Archive for the 'YamYamBlogs' Category

Openretch

Wednesday, April 16th, 2014

Can anyone tell me how BT’s line providing division, Openretch Openreach survive?

The company I work for provides network services to varying people and organisations, and this means dealing with telecoms providers, and that almost certainly means the loose collective of fuckwits we know and love.

So far this week, I’ve had:

1) In response to a circuit order in a building that is partially let out (and where the BT duct enters via the let out area, and is a retail shop) “can we come tomorrow”.

2) In response to an order made 3 months ago, in a central Birmingham hotel, with the clear stipulation “you must make an advance appointment, the circuit is required by 17/4/14″, an “engineer” arrives today, has to wait a few minutes and is told “no, sorry, the room is in use, come back tomorrow”, and says “no”.

Said engineer was told “sorry, you have to. This is required by 1pm tomorrow, and was ordered 3 months ago. It cost a metric shitload of cash, and you haven’t called in advance, like we told you to, and you do this *every time* we request this. The room is available afer 5:30, or anytime tomorrow”

*shaking of head*

This barely describes the quantity of fucks the engineer didn’t give. “Resourcing”, he said. “not gonna happen”. “we’re only supposed to wait 15 minutes, and I’ve been 20″. The guy was, to be fair, a master of fuck not giving.

and not a single fuck was given.

Behold!

He departed. I called my colleague, among whom’s many talents are shouting at BT (and personally, I think it would be worth his salary just for that). He did so. Our circuit should be active tomorrow AM. We have a reference and everything. I will not hold my breath.

Honestly, if they weren’t still a virtual monopoly, they’d be fucked. I’m very thankful to the abilities of my colleagues, and still wondering what shape BT would be in had they not inherited a state-owned monopoly, but thanking my lucky stars I don’t have do deal with Cable and Hopeless Wireless any more, because they had sufficent sense to disappear.

[edit]

The engineer (the same one) came back the next day, and it worked….

Twenty’s Plenty?

Saturday, April 5th, 2014

Note: this is an old post- originally drafted nearly a year ago, but recently I’ve been reminded of it by the surprising results of a poll, showing that 80% of people want a default 20 mph limit, and the also interesting observation here.

On to my old post:

I was all ready to go into a full, frothing-at-the mouth rant about something that seems to be gaining ground: Twenty’s Plenty, a campaign for the default speed limit to be 20mph, not 30.

Instead, I’ll try to give a reasoned argument. I’ll set my stall out here: I’m a driver, I speed at times. I’m also a cyclist and pedestrian, like I’d imagine a lot of people are.

I think many speed limits are too low. Some are too high- tiny residential estate roads with a 30 limit, for example, but many main roads are crippled with a low limit: many urban roads around towns were built with a 40 limit, which has been lowered.

I also think that 20 limits have a lot of merit, but feel strongly that that is far too low for a default. 20 limits are fine in areas where no sane individual would be doing much more anyway: housing estates, shopping areas, near schools, for example, but the 30 mph limit is entirely appropriate for a great many roads. I’m sitting writing this looking out at a road that has a 30mph limit that is generally exceeded a little- a residential road that happens to be a B road, and carry a reasonable amount of traffic- and the only thing that seems dangerous is the occasional nutter at 60+.

My big concern is that if 20 is the new 30, we’ll see it on almost everything. I’m also concerned about some of the things presented on their website.

What’s wrong with 30 mph?
Well the 30 mph limit was actually brought in as the national speed limit for built-up areas in 1934. Prior to that the 1903 Motor Car Act designated a specific category for the Motor Car. It also raised the speed limit to 20 mph. The Road Traffic Act of 1930 abolished the 20 mph limit for cars of less than 7 people. This led to such an increase in road deaths that just 4 years later the 1934 Road Traffic Act introduced the 30 mph speed limit in built-up areas. Whilst in 1934 this may have been an acceptable limit, the huge increase in the number of motor vehicles on the roads has created a huge imbalance in vulnerability between pedestrians or cyclists and motor car users.

This is happily forgetting that while, yes we have much, much greater traffic density, at the time of the 30mph limit being increased, a typical car was the Austin 7, a car with cable brakes, initially only operating on the rear wheels. If you drive even a 1960s or 1970s car today, you’ll find the handling, grip levels, and stopping distances are vastly inferior to today, as is the pedestriam safety should you hit someone.

As to vulnerability of pedestrians and cyclists, they’re always much more vulnerable- and vehicle drivers will always need to remember this: the aim should be not to do that at all, I would suggest.

What are the benefits of 20 mph?

Whilst the safety benefits may justify 20′s Plenty on their own, there are additional real benefits for lower speeds. Traffic noise drops considerably, as does pollution. Your street becomes a far more pleasant place to be and this encourages people to walk or cycle instead of using the car.

Pedestrians, as a rule, will (or should) be on a footpath, except in a pedestrianised area, which should, of course, be devoid of vehicles, and personally, when I cycle, I find that cars at 20mph (in a traffic-calmed street, for example) are very awkward: their speed is far to close to mine, so far too much time is spent closer to a moving car than I’d like- in a 30 limit they’ll be past and gone. As to the noise and pollution, I’d like to see some hard facts there: 20mph may necessitate use of a lower gear, *increasing* noise and emissions- most medern cars will just pull 30 mph in 4th gear, but 20 will definitely need 3rd.

I’d also suggest that those people that are going to walk or cycle will already do so: people that want to drive will continue to do so.

It’s a complex, difficult situation.

I’d personally have more support for 20mph as a limit if it’s applied sensibly, and limits are reviewed wholesale, and meaningful data is recorded and acted upon, not just an unconsidered reaction.

I’m also of the opinion that many people would like a 20 limit in their own roads, but not anywhere else, and I think this observation is quite revealing:

tweet-20

This is anecdotal evidence that most drivers want to travel above the 30mph limit, and definitely above 20, which again, is somewhat at odds with the survey’s results.

I’m really thinking here that we’re seeing a “it’s OK for me to drive at above 20/30, but anyone else doing it is a dangerous lunatic” and “it’s Ok to drive above 20/30, except in my road, where it’s dangerous”. I’ve also noted that more than one prominent supporter of 20mph limits seem to be non-drivers (and indeed, non cyclists), which I’d say probably makes it hard to make an objective judgement about what constitutes the best balance of speed, emissions, and safety, though given the alarming lack of awareness of the laws of physics governing a ton and a half of car, it’s clear that there’s plenty of drivers that can’t, too.

People, huh?

Looking at figures, oddly, there’s a suggestion that there’s been an increase in casualties in 20mph limits, and slight reductions elswhere, but the problem here is that we don’t know if this is simply because there’s more 20 mph roads to get injured in. There’s a fairly clear indication that there’s less severity of injury, as you’d expect. It’s my opinion (but this is only opinion) that traffic-calmed areas or very low speeds cause pedestriams to take more risk, but that the lower traffic speeds mean that the chance of an collision resulting is much lower, and that if it does, then injuries will be less severe.

The second link above draws the distinction between 20mph limits and 20mph zones: Zones have traffic calming such as humps, chicanes, and road markings as both physical and psychological devices, limits alone don’t have these- it’s clear the zones are much more effective, and these are usually in narrow, dense streets where it’s quite clear that 30mph would be unacceptably risky.

The problem here is that the data isn’t clear and uniform, there’s conficting and incomplete data, which seems to be no way to make a decision. The debate rages on…

Walsall Beer Festival 2014

Tuesday, April 1st, 2014

Just a quick note: It’s Walsall Beer Festival this week, starting Thursday 3rd of April at 5pm. If last year’s is anything to judge by, it’s a great event with fantastic beer. I’m planning an early visit, as the popular beers tend to sell out fast.

More details on Walsall CAMRA’s website.

Transformer

Tuesday, April 1st, 2014

It’s amazing what a few minutes spannering and a very few quid can achieve. After my bike was nicked almost a year ago, I bought a Carrera Subway hybrid from Halfords. It’s a great bike: reasonably light, and decent quality for what realistically isn’t a lot of money in bike terms. Most components are good quality, and there’s disc brakes, which are a revelation after v-brakes.

A few things have needed attention: a minor bit of oiling, the perpetually loosening clamp that holds the saddle to the post (as the clamp is alloy, I was probably a bit limp-wristed when tightening it, but just in case it has low-strength threadlock now), and the handlebar clamp worked a bit loose too. Other than that, just a hosepipe to get the worst of the mud off.

One thing I’d been meaning to do for ages was replace the pedals: the original ones came with toe clips, whick i’ve never got on with, so I didn’t fit them, but the pedals were quite smooth, with only minor lumps for grip. This resulted in regular cursing as my feet slipped, and a couple of rides in the wet recently convinced me to do something.

A bit of searching and advice from that very nice BrownhillsBob turned up some new pedals for around £12, and when they arrived, I was pleased to see they were almost identical to the OE pedals, but with grippy studs that screw into the body. Here’s the old and new side by side:

New pedal on left, fitted to bike.

New pedal on left, fitted to bike.

A few minutes with a spanner (remember, pedals are handed- marked L & R, and both unscrew towards the back as one has a LH thread), and it’s time for a test ride.

Trust me, the half-hour or so spent on a bit of maintenance was worth it. It’s like “newly serviced car effect”; everything seems to work better, the riding is easier, and everything’s a lot more pleasurable: a 20 minute spin up to Brownhills had me smiling, even though I was covered in mud, and it has to be said the prospect of loosening handlebars didn’t seem like a good idea.

Spam School

Thursday, March 27th, 2014

The other day, I was unpleasantly suprised by this email in my inbox:

Spam, spam, spam and spam

Spam, spam, spam and spam

Most spam is pretty generic, and gets culled by Spamassassin without me ever seeing it, but this one stood out as it didn’t hit the filter (sneaking under the radar with 3.9 points of spamminess), and it had an attachment that wasn’t a zip file containing a virus.

As you can see, it’s from Pat Jewitt, whose email address is pat@qe.org, for all you hungry spambots out there.

Pat seems to be registrar of Queen Ethelburga’s School, who are busy promoting their expensive service by spamming me. I took exception to this,

Screenshot from 2014-03-27 18:21:42
as I have no prior relationship with them: for a start, I have no children.

No answer for several days, so I kept trying. Then tried again:

Not Giving Up

Not Giving Up

This was a reference to my UCE policy here.

The mail originated from a netblock goegraphically right for the school, and appeared to be from a legitimate email server for the school too:


Received: from mta3.mail-qe.org ([185.7.151.53])

So this seems to be a fairly blatant bit of spamming from the school itself that they’ve done fairly decisively, rather than handing off to a third party. The links were all correct, not passing thorugh a linkbait or click-thorugh referrer too.

I eventually got a response to my question as to if I should send a bill:

Very Professional.

Very Professional.

Charmed. I’m sure. Do they have a vacancy for a PR officer?

After a few questions (read from the bottom):

Screenshot from 2014-03-26 22:38:20

They changed tack. You’ll note my questions, and the link I posted, refer to this legislation and indeed this definition.

Hmmm...

Hmmm…

Now, in my opinion this sounds like a clear breach. I’ve had no prior contact with this organisation, they have bought my email address from some shady spam company, and are now spamming me with completely irrelevant mass-marketing junk.

At worst this may be illegal, though I should stress I’m not a lawyer. At best, it’s poor netiquette and a pretty unpleasant way to behave.

It’s quite telling that there’s a unsubscribe link, labelled “If you consider this email to be SPAM please report abuse click here” as well as an unsubscribe- this is almost as if they know they’re doing wrong. (The unsubscribe is required by law, I believe). Also, both links are a http request to the sending server- again this looks like they have gone out of their way to set this up themselves.

The school looks to be a well-funded, expensive organisation, just a pity they see fit to tarnish their reputation by buying email addresses. There are ways to market yourself without upsetting the nerds.

At this point, many of you might be thinking that there’s a quick fix: delete the damn email and forget it. I nearly did that, but here’s a thing: I spend my day job working with mail systems. Many of these would be simpler, and more reliable, were it not for all the kludges that we have to implement to stop this rubbish. DNSBLs, sender ID, authenticated SMTP, restricted relays, spam filters, and all the other bits that make mail harder and more complicated are all because of this.

The next time you go onto a wifi hotspot and can’t SMTP mail, or you get an email bounce with a 550 error, or dissapear with no non-delivery report, that’ll be why. Spam is delivered partly at cost to you: using your bandwidth, your disk space, and your time.

If you have a company email server, you pay someone to guard you against this shit. Your ISP and mobile phone provider pay people to do the same. Commercial spam filters cost thousands of pounds to run.

Question is, do I inform the ICO?

Southport

Sunday, March 2nd, 2014

I decided we deserved a weekend away, so we went to Southport. Somewhere we’d always meant to go, and having had a reccomendation from friends (“It’s very Victorian, you’ll like it”) we departed.

It’s surprisingly close: 2 hours, a hundred or so miles, and yes, it is very Victorian. The rather splendid Lord St is lovely, and the Pier is fine- the second longest in the UK, and as the longest is the admittedly long, but dull, Southend, it’s Southport FTW, as there’s a bar at the end, for a start.

One building caught my eye from the pier: this lovely, huge Victorian pile of an ex-hospital:

Tho old Southport Promenade Hospital, Now Marine Gate Mansions.

Tho old Southport Promenade Hospital, Now Marine Gate Mansions.

which is now appartments, with a half-million pound price tag(PDF, 1.2MB).

Southport is a oddly laid out place: the pier bridges a lake between the town and the sea, and the actual seafront has a retail park (where our hotel was), which presumably is the type we’ll soon have in Walsall, with a cinema, and a large selection of crappy chain restaurants:

Share and enjoy: crappy chain restaurants and a cinema: seems inexplicably popular.

Share and enjoy: crappy chain restaurants and a cinema: seems inexplicably popular.

I don’t know if the land is reclaimed, but it’s odd: the promenade is some way back: you’d imagine the hotels and pubs would be on the front, not a modern retail park.

We had a fabulous meal, a few drinks, and a bit of a stroll: one to revisit with more time, the town is affluent, but not up itself, architecturally good (mostly), and a blend of seaside and town.

Close Call

Monday, February 24th, 2014

Today, a colleague had this email:

A Spear Phishing attack

A Spear Phishing attack

from “customercare@parcel-tracking.net”. It fooled two people: The original recipient forwarded it to a colleague to deal with, who clicked on the link, and got this:

Nice mock-up....

Nice mock-up….

With graphics nicely nicked from the genuine Royal Mail site. The URL calling the site had a ID embedded, presumably to mark the recipient out as a sucker if they click, so I changed it for my investigation. The Captcha image remains the same, even if you vary the ID.

If you enter the code, you get prompted to download a .zip file with a random filename, and inside the zip file is a windows executable, disguised with a icon for Adobe Acrobat Reader.

Should you be convinced enough to run the attachment, you’ll get a pop-up demanding money to unencrypt your files, and this is no idle threat: running this inside an isolated Windows XP Virtual Machine really does damage files in My Documents- this is known as ransomware. Fortunately, the security measures on the computer used by this user stopped it.

Time for a reminder: think before opening. Questions the user *should* have asked:

1. Why would Royal Mail know my email address?

2. Why would they not just post a card through the letterbox?

3. Why “nobody was at home” for a business address?

4. Why would I need to download and run something just for a receipt?

To be fair, item 4 is picking flies a bit: some websites demand plug-ins or other crap, so differentiating the genuine from the scam gets harder.

Also, the site and email are quite a nice mock-up, using elements from the real site. Fairly convincing, and it also had the correct business name, which is a clever touch.

[edit]
It’s also worth noting that our (up-to-date) anti-virus didn’t catch this, either the original email or the downloaded file. It seems to be a zero-day attack.

Shocking Misinformation

Sunday, February 23rd, 2014

Something annoyed me this week. That in itself is not unusual: I’m a grumpy, middle-aged man, so annoyance is a regular event, but this annoyed me because it was a myth and oversimplification that I’ve heard repeated as gospel, when it doesn’t atand up to examination.

It started as a tweet, retweeted into my timeline, pointing at this webpage. You can find it on feckbook, too.

All bar adapters are rated to 13 amps and that means its all they can safely take. So if you were to plug in a TV, video, lamp and satellite box your pretty safe as that = 12 amps in total.

I’ll just come out and call this. It’s bollocks, even ignoring the poor grammar. Oversimplified, unscientific, made up bullshit. Don’t believe me? Look at this from the Electrical Safety Council. I’ve substituted a DVD player for a VCR, as VCRs are obsolete:

Screenshot from the ESC's overload checker showing well under a 3A load.

Screenshot from the ESC’s overload checker showing well under a 3A load.

Curiously, they link the ESC calculator from that page. They also, of course, will come and inspect, for a fee…

The site is making a good point: poor electrical safety causes fires, but let’s get a few things straight:

1. Just because something has a 3 amp fuse, it doesn’t mean it draws 3 amps. The 3A fuse is generally there to protect against a dead short in the cable, should it be damaged. In fact, at 240V RMS, the lamp in the example, even if it has a now obsolete 100W GLS bulb, will draw in the region of 0.63A. Here’s a clue: the maximum load of a 13A socket in the UK is over 3000 watts, and most appliances will tell you their ratng in watts. The first examples given on that page will typically only draw a few hundred watts all together, so there is no way on earth you’ll overload a 13A socket with them.

If there were any truth in what the site was telling us, then commercial PDU strips like this one would not be allowed- it has 10 BS1363 outlets, and has a normal Bs1363 plug with a 13A fuse at the other end.

A commercially available, and safe, PDU with 10 outlets

A commercially available, and safe, PDU with 10 outlets

2. Multi-way adaptors are fused with a BS1362 fuse (max 13A) if they have more than 2 outlets. This is so that you cannot create a “tree” of unfused adaptors to connect many appliances to an outlet with no fuse.

3. The wiring system in a UK house is designed such that any considerable overload will blow a fuse or trip a breaker: the wiring regulations specify that the sizes of cable and the connectors should withstand an overload up to a point where a fuse or breaker will trip.

If you want sensible advice or discussion on this, try The Electrical Safety Council or this discussion on the IET forums.

More generally, the ESC have general advice on adaptors and extensions here. Personally I’ve seen scorched, overheated multi-way sockets, but this is usually due to poor manufacture or damage, rather than simple overloading.

It is true that a fuse will not blow at a moderate, sustained overload- so the advice from the ESC should be followed: they know what they’re on about, unlike the website linked at the top of this post.

Health For Sale: care.data

Tuesday, February 18th, 2014

I’m not going to go on about the ongoing, immoral creeping privatisation of the health service here, though that’s disgusting. If you agree, please take a look at the NHA.

I’m instead wanting to make sure you all know about the effective selling of your medical records to all and sundry. I don’t know about you, but I expect my medical records to be something confidential to people treating me.

What might surprise you is that there are plans to start uploading your medical data to the HSCIC, The national provider of information, data and IT systems for health and social care.

From brief.care-data.info (a website written by a concerned GP):

GP practices nationwide will soon be required to supply patients’ personal and confidential medical information, on a regular and continuous basis, to the Health and Social Care Information Centre (HSCIC).

Under the Health and Social Care Act 2012, GP practices have no choice but to allow the HSCIC to extract this information.

The Act removes any requirement to seek the consent of either patients or GPs before extracting and uploading the data.

This project, called care.data, is administered by the HSCIC using software and services provided by a private sector company called ATOS.

The HSCIC states that care.data extractions will start from GP surgeries in March 2014*.

The HSCIC will administer the data, and states it intends to use it “for planning health services and for research”.

This is known as secondary uses of your medical records.

Medical staff treating you in GP surgeries, hospitals, A&E, pharmacies and GP out-of-hours centres will not use, or be able to use, this database.

care.data is not about information sharing between healthcare professionals.

The data will be available for sale to people such as:

Pharmaceutical companies
Health charities
Universities and other academic organisations
Hospital trusts
Medical Royal Colleges
Information intermediaries
Think-tanks
Commercial companies
Insurance companies

and may include:

Your NHS number
Your date of birth
Your postcode
Your gender
Your ethnicity
The date you registered with your GP surgery
Your medical diagnoses (including cancer and mental health) and any complications
Your referrals to specialists
Your prescriptions
Your family history
Your vaccinations and screening tests
Your blood test results
Your body mass index (height/weight)
Your smoking/alcohol habits

Do you fancy that? Imagine if you’ve had a drug habit. You’re now clean, but data that you had a habit is for sale.

I don’t think that is on. Neither do many other people, from concerned GPs to the Open Rights Group, who sent me this:

This is a guest email from Phil Booth, Coordinator of medConfidential – the campaign for confidentiality and consent in health and social care.

You may have heard in recent weeks about something called ‘care.data’ – a new scheme by the arms-length body that is now in charge of the NHS in England, which will soon begin uploading confidential information from your medical record held by your GP.

care.data will involve some of your most private, sensitive information being uploaded, processed and passed on or sold in various forms to researchers, pharmaceutical companies, commissioning bodies, insurers, think tanks, ‘information intermediaries’ – basically any organisation or company that can make a plausible case for access.

The decision has already been taken. If you don’t act now, you’ll lose control of your medical information for ever – because once uploaded, your data will never be deleted.

You can now opt out of your medical records being uploaded to care.data using faxyourgp.com. Contact your GP here:
https://www.faxyourgp.com

You have a right to opt out, but the people in charge of the scheme have made it seem as confusing and as difficult as they can. It’s not difficult, but you do need to take action pretty quick. You can opt out here:
https://www.faxyourgp.com

Cheers,

Phil Booth
Coordinator
medConfidential

More on this at The Register.

Please, read the linked sites, and make your mind up. Consider opting-out.

*This date has now been delayed due to pressure.

Sun (roof)

Monday, February 17th, 2014

Today was an unusually bright, clear, pleasant day for lately, so I thought I’d finish the sunroof fixing.

A bargain from ebay got me a complete sunroof assembly: glass, motor, rails and trim. While the manual suggests removing the glass to change the assembly, I elected not to, as the adjustment’s a bit tedious, with fiddly trim pieces and awkward screws. This means a bit more weight to lift in and out. First though, out with the aforementioned expensive grease, so expensive it can only be made from the semen of virgin unicorns. This goes on the plastic slides, and I suspect it’s nothing flasher than a non-sticky silicone grease, designed to avoid picking up muck.

Removal is shockingly easy: disconnect the motor cables, and undo the bolts, leaving one in at the front to take the weight. This stage nearly went wrong- someone had been here before, and one bolt had a half-stripped torx head. I put it back in a more accessible place, in case it ever needs grinding out, but also leaving it a little looser than the others. It would have been nice to get a new one:

Someone had butchered this bolt: I was lucky to get it out, but a good quality bit helped.

Someone had butchered this bolt: I was lucky to get it out, but a good quality bit helped.

but it would be a special order part.

Once the bolts were out, with an assistant helping, the whole assembly comes forward, down, and is free to come out through the tailgate. The new unit goes back in the same way.

With the drain tubes and electrical connections reconnected, 2 tests: first, does it leak, and second, does it work. A pass on both items means it’s time to refit the headlining.

First step is to clean your hands: it’s an irritatingly light grey colour. Rescue any of the clips that came adrift and replace them onto the (scrubbed clean) headlining:

Clips that retain the headlining to the sunroof frame.

Clips that retain the headlining to the sunroof frame.

Then revove the rear headrests, and pass the headlining back in via the tailgate. You have to bend it into place into the recess a little. make sure the interior lamp cable and sunroof switch cable drop through the hole, then Refit the grab handles- note they are handed, and the back ones are different- and the sun visors. If, like me, you broke or scratched the little sunvisor hooks getting the impossibly tight covers off, part numbers 380 857 563, and 380 857 561A are what you need :-/ .

Apply some contact adhesive to the headlining and the plastic supports where the original glue was (bonus point if you can name the CD in-shot on the parcel shelf):

Where to apply glue. There's a corresponding support fixed to the roof.

Where to apply glue. There’s a corresponding support fixed to the roof.


Let it dry for a few minutes, push the lining against the supports, and refit the C-pillar trims.

Finally, refit the sunroof switch and interior lamp, squeeze the clips shown in the second photo on to the sunroof frame, and bask in the joy of a clean refitted headlining and working, non-leaking sunroof, pausing only to order the damned hooks.

Result- a fixed sunroof for less than £100, even with the unicorn-bollocks-depleting grease.


This blog is protected by Spam Karma 2: 35922 Spams eaten and counting...