The Daily Mail is always a good bet to get the blood pressure up but the one that took my eye today dovetails nicely with some thoughts I’ve been having about modern houses.
The first thing that comes to mind when reading the story, is why didn’t it occur to them that the garage was too small when looking at the house? I mean, I’m no garage expert – I don’t have one, nor anything to park in one – but even a quick look at the photo caused me to think: “Cool. A garage door to the garden shed … making it easy to park the lawn mower. But why is it pointed in the wrong direction? And where’s the garage?”.
But anyone moving house knows that you get swamped with details, and anyone without OCD is likely to miss a detail or two.
But why were the developers building garages too small for cars? It’s not as if garages are difficult to size sensibly. Just walk down the street someday measuring a random selection of cars, and you’ll soon have an idea of how wide a car is. And it doesn’t take a genius to figure out that you need a bit of added space on both sides to let people out. Hell, I thought of it, and I’ve never used a garage.
The developer has responded to the house buyers with the standard advice: Why didn’t you use a tape measure? But you have to ask why the developer chose to build a garage so small that anyone using a tape measure would run a mile rather than stump up the cash. Probably there’s an element of stupidity and lack of oversight in the design department. Plus pressure to make houses as cheap as possible – a big garage takes more bricks, and more bricks cost more money.
And if you look at modern homes, you see that the inclination to make homes cheaper has resulted in smaller homes.
Average Home Sizes
At least it does in the UK. Why are our homes so small?
But instead of pure floor area, there are other aspects to home sizes. Why are modern ceilings so low ? In an age when very few people are shrunken by childhood malnutrition, we are far taller on average than we were in the 19th century. Yet to get a decent ceiling height, I have to choose a Victorian era maisonette to live in. Low ceilings make modern houses feel cramped to me.
And why are doorways still too narrow for wheelchairs? Adjusting doorways and hallways for a wheelchair user – either on a full-time or part-time basis – must be a complete nightmare. So why not size them sensibly for new builds ?
Reducing housing costs is sensible in itself, but being mean in terms of size is the wrong answer. The real answer is to be smarter but perhaps property development companies are too busy making money to be smart.
According to some, the introduction of Google’s latest product – the Glass(es) – will undoubtedly herald the end of civilisation as the we know it and the survivors will be skittering from bunker to bunker in a forlorn hope of evading surveillance. Actually the biggest threat Google’s Glass(es) have to the world, is the threat to proper grammar – they’re glasses!
The strange thing about the lists of problems encountered with Google’s Glass(es) is that they are “problems” that are already here. Google has done something nifty with their product, which is basically to integrate possibilities into something a non-geek can use. And it is not as if it is particularly revolutionary – people have been looking at augmented reality on smartphones for years and thinking that it was pretty cool, but wouldn’t it be better if you didn’t have to hold up your smartphone all the time?
The big problem is the threat of pervasive surveillance, and threats that come about as a result of that pervasive surveillance. If Google were never to have invented these things, we would still have a problem with pervasive surveillance. As other have pointed out, the use of video (and still) recording on smartphones is already bring in an age of pervasive surveillance; or at least pervasive surveillance under the control of individuals as we already have pervasive surveillance by corporations and government.
It is true that there are negative aspects to pervasive surveillance, but it is also true that there are positive aspects too. Street crime becomes a far riskier proposition if everyone around can just say “Ok. Start recording video.”. People getting up to foolish activities being “outed” on Youtube? The more it happens, the less the pain.
And of course make laws to punish the publication of privacy invading video but not the recording of it; with a proper public interest imminity. That is what the public should be interested in, not what it wants to be interested in.
There are those who say that publication of embarrassing activities onto social media sites may make it harder for people to get employment. The fault here is not what is published to social media sitesnor people who take part in such activities, but with the employers who insist on having employees so squeaky clean. If you never employ people who never dance naked on top of a table, you’ll end up with boring employees.
And I’ll bet that there is a high incidence of naked table-top dancing in the past of anyone whose thinking is inventive, creative, and out-of-the-box. Or in other words, employers should be going out of their way to hunt down and employ the naked table-top dancers (No I probably haven’t).
There are those who say that it will somehow increase bullying. It is true that this will be an extra tool in the arsenal of bullies, but in can also be an extra tool in the arsenal of those targeted by bullies. To stop what happened to Amanda Todd (and others), we need to stop bullying whether assisted by technology or the old-fashioned kind.
And of course we have the argument that Google is powerful enough already, and Glass(es) will make that worse. Well, first of all Google Glass(es) won’t be the only product of this kind out there. And if Google is too powerful, it is time to chop them down to size rather than blocking this product.
At least the hysterical reaction of some businesses is giving me a new retirement fund possibility. When I eventually get around to getting some, mine will have prescription lenses in, and any business that wants to ban me will get sued for discrimination against the “disabled”.
We need to be careful of condemning a technology for the poor behaviour of people, when it is the poor behaviour that is at fault.
Probably not … this is hardly the first time that the Tories have had a spat over membership of Europe.
But when one of them grandly announces that they are all united over Europe, you know there’s trouble. You hardly need to announce that you’re united when there’s no trouble.
When you’ve got Lord Howe announcing that David Cameron is running scared over Europe, and rumours of someone close to the top using the phrase “swivel-eyed loons” in connection to grass-roots party activists, then you have a party with definite issues. In addition to the normal doubts over Europe, Tories have a streak of unrealistic traditionalists within their party – who could quite well qualify as “swivel-eyed loons”.
The loons want to hark back to a time when Britain had an empire, hung serious criminals, flogged less serious criminals, and a few other policies from the 19th century. And the thought of co-operating to any extent with the old enemies of France or Germany raises the hackles.
Well they are entitled to their views, and I’m entitled to borrow a phrase and call them “swivel-eyed loons”. And good luck to them; they will be the cause of the Tories becoming unelectable for another decade or so.
And of course there is the other half of the party – those with more than one brain cell – who realise that such archaic world views are really not helpful. Could the division cause the Tory party to splinter? Well there’s always wishful thinking.
But realistically there is already a place for disgruntled Tories to head off to: the UKIP party. You could almost say that the split has already occurred and that we’re watching the painfully slow death throws of the old Tories.
The strange thing about being involved in information security is the phenomena of cyber warfare.
After all, what does tinkering with computers have to do with real war? Well it depends what all that tinkering leads to, and we simply do not know what would happen in a real war. We are in the beginning of the era when aggressive hacking supports war.
But probably the overwhelming majority of activities labelled as cyber warfare are in fact espionage, or a grey area in between. Any kind of hacking that leads to information disclosure, is espionage rather than warfare. More aggressive hacking – such as writing malware to spin centrifuges into destruction – falls into the grey area between espionage and warfare; it’s too aggressive to be labelled espionage, but isn’t part of a legal war (and yes there is such a thing). In terms of legality, it could well be that such acts are illegal acts of war, but morally justified.
And why is China always the bad actor here? Practically every hacking conference video dealing with cyber warfare drops big hints about the activities of China with little in the way of evidence. There is some evidence that China may be involved in cyber espionage, but as for cyber warfare itself, there is far more evidence for the involvement of the US, Israel, and even the UK; although the rumoured replacement of an Al-Qaeda recipe for a pipe bomb with one for cupcakes doesn’t seem like an act of war, but perhaps an exhibit of the English sense of humour.
Part of the problem is that anyone who reads their firewall logs will find a huge number of attacks coming from Chinese address space. As an example, a quick inspection of the addresses blocked on one of my servers for attempted ssh brute force attacks gives the following table :-
Count
Country Code
Country
255
CN
China
51
US
United States …
29
KR
Korea (South)
19
BR
Brazil
17
DE
Germany
15
IN
India
13
RU
Russia
13
GB
Great Britain
13
FR
France
11
ID
Indonesia
This is not intended to be an accurate reflection of anything other than the number of infected machines trying to brute force accounts on my server.
The high presence of China is an indication of the number of malware infections within China, and the large population of the Chinese. It doesn’t actually say anything about where those attacks originate. Every hacker with enough sense to tie up their shoe laces will be pivoting through privacy proxies, and using armies of infected hosts to send out their attacks. These infected hosts are the ones whose addresses show up in your logs.
Assuming that because these addresses are Chinese means that the Chinese state is behind attacks is faulty logic. There is no reason why the Chinese state hackers (if they exist … although it is almost certain they do) would use Chinese addresses to attack from; they are more likely to be using addresses from the US, Europe, South America, etc. If anything, attacks coming from Chinese addresses indicate :-
Private sector hacking (which is the majority)
Attacks from state groups other than China.
It may well be that China is engaged in industrial scale cyber espionage; it may also be that what people assume are Chinese attacks are in fact other states. After all cyber espionage is probably one of the cheapest ways to get involved; within the means of even the smallest and poorest states.
The immediate reaction amongst security professionals to hearing about Java security exploits is to ask: “Haven’t you disabled Java in the browser yet?”. Disabling Java in the browser is both sensible, and a touch naive.
Browsing the big bad Internet with Java enabled is sort of like wandering around a major tourist attraction with an overly stuffed wallet half-poking out of your back pocket. An invitation for the less than moral to try their luck.
So disabling the use of Java within a web browser seems like a sensible suggestion, and is almost always the right thing to do in a domestic situation.
But in a corporate environment, there is almost certainly some “application” in use that requires Java (or even worse, IE6). And as soon as it is made plain that disabling Java will (or might) prevent corporate applications from working the reaction is to reject the measure to disable Java. Which is perfectly understandable – the cost to an organisation of a certain loss of access to a corporate application may very well be greater that the potential loss due to an unknown threat.
Or perhaps the cost of the former can be measured; whereas the cost of the later cannot.
However this overlooks a relatively simple solution to the problem :-
Use one browser to run corporate applications. This can be as simple as a voluntary measure, or be made compulsory through a variety of controls. It could even go as far as to implement icons to access web-based applications as if they were desktop applications, using a browser deliberately configured to make general web browsing impossible or at least painful.
Use a separate browser to access the Internet. This can be configured differently to prevent the use of dangerous plugins, and indeed can be updated without performing the whole bank of testing needed to confirm compatibility with corporate applications.
We have grown too used to assuming that a computer needs only a single web browser, and that all “applications” accessed through the web, should be accessed through that single web browser. Ignoring the fact that there are different requirements for browsing the web in general, and making use of corporate applications.
There are organisations where access to the Internet is banned because the risk to the organisation is too great. Other organisations reduce the risk by the use of the “air gap” where separate computers are used – one to access corporate applications, and the other to access the Internet.
That is going a little bit too far for most organisations, but that does not mean that increasing the “gap” between Internet access and corporate applications is not a sensible move. And using separate web browsers is the first step along the road of increasing that gap.
Sigh. Yet another company under the foolish impression that you have to stick an “i” in front of something to make it cool. Which is a bit of a shame really, because this is sort of cool :-
What it is, is an encrypted USB memory stick but unlike most others, this one does not rely on software. You enter the appropriate PIN code on the built in pad, and the storage is unlocked. With everything built into the stick there are a number of advantages :-
It’s a lot simpler. There’s no special software to run to decrypt and encrypt a special file on the memory stick.
Because it’s simpler, it’s harder to make mistakes – there’s no chance of accidentally writing unencrypted data to the stick – don’t laugh, it happens!
Also because it’s not based around a software package, there’s no platform limitations – it’ll work fine with all the odd platforms you can find out there – Linux, Android devices, PS3s, old Unix workstations (if you can find a USB hole to plug it into), etc.
However it’s not perfect :-
There’s concern about how long the keypad will remain reliable for. It should be more than reliable enough, as normal keyboards are reliable for millions of key strokes, and this keypad may well be more reliable (it’s simpler).
Because the PIN is only effective whilst the memory stick is “mounted”, it may require a lot of PIN entries when used in certain ways – such as a bootable device.
Entering the PIN whilst the memory stick is attached may be tricky; it might be better used on an extension lead. Although it’s possible to enter the PIN whilst disconnected, this doesn’t seem natural.
Given the environment that most USB sticks live in (i.e. pockets or handbags), there is a concern that moisture, dust, or fluff could work itself into the casing and interfere with the workings. However the case that fits over the keyboard seems to fit quite well including a rubber seal that should help.
One thing that came as a surprise when I first got it was that it has a re-chargeable battery which seems a touch odd until you realise that some operations can only take place when this stick is not connected. This includes changing the default PIN code, and of course this numbskull took an age to realise that you cannot set the PIN code when it is connected to the computer!
Once that was sorted out, it took very little longer to have a properly working USB stick. It works very much the same as any other USB stick except that when it becomes “unmounted” (I use this under Linux) it refuses to act as a USB memory stick until the PIN is re-entered.
Physically it is on the larger size of what is sensibly carried around in the pocket, but obviously could not be much smaller without making the keypad smaller than it is. Whilst usable, any smaller and the current keypad would become very awkward to use for those with larger hands (such as me).
Long term robustness will have to wait until it has been in my pocket for more than a week. However so far, the following observations have occurred :-
The paintwork of the external casing (the cover for the stick itself) may not be especially robust as a few scratches have already appeared.
The wire loop for attaching to a keyring feels a little flimsy, but perhaps that is because the expectation is for a key ring rather than a loop of wire.
The mechanism for unscrewing the wire is a little fiddly.
Today’s news stories include an item on CERN’s initiative to re-create the very first web page, and it included a tiny bit of history of the web.
The only trouble? Their (the BBC’s that is) history of the web doesn’t quite match my memories of how it happened, and as it so happens I was there. Not at CERN of course, and I can’t claim to be a particularly significant part of the history of the web. But I did create one of the earliest web servers in 1992, and again in 1993 (the archived copy was made in 1997).
The big error in the BBC’s article was the importance of the discussion of whether CERN should try to retain control of the web or leave it to the public to decide. Whilst that decision was undoubtedly important – particularly for keeping the web standardised – it wasn’t quite as important as described as by 1993, the web was already “out there”.
CERN did release the very first server software to support the web, and the very first web browser way back in 1991. The server software (at least by the time I saw it) was pretty much a standard Unix-based piece of software so it could be compiled and run on pretty much any Unix-based machine. The browser (WorldWideWeb) on the other hand was restricted to NeXT-based machines which were relatively rare; most people were restricted to a text based browser called Lynx. The popularity of the web took off when an NCSA project introduced a graphical web browser called Mosaic.
If it had not been for Mosaic, it is quite possible that another graphical web browser would have popularised the web anyway – CERN’s browser had shown what was possible. And Mosaic was not the only graphical browser being created at the time.
The other thing that is often overlooked was that CERN’s “web” wasn’t unique in being an application with a “browser” and a “server” that allowed information to be fetched across the Internet and displayed appropriately. One of the biggest competitors was Gopher, but there were others around at the time. Indeed most early web browsers would happily display “gopher pages”.
The unique “selling” point of CERN’s web, was the use of hypertext as the main content which allowed for information to be presented on the same page as navigation content – most alternatives would have hierarchical menus to browse through until you found the information you wanted at the bottom of the tree.
By 1993, CERN’s “web” was already so widely in use that they had no choice about keeping it to themselves; indeed the decision made by CERN was to formally make their software “public domain” but it was effectively after the horse had bolted.
This sounds like an attempt to trivialise what CERN did – it isn’t. They deserve plenty of credit for what they did, but neither should we forget that something very similar was already happening, and in the end it was the people who created the first interesting web pages and not just the people at CERN who deserve the credit for today’s web.
Normally when I want to do something other than the “standard” thing with logging, I replace whatever came with the server with syslog-ng, but I’ve just had an urgent need to do something with rsyslog. Specifically exclude any messages with reference to a certain card that was generating “corrected” errors at a vast frequency … enough that my /var filesystem was filling up regularly.
Turns out to be surprisingly easy, if you figure out how to get rsyslogd to read the updated configuration.
First the rule :-
:msg, contains, "pcieport 0000:00:09.0" ~
This more or less translates as look for the string “pcieport …” in the complete message sent to syslog and if it appears then discard.
It turns out (quite sensibly) that this needs to appear before any rule sending messages off to a file to get stored for later. And of course the configuration file to edit was /etc/rsyslog.conf.
Before blindly restarting, it’s quite nice to have something that will check the syntax of what you’ve just written to make sure it is valid. Nobody gets this stuff right first time! Turns out there’s a simple way :-
# rsyslogd -f /etc/rsyslog.conf -N 1
Once that stopped giving an error, I needed to get the running daemon to accept configuration changes. It seems that whilst it accepts SIGHUP, it perhaps does not re-read the configuration file so a full restart is necessary :-
In recently announced plans, it appears that the government is going to change the primary school curriculum to include (amongst other things) teaching the times tables up to 12. Now I’m not sure about the other plans, but the insistence on the 12 times table sounds a little to me like an old-school Tory frothing at the mouth declaring that if they had to learn the 12 times table then everyone else should do as well.
Why did we learn the 12 times table? Yes, me too! Who knows, but it may have something to do with 12 inches to the foot. Which of course is totally irrelevant these days given we have sensible decimal based units.
There are those who say that the bigger the times table you learn, the more useful it is. True enough, but once you get past the 10 times table, the incremental value diminishes. And there’s one thing that people forget: Learning the times table is just about the most tedious learning it is possible to do and each extra increment to the size of the times table we teach children should have a damn big incremental value.
Or to put in other words, the larger you make the times table, the more children get turned off maths. Is it worth turning children off maths for those extra 2 numbers 11 and 12? Far better to avoid putting off those children and just teach the 10 times table. If you know that, and a few tricks, then any multiplication is possible.
And frankly a lot of simple arithmetic tricks can be sold as “cheats” which is undoubtedly a nifty way of getting children to have fun whilst learning maths.
So Maggie Thatcher has died. And people are acting somewhat surprised that there is so much polarity in the reaction to her death – well, this is hardly a surprise given just how divisive she was in life. Or perhaps more accurately, how divisive she was in power. It is true that the anti-Thatcher reaction to her death is kind of tasteless – dancing on her grave is not exactly the best of behaviour.
But it is also kind of understandable. The first reactions to Thatcher’s death were from the pro-Thatcher brigade who loudly trumpeted just how good Thatcher was for Britain. The anti-Thatcher mob understandably reacted negatively to all of the positive things that were said about Thatcher in the first few hours.
What might come as a surprise to people who weren’t around in Britain during Thatcher’s reign (1979-1990) is that whilst Thatcher may well have been the most popular British Prime Minister of the modern era, she was also by far the most hated Prime Minister of the modern era. Because if you have to sum up Thatcher’s career in just one short phrase, it would have to be that she was probably the most divisive Prime Minister Britain has ever had.
If she were still around, she would quite happily admit to not being interested in consensus and to having the ambition of thrusting her beliefs and policies down everyone’s throat. She believed that she was right and that everyone else who disagreed with her was wrong. There are those who would say this is the essential ingredient to “leadership”, but it is actually only half of what makes a great leader; and it’s the dangerous half at that.
Listening to the opposition – and the louder they are, the harder you should listen – isn’t caving in to their demands, but simply listening. They might have something interesting to say.
For example, take Thatcher’s Poll Tax. Thatcher’s intention was that everyone should have to pay something towards the cost of local government in a way that illustrate just how expensive different councils were, and wanted to do so by everyone paying the same (students and the unemployed would only pay 20%). The opposition to the Poll Tax wasn’t based because of this policy, but the way that it was implemented. It could have been possible to implement Thatcher’s policy in a way that would not have caused the level of opposition that we saw :-
Those opposed to the Poll Tax were more opposed to the regressive nature of the tax, than the idea of a simplified means of paying for local government that would make it clearer how much local government was costing. As an example, a local income tax clearly marked in your payslip (“Local council: £37.95 – 1.5% compared with the national average of 1.2%) would quite possibly been much more widely accepted. Of course the Poll Tax was incredibly popular with the rich (as they would pay much less), but unfortunately for Thatcher, there really aren’t that many of them.
To set the context of Thatcher’s government, we have to remember that Britain in the 1970s was in poor shape with an industrial base reliant on old heavy industry, a former empire that was no longer buying British goods by default, paying much higher prices for oil, and of course an unnaturally militant bunch of unions :-
Of course the unions were to blame for everything bad that happened in the 1970s – OPEC rising oil prices, the hot weather in 1976, the civil war in Lebanon, Pinochet’s cout d’etat in Chile. That’s not to say that they couldn’t do with a little cutting down to size, but they probably sounded more radical than they actually were. Having been a member of a union, I can tell you that those who climb up the union hierarchy are those who are interested in the work involved whereas the majority of the members are less politically motivated; the 1970s union leaders may well have had a portrait of Uncle Joe that they regularly worshipped to, but the members didn’t.
There’s truth in the idea that the big heavy industry of the 1970s needed to become more efficient and less labour intensive; there’s also a grain of truth in the union’s claims that a great of rationalisation was more about making money for the company owners than gains in efficiency.
Thatcher’s union reforms - criminalising closed shop agreements, insisting on secret ballots, and preventing secondary strikes – all sound quite reasonable from the perspective of distance, but at the time it was clear that Thatcher was at war with the unions, which to many union members felt like the ruling classes were at war with them. And there was a belief that the long-running and exceptionally bitter Miner’s Strike of 1984 was little more than Thatcher’s revenge for the miners strike of 1974 which humiliated Heath :-
Apart from her attacks on the unions, she seemingly went about favouring the rich over the workers in other ways too. Her “big idea” in economic management was to switch priorities away from employment to reducing inflation. This was arguably a sensible change in priority, but then she also went ahead and raised VAT from 15% to 17.5% in pursuit of her obsession with switching to indirect taxes, which in turn immediately raised inflation. This of course made it necessary to pursue monetary policies much more harshly to try and control inflation, which had a much greater effect on unemployment than would otherwise be the case.
This in turn caused welfare spending to surge making it necessary to much more harshly cut public spending in other areas.
Which of course was compatible with her “no such thing as society” – not the speech itself which was a rant about people feeling entitled to assistance (a theme which is repeating itself), but the whole tone of her policies. Thatcher may not have been a disciple of that poisonous Nihilist Ayn Rand, but the only way to tell the difference was that you could find Thatcher in a church. Thatcher was all in favour of the “self-made man” which all too often turned out to be a loud-mouthed business-sociopath of the kind that inspired Harry Enfield’s loadsamoney character.
There’s a lot of truth in the at first rather bizarre claim that Thatcher was behind the current banking crisis – her deregulation of the banking industry kick started the whole big gambling side of banking and encouraged a whole generation of bankers to gamble bigger and bigger. Those that learned the wrong things in the 1980s were the ones at the top of the banking industry during the 1990s and 2000s when the mistakes that led to the collapse of banking were prevalent.
In terms of housing, her policies were rather bizarre. Her policy of selling off council houses at knock down prices was (for her) a way of bribing the electorate into voting for her. The effect on the people who bought their own council houses was positive, but Thatcher’s insistence that councils be prohibited from using the proceeds to build more social housing is rather extraordinary. Not only would it stop further generations from buying their own council houses, but it was almost guaranteed to result in a housing-bubble with house prices escalating out of control.
It’s probable that Glenda Jackson said it a whole lot better than me :-
