Star Trek Novel Icons

Sep. 22nd, 2017 06:17 pm
sheliak: A mermaid stares in fascination down a chasm in the ocean floor, through which an underwater city is visible. (trot)
[personal profile] sheliak posting in [community profile] fandom_icons


20 Star Trek: Rihannsu icons and 55 other Star Trek TOS book cover icons over here.

Star Trek Novel Icons

Sep. 22nd, 2017 06:17 pm
sheliak: Handwoven tapestry of the planet Jupiter. (Default)
[personal profile] sheliak posting in [community profile] icons


20 Star Trek: Rihannsu icons and 55 other Star Trek TOS book cover icons over here.

Aaaaaand nominations are closed!

Sep. 22nd, 2017 06:01 pm
spookykingdomstarlight: (Default)
[personal profile] spookykingdomstarlight posting in [community profile] swrarepairs
Thank you to everyone who made this year even bigger and better than last year. To see the tagset in all its glory, go here. I'll be spending this evening and the rest of this weekend making sure everything is good. If you notice anything amiss, please feel free to let me know in a comment here, a private DW PM to spookykingdomstarlight, or via the swrarepairs tumblr.

Misc

Sep. 22nd, 2017 05:20 pm
ranunculus: (Default)
[personal profile] ranunculus
Worked a show at the Masonic Auditorium yesterday.  Singer named Kalid.  Very minimal load in after which I came home and slept solidly for an hour and a half.  Went back to run followspot on an utterly forgettable show.  No work now till Monday.
Planning a trip to Ukiah on Sunday with Donald. 
  • I want to check the drip irrigation and see if the coyotes chewed it up again. 
  • Carrie needs help finding a fault in the fence at the Iris Barn.
  • We plan to spend a bunch of time painting the plywood for the Shelter.  I want it done soon!!!
Got the garden watered today.  Tomorrow I should water again, it was really dry.
Called the Ranch insurance agent and reminded her that I need a breakdown of the insurance cost.  
Now I need to write an e-mail to the Union office about a couple of things. 





sovay: (Otachi: Pacific Rim)
[personal profile] sovay
In about an hour, I am going to see Howard the Duck (1986) on 70 mm at the Somerville Theatre. It's part of their second annual 70 mm & Widescreen Festival, which started this Wednesday and runs through the rest of the month; last year it offered me such superlative viewing experiences as Richard Brooks' Lord Jim (1965), Stanley Kubrick's Spartacus (1960), Disney's Sleeping Beauty (1959) and Steven Lisberger's Tron (1982), and this year I am starting with a duck from another planet. We're meeting my parents for it. My father unironically loves Howard the Duck. He ranks it with '80's cult classics like W.D. Richter's The Adventures of Buckaroo Banzai Across the 8th Dimension (1984) and has always felt it deserved a sequel. I have not seen it since high school at the latest and have peculiarly fragmentary memories of the plot. The opening sequence is picture-clear: Howard on his home planet greeting a Playduck centerfold with "My little airbrushed beauty!" before being sucked through space and time into Cleveland, Ohio where he rescues a new wave chick from some muggers with the ancient martial art of "Quack Fu." She has a band. I want to say he ends up managing it. After that things start to break up. I remember that an eldritch thing possesses Jeffrey Jones—and that it happens for the decently Lovecraftian reason that it is never a bright idea to open a door at random into the deep reaches of space when you don't know what might be on the other side—but I don't remember the mechanism or the immediate consequences, except that I have the vague sense of a road trip. I remember that Chip Zien voices Howard, when I know him much better for his work in musical theater. IMDb tells me that this movie was also the first place I saw Lea Thompson and Tim Robbins. I'm really looking forward. Other films I am planning to catch on 70 mm include Patty Jenkins' Wonder Woman (2017) and Joseph L. Mankiewicz's Cleopatra (1963), which should really be something on a big screen, as should an IB Technicolor VistaVision print of Hitchcock's North by Northwest (1959). I am a little sorry to have missed The Dark Crystal (1982) earlier this evening, but it has been a long and stressful day. There's always the matinée repeat on Sunday if I really feel like it. In the meantime, there's a space duck.

Ukiah

Sep. 22nd, 2017 05:29 pm
ranunculus: (Default)
[personal profile] ranunculus
A flying trip to Ukiah on Tuesday Sept 19th was very satisfying.
  • The planning department gave me an extension to my permit for the shelter at the Red Barn.  It is hard to believe that it has been a whole year since we began trying to get that thing together.
  • Johnny came and helped me get the last 6 sheets of roofing onto the shelter. 
  • I purchased more paint primer (now there is 10 gallons) and 5 gallons of the tan top coat. 
  • I fixed a lot of problems on the Howell Creek drip irrigation.  Sadly a whole lot of plants had died of lack of water.  It looks like Mr Coyote got in and chewed up the drip lines so he could get a drink.  Even with the dead plants there were plenty of plants that survived, thank goodness.  Most of the damage was on the lower end, the upper end was relatively unscathed. 
  • I pulled the tarp back over the top of one of the storage tents.  The knots holding it had been tied by my helper and were clearly sub-standard.  Shouldn't be a problem now.  The tarp is to help reduce sun damage to the tent itself. 
  • Dave the Deer Hunter came by as we were finishing up the roofing and we agreed to have dinner together up at his camp.  It was very pleasant, if sad, since Dave's dad died recently. 
Altogether the day was beautiful and I got everything on my infamous "list" for the day done. 


Hmm. Just...hmm.

Sep. 22nd, 2017 07:26 pm
akamarykate: jlo the boov says yes oh but! (ohbut)
[personal profile] akamarykate
I found out today that one of my brothers and his wife are down in Florida. They were supposed to go on a cruise to St. Thomas with her family, but after Irma the plan changed to a different island--my mom didn't know which one--and then today he emailed them asking for a phone number for my cousin who lives in Ft. Lauderdale. No other explanation, so we're not sure if they're cruising or not.

But my question is, what are these cruise lines doing running business as usual down in the Caribbean right now? If they had any ethics or empathy, couldn't there be a way to get the boats down to people who need shelter (and power!) and take care of them until they can at least start to rebuild? Give people who've booked cruises the option of refunds or of using the money as a donation. The positive publicity would be incredible.

I don't know, maybe there are regulations or something that prevent it, but honestly, I would think this is a decent time to say screw the regulations if there's some way to help.

Delayed Friday prompt post

Sep. 22nd, 2017 08:15 pm
randi2204: (mag7 - undeniable yearning)
[personal profile] randi2204 posting in [community profile] mag7daybook
After an unintended break - mostly because I'm terribly forgetful - the Friday prompt post returns!

If you have ideas to share, leave them as comments to this post. If you're looking for ideas to work on, take a gander at the prompts left here and see what gets your muse working. With luck, the result will be fannish fun for everyone!

Prompts work best with certain bits of information: Character(s)/pairing, universe, prompt.
Example: Chris/Ezra, any, you’d have to be crazy to love me, oh, but I wish you would.

If none of today's prompts get the words/art/fun flowing, there are lots of other prompts at our Del.icio.us archive that might. And when I say lots, I mean LOTS.

Ready, set, prompt!

Prompts
Chris/Ezra, any, you’d have to be crazy to love me, oh, but I wish you would.

The recklessness of falling in love

Sep. 22nd, 2017 07:04 pm
[syndicated profile] ao3_merlin_feed

Posted by <a rel="author" href="/users/Arianne_Isobel/pseuds/Arianne_Isobel">Arianne_Isobel</a>

by

Arthur, the golden head boy of Camelot was completely fine with who he was - out and proud. Merlin - trapped with his homophobic stepfather after his mother died - is hiding who he really is. And he most certainly does not like boys - especially not Arthur Pendragon.

Words: 19000, Chapters: 1/1, Language: English

The Flash season 3

Sep. 23rd, 2017 12:42 am
beccaelizabeth: my Watcher tattoo in blue, plus Be in red Buffy style font (Default)
[personal profile] beccaelizabeth
The time travel to 2024?
Ugh.
I mean, I know what they're going for. This is the hero at his darkest. He gave up so now everything is awful. That's what happens when the protagonist gives up.

Read more... )



So I'm just annoyed, because it's all very well telling a story about team Flash making a difference, but it winds me right up if they're saying they have to have Flash around to do it. Everyone can make a difference.

Except not when their name is not in the title.
tassosss: (Default)
[personal profile] tassosss
And speaking of slogging along. I mean, I love this series and I'm glad I've got some momentum on it, but it has been work to get it going again.

Sunday Dinner: Melissa (2312 words) by Tassos
Chapters: 1/1
Fandom: Teen Wolf (TV)
Rating: General Audiences
Warnings: No Archive Warnings Apply
Characters: Sheriff Stilinski, Melissa McCall
Additional Tags: Werewolf Sheriff Stilinski, Dinner, Friendship, Male-Female Friendship, Conversations, Alternate Universe - Canon Divergence
Series: Part 6 of Lycanthropic Optics: Werewolf!Sheriff AU
Summary:

John bumps into Melissa at the hospital. They have a long overdue chat.


writing is a thing again

Sep. 22nd, 2017 07:19 pm
tassosss: (Default)
[personal profile] tassosss
So you know I've been complaining for months about how writing is like pulling teeth? I've been slogging along, working on finishing half finished things (and succeeding), poking at a couple new ideas that haven't stuck, and it's all felt like work and drudgery. Until, this week. When I started an Avvar!Cullen/mage!Trevelyan romance that is all about the dubcon and in basically two sittings have gotten out 5,000 words.

Let's back up. I've basically been writing a little over 5k words a month this year, with some variation, and definitely not in two days. And it wasn't even hard! What is that even? Writing? Not a painful exercise? (Sidenote: on top of that writing at work has been pretty good this week too...)

So, yeah, writing is suddenly fun again. Also, witness me be incredibly uncomfortable writing my own kinks. I mean, lbr, this is an idfic romance at the moment (though with my usual over thinking of how to make the situation work). It's also basically the first part of 7 Brides for 7 Brothers, which makes me feel a little weird 'cause I don't actually like the movie, but, man, I sure as hell love Avvar!AUs, and forced closeness, and bedsharing, and a marriage of convenience, and ALL THE SILLY TROPES. I just prefer reading them to writing them. So I'm trying something new here. It'll help me grow as a person.

Anyway, I'm already worried about finishing it. This is the same feeling I've gotten starting the other three novel length fics that are about half done at ~60k. I'm hoping this one won't be that long. And that I finish it. Wish me luck.

Nominations Close at 6PM PST

Sep. 22nd, 2017 04:35 pm
spookykingdomstarlight: (Default)
[personal profile] spookykingdomstarlight posting in [community profile] swrarepairs

Get your last minute nominations in now! Find the tagset here and the spreadsheet here.

Here’s a countdown for you!

Happy nominating! And then we’ll see you on Sunday for sign-ups!

Meme Time!

Sep. 22nd, 2017 06:14 pm
alisanne: (Default)
[personal profile] alisanne
Stolen from [livejournal.com profile] lijahlover ages ago!
I am doing it now to distract myself from the fact I haven't been able to come up with anything for this week's [community profile] hogwarts365. :((

Anyway, below the cut at my childhood crushes:
Wow I was a nerd )

So, who were your childhood idols/crushes growing up?
Tell me! Distract me from my no-writing slump!

Also, I tag...[personal profile] lilyseyes, [personal profile] torino10154, [livejournal.com profile] sassy_cissa, [livejournal.com profile] akatnamedeaster, [personal profile] adafrog, [personal profile] capitu, [livejournal.com profile] enchanted_jae, [livejournal.com profile] brumeier, and [personal profile] digthewriter. *g*

this week. month. season.

Sep. 22nd, 2017 04:20 pm
jazzfish: Jazz Fish: beret, sunglasses, saxophone (Default)
[personal profile] jazzfish
The weekend was alright-to-good. I'd moved my dentist appointment to Monday from the middle of next week, and that went fine except for some gumwork that I'll need to have done in a couple of weeks. Then come Tuesday night the stress stacked up again. Emily's successfully located a subleaser, at least for a couple of months: yay! I won't have to pay half the mortgage in addition to Vancouver rent, and I might even not be dipping into savings. At least for that couple of months.

Trouble was, the subleaser wanted in on 1 October, and I was scheduled to leave Thursday evening and not get back 'til next Sunday. The first. Panic ... did not exactly set in, though stress certainly did.

Over the course of Wednesday I:
  • Got a couple of friends to hang out with me Wednesday night and help finish packing, which otherwise would have been a) slow, b) frustrating, and c) generally sad-inducing.
  • Acquired a small storage unit on short notice.
  • Decided to just call in exhausted on Thursday due to not sleeping well (this is not a lie), and just go in for my early-morning meetings.
So that happened and the packing went fine, and the move itself went fine. I left the bookcases and coffee-table there for the subleaser's use; the bookcases might fit into the storage unit if necessary. I'd intended to find myself a new better bed and move the old one to the condo so the subleaser could use it but given my state the last week or so, finding a decent bed was Not Happening. I'll throw money at Emily to find a bed. And then I guess I'll have two low-end beds.



After all that I made it back to my basement apartment about an hour before I'd expected, with plenty of time to pack for ten days up north. Indeed, I managed to leave about an hour early to get to the airport, so I'd have plenty of time to grab a leisurely dinner before my flight.

Except that when I got to the airport I realised I'd forgotten my viola, which would make it difficult to a) practise and b) have a Skype lesson on Tuesday. So, half an hour transit back out to the apartment and half an hour back to the airport, and there went all the extra time I'd built in for dinner. I did manage to grab something to eat anyhow but it was a close thing.

I then discovered, once I got here, that I'd left my glasses at home as well. This is deeply frustrating, as it rather limits my late-evening options. It's also gonna make things interesting if my contacts self-destruct again.

(I briefly thought I had lost my Nexus card, but it turned up again. Still not sure what happened there. I'd blame my lack of glasses except that I generally find things by touch and not by sight, so.)



But the weekend was pretty good: reconnected with Erin, went out to a couple of events to start trying to make connections in the local kink community, generally got a little more sociable and a little less stuck in my own head.

And today's the equinox, so maybe the horrificness has just been the fault of summer and it'll start to settle out now. I can hope, anyway.

Dept. of Poor Kitty

Sep. 22nd, 2017 05:49 pm
kaffyr: Kitty from "Kiki's Delivery Service" (kiki cat)
[personal profile] kaffyr
Phil's Very Bad, No Good Day

Poor Phil. Our little black kitty, who we've been treating for the past couple of weeks for ear infections - and taking to the very nice vet twice in those past couple of weeks - has been, finally, diagnosed with an ear polyp. It's bleeding when it gets jostled, which is why one ear has been smelling nasty; old blood. Eurgh. It doesn't seem to hurt him too much, and it's not awfully itchy, as ear mites would be ...

... but he needs surgery. And the surgeon our vet recommended is 30 miles outside the city limits (in Buffalo Grove, oddly, where I spent 19 unpleasant months covering the community. In fact, when our vet handed BB the booklet, I thought "I'll bet this is somewhere way the fuck out, please let me be wrong," and of course I wasn't. Fucking Buffalo Grove.)  Since Phil goes unhappily nuts for the 10 minutes it takes us to drive to the regular vet, this promises to be extraordinarily stressful for him, and for us. Especially since he'll have to go out for a consult, and then back out for the actual surgery. 

It's going to cost, too, but to not do it would be wrong. There is also the possibility, we're told, that the polyp may have grown through the eardrum; and that may mean they can't remove the entire thing, and that it may grow back. Aaack. 

Poor guy, he's really so forgiving of us. He's already climbing back into my lap, and wanting to be petted. I love him, and I hate stressing him out.

In happier human news, I feel much better. And it's the weekend. So there's that. 

Diving Beetle

Sep. 22nd, 2017 11:01 pm
guppiecat: (Default)
[personal profile] guppiecat

Diving Beetle_2


It’s taken a lot of practice, but I’m finally getting decent photos of diving beetles mid-dive.




Originally posted at stories.starmind.org.
[syndicated profile] the_mary_sue_feed

Posted by Kaila Hale-Stern

A leaked tape of MSNBC anchor Lawrence O’Donnell having several angry outbursts while filming went viral this week.

On The Late Show, Colbert teased O’Donnell that he was showing “solidarity” by leaking his own outtakes, which are predictably hilarious.

  • Vampire Diaries star Ian Somherhalder “joked” about how he flushed his wife Nikki Reid’s birth control down the toilet because he wanted to start a family. No one was amused. Listen, I will always love Damon Salvatore but Ian Somherhalder can bite me. (via Allure)
  • Battle of the Sexes doesn’t go deep enough into the tragic nature of Billie Jean King’s relationship with Marilyn Barnett. (via Newsweek)
  • Neil Gaiman will voice a character in The Simpsons‘ annual “Treehouse of Horror” episode that parodies his Coraline. (via Slashfilm)
  • The brilliantly funny Kumail Nanjiani is slated to host Saturday Night Live this fall, and there’s some other Gal hosting another episode that you may have heard of. Honestly, give me ALL of the Wonder Woman sketches. And if Gal feels like bringing back singing Chris Pine for a cameo, I am here for that.

Happy imminent weekend! I hope the world doesn’t end tomorrow. What’d you see today?

Want more stories like this? Become a subscriber and support the site!

The Mary Sue has a strict comment policy that forbids, but is not limited to, personal insults toward anyone, hate speech, and trolling.—

[syndicated profile] the_mary_sue_feed

Posted by Kylie Cheung

Welcome to The Week in Reproductive Justice, a weekly recap of all news related to the hot-button issue of what lawmakers are allowing women to do with their bodies!

Just one week after Vermont Sen. Bernie Sanders’ “Medicare for All” bill which would have offered abortion coverage for all began to gain traction, Republican Senators Lindsey Graham and Bill Cassidy introduced a new Obamacare repeal bill. The bill would — on top of taking away health care and potentially killing thousands of disabled, sick, and elderly Americans — slash women’s access to reproductive health care.

Obamacare repeal attempts are like a GOP zombie that refuses to die, and it would almost be comical if they didn’t pose continual threats to women’s living standards. Graham-Cassidy, like its previous incarnations, would defund Planned Parenthood and also slash Medicaid funding for maternal care, which really raises a question of whether Graham, Cassidy, and all Republicans, frankly, are “pro-life” or anti-woman.

And I think we all know the answer to that question.

Here’s everything else that happened:

Illinois governor refuses to say whether he’ll sign bill to protect Roe

This week, Illinois legislators passed HB 40, a bill that would ensure that Illinois women had access to safe, legal abortion in the event that a Trump-controlled Supreme Court were to overturn the landmark Roe v. Wade ruling. The bill would also allow women with Medicaid and state-employee health insurance to use this coverage for abortion services, which is the controversial part for “moderate” politicians, who refuse to recognize abortion as the legal and objectively necessary medical procedure it is.

However, legislators say they will not send the bill to Republican Gov. Bruce Rauner’s until he states whether or not he will sign it, and Rauner has said he can’t say what he’ll do until he sees the bill. Things are at a bit of a stand-still in the state.

Rauner has a record of signing off on anti-choice legislation, such as a bill he signed last year that would allow doctors to refuse to perform abortion services but require them to refer patients to abortion providers for religious or moral reasons. For obvious reasons, the law pleased absolutely no one, but at the very least it showed that Rauner isn’t as extreme as he could be. Rauner says he’s been meeting with advocates for and against the bill, but it’s unclear when a decision will be made.

Federal judge blocks abortion access expansion in Missouri

After one Planned Parenthood clinic in Kansas City, MO got its abortion license back after it was revoked in 2012 as a result of TRAP laws, a federal judge for the Eighth U.S. Circuit Court of Appeals issued a one-line ruling blocking three other Planned Parenthood locations in Columbia, Jopin, and Springfield from doing the same. The ruling put a stay on a previous April 2017 ruling from U.S. District Judge Howard Sachs that blocked the “undue burden” placed on Missouri clinics by laws requiring abortion providers to have hospital admitting privileges.

These laws existed despite the objective safety of surgical abortion, which almost never results in urgent trips to the hospital. Rather, the laws exist solely to shut down clinics that can’t afford to implement these changes, and either force women to travel miles for abortion services or deny them safe surgical abortion altogether. These laws caused a clinic in Columbia to shut down in 2015.

Sachs’ ruling earlier this year was meant to expand abortion access, but the stay implemented by the Eighth U.S. Circuit this week means this expansion will be substantially delayed if not canceled altogether.

Maine ACLU files lawsuit to expand abortion access

According to a complaint filed by the American Civil Liberties Union and Planned Parenthood of Northern New England, a person seeking abortion services in Maine’s Fort Kent would have to travel more than six hours round-trip to the nearest abortion provider. This is because presently, Maine is one of 41 states that allows only doctors and not health professionals such as nurse practitioners to perform surgical abortions.

The two aforementioned groups on Wednesday filed a lawsuit to overturn this law, citing the undue burden placed on people seeking abortion care in the state, as well as safety concerns.

“Anyone who has made it through a Maine winter in a rural area knows that travel can be dangerous or impossible at times–it’s wrong to make a woman risk a journey of hundreds of miles to get an abortion when there are qualified providers nearby,” Zachary Heiden, legal director of the ACLU of Maine, said in a statement.

California bill would prevent companies from firing women for using birth control

Last week, the California state assembly sent Assembly Bill 569, which would prohibit employers from punishing workers who use birth control, have abortions, or make other reproductive health decisions that employers disagree with, to Democratic Gov. Jerry Brown’s desk. The bill passed among legislators in a 45-13 vote. It’s particularly significant under the presidency of Donald Trump, who has previously said Christians are the most oppressed group in America, and has promised to be the staunchest of allies to religious freedom advocates.

Few ever talk about how “religious freedom” laws that allow employers to fire or punish employees for not living according to their religious preferences seems more of a violation of religious freedom than the opposite.

“Women in this country have been fired for getting pregnant while unmarried, for using in-vitro fertilization and for other personal reasons related to their own reproductive health,” Democratic State Assembly Rep. Lorena Gonzalez Fletcher, the bill’s sponsor, said in a statement regarding the proposed legislation. “No woman should ever lose a job for exercising her right to decide when, how, or whether to have a family.”

Tune in next week to see what lawmakers will try next in their never-ending mission to derail reproductive justice!

(image: Shutterstock)

Want more stories like this? Become a subscriber and support the site!

The Mary Sue has a strict comment policy that forbids, but is not limited to, personal insults toward anyone, hate speech, and trolling.—

[syndicated profile] the_mary_sue_feed

Posted by Vivian Kane

Ivanka Trump went on The Dr. Oz Show this week to talk about postpartum depression. Trump says she suffered from postpartum depression to some degree after the birth of each of her three children. “I felt like I was not living up to my potential as a parent or as an entrepreneur and executive,” she said.

Postpartum depression is incredibly common, yet highly stigmatized. Approximately one in nine women suffer from PPD, and too many feel shame because of it. It’s not talked about nearly enough, so I’m all for as many women as possible sharing their stories, and that includes Ivanka Trump.

However, in her case, we also have to address the hypocrisy. Trump has dedicated herself to supporting and representing an administration that is actively trying to strip people of their health insurance. Those defending the Graham-Cassidy bill–which was hopefully killed today, but which Donald Trump aggressively supports–promises it protects those with pre-existing conditions. That’s a lie. You don’t have to believe me. You don’t have to believe Jimmy Kimmel. It’s a lie.

If Ivanka Trump were at risk of losing her healthcare, or not being able to pay exorbitant premiums of being in a “high-risk pool,” she might be worried. Because postpartum depression can be considered a preexisting condition. But Trump doesn’t have to worry about those things; she’ll always be able to afford her health care.

Ivanka Trump never seems more out of touch than when she’s trying to be vulnerable and relatable.

(image: screengrab, Fox News)

Want more stories like this? Become a subscriber and support the site!

The Mary Sue has a strict comment policy that forbids, but is not limited to, personal insults toward anyone, hate speech, and trolling.—

[syndicated profile] eff_feed

Posted by gennie

Two-factor authentication (or 2FA) is one of the biggest-bang-for-your-buck ways to improve the security of your online accounts. Luckily, it's becoming much more common across the web. With often just a few clicks in a given account's settings, 2FA adds an extra layer of security to your online accounts on top of your password.

In addition to requesting something you know to log in (in this case, your password), an account protected with 2FA will also request information from something you have (usually your phone or a special USB security key). Once you put in your password, you'll grab a code from a text or app on your phone or plug in your security key before you are allowed to log in. Some platforms call 2FA different things—Multi-Factor Authentication (MFA), Two Step Verification (2SV), or Login Approvals—but no matter the name, the idea is the same: Even if someone gets your password, they won't be able to access your accounts unless they also have your phone or security key.

There are four main types of 2FA in common use by consumer websites, and it's useful to know the differences. Some sites offer only one option; other sites offer a few different options. We recommend checking twofactorauth.org to find out which sites support 2FA and how, and turning on 2FA for as many of your online accounts as possible. For more visual learners, this infographic from Access Now offers additional information.

Finally, the extra layer of protection from 2FA doesn't mean you should use a weak password. Always make unique, strong passwords for each of your accounts, and then put 2FA on top of those for even better log-in security.

SMS 2FA

When you enable a site's SMS 2FA option, you'll often be asked to provide a phone number. Next time you log in with your username and password, you'll also be asked to enter a short code (typically 5-6 digits) that gets texted to your phone. This is a very popular option for sites to implement, since many people have an SMS-capable phone number and it doesn't require installing an app. It provides a significant step up in account security relative to just a username and password.

There are some disadvantages, however. Some people may not be comfortable giving their phone number—a piece of potentially identifying information—to a given website or platform. Even worse, some websites, once they have your phone number for 2FA purposes, will use it for other purposes, like targeted advertising, conversion tracking, and password resets. Allowing password resets based on a phone number provided for 2FA is an especially egregious problem, because it means attackers using phone number takeovers could get access to your account without even knowing your password.

Further, you can't log in with SMS 2FA if your phone is dead or can't connect to a mobile network. This can especially be a problem when travelling abroad. Also, it's often possible for an attacker to trick your phone company into assigning your phone number to a different SIM card, allowing them to receive your 2FA codes. Flaws in the SS7 telephony protocol can allow the same thing. Note that both of these attacks only reduce the security of your account to the security of your password.

Authenticator App / TOTP 2FA

Another phone-based option for 2FA is to use an application that generates codes locally based on a secret key. Google Authenticator is a very popular application for this; FreeOTP is a free software alternative. The underlying technology for this style of 2FA is called Time-Based One Time Password (TOTP), and is part of the Open Authentication (OATH) architecture (not to be confused with OAuth, the technology behind "Log in with Facebook" and "Log in with Twitter" buttons).

If a site offers this style of 2FA, it will show you a QR code containing the secret key. You can scan that QR code into your application. If you have multiple phones you can scan it multiple times; you can also save the image to a safe place or print it out if you need a backup. Once you've scanned such a QR code, your application will produce a new 6-digit code every 30 seconds. Similar to SMS 2FA, you'll have to enter one of these codes in addition to your username and password in order to log in.

This style of 2FA improves on SMS 2FA because you can use it even when your phone is not connected to a mobile network, and because the secret key is stored physically on your phone. If someone redirects your phone number to their own phone, they still won't be able to get your 2FA codes. It also has some disadvantages: If your phone dies or gets stolen, and you don't have printed backup codes or a saved copy of the original QR code, you can lose access to your account. For this reason, many sites will encourage you to enable SMS 2FA as a backup. Also, if you log in frequently on different computers, it can be inconvenient to unlock your phone, open an app, and type in the code each time.

Push-based 2FA

Some systems, like Duo Push and Apple's Trusted Devices method, can send a prompt to one of your devices during login. This prompt will indicate that someone (possibly you) is trying to log in, and an estimated location for the login attempt. You can then approve or deny the attempt.

This style of 2FA improves on authenticator apps in two ways: Acknowledging the prompt is slightly more convenient than typing in a code, and it is somewhat more resistant to phishing. With SMS and authenticator apps, a phishing site can simply ask for your code in addition to your password, and pass that code along to the legitimate site when logging in as you. Because push-based 2FA generally displays an estimated location based on the IP address from which a login was originated, and most phishing attacks don't happen to be operated from the same IP address ranges as their victims, you may be able to spot a phishing attack in progress by noticing that the estimated location differs from your actual location. However, this requires that you pay close attention to a subtle security indicator. And since location is only estimated, it's tempting to ignore any anomalies. So the additional phishing protection provided by push-based 2FA is limited.

Disadvantages of push-based 2FA: It's not standardized, so you can't choose from a variety of authenticator apps, and can't consolidate all your push-based credentials in a single app. Also, it requires a working data connection on your phone, while Authenticator apps don't require any connection, and SMS can work on an SMS-only phone plane (or in poor signal areas).

FIDO U2F / Security Keys

Universal Second Factor (U2F) is a relatively new style of 2FA, typically using small USB, NFC or Bluetooth Low Energy (BTLE) devices often called "security keys." To set it up on a site, you register your U2F device. On subsequent logins, the site will prompt you to connect your device and tap it to allow the login.

Like push-based 2FA, this means you don't have to type any codes. Under the hood, the U2F device recognizes the site you are on and responds with a code (a signed challenge) that is specific to that site. This means that U2F has a very important advantage over the other 2FA methods: It is actually phishing-proof, because the browser includes the site name when talking to the U2F device, and the U2F device won't respond to sites it hasn't been registered to. U2F is also well-designed from a privacy perspective: You can use the same U2F device on multiple sites, but you have a different identity with each site, so they can't use a single unique device identity for tracking.

The main downsides of U2F are browser support, mobile support, and cost. Right now only Chrome supports U2F, though Firefox is working on an implementation. The W3C is working on further standardizing the U2F protocol for the web, which should lead to further adoption. Additionally, mobile support is challenging, because most U2F devices use USB.

There are a handful of U2F devices that work with mobile phones over NFC and BTLE. NFC is supported only on Android. On iOS, Apple does not currently allow apps to interact with the NFC hardware, which prevents effective use of NFC U2F. BTLE is much less desirable because a BTLE U2F device requires a battery, and the pairing experience is less intuitive that tapping an NFC device. However, poor mobile support doesn't mean that using U2F prevents you from logging in on mobile. Most sites that support U2F also support TOTP and backup codes. You can log in once on your mobile device using one of those options, while using your phishing-proof U2F device for logins on the desktop. This is particularly effective for mobile sites and apps that only require you to log in once, and keep you logged in.

Lastly, most other 2FA methods are free, assuming you already have a smartphone. Most U2F devices cost money. Brad Hill has put together a review of various U2F devices, which generally cost USD $10-$20. GitHub has written a free, software-based U2F authenticator for macOS, but using this as your only U2F device would mean that losing your laptop could result in losing access to your account.

Bonus: Backup Codes

Sites will often give you a set of ten backup codes to print out and use in case your phone is dead or you lose your security key. Hard-copy backup codes are also useful when traveling, or in other situations where your phone may not have signal or reliable charging. No matter which 2FA method you decide is right for you, it's a good idea to keep these backup codes in a safe place to make sure you don't get locked out of your account when you need them.

July 2017

S M T W T F S
      1
2345678
9101112131415
16 171819202122
23242526272829
3031     

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Sep. 23rd, 2017 01:58 am
Powered by Dreamwidth Studios