It’s World Backup Day, folks. That means it’s time for you to look at your data and check that you’re backing it
all up to a satisfactory level.
Have a look at the computer you’re sat at. If it’s hard drive(s) broke, irrecoverably, or if it were stolen: what would you lose?
Me? I like my backups to go “offsite”, so I use online redundant storage to shunt my important stuff to (I use a personal Amazon S3 bucket and some software I’ve written for that purpose, but you don’t have to be that geeky to use online backups – just check the
World Backup Day website for suggestions). If you’re not quite so paranoid as me, you might make your backups to CDs or DVDs, or onto a pendrive. It doesn’t take long, and it’s
worth it.
Backups are like insurance.
Now go celebrate World Backup Day by making some backups, or by checking that your existing backups restore correctly. You’re welcome.
I have been uneasy for a while about my passwords, but being dyslexic and a bit lazy there was not an obvious solution to make it more secure and not lock me out. The problem that I
have is anything that requires memorising a string of letters numbers and symbols just does not work in my brain. I have over come this for my normal passwords by having a small
number (around 5) and adding a new one every so often and losing an old one. I take two to three words that I can spell (not a very long list) and then change them with substitution
of some letters for numbers. On one occasion I managed to get punctuation in there also. However, they are used in many sites, and are easily broken in to.
Following Dan’s post on passwords combined with a visit to Dan we started looking at other solutions and settled on last pass. This looked like a good option for us. I very carefully
set up the account paying close attention to where it said make sure you remember your password. The first password I chose was tolerably strong, I had not used it before and it
followed the proven pattern of how I remember passwords. When I typed it in to change something it would not work. Knowing that lastpass will not let me do anything if I cant remember
my password I made a word doc changing each part of the password to see where I went wrong and trying it in the filed, fourth time lucky I got the password. I then realised that this
was not going to work as the bit I got wrong was an inconstancy of treating one letter as a number. So I reset my password using the old copied password.
I texted myself my new password and copied it from my phone, checked that it worked with a second sign in. Then I continued to set up my sites for last pass to sign in. When Kit came
home we decided it was best if I had to write out my new password as often as possible to get it in to my head, this did not work. And after 20 min of trying every combination I could
think of the same way I had before I called Kit through to see if he had any ideas. In the end the only option was the delete account and start again option. So we hit show password
on the screen and copied each password in to a word doc, then we shut down the account.
This morning I have set up a new last pass account, and because my dyslexia has not gone away over night I have a new stratagie. I use SuperGenPass to change a simple password in to a
more complicated password and the resulting password is used to sign in to Last Pass. This might seem convoluted, but in a world where things that I can remember are so insecure that
polite coughing will open them up to anyone who chooses it is one of the few options that give security and will allow me to access my own accounts.
Anyway, I have to now go and change all my passwords again as the were made insecure in the rescue mission, but this time I have confidence of it working.
However, in the meantime somebody’s one-upped me and has put in a Freedom of Information request, which – of course – the law mandates that they respond to. I should’a
thought of that. Anyway, you can read the request here, and there’s options to follow it by RSS and/or email if you want updates.
Update (27th April 2011):Still no word in response to the FoI
request.
If anybody’s interested, I’m lugging around a sackload of Diaspora Alpha invitations. If you’re the kind of person who’s
likely to want one, then you’re probably the kind of person who already knows what
Diaspora is, so I shan’t go in to any further detail here.
Leave a comment if you want one, being sure to fill in the “Email” field of the comment form with the email address you’d like your invitation sent to. See you on the flipside.
If you see me in person, you’ll know that this is something I rant about from time to time. But that’s only because people consistently put themselves and their friends at risk,
needlessly, and sometimes those friends include me. So let me be abundantly clear:
If you’re reading this, there is at least a 95% chance that your passwords aren’t good enough. You should fix them.
Today.
Let’s talk about what what we mean by “good enough”. A good password needs to be:
Long. Some of you are still using passwords that are shorter than 8 characters. The length of a password is important because it reduces the risk of a robot “brute
forcing” it. Suppose a robot can guess 1000 passwords a second, and your password uses only single-case letters and numbers. If you have a 4-character password, it’ll be lucky to last
quarter of an hour. A 6-character password might last a week and a half. At 8-characters, it might last a few decades. Probably less, if your password makes one of the other mistakes,
below. And the robots used by crackers are getting faster and faster, so the longer, the better. My shortest password is around 12 characters long, these days.
Complex. Remember how long an 8-character password lasts against a “brute force” attack? If you’re only using single-case letters, you’re reducing that by almost a
third. Mix it up a bit! Use upper and lower case letters, and numbers, as standard. Consider using punctuation, too. There’s no legitimate reason for a website to demand
that you don’t have a long and complex password, so if one does seem to have unreasonable requirements: write to the owners and threaten to take your business elsewhere if they don’t
get with the times.
Random. If your password is, is based on, or contains a dictionary word (in any language), a name or brand name, a date, a number plate or (heaven forbid) a national
insurance number, it’s not good enough. “Brute force” attacks like those described above are usually the second line of attack against properly-stored passwords: first, a robot will
try every word, name or date that it can think of, with and without capitalisation and with numbers before and afterwards. Many will also try common phrases like “iloveyou” and
“letmein”. WikiHow has a great suggestion about how to make
“random” passwords that are easy to remember.
Unique. Here’s the one that people keep getting wrong, time and time again. You should never, never, use the same password for multiple different
services (and you should be very wary of using the same password for different accounts on the same service). This is because if a malicious hacker manages to get your
password for one site, they can now start breaking into your accounts on other sites. Some people try to get around this by keeping two or three “levels” of passwords, for low-,
medium-, and high-security uses. But even if a hacker gets access to all of your “low” security sites, that is (these days, frequently) still a huge amount of data they have
with which to commit an identity theft.The other big reason to make sure your passwords are unique is that it makes it safer to share them, if the need arises. Suppose that for some
reason you need to share a password with somebody else: it’s far safer for everybody involved if the password you share with them works only for the
service you wanted to give them access to. Every person you trust is one more person who might (accidentally) expose it to a hacker by writing it down.Even if you have to memorise a
complex “master” password and keep in your wallet a list of random “suffixes” that you append to this master password, different for each site, that’s a huge step
forwards. It’s also a very basic level of two-factor
authentication: to log in to your Twitter account, for example, you need your master password (which is in your head), plus the Twitter suffix to the password (which is
written down in your wallet).
There’s been a wave of attacks recently against users of social networking websites: an attacker will break into an insecure web forum to get people’s email addresses and password, and
then will try to log in to their webmail accounts and into social networking sites (Facebook, Twitter, etc.) using those same credentials. When they get a “hit”, they’ll explore the
identity of the victim, learning about their language patterns, who their friends are, and so on. Then they’ll send messages or start chats with their victim’s friends, claiming to be
their victim, and claim some kind of crisis. They’ll often ask to borrow money that needs to be wired to them promptly. And then they’ll disappear.
In this interconnected world, it’s important that your passwords are good not only for your benefit, but for your friends too. So if you’re guilty of any of the “password
crimes” above – if you have passwords that are short (under 8 characters), simple (don’t use a mixture of cases and include
numbers), predictable (using dictionary words, names, dates, etc.: even if they include a number), or re-used (used in more than one place or
for more than one site) – change your passwords today.
SuperGenPass – a very good way to use a strong, unique password for every website without having to remember multiple
passwords. Free.
KeePass – a great way to use a strong, unique password for every site and service without having to remember multiple passwords.
Free.
LastPass – another great way to use a strong, unique password for every site and service without having to remember multiple
passwords. Free (or cheap, for the premium version).
I’ve just sent a letter to the Office of National
Statistics, about the 2011 census. In case you’re interested,
or if you’d like to send a similar letter to ensure that your own living arrangements will be correctly recorded, you’re welcome to use it as a template. My letter reads:
Census Customer Services
ONS
Segensworth Road
Titchfield
Fareham
Hampshire
PO15 5RR
10th March 2011
Dear Sir or Madam,
Re: Households containing people with multiple romantic relationships in the 2011 census
I write to you to ensure that the data that will be provided by my household for the 2011 census will be properly recorded and processed. I am a supporter of the census and understand
its importance, but I am concerned that my response, and the response of others in my position, is at risk of being misunderstood or misinterpreted as a mistake.
I live with my partner and her husband in a three-way committed relationship. We have attempted to express this on the census form: my partner has checked the “husband or wife” box in
reference to her relationship to her husband, and she had checked the “partner” box in reference to her relationship with me. Like many people in this kind of relationship, our family
is the victim of unfair discrimination, and it’s important to us that we can be counted so that future lawmakers, armed with the statistical evidence, can pass policy that is fair to
all: including those who choose to be romantically-involved with multiple people at the same time.
Please give me your assurances that our data will be correctly recorded. If this is not possible, please advise me to whom I should write to put the case that this should be changed.
Yours sincerely,
Dan Q
If the census isn’t the time for a little Poly-activism, then I don’t know when is. I’ll keep
you posted if I get a response.
Me: Hello?
Caller: Hello. Is that Mr. Wilburn.
Me:Steve Wilburn?
Caller: Yes.
Me: I’m afraid I don’t know anybody by that name.
My, she was confused when I knew the name of the person she wanted to get in touch with, and then claimed not to know them! I’d had a call the previous week from the same number, and
the caller then had asked for Steve before identifying him by his full name.
If I get another call, I fully intend to cut out the “checking that they’re looking for ‘Steve'” part of the conversation and just state that I don’t know a Steve Wilburn. They’ll get
the hint eventually.
And Steve? If you’re out there, mate – somebody wants you. I have no idea who they are… but then, I have no idea who you are, either. But if you could let them know the correct number
to reach you on, that’d be appreciated. Ta.
On the evening of Saturday 26th March, Earth will host it’s latest Murder Mystery Night: Murder… Way Out
West! It’ll be a rootin’, tootin’, barrel of fun, with gunslingers and prospectors and natives scheming and dealing and trying to catch a murderer: or to get away with murder!
Whether or not you’ve been to one of our murder mystery nights before, here’s a great
opportunity to come visit, catch up, dress up, and act like a fool. If you’re free, get in touch! The more, the merrier:
but let us know so that we can assign you a character!
For those of you that care about the setting and plot of these things, here’s what you need to know:
It is the spring of 1884. America’s west coast is slowly being populated with small towns full of settlers, come to prospect for precious metals, set up ranches and run dubious
saloons and now the railroad is coming! Cactus Gulch is one such small town, founded 20 years ago and tonight it has a festive air as the townsfolk get set to start their
20th anniversary celebrations.
However, all is not running smoothly. Land disputes, disreputable card games, strange folk from out of town and hostile Indians all add to a tense atmosphere. Join us in the Silver
Dollar Saloon as celebrations begin and find out how the evening unfolds…
If you’re not following Castle, yet, you should be. I can’t believe that I’ve not
recommended this more loudly by now, but seriously, this show is awesome. And I’m not just saying that because the episode I watched most-recently was the single best bit of Whedonverse fan service outside of the Whedonverse. And would be great even if it
wasn’t.
The ten second-summary for those of you with short attention spans: Nathan
Fillion (of Buffy/Firefly/Dr. Horrible fame) plays Richard Castle, a crime fiction writer who’s drafted into helping the NYPD on a murder case. He then
continues to hang around (thanks to his connections with the mayor and the chief of police) with detective Kate Beckett – played by Stana Katic (she was in Quantum of Solace, but we remember her most-fondly from the third Librarian film) – in an
effort to use her as the inspiration of his next fictional crime fighter, Nicky Heat. Its cleverly-spun mysteries will appeal to mystery lovers and its comedic elements – generally
quite dry but sometimes verging on the silly – prevent the show from being “just another crime drama.”
The third season’s broadcasting right now (and you can also watch it on Hulu, assuming that you’re in the USA or you know how to Google
for how to “watch Hulu without a proxy or VPN”), and the first two seasons are available on DVD. You’ve got my recommendation; now go try it.
Microsoft recently tweeted: “It’s not
often that we encourage you to stop using one of our products, but for IE6, we’ll make an exception”. This coincides with the launch of The Internet Explorer 6 Countdown, a website that tries to encourage people to drop this hideously old and awful browser in favour of better, modern,
standards-compliant ones, thereby saving web developers heaps of work.
That’s not strictly true; they’re encouraging people to upgrade to Internet Explorer 8 and 9, presumably, which are still a little lacking in support for some modern web standards. But
they’re a huge step forward, and everybody who’d like to stick with Internet Explorer should be encouraged to upgrade. There’s no excuse for still using IE6.
They’re even providing a tool to let you put a “Upgrade now, damnit!” banner on your website,
visible only to IE6 users. It’s similar to the IE6Update tool, really, but has the benefit of actually
being supported by the browser manufacturer. That has to count for something.
Will it make a difference? I don’t know. I’m frankly appalled that there are modern, high-tech countries that still have significant numbers of IE6 users: Japan counts over
10%, for example! We’re talking here about a ten year old web browser: a web browser that’s older than MySpace, older than Facebook, older than GMail, older than YouTube.
Internet Explorer 6 was released into a world where Lord of the Rings that would take you a long time to read, rather than taking you a long time to watch. A world where in-car
CD players still weren’t universal, and MP3 players were a rarity. Do you remember MiniDisc players? Internet Explorer 6 does. The World Trade Center? Those towers were still standing
when Internet Explorer was released to the world. And if that’s making you think that 10 years is a long time, remember that in the fast-changing world of technology, it’s always even
longer.
Just remember what Microsoft (now, at long last) says: Friends don’t let friends use Internet Explorer 6.
This will be the first time I’ve ever written an On This Day post where I haven’t been able to link
back to a blog post that I actually wrote in the year in question. That’s because, in 2002, I was “between blogs”: the only thing I wrote about online that I still have a copy of was
the imminent re-launch of AvAngel.com, my vanity
site at the time. In that post, however, I did mention that I’d re-written my CV, which was relevant to what was going on in my life in March 2002…
Looking Back
On this day in 2002, I first began working for SmartData, my primary employer for the last nine years. A few months
earlier, Reb – my girlfriend whom I’d moved in with in 2001 – and I had broken up, and I’d recently found the opportunity to visit Aberystwyth and visit friends there (the trip during
which I first met Claire, although we didn’t get together until a little later). On that same trip to Aber, I also met
Simon, who at that point had recently accepted a voluntary redundancy from the Rural Studies department of the University and was getting started with the launch of his software
company, SmartData. He’d recently landed a contract with the National Dairy Farm Assured Scheme and needed an extra pair of hands on board to help out with it.
Sorting out premises was coming along somewhat slower than he’d planned, though. As part of the SpinOut Wales scheme, SmartData had been offered cheap accommodation in a
University-owned building, but they were dragging their feet with the paperwork. On our first day working together, Simon and I crammed into his tiny home office, shoulder-to-shoulder,
to hack code together. The arrangement didn’t last long before we got sick of it, and we “moved in” to the room (that would eventually be legitimately ours) at Peithyll, a former
farmhouse in the village of Capel Dewi, near Aberystwyth.
Over the last nine years since, as the company has grown, I’ve always felt like a core part of it, shaping it’s direction. As we transitioned from developing primarily desktop
applications to primarily web-based applications, and as we switched from mostly proprietary technologies to mostly open-source technologies, I was pointing the way. By working with a
wide variety of different clients, I’ve learned a great deal about a number of different sectors that I’d never dreamed I’d come into contact with: farm assurance schemes, legal
processes, genetic testing, human resource allocation, cinema and theatre, and more. It’s been a wonderfully broad and interesting experience.
Looking Forward
When I began making plans to move to Oxford, I initially anticipated that I’d need to find work over here. But Simon
stressed that my presence was important to SmartData, and offered to allow me to work remotely, from home, which is most of what I’ve been doing for the last year or so. Thanks to the
miracles of modern technology, this has worked reasonably well: VoIP phones keep
us in touch, tunneling and virtual networks allow us to work as if we were all in the same location, and webcams help us feel like we’re not quite so far from one another.
But this wasn’t to be a permanent solution: just a way to allow me to keep contributing to SmartData for as long as possible. Last week, I was offered and accepted a new job with a new
employer, here in Oxford. Starting in April, I’ll be managing the administration and the ongoing development of the website of the Bodleian Libraries, the deposit library associated with Oxford University.
It’s a huge change, going from working as part of a tiny team in a West Wales town to working with hundreds of people at one of the largest employers in Oxford. I’ve no doubt that it’ll
take some getting used to: for a start, I’m going to have to get into the habit of getting dressed before I go to work – something I could get away with while working from home and that
might even have been tolerated in the office at SmartData, as long as I threw on a towel or something (in fact, I have on more than one occasion taken a shower in the SmartData offices,
then sat at my desk, wrapped in towels, until I’d dried off a little).
This feels like a huge turning point in my life: a whole new chapter – or, perhaps the completion of the “turning a page” that moving to Oxford began. My new job is a brand new
position, which provides an exciting opportunity to carve a Dan-shaped hole, and I’ll be working with some moderately-exciting technologies on some very exciting projects. I’m sure I’ll
have more to say once I’m settled in, but for now I’ll just say “Squeee!” and be done with it.
Oh: and for those of you who follow such things, you’ll note that Matt P has just announced his new job, too. Although he’s a sloppy blogger: he’s actually been working there for a little while
already.
This blog post is part of the On This Day series, in which Dan periodically looks back on years gone
by.
I’ve just worked out what Jedward‘s debut single reminds me of. But first, because I expect –
hope? – that the folks who read this blog are oblivious to Irish teen popstars Jedward, I’ll fill you in. Identical twins John and Edward, Jedward lost at The X Factor in 2009 and then
went on the following year to release a single which reached #2 in the UK charts and #1 in the Irish. That single was Under Pressure (Ice Ice Baby), a simultaneous cover/mashup of Queen/Bowie’s fantastic Under Pressure, and
the monstrosity that was Vanilla Ice’s Ice Ice Baby.
It’s an obvious combination because it’s easy: perhaps the laziest music mashup I’ve ever heard. Ice Ice Baby already (very noticeably) sampled Under Pressure, although Van Winkle
denied this to begin with, so Jedward barely had to “shuffle the two together”. I’m not claiming that it’s not catchy, just that it’s not original.
Oh, and you’re likely to see more of them: they’re poised to be Ireland’s entry into the Eurovision Song Contest, this year.
Part Two – and the Aurochs
Aurochs(Bos primigenius) were a huge species of bovine – the predecessors of modern
domestic cattle – that roamed freely around much of Europe and Asia right up into the 17th century (although their numbers had diminished greatly since about the
12th-13th, primarily as a result of hunting, and the destruction of their habitat by climate changes and human expansion).
Why am I talking about these beasts, you ask. Well, apart from the fact that Jedward and the Aurochs would be an amazingly-cool band name, I’ve been reminded by the song above
of the Heck cattle. Allow me to explain:
Heck cattle are a breed of cattle which have been bred over the last 70 years or so as part of an effort to “breed back” the Aurochs by combining the relevant genetics of those species that succeeded them. The idea is that all of the
characteristics of the species can still exist in some form or another in modern domestic cattle, and with sufficient selective breeding it’s possible to get back whatever you want.
It’s controversial, especially when it’s used to “bring back” extinct species: after all, no member of the “new” aurochs will ever be genetically identical to any “old”
previously-living one. But then, no aurochs and it’s children will ever have shared the exact same genetic code, either. There’s a philosophical question, there: suppose we managed to
breed back an animal whose genes shared a specified level of similarity with a previously-existing species (say, 99.8% – about the level of DNA shared between all humans): could one
legitimately call it a member of that now-extinct species, recreated?
Heck cattle aren’t even close, so this is just a thought experiment. They’re neither large enough nor distinct enough from domestic cattle to be called aurochs: they’re just a
primitive-looking breed of cattle. But there’s a point to this whole thing; hang in there.
Part Three – breeding back music
I wonder if it’s possible to “breed back” music by remixing and mashing-up, in a similar way to that seen by the breeders of the Heck cattle and other similar schemes. The family trees
are much smaller, but many of the same principles apply: Under Pressure (Ice Ice Baby) samples both Under Pressure and Ice Ice Baby. Ice Ice Baby, in turn, also samples Under Pressure.
There’s presumably original elements in the final song, too, which represents the introduction of new (genetic) material: let’s call that mutation. Add a few hundred more remixes and
mashups, samples and loops, and make a dozen more songs from these: would it be possible to “get back” the original Queen song by using samples of all of the surviving parts?
That depends, really. Do sufficient samples exist? There’s a lot of loss of information if everybody only uses the iconic dum-dum-dum-de-de-dumdum melody. Do we accurately know
what we’re trying to recreate? A big problem with the Heck cattle is that we know a lot about how they looked and only a little about their temperament, their behaviour, or – and let’s
face it, this is what people are actually asking – their taste. Is somebody’s memory of a song sufficient that they could be asked to identify a “recreated” piece of music, in the same
way as we try to use rare contemporary pictures of aurochs in an effort to reproduce them?
Or maybe Jedward’s song reminded me of the Heck cattle simply because hearing it made me say, “Heck, no! What’s this bull?”