April 16th, 2014

Can anyone tell me how BT’s line providing division, Openretch Openreach survive?

The company I work for provides network services to varying people and organisations, and this means dealing with telecoms providers, and that almost certainly means the loose collective of fuckwits we know and love.

So far this week, I’ve had:

1) In response to a circuit order in a building that is partially let out (and where the BT duct enters via the let out area, and is a retail shop) “can we come tomorrow”.

2) In response to an order made 3 months ago, in a central Birmingham hotel, with the clear stipulation “you must make an advance appointment, the circuit is required by 17/4/14″, an “engineer” arrives today, has to wait a few minutes and is told “no, sorry, the room is in use, come back tomorrow”, and says “no”.

Said engineer was told “sorry, you have to. This is required by 1pm tomorrow, and was ordered 3 months ago. It cost a metric shitload of cash, and you haven’t called in advance, like we told you to, and you do this *every time* we request this. The room is available afer 5:30, or anytime tomorrow”

*shaking of head*

This barely describes the quantity of fucks the engineer didn’t give. “Resourcing”, he said. “not gonna happen”. “we’re only supposed to wait 15 minutes, and I’ve been 20″. The guy was, to be fair, a master of fuck not giving.

and not a single fuck was given.


He departed. I called my colleague, among whom’s many talents are shouting at BT (and personally, I think it would be worth his salary just for that). He did so. Our circuit should be active tomorrow AM. We have a reference and everything. I will not hold my breath.

Honestly, if they weren’t still a virtual monopoly, they’d be fucked. I’m very thankful to the abilities of my colleagues, and still wondering what shape BT would be in had they not inherited a state-owned monopoly, but thanking my lucky stars I don’t have do deal with Cable and Hopeless Wireless any more, because they had sufficent sense to disappear.


The engineer (the same one) came back the next day, and it worked….

Twenty’s Plenty?

April 5th, 2014

Note: this is an old post- originally drafted nearly a year ago, but recently I’ve been reminded of it by the surprising results of a poll, showing that 80% of people want a default 20 mph limit, and the also interesting observation here.

On to my old post:

I was all ready to go into a full, frothing-at-the mouth rant about something that seems to be gaining ground: Twenty’s Plenty, a campaign for the default speed limit to be 20mph, not 30.

Instead, I’ll try to give a reasoned argument. I’ll set my stall out here: I’m a driver, I speed at times. I’m also a cyclist and pedestrian, like I’d imagine a lot of people are.

I think many speed limits are too low. Some are too high- tiny residential estate roads with a 30 limit, for example, but many main roads are crippled with a low limit: many urban roads around towns were built with a 40 limit, which has been lowered.

I also think that 20 limits have a lot of merit, but feel strongly that that is far too low for a default. 20 limits are fine in areas where no sane individual would be doing much more anyway: housing estates, shopping areas, near schools, for example, but the 30 mph limit is entirely appropriate for a great many roads. I’m sitting writing this looking out at a road that has a 30mph limit that is generally exceeded a little- a residential road that happens to be a B road, and carry a reasonable amount of traffic- and the only thing that seems dangerous is the occasional nutter at 60+.

My big concern is that if 20 is the new 30, we’ll see it on almost everything. I’m also concerned about some of the things presented on their website.

What’s wrong with 30 mph?
Well the 30 mph limit was actually brought in as the national speed limit for built-up areas in 1934. Prior to that the 1903 Motor Car Act designated a specific category for the Motor Car. It also raised the speed limit to 20 mph. The Road Traffic Act of 1930 abolished the 20 mph limit for cars of less than 7 people. This led to such an increase in road deaths that just 4 years later the 1934 Road Traffic Act introduced the 30 mph speed limit in built-up areas. Whilst in 1934 this may have been an acceptable limit, the huge increase in the number of motor vehicles on the roads has created a huge imbalance in vulnerability between pedestrians or cyclists and motor car users.

This is happily forgetting that while, yes we have much, much greater traffic density, at the time of the 30mph limit being increased, a typical car was the Austin 7, a car with cable brakes, initially only operating on the rear wheels. If you drive even a 1960s or 1970s car today, you’ll find the handling, grip levels, and stopping distances are vastly inferior to today, as is the pedestriam safety should you hit someone.

As to vulnerability of pedestrians and cyclists, they’re always much more vulnerable- and vehicle drivers will always need to remember this: the aim should be not to do that at all, I would suggest.

What are the benefits of 20 mph?

Whilst the safety benefits may justify 20′s Plenty on their own, there are additional real benefits for lower speeds. Traffic noise drops considerably, as does pollution. Your street becomes a far more pleasant place to be and this encourages people to walk or cycle instead of using the car.

Pedestrians, as a rule, will (or should) be on a footpath, except in a pedestrianised area, which should, of course, be devoid of vehicles, and personally, when I cycle, I find that cars at 20mph (in a traffic-calmed street, for example) are very awkward: their speed is far to close to mine, so far too much time is spent closer to a moving car than I’d like- in a 30 limit they’ll be past and gone. As to the noise and pollution, I’d like to see some hard facts there: 20mph may necessitate use of a lower gear, *increasing* noise and emissions- most medern cars will just pull 30 mph in 4th gear, but 20 will definitely need 3rd.

I’d also suggest that those people that are going to walk or cycle will already do so: people that want to drive will continue to do so.

It’s a complex, difficult situation.

I’d personally have more support for 20mph as a limit if it’s applied sensibly, and limits are reviewed wholesale, and meaningful data is recorded and acted upon, not just an unconsidered reaction.

I’m also of the opinion that many people would like a 20 limit in their own roads, but not anywhere else, and I think this observation is quite revealing:


This is anecdotal evidence that most drivers want to travel above the 30mph limit, and definitely above 20, which again, is somewhat at odds with the survey’s results.

I’m really thinking here that we’re seeing a “it’s OK for me to drive at above 20/30, but anyone else doing it is a dangerous lunatic” and “it’s Ok to drive above 20/30, except in my road, where it’s dangerous”. I’ve also noted that more than one prominent supporter of 20mph limits seem to be non-drivers (and indeed, non cyclists), which I’d say probably makes it hard to make an objective judgement about what constitutes the best balance of speed, emissions, and safety, though given the alarming lack of awareness of the laws of physics governing a ton and a half of car, it’s clear that there’s plenty of drivers that can’t, too.

People, huh?

Looking at figures, oddly, there’s a suggestion that there’s been an increase in casualties in 20mph limits, and slight reductions elswhere, but the problem here is that we don’t know if this is simply because there’s more 20 mph roads to get injured in. There’s a fairly clear indication that there’s less severity of injury, as you’d expect. It’s my opinion (but this is only opinion) that traffic-calmed areas or very low speeds cause pedestriams to take more risk, but that the lower traffic speeds mean that the chance of an collision resulting is much lower, and that if it does, then injuries will be less severe.

The second link above draws the distinction between 20mph limits and 20mph zones: Zones have traffic calming such as humps, chicanes, and road markings as both physical and psychological devices, limits alone don’t have these- it’s clear the zones are much more effective, and these are usually in narrow, dense streets where it’s quite clear that 30mph would be unacceptably risky.

The problem here is that the data isn’t clear and uniform, there’s conficting and incomplete data, which seems to be no way to make a decision. The debate rages on…

Walsall Beer Festival 2014

April 1st, 2014

Just a quick note: It’s Walsall Beer Festival this week, starting Thursday 3rd of April at 5pm. If last year’s is anything to judge by, it’s a great event with fantastic beer. I’m planning an early visit, as the popular beers tend to sell out fast.

More details on Walsall CAMRA’s website.


April 1st, 2014

It’s amazing what a few minutes spannering and a very few quid can achieve. After my bike was nicked almost a year ago, I bought a Carrera Subway hybrid from Halfords. It’s a great bike: reasonably light, and decent quality for what realistically isn’t a lot of money in bike terms. Most components are good quality, and there’s disc brakes, which are a revelation after v-brakes.

A few things have needed attention: a minor bit of oiling, the perpetually loosening clamp that holds the saddle to the post (as the clamp is alloy, I was probably a bit limp-wristed when tightening it, but just in case it has low-strength threadlock now), and the handlebar clamp worked a bit loose too. Other than that, just a hosepipe to get the worst of the mud off.

One thing I’d been meaning to do for ages was replace the pedals: the original ones came with toe clips, whick i’ve never got on with, so I didn’t fit them, but the pedals were quite smooth, with only minor lumps for grip. This resulted in regular cursing as my feet slipped, and a couple of rides in the wet recently convinced me to do something.

A bit of searching and advice from that very nice BrownhillsBob turned up some new pedals for around £12, and when they arrived, I was pleased to see they were almost identical to the OE pedals, but with grippy studs that screw into the body. Here’s the old and new side by side:

New pedal on left, fitted to bike.

New pedal on left, fitted to bike.

A few minutes with a spanner (remember, pedals are handed- marked L & R, and both unscrew towards the back as one has a LH thread), and it’s time for a test ride.

Trust me, the half-hour or so spent on a bit of maintenance was worth it. It’s like “newly serviced car effect”; everything seems to work better, the riding is easier, and everything’s a lot more pleasurable: a 20 minute spin up to Brownhills had me smiling, even though I was covered in mud, and it has to be said the prospect of loosening handlebars didn’t seem like a good idea.

Spam School

March 27th, 2014

The other day, I was unpleasantly suprised by this email in my inbox:

Spam, spam, spam and spam

Spam, spam, spam and spam

Most spam is pretty generic, and gets culled by Spamassassin without me ever seeing it, but this one stood out as it didn’t hit the filter (sneaking under the radar with 3.9 points of spamminess), and it had an attachment that wasn’t a zip file containing a virus.

As you can see, it’s from Pat Jewitt, whose email address is, for all you hungry spambots out there.

Pat seems to be registrar of Queen Ethelburga’s School, who are busy promoting their expensive service by spamming me. I took exception to this,

Screenshot from 2014-03-27 18:21:42
as I have no prior relationship with them: for a start, I have no children.

No answer for several days, so I kept trying. Then tried again:

Not Giving Up

Not Giving Up

This was a reference to my UCE policy here.

The mail originated from a netblock goegraphically right for the school, and appeared to be from a legitimate email server for the school too:

Received: from ([])

So this seems to be a fairly blatant bit of spamming from the school itself that they’ve done fairly decisively, rather than handing off to a third party. The links were all correct, not passing thorugh a linkbait or click-thorugh referrer too.

I eventually got a response to my question as to if I should send a bill:

Very Professional.

Very Professional.

Charmed. I’m sure. Do they have a vacancy for a PR officer?

After a few questions (read from the bottom):

Screenshot from 2014-03-26 22:38:20

They changed tack. You’ll note my questions, and the link I posted, refer to this legislation and indeed this definition.



Now, in my opinion this sounds like a clear breach. I’ve had no prior contact with this organisation, they have bought my email address from some shady spam company, and are now spamming me with completely irrelevant mass-marketing junk.

At worst this may be illegal, though I should stress I’m not a lawyer. At best, it’s poor netiquette and a pretty unpleasant way to behave.

It’s quite telling that there’s a unsubscribe link, labelled “If you consider this email to be SPAM please report abuse click here” as well as an unsubscribe- this is almost as if they know they’re doing wrong. (The unsubscribe is required by law, I believe). Also, both links are a http request to the sending server- again this looks like they have gone out of their way to set this up themselves.

The school looks to be a well-funded, expensive organisation, just a pity they see fit to tarnish their reputation by buying email addresses. There are ways to market yourself without upsetting the nerds.

At this point, many of you might be thinking that there’s a quick fix: delete the damn email and forget it. I nearly did that, but here’s a thing: I spend my day job working with mail systems. Many of these would be simpler, and more reliable, were it not for all the kludges that we have to implement to stop this rubbish. DNSBLs, sender ID, authenticated SMTP, restricted relays, spam filters, and all the other bits that make mail harder and more complicated are all because of this.

The next time you go onto a wifi hotspot and can’t SMTP mail, or you get an email bounce with a 550 error, or dissapear with no non-delivery report, that’ll be why. Spam is delivered partly at cost to you: using your bandwidth, your disk space, and your time.

If you have a company email server, you pay someone to guard you against this shit. Your ISP and mobile phone provider pay people to do the same. Commercial spam filters cost thousands of pounds to run.

Question is, do I inform the ICO?

Drinking Socially

March 23rd, 2014

Yesterday saw a trip to Wolverhampton, and specifically The Great Western for fine beer, food, and good company (in the form of Country Bumpkin and his cousin and a couple of friends with no online presence (so no link..).

It’s been a long time since I’ve done this: far too long. Lots of laughs: Motley Crue’s little brothers turned up, for a start, but general good humour, and Andy bathing himself in beer helped too.

Compare the Meraki

March 6th, 2014

(The title thanks to my colleagues who misread the SSID (Meraki-test1)I sent them by email)

I’ve been playing with wireless networks a good bit at work: I’ve finally got PEAP going to do 802.1x authentication- the practical result being WPA-2 Enterprise wireless networking with the Cisco 1600i access points. As I’ve commented before, Cisco gear is great, but it can be a game to get going when you come across something new, and this was the case here: there were guides for doing this with wireless LAN contoller systems, but not for autonomous APs, and the interface was just different enough to confuse. Getting the right amount of debug info was tricky too.

Enter Meraki. Like earlier with Aironet, they’re now a division of Cisco, which makes me wonder if we’ll see a merging of product…

‘s product is a [*cough*] cloud-based solution. It pains me to say that. Cloud is today’s IT bullshit phrase that is just a new way of saying things. “In the cloud” means “on a server or servers somewhere on the Internet”: the cloud everything bollocks wears thin after a while, but here’s a clever application.

You unpack the AP, power it up, and connect it to any Internet connection. The AP establishes a connection to “the cloud” [cough]bollocks[/cough], and establishes a tunnel. You log into a web page, enter the serial number, place a marker on a Google map, and then manage the device from the web:

The clever dashboard

The clever dashboard

From there you can implement multiple SSIDs, Captive portals, the aforementioned 802.1x, you can monitor devices and applications, time access, and create mesh networks that will track clients (handy for marketing tossers) and all manner of stuff, with an embarrasingly few mouse clicks compared to the pain of a conventional Cisco AP. It’s quick too.

Sounds too good to be true?

Maybe. There is a downside. While the dashboard is impressive, it costs. The APs themselves are a similar price to an enterprise-level conventional AP (a good 300-400 quid or so list), but on top of that, you need a licence for the dashboard (£150 for 1 device for one year list, reducing for quantity), and without the licence, your AP is an expensive ornament.

There’s applications that are a perfect fit: if you have remote sites with no IT staff, the Meraki devices can be shipped with no config, then set up remotely. Potentially big savings there. The tools on the dash are very clever too, but you’re tying yourself to the cloud dash for a few years, effectively leasing the kit.

Next on the list? Aerohive, who seem to do the clever online managment but still allow local config, so no tie-in.


March 2nd, 2014

I decided we deserved a weekend away, so we went to Southport. Somewhere we’d always meant to go, and having had a reccomendation from friends (“It’s very Victorian, you’ll like it”) we departed.

It’s surprisingly close: 2 hours, a hundred or so miles, and yes, it is very Victorian. The rather splendid Lord St is lovely, and the Pier is fine- the second longest in the UK, and as the longest is the admittedly long, but dull, Southend, it’s Southport FTW, as there’s a bar at the end, for a start.

One building caught my eye from the pier: this lovely, huge Victorian pile of an ex-hospital:

Tho old Southport Promenade Hospital, Now Marine Gate Mansions.

Tho old Southport Promenade Hospital, Now Marine Gate Mansions.

which is now appartments, with a half-million pound price tag(PDF, 1.2MB).

Southport is a oddly laid out place: the pier bridges a lake between the town and the sea, and the actual seafront has a retail park (where our hotel was), which presumably is the type we’ll soon have in Walsall, with a cinema, and a large selection of crappy chain restaurants:

Share and enjoy: crappy chain restaurants and a cinema: seems inexplicably popular.

Share and enjoy: crappy chain restaurants and a cinema: seems inexplicably popular.

I don’t know if the land is reclaimed, but it’s odd: the promenade is some way back: you’d imagine the hotels and pubs would be on the front, not a modern retail park.

We had a fabulous meal, a few drinks, and a bit of a stroll: one to revisit with more time, the town is affluent, but not up itself, architecturally good (mostly), and a blend of seaside and town.

Close Call

February 24th, 2014

Today, a colleague had this email:

A Spear Phishing attack

A Spear Phishing attack

from “”. It fooled two people: The original recipient forwarded it to a colleague to deal with, who clicked on the link, and got this:

Nice mock-up....

Nice mock-up….

With graphics nicely nicked from the genuine Royal Mail site. The URL calling the site had a ID embedded, presumably to mark the recipient out as a sucker if they click, so I changed it for my investigation. The Captcha image remains the same, even if you vary the ID.

If you enter the code, you get prompted to download a .zip file with a random filename, and inside the zip file is a windows executable, disguised with a icon for Adobe Acrobat Reader.

Should you be convinced enough to run the attachment, you’ll get a pop-up demanding money to unencrypt your files, and this is no idle threat: running this inside an isolated Windows XP Virtual Machine really does damage files in My Documents- this is known as ransomware. Fortunately, the security measures on the computer used by this user stopped it.

Time for a reminder: think before opening. Questions the user *should* have asked:

1. Why would Royal Mail know my email address?

2. Why would they not just post a card through the letterbox?

3. Why “nobody was at home” for a business address?

4. Why would I need to download and run something just for a receipt?

To be fair, item 4 is picking flies a bit: some websites demand plug-ins or other crap, so differentiating the genuine from the scam gets harder.

Also, the site and email are quite a nice mock-up, using elements from the real site. Fairly convincing, and it also had the correct business name, which is a clever touch.

It’s also worth noting that our (up-to-date) anti-virus didn’t catch this, either the original email or the downloaded file. It seems to be a zero-day attack.

Shocking Misinformation

February 23rd, 2014

Something annoyed me this week. That in itself is not unusual: I’m a grumpy, middle-aged man, so annoyance is a regular event, but this annoyed me because it was a myth and oversimplification that I’ve heard repeated as gospel, when it doesn’t atand up to examination.

It started as a tweet, retweeted into my timeline, pointing at this webpage. You can find it on feckbook, too.

All bar adapters are rated to 13 amps and that means its all they can safely take. So if you were to plug in a TV, video, lamp and satellite box your pretty safe as that = 12 amps in total.

I’ll just come out and call this. It’s bollocks, even ignoring the poor grammar. Oversimplified, unscientific, made up bullshit. Don’t believe me? Look at this from the Electrical Safety Council. I’ve substituted a DVD player for a VCR, as VCRs are obsolete:

Screenshot from the ESC's overload checker showing well under a 3A load.

Screenshot from the ESC’s overload checker showing well under a 3A load.

Curiously, they link the ESC calculator from that page. They also, of course, will come and inspect, for a fee…

The site is making a good point: poor electrical safety causes fires, but let’s get a few things straight:

1. Just because something has a 3 amp fuse, it doesn’t mean it draws 3 amps. The 3A fuse is generally there to protect against a dead short in the cable, should it be damaged. In fact, at 240V RMS, the lamp in the example, even if it has a now obsolete 100W GLS bulb, will draw in the region of 0.63A. Here’s a clue: the maximum load of a 13A socket in the UK is over 3000 watts, and most appliances will tell you their ratng in watts. The first examples given on that page will typically only draw a few hundred watts all together, so there is no way on earth you’ll overload a 13A socket with them.

If there were any truth in what the site was telling us, then commercial PDU strips like this one would not be allowed- it has 10 BS1363 outlets, and has a normal Bs1363 plug with a 13A fuse at the other end.

A commercially available, and safe, PDU with 10 outlets

A commercially available, and safe, PDU with 10 outlets

2. Multi-way adaptors are fused with a BS1362 fuse (max 13A) if they have more than 2 outlets. This is so that you cannot create a “tree” of unfused adaptors to connect many appliances to an outlet with no fuse.

3. The wiring system in a UK house is designed such that any considerable overload will blow a fuse or trip a breaker: the wiring regulations specify that the sizes of cable and the connectors should withstand an overload up to a point where a fuse or breaker will trip.

If you want sensible advice or discussion on this, try The Electrical Safety Council or this discussion on the IET forums.

More generally, the ESC have general advice on adaptors and extensions here. Personally I’ve seen scorched, overheated multi-way sockets, but this is usually due to poor manufacture or damage, rather than simple overloading.

It is true that a fuse will not blow at a moderate, sustained overload- so the advice from the ESC should be followed: they know what they’re on about, unlike the website linked at the top of this post.

This blog is protected by Spam Karma 2: 36013 Spams eaten and counting...