Category Archives: Uncategorized

Meet the Brewster County Tourism Council

The most impressive thing about the Brewster County Tourism Council (BCTC) is the resumes of its members, a Who’s Who of the West Texas Rio Grande Big Bend.

Brewster County Tourism CouncilOriginally established as the Brewster County Tourism Board by an Order of the Brewster County Commissioners Court dated 23 September 1997, the mission of the Brewster County Tourism Council (BCTC) is to promote tourism and put “heads in beds” of lodging venues located in Brewster County Texas outside of the City of Alpine: To that end, the BCTC is charged with planning for the disbursement of a Countywide Hotel Motel Tax with a current annual budget in excess of $1 million:

The BCTC is also charged with keeping Brewster County Hoteliers informed about the Hotel Motel Tax and the activities of the BCTC Board and Staff. To that end, it holds meetings which are open to the public and which all Brewster County Hoteliers and others with an interest in promoting travel to and tourism in the West Texas Rio Grande Big Bend Region in general and Brewster County in particular should attend.

Lastly, the BCTC is mandated to “administer” Brewster County’s flagship destination marketing website VisitBigBend.com (VBB). We have on more than one occasion offered the BCTC some constructive criticism regarding that site, but we want to make it clear that the issues we raised have nothing to do with the members of the BCTC individually. For as we stated above, in our opinion the most impressive thing about the Brewster County Tourism Council is the resumes of those members – and here they are:

Rondell G. Sanders, President
Rondell Gene Sanders, President, Brewster County Tourism Council
forever in charge
Forever Resorts
Profile  |  Highlight
Bill C. Ivey, Vice President
Bill C. Ivey, Vice President, Brewster County Tourism Council
regional roots
Big Bend Holiday Hotel
Profile  |  Highlight
Barbara S. Trammell, Secretary
Barbara Sue Trammell, Secretary, Brewster County Tourism Council
terlingua true & thru
Chisos Mining Co. Motel
Profile  |  Highlight
Linda L. Walker, Member
Linda L. Walker, Member, Brewster County Tourism Council
living her legacy
Big Bend & Lajitas Stables
Profile  |  Highlight
Carol F. Peterson, Member
Carol Foxhall Peterson, Member, Brewster County Tourism Council
talented & connected
Gage Hotel
Profile  |  Highlight
John R. Price, Member
John Ross Price, Member, Brewster County Tourism Council
unpretentious pro
Lajitas Golf Resort
Profile  |  Highlight
Marsha L. Roberts, Member
Marsha Lee Roberts, Member, Brewster County Tourism Council
matron of marathon
TransPecos Bank (Retired)
Profile  |  Highlight
J. Travis Roberts Jr., Member
James Travis Roberts Jr., Member, Brewster County Tourism Council
legendary local
B.C. Historical Commission
Profile  |  Highlight
Claire E. Fausey, Member
Claire E. Fausey, Member, Brewster County Tourism Council
forever more
Forever Resorts
Profile  |  Highlight
Wendy S. Little, Member
Wendy Sue Little, Member, Brewster County Tourism Council
fighter for flora & fauna
Texas Mountain Trail
Profile  |  Highlight
Mimi Webb-Miller, Member
Mimi Webb-Miller, Member, Brewster County Tourism Council
la gringa guera
La Posada Milagro
Profile  |  Highlight

WPA2 KRACK Attacks Threaten Brewster County Websites & Their Visitors

WPA2 KRACK Attacks Brewster County TexasIf you pay attention to what passes for “news” lately, you may have seen reports crediting Belgian computer security wunderkind Mathy Vanhoef with the discovery of a KRACK (Key Reinstallation Attack) vulnerability in the IEEE 802.11i-2004 standard’s Wi-Fi Protected Access II (WPA2) security protocol.

Vanhoef documents his “discovery” in Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2, a research paper he wrote for presentation at the ACM Conference on Computer and Communications Security (CCS 2017) being held in Dallas, Texas October 30th through November 4th, and also via his website KrackAttacks.com. It’s worth noting, however, that KRACK exposes a defect in the WPA2 standard itself, and has therefore existed since 2004. That means it is possible that other parties may have discovered the defect earlier, but never disclosed it in order to exploit it. This slide from a 2010 PowerPoint presentation suggests that the NSA may have been wise to KRACK years ago, but not surprisingly they deny that.

Either way, the KRACK in the WPA2 standard impacts every device and application that leverages Wi-Fi wireless networking technology – which means smartphones, tablets, notebooks, other computers, printers and other peripherals, routers and other networking equipment, TVs and entertainment gadgets, “smart” appliances, even automobiles – and all the communications and network traffic that passes between them. Exploiting this vulnerability, hackers might steal confidential information, redirect web page requests, inject computer viruses or other malware, hijack devices, or execute man-in-the-middle (MITM) and other cyberattacks.

A significant portion of WiFi traffic placed at risk by this latest computer security nightmare is web traffic, i.e. information exchanged between websites or apps and their visitors or users. Perhaps that is why Vanhoef used a Match.com session to demonstrate the KRACK in WPA2. In this video he successfully executes a protocol-downgrade MITM attack which exploits the KRACK vulnerability to defeat the website’s SSL/TLS/HTTPS security and gain access to sensitive data.

In this tweet, Microsoft computer security expert Troy Hunt observed that “Match.com was the perfect site to demonstrate the KRACK Attack on – 6 redirects with 5 insecure requests & no HSTS anywhere!” HSTS is short for “HTTP Strict Transport Security“, an HTTPS deployment policy which guards against protocol-downgrade attacks by allowing only secure HTTPS exchanges and denying all unsecure HTTP requests. Like many other sites “secured” by HTTPS, Match.com had not implemented HSTS prior to the embarassment of Vanhoef’s demonstration – but you better believe Match.com has HSTS now!

WPA2 KRACK | HSTS | Terlingua Ranch LodgeHave you protected your website and its visitors by deploying HSTS? If your website is a speedy secure responsive web design (SSRWD) by WLWeb.US, then YES you have. Here are some Brewster County examples:

WPA2 KRACK | HSTS | Visit Big BendHave you deployed HTTPS without HSTS, or are you still using unsecure HTTP transport protocol? If so, then your website and its visitors are especially susceptible to an MITM attack exploiting the WPA2 KRACK vulnerability. Here are some Brewster County examples:

The encryption protection provided by HSTS is powerful, but it is not a cure-all for KRACK: You should also apply all KRACK-related hardware upgrades and software updates as quickly as your Wi-Fi technology vendors provide them. And adding HTTPS Everywhere to your web browser is a little thing that can go a long way towards protecting you. The takeaway is this:

KRACK does not affect HTTPS traffic – but HSTS is the only way to guarantee that all your website traffic is HTTPS.

Book>Direct at VisitBigBend.com: Poor Deployment of a Bad Idea?

Brewster County Tourisim Council | Book-Direct | Bad IdeaThe Brewster County Tourism Council (BCTC) is spending thousands to implement the JackRabbit Systems Book>Direct booking engine at VisitBigBend.com – but is it turning out to be a poor deployment of a bad idea? At least one lodge owner seems to think so. Here is their feedback as forwarded to us by the Brewster County Bulletin:

——– Begin Original Message ——–
Subject: Re: JackRabbit Systems Book>Direct at VisitBigBend.com: Just Too Many Hops
Date: 2017-10-01 14:28
From: [A Brewster County Lodging Vendor]
To: [Recipient Redacted]

Thank you so much for all your efforts. Unfortunately for us here at [our Brewster County lodging venue], they are terribly misguided.

Instant Book seems to work for standard locations, and more standard hotels.

  1. We are in Terlingua, an alternative community (oh my!).
  2. We are [a few] miles from the border (hence dangerous and filled with desperate illegal immigrants passing through. Although not the case).
  3. We are handmade houses (even though the photos tell the whole story).
  4. There is a dirt road and driveway to the location (they have to drive slowly and avoid the dips. Oh my!).
  5. There are no stores or chain restaurants (not the normal environment).
  6. Its the desert and has intense and passionate weather episodes (it is hot in the Chihuahua desert in June. Oh my!).
  7. This is Terlingua where Internet, electricity and water can go out for days at a time.

Most Americans can’t embrace some or most of these.

Some hotel owners ignore the unhappy guests and keep their money, and some of us live on site and care about our guests. If someone doesn’t want to be here, I think they should get their money back and find a place they want to stay. Otherwise they will leave Big Bend all together.

So people see the property on the internet, think it could be cool, and press the button to reserve. We set the reservation, and when they arrive, sometimes, they get completely freaked and want to get their money back and leave immediately. So I give them their money back, and I have lost the rent for their dates.

I will not accept Instant Book from anywhere. I have stopped my subscription with VRBO because they demanded Instant Book. [But how] can I fight Brewster County Tourism when I must pay them every month by law? Please find another way to fix your problem. You are going to mess us up big time.

[Lodge Owner]
[Lodge Name}
[Lodge Phone]

——– End Original Message ——–