Categories
Writing process

Security is a full-time business

Image of hacker with PC
When I looked at clip art for this week’s blog nearly all the hacking images were predominantly blue or green. They were also dominated by faceless hooded characters. I went for the hood but chose a little red to go with the mix.

One of the things I find surprising with running a website is how often people try to hack it. I mean, it’s not a big website, you can’t order anything on it, we don’t take money. So why do people bother?

But they do.

The security checker on our website reports how many times people try to log in, but can’t, and the number of times people look for a page that isn’t there.

You wouldn’t think that second one is problematic, but apparently there are known pages with security issues, and the hackers try to see if you have one of these pages on your site. If it’s there, they use it to hack into your system.

As for the log-in attempts. Yesterday, for example, we had eighteen attempts to log into our website. That’s right, eighteen.

This particular batch is multi-national. Some people (or bots, rather, because I expect it’s a program) are hacking in from London, some from the Netherlands, and quite a lot this time from Sydney, Australia. This is unusual, for hack locations seem to come in batches. For example, there’s a region in Ukraine where a lot of hacks come from, a couple in China, one in Argentina, one in Brazil, and one in the Netherlands. You’ll have days of, say, Ukraine-based hacks, then a break (because you’ve locked them out), then maybe days of attempts from Brazil, and so on.

My security program shows me who they are trying to log in as.

They try a lot of standard logins, like ‘admin’ and ‘test’. They also try ones associated with the username posted on the pages. For example, we get a lot of people trying ‘karen’, and ‘sherylyn’, and ‘skdunstall’.

Here’s a tip. Do not, ever, make your login name the same as the sign-off name you use on your posts. You’re handing hackers half the information they need to hack your system. Don’t make it easy for them. Likewise, don’t use ‘admin’. Or ‘test’.

Another thing we do to reduce hacking attempts is block the user on a single invalid login attempt. It’s a little inconvenient when I’m away from the home PC (which has the password stored) and I have to type in the password and get it wrong. There have been times where I’ve locked myself out of my own website for 24 hours. Even so, I wouldn’t change it.

If you don’t stop the hackers, they swarm, so right after this, I’m going to block eighteen IP addresses. My banned IP list is so long, it’s a wonder there’s anyone left to block.

Have a good week.

Categories
Writing process

Bad writing

OMG is the only possible reaction for some deleted scenes

Deleted scenes

We’re searching old manuscripts for deleted scenes for our July newsletter.

Some of these scenes we liked, but we deleted because they didn’t fit the story any more.  Others were deleted simply because they were just bad.

When you’re writing early drafts you allow your writing to be bad.  That’s what editing is for.  But oh, my goodness, they can be embarrassing to re-read.  Especially when you’re planning on putting them into a newsletter.

Some deleted scenes really should stay deleted.

Categories
Writing process

What we’ve been doing

The Handmaid’s Sisters panel. From left to right: Margaret Morgan, Simone Corletto, Melissa Ferguson

Continuum 15

I spent the week before last off work sick. I recovered just in time for our local speculative fiction convention here in Melbourne, Continuum. It was good, and I was over the bug, but everything passed in a haze.

I was so exhausted post-bug, post-convention that I couldn’t even get the energy to post a late blog.

Standouts that I remember include keynote addresses by both guests of honour, Kate Elliot and Ken Tan. Some interesting deep dives—Sherylyn especially liked Stephanie Lai’s deep dive into sand (Yo Ho Ho and a Bottle of Sand).

The Regency SFF panel chaired by Kathleen Jennings was a lot of fun and an affectionate look at Georgette Heyer and her impact on speculative fiction and the whole genre of regency romance. Did you know that once Heyer realised people were imitating her work she started to make up facts for her novels? People imitated that, so she’s one of two people in spec fic (and in romance) who has made up a world. The other is Tolkien.

One panel I enjoyed a lot, which I wasn’t truly expecting to, was The Handmaid’s Sisters, with Melissa Ferguson, Simone Corletto and Margaret Morgan. It was at 9:00pm on Saturday night, and to be honest, I only went because Sherylyn had volunteered to do desk duty then, but I don’t love dystopia, and the Handmaid’s Tale and stories of their ilk are a little too factual right now to be anything but downright scary. There were only four of us in the audience (one left early, but they packed the desk up early so Sherylyn made a second fourth). It was a good panel. Very enjoyable.

Copyedits

We received the copy edits for Stars Beyond on Thursday. We have two weeks to get them back to the publisher.

Sherylyn does this part, so I’m relaxing by writing a new book.

I must say, a copy editor’s style guide is a beautiful thing for a writer. It’s the kind of document you want about two, three, edits before the final one you send off to the editor. So you can make the story consistent. It has a list of words and how they’re spelt, proper nouns, descriptions of characters, and so on. Everything you put in your book is in the copy editor’s style guide. Including, if it’s part of a series, everything you put in the prior books, too.

Love it.

I just wish we could do the same thing about four drafts before.

Worldcon

We booked our tickets for CoNZealand, Worldcon 2020. If any of you are coming, see you there.

Fun fact, did you know Melbourne and Sydney are closer to cities in New Zealand, than they are to Perth, Australia?

Categories
Writing process

This dinosaur has succumbed to the inevitable

Yesterday I bought myself a new phone.

I can’t say I even wanted to upgrade.  I loved my little Microsoft Windows phone.  It’s easy to use, and synched in with my Microsoft account, so that anything on it went back to my laptop and my home PC. Very convenient.  Yes, you can do this with other ecosystems, but we’re Microsoft users, and it was so easy.  Log in with your Microsoft account and things just worked. 

Microsoft stopped supporting Windows phones some years ago. I don’t use many apps, and my phone has served me well for years, so it wasn’t an issue. Or hasn’t been to date.

So why did I change?

Work.

Whiteboards, for example.  Remember when the ultimate in whiteboards was to have one that printed what you wrote on it?  That old heat sensitive paper that faded, so that you had to photocopy it straight away?

Maybe not?  It was a long time ago.

Nowadays, you take a photo of the whiteboard on your mobile phone.  Likewise, draw a diagram on butcher’s paper, or put some Post-It notes around the wall.  How do you share them?  You take a picture on your mobile phone, then you share the image.

It’s all Bluetooth, but Microsoft phones (or my phone, anyway), only shares with other Microsoft phones.  It certainly won’t talk to any of the Macs we use at work.

Or take speakers. We do conference calls.  A lot of big companies do.  But the sound quality is so bad our team invested in a bluetooth speaker. Which works beautifully but guess whose phone didn’t talk to the Bluetooth speaker.  That means when I’m taking the call, I can’t use the speaker.

The deciding factor was when we chose to use What’sApp to communicate within the team.  It was even in the Microsoft store.  I installed it, but do you think it would let me join the work group?

No. 

So, I finally caved in and upgraded my phone. So long, little Microsoft phone.  You were good to me.