Changing Ideas and Attitudes

Recently, the 6th Symposium brought information technology (IT) from as far east as Scotland and west as California. Our experience, strength and hope generated many ideas in Tampa!

We met NA trusted servants who have an amazing array of skills. Programmers and database workers, web servants and corporate IT managers all contributed to the weekend.

Still we share the same goal: To help members and others by adapting technology to our spiritual principles.

Of course, our specific jobs will change. We rotate. Our replacements need to hit the decks a-running, too! They may lack extensive experience. Surely, they will lack time. Thus, they require simple useful tools and records to do their jobs.

Read more »

Well another FSS IT track has come and gone… news about privacy laws for the US

The Florida Service Symposium was held this past weekend, March 12-14, 2015 in Tampa. As usual the IT Track was great, attendance was a bit lower than expected, but very informative.  Also, as usual, is the clear evidence here that my blogging has been lacking.  I have made promises before and broken them, so I won’t do it again.

As always, if you wish to post, contact me at and let me know what information you would like to start adding to this blog.

Now for the important stuff:  We have all been aware of the Data Protection Directive in Europe that was adopted by the European Union some years ago, but there has been little in formal laws or rules for the US, outside of the Can-Spam Act of 2003.  There was the Safe Harbor to help US organizations/firms to comply with the EU Directive, but not much else.  Some states have developed their own, but the nationwide there has been little.  Well, apparently that has changed.

Rather than go into lengthy details, you can find the specifics for yourself by going to  I would suggest downloading the PDF of the article for offline reading.

Over the next couple of weeks, I will be finalizing new privacy policies for and will share it here.  To all webmasters: please consider the need for your own site’s privacy policies.

Until next time, thanks for reading and stay safe.

Stephan Lantos | IT Manager
NA World Services
Tel: +1 818-773-9999 ext.181 |

Post WSC 2014 news

Hi all,

Just a quick update.  We are in the early stages of two upgrades, one major, one medium:  We are installing a new ERP system that will result in a more robust accounting system and much more user-friendly shopping cart.  For years there have been many complaints (with mine at the top of that list) about how clunky and stuck in the ’90s our cart was.  That was what we were stuck with until a real upgrade of not only the cart, but also everything attached to it.  So that is taking up the vast majority of our time for the next few months.  Additionally, the database program is getting a facelift/upgrade as well.  Some of the changes are cosmetic but others under the hood should help it become more functional.  We are expecting the ERP upgrade to take about six to eight months and the database upgrade to be completed by end of the summer.

On another note, we are working on a mobile app for the Step Working Guides.  The apps will be available on Android and iOS platforms, not Windows mobile as yet. We are still in alpha-testing stage, but as soon as we have something that resembles beta stage, I will send an invite to the folks who are registered here now (please don’t send out an all-points bulletin to your community for testers, I will only accept a maximum of 30 total–any more becomes unwieldy for me.) and a couple of others.  Testers will be asked to sign an agreement not to distribute the test versions to anyone–that will be necessary for Android, as TestFlight no longer works for that platform.

Other than that, remember to stay safe, the amount of malware continues to increase.  To that end I am enclosing a link to the Websense annual report on threats here – (over 9 megs, so it may take some time to open)

Until next time

Stephan Lantos | IT Manager
NA World Services |


Heartbleed bug

The news has been out there for a few days now:  OpenSSL, the means by which most major email companies and some banks, etc. keep your information safe has been compromised.  At first I did not realize how big of an issue this was until I did some research late last night and this morning.  While the companies are scrambling to change their software, your passwords may have been stolen, as this issue has been out there for over a year.    The worst part of this is that you may have no idea that your information has been stolen or not, as there is no way to tell until you start sending out spam, or much worse, your identity is stolen…

Change your password everywhere.   This is no joke, and it’s something that is supremely important: change your password and not into something that is easily hacked, so use a combination of upper case, lower case, numbers and, if allowed, characters.

A good read (somewhat technical but not as much as others) is here:  And here is full disclosure about the bug:

Thanks, and stay safe!

Stephan Lantos | IT Manager
NA World Services |

GEEKLOG: Localization And Adaptability Part Two: Token-Based Text

In Part One of this series, I explained how you should establish a basic text rendering environment that will display non-Roman character sets.

In this entry, I’ll discuss one of the most common patterns used to get those characters onto the screen.

The objective of this exercise is to explain a basic way to allow a display (in this case, a Web page) to reuse the same framework, yet drastically change the content, depending upon the chosen language of the viewer.

I’ll use PHP as the example language. This pattern can be applied to almost any programming language, and actually tends to be supported by many development frameworks. PHP is well-understood, and also has native support for associative arrays, which makes this all much easier to explain. It is also the base language for a number of content-management systems that use this pattern for their own localization.
Read more »

From a friend and fellow contributor about some safe measures

A friend sent me an email when he realized that this blog was not a public one meaning anyone could post.  He offered me the post below to do with as I choose.  Of course I am choosing to include it here as it contains really valuable info.


In the OEM windows world it appears vendors (such a Dell, HP, etc.) deliver machines with the user having administrative privileges. It really isn’t necessary to have these rights for checking e-mail, browsing, word processing, (basic) web programming, etc.

I would advise against logging in with administrative permissions for everyday computing.
In Linux or an OS X terminal you can ‘sudo’. Recent versions of Windows try to implement this in the GUI with User Account Control. I noticed users who do not like UAC come from the Win 3, 95, 98, ME world. It’s not difficult to become acclimated with computing as a member of the Users group. Note: The Power Users group is still there for backward compatibility with NT 5.0 (Windows 2000) and is not necessary for 5.1 (XP) 6.0 (Vista) or 6.1 (Windows 7).

Some things that a member of the Users group cannot do are:

Cannot install software or hardware, but can access programs that have already been installed on the computer.

Cannot change his or her account name or account type. A user with a computer administrator account must make these kinds of changes.

Can change his or her account picture and can also create, change, or delete his or her password.

When I get a machine a few things I do are:

Rename Administrator to something other than Administrator, Admin or root.

Enable Guest account and set a passwd for people who want to use my computer. This way they do not have access to my files.

Setup an account and add it to the Users group. I do not use my name because website cookies will identify me by my username. This is the account I use for everyday computing.

Install applications under this user context using an administrative account (UAC).

If you are having difficulty running applications, check out this page:
There are additional links at the bottom of this page that are similar.

I do not login to e-mail (POP3, IMAP4, SMTP) using ‘clear text’. I use SSL, TLS or HTTPS. For information on securing e-mail authentication, contact you provider.

I do not rely on third-party software to protect my computer, network and (especially) my data. I tie down my computer to protect myself from myself- read the dialogue boxes carefully, don’t click on things I do not know, do not open e-mail from people I do not know or attachments that look suspicious (judgment call). After a short time practicing “safe computing” is easy to deal with.

These are a bit more technical:

If I am not familiar with an application, I do not install it, I’ll place it in a “Sandbox” or Virtual Machine

Go into Network adapter properties (UAC asks for administrative passwd) and disable bindings to services I do not use. In my case that includes:

Client for Microsoft Networks (I can still access my Network Attached Storage).
File and Printer Sharing for Microsoft Networks.
IPv6 (for now since many ISP’s do not support it anyway).

When Windows detects a new network connection, I set it to Public (not Home).

Disable (hidden) administrative shares C$, D$, ADMIN$ etc. This is a good article explaining how to do it.
It will not work with Home editions of Windows.

** Whitelist (this will paralyze most malware even if they get through (like CryptoLocker which Kaspersky, MacAfee, etc. did not come up with a signature for after weeks). Here’s a bit about whitelisting:

I also create a sub-folder within my downloads folder and create a policy that allows execution (NOT from the Downloads directory). I download and drag it into this sub-directory then execute it.

If people use P2P (including Skype) or are opening ports in a firewall or router I recommend they have at least two (firewalls/routers) and place that machine/device in between the two routers (or behind a firewall but in front of a router) and disable UPnP on the (internal) router. This is called a DMZ.

I have a Slingbox, TV’s Ethernet connection, VoIP adapter, Verizon (managed FiOS) router and server in a DMZ. Anything that is not mine (I don’t care what it is), I do not pace it on my internal network. I have wireless access for my guests in the DMZ as well. Not that I do not trust my guests but I do not know their computing habits.

For my family (and friends) in areas that do not practice Net Neutrality, I have them using the Tor Browser Bundle or VPN over SSH or SSL (NOT PPTP or L2TP). That’s not beyond the scope of “Security – personal computers” but this post is already too long.


Thanks K

Keep em coming!

Not abandoned yet… just…

To all who have faithfully followed this experiment, I apologize for neglecting it.  There have been many events and things that have taken all of my time.  There will be some news in the near future focusing on:

  • V2 of the mobile meeting search apps
  • Some plans for the next year in NAWS’ IT world, including possibly a new and much improved shopping cart
  • Some changes expected for the website
  • etc.

Again, I am sorry, but things like the World Convention happen and this goes on the back burner.  If I promised any of you that I would be in touch with you and seemingly flaked, I apologize, but have not forgotten… just trying to clear some time to actually have a meaningful conversation.

Yours in fellowship,

Stephan Lantos | IT Manager
NA World Services
Tel: +1 818-773-9999 ext.181 |

Meeting search apps up and running on iOS and Android

The meeting search apps were uploaded to both platforms within the past few weeks.  iOS went up in April while the Android version  was launched in the middle of May.  Thus far the responses for both versions have been overwhelmingly positive.  In addition to the standard map-based meeting search, there is the option to search for local phonelines and websites as well.   As an added feature, the daily posting of Just For Today is included.

You can download them either via the application distribution store on your mobile device or by clicking on the links below.

iOS Version:

Andoid version:

Support or comments about the apps can be sent to

Yours in fellowship,

Stephan Lantos | IT Manager
NA World Services
Tel: +1 818-773-9999 ext.181 |

New update about security and WordPress and Joomla

Periodically I will post an especially interesting set of updates I receive from Qualys or SANS, that may have an impact  on fellowship websites.  This week, I received the attached update from Qualys about the most recent vulnerabilities.  The title, “RFI Botnet Compromising WordPress, Joomla Sites Worldwide” caught my eye as you can imagine.  So rather than keep it to myself I am attaching the entire update as a PDF. (see link after sig).

Anyone can subscribe to the vulnerability updates.  I have found over the past few years that Qualys, SANS, etc. reporting is a bit ahead of main-stream consumer-oriented publications and present it in a concise fashion that makes it easy for me at least to skim through, reading what pertauins to me and leaving the rest.

Yours in fellowship,

Stephan Lantos | IT Manager
NA World Services
Tel: +1 818-773-9999 ext.181 |



GEEKLOG: Keeping Up to Date

I have been frantically working for the last six months or so to create a new version of the BMLT, in anticipation of this date: May 19, 2013.

That’s because Google has been saying that they would be shutting down their Google Maps Version 2 API, and I needed to create a version that supports the current Google Maps Version 3 API, have it in place, tested, and ready to go before May 19.

It has been a HUGE job, and I have been desperately trying to make sure that I had a fully-working root server, and all of the satellite clients in place by May 19, as well as getting as many established BMLT implementations as possible to update their servers.

Well, May 19, came and went, and the world didn’t end.

Google blinked. Read more »