Pass this to everyone you know!!1!!

Seriously, do.

Here is something you need to do at least every few months or so. Go to this website:
https://haveibeenpwned.com/

Enter in your email address and click the PWND button. The search result will let you know if your email address was involved in any of the hacks, breaches, breaks, whatever from any of the online sites that report it.

If you get results, then go to the site(s) listed and change your password.

I now view all my email on my phone and online. I no longer download it. I was checking the spam folder of one of my accounts and saw I had sent myself an email. Usually this is a spoof or whatever but this one had the subject line that included an old password. And three of my websites have been hit with big login attacks. Added together, I took the safe road and with my webhost who confirmed it is a spam.

In addition to telling me to check out the pwnd site, they directed me to this article:
https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/

It is likely that this improved sextortion attempt is at least semi-automated: My guess is that the perpetrator has created some kind of script that draws directly from the usernames and passwords from a given data breach at a popular Web site that happened more than a decade ago, and that every victim who had their password compromised as part of that breach is getting this same email at the address used to sign up at that hacked Web site.

I suspect that as this scam gets refined even more, perpetrators will begin using more recent and relevant passwords — and perhaps other personal data that can be found online — to convince people that the hacking threat is real. That’s because there are a number of shady password lookup services online that index billions of usernames (i.e. email addresses) and passwords stolen in some of the biggest data breaches to date.

For the record, I don’t visit porn sites, I don’t have a webcam (that works), and lawd help them if they record me sitting here (if they could, that is). What I do have is a cool program called 1Password. It not only keeps track of them for me, it creates new passwords, lets me know if there are any too similar, and some other cool stuff. LastPass and Dashlane are two others. I found Dashlane to be rather intrusive in what it wanted to install on my computer, though. Do a Google search for ‘password manager’ and check them out. PCMag has a good review article as does CNET.

So, go to the Have I Been Pwned site, check your passwords, and put a piece of tape over your webcam.

*For those who don’t know, pwned is gamer shorthand for “pawned” and means to be really beaten (paper airplane meets flame kind of beaten).

Back It Up!

I am a big proponent of doing backups. My WIP files are in 3 places.

– WIP folder on my desktop
– to cloud (DreamCloud w/ DreamHost)
– USB key here at my desk

LibreOffice is set to do an autosave every X minutes as well as save the document as a .bak file whenever a save is done.

The cloud version backed up weekly.

The USB key is mirrored every morning.

Continue reading

Research Research Research

You can never research too much. Well, not really.

You can get lost in YouTube Hell: going in for videos on sword work and realizing you’ve migrated to watching kittens dancing to Timberlake.

You can start reading articles on sword work in Wikipedia and realize you’re now reading an article on nuclear fission (true story).

But in terms of backstory (stuff you will probably never use), you can never research too much. Know your subject matter. Know the character. Know the setting. You don’t need a degree in something in order to write a believable character. You just need to know enough to write about it. Your comfort level included. For example, I will never be comfortable enough to write a character who is into math. I know this. I can research all I want and it will never take.

Continue reading

Moving the Blog

As I slowly make the change from rambling on Facebook to using this website more, I am faced with a decision. When I first started this blogging thing (way back in 2003), the site was done by hand in html and tables. It was ugly but it worked. Then I learned basic CSS and upgraded the website. Moving to WordPress greatly improved the look and feel of the place!

I created the main site (They’re Just Words) then re-created the blog as a directory. I did a LOT of copy/paste! I still have some of the original html pages.

And now I am considering moving the blog (where you are now) to its own sub-domain. So the URL would be blog.paulaoffutt.com. I’ve created it but it is empty because moving a WordPress site can either be easy peasy or it can be PITA wita. Since I am not switching hosts (I love DreamHost and have been with them since 2002).

What would be ideal is to copy the database over, leave this one with a single page that says “We’ve Moved!” and give the address. But that’s the PITA wita.

DRM and Calibre

I recently really really wanted a book but the only place I could find it was on Amazon.com. I can’t stand buying books from them. But I really really wanted this one. So I bought it. Problem is it wasn’t downloadable but only available through their “cloud”. I had to use their app or use a Kindle. I didn’t want either one. I wanted the book I paid money for. I tried several methods of getting the book onto my PC but, when that failed, I requested a refund.

Then someone on Facebook found it for me over on the Kobo website and I bought it there. Now the problem was although it was in the epub format, it had the Adobe DRM on it. This is what I did to remove that so I could read it where ever I wanted. Since, ya know, I paid for it.

So, go buy an ebook from Kobo. Go through the purchase process. They’ll send you a confirmation email. But you can also just go back to the page of the book and click the “View in My Books” link to the left. This will take you to a list of the books you’ve bought there. Right click the three dots to the right of the book. Select “download”.

Continue reading

Cookies!

If you haven’t seen it yet, Thought Patterns (this blog) has a “privacy policy” now. Yay?

You can view that page here: Privacy Policy page. It has links explaining why on Earth I have a privacy policy. Not going to repeat it all here.

But I did some more research. See Linkages below.

I logged out of the admin panel then went into my browser’s privacy settings, found cookies, and deleted all of them from paulaoffutt.com. There were a lot because of the two sites within the same domain. Anyway, I removed them all, cleared the browser’s cache, and went to the website (paulaoffutt.com/blog). I then right clicked a blank spot and selected “Inspect Element” (this was Firefox but each browser should have the same “inspect” option). After that, click the “Storage” tab at top and “Cookies” from the lift on the left.

Doing so showed me two things:

First, visiting the site and accepting the privacy policy gives you two cookies. These are ironically from the new plugin I have to assist with keeping track of this GDPR thing. Go figure.

Second, if you leave a comment, and only if you leave a comment, you will get two (if you don’t enter a website) or three (if you do). See screenshot below. Click it for larger version.

Since I do not allow anyone to register and I don’t make anyone sign in via Facebook or Google and I don’t have any ads, that’s it as far as cookies go.

Linkages:
WordPress Cookies by commenters
Wikipedia article about Cookies
GDPR WP – the WordPress plugin I am using

Mindmapping

I was going to write another article of mindmapping resources but meh, too much work. But here’s the short of it:

I’ve demoed a LOT of mindmap programs and some are super simple to the point of being painful and others are super shiny to the point of being ghastly expensive. I’ll put linkages at the bottom of this. Currently, I have a subscription for Novamind (which I will cancel) and I have a paid version of SimpleMind (which I will keep). But what I am falling in love with and wish I could justify the cost of is TheBrain. So very, very shiny.

I’ve cleaned up my Writing Brain and will share the link to it. The software syncs between the desktop, the app, and the web version. You can mark the entire brain as ‘private’ which means no one but you and whoever you choose has access to it. You can mark the entire brain as ‘public’ which means anyone with the URL can access it. And you can mark certain parts of the brain as private and other parts public. Which is what I have done with my Writing Brain.

Continue reading