PigBlog

One of the things non-techies hate about tech is the complexity of setting some things up, and the rise of IoT, and the ubiquity of smartphones and home broadband has meant that our homes have more and more tech, and that tech is expected to talk to the cloud, and perhaps talk back.

Manually configuring this gear can be a bit tricky, so there’s a bunch of things making it easier. Your ISP may well provide a router, with default passwords. IP cameras will “phone home” to the manufacturer’s site to register themselves, so you don’t have to manually set up dynamic DNS. That router from your ISP will probably use UPnP so it can open ports for the camera and any other devices. Things like Nest or Hive bypass that by depending on a server in the cloud on someone else’s computer to make the connection.

All nice so far. Even better, these things are putting my favourite OS, Linux out there. As Linux is free, and powerful, and efficient on the low-power chips in these devices, it gets used a lot.

You’d think I’d be pleased.

But there’s a problem. Lots of these devices have poorly implemented security. Others depend on a hosted service, so if someone decides to stop supporting it, or indeed changes the API you have an expensive paperweight.

The Mirai attacks first turned IP cameras into a huge botnet, and now malware has got its hands on routers: the very device you expect to secure your home network, and let’s not forget that if your IP camera (inside your firewall/router) is compromised, it could be used as a tool to attack your PC, and the router will happily help out by opening ports for it: many cameras have poor web interfaces and hardcoded “root” passwords (I have one myself with a password of “123456”)

I realise I’m sounding a little like a luddite here; or perhaps the techie complaining about tech doing stuff itself and therefore meaning people need fewer techies, but here’s the rub: the more of this stuff that gets out there, the bigger the attack surface, the bigger the gain, and the bigger the effect on everyone. So, a little advice:

1. Think if you really need that IoT device.
2. Change default passwords.
3. Consider tossing your ISP-supplied router. It’s probably shit anyway. Turn off UPnP, even if that means you have to get help opening and forwarding ports. There’s a fucking good reason a firewall closes ports, so why bypass that?
4. Consider not buying the very cheapest IP cam like mine 🙂
5. If you invest in cloud-connected devices, entertain the fact that you just lost control of them.
6. If there’s updated firmware, use it.
7. Linux does not mean secure. The kernel itself probably is, but a lot of embedded devices are poorly secured.

Is it a necessity that if you design a self-service till for a shop, that you must fuck up the UI so badly that it’s totally unusable?

I’m a techy. I love shopping online, I hate supermarket queues, and I’m not yet old enough to look forward to a chat with the cashier, so you’d think I’d love them.

I probably would, were they not so shit.

First, they’re all touch-screen. Industrial touch screens are shit. Laggy, no haptic feedback, imprecise- so unlike the touch-screen on your phone or tablet. Add to this that they’re usually a lousy bit of software- slow and laggy- and then a bit of ambiguous wording, and the fact that you want the till to verify all the items (and the correct items) are being scanned and bagged, and you have a big, big, fail.

I’ve used 2 recently. 1 in a WH Smith at the QE hospital, and one in a convenience (oh the irony) store in Birmingham’s New St. The WH Smith one, to be fair, asks sensible questions (did you use a bag (or not need to), did you take one of our bags), but it’s still laggy, but by the second time you use it you learn the shitness of the UI and compensate.

The one on New St today was awful, however: the touchscreen worse than normal, it was slow, and it starts with the question “Own Bag?”. This is ambiguous. What it wants you to do here is say yes if you have a bag you want to put on the scale it uses to sense what is being scanned, and no if you don’t, and that scale is directly behind the handy-looking platform you assume is to put a bag on.

Having crossed that bridge with the help of the bloke that could have just taken the 70p for the bottled water I bought, I then encountered the coin mechanism; a mini conveyor belt that takes several seconds to swallow a pound coin (and yes, the WH Smith one does this better, but not well), and longer again to deliver my change. A bloke at a till would do it in a quarter of the time.

Am I alone in this? I happily use pay-at-pump fuel pumps, ticket machines in car parks or rail stations, and vending machines. There’s just something awful about supermarket self-service tills that makes me want to avoid them.

Someone must have costed this out, and decided that the combination of having a member of staff to help people work the tills, and the losses from intentional or deliberate mis-scans is cheaper than staffing tills, presumably, but at least could they be made to work?

Or not.

I’m back trying to find something listenable in the car. It’s not been long enough for a repeat of HHGTTG, and I’d settled on Planet Rock: music I liked, and less obnoxious DJs than mormal.
Bauer Media have gone and spoiled it all, by giving the FM frequency to Absolute Radio, with its focus on 90s, slightly rockish pop (so that means fucking Oasis and U2 when they got shit, for a start, FFS). What a shitfest.

I could spend a hundred or so quid on a DAB radio, another hundred and fifty on the bits to fit it (new fascia panel, fixings, antenna, CANBus harness, ISO cable), and take lots of trim out and have DAB, to enjoy Planet Rock in a 80Kbit/sec mono stream, of course, but why in the name of $deity would I do that? My car also lacks bluetooth, aux-in, or a CD autochanger, and the other choices are as grim as ever, so remembering 2 CDs a day it is, or the sound of tyres/wind/diesel engine.

There’s been an article on the BBC website that’s caught a bit of Twatter attention, with a few people saying “right on”, notably homeworkers and people working for themselves.

I can see their point, and some of the article’s point, but really, given the author’s credentials, I’d expect a bit better: as per usual for BBC Magazine articles, it’s an over-simplification, and a lot of puff, and air, and light on facts, analysis, or thought. Maybe that’s the problem; articles here are generally low on content, high on bollocks, and perhaps his recent book would make a better read, though a recent Guardian article is, IMO, similarly flawed, and making assumptions.

If I’m interpreting the articles correctly, one of the things they’re saying is that if you’re detached from the direct production environment, your job has become worthless: i.e: If you’re making something or directly providing a service, you’re valuable, if you’re backroom staff, you’re not: so a postman is valuable, the person that administrates his salary isn’t. This is both (a) wrong, and (b) a rather odd thing for an academic (who surely is a long way from a direct production process) to say.

Perhaps I have that wrong, but one very clear message from the article is that:

The average British worker spends 36 days a year answering work emails. London workers in particular receive close to 9,000 emails each year.

and the inference seems to be that that time is wasted.
(more…)

I’m writing this in the aftermath of the 2015 General Election. So, while a stay in hospital is not pleasant at least I avoided much of the discussion and speculation. I don’t, as a rule, make too many political comments here: this blog is about me, and my interests, and politics both bores and frustrates me: the results and consequences don’t but the political game is too tedious, arcane, and obfuscated for me.

I will, however, express my fear of another Conservative government. I’ve spent the last couple of days in the care of the NHS: part of the package of care that Conservatives wish to either kill off or privatise. I’m lucky, in that I don’t need some aspects of care and welfare: I am usually healthy and fit, and in employment, but that could so easily be different. I’ve had a operation that would be incredibly expensive in a private healthcare system- and as I’ve had prior problems health insurance would probably run a mile- but as I have friends and family, the NHS, and a proper job with a reasonable employer, I don’t have to worry about care for myself, or who pays for it. It really doesn’t bear to think how that could be so, so different, and the electorate in their wisdom have chosen a party that are continually heading in that direction. As one of the “hardworking taxpayers” we keep hearing about, I’d like to remind everyone that most of us will use the NHS and many of us may have to use the welfare state. Ask yourself this question: If you found yourself unable to work for an extended time, how far are you from financial difficulty? If you need medical assistance, can you afford anything other than the NHS? Syill feeling nice and secure?

In the post I’ve linked, I refer to wasters. We all know wasters exist: there are people who don’t work through choice and contribute nothing: but these are fewer than some would have you believe. There are many people unable to work for a wide range of reasons and it could so easily be you.

The care I received was excellent, by the way. Part of the systematic disassembly of the NHS is to say that it is failing and inefficient (because, obviously, the private sector is always efficient and works 100%) but all I saw were hardworking, professional staff looking after patients, and I’m hugely disappointed and more than a little worried that we’ll see this situation further damaged by the new government. My pain will fade over the coming weeks and can be dulled with painkillers; the country’s pain will last for 5 years at least.

The 80s Tears for Fears song Shout contains the line

These are the things I can do without

and that came true last Friday. Warning: middle-aged whinge content approaching.

I’d already arranged to meet a friend in a local pub, when my neighbours suggested a meal out. I’d got plenty of time, so we trotted (well, walked) off to a local pub. The food and beer was fine, but one thing *really* grated: the volume.

The music wasn’t the problem. What was the problem was a group of people, clustered around the bar (Grrr!) seemingly unable to conduct a conversation at normal volume: even the act of moving out of my way so I could get to the PDQ machine was accompanied by a needless cacophony of shouts (to which I muttered “for fucks sake” under my breath (hopefully)), and something about the acoustics of the room made it impossible to hold a conversation ourselves (though, as we’re all distinctly middle-aged, it could be the start of our hearing deteriorating in a noisy environment).

This was repeated later when I met my friend in another pub, but also with a band playing. Loud.

I really don’t mind music in pubs; or indeed bands in pubs. In fact, I love music in pubs, if it’s decent, but why always so loud? The loud music, of course, then creates the shouting if it wasn’t there already.

This thing really feeds into my perfect pub post: and it’s worth noting that the pubs I really like often have no music, like this one, this one or this one, or music you can converse over, like this one and this one and, again referring to my critera, the old model of multi-room pubs (before they all got knocked into one space) really helps here: it may have been an answer to the smoking issue too (as many pubs had a smoke room back in the day).

This is starting to sound like a grumpy old man’s desire for quiet pubs with no life to them (last Sunday, I visibly winced when one heavily refreshed customer suggested my local needed loud music on the jukebox to “liven it up” (on a Sunday evening, FFS)), but I’ll address that in two ways. First of all, I know I’m not alone, and secondly, having been in this place at work-chucking-out on a Friday, with it rammed to the point of standing room only, and felt the buzz in the place, which, frankly, was infectious, but still been able to talk to my companion, because people were talking, I can honestly say that at times I crave a bit of life to a pub.

So then: am I just getting old (though, in truth, I’ve hated over-loud pubs since my teens), or getting (even more) boring? I know Andy will agree here, but he’s older than me (and possibly, if the two of us are present, this post may become hypocritical…), and others may not, and I suppose here there’s a point to be made that pubs are, well, public spaces, so have to accommodate different tastes.

Andy, Ross and BrownhillsBob may be expecting me to have a pop at Apple here (as is my way), but I’m not going to, or at least only a brief whinge, with the main target (again) being idiots that claim to know a product, but don’t.

Those of you with long memories may remember this lengthy rant. A short swipe at OSX, and a big load rant at fucking Symantec (as a colleague commented, is there *any* company Symantec have bought and not fucked up the product?), and a big rant at fuckwits who don’t understand what they are being paid to do.

The OSX server mentioned in that rant failed. To be completely fair, it’s worked completely reliably for six years now, which is impressive. So I’m not going to complain, and it was clearly hardware that was bost.

A few attempts by colleagues and myself to resurrect it failed, so we called the support company (sadly the same fuckwits from the story back in 2009). They wander in, (bringing a manual, which sets off alarm bells- I’d expect a field engineer to not need it….) say the server’s not supported by Fruitco any more, that parts are a nightmare, briefly try (and fail to get) Target Disk Mode, (which, I note, doesn’t work with disks attached to a hardware RAID card, so wouldn’t have helped), shrug a bit, say that our diagnosis of a buggered RAID card might be right or maybe it might be the logic board (as there’s little more than those 2 fucking boards in it, this is hardly advanced diagnosis, and leave.

At this point, I begin to wonder what we’re paying the fuckers for, and I start restoring the files to the only place we have a Backup Exec agent and 1TB of spare storage: a Windows Server 2003 box. Most of the data restores, but some recent work is lost as it didn’t make the tapes (the Mac workstations being too old for Time Machine), and some initially didn’t restore due to file naming incompatibilities (take it from me, anyone using mixed operating systems (our backup is Windows-based) should read this, and this: most of the restrictions are with Windows, but you never know what OS you may be sharing files with. I personally think it all went downhill once spaces were allowed in filenames :-), and here’s my brief whinge: I know the limitation is Windows, but allowing “:” and “\” in a filename is just fucking wrong, and supporting your hardware a bit longer would be nice.

Now then, what to do? The users are (mostly) working again. First of all, the original support co is ditched. We call another supplier, and the difference is incredible: engineer arrives, asks all the right questions, listens to what diagnostic steps we’ve tried, sounds like he knows what he’s talking about, diagnoses a logic board failure, and offers to take the server back to the workshop to attempt recovery of the recent data for a very modest fee. Guess who’ll be getting the support contract, and potentially an order for new machines in a while?

It also makes me think I should have taken better note of the warning signs six years ago: these people claim to be supporting us (and originally claimed to know the product, but, as is so often the case, don’t. I’m glad to say that I didn’t arrange their involvement.

There’s been a veritable explosion of outrage accross twatter and feckbook concerning anti-homeless spikes in a doorway in London: people have compared them to anti-pigeon spikes, and that we’re demonising homeless people like we would pigeons or other vermin.

The Outrage Bus has been struggling to cope.

And now, the anti “disciplinary architecture” nutters begin to appear– they seem to consider that any structures that are designed as to stop potentially undesireable activity, like this anti-skate-boarding studding, designed to protect publicly-funded street furniture from damage:

An example of studding on a public bench to prevent damage from skateboards

is an affront to their rights, conveniently forgetting that the public space is, well, public, and has to be shared with people of all viewpoints.

It got worse, with one tweeter identifying this as anti-homeless:

This is designed to stop pedestrians and vehicles crossing in an unsafe way.

When it’s clearly designed to stop vehicles and/or pedestrians crossing that space, probably for road safety, but let’s not let the facts get in the way, eh?

Just a couple of thoughts: Firstly yes, the spikes aren’t nice, but then having people sleep in your doorway probably isn’t either. Don’t we all think the outrage would be better targetted at the very fact that we have people so desperate they have nowhere to sleep but a doorway or under a bridge? It’s like the facebook “like this to stop cancer” posts: pointless. If you’re really concerned and want to help, Crisis is this way, and Shelter is over here.

Secondly, if anyone is seriously suggesting we should design the urban environment to accomodate desperate homeless people because there’s nowhere else, then we have failed as a society.

That’s worth getting angry about.

As the Internet acronym goes, IANAL, and don’t claim to be, or indeed to know that much about legal process, but Tim Turner does: he trains people “on Data Protection, FOI, EIR, PECR and Information Rights“.

He’s written a very good blog post here on what actually is legal when it comes to direct marketing (what I would call spam…), and indeed, what isn’t, which would seem to make a pretty clear statement about this, for a start, and also, I was pleased to see, mentioned that lovely firm Amber Windows getting a kicking.

Please read the blog, and then start to think about the unsolicited calls, texts, and email you receive.

Note: this is an old post- originally drafted nearly a year ago, but recently I’ve been reminded of it by the surprising results of a poll, showing that 80% of people want a default 20 mph limit, and the also interesting observation here.

On to my old post:

I was all ready to go into a full, frothing-at-the mouth rant about something that seems to be gaining ground: Twenty’s Plenty, a campaign for the default speed limit to be 20mph, not 30.

Instead, I’ll try to give a reasoned argument. I’ll set my stall out here: I’m a driver, I speed at times. I’m also a cyclist and pedestrian, like I’d imagine a lot of people are.

I think many speed limits are too low. Some are too high- tiny residential estate roads with a 30 limit, for example, but many main roads are crippled with a low limit: many urban roads around towns were built with a 40 limit, which has been lowered.

I also think that 20 limits have a lot of merit, but feel strongly that that is far too low for a default. 20 limits are fine in areas where no sane individual would be doing much more anyway: housing estates, shopping areas, near schools, for example, but the 30 mph limit is entirely appropriate for a great many roads. I’m sitting writing this looking out at a road that has a 30mph limit that is generally exceeded a little- a residential road that happens to be a B road, and carry a reasonable amount of traffic- and the only thing that seems dangerous is the occasional nutter at 60+.

My big concern is that if 20 is the new 30, we’ll see it on almost everything. I’m also concerned about some of the things presented on their website.

What’s wrong with 30 mph?
Well the 30 mph limit was actually brought in as the national speed limit for built-up areas in 1934. Prior to that the 1903 Motor Car Act designated a specific category for the Motor Car. It also raised the speed limit to 20 mph. The Road Traffic Act of 1930 abolished the 20 mph limit for cars of less than 7 people. This led to such an increase in road deaths that just 4 years later the 1934 Road Traffic Act introduced the 30 mph speed limit in built-up areas. Whilst in 1934 this may have been an acceptable limit, the huge increase in the number of motor vehicles on the roads has created a huge imbalance in vulnerability between pedestrians or cyclists and motor car users.

This is happily forgetting that while, yes we have much, much greater traffic density, at the time of the 30mph limit being increased, a typical car was the Austin 7, a car with cable brakes, initially only operating on the rear wheels. If you drive even a 1960s or 1970s car today, you’ll find the handling, grip levels, and stopping distances are vastly inferior to today, as is the pedestriam safety should you hit someone.

As to vulnerability of pedestrians and cyclists, they’re always much more vulnerable- and vehicle drivers will always need to remember this: the aim should be not to do that at all, I would suggest.

What are the benefits of 20 mph?

Whilst the safety benefits may justify 20’s Plenty on their own, there are additional real benefits for lower speeds. Traffic noise drops considerably, as does pollution. Your street becomes a far more pleasant place to be and this encourages people to walk or cycle instead of using the car.

Pedestrians, as a rule, will (or should) be on a footpath, except in a pedestrianised area, which should, of course, be devoid of vehicles, and personally, when I cycle, I find that cars at 20mph (in a traffic-calmed street, for example) are very awkward: their speed is far to close to mine, so far too much time is spent closer to a moving car than I’d like- in a 30 limit they’ll be past and gone. As to the noise and pollution, I’d like to see some hard facts there: 20mph may necessitate use of a lower gear, *increasing* noise and emissions- most medern cars will just pull 30 mph in 4th gear, but 20 will definitely need 3rd.

I’d also suggest that those people that are going to walk or cycle will already do so: people that want to drive will continue to do so.

It’s a complex, difficult situation.

I’d personally have more support for 20mph as a limit if it’s applied sensibly, and limits are reviewed wholesale, and meaningful data is recorded and acted upon, not just an unconsidered reaction.

I’m also of the opinion that many people would like a 20 limit in their own roads, but not anywhere else, and I think this observation is quite revealing:

This is anecdotal evidence that most drivers want to travel above the 30mph limit, and definitely above 20, which again, is somewhat at odds with the survey’s results.

I’m really thinking here that we’re seeing a “it’s OK for me to drive at above 20/30, but anyone else doing it is a dangerous lunatic” and “it’s Ok to drive above 20/30, except in my road, where it’s dangerous”. I’ve also noted that more than one prominent supporter of 20mph limits seem to be non-drivers (and indeed, non cyclists), which I’d say probably makes it hard to make an objective judgement about what constitutes the best balance of speed, emissions, and safety, though given the alarming lack of awareness of the laws of physics governing a ton and a half of car, it’s clear that there’s plenty of drivers that can’t, too.

People, huh?

Looking at figures, oddly, there’s a suggestion that there’s been an increase in casualties in 20mph limits, and slight reductions elswhere, but the problem here is that we don’t know if this is simply because there’s more 20 mph roads to get injured in. There’s a fairly clear indication that there’s less severity of injury, as you’d expect. It’s my opinion (but this is only opinion) that traffic-calmed areas or very low speeds cause pedestriams to take more risk, but that the lower traffic speeds mean that the chance of an collision resulting is much lower, and that if it does, then injuries will be less severe.

The second link above draws the distinction between 20mph limits and 20mph zones: Zones have traffic calming such as humps, chicanes, and road markings as both physical and psychological devices, limits alone don’t have these- it’s clear the zones are much more effective, and these are usually in narrow, dense streets where it’s quite clear that 30mph would be unacceptably risky.

The problem here is that the data isn’t clear and uniform, there’s conficting and incomplete data, which seems to be no way to make a decision. The debate rages on…