More Zonkyness

Aren’t Those Key Legends Dumb?

Dec 222012

Take a good hard look at your keyboard. Right Now.

Ignoring the symbols themselves, although there’s a good long rant as to just why the pipe symbol (‘|’) has to be a shifted key, there’s quite a few oddities on the keyboard. At least if you get a chance to think about it. Not so much in what they do, but in their names.

BackSpace

If you are old enough to remember typewriters, printing terminals, or even certain exotic terminals which implemented “backspace” properly, this label is always a bit grating. Why? Because a backspace does not delete anything, but is a way of overwriting symbols to generate other symbols – you could always write a cent symbol by entering ‘c’ followed by a backspace and finally a ‘|’ to get a ¢What we see when we press the backspace key today could be more accurately described as ‘delete last character’, or rubout (as used on some old keyboards). So the backspace key should really be the “Rubout” key.

Delete

And whilst we’re in the region of deleting characters, what about the “delete” key? What is it supposed to be deleting? The character under the cursor ? The word under the cursor ? The line? The next line? Well we know what it is, but that is no reason not to make the key legend more explicit.What about “Delete Next” ? This gives an alternative for “Rubout” as “Delete Prior”.

Enter/Return/Carriage Return

Again, if you go back to the distant past and dig out an old clunky typewriter you will find a large key at the right of the keyboard that would cause the roll containing the paper that the letters were printed onto, to shoot back to the right [corrected] and move up one line. This was the carriage return. And of course it makes no sense for our modern keyboards to have a key labeled after a physical action that no longer exists.Some have a key labeled “Enter” in addition to “Return” (or sometimes instead of “Return”), but what does that mean? Enter what? The next line? There have been keyboards in the past with a more sensible “New Line” key, but that trend did not take.

Does it not make more sense to label the key after what it does rather than it’s historical purpose? What do we use the “Return” key for these days? Well it’s either to start a new paragraph, or to do the command we have just typed (into a command-line shell). So what about “New Paragraph/Do” ?

Alt Gr

Also known as Alt Graphics which originally was a key for composing box graphics, but is now used for producing alternate graphemes from the keyboard such as ©, ™, Ä, etc.
Or perhaps more explicitly, it produces symbols that be produced by the keyboard normally not available.So why not simply label the key after what it produces? Such as “Symbols” ?

The “splat” (Windows)

There are two problems with the Windows key. Firstly why is it an icon when the rest
of the keys are text-based? It is not as if the other non-symbol keys do not have suitable “icons” such as ⎇ for Alt. Use either icons or text; personally I prefer text.Secondly there is the problem that the Windows key is specific to Microsoft Windows; even within Apple’s perfumed prison, the tendency has been to move from vendor-specific (open Apple symbol) to generic (“Command”).

That is not to say that it is a poor idea in general – there is a lot to be said for a key to be used for generating short-cut commands to control the computer as a whole. A “computer command” key as opposed to an “application command” key (or “Alt”).

There are a few other oddities too, and it is quite possible that I will get back and update this post with incoherent rantings about those too.

Information Security As Medieval Town Defence

Computing, Security No Responses »

Dec 132012

I have been thinking a fair amount about Information Security recently; probably because I am in the middle of a SANS course which is rather more interesting than most IT courses I have been on. As I was walking in this morning, I was pondering how I would explain what I do to a distant ancestor. Not exactly the easiest of tasks given that what we do involves what would seem to be magic to someone from the distant past.

But an analogy did occur to me: What we do is somewhat similar to the militias that used to protect walled towns and cities in the medieval era; particularly during periods of the medieval era when central authority was somewhat lacking. Such as England’s “Anarchy”.

In the distant past (and in some cases, not so distant past), towns could be at risk of being sacked by brigands for profit or for some “military” purpose. Those living in towns were obviously somewhat reluctant at this possibility, and in many cases would arrange for protection by hiring soldiers to protect them; the defences would often include city walls, a militia (paid or voluntary), etc.

Which is somewhat similar to what we do – we’re the soldiers hired to protect the “town” (a company or some kind of institute), and we build town walls (firewalls), and other defences. Obviously it is easy to take the analogy too far – we don’t get to fire crossbows at our attackers. But neither is it completely inaccurate, or indeed uninteresting.

Today we expect our central governments to arrange physical protection for us – we don’t expect to need to organise a militia to protect our cities; neither do we expect to held up at gun point to turn over our valuables. Yes there are exceptions, but they are sufficiently unusual that they are greeted with astonishment. And yes some companies with especially high value assets do arrange for additional protection over and above what is usually provided by the state.

But when you compare physical security with information security, it becomes apparent that we are still in the medieval era when it comes to information security. States are only just beginning to look at “cyberwarfare” and offer little other than advice to individuals or organisations looking for protection; it is common to hear that the police are simply not interested in looking at an issue unless the costs are less than £1 million.

If someone suffers financial harm through a phishing attack, our standard response is to blame them for being “stupid”. Whilst most phishing attacks do involve someone doing something stupid, it seems odd to blame the victim – who would blame the victim of a mugging?

Similarly when an organisation has some attackers break in, steal a whole bunch of database files which in turn contain tons of clear text passwords, or hashed passwords, we blame the victim. How could they be so stupid as to not protect that data? After all, it costs more to be careful.

So perhaps I could explain what I do as being an old warrior who has settled down in a town and runs the local militia.

Now if you’ll excuse me, it’s time for bed – time to hang up the crossbow and take off this horrible chain mail.

The NHS DNA Database

Computing, Security 2 Responses »

Dec 102012

Today it was announced that the NHS would be mapping the DNA of cancer patients (with their consent) to be stored and used by researchers. Which on the surface seems to be a perfectly sensible thing to do.

Of course there are those who are concerned with the privacy issue of the data being stored. Which is fair enough – any large storage of data like this is subject to privacy issues, and there are genuine fears that the data may be made available to private companies with no interest in health research.

Amusingly one of the comments was that the data would be made anonymous by removing any personal data from the data made available to researchers. Amusing because with the most personal data and ultimate means of identifying individuals is the DNA sequence itself – nothing can be more fundamental in identifying an individual than their unique DNA sequence.

On a more serious note, it is effectively impossible to make this kind of data completely anonymous. To be of any use the data in this database needs to include more data than just the DNA sequence – such as disease(s), treatments used, outcomes, etc. Whilst this may not be useful in identifying every individual taking part, it may well be enough to identify individuals with rarer combinations of disease and circumstances.

The Arrogance Of Leadership

Politics No Responses »

Dec 102012

In the last week, we have seen two example of the arrogance of leadership; on both occasions David Cameron has unilaterally decided that the considered opinion of a group of experts is wrong and his snap judgement is right. Of course he is not the only example of this sort of thinking – most Prime Ministers of the past have committed the same sort of error of judgement.

The two decisions in question were the response to the Leveson report, and today’s report on the future of recreational drug legislation. In both cases, people have gone to a considerable effort to consider what to do about certain issues. And of course have spent a lot of my money on doing so.

I do not resent my money being spent on such things; what I do resent is that some puffed up politician is wasting my money by not spending an appropriate amount of time considering the report(s).

A snap decision is necessary in some circumstances, but not in these circumstances! There should be nothing wrong with a political leader saying that they would like to spend some time considering the report – rather than respond with gut instinct to the report’s headlines.

Ripping up a report within hours of it being released is contemptuous of the work that has gone into it, and wasteful of taxpayers’ money.

It may well be that ignoring the report’s recommendations is the right thing to do, but to do so too quickly is definitely the wrong thing to do.

The James Bond Film Character

Uncategorized No Responses »

Dec 022012

If you were to pop into a Leicester Square cinema to watch the latest episode of the James Bond saga (Skyfall), and notice a small group of non-descript people pissing themselves with laughter at the most inappropriate moments it is entirely possible you have spotted a works outing from SIS. Because James Bond is about as far as you can get from a genuine SIS intelligence officer as you can possibly get.

That is not to say that Ian Flemming was not aware of what he was doing when he created the James Bond character – he was part of Naval intelligence during the war, and undoubtedly met many intelligence officers as well as officers from more “activist” agencies. The closest British agency that James Bond might be a member of is the old war-time SOE. And even there, his activities are far too public and extreme.

If anything, James Bond most closely resembles another fictional character: The Cleaner from the film Nikita. Whilst James Bond seems charming, he is in fact a cold blooded killer. A psychopathic tool wielded by the British government, and sent into situations where a “cleaner” is required.

James Bond was always envisaged as an entertaining character getting involved in many exciting adventures whereas real intelligence work is probably quite boring … ignoring the possibility of getting caught of course! Intelligence agents on the other hand may be involved in slightly more exciting activities, but any agent who starts to live too an exciting life is likely to get dropped by his or her controlling officer like a hot potato.

Real intelligence work is supposed to be secret; any operation that becomes public knowledge can be considered to be a failure. The purpose of an intelligence service is to gather intelligence. And to do so secretly.

That is not to say that covert operations are not always a bad idea, although they do have a poor reputation. Perhaps because only the poor ones get known about. But such operations are not what intelligence services are about, or what they are good at. The clearest demonstration of this were the strained relations between SIS and SOE during WWII which were not simply because some SIS officers did not like the young upstart, but because SIS and SOE operations were different and could sometimes have a negative impact on each other.

And back to James Bond. Does the fact that he has very little to do with the real SIS mean anything? Only if you want the James Bond films to be a documentary on the activities of SIS; if you want entertainment, he certainly provides that.

Everyone has their own favourite actor playing James Bond, but I think this is a mistake. All of the actors playing Bond have been quite talented; it is the story that makes the difference, and the tone of how the story is told. Different Bond eras have different flavours; the Sean Connery era was serious with a touch of humour, the Roger Moore era become so humorous that it was verging on becoming “Carry On Spying”, and the later Bond films went back to being serious. Perhaps even more serious than the early films.

Which you prefer is down to your personal tastes, but my liking is for the more serious films.

There are claims that James Bond is misogynistic, which is understandable but completely wrong. He is a mirror of the society that he finds himself in – if he seems misogynistic, it is the society that is misogynistic. After all we never see the real Bond; he is always playing a role to fit in as an upper-class twit.

And as for his sexual adventures, there is more than one hint throughout the films that more than a few of his “conquests” are to do with his job, and that he might prefer to have nothing to do with certain women. It is interesting to compare how people react to real characters such as Cynthia who also exploited her sexual conquests.

We always seem to think of upper-class twits as being like Bertie Wooster, but they were not all like that. It is easy to overlook the past when the upper-class twit actually had considerable power, but that is when the world’s largest empire was built – the British Empire. And upper-class twits had a considerable amount to do with the foundation of that empire.

Whether James Bond is an upper-class twit or is just pretending to be one, we will never know. But it is a good disguise.

As to how he is invulnerable to bullets, we will never know.

Older Entries Newer Entries