FAQ

What is a Snekul?

That is LUKENS backwards. Long ago, when signing up for internet usernames, I picked this. Despite there being less than 10 or so people named Eric Lukens in the USA, I found most decent usernames based on my name, first and last, or just last were already used. Wanting to be consistent, I decided to pick a new one, and going backwards was an easy thing for people to remember but also didn't look too bad either. It got me a short username that worked almost everywhere.

It turns out part of this reason is accounts and domains using the name were used up by what was then Bethlehem Steel, which had bought the old Lukens Steel company in 1997, though the Lukens name was sticking with the locals. At that time, Lukens steel operated the oldest continuously operating steel mill in the USA. Having been incorporated into its modern business in 1890, it had been making iron products for over 50 years prior to that under various names. This included iron boilerplate used nationwide and in the UK for the manufacture of most early locomotive train engines. Since then Bethlehem Steel has been purchased by the International Steel Group Inc in 2003, then it was consumed by Mittal Steel in 2004, which merged with Arcelor to make ArcelorMittal in 2006.  In 2020 Cleveland-Cliffs Inc., which owns many iron and coal mines, purchased ArcelorMittal. However, they're still holding onto at least some of the Lukens domain names.

Where do you work?

That's a secret. Not really, by law it's actually public information as I work for the University of Northern Iowa as a Senior Information Assurance Architect in their IT-Information Security department. For legal reasons, if you are interested in communicating with me regarding matters involving my employment at the University of Northern Iowa (UNI), you must use my UNI email address: eric.lukens@uni.edu. Emails sent there are subject to public records requests, as long as they are not covered under an exception to the law. It's best to presume that anything sent or received from that address could be published by the media or appear in court without requiring a subpoena. In the case of encrypted messages, I would have to disclose the decrypted copy if the message is not covered under the various exceptions to the law, which would require review by lawyers here at the University. That said, again, you have to use this method of communication for work-related matters; however, you can ask for my work phone number over email if that is preferred.

Where is snekul.com email hosted?

It is on Google's G suite legacy free edition.

What happened to your Facebook account?

I deleted it. Despite signing up in 2004, after having it for 20 years, I deleted it in the summer of 2024. After filtering out the noise, there were about 3-4 posts a month that I was interested in from family and friends. This was way, way down from the number of posts I used to be interested in during the early 2010s. It's been decreasing continually since then. It just was not worth the time sorting through all the ads, sponsored posts, and news reshares for the little bit of benefit I got out of it.

What happened to your Twitter (now X) account?

Similar to Facebook, the benefit was not worth the time investment it created, particularly after the ownership change.

What about Instagram, Snapchat, etc.?

I haven't found the need for these. If that changes, I'll post it on the contact page. I've been debating about some of the Twitter alternatives.

What about TikTok and Telegram?

Do not use them. I'm serious. Stay away.

Did you have a Lavabit email account?

Yes, though mine used the domain hotpop.com. My account predated the Lavabit branding, which was done as a response to concerns regarding the privacy of Gmail. At the time of the Lavabit shutdown, I primarily used it for junk/bulk email and not as my primary address. The shutdown of Lavabit was done by the operators as the US Government FISA courts demanded access to the SSL private keys to decrypt all users' communications to the service as part of the investigation into Edward Snowden. The only way this would have been useful was if a full tap of the internet connection to their servers was already in place. In addition to seeing the incoming email, this would likely have given them access to see the passwords used by users of the service, and then allow the FBI to log in as that user to see the full content of the email account.

I found an ericlukens@yahoo.com or ericlukens@hotmail.com address, are those you?

Yes they are. The Yahoo one is effectively dormant as I don't check it, but the account at Yahoo is still valid. The Hotmail one still works, just forwards to my account. Long ago, I used Yahoo, as they allowed free POP/IMAP access to use a desktop email client. When that feature went away, I migrated to Hotpop. Of course, when Gmail became available, I got one of those accounts and then went from there.

So snekul@gmail.com must be you as well then?

Yes it is. I've had that account since shortly after Gmail entered the public beta.

You call yourself a security professional, how can you use Google email?

Security and privacy have some different goals. My main concerns are to a) ensure that email sent from my address is actually really from me, b) that it is difficult for people to gain access to my account, and c) that the service is very reliable. Google does a very good job in regard to those issues. However, these are just security and availability concerns. Privacy concerns regarding how Google scans and handles the email for advertising purposes are absolutely valid. I personally have decided that the basic security concerns, reliability, and recognizability of Gmail outweigh the privacy concerns. Thanks to using my own domain, I can pick up and move it whenever I like, should my perspective on the situation change. 

Obviously, I take precautions with sensitive data. Either encrypting it or directing it via a different communication method.

I have certainly considered using ProtonMail, and even ran a test account on a custom domain for a while. However, in my professional and private experience, I have encountered entities that block ProtonMail or where ProtonMail accounts are given a significantly higher spam score. As ProtonMail allows sign-ups without a phone number or any other verification of identity, the signal-to-noise ratio of their email addresses is poor. With their zero-knowledge design, it is difficult for them to design powerful tools to keep phishers off their systems. As such, since I need my emails to be reliably received, I haven't migrated to ProtonMail.

This site is on Google Sites! Can't you use Drupal, WordPress, or something better?

I've run Wordpress sites before and probably could handle Drupal as well, but I don't want to spend the time for something as simple as this website. There's nothing important here and I accept no user-provided input. Everything is either intended for the public or isn't posted on here at all. Why would I need anything better? Google Sites handles my needs just fine.

Isn't it fun to get to spy on email and website activity?

Speaking for myself, I try to avoid it as much as possible. You are far more boring than you think. I have had to do it before, I don't like it and I don't want to do it again. Some businesses and schools might use their abilities to enforce productivity and other rules. On the other hand, the systems I've worked with have always been just triggering on known malicious websites or content.