The heartbleed exploit has been getting a lot of press, but so far it’s only theoretical. The white hats who have tried haven’t yet succeeded in exploiting it.

Correction – according to this link, it has now been successfully exploited.


Here’s an explanation of heartbleed, courtesy of XKCD:



By all means, do change your password once you know the website in question has fixed the exploit, if they had it.  (Banks for example, typically don’t use openssl, meaning they weren’t vulnerable in the first place)

Use a different password for each account. Use keepass to keep track of your passwords. http://keepass.info/


But what about … if you use Amazon in a coffeeshop it’s child’s play for someone to hijack your session and see the last four digits of your credit card. Which are the digits that Apple uses to confirm a remote wipeout of your computer and iPhone. All gone. Not just theoretical (although the attack vector in the below case was slightly different)


a good layperson article on session hijacking:


If you don’t see https:// in your browser bar, and you’re on a public network, assume that anyone can see what you’re transmitting and receiving on the network. Generally, password entry pages are protected with https:// but subsequent pages may or may not be. This has been an enormous problem with Yahoo mail. There seem to be a number of automated exploit scripts out there that will spam all of your connections on your behalf.  They have switched to using https:// for their mail, after several years of leaving this gaping hole open, but I’m still suspicious of their attitude about security.

Never use Amazon in a coffeeshop.

Gmail is cool.  Facebook CAN be set up to use a secure connection. I can’t find it in the settings anymore, so maybe they’ve made it the default. Anything from Yahoo is bound to be a huge security hole (e.g. Yahoo new, Flickr), though they are getting better. So avoid using Yahoo on a public network, or at least log out before you leave.



Links for Getting Published

For anyone who is serious about getting published via traditional means or self-publishing, here are the links I recommend.  If you think you might want to try this in the future, check these out now.


Traditional Publishing

Our story thus far : unless you are a wildly successful author, submitting an unsolicited manuscript directly to a publisher will get you nowhere. What you want to do is submit a query letter to an agent, who will then represent you to publishers.

That means figuring out (a) how to write a good query and (b) knowing who all the good agents are. The below sites should help get you started:

http://agentquery.com – Lots of good information and explanations on this site.  You’ll want to read all of the articles at the upper left under the caption WRITERS. Any agents worth contacting are going to be listed on this site, and you can search by genre, &c. A good starting place to understand the basics of the publishing industry.

http://pred-ed.com/  Preditors and Editors lists all kinds of entities related to publishing, with some information on each one. Including “Recommended” or “Not Recommended,” indications worth noting.  They have more advice on sending queries.

http://evileditor.blogspot.com/ – Both amusing and informative, this site will teach you what to strive for in writing a query. (also, what NOT to strive for). I would even say that it’s a good study in what works or doesn’t in concept for writing a book.  Did I mention that it’s often hilarious?

https://www.publishersmarketplace.com/  When you get REALLY serious, I’ve heard this site is worth the $25/month subscription.

http://www.bulwer-lytton.com/ – if you’re looking for a good way to procrastinate, these are also hilarious. The goal is to write the worst possible opening line to a story. If you find your own opening line as one of the winners, you may wish to consider some revisions.


Major Publishers

The following are the five biggest publishers in the U.S.  The top one on the list (Penguin/Random House) is bigger than the next four combined.

  1. Penguin/Random House (We think they should have called themselves Random Penguin)
  2. Harper Collins
  3. Simon & Schuster
  4. Hachette
  5. MacMillan



If you would rather “self-publish” than go the corporate route, please be sure you understand the difference between a Vanity Publisher (who will rip you off) and a legitimate Self-Publishing house. Articles discussing these differences can be found here and here

Legitimate Self-Publishing companies include:


https://www.createspace.com/ (note: if you finish writing 50,000 words for National Novel Writing Month, you’ll get a couple of free proof copies from them)

Legitimate E-Publishers include



Self-publishing is fun if you want to have something in your hands right away and share it with friends, but if you’re aiming for wide distribution, you’ll have a lot of extra stuff to do that traditional publishers take care of for you. (e.g. hiring an editor, and cover designer; handling distribution and marketing).





NOTES: Character is King

These are my notes from the San Francisco Writer’s conference, 2014

The Lecture “Character is King” by Dave Corbett.  Saturday 2014-02-15. The handout is here:


The 5 aspects he lists are

  1. desire
  2. layers of adaptation
  3. vulnerability
  4. secrets
  5. contradictions

He draws out the list in the above PDF in several different ways.

1. Desire

I missed the 1st section, so starting on #2:


2. Layers of Adaptation

  1. pathological – hallucinations; eg. the movie “Repulsion” by the director of Chinatown (i.e. Roman Polanski)
  2. immature – e.g. blanche dubois from “streetcar named desire.” She is living in a fantasy.
  3. denial – acting like it isn’t happening
  4. mature – humor, altruism

3. Vulnerability

  • Pursuing an objective [masculine] – e.g. Blanche pursuing being able to stay with Stella
  • listening [feminine]

somebody wounded elicits the reader’s sympathy

type of wound:

  • existential – physical illness or literal wound
  • situation – alone in a strange town
  • moral – they’ve done something everyone will judge them for

side note ‘dramatic irony’ seems to be the voice of the time (meaning: the reader knows something the main character doesn’t).

4. Secrets

“Swing for the fences”

a secret can be small, with a big cover-up


5. Contradictions 

work if one can find the connection between them in the character




  1. Problem
  2. insight
  3. decision based on insight


(I guess this is what you would call character development!)



I’m excited that you’re reading this

Blame corporate buzzspeak for this if you like, but the term ‘excited’ merits its own policy in my life.  ‘excited’ and ‘leverage:’ when I reach either, I stop reading. 

If one doesn’t stop, one usually proceeds to some of the driest, most insufferably boring content conceivable.  “I’m excited to announce that…” followed by dull and irrelevant mountains of verbiage next to which drying paint is a thrilling action-adventure movie.

We most commonly receive such missives from our higher management. Some workshop on inspiring the unwashed! pounded this advice into their little brains: “No matter what the announcement, employ the word ‘excited.'” We now must focus on leveraging every day and every way the beneficial possibilities for reaching out to consolidate on our best strategy… how they go on like this baffles me. Nothing untrue, nothing useful.

Which has given me long hours puzzling “What is it they find so exciting about these tedious details? How could they find ‘excitement’ in such commonplace nonsense?”

Until I saw scientists reacting to discoveries on mars.  “We have found rocks!!” It made them so excited! So worked up! And me too, honestly.  I love good science, and the fact that they can discover meaningful things about geology so far away has a certain thrill to it.

Commonplace things become exciting when they’re on mars. 

Which is when it hit me: It’s because they’re from another planet.

I mean, our upper level of management who send us these mysterious messages. We’re being guided by aliens.

It explains many things.