's pictures of the Moon ala maps.google.com satellite images. http://moon.google.com/ shows maps of the moon complete with landing sites of the various Apollo missions. Zoom in far enough and you discover the moon really is made of cheese.
Neat!
Rick
Friday, July 15, 2005
Security Stupidity
I can't take credit for this. Bruce Schneier published it in his latest Cryptogram e-newsletter. But this is a perfect example of how inflexible policies often don't make sense. Soldiers flying a charter to Kuwait can take assault weapons on the plane, but not pocket knives, fingernail clippers, nose hair scissors or cigarette lighters.
http://www.ajc.com/news/content/custom/blogs/guard/entries/2005/05/19/drop_those_nose_hair_clippers_soldier.html
This is living proof we are fighting the war against terror the wrong way. The statistics the airport security people publish of all the "dangerous items" they have prevented from being taken on board planes are not a success, but rather a failure because they prevented people who had no intention of using those items in a dangerous manner from taking them on.
We are focusing security spending on items the terrorists have already hit, or on "high profile" potential targets. Sorry, but this means the terrorists are winning. The terrorists can see where we are focusing our efforts...they will just attack somewhere else where the security is softer (or non-existent). The London Subway bombings are proof of this. The terrorists are winning because we are spending huge amounts of money protecting assets that will never be attacked rather than spending it on root cause of the problem, finding and stopping the terrorists. The terrorists are winning...they are increasing our taxes and decreasing our standard of living and forcing us to change the way we live.
Sorry for the rant.
Rick
http://www.ajc.com/news/content/custom/blogs/guard/entries/2005/05/19/drop_those_nose_hair_clippers_soldier.html
This is living proof we are fighting the war against terror the wrong way. The statistics the airport security people publish of all the "dangerous items" they have prevented from being taken on board planes are not a success, but rather a failure because they prevented people who had no intention of using those items in a dangerous manner from taking them on.
We are focusing security spending on items the terrorists have already hit, or on "high profile" potential targets. Sorry, but this means the terrorists are winning. The terrorists can see where we are focusing our efforts...they will just attack somewhere else where the security is softer (or non-existent). The London Subway bombings are proof of this. The terrorists are winning because we are spending huge amounts of money protecting assets that will never be attacked rather than spending it on root cause of the problem, finding and stopping the terrorists. The terrorists are winning...they are increasing our taxes and decreasing our standard of living and forcing us to change the way we live.
Sorry for the rant.
Rick
More on the Masters of Disaster
I found an excellent article in an Arkansas paper about Bobby Younkin and Jimmy Franklin. It is a good read for those who are interested. I have been amazed at the response of the families. They universally say "They died doing what they loved." All I can say is Good on ya!
http://www.nwaonline.net/articles/2005/07/12/front/04fzyounkinobit.txt
Rick
http://www.nwaonline.net/articles/2005/07/12/front/04fzyounkinobit.txt
Rick
Sunday, July 10, 2005
Masters of Disaster
Blog as therapy...whodathunk.
Today I experienced one of the most frightening things I have seen in my life. Frightening partially because it involved loss of life, but mostly because of the sheer talent that was snuffed out in the blink of an eye.
Today I was at the Saskatchewan Centennial Air Show in Moose Jaw, SK. As usual there was an amazing array of piloting, and technology that is hilighted at all such airshows of its ilk. One group of people stood out from the crowd. It was a group of perfomers from a group called the X-Team (www.xteamairshows.com). To be specific it was Jimmy Franklin, Kyle Franklin, Jim Leroy, and Bobby Younkin...they amazed the crowd with their aerobatic abilities. I am an airplane buff, and aerobatics fan, and was amazed by the abilities of these pilots. They each performed solo earlier in the day, and Jimmy Franklin and his son Kyle did an amazing wing walking act like none I have ever seen for their second show.
Near the end of the day, for their finale, Jimmy Franklin, Jim Leroy and Bobby Younkin put on a unscripted dog fighting display ala WWI under the name of "Masters of Disaster", with Kyle Franklin acting as announcer. This show was to go on for 25 minutes, and the crowd was mesmerized and amazed by the perfomance these amazing aviators demonstrated. About 15 minutes into the show the three planes came together for a stunt where one plane crosses between the other two, and the remaining two pass over and under each other in a near miss. Unfortunately, they didn't miss...the one plane slammed into the bottom of the other and thye both exploded and plummeted to ground in balls of fire from about 300 feet. At first the audience thought that this was a pyrotechnics display and they reacted to the amazing spectacle. But when everyone realized that only one plane was still in the air, and silence overtook the crowd. The aftermath was that Jimmy Franklin (flying WACO), and Bobby Younkin (flying Samson) were killed.
Jimmy Franklin's claim to fame was as a stunt pilot in numerous movies including "The Rocketeer". The plane he was flying was "WACO" a modified 1937 WACO UPF-7 with a T38 jet engine underneath. An amazing flying machine that did things never before seen in aerobatics.
Bobby Younkin is a veteran of airshows worldwide. The plane he was flying was "Samson" a recreation of a plane built by Curtis Pitt in the 1940's. As amazing an aerobatic plane as I have ever seen.
Loss of life is always tragic, but the pilots knew the risks and accepted them everytime they performed. In my mind the more tragic thing is that amazing talent has been removed from this earth.
My condolences go out to Kyle Franklin and his family and the family of Bobby Younkin at this time of great sorrow.
Thursday, July 07, 2005
Turn it off!!
One of the things I do in my spare time (yeah right!) is to help people out securing their home networks. I do gateway router installations and configuration, Wireless network setups, anti-virus installations and upgrades, spyware cleanups, etc. etc. None of these tools are expensive, but it does cost a couple of hundred dollars to secure your machine properly. But the long term cost of not doing this is usually an infection and reinstall.
Yesterday, somebody asked me..."If I don't want to do all that stuff, what is the best free thing I can do to protect my machine?" He was surprised by my answer "Turn off your computer when you aren't using it".
In these days of always on Internet connections, we somehow have gotten in the habit of always leaving our computers turned on. Why?
Most people use their machine only a few minutes each day. Turn off your computer when it is not in use and malicious users cannot probe and compromise your machine. If your machine does somehow become compromised, it will not add to the machines probing and compromising other machines on the Internet or fulfill whatever nefarious purpose the malware author intended. You may even save on your power bill and reduce wear and tear on your computer.
Sure it is not a good solution for computers that are used for hours a day, and you probably should still do the other things, but for the average home user it is a big step forward in securing your computer.
For my treatise on how to secure home computers please have a look at... http://www.whitehats.ca/main/members/Cerberus/cerberus_home_security/protecting_home_computer.html
Rick
Yesterday, somebody asked me..."If I don't want to do all that stuff, what is the best free thing I can do to protect my machine?" He was surprised by my answer "Turn off your computer when you aren't using it".
In these days of always on Internet connections, we somehow have gotten in the habit of always leaving our computers turned on. Why?
Most people use their machine only a few minutes each day. Turn off your computer when it is not in use and malicious users cannot probe and compromise your machine. If your machine does somehow become compromised, it will not add to the machines probing and compromising other machines on the Internet or fulfill whatever nefarious purpose the malware author intended. You may even save on your power bill and reduce wear and tear on your computer.
Sure it is not a good solution for computers that are used for hours a day, and you probably should still do the other things, but for the average home user it is a big step forward in securing your computer.
For my treatise on how to secure home computers please have a look at... http://www.whitehats.ca/main/members/Cerberus/cerberus_home_security/protecting_home_computer.html
Rick
Wednesday, June 08, 2005
Interesting Reading
For all you security weanies out there, I would like to point out a couple of related and very interesting reads.
The first, from Bruce Schneier's Blog http://www.schneier.com/blog/archives/2005/06/attack_trends_2.html a very insightful article on past and future attack trends. Just in case you are not a regular Bruce Schneier reader...Bruce is a realist in a sea of FUD (Fear, Uncertainty, and Doubt) that seems to be the Security industry.
The second, yesterday's Internet Storm Center article put together by Marcus Sachs, and a cast of thousands, on a very similar topic. http://isc.sans.org/diary.php?date=2005-06-07
There is a lot of crappy content on the Internet, but these definitely don't fall in that category. These both have a relatively high content ratio.
Have a great one!
Rick
The first, from Bruce Schneier's Blog http://www.schneier.com/blog/archives/2005/06/attack_trends_2.html a very insightful article on past and future attack trends. Just in case you are not a regular Bruce Schneier reader...Bruce is a realist in a sea of FUD (Fear, Uncertainty, and Doubt) that seems to be the Security industry.
The second, yesterday's Internet Storm Center article put together by Marcus Sachs, and a cast of thousands, on a very similar topic. http://isc.sans.org/diary.php?date=2005-06-07
There is a lot of crappy content on the Internet, but these definitely don't fall in that category. These both have a relatively high content ratio.
Have a great one!
Rick
Tuesday, March 29, 2005
Welcome
Welcome to my blog. It is here that I will post random musings and rants about whatever I feel like musing and ranting about. (-8
For the most part these virtual pages will contain comments on information security related topics, but occaisionally I may deviate from this theme for special occaisions.
Rick
For the most part these virtual pages will contain comments on information security related topics, but occaisionally I may deviate from this theme for special occaisions.
Rick
Subscribe to:
Posts (Atom)