UPDATE: Dropbox just enabled two-step authentication for its cloud storage service. It's still in beta, but I'd recommend checking it out.
Hi there. Do you have an account with Google? Do you play Warcraft, Starcraft or Diablo? Then this post is for you.
Don't use those services or play those games? Well you should probably read this anyway, because it's going to come up in a few years.
You need to use an authenticator.
What's an authenticator? It's a thing that makes your accounts effectively hack-proof. See, there are three things you can use to log into something:
1. Something you know.
2. Something you have.
3. Something you are.
Most websites just use the first one: if you know your username and your password, you can get into the website. That's fine, except it means that if somebody else knows your username and password, they can get into the site just as easily, and seriously mess you up. If you're in any doubt about that, just read this post from Mat Honan, who watched his entire online life (and most of his hardware) get fried because somebody got ahold of his account information.
Now, you can take steps to prevent this sort of thing: use stronger passwords, use different passwords for every account, make sure you don't release any personal information (like the last four digits of your credit card) that an attacker could use to bluff his way into your account. Those are good things to do no matter what, and I encourage them. But it doesn't change the fact that somebody could figure out what your password is and walk right into your banking information.
What's the solution? You guessed it: an authenticator.
An authenticator is something you have: a physical token that generates a random number every few seconds, in most implementations. After you enter your username and your password, a website will ask you for your authenticator code. You just enter the random number that's currently on your authenticator, and you're in. If somebody doesn't have the authenticator, they can't get into the account. Simple as that. It's called two-factor authentication, and it kicks the pants out of your old username and password combo.
(In case you're curious, something you are refers to biometrics: fingerprints, retina scans, DNA sampling, biopsying your liver for a chemical analysis... stuff like that. It does get used for high-security facilities, but it's not very useful on the web.)
Authenticators used to be pretty limited, but more web services are making them available for their customers. The big two right now are Google and Battle.net, the service that runs all of Blizzard's games.
Can I be blunt? If you're using either service, turn on two-factor authentication right now.
I've been hacked before. It sucks. One thing I don't think I've mentioned before, though, is that my Blizzard account has been broken into. Twice! Jerks wanted to use it to make level one dunces and run around the World of Warcraft shouting "GOLD HERE $20!!1!" That one didn't turn out so bad, because I caught it quickly, I didn't actually play WoW at the time, and I actually got a bit of free play time once I got the account unsuspended. (And I quit again when the time ran out. WoW is a hideous time sink.)
Still, I didn't want to get hacked again. I do enjoy Starcraft quite a bit. So when I saw that Blizzard was offering two-factor authentication through a phone app, I jumped onboard. The app was free, quick to download, and worked just like I described above. And if I hadn't had a phone, I could have bought a physical token direct from Blizzard for only $6.50 that would have worked the same way.
There is no excuse whatsoever not to use one of these tokens.
Now, Google was a different case. My job doesn't permit cell phones in the office, so I assumed setting up two-factor authentication meant I wouldn't be able to check my email, or anything related to my Google account, at work. It didn't seem worth the trade-off, so I chose less security.
But after reading what happened to Mat Honan, I decided to bite the bullet and set up an authenticator. And it turns out those concerns I had were completely unfounded. See, if you don't have your authenticator on you, you can print out a sheet of one-time passwords to keep in your wallet or somewhere else on your person. You get ten at a time, and they all work the same as an authenticator (but only once - after you use one you throw it away). So if you lose your phone, or you don't have it available, you can still get into your account.
You do have to do a little extra work if you use Google Chrome, Outlook, Google Music Manager, or a few other services that aren't web-based. But even factoring those in, it took me less than an hour to set up the authenticator across all my services. And honestly? Compared to what could happen if someone broke into my email account, it's worth it.
I'm also very much hoping that other big Internet companies follow Google's lead soon. A few sites leverage Google's actual service: LastPass, WordPress, a few others I think. But I'd really love to see Amazon and Apple and Microsoft throw their weight behind this idea. Imagine! In a world... where you don't have to worry about having your email, your photos, your videos, your bank accounts compromised?
Good God! Why haven't banks jumped all over this? I mean there are limits to the problems two-factor authentication would solve for a bank; you can't fix corrupt and stupid, but how many accounts get compromised through the web in a month, let alone a year? Bankers: Get on this!
And if you're reading this, and you're using any service that supports two-factor authentication: Turn it on. Do it right now. You'll be doing us both a favor, and helping to make the world a better place. Salud.
Monday, August 13, 2012
Saturday, August 4, 2012
My Doctor Who Season 7 Wingnut Theory
The Doctor Who season seven trailer is out this week, and we're seeing a lot more of what's likely to occur this season. Check it out:
Awesome, but that's not what I want to talk about. I want to talk about a pet theory of mine on how the season's going to wrap up and set the stage for the Doctor's new companion. Rampant wittering (with full-blown spoilers for seasons five and six) begins after the jump.
Awesome, but that's not what I want to talk about. I want to talk about a pet theory of mine on how the season's going to wrap up and set the stage for the Doctor's new companion. Rampant wittering (with full-blown spoilers for seasons five and six) begins after the jump.
Monday, July 2, 2012
Status Report - Black Library Window 2012
Oh yeah! I write things. Bet you forgot about that, didn't you?
Last Saturday was the deadline for Black Library's latest submissions window. This was the last one they were accepting novels for - from now on, it's short stories or bust. So I figured it was about time I got off my ass and put together a novel pitch I felt proud of.
And I did! One novel pitch, and three short story pitches. I'm proud of all of them - less so by the day, granted, but I'm a neurotic. I do think my writing is getting better. I don't know if it's getting consistently worthy of publication, but I'll find that out in three months or so, hey?
I'm not going to go into problems I still have to get over right now, because that's shooting myself in the foot and I don't want that. But I will say that I'm getting better at planning out my work. Outlines, random notes, character sketches - all of this is seriously helpful.
I can recommend two books that are great primers on the subject of planning a book:
Nail Your Novel: Why Writers Abandon Books and How You Can Draft, Fix and Finish With Confidence by Roz Morris. Roz is very big on planning and walks you through all the prep work you need to do for a book.
Outlining Your Novel: Map Your Way to Success by K.M. Weiland. This book is entirely focused on outlining, so don't expect full novel-writing advice, but it does have useful tips for putting an outline together. And they aren't the same tips Roz documents, so it's worth reading.
I've read both of these myself and they were both worth my while.
So... what am I doing now?
I am not resting on my dubious laurels. I've got a plan for a novel about fairies and the people who kill them that has been rattling around in my head for... Jesus, five years now. It's high time I got the bastard on paper, even if it sucks (again). I think I'm up to writing it properly this time, though - by which I mean last time it was a NaNoNovel I didn't plan properly, and this time I intend to outline and plan and make sure I know exactly what I'm doing when I sit down to start writing prose.
And oh my God, would Breaking Bad mind keeping a consistent volume level for its dialogue? I get that there's power in soft-spoken menacing words, but it's kind of lost if I can't hear what anybody is saying without waking my wife up with gunshots...
Sorry. This got a little stream of consciousness there, didn't it? I'm trying to catch up on the show so I'll be ready to watch it's fifth season as it happens. Fantastic writing on this thing. It got my best friend to quit watching it halfway through season two, and I dropped it for awhile at the start of season three because it made me so uncomfortable. And then I started watching it again. That's quality, folks!
So yeah. I'm also dealing with a plumbing problem that is on its fourth visit by a repairman and hasn't been resolved. My home warranty company just loooves me, no doubt. I certainly love them. Why shouldn't I? I burned through my deductible two visits ago and they haven't cut me off. Take that, leaky pipe!
...I may have been mildly intoxicated while writing this post. Which I suppose I shouldn't encourage. Drunk authors are already practically a stereotype. So here's a picture that'll get you all jumping on the latest version of Firefox.
Last Saturday was the deadline for Black Library's latest submissions window. This was the last one they were accepting novels for - from now on, it's short stories or bust. So I figured it was about time I got off my ass and put together a novel pitch I felt proud of.
And I did! One novel pitch, and three short story pitches. I'm proud of all of them - less so by the day, granted, but I'm a neurotic. I do think my writing is getting better. I don't know if it's getting consistently worthy of publication, but I'll find that out in three months or so, hey?
I'm not going to go into problems I still have to get over right now, because that's shooting myself in the foot and I don't want that. But I will say that I'm getting better at planning out my work. Outlines, random notes, character sketches - all of this is seriously helpful.
I can recommend two books that are great primers on the subject of planning a book:
Nail Your Novel: Why Writers Abandon Books and How You Can Draft, Fix and Finish With Confidence by Roz Morris. Roz is very big on planning and walks you through all the prep work you need to do for a book.
Outlining Your Novel: Map Your Way to Success by K.M. Weiland. This book is entirely focused on outlining, so don't expect full novel-writing advice, but it does have useful tips for putting an outline together. And they aren't the same tips Roz documents, so it's worth reading.
I've read both of these myself and they were both worth my while.
So... what am I doing now?
I am not resting on my dubious laurels. I've got a plan for a novel about fairies and the people who kill them that has been rattling around in my head for... Jesus, five years now. It's high time I got the bastard on paper, even if it sucks (again). I think I'm up to writing it properly this time, though - by which I mean last time it was a NaNoNovel I didn't plan properly, and this time I intend to outline and plan and make sure I know exactly what I'm doing when I sit down to start writing prose.
And oh my God, would Breaking Bad mind keeping a consistent volume level for its dialogue? I get that there's power in soft-spoken menacing words, but it's kind of lost if I can't hear what anybody is saying without waking my wife up with gunshots...
Sorry. This got a little stream of consciousness there, didn't it? I'm trying to catch up on the show so I'll be ready to watch it's fifth season as it happens. Fantastic writing on this thing. It got my best friend to quit watching it halfway through season two, and I dropped it for awhile at the start of season three because it made me so uncomfortable. And then I started watching it again. That's quality, folks!
So yeah. I'm also dealing with a plumbing problem that is on its fourth visit by a repairman and hasn't been resolved. My home warranty company just loooves me, no doubt. I certainly love them. Why shouldn't I? I burned through my deductible two visits ago and they haven't cut me off. Take that, leaky pipe!
...I may have been mildly intoxicated while writing this post. Which I suppose I shouldn't encourage. Drunk authors are already practically a stereotype. So here's a picture that'll get you all jumping on the latest version of Firefox.
Sunday, July 1, 2012
The Important Lessons of Prometheus
Warning: You can infer spoilers about the movie Prometheus from this post.
So I just saw Prometheus this afternoon. It was a very good movie - not excellent, mind, but enjoyable to watch, and if you're a fan of science fiction/horror I recommend it. But a lot of the plot seemed to be... well, idiot-driven. Basically, if somebody needs to do something to advance the plot in this movie, and it doesn't make any sense whatsoever to do it... They'll do it! Because they're morons.
Clearly nobody on the Prometheus was trained in proper archeology, biology, or sociology techniques. But I am here to help! The following is a list of rules to follow when working on a xeno (alien) archaeology dig. Follow them, and you might live. Key word might.
So I just saw Prometheus this afternoon. It was a very good movie - not excellent, mind, but enjoyable to watch, and if you're a fan of science fiction/horror I recommend it. But a lot of the plot seemed to be... well, idiot-driven. Basically, if somebody needs to do something to advance the plot in this movie, and it doesn't make any sense whatsoever to do it... They'll do it! Because they're morons.
Clearly nobody on the Prometheus was trained in proper archeology, biology, or sociology techniques. But I am here to help! The following is a list of rules to follow when working on a xeno (alien) archaeology dig. Follow them, and you might live. Key word might.
Monday, June 25, 2012
The Mitt-McCarthy Synchronicity
I do not, strictly speaking, have time to write this post, being that I have a submission deadline coming up on Saturday and I am woefully under word count. But I rarely have anything useful to say about politics, and today seems to be an exception, so here we are.
There was an article in the Guardian last week that called out Mitt Romney for, well, lying in a lot of the attacks he's made on President Obama. You can read it here. Some of the highlights include:
- President Obama has raised taxes. Taxes have actually gone down during his term.
- Obamacare is a government takeover of healthcare. After what it went through to get through Congress, it's not even a government healthcare plan.
- President Obama's stimulus only helped preserve public sector jobs. Public sector jobs are actually way down.
And so on. You get the gist of it. Michael Cohen, the author of the Guardian article, puts it this way:
Note that "new and untraveled waters" quote at the end, there. In point of fact, this style of politics has been tried before, and was at least temporarily wildly successful. From Richard H. Rovere's book, Senator Joe McCarthy, originally published in 1959:
You will note the similarities between Mitt Romney as described in the Guardian article and Senator Joe McCarthy, the man responsible for the Communist witch hunts of the early 1950s. And while McCarthy was not an effective hunter of Communists, his political strategy was extremely beneficial for the Republican Party to use against President Truman. It only became a problem for them when McCarthy started throwing bombs at the newly-elected Eisenhower administration... and shortly after that he took on the Army and lost badly.
Still, McCarthy's "Multiple Untruth" was never properly discredited or defeated as a strategy. It simply fell into disuse... until, apparently, Mitt Romney dusted it off for the 2012 campaign.
I believe if pressed to defend his statements (rather than claim he never made them), Mitt Romney would be able to say that most of them are not, strictly speaking, lies. For example, he's said repeatedly that President Obama had complete control of Congress for two years. In point of fact, the Democrats only controlled Congress for seven weeks, the time between Senator Al Franken being seated and Senator Ted Kennedy's passing. For the rest of those two years the Senate was at the mercy of the filibuster, and would require at least some Republican support to do anything.
So Mitt Romney is not telling the truth; but he can easily say, for example, that he meant that the Democrats had a majority in both houses of Congress, which is correct. And yet his statements imply that the Democrats and President Obama had carte blanche to do anything they wanted for two years, and that's not true at all.
I don't believe that Mitt Romney could get away with this sort of thing in a televised debate against President Obama. But if he succeeds in distorting the public perception of President Obama's first term, he might not have to, especially if the economy takes a sharp downward turn in the next few months
And if Mitt Romney wins? There's been little sign that Romney is cut from the same cloth as Joe McCarthy, so he's unlikely to self-destruct in office. But he might succeed in making it easier for other politicians to tell multiple untruths without consequence, and that would be an unfortunate development for the entire electoral system.
(And while we're here, I strongly recommend reading Senator Joe McCarthy. It's an excellent account of the Senator's career, and a lot of it still seems applicable to modern politics. Unfortunately.)
There was an article in the Guardian last week that called out Mitt Romney for, well, lying in a lot of the attacks he's made on President Obama. You can read it here. Some of the highlights include:
- President Obama has raised taxes. Taxes have actually gone down during his term.
- Obamacare is a government takeover of healthcare. After what it went through to get through Congress, it's not even a government healthcare plan.
- President Obama's stimulus only helped preserve public sector jobs. Public sector jobs are actually way down.
And so on. You get the gist of it. Michael Cohen, the author of the Guardian article, puts it this way:
Romney has figured out a loophole – one can lie over and over, and those lies quickly become part of the political narrative, practically immune to "fact-checking". Ironically, the more Romney lies, the harder it then becomes to correct the record. Even if an enterprising reporter can knock down two or three falsehoods, there are still so many more that slip past.
It's reminiscent of the old line that a lie gets halfway around the world before the truth gets its boots on. In Romney's case, his lies are regularly corrected by media sources, but usually, in some antiseptic fact-checking article, or by Democratic/liberal voices who can be dismissed for their "partisan bent". Meanwhile, splashed across the front page of newspapers is Romney saying "Obamacare will lead to a government take-over of healthcare"; "Obama went on an apology tour"; or "the stimulus didn't create any jobs". Because, after all, it's what the candidate said and reporters dutifully must transcribe it.
Pointing out that Romney is consistently not telling the truth thus risks simply falling into the category of the usual "he-said, she-said" of American politics. For cynical reporters, the behavior is inevitably seen to be the way the political game is now played. Rather than being viewed and ultimately exposed as examples of a pervasive pattern of falsehoods, Romney's statements embed themselves in the normalized political narrative – along with aggrieved Democrats complaining that Romney isn't telling the truth. Meanwhile, the lie sticks in the minds of voters.
As MSNBC's Steve Benen told me:
"Romney gets away with it because he and his team realize contemporary political journalism isn't equipped to deal with a candidate who lies this much, about so many topics, so often."Romney is charting new and untraveled waters in American politics. In the process, he is cynically eroding the fragile sense of trust that exists between voters and politicians. It's almost enough to make one pine for the days when Sarah Palin lied about "the Bridge to Nowhere".
Note that "new and untraveled waters" quote at the end, there. In point of fact, this style of politics has been tried before, and was at least temporarily wildly successful. From Richard H. Rovere's book, Senator Joe McCarthy, originally published in 1959:
Writing about [Senator Joseph] McCarthy in a "Letter from Washington" for the New Yorker in the early days of his attacks on the State Department, I described one of the most striking innovations as "the Multiple Untruth," a technique comparable in many respects to Hitler's Big Lie. I wrote in part: "The 'multiple untruth' need not be a particularly large untruth but can instead be a long series of loosely related untruths, or a single untruth with many facets. In either case, the whole is composed of so many parts that anyone wishing to set the record straight will discover that it is utterly impossible to keep all the elements of the falsehood in mind at the same time. Anyone making the attempt may seize upon a few selected statements and show them to be false, but doing this may leave the impression that only the statements selected are false and that the rest are true. An even greater advantage of the 'multiple untruth' is that statements shown to be false can be repeated over and over again with impunity because no one will remember which statements have been disproved and which haven't."
You will note the similarities between Mitt Romney as described in the Guardian article and Senator Joe McCarthy, the man responsible for the Communist witch hunts of the early 1950s. And while McCarthy was not an effective hunter of Communists, his political strategy was extremely beneficial for the Republican Party to use against President Truman. It only became a problem for them when McCarthy started throwing bombs at the newly-elected Eisenhower administration... and shortly after that he took on the Army and lost badly.
Still, McCarthy's "Multiple Untruth" was never properly discredited or defeated as a strategy. It simply fell into disuse... until, apparently, Mitt Romney dusted it off for the 2012 campaign.
I believe if pressed to defend his statements (rather than claim he never made them), Mitt Romney would be able to say that most of them are not, strictly speaking, lies. For example, he's said repeatedly that President Obama had complete control of Congress for two years. In point of fact, the Democrats only controlled Congress for seven weeks, the time between Senator Al Franken being seated and Senator Ted Kennedy's passing. For the rest of those two years the Senate was at the mercy of the filibuster, and would require at least some Republican support to do anything.
So Mitt Romney is not telling the truth; but he can easily say, for example, that he meant that the Democrats had a majority in both houses of Congress, which is correct. And yet his statements imply that the Democrats and President Obama had carte blanche to do anything they wanted for two years, and that's not true at all.
I don't believe that Mitt Romney could get away with this sort of thing in a televised debate against President Obama. But if he succeeds in distorting the public perception of President Obama's first term, he might not have to, especially if the economy takes a sharp downward turn in the next few months
And if Mitt Romney wins? There's been little sign that Romney is cut from the same cloth as Joe McCarthy, so he's unlikely to self-destruct in office. But he might succeed in making it easier for other politicians to tell multiple untruths without consequence, and that would be an unfortunate development for the entire electoral system.
(And while we're here, I strongly recommend reading Senator Joe McCarthy. It's an excellent account of the Senator's career, and a lot of it still seems applicable to modern politics. Unfortunately.)
Subscribe to:
Posts (Atom)
Posts
