accendi.net

This is a quick 'n' dirty placeholder for a personal homepage, which syndicates the most recent posts from my Google+ feed Posterous blog and shared articles from Google Reader. Real homepage coming when I get around to it.

cfc@accendi.net

Blog

Fri, 28 Aug 2015 05:42:02 +0200

Mon, 24 Aug 2015 06:11:53 +0200

Killjoys vs. Dark Matter – The Verdict

So Killjoys aired their season finale, and Dark Matter has only one episode left. At this point, I think I've seen enough to render a verdict on how the two compare.

Killjoys is infinitely better. While Dark Matter has turned out to be significantly better than I expected from the premier, it is pretty weak on characterization, dialogue, world building, and original ideas, which makes the rare moment of genuine cleverness just that much more frustrating. On top of that, it feels much lower budget: low production values, less interesting cinematography, and they obviously hired the cast based on affordability, not talent. Still, it provides solid-if-uninspired executions of classic sci-fi tropes, plus the aforementioned rare moments of cleverness, so I would say it’s worth watching if you like gritty space opera and have a hole in your TV schedule that needs filling.

Killjoys is the real gem of the summer on SyFy. It owes much of that to its cast; some of the chemistry started out a little dry, but they've gelled nicely over the course of the season and have all turned out to be interesting and likable characters – I mean, even the minor secondary characters on this show have more depth and complexity than the stars of Dark Matter. It has the occasional moment of  annoying handwaving or dialog stilted from the delivery of a chunk of necessary exposition, but these are among the most common sins of any sci-fi story, and I would rather put up with some occasional exposition in the interest of world building than forego world building altogether.

While it hasn't quite reached Firefly levels of awesomeness (yet), it stands out as one of the best shows of the summer. Heck, it might very well be the best show of the summer if it weren't up against the formidable Mr. Robot for that title.

#killjoys #darkmatter #syfy #sciencefiction #tv #review  

Sun, 16 Aug 2015 05:13:54 +0200

This could be the beginning of an interesting new trend...

#serializedfiction #writing #serialbox  

Sat, 15 Aug 2015 23:22:59 +0200

Interesting look at the effects of Amazon's new payment model for Kindle Unlimited, based on author J. A. Konrath's first month with the new system.

#kindleunlimited #ebooks  

Sat, 15 Aug 2015 17:17:07 +0200

Looking for a good fantasy novel? H. L. Burke's Lands of Ash is temporarily FREE on Amazon Kindle as a promotional offer. It follows a band of survivors making one final attempt to defend what's left of their world from an apocalyptic invasion of fire elementals.

I helped critique early drafts of a chapter or two of this book over on Scribophile, so I'm looking forward to seeing how the final result turned out. Even then, the prose was pretty clean. It's nice to see work coming out from an indie author who takes writing seriously; there's nothing stopping indie novels from being just as good as traditionally published work, and I think the quality of this book really shows that.

Click below for your free download!

#fantasy #books #selfpublishing  

Fri, 14 Aug 2015 05:10:00 +0200

Mr. Robot, 1x08: White Rose

Spoilers...

.
.
.

So, my (and many others') theory about Elliot and Mr. Robot being one and the same may not be the case after all. They've been foreshadowing it hard, especially in the final moments of this episode... Which is what makes me wonder if it's all a misdirect, and he actually is just Elliot's very-much-alive father.

In an unexpected twist, we learned that Darlene is Elliot's sister, and that Elliot's mental problems are so severe he'd forgotten this. I love this for three reasons: First of all, up until about 10 seconds before Elliot remembers, I never would have suspected. Second, and possibly most important to the overarching plot, it ramps up the level of Elliot's explicit disconnection from reality to a whole new level. Third – and this may be the part I find most interesting – it completely transforms our understanding of Darlene's character. Up until now, she's seemed a little bit psycho. I mean, shortly after they "first met", she's showing up unannounced at his apartment and using his shower. What the hell, right? Who does that?

Family. That's who does that.

We also finally got the "pictures of Elliot's dad that look just like Mr. Robot" reveal that many of us have been waiting for, accompanied by Elliot's cliched, mirror-smashing identity crisis where he sees himself briefly as Mr. Robot. All of this could be leading up to the (obvious) "big reveal" that Mr. Robot is all in Elliot's head. But we also learned something else interesting... Elliot Alderson doesn't exist.

Now that could mean – it seemed like maybe they wanted us to think it meant – that Elliot, paranoid hacker that he is, had deleted all traces of himself from the Internet. Or it could mean that Elliot Alderson is a cover identity created – perhaps by his dad, Mr. Robot – to get him into Allsafe, where the team needed him positioned in order to pull off their mission. But due to his mental issues, Elliot (or whatever he's actually called) has forgotten that it's only a cover, and gone so deep he thinks he really is Elliot.

Right now, there seem to be two major problems with this theory: First, considering they have a team of half a dozen people, why would they make the crazy guy the deep cover linchpin of their whole operation? Well, there are a few possible explanations for that (maybe Elliot is the only one with some specific skills they need), but I think the best one is this: Elliot wasn't crazy when they started the operation. We know something serious happened a little over a year ago, because he just finished one year of court appointed therapy. My guess is that was when his psychiatric break occurred, and that he went undercover as Elliot at Allsafe before that.

The second issue is Angela, Elliot's co-worker and childhood friend. She's interacted too much with other characters, often far away from Elliot, to explain her away as one of Elliot's delusions, and she doesn't seem to be in on any of what fsociety's been up to. If Elliot isn't who he claims, she would surely know. Still, in a show that relies so heavily on an unreliable narrator to provide twists and turns, it's not a stretch that they'll come up with some explanation for this.

Then again... We might find out next episode that the "big twist" is just that Mr. Robot doesn't exist. I might be giving the writers too much credit. It's been known to happen before, even when I should have known better (coughmoffatcough).

(I'm actually halfway expecting a double fake-out at this point... Next episode, Mr. Robot tells him the story above. Much of the audience accepts, okay, this is the big twist we've all been waiting for... Then, in the season finale Elliot makes a comment to Darlene about Mr. Robot being their dad, and she's confused – because of course their dad died years ago.)

#tv #mrrobot #wildfantheory  

Fri, 14 Aug 2015 04:05:09 +0200

Tue, 11 Aug 2015 21:09:06 +0200

If you have any interest in publishing a book, you should read this. Dustin Fife, who holds a doctorate in statistics, crunched a ton of sales data and came to the conclusion that if you self-publish a book... You probably won't make any money. But if you manage to get a book traditionally published through one of the Big Five publishers... You still probably won't make any money.

Huh.

Ok, but this is actually where it gets interesting. If we ignore the vast majority of published authors who don't make any money, and only compare the estimated incomes of those who actually do, the results may surprise you: Authors who self-publish through Amazon trounce traditionally published authors by making, at the high end, a whopping... $10,000 per year.

Yep. With the exception of a handful of extreme statistical outliers (like Stephen King and James Patterson), that's more than traditionally published authors.

The lesson in all this? If you're thinking about writing, don't do it for the money. But if you think money would be a nice bonus... Self-publish.

#writing #statistics #selfpublishing #amazon #publishing #careeradvice  

Tue, 11 Aug 2015 04:52:53 +0200

Interesting. So Google is restructuring under a newly-formed parent company named Alphabet, with the things that are currently rather bizarre projects for a search engine company (self-driving cars, glucose-detecting contact lenses, etc.) becoming their own independent companies, which will be subsidiaries of Alphabet alongside the now more focused Google.

In a way it's a big change, but I can't say it's a terribly surprising move. Structuring things this way seems to make a lot more sense.

#tech #google #alphabet  

Sat, 08 Aug 2015 06:16:31 +0200

Hardcore Firefox security exploit. Upgrade yesterday.

Original Post from Kenton Varda:

Given today's Firefox vulnerability (allowing arbitrary sites to read arbitrary files off your local disk, with no trace that it ever happened), I tried to make a list of things Firefox users should do now to protect themselves in case they've already been compromised. The list got long quickly, and I don't think it's even complete. Here's what I have so far. What else should I add?

1. Update:
- Update to Firefox 39.0.3, or uninstall Firefox entirely.
- If using Debian, update Iceweasel to 38.1.1esr-1 or 39.0.3-1; unfortunately, these packages are still in the queue currently: https://packages.qa.debian.org/i/iceweasel.html

2. Rotate SSH keys:
- Generate a new key.
- Update Github to the new SSH key.
- Update ~/.ssh/authorized_keys on all servers you access via SSH. The most important thing is to make sure old keys are removed from this file.
- Delete the old key from your system -- note that this step in itself doesn't stop any attacks, but it helps ensure that you don't accidentally use this key again in the future.

3. Rotate secrets found in .bash_history.
- Search for "user:pass@": grep '[a-zA-Z0-9_]:[^@ ]*@'~/.bash_history
- Try to remember other secrets that might be in .bash_history. :[

4. Look for files whose names contain "pass" or "access" and might contain secrets, and rotate those.
- locate -b pass
- locate -b access

5. Review other files mentioned on the Mozilla blog. (https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/): .mysql_history, .pgsql_history, configs for subversion, S3, Filezilla, .purple, Psi+, remmina

6. Although not targeted by the known exploit, consider changing any passwords that might be stored in your Chrome password manager, which is stored totally unencrypted. Also any passwords in your Firefox password manager if you do not use a master password in Firefox.

7. Although the known exploit does not appear to target cookie jars, consider refreshing all your browser cookies by logging out and back in of each important service. Also try to figure out how to tell the service to log out your sessions on other machines. Note that 2-factor authentication does NOT defend against cookie-stealing. Tips:
- Log out and back in of Sandstorm Alpha and Oasis.
- On Sandstorm Alpha and Oasis, open the javascript console and type: Meteor.logoutOtherClients() (Yes, we need to add this to the UI!)
- For Github, remotely log out other desktop sessions here: https://github.com/settings/security
- For Google, see devices that are logged in here: https://security.google.com/settings/security/activity
- For Google, you can "sign out all other web sessions" by going into gmail, scrolling to the bottom of your inbox, clicking the "details" link in the lower-right (under "last account activity"), and then clicking "sign out all other web sessions". Why this is not directly on the security page above, I do not know.
- If any apps on your desktop use app-specific passwords to connect to Google, revoke them here: https://security.google.com/settings/security/apppasswords
- If any apps on your desktop (such as Chrome) use OAuth to connect to Google, revoke them here: https://security.google.com/settings/security/permissions
- Generally this is a great page to visit in general for Google security: https://myaccount.google.com/security

8. Enable two-factor authentication everywhere you can: Google, Github, Facebook, Twitter, etc. (Some people think social accounts are not so important to protect. This is absolutely false: scammers love hijacking social accounts and then sending messages to your friends saying: "Help I'm travelling and I lost my wallet, please send money.")