You're in a restaurant with a group of friends. The waiter won't let you split the bill, so you offer to pay for it on your card and have your friends send you their share. How much would you charge them for that service?
That sounds absurd, right? OK, you might agree to split the bill evenly and maybe come out one drink in profit - but it's still a bit of a social faux pas to deliberately make money off your mates.
Recently, I was asked if I'd like to run a market stall at a geek event. There would be a bunch of traders there, and I could have a little pitch where I could sell the various gadgets, trinkets, and bits of art I've made over the years.
But the whole thing weirded me out and I'm trying to understand why.
Everything I could make and sell would involve me buying stuff at wholesale price and selling retail price. Like, I get that's the way commerce works, but it also feels kind of… I don't know how to explain. Rude?
If I buy 100 things at £10ea, assume I only sell 75% of them, plus VAT, plus credit card charges, then I have to sell for £16.50ea just to break even.
That doesn't account for my time spent buying them. Nor does it include dealing with returns, breakages, or any other expenses. I also need to pay corporation tax on my profits.
Speaking of which, that £16.50 above doesn't include any profit! If I wanted to make the enterprise worthwhile, I'd probably need to charge at least double the wholesale cost - which would probably reduce the number of people buying.
I've loved all the weird things I've purchased at hackspaces and conferences. And certainly I don't feel ripped off by the merchants. I can't wait to buy my friends' art, books, and gadgets. But it feels weird when it is me doing it.
I guess one issue is that this isn't my main source of income. I'm gainfully employed - so any extra income from selling stuff would really be in the category of fun money. Don't get me wrong, more money is always useful, but this would be a lot of effort for a relatively small amount of money, all of which I don't really need.
Also, and I realise this is my problem, I don't see my time and expertise as valuable in that way. I'd much rather show you how to build a thing, or blog the instructions, or help you understand how something works.
Finally, I think I feel this way because I see all the people I meet as friends. If we're at a weird hacker event, there's a good chance we have something in common and I'd be delighted to share a pint with you.
Does anyone else feel this way? Do you happily make fat stacks of cash from your peers? Am I just weird and neurotic? Let me know in the comment box. It's free.
Book cover for Understanding Privacy.Heather Burns has an absolutely deft way of turning the sometimes-dull world of digital privacy into entertaining, informative, and actionable prose.
Too many of these sorts of books end up being a list of woes and end with "someone should do something, I guess?". Understanding Privacy is different. All the way through the mantra is "You are someone! You do something! And here's how..."
Digital privacy is, I think it is fair to say, not a universally loved topic. Too often it is seen as shrill pedants lobbing fines at unsuspecting companies. The reality is somewhat more prosaic. This is a journey we all have to go on - wherever we work in the digital world.
It would be easy for this book to descend into just being a mega-long checklist. But, while there are a fair few lists, they are backed up with practical steps which can be taken by both people and companies. Some of them are wickedly witty:
Please use https://, because seeing http:// this late in the game is not the sort of ’90s flashback I enjoy.
I especially enjoyed the reframing of certain privacy mavens as "privacy ableists" - those who "criticise a person with a disability for owning an Alexa device, taking no regard for the benefit it has brought into the disabled person’s life."
I also got emotional whiplash after hearing some people described as "privacy shamers" - those who "harass anyone who is doing their best to change tech companies from the inside as being collaborators on par with the Vichy regime."
The book is full of interesting links out to further resources. Although, I should point out that links like https://smashed.by/cnilrights go via the short.io service. Which probably makes me a privacy pedant 😆.
This is an empowering read. It isn't designed to make you feel hopeless at the state of the world but, instead, it asks you to reflect on what you're doing and what you should be doing.
The final question should be the one which weighs on you heaviest: How am I going to feel about myself if I continue to work for this company and develop this product?
I have a mixed relationship with the FIRE movement. It basically boils down to "spend less, save more, then you can retire once you've save 25x your annual spend". That's it.
As Michael Taylor writes, some people fetishise the "spend less" part. If you deny yourself all pleasure, he argues, then life isn't worth living. That's probably broadly true.
But he makes a fundamental mistake in his calculations:
Let’s assume that you’re able to invest an extra £10,000 per year by living miserably now in hopes of a brighter future (bear in mind the average full-time salary in the UK is around £35,000 and that’s before tax).
The S&P 500 has historically averaged around 10pc per year, so if we assume a compound annual growth rate of 8pc across 20 years, you’d have £46,609.57.
Yes. £10,000 getting 8%, compounded over 20 years is "only" £46k. Not really enough to retire on. So don't bother saving! Spend! Spend! Spend! Feed the capitalist machine!
But, that's not the assumption being made. Read closer:
you’re able to invest an extra £10,000 per year
You add £10k, get 8%, you now have £10,800. Next year you add another £10k, meaning you get 8% on £20,800. A total of £22,464.
Repeat that for 20 years and what do you end up with?
£540,838.79
Yup! Over half a million quid. That rather changes things, doesn't it? If you started investing at age 30 and stopped at 50, you could retire early and live off the proceeds of £500k until your state pension kicked in2.
But how much is £10k per year really? It is a lot for most people but can be structured in a more manageable way.
Let's assume you're part of a couple3. People who live together spend less on housing, utilities, food, entertainment, etc.
If you're part of a couple, you only need to save £5k per year each. How much is that?
£96 per week. Or £14 per day.
Actually, it is even cheaper than that. If you open up a LISA4, you can deposit a maximum of £4k per year and the Government will give you a £1k bonus.
To invest £4,000 per year, you'd need to save... £11 per day.
I don't want to go all "Millennials just need less Starbucks and avocado toast!" but... yeah. If you're the sort of person who buys a meal-deal for lunch5 how much of that can you save per day by making your own sandwiches?
A pint less here, a cheaper bottle of wine there, going to the lower resolution Netflix, all the other boring budgeting tips you've heard of6.
£11 per day, each, for 20 years, gets you half a million quid.
That's what the FIRE movement is about. Getting people to realise that a small sacrifice now will pay off in the future.
Michael Taylor's article is correct. You probably shouldn't live on a diet of bread and water, never seeing friends, not going on a spontaneous trip to France; life is for living. Make the most of it!
But, also, life is for living, not working. If you take small actions now, you can free yourself from drudgery later.
OK, OK. This isn't a particularly severe security bug, but I found it interesting.
The Matrix messaging app "Element" lets you sign in to your account on multiple devices. In order to prove those devices are controlled by you, the app asks you to verify the other sessions. This is broadly sensible.
You sign in to the web-based messenger, then you sign in to the Android app. The web asks you if you just signed in, you say yes. The app then says "scan the code shown on the website". You do. And then both devices ask if the logo displayed is identical.
Are those two the same shield? They're both the same shape. They're both green. They both have a tick. But the tick is a different colour!
I suspect this is because the shield on the web has a transparent tick and expects the background colour to be white. But, when in Dark Mode, the background is grey.
Interestingly, my phone was also in Dark Mode - but the image has a solid white tick.
I'm not sure if it is specifically a bug in Matrix or Element (and, TBQH, I'm hazy about their relationshp) so I've raised it on Element's GitHub.
But, let this be a lesson to you. Test all of your interface with all of your different themes. And don't use transparency to convey important security information.
This is a retropost. Written contemporaneously, but published long after the events. At the time, I was a Civil Servant in Cabinet Office. Now I am not. But as we're heading for another General Election, I thought I'd share this post.
It's the evening of the 2019 General Election. I am plagued by two thoughts.
Briefly stated, the Gell-Mann Amnesia effect works as follows. You open the newspaper to an article on some subject you know well. You read the article and see the journalist has absolutely no understanding of either the facts or the issues. Often, the article is so wrong it actually presents the story backward-reversing cause and effect. You read with exasperation or amusement the multiple errors in a story-and then turn the page to national or international affairs, and read with renewed interest as if the rest of the newspaper was somehow more accurate about far-off Palestine than it was about the story you just read. You turn the page, and forget what you know.
And
The pre-election period (purdah) is the term used to describe the period between the time an election is announced and the date the election is held. Civil servants are given official guidance by the Cabinet Office on the rules they must follow in relation to Government business during this time.
People tweet wrong things all the time. But, during this election, I've seen people I admire and respect tweeting out things I know to be false.
I don't mean slightly wrong about an esoteric policy. I mean balls-to-the-wall, head-up-the-arse, foot-in-mouth, inexcusably wrong.
I get that part of politics is enraging people to gather them to your cause. But these were people who I eagerly followed so that I could understand what was going on in an increasingly complicated world.
In normal circumstances, I'd've argued with them online. Sure, it's neither healthy nor a good way to change people's minds - but it would be something.
Purdah - a somewhat politically-incorrect term - prevents Civil Servants from commenting on things during the election. It's a sensible policy - but a bit annoying when People Are Wrong On The Internet. In fairness, I probably shouldn't get involved in arguments - that's best left to the press team.
But I am conflicted. I have first-hand, expert knowledge about a subject. I can objectively prove my arguments. Why shouldn't I be able to correct people's mistakes?
Even worse - and the thing that mildly terrifies me - if my idols are wrong about that thing, what else are they wrong about?
OK, you can argue about whether Kirk and Uhura were forced to kiss in that episode. But how does anyone look at Star Trek - with its women on the command bridge, anti-colonial stance, and mixed-race crew - and not think it was a bastion of progressive causes? Star Trek is explicitly political. It isn't hidden in the subtext. You don't have to search for clues as to what the writers were trying to say.
Star Trek isn't complicated.
But some people only see the laser guns and exploding space ships. They're not looking at the text, they're barely even comprehending the narrative journey; they only see the flashing lights and gaudy costumes.
Kenny isn't wrong. But I am disturbed by the sheer number of people who don't have even a surface level of understanding of the media they're consuming. I know that lots of people don't get satire, but most TV isn't trying to bamboozle its audience.
I think there is a fundamental disconnect between people who consume and people who understand.
I saw a prominent AI proponent asking why people always focus on the things that AI gets wrong. AI works so well, he asserted, that it was churlish and childish to focus on a few minor mistakes?
Which reminds me of an experience I had a few years ago. I was in a rural pub and got chatting to one of the locals. We were getting on great, so I asked him what his name was. "You know," he said, "I've built houses for everyone in this village, but do they call me John the Builder? No! I repaired everyone's cars when they broke down, but do they call me John the Mechanic? No! I was the one who helped design the new school, but do they call me John the Architect? No!"
He took a sip of beer, looked rueful, and sighed. "But you shag one sheep..."
What else is there to say? The intern who files most things perfectly but has, more than once, tipped an entire cup of coffee into the filing cabinet is going to be remembered as "that klutzy intern we had to fire."
Should we forgive and rehabilitate people? Sure, some of them. But if someone has repeatedly failed - sometimes in catastrophic ways - it's OK to discard them.
In my experience with various LLMs, they're getting better at imitating human-writing, but show no signs of improving when it comes to being able to reason. Their accuracy is demonstrably just as poor as it has ever been. Even my Alexa gets things wrong as often as right.
Anyway, I asked ChatGPT what it thought of the joke:
The punchline relies on the juxtaposition between the man's numerous, significant positive contributions to his community and the singular negative action that tarnishes his reputation. It illustrates how a single indiscretion can disproportionately impact how a person is perceived, despite their otherwise commendable actions.
I'm terrible at networking. I forget people's names minutes after meeting them, I never have business cards and lose the ones I'm given, and I can't go five minutes without burbling some nonsense. But I recognise that networking is a skill and, like any skill, it takes practice to succeed.
I've always been told that success isn't always about what you know, but more about who you know. So how does someone who is introverted, bad at small talk, and terrible at sending follow-up emails get to know people?
The answer, as always, is to let other people do the hard work.
I realise that asking lottery-winners for advice on how to pick your numbers is not a reliable method for becoming a millionaire - but I'd like to explain how I network and where it has got me.
Several years ago, I lost my job. I knew it was coming, but it still felt shitty. At midday, I rang my wife, told her what had happened and said that I was coming home.
"What about your presentation tonight?" she said. I'd forgotten that I had a Mobile Monday talk in my diary. Frankly, I couldn't think of anything worse than standing up in a room full of employed people and bleating on about my side projects.
"Nah. I'm just not up for it," I said.
"Look, you never know who is going to be there. You can enjoy your unemployment tomorrow."
So, I did the talk. I chatted with people (whose names I instantly forgot), picked up business cards (which are still in a pile somewhere), and drank a bit too much free wine. Then went home to cry.
A few days later, I had an interview with a trendy new startup! The very first thing that the CEO said to me was "Nice to meet you - I loved your talk at Mobile Monday last week!"
I got the job. Not necessarily because of how awesome a speaker I am - but it certainly helped that I received a round of applause from people in the industry.
Several months later and I was touting for work again. A casual acquaintance told me her firm was hiring. I went in to meet the manager and, again, almost the first thing she said was "We saw your talk at Mobile Monday - it was great!"
Two birds - one stone 🙂
More recently, I've got speaking gigs because people have said that they've watched my talks online. I've had more interviews where people have asked for me by name after reading one of my blog posts. I've had journalists call me up for "expert commentary" because they've seen that I've been posting on social media knowledgeably about a specific subject.
Relentless self-promotion is exhausting and - I think - off-putting to most of your audience. That's not the aim here.
So here are my vague thoughts on how to get people to know you:
Don't talk about yourself - talk about what interests you.
Don't insert yourself mindlessly into a conversation - build up a rapport with people you admire.
Don't be a "brand" - people see through that.
Do put yourself out there - go to events where you have only a vague interest in the subject.
Do ask. Tell people you'd like to present, or write a blog post, or help them organise.
Do be prepared to fail. Most people won't remember the things which go wrong; but the effort pays dividends.
I've got about another 10 months left at my current job and after that... I don't know what I'll do. I've already moved down to 4 days a week in an effort to glide down to FIRE. Do I really want to go back up to 5 days? Could I find somewhere that would be happy with me doing 3 days? Can I be arsed to constantly hustle for ad-hoc client work?
Can't I just stop?
What would happen if I took a gap year? A sabbatical? A full year of not working?
I'm lucky enough to have enough savings for this venture. I've got me a wife who could also do with taking a break from her career.
So could we...?
The obvious downside is a year without earning any money.
The next issue is returning to work. "Can you explain this absence on your CV?" Oh, yeah, I just decided to quit for a bit. I'm not sure how attractive that is to future employers.
And the final issue is... to do what? Backpacking round India? Gardening? Eating our bodyweight in cheese?
I'm pretty sure this is what I want to do. Take a year or so out. Recharge. Reconfigure. So the next few months are going to be planning on what that looks like.
If you've ever taken a voluntary mid-career break, I'd love to hear what you did and how you planned it.
Book cover - a red land with a spoon in the foreground.Fourteen years ago, I read Fforde's Shades of Grey and my life hasn't been quite the same since. It was a magical tale, almost totally devoid of exposition, building in an fantasy world like no other. Fans have been clamouring for a sequel ever since.
The first few chapters of the sequel do an excellent job of exposition - but this isn't the sort of book you can pick up without having recently read the original. I got a dozen pages into Red Side Story before I realised that I remembered nothing about the original. So I went back to read Shades of Grey. I'm delighted to say it was just as good as I remember - a delirious ride through a messed up world.
The second book is… more of the same. It slowly reveals more of the backstory and its grim origins. It builds to a rather satisfying conclusion. Along the way it gets a little tied-up in its own rules, and makes some weird pop-culture references. But never fails to be brilliantly perplexing in its structured surrealness.
In one my smarter moments I likened our era to someone arriving late to a concert, just as the final chords were hanging in the air.
If you like Fforde's inventive and bizarre worlds, you'll like this. But, I warn you, it really needs you to have read Shades of Grey first.
By and large, the English language doesn't use diacritical marks. Even our loanwords are stripped of them; we drink in a cafe rather than the more pretentious café. This has a consequence for HTML and, by extension, eBooks.
As a quick primer, modern computing gives us two main ways of displaying a letter with an accent. The first is simple - encode every single accented letter as a separate "pre-composed" character. So è (U+00E8), é (U+00E0), ê (U+00EA, and ë (U+00EB) are all stored as different codepoints.
But this seems a little inefficient and can make it hard to search through text for an exact lexical match.
So there is a second way to add accents. You take the base character - e (U+0065) - and then apply a separate "combining" accent character to it. For example the combining accent ◌́ (U+0301). That means you can add an accent to áńý ĺét́t́éŕ!́
Note, the accent ◌́ (U+0301) is separate from the character ´ (U+00B4). In fact, most accents have a pre-composed, combining, and separate form. This, understandably, causes much confusion!
Here's a good example. I was reading the excellent Fallen Idols, when I noticed this typesetting bug.
It's always hard to transliterate languages. The Victory Arch in Iraq is known as قوس النصر, and usually written in English as the "Swords of Qādisīyah".
Examining the HTML code in the eBook, it was obvious that the publishers had used a macron ¯ (U+00AF) rather than the combining version ◌̄ (U+0304).
I've reported it to the publisher. I've no idea if they'll fix it in a subsequent re-issue.
For those who don't know, OSM (OpenStreetMap) is like the Wikipedia of maps. Anyone can go in and edit the map. This isn't a corporate-controlled space where your local knowledge is irrelevant compared to the desire for profit. You can literally go and correct any mistakes that you find, add recently built roads, remove abandoned buildings, and provide useful local information.
Editing the full map is... complicated. For simple edits like changing the times of a postal collection, there are simple forms you can fill in. There's also an aerial view so you can drag and drop misplaced locations. But for anything more complicated than that, you'll need to spend some time understanding the interface. There's a friendly community who are happy to check or correct your submissions.
I'll be honest, I don't use the web editor much. Instead, I use the Android app StreetComplete. It's like an endless stream of sidequests. As you travel through the world, it will ask if a shop is still open, or if the highway is lit, or how many steps there are on a bridge, or whether a playground is suitable for all children, or if restaurants serve vegetarian food, or if a bus-stop has a bench, or... the list is almost endless!
I use it when I'm walking around somewhere new, or on holiday, or waiting for a bus. I used it so much that, for a short while, I became the #1 mapper in New Zealand!
So get stuck in! Make mapping more equitable and more accurate.
In a recent episode of Doctor Who, we see a lovely sequence where The Doctor has a nice chat with Paul McCartney of The Beatles. Great larks! The Doctor often meets real people - Dickens, Shakespeare, Rosa Parks. But, crucially, all those people are dead by the time the episode airs.
Macca is unusual because we could, theoretically, call him and ask what it was like meeting The Doctor1.
So, how many times has The Doctor met a historical figure who is alive in the viewers' time?
Not many, by my count. There are a few people who play themselves (like Brian Cox and the band McFly) but don't actually meet The Doctor. There are many people who are real, but dead (like Agatha Christie). If I stick to the main TV series, I think the contenders are...
Sylvester McCoy's 1988 story The Silver Nemesis sees him sort of meet both the musician Courtney Pine and almost Queen Elizabeth II (died 2022). The Queen mentions knowing The Doctor towards the end of 2007's The Voyage of The Damned
We do not talk about Colin Baker's 1985 story A Fix with Sontarans!
William Hartnell's Doctor meets Bing Crosby and Charlie Chaplain (both died 1977) in the 1965 story The Dalek's Master Plan which, sadly, is lost to the ages. While there are photos, I don't think a clip survives.
Are there any others that I missed? Stick a note in the comments!
I've tried, but his office aren't returning my calls. ↩
Some people celebrated when Saddam's statue was toppled in Iraq. Yet those same voices condemn the felling of Coulson, Rhodes, and a dozen other statues. Why?
Alex von Tunzelmann has a knack for getting to the heart of history in an accessible manner. There isn't a hefty amount of ponderous academic theory to wade through - just well researched stories mixed with contemporary accounts.
Statues don't have human rights. But our primitive brains sometimes seem to confuse the icon for the individual. When we have a parasocial relationship with a historical figure, it can be distressing to see their "body" being attacked and beaten by a mob. But the statues are of men, not gods. They weren't infallible in life and deserve to fairly assessed in death. A statue is the physical manifestation of propaganda - they are adverts for a cause. Pulling down a statue is a direct response to unwanted and offensive advertising.
The only weakness is that there are no photographs or etchings of the statues in question. The descriptions are vivid, but there's no substitute for seeing the article in question.
Towards the end of the book, she mentions the Empty Library in Berlin. It is a memorial to burned books. And this is where my thinking gets confused. Burning an individual book does not destroy history, nor does it harm a cause, or directly threaten an individual. Yet I have and instinctive liberal disgust at the sight of a book burning. I'd say I'm no less repulsed by it that a reactionary is at seeing a statue being pulled down.
Could someone write a similar set of essays defending book burning? Are there arguments to be made that some books are a monument to evil and their presence in libraries is a symbol of oppression? Fallen Idols makes a convincing case that merely putting a plaque on the side of a statue to explain historic context is insufficient - is the same true for the preface of dangerous book?
Fallen Idols is an excellent and well-told set of history stories. Highly recommended.
Less than a year ago, in August 2023, we installed a 4.8kWh Solar Battery at a cost of £2,900. Whenever I talk about the upfront capital costs of solar power, people rightly want to know what the payback period is.
Well, after less than 10 months, the battery has given us 1MWh.
To put that in to context, the average UK household uses about 3MWh per year. So (again, very roughly) over a third of our electricity use this year has come from the battery.
But where does the battery get its energy from? We have two sources.
First is solar. When the sun is shining, our solar panels produce electricity. That flows down from our roof and into our mains wiring where it is used by the home. If we are using less electricity than is being produced, the electricity flows into the local grid and we get paid for selling our surplus.
Our battery has sensors attached to the grid connection. When it detects surplus generation, it starts charging. By constantly monitoring our overproduction, it can charge up with free solar power.
But the sun doesn't always shine (ain't that the truth!) so there are days when our solar production is less than our usage.
In these cases, the battery charges from the electricity grid. We have a smart tariff which changes price every 30 minutes. The battery knows the day's prices and can predict our daily usage. If it can see that electricity is cheap at 3am and expensive at 4pm, then it will charge up during the early hours of the day and discharge at peak time.
The battery occasionally sits idle. Mostly when it has fully charged but knows an expensive period is coming up later.
What does that mean for money?
Well... it's complicated! When the battery charges from solar, is the electricity free? No! If we were to sell that surplus electricity to the grid, we would be paid 15p/kWh.
When the battery charges from the grid, is the electricity expensive? No! Because we are on a dynamic tariff, we occasionally get paid to use electricity! Our provider has paid us up to 5p/kWh to charge!
When the battery discharges, how much does it save us? Again, complicated! Because we're on a dynamic tariff our prices change every 30 minutes. Sometimes the rates are as high as £1/kWh, other times they're 1p/kWh. Generally speaking, the battery only discharges if the price of use is higher than the cost of acquisition.
So... I've fudged the figures! For the first year of operation, energy prices have been high. Based on a back-of-a-fag-packet calculation, I reckon the battery saves us an average of about 31p/kWh. Call it about £360 per year in savings.
That gives us a payback time of about 8 years.
Of course, if electricity prices spike, payback will be quicker. If they crater, it'll take longer. If we switch to electrical heating or get an electric car, the savings will be greater.
Domestic battery technology is still a bit of a tough sell. The batteries are large and their fans are noisy. The cost of materials and installation is high and their capacity is relatively small. But the technology behind them is sound. With a dynamic energy price tariff, they're one of the best way to reduce utility bills.
You receive a call on your phone. The polite call centre worker on the line asks for you by name, and gives the name of your bank. They say they're calling from your bank's fraud department.
"Yeah, right!" You think. Obvious scam, isn't it? You tell the caller to do unmentionable things to a goat. They sigh.
"I can assure you I'm calling from Chase bank. I understand you're sceptical. I'll send a push notification through the app so you can see this is a genuine call."
Your phone buzzes. You tap the notification and this pops up on screen:
This is obviously a genuine caller! This is a genuine pop-up, from the genuine app, which is protected by your genuine fingerprint. You tap the "Yes" button.
Why wouldn't you? The caller knows your name and bank and they have sent you an in-app notification. Surely that can only be done by the bank. Right?
Right!
This is a genuine notification. It was sent by the bank.
You proceed to do as the fraud department asks. You give them more details. You move your money into a safe account. You're told you'll hear from them in the morning.
This is reasonably sophisticated, and it is easy to see why people fall for it.
The scammer calls you up. They keep you on the phone while...
The scammer's accomplice calls your bank. They pretend to be you. So...
The bank sends you an in-app alert.
You confirm the alert.
The scammer on the phone to your bank now has control of your account.
Look closer at what that pop is actually asking you to confirm.
We need to check it is you on the phone to us.
It isn't saying "This is us calling you - it is quite the opposite!
This pop-up is a security disaster. It should say something like:
Did you call us?
If someone has called you claiming to be from us hang up now
[Yes, I am calling Chase] - [No, someone called me]
I dare say most people would fall for this. Oh, not you! You're far too clever and sceptical. You'd hang up and call the number on your card. You'd spend a terrifying 30 minute wait on hold to the fraud department, while hoping fraudsters haven't already drained your account.
But even if you were constantly packet sniffing the Internet connection on your phone, you'd see that this was a genuine pop-up from your genuine app. Would that bypass your defences? I reckon so.
Criminals are getting increasingly good at this. Banks are letting down customers by having vaguely worded security pop-up which they know their customers don't read properly.
And, yes, customers can sometimes be a little gullible. But it is hard to be constantly on the defensive.
I kept up the blogging for a few months, then it trickled off. I preferred posting on Usenet and other primitive forms of social media. But, by 2007, I was back to blogging on my own site again, and I never really stopped. This blog fluctuates between being a diary, an excuse to rant, and technical writing. It's my site and I can do whatever I want with it. That's rather freeing.
I have an "On This Day" feature of my blog. Every morning I check what I was writing about on this day in years gone by. I find it informative and meditative to see how much I've grown3 and what topics I keep returning to.
I'm not big on milestones or anniversaries. But it does feel rather nice to know that I started something a few decades ago that is still a going concern.
If memory serves, I found the BlackBerry in a colleague's drawer, asked to borrow it, then used social engineering to get the IT team to set it up for me. Fun times! ↩
Hot on the heels of yesterday's post, I've now made all of this blog available in text-only mode.
Simply append .txt to the URl of any page and you'll get back the contents in plain UTF-8 text. No formatting, no images (although you can see the alt text), no nothing!
This was slightly tricky to get right! While there might be an easier way to do it, here's how I got it to work.
Firstly, when someone requests /whatever.txt, WordPress is going to 404 - because that page doesn't exist. So, my theme's functions.php, detects any URls which end in .txt and redirects it to a different template.
// Theme Switcheradd_filter( "template_include", "custom_theme_switch" );function custom_theme_switch( $template ) { // What was requested? $requested_url = $_SERVER["REQUEST_URI"]; // Check if the URL ends with .txt if ( substr( $requested_url, -4 ) === ".txt") { // Get the path to the custom template $custom_template = get_template_directory() . "/templates/txt-template.php"; // Check if the custom template exists if ( file_exists( $custom_template ) ) { return $custom_template; } } // Return the default template return $template;}
The txt-template.php file is more complex. It takes the requested URl, strips off the .txt, matches it against the WordPress rewrite rules, and then constructs the WP_Query which would have been run if the .txt wasn't there.
// Run the query for the URl requested$requested_url = $_SERVER['REQUEST_URI']; // This will be /whatever$blog_details = wp_parse_url( home_url() ); // Get the blog's domain to construct a full URl$query = get_query_for_url( $blog_details["scheme"] . "://" . $blog_details["host"] . substr( $requested_url, 0, -4 ));function get_query_for_url( $url ) { // Get all the rewrite rules global $wp_rewrite; // Get the WordPress site URL path $site_path = parse_url( get_site_url(), PHP_URL_PATH ) . "/"; // Parse the requested URL $url_parts = parse_url( $url ); // Remove the domain and site path from the URL // For example, change `https://example.com/blog/2024/04/test` to just `2024/04/test` $url_path = isset( $url_parts['path'] ) ? str_replace( $site_path, '', $url_parts['path'] ) : ''; // Match the URL against WordPress rewrite rules $rewrite_rules = $wp_rewrite->wp_rewrite_rules(); $matched_rule = false; foreach ( $rewrite_rules as $pattern => $query ) { if ( preg_match( "#^$pattern#", $url_path, $matches ) ) { $matched_rule = $query; break; } } // Replace each occurrence of $matches[N] with the corresponding value foreach ( $matches as $key => $value ) { $matched_rule = str_replace( "$matches[{$key}]", $value, $matched_rule ); } // Turn the query string into a WordPress query $query_params = array(); parse_str( parse_url( $matched_rule, PHP_URL_QUERY), $query_params ); // Construct a new WP_Query object using the extracted query parameters $query = new WP_Query($query_params); // Return the result of the query return $query;}
You only need two files. An index.php and a style.css. The CSS file can be empty, but it needs to exist - otherwise WordPress won't let you activate the theme.
The index file displays the requested post, or front page, in plain text. It isn't the most sophisticated code I've ever written!
Obviously, there are no links - so you can't navigate. There are no images - but there's also no alt text. There are no embeds, scripts, styles, or other fancy things. Just plain text.
Dame Caroline Haslett was an electrical engineer who foresaw the way that electricity could be used to remove domestic drudgery from women's lives. There is a slim biography of her, written by her sister, which is sadly out of print.
It is a curious book. It dwells on her faith as much as her technical prowess. Her waistline is the subject of wry amusement. There's also the (naturally) dated views of the day to contend with along with an odd segue into spiritualism.
And, of course, you'll see nothing much has changed in the last 100 years.
With the Women's Engineering Society safely launched, Caroline found that she had two recurring types of problem with which to contend. The first was to deal with the difficulties that arose at factory floor level from the intrusion of women into what had been traditionally a masculine preserve, difficulties which she herself had area to admirably tackled by the enlightened management of the Cochran Boiler Company.
The second, and probably the more important task, was dealing with the problem posed by the steadily increasing number of highly trained women competing with men for managerial posts in the world of engineering. She was not interested in the problems merely for their own sake, but in the people behind the problems and in the whole field of industrial relationships.
It isn't enough to merely launch a product or service. It takes years to embed knowledge, experience, and desire into users. Haslett's power was recognising that the advantages of electricity weren't self-evident. It took a sustained campaign of education to get the public to understand the why and how of a new invention.
If you want to understand how the development of domestic electricity use in the UK happened, this is an interesting and useful book. It perfectly demonstrates how one headstrong person can influence the world.
It is a stunning look at how feminism directly influenced industrial policy.
Caroline herself wrote a book - "Problems Have No Sex" - which is completely unavailable as far as I can see. If any readers know where I can obtain a copy, please leave a comment.
This is a retropost. Written contemporaneously in 2020, but published four years after the events.
It's May 2020 as I write this. I'm typing to capture the moment. Right now, I've no idea what the impact is.
This is the exact moment, on Thursday May 7th, I hit the Big Red Button - three of them! - to open source the UK's COVID-19 Beta test app.
It was thrilling and terrifying. We'd spent the last few weeks getting ready to open source the repos and then, at the last minute, it all went wrong. The plan was to launch on Tuesday - but fate conspired against us.
The problems fell into three main areas:
Threats and personal safety. This was probably the highest profile code release that we'd ever done. There were already people grumbling online that the people writing the code were "traitors". Did we want to expose our people to that sort of personal abuse? What if they were targets of phishing attempts?
Redacting history. Probably the most contentious issue. We all wanted to release everything from the very first commit. Would that reveal anything dangerous? Had someone slipped and accidentally committed an API key they shouldn't?
Communications. The other most contentious issue! The department were in "crisis comms" mode. Everything was delayed. No one had reviewed the blog I'd written, there was no pre-arranged plan in place for this sort of thing. Understandable really - this was a tiny piece of a much larger puzzle. But it was still frustrating to wait for people to be ready for us to publish.
We took the pragmatic approach. We took a snapshot of the code, thoroughly scrubbed it of all identifying information and secrets, and prepared to release it. Then we waited. And waited.
Every time we thought we had the go-ahead, there was another delay! There was a strict comms schedule. We couldn't launch now; it would interrupt that other announcement!
I was asked to help rewrite bits of the announcements. This led to some memorable questions from the comms squad. How can you explain to the average user...
what "Source Code" is?
why the Android code is different from the iPhone code?
who are "Git Hub"?
And, the kicker? All these questions came in while I was on a conference call with a bunch of government ministers! The joys of multiple monitors!
It was interminable. I sent texts which went unanswered. Emails. Phone calls. Just a few minutes more. Any moment now. We need to wait for...
And then!
"Can we launch ASAP?"
Yes! The email I was waiting for. But I am a paranoid and cautious Fraggle. Was that "Launch now!" or "Can we launch now?"?
So I sent a reply. "Just to confirm - do you want me to publish now?" And waited.
And waited.
I got an email from my boss "Launch now!"
And a second later, from comms: "Please hold off - no go. Will call you shortly."
How I longed to press that button. I could say that I only saw the first email... No. Maybe. No.
An eternity. During which time I casually glanced at Twitter and read all the angry messages from people demanding the release of the code.
The call came. "Publish it - but don't tell anyone." Weird flex, but OK.
I called my very-patient wife into my home office. I wanted the moment captured. She opened her camera. A few clicks, and it was done.
— Terence Eden is on Mastodon (@edent) May 7, 2020
I did a little dance. Let all of the tension out of my body. And waited for the hate to roll in.
It didn't. The response was... positive! Yes, there were grumbles, but so many people were fulsome in their praise that it was overwhelming. Congratulatory tweets and emails did the rounds, and I had a nice cold ale.
I took the bank holiday weekend off. Well, I obsessively read all the tweets, answered questions about my blog post, and kept half-an-eye on GitHub. I'm not good at relaxing.
Has it worked? Did we make the NHS more open and transparent? Did open source win the day? Did the beta test work? Were lives saved? Or was it a damp squib?
As I write this, we're still in the eye of the storm. Perhaps, when this post is published, we'll know the answers.
They were basically fine, but they are hardcoded to your Virgin Media service so can't be used for anything else. I eventually swapped to a different router and they became useless. Virgin refuse to collect them (despite repeatedly promising to) so I decided to crack one open.
I was hoping there would be a reset pin or something in there - but I can't find any easy way to jailbreak them. Anyway, here are the photos.
A spludger around the edges was enough to pop off the plastic cover.
Splodges of pink gunk - which I assume is thermal paste rather than reconstituted meat - is present. Pulling the main circuit board out shows the power board.
Book cover for the glass hotel.This book didn't really resonate with me. I enjoyed both Station Eleven and Sea of Tranquillity, so I think I was expecting something in a similar vein. Instead of ethereal sci-fi, this is a tangled tale which feels like a mish-mash of half a dozen movies.
The central premise of a Ponzi scheme which warps the lives of those around it - which leads to a jumbled cast of characters, none of whom really get a chance to be fleshed out. The pivotal mystery at the start of the novel is resolved in such an inconsequential way that it feels mostly pointless to include.
It is beautifully written, charmingly constructed, but I felt like I was reading too many stories weaved together without a definable purpose.
The cast of Pippin.This has to be the campest, most ludicrously sequinned, joyous shows I've seen in quite some time.
I knew nothing about Pippin, but my dad saw it back in the 1970s and loved it - so I snagged us a couple of tickets. The story itself is fun enough; an over-privileged princeling goes off to find his purpose and finds himself waylaid by vices, murders, and ducks. It's a silly, wry, and self-knowing show. More like Into The Woods than anything else.
As this was an "in concert" production, I was kind of expecting the cast to just come out, sing into a microphone, and wander off. Instead, choreographer Joanna Goodwin treated us to the full "saucy-Fosse" - all bowler hats, shoulder jerks, and shimmying. The singing was, of course, divine. Alex Newell (Unique from Glee) was fabulous and soaked up the whooping and cheering from the audience like the star they are. Patricia Hodge - who was in the original 1972 production - returned and was obviously having a whale of a time prancing around with the dancers.
Half the audience remembered the original production, the other half were fresh-faced drama-school kids who relished the bedazzling displays of terpsichorean delights. Has Pippin got a cult following on TikTok or something?
I can't quite understand why this was only on for two nights. A dozen case members, a twenty-piece orchestra, and a 50-strong choir can't have come cheap. Are they prepping for a tour? I can only hope so!