The Russians have stolen 1.2 billion Internet passwords! We are all doomed!

Probably not.

You can’t have missed the recent flurry from NBC News, The New York Times, USA Today, and almost every other news media about how a Russian crime ring has stolen 1.2 billion user name / password combinations plus over 500 million email addresses. These credentials were stolen from 420,000 different websites spanning everything from Fortune 500 companies to small companies across almost every line of business and all around the world.

The attack uses an old but still effective mechanism: introduce malware into the company’s network that looks for SQL databases, then use a technique called “SQL Injection” to steal data. SQL Injection takes advantage of bad code in application programs. When you sign into a website and enter your account number to get information such as your personal profile, the web site sends the request to an application program which then queries a database. Many of these databases are based on SQL, Structured Query Language, originally developed by IBM over 40 years ago. These databases now run on every kind of computer and are extensively used because of their reliability, scalability and relatively low cost. The application program sends an easy to understand query to the database. For example, it would send something like “give me the account information for account number 123.” The database returns the requested data to the application. If you ask “give me the account information for account number > 1” the database will return all of the account information for all of the accounts. If the programmer was not careful and testing was woefully lacking, you can fool the database into giving you a lot more information then intended or appropriate.

How serious is this particular attack? We don’t really know. The 420,000 hacked companies have not been identified. We don’t know how old the passwords are. Many critical systems require that you change your password periodically; many of the hacked user name password combinations may be months or years old. These attacks have apparently been going on for years, so it is not clear that this is really something new.

Surprisingly, and contrary to standard practice, Hold Security, who reported the breach, has not provided the victim companies sufficient information to verify the problem and identify specific individuals impacted. Hold Security has also announced a new service ($10/month) that will monitor your email address if it is one of the stolen emails. However, you must provide Hold Security with your email addresses and account passwords.

What should you do?

  1. Don’t panic.
  2. Monitor your financial activity frequently looking for unusual transactions. Especially look for small, often less than $10, transactions that you do not recognize. Many criminals use one or two small transactions to validate the information they have before they move to bigger transactions, and many are satisfied to pick up a few dollars from thousands of accounts and hopefully stay below the threshold to get government authorities interested in their activities. Some financial organizations, including Chase, actually monitor for these small transactions and will notify you to determine whether they are valid.
  3. Identify your important financial and medical web sites. While you probably have dozens of different accounts you access online, most of them would have little impact on you if they were compromised. Note which accounts are linked to a bank account or credit/debit card. For example, if you use Amazon one-click to make purchases, then Amazon is an important account
  4. Change your passwords frequently on those important web sites. To me, frequently means at least four times a year.
  5. Do not use the same password for more than one account.
  6. Do not use a simple password. Your password should be at least eight characters long, and contain at least one lowercase letter, one uppercase letter, one digit, and, if the site allows, one special character like $ # % !.

The top five passwords actually used in 2013 were 123456, password, 12345678, qwerty, and abc123. For a bad password, I prefer “what,” as in “what is the password.” You should not use anything remotely like these.

If you have trouble remembering dozens of strong passwords and would like to have help doing that, check out Sreenivas Angara’s Kickstarter project. He is working on a smart phone and tablet game called Drongzer to teach you to how to create and remember strong passwords by using procedural memory instead of declarative memory. Procedural memory guides the processes we perform, like driving a car. We know what to do while driving when we come to an intersection, even if we have never been there before. Procedural memory usually resides below the level of conscious awareness and tends to be automatically retrieved and utilized. Declarative memories must be consciously recalled. We use it for things like dates (1492, your significant other’s birthday, your address, …). There is no pattern to them; you just have to memorize them.

The last word:

Many if not most of the 420,000 companies are still vulnerable. Is yours? Meet with your IT and security managers and review your current security and audit practices. Most companies concentrate on protecting data coming into their site, looking for malware and denial of service attacks. These are all important. But also look at the data leaving your site; this is where you are really vulnerable to losing protected information. Are you looking for unusual patterns, like outgoing transactions that are thousands or millions of bytes instead of a few hundred, or large data transfers in the middle of the night? Do not forget to include non-electronic loss opportunities like storing unencrypted files on laptops, CDs or thumb drives.

Comments solicited.

Keep your sense of humor.


Cloud Adoption

I started blogging about Cloud Computing over four years ago. At that point it was relatively new. A lot of CIOs were talking about it, but relatively few were actually spending money moving to it. The “experts” were mostly predicting great growth for the Cloud; as just one example, Novell predicted that the workloads running in the Cloud would grow from 2% in 2010 to 20% in 2015. Of course, most of these experts were in the Cloud industry and possibly with an inclination to hype the concept.

Four years later, how is Cloud Computing adoption doing?

As is almost always the case, not as well as predicted but better than you might have expected. Everest Group recently released its 2014 Enterprise Cloud Adoption Survey. Founded in 1991 and headquartered in Dallas, Texas, Everest Group is an advisor to business leaders on the next generation of global services with a worldwide reputation for helping Global 1000 firms dramatically improve their performance by optimizing their front-, mid-, and back-office business services.

Their most recent Cloud Adoption Survey shows that 56% of enterprises consider the Cloud as a strategic differentiator. These companies are putting their money on the Cloud, with 58% of the surveyed organizations spending more than 10% of their annual IT budget on Cloud solutions and services. These enterprises are no longer just experimenting with the Cloud, but are investing significantly in moving to the Cloud.

The survey also points out two continuing concerns about the Cloud: security and ease of migration.

Security concerns still exist, but the security picture of the Cloud is improving every year. Cloud Service Providers (CSPs) are gaining more expertise and making that expertise and the resulting best practices available to their customers. One impact is that many companies are going to private cloud implementations, and thus foregoing many of the cost savings and weakening the “pay for use” advantages of the Cloud. I have several posts specifically on Cloud Security, including a three-part introduction starting here, Secure Public Cloud, and most recently here.

The other continuing concern is ease of migration. CSPs will still tout how easy it is to move to their Cloud and most will offer you services to help you move at little or no cost. Your reality may be different. It is important to carefully plan your move, test the actual migration so you know how long it will really take, and then execute the move. As always, no matter what kind of an upgrade you are doing, have a fallback plan.

Your workloads are not all the same: their security, performance and availability requirements vary. Likewise, it is unlikely that a single Cloud solution will be the correct choice for your organization. Like with any product, if you only talk to one vendor you are likely to learn how that vendor’s product is best for you. You will usually be better off if you look at multiple vendors and match each application to the solution that best preserves your individual applications’ important security, performance and availability requirements. Most companies are likely to end up with a combination of different cloud models called a Hybrid Cloud.

As always, moving to the Cloud must be a business decision, not a technical decision. You should go to the Cloud because it makes good business sense for the reasons we have discussed earlier.

The last word:

Comments solicited.

Sometimes the biggest objections to moving to the Cloud will come from your own IT shop. They have provided you with a solution that is working at a predictable cost. Like in any outsourcing conversation, your IT team is probably concerned about what may happen to them. Your CIO may be worried that he or she will become irrelevant. They should be concerned, because it will change their world.

Because moving to the Cloud is a business decision, the key stakeholders in a Cloud implementation are likely to be the business owners within the company. However, the IT organization will remain critical to provide the leadership and overall management of your ever-changing Cloud environment. The Everest Group report indicates that over 75% of the surveyed organizations believe that the role of IT is increasing or is unchanged as they move to the Cloud. The focus of the CIO and the whole IT team needs to change from the day-to-day handling of the IT infrastructure to a more business-oriented approach of providing the IT services the business stakeholders require.

Keep your sense of humor.



(This is another special posting by Suzy. I hope you enjoy it.)

Locavores pride themselves on eating locally grown and prepared foods. Some of them are just food snobs trying to make the rest of us feel like food slobs. Most really enjoy and are proud of the foods their locality produces. Philly cheesesteaks, North Carolina pulled pork, Texas Chili, Neapolitan pizza, beers from various localities, or a spicy barbeque all make us salivate. Each reminds us of a region, or a special meal, or at the very least a clear and distinct flavor. There is a difference to be enjoyed between New York and Philly cheesecakes. New York cheesecake is a bit creamier and tangier. I prefer one for dessert and the other as a breakfast treat.

Each time I moved I would develop a taste for a regional specialty that would be the source of cravings when we moved to the next place. Living in Southern California I missed mid-Atlantic favorites. Now, back in the Philadelphia area, I am constantly craving foods with a Mexican flair. Several weeks ago we had a family movie night. That is to say we were showing home movies of the growing up years of my siblings and myself to which we subjected our mates. And here I commend them for being good sports about the entire evening. Seeing where we lived in Naples made me hungry for the pizza we would buy from a small shop at the foot of the hill on which we lived. Nothing else will sate this craving, so Walt and I are now thinking about a trip. There was also this one particular wine I remember, so it isn’t just about the pizza.

When I lived in Naples the world was a slightly slower place. When we moved there we traveled, not by plane, but by an ocean liner. All the American goods that we got at the Base Exchange were brought in by cargo ship. Due to temperature changes in the hulls of the cargo ships that could affect the look or efficacy of some products, Hershey’s Chocolate bars often had a white powdery coating. Our mail was flown over from the States. Much of our shopping for American style products was done through mail order catalogs. That meant flipping through the pages of a catalog, filling out an order form, mailing it to the company back in the States, having the company fill the order, and then ship, yes literally send it on a ship, back to us. It took time. Sometimes we didn’t remember quite what we had ordered, so opening the package was a bit exciting. Gifts to or from family and friends were also shipped. My Grandmother decided she would not send us the annual supply of Christmas cookies. She was afraid that the shipping would cause then to be stale or nothing but crumbs. She sent Moma copies of my Great-grandfather’s treasured holiday cookie recipies instead and wished Moma luck in finding the ingredients and making them. At that point I had learned a bit more Italian than Moma, so armed with my trusty bi-lingual dictionary we went together to the local shops to find some of the candied fruit bits and spices. It was a family project to make the cookies and Daddy documented it with his trusty 8mm movie camera with its 4 floodlight light bar. My Grandmother’s education wasn’t the best, and in her copying of the recipes she left out some key instructions and an ingredient or two, thus making the project more of a challenge. As Moma had often helped with the baking when she lived at home, or we lived near Grandmom, she was able to see some of the discrepancies or she just got a bit creative. During the course of the project we all talked about how various flavors and aromas reminded us of different places and times.

My fertile little mind took off on tangents. I began to think of all the places we had been and the various things we had enjoyed wherever we were. One of the fun things was walking with my Grandmother to the local farmers’ market at least once during each of our visits with her. As that’s where she did most of her food shopping, she knew all the farmers and their families in each of the stalls, and they knew her. She would tell the butcher she wanted to make ox-tail soup, and he would have a tail for her on her next visit. Though Daddy often teased her that it was just from some cow he had just butchered she insisted that it was from an ox. She would ask each seller she visited about children who weren’t there that day. Then she would push my brother and me forward to be seen and praised. It had its rewards, as we would often be given tastes. As we were then living in Naples, Italy I decided I really would enjoy a sandwich with Lebanon bologna. The local shops had prosciutto, Parma ham, mortadella, capicola, but no Lebanon bologna.

Having been rewarded by the Italian consulate in New York with all sorts of wonderful information about Italy when I had written to them about our up-coming move, I responded as rapidly as Pavlov’s dog. I wasn’t fussy about a brand name since I had never noticed any on the bologna Grandmom had brought home from the farmers’ market, so I didn’t have an address nor even a company name. I had no idea where to send a letter. Remember, this was before the Internet, so I couldn’t just Google it. I decided to write to the Chamber of Commerce in Lebanon, Pennsylvania. After all, shouldn’t Lebanon bologna come from Lebanon, Pennsylvania?   In my letter, I explained how far away we were, how the Italians didn’t understand lunchmeat, and, most grievously, how the Commissary didn’t carry Lebanon bologna. I wanted to know how I could buy some and have it sent to us. Having signed, sealed and stamped it I placed my letter in the pile of out-going mail and pretty much forgot about it. I’m not sure how the Chamber of Commerce reacted upon receipt of the letter. Hopefully they had a pretty good laugh.

Quite a while later, getting on into spring, Daddy arrived from work with a box that was about three foot long, and maybe nine inches on a side. Accusingly he looked to Moma and me and asked what we had ordered this time. Moma was puzzled. By then, I had forgotten about my letter. We all stood around the kitchen table as Daddy carefully opened the box and slid out an entire roll of Weaver’s Lebanon bologna and a very nice letter. The Chamber of Commerce had forwarded my letter to the Weaver family, who gifted us with an entire bologna. Moma had a hand-cranked meat-slicing machine, which she immediately set up on the table and proceeded to cut off several slices. It was the best I had ever had or have had since.

Times have changed. We expect immediate gratification. We now buy foods from all over just about anywhere any time of year, though travel time and distance mean that especially fresh foods aren’t always at their peak. People don’t write letters anymore, either, contenting themselves with ephemeral e-mail, texts or twitter. But that’s for another rant.

The last word:Jim1099s

This is the view from their apartment in Naples, Italy. Many years later, this story helps explain why Suzy really likes to cook, is pretty good at it, creates many of her dishes from scratch, and makes me create an herb garden everyplace we have lived.

Comments solicited.

Keep your sense of humor.


This has been an interesting couple of weeks. The IRS admits to “loosing” millions of emails, coincidentally the subject of an on-going investigation. If your company tried that trick, several of your executives would be in jail and the company would have a huge fine. There are several federal and state laws that require retention of any information relevant to an ongoing investigation. In addition, there are even more stringent laws on data retention specifically for US government entities. In legal terms, “spoliation of evidence” is the intentional or negligent withholding, hiding, altering or destroying evidence relevant to a legal proceeding. This kind of activity, in addition to being illegal, usually leads to “spoliation inference.” That is when a party destroys evidence, it is reasonable to infer in a court that the evidence was damaging to the party.

On the flip side, the IRS has inappropriately released protected personal information to third parties. This includes information provided to Congress as part of their inquiry into the lost emails. In reality, it is illegal for Congress to even open the files provided from the IRS because Congress was told that those files contained protected information on individual taxpayers.

On top of this, and in spite of the assurances from NSA, NSA has been collecting the content of emails from US citizens who are not under any suspicion of any connection to terrorism.

The implications to your company’s ability to respond to Discovery Orders could be serious. Even if you have an excellent Life-Cycle Management policy which defines exactly how long you retain different categories of documents, the US government may be working to make those policies ineffective.

When you receive a court order asking for all of the documentation on a particular subject, you must deliver all and only the appropriate documents. These documents may include emails, text messages, tweets, and standard documents, spreadsheets and presentations. Most organizations don’t do a good job of responding to these court orders. The possibility, or in some industries, the high probability of receipt of a discovery order is one of the drivers to implementing a data life-cycle management system. Most organizations give far more than they should, and fail to give everything they must because they don’t know where all of the data is. Like data life-cycle management, if you have existing policies, systems and procedures in place, it is well worth the effort to make sure that your Cloud Service Provider can interface with them.

My recommendation is to make sure you have a well documented life-cycle management policy and that you carefully document a complete audit of those procedures at least once a year. The legality of the government introducing in a court case documents it has illegally obtained has not yet been tested. But if you can show that you made every effort to appropriately destroy information according to your reasonable data life-cycle management policy then the court may look favorably on your attorney’s objection to the introduction of government-obtained data.

Whatever you do, do not emulate the IRS. Do not destroy information after the issuance of a discovery order or the reasonable expectation that one may be issued. And do not include protected privacy information in response to any discovery order unless that information is specifically listed in the discovery order.

The last word:

The Philadelphia Inquirer reported Monday that the Veterans Administration Philadelphia Regional Office had once again demonstrated the importance of management bonuses over providing services to our veterans. In this case they changed the dates on hundreds of thousands of claims, some filed as early as 2011, so that they were no older than 125 days in order to meet guidelines.

The VA is a fine example of federal government bureaucracy, where management works very hard to destroy the reputation of the organization and the thousands of dedicated medical personnel who are working to protect and serve our veterans. What are the implications of Obamacare as it inexorably moves health care under the federal government bureaucracy?

But don’t worry, the IRS is watching over the implementation of the Affordable Care Act. The IRS is even working with the union of IRS employees to rewrite their agreement so that employees who have failed to pay their federal taxes will no longer get bonuses from the IRS. Not funny. Over 1,100 IRS employees received bonuses within a year of substantiated federal tax compliance infractions.

Comments solicited.

Keep your sense of humor.


Faster PowerPoint

Do you spend three or more hours most weeks creating and modifying Power Point decks? If so, I found something you really need: a short workshop that will reduce the amount of time you spend creating and modifying Power Point decks by two thirds. Really. For every three hours you spend now, you will probably spend no more than one hour, and your decks will look more professional. Taylor Croonquist of Nuts and Bolts Speed Training has created an on-line “watch and do” workshop that shows you how to do that.

Full disclosure: Taylor reached out to me and asked me to review his workshop so I did not have to pay the $98 for the course. But the course was well worth the list price. Wish I had taken it years ago.

The workshop is designed around the 2013 version of PowerPoint for Windows, although most of his techniques work on 2007 and 2010. Mac users cannot use many of Taylor’s techniques directly, although I think the workshop is worth the price even for them. Many of the ideas Taylor demonstrates work for the Mac version of PowerPoint, you just won’t get the full speed benefit. I ran much of the workshop in parallel with a Windows 2010 and Mac 2011 version up simultaneously. I spent about six hours going through the workshop, following along with Taylor on my Windows machine and often also on my Mac. I’m already using many of the tricks and techniques.

His main concentrations:

  • Use the keyboard instead of the mouse. The majority of the speed changes come from the simple fact that you can type a couple of characters a lot faster than you can pick up the mouse, find what you want, click or drag or whatever, and get your hand back on the keyboard. Aargh, you think, I have to remember a whole series of chords. Remember Word Perfect? Taylor has a very well thought out way to configure your PowerPoint environment to virtually eliminate the need to remember chords; you just need a few common points about how alt and control keys work that you probably already know. Everything else is on the screen. You will get a significant speed improvement immediately, and as your muscle memory becomes established it will all quickly become automatic.
  • Format an object once. Reuse it often.
  • Align everything perfectly. When you look at a slide and it does not look “right” it is probably because elements are not properly aligned. It can be a pain to get things to align right, but Taylor shows you how to do it perfectly and quickly. Your slides will stand out largely because misaligned objects will not distract from your message.
  • Use connectors correctly. Taylor shows you how to quickly set up even complex connector lines that are easy to maintain as your deck changes over time.
  • Take advantage of Ninja lines. Don’t look for them in your Excel help file. Ninja lines are just what they sound like: they appear out of the dark, do something magical, then disappear. Got a tough alignment problem? Call in the Ninjas.

Remember that every deck you create will probably go through a series of updates. Taylor emphasizes how to create each slide so that it can easily be updated over time, and how to take someone else’s messed up deck and quickly get it properly aligned and easy to maintain.

The user-interface of the course is quite intuitive and effective. Taylor is fun to listen to, even for a multiple hour stretch. He has a lot of enthusiasm for doing PowerPoint quickly while achieving professional results.

I strongly recommend this workshop. It will reduce your frustration with PowerPoint, and your managers and co-workers who constantly suggest “minor” changes, while giving you more time to do the important things.

Even after taking the workshop, you can still create a bad slide deck. It will look professional, and you will have done it in in one third of the time, but it will still be awful. Check out my earlier post on My Favorite PowerPoint Tips.

The last word:

I hope you had a Happy Independence Day celebration, waved a few flags, thanked a few vets, ate a few burgers and hot dogs, and “ah”d at some great fireworks. We don’t live in a perfect country, but we live in a great country. There is no other country I would rather live in. It was worth fighting and dying to create it, and periodically we have to fight and die to keep it great and free.

Comments solicited.

Keep your sense of humor.


In spite of the significant service and financial advantages of the Cloud, many companies and governments are increasingly reluctant to adopt it for their critical processing. This reluctance is not caused by security considerations regarding the basic technology of the Cloud; those issues have been largely resolved. Companies following best security practices with experienced Cloud Service Providers (CSPs) can have Cloud solutions with security matching or exceeding anything they could do internally.

What is causing this crisis of confidence is the US National Security Agency (NSA). We have seen almost weekly revelations about the unconstitutional collection of personal and corporate data by the NSA, accompanied by their lack of internal security that has allowed thousands of documents to be “lost,” including those released by Ed Snowden.

It is not just NSA. The British GCHQ (Government Communications Headquarters) is also tapping Internet communication. One British MP, Chi Onwurah, in “reluctantly and unhappily moving to the Cloud.” One reason is the US Patriot Act which essentially means that any data stored in the Cloud that ends up on American servers can be compromised by the US Government at any time without notice. Some countries have privacy laws requiring information be stored within the country. Companies in those countries have a problem with public cloud providers that have servers in multiple countries. That flexibility is great for reliability and business continuance, but a nightmare to establish and verify compliance.

All of this impacts revenue opportunities for American CSPs and the growth of the Cloud in general. But there is more.

from Glen Greenwald’s "No Place to Hide"

from Glen Greenwald’s “No Place to Hide”

In a letter on May 15, John Chambers, the CEO of Cisco Systems, asked President Obama to restrict the surveillance activities of the NSA. Cisco Systems is one of the major suppliers of the network hardware that creates and manages the infrastructure that is the Internet, with over 50% of the worldwide market by revenue. The cause of this letter was newly released revelations allegedly showing that NSA intercepted, en-route, equipment from Cisco and other manufacturers to their customers worldwide and installed NSA surveillance software. Mr. Chambers indicated that Cisco did not cooperate with NSA in this activity nor was Cisco aware of NSA interceptions.

If the allegation of NSA interference is true, or even believed to be true, it will impact the ability of Cisco and other US manufacturers to sell their equipment in the US or anywhere in the world.

NSA has been fairly consistent: anytime they have denied doing something it turns out later that they in fact were doing it. I’m not sure how President Obama can convince companies that he has “fixed the problem.”

What should you do? The Cloud still does provide significant value, but you need to control the security of your own data yourself. Use state-of-the-art encryption for both data-in-motion (data moving through the Internet) and data-at-rest (data stored in the Cloud), and make sure you control the encryption keys for the data-at-rest. I discuss one way to get a Secure Public Cloud in an earlier post.

The last word:

Depending on which version is more accurate, Abu Bakr al-Baghdadi was in US custody at Camp Bucca, a US-controlled detention facility in Iraq, for most of 2004 or from 2005-2009. In any case, he was given an “unconditional release” into Iraq under President George W. Bush. You may have recently heard of him: he is now the leader of ISIS, the Islamic State in Iraq and Syria, which is running rampant over northern Syria and threatening the existence of Iraq. In hindsight, it was probably a mistake to release him.

More recently, President Obama decided to release five senior Taliban commanders from Guantanamo prison to a life of luxury in Qatar, with full freedom of movement within the country, and able to go anywhere after one year. The manner of the release was in stark violation to a law President Obama signed requiring that he notify Congress at least 30 days prior to any such release; he notified a few members of Congress five hours before the transfer. Noorullah Noori, one of the five, has already vowed to continue fighting Americans.

In return, he obtained the release of Army Sergeant Bowe Bergdahl. As President Obama said, we do have an obligation to not leave our military personnel behind. The controversy, mostly in the press, that Sgt. Bergdahl may have deserted his post back in 2009 is irrelevant to the requirement to bring him home. If there is significant evidence, Sgt. Bergdahl will be court marshaled and, if found guilty, punished. That trial and punishment, if appropriate, must happen under US control, not Taliban control.

In a few years, will we wonder about the wisdom of President Obama’s method of getting Sgt. Bergdahl free?

Comments solicited.

Keep your sense of humor.


Decision Time

(This is another special posting by Suzy. I hope you enjoy it.)

He was just of average height and had ropey muscles indicating a vigorous, young man’s strength from years of working on the family farm. His family had come to this valley in western Pennsylvania with some of the first settlers, and different branches of the family had owned land all over the valley. The early morning July sun promised a hot day. Pushing a shock of dirty blond hair off his already damp forehead, his light blue eyes looked out over the field of winter wheat. It’s golden hue and fat heads told him it was ready for harvest. The air was still, and there was a bit of sparkle from the remaining dew. Within the hour the grass and fields would be dry and they could start harvesting.

He and his brother, Will, had just finished the alfalfa last week.. His father was pleased that they had finished before the Independence Day celebration. Mother had spent the week working to prepare the food for the family picnic. The holiday fell on Friday so that those who came from a bit farther stayed over to attend Sabbath Meeting before returning to their homes after dinner Sunday afternoon. Just now the family was mostly women and children and old men. The preacher had spoken about the war and all of the men who were away fighting. Brother Jack is on some island in South Carolina fighting this war. He’s been gone most of a year now. The Sharp cousins had gone earlier. Shortly after Jack left, their father had taken ill. It had seemed to take a long time for him to get his strength back. Jamie and Will were still doing most of the heavy work and everything took longer with fewer hands. Jack kept writing that their father shouldn’t fret about him, but both parent watched for the mail carrier each day hoping for some proof that Jack was still among the living.

Jack had helped put in the winter wheat last August, then joined up with Daniel Leasure and the100th Infantry, Pennsylvania Volunteers. Lawrence County had provided the men for F Company under James Cline. The Round Heads had pledged three years, but nobody thought it would take that long. In his early letters, Jack had written that they expected the war to be over by spring and he would be home by planting. They had gone to Camp Kalorama Heights, near Washington, D.C. for training. Then in the fall, his regiment had gone in a convoy of seven ships to North Carolina where they spent the winter on James Island. Now the fighting wasn’t going as well and Jack saw no end to it.

Jamie stepped off the porch and with an easy stride headed to the barn to get his hook.   He knew Will would be along soon. Will was still reading all the details about the war that were in the newspaper Mother had brought home from town. Jamie was looking forward to the rhythm of cutting the wheat, which would leave a lot of time to think, and he had a lot to think about just now. They had gotten a letter from his brother-in-law, A.J., just last week.   A.J. said he hoped the drill Jamie had done would be sufficient satisfaction of Military Duty to keep his war fever down. A.J. had come to the conclusion the he would much rather serve this great nation at home by cultivating the soil. He encouraged Jamie to value the production of food to feed the soldiers and those at home. He wrote that he requested Jamie not to go to War, but let somebody else fight to free the Negroes. Jamie didn’t know much about the Negroes, except that many were slaves, mostly in the south. He’d never even seen one. In these parts they rarely even saw an Indian. He had read Governor Curtin’s call for volunteers. Governor Curtin said that Washington was in imminent danger of being over run by the rebels. The regiments he had sent before had been sent to many places and now President Lincoln needed more men to protect Washington. Jamie did want to keep our great Union together.   His brother was marching and being fired upon. Word had come back that several of the young men he knew and had grown up with were dead. Every generation of his family before him had fought for this country except his father who had had the disadvantage of being born in 1812, and thus unable to defend his country in the war of that year. When Jamie was eleven there had been the War with Mexico. President Polk had not asked for volunteers to fight there and Jamie didn’t know anyone who had gone. Now, at twenty-seven Jamie was looking forward to buying his own farm, getting married and starting a family. After Sabbath meeting he had been visiting with Sarah. She seemed willing to marry and begin building their life together. If he signed up, would she wait for him to come home to her? Belle, who had been seeing Jack, had already begun visiting with one of the other fellows who had a farm up the road a bit. Would Jack even come home? Would he be maimed or killed in some battlefield whose name none here had ever heard before getting word of a battle? If Jamie went, would he come home? There was always that chance, too. Then, if he didn’t go would Sarah think of him as less of a man? Would he be able to live with himself?

Jamie cut the wheat and Will bundled it into shocks to dry. The weather held and by the end of the week it was time to separate the wheat heads from the straw. Then they baled the hay and stored it in the barn. On Saturday, the 19th, Jamie and Will walked into Harlansburg. Jamie had decided and Will wouldn’t be left behind. If they signed with this new group, the 134th, it would be for only nine months. He would be home by next spring. He would trust in the Great Giver of all good things that he would only miss one fall planting.   He signed.

Jamie had a little over two weeks to settle his affairs and to help his father prepare things around the farm so that the old man could handle it until spring.

On Friday, 8 August, Jamie and Will kissed their Mother and shook hands with their father and set off up the road for Harlansburg where they were taken by wagon to New Castle. At 4 P.M. they boarded a boat and started down river for Pittsburgh. They took heart from Jack’s letters about Army life. Now they were on their way to places they had never seen and their lives would be very different. Yet, Jamie was at peace. His decision had been made. He would fight in this war. He would be part of the Grand Army of the Republic and hold this great Union together.

The last word:

This is another story about my Great Grandfather based on his diaries and letters.


Comments solicited.

Keep your sense of humor.



Get every new post delivered to your Inbox.

Join 106 other followers