TIWWA

It's October 13th once again so we'd like to join Millennium and X-Files fans in wishing Chris Carter a very Happy Birthday! Christopher Carl Carter was born 62 years ago today in October 1956, the elder son of William and Catherine Carter. You can learn more about him via Libby's Chris Carter crew profile. Will you be celebrating Ten Thirteen Day with a few favourite episodes from your Millennium and X-Files box-sets? If so, let us know which episodes and series you choose. View the original article at Millennium-ThisIsWhoWeAre.net

Unless you've been living under a rock, on Mars or have possibly been abducted by The Polaroid Stalker, you will have no doubt heard about changes to Privacy and Data Protection in Europe called General Data Protection Regulation (or GDPR for short). The legislation in reality effects and improves the rights of everyone. As you would expect, we have always respected your privacy and the processing of your personal data/information, and we will continue to do so. Our community software suite recently received additional functionality and tools to better facilitate compliance with the new GDPR legislation. We have therefore recently made enhancements to our Privacy Policy, which take effect from May 26th, 2018. Our Privacy policy increases transparency, explains our role and responsibilities in terms of storing, using and safeguarding your data. It explains what you can expect if you make contact with us and use our services. It also serves as an introduction to your rights under GDPR. There are understandably lots of interpretations, wild claims and opinions on GDPR. However, we believe GDPR isn't about ruining your enjoyment of the internet, it's good news for all of us. We manage an awesome website, we're open and transparent, but we're not lawyers or GDPR experts. So for further information and better understanding, we highly recommend the reading the guidance available at the ICO website, which you can find here. We have also taken the opportunity to review and update our Guidelines. Thank you for your time, understanding and for your continued use of our website. View the blog entry & optionally add your comments.

Dear TIWWA members and visitors, Nothing to be alarmed about, but I would to extend apologies for any inconvenience you may have experienced with slow responses or speed with the website in the last few days. Unfortunately we have intermittently been receiving a high amount of illegitimate web traffic, effectively hammering away at the server in what appears to be a crude attempt to knock our server or website offline. As you may know such is the nature of DDoS or 'Distributed Denial of Service' attacks, the hackers (possibly someone who has watched too many episode of Mr Robot) often use a one or more, sometimes a whole network of compromised computers or devices to try and take random or specific servers down by bombarding their firewall and server software with traffic or hits. Initially it was coming from Italy, then the US, then South America. We can manually kill off the Apache server process each time and restart it, but after a while it starts up again, sometimes soon or after a few hours. Eventually they will get bored with door rattling and move on, especially since we're not a big company website, power station etc. Our web-hosting company has elevated the issue to a more senior tier of support staff who have been working hard to resolve the issues, however we may start using Cloudflare and routing through their network behind the scenes for extra protection, as they provide a network service to assist with this sort of issue. If so, the website may be inaccessible for a short while. We may also have to enable additional firewall rules, which potentially could cause you to receive a blocked or forbidden error messages in your browser if your use or visit to the site triggers a false positive. Such advanced rules are very sensitive, and require a lot of fine tuning and extra time to configure, so are best avoided if possible. I want to reassure you that we have no reason to believe the website or server has been compromised or hacked in any way, or personal information taken. We take security seriously. We also have automatic backups available, and all non-public user account related personal information such as e-mail addresses, passwords etc are fully encrypted, as you would rightly expect. This is one reason why we licence use of professional community software with regular updates rather than use free software, and we also automatically encrypt all traffic between our server and your browser when you visit our site. We also use another company to probe our server infrastructure, encryption levels and website each week for potential security issues. Thank you bearing with us. Handy to know tips Remember in general to always use ideally single use, strong passwords on your websites and devices, in particular your Google or other email accounts which if compromised could be used to change or hack your social media and website accounts. Password managers are well recommended, in particular LastPass and 1Pass are recommended. http://uk.pcmag.com/password-managers-products/4296/guide/the-best-password-managers-of-2018 https://www.techradar.com/news/software/applications/the-best-password-manager-1325845 https://www.cnet.com/news/the-best-password-managers-directory/ Always use a good, up to date Antivirus software, ideally combined with separate anti-malware software such as Malwarebytes. These days, on Windows 10, Microsoft's built-in antivirus is regarded as very good. Avast is excellent for free software, I used it for over 10 years, but tends to nag with somewhat, scaremongering pop ups to buy the full version. Kapaskey, Mcaffee and Symantec are probably best avoided. Should you have any concerns about account security in general, you may be unaware but we also support so-called 'two factor' account protection. Did you know we support Google Authenticator! If would like to make use of the popular Google Authenticator service which you can configure in your user account settings, it is free and optional for non-staff members. Very handy if you don't use a password manager service or tend to read-use the same password for multiple sites. Once activated, it allows you to require anyone accessing your account from a new device or browser for the first time or after you sign out, to enter a one time code sent to your phone or mobile device by Google, either by text message or via the Google Authenticator app (if you have it installed on your mobile devices). If the code is not correctly entered before it expires, access is denied, so without access to your device, nobody can in theory access your account. I can't stress this enough to everyone with a Google Account these days, I very strongly recommended activating Google 2FA/Google Authenticator to access your Google Account, but you can also use it here if you want and on many other websites and apps too. Adding an extra layer... We also have the optional 3 Security Question/Answers option if you prefer, or you can use both. You can set up questions and answers that hopefully only you would know the correct answers to (don't share too much info on social media!), Either of these options are are available in your Account Security settings and are useful if you feel you would like to add an extra layer of protection to your account. You may also have noticed a new section after our last big update that provides device and browser usage history (Recently Used Devices). If you also use a VPN service however, the info will obviously be incorrect. The Old Man View the blog entry & optionally add your comments.