World Backup Day

It’s World Backup Day, folks. That means it’s time for you to look at your data and check that you’re backing it all up to a satisfactory level.

Have a look at the computer you’re sat at. If it’s hard drive(s) broke, irrecoverably, or if it were stolen: what would you lose?

Me? I like my backups to go “offsite”, so I use online redundant storage to shunt my important stuff to (I use a personal Amazon S3 bucket and some software I’ve written for that purpose, but you don’t have to be that geeky to use online backups – just check the World Backup Day website for suggestions). If you’re not quite so paranoid as me, you  might make your backups to CDs or DVDs, or onto a pendrive. It doesn’t take long, and it’s worth it.

Backups are like insurance.

Now go celebrate World Backup Day by making some backups, or by checking that your existing backups restore correctly. You’re welcome.

Passwords

This article is a repost promoting content originally published elsewhere. See more things Dan's reposted.

This repost was published in hindsight, on 11 March 2019.

Fiona wrote:

I have been uneasy for a while about my passwords, but being dyslexic and a bit lazy there was not an obvious solution to make it more secure and not lock me out. The problem that I have is anything that requires memorising a string of letters numbers and symbols just does not work in my brain. I have over come this for my normal passwords by having a small number (around 5) and adding a new one every so often and losing an old one. I take two to three words that I can spell (not a very long list) and then change them with substitution of some letters for numbers. On one occasion I managed to get punctuation in there also. However, they are used in many sites, and are easily broken in to.

Following Dan’s post on passwords combined with a visit to Dan we started looking at other solutions and settled on last pass. This looked like a good option for us. I very carefully set up the account paying close attention to where it said make sure you remember your password. The first password I chose was tolerably strong, I had not used it before and it followed the proven pattern of how I remember passwords. When I typed it in to change something it would not work. Knowing that lastpass will not let me do anything if I cant remember my password I made a word doc changing each part of the password to see where I went wrong and trying it in the filed, fourth time lucky I got the password. I then realised that this was not going to work as the bit I got wrong was an inconstancy of treating one letter as a number. So I reset my password using the old copied password.

I texted myself my new password and copied it from my phone, checked that it worked with a second sign in. Then I continued to set up my sites for last pass to sign in. When Kit came home we decided it was best if I had to write out my new password as often as possible to get it in to my head, this did not work. And after 20 min of trying every combination I could think of the same way I had before I called Kit through to see if he had any ideas. In the end the only option was the delete account and start again option. So we hit show password on the screen and copied each password in to a word doc, then we shut down the account.

This morning I have set up a new last pass account, and because my dyslexia has not gone away over night I have a new stratagie. I use SuperGenPass to change a simple password in to a more complicated password and the resulting password is used to sign in to Last Pass. This might seem convoluted, but in a world where things that I can remember are so insecure that polite coughing will open them up to anyone who chooses it is one of the few options that give security and will allow me to access my own accounts.

Anyway, I have to now go and change all my passwords again as the were made insecure in the rescue mission, but this time I have confidence of it working.

Poly and the Census – Part Two

No reply yet from the Office of National Statistics after the letter I sent the other week, but I imagine that they’ve been busy, what with the census and everything. Needless to say, I’ll keep you posted.

However, in the meantime somebody’s one-upped me and has put in a Freedom of Information request, which – of course – the law mandates that they respond to. I should’a thought of that. Anyway, you can read the request here, and there’s options to follow it by RSS and/or email if you want updates.

Update (27th April 2011): Still no word in response to the FoI request.

Disapora Invites

If anybody’s interested, I’m lugging around a sackload of Diaspora Alpha invitations. If you’re the kind of person who’s likely to want one, then you’re probably the kind of person who already knows what Diaspora is, so I shan’t go in to any further detail here.

Leave a comment if you want one, being sure to fill in the “Email” field of the comment form with the email address you’d like your invitation sent to. See you on the flipside.

Passwords – The Least You Should Do

If you see me in person, you’ll know that this is something I rant about from time to time. But that’s only because people consistently put themselves and their friends at risk, needlessly, and sometimes those friends include me. So let me be abundantly clear:

If you’re reading this, there is at least a 95% chance that your passwords aren’t good enough. You should fix them. Today.

Let’s talk about what what we mean by “good enough”. A good password needs to be:

  • Long. Some of you are still using passwords that are shorter than 8 characters. The length of a password is important because it reduces the risk of a robot “brute forcing” it. Suppose a robot can guess 1000 passwords a second, and your password uses only single-case letters and numbers. If you have a 4-character password, it’ll be lucky to last quarter of an hour. A 6-character password might last a week and a half. At 8-characters, it might last a few decades. Probably less, if your password makes one of the other mistakes, below. And the robots used by crackers are getting faster and faster, so the longer, the better. My shortest password is around 12 characters long, these days.
  • Complex. Remember how long an 8-character password lasts against a “brute force” attack? If you’re only using single-case letters, you’re reducing that by almost a third. Mix it up a bit! Use upper and lower case letters, and numbers, as standard. Consider using punctuation, too. There’s no legitimate reason for a website to demand that you don’t have a long and complex password, so if one does seem to have unreasonable requirements: write to the owners and threaten to take your business elsewhere if they don’t get with the times.
  • Random. If your password is, is based on, or contains a dictionary word (in any language), a name or brand name, a date, a number plate or (heaven forbid) a national insurance number, it’s not good enough. “Brute force” attacks like those described above are usually the second line of attack against properly-stored passwords: first, a robot will try every word, name or date that it can think of, with and without capitalisation and with numbers before and afterwards. Many will also try common phrases like “iloveyou” and “letmein”. WikiHow has a great suggestion about how to make “random” passwords that are easy to remember.
  • Unique. Here’s the one that people keep getting wrong, time and time again. You should never, never, use the same password for multiple different services (and you should be very wary of using the same password for different accounts on the same service). This is because if a malicious hacker manages to get your password for one site, they can now start breaking into your accounts on other sites. Some people try to get around this by keeping two or three “levels” of passwords, for low-, medium-, and high-security uses. But even if a hacker gets access to all of your “low” security sites, that is (these days, frequently) still a huge amount of data they have with which to commit an identity theft.The other big reason to make sure your passwords are unique is that it makes it safer to share them, if the need arises. Suppose that for some reason you need to share a password with somebody else: it’s far safer for everybody involved if the password you share with them works only for the service you wanted to give them access to. Every person you trust is one more person who might (accidentally) expose it to a hacker by writing it down.Even if you have to memorise a complex “master” password and keep in your wallet a list of random “suffixes” that you append to this master password, different for each site, that’s a huge step forwards. It’s also a very basic level of two-factor authentication: to log in to your Twitter account, for example, you need your master password (which is in your head), plus the Twitter suffix to the password (which is written down in your wallet).

There’s been a wave of attacks recently against users of social networking websites: an attacker will break into an insecure web forum to get people’s email addresses and password, and then will try to log in to their webmail accounts and into social networking sites (Facebook, Twitter, etc.) using those same credentials. When they get a “hit”, they’ll explore the identity of the victim, learning about their language patterns, who their friends are, and so on. Then they’ll send messages or start chats with their victim’s friends, claiming to be their victim, and claim some kind of crisis. They’ll often ask to borrow money that needs to be wired to them promptly. And then they’ll disappear.

In this interconnected world, it’s important that your passwords are good not only for your benefit, but for your friends too. So if you’re guilty of any of the “password crimes” above – if you have passwords that are short (under 8 characters), simple (don’t use a mixture of cases and include numbers), predictable (using dictionary words, names, dates, etc.: even if they include a number), or re-used (used in more than one place or for more than one site) – change your passwords today.

Here’s some resources to help you do it:

  • WikiHow’s guide to choosing secure passwords.
  • PCTools’ great random password generator.
  • The top 500 worst passwords of all time – if yours is in here, it’s probably already been compromised.
  • SuperGenPass – a very good way to use a strong, unique password for every website without having to remember multiple passwords. Free.
  • KeePass – a great way to use a strong, unique password for every site and service without having to remember multiple passwords. Free.
  • LastPass – another great way to use a strong, unique password for every site and service without having to remember multiple passwords. Free (or cheap, for the premium version).

A Punting Story

This story actually relates to an event that happened in mid-2010, but I only recently got around to finishing writing about it.

Once upon a time there was a boy named Dan.

Dan lives in a big house with his friends Ruth and JTA.

(their other friend, Paul, lives in the house, too… but he isn’t in this story)

One day, Dan and Ruth and JTA went on an adventure. They packed up a picnic with all their favourite foods.

Big soft sandwiches, teeny-tiny sausages, cheese-with-holes-in, and a big box of chocolates. Then they got onto a bus.

Soon, they saw a big, wide river. “Let’s get off here,” said Ruth. JTA pressed the button to tell the bus driver to stop.

At the river, there was a man with all kinds of boats: boats with pedals, boats with paddles, and boats with poles.

“Can we borrow one of your boats?” Dan asked the man.
“Okay,” he said, and gave Dan a long pole.

Ruth and JTA got into the boat and sat down. Dan stood up on the very back of the boat. It was very wobbly!

Dan used the pole to reach all the way down the bottom of the river, and pushed the boat along. It was hard work!

They found a shady tree in a park, stopped the boat, and ate their picnic.

They drank some fizzy wine and felt all bubbly and dizzy. Soon it was time to get back on the boat and go back along the river.

One time, Dan almost fell into the water! But luckily he didn’t, and he, Ruth and JTA got back safely.

And they all lived happily ever after.

× × × × × × × × × × × ×

Poly and the Census

I’ve just sent a letter to the Office of National Statistics, about the 2011 census. In case you’re interested, or if you’d like to send a similar letter to ensure that your own living arrangements will be correctly recorded, you’re welcome to use it as a template. My letter reads:

Census Customer Services
ONS
Segensworth Road
Titchfield
Fareham
Hampshire
PO15 5RR

10th March 2011

Dear Sir or Madam,

Re: Households containing people with multiple romantic relationships in the 2011 census

I write to you to ensure that the data that will be provided by my household for the 2011 census will be properly recorded and processed. I am a supporter of the census and understand its importance, but I am concerned that my response, and the response of others in my position, is at risk of being misunderstood or misinterpreted as a mistake.

I live with my partner and her husband in a three-way committed relationship. We have attempted to express this on the census form: my partner has checked the “husband or wife” box in reference to her relationship to her husband, and she had checked the “partner” box in reference to her relationship with me. Like many people in this kind of relationship, our family is the victim of unfair discrimination, and it’s important to us that we can be counted so that future lawmakers, armed with the statistical evidence, can pass policy that is fair to all: including those who choose to be romantically-involved with multiple people at the same time.

Please give me your assurances that our data will be correctly recorded. If this is not possible, please advise me to whom I should write to put the case that this should be changed.

Yours sincerely,

Dan Q

If the census isn’t the time for a little Poly-activism, then I don’t know when is. I’ll keep you posted if I get a response.

Wrong Number

My phone rings. I answer.

Me: Hello?
Caller: Hello. Is that Mr. Wilburn.
Me: Steve Wilburn?
Caller: Yes.
Me: I’m afraid I don’t know anybody by that name.

My, she was confused when I knew the name of the person she wanted to get in touch with, and then claimed not to know them! I’d had a call the previous week from the same number, and the caller then had asked for Steve before identifying him by his full name.

If I get another call, I fully intend to cut out the “checking that they’re looking for ‘Steve'” part of the conversation and just state that I don’t know a Steve Wilburn. They’ll get the hint eventually.

And Steve? If you’re out there, mate – somebody wants you. I have no idea who they are… but then, I have no idea who you are, either. But if you could let them know the correct number to reach you on, that’d be appreciated. Ta.

Murder… Way Out West

Howdy, everybody!

On the evening of Saturday 26th March, Earth will host it’s latest Murder Mystery Night: Murder… Way Out West! It’ll be a rootin’, tootin’, barrel of fun, with gunslingers and prospectors and natives scheming and dealing and trying to catch a murderer: or to get away with murder!

Whether or not you’ve been to one of our murder mystery nights before, here’s a great opportunity to come visit, catch up, dress up, and act like a fool. If you’re free, get in touch! The more, the merrier: but let us know so that we can assign you a character!

For those of you that care about the setting and plot of these things, here’s what you need to know:

It is the spring of 1884. America’s west coast is slowly being populated with small towns full of settlers, come to prospect for precious metals, set up ranches and run dubious saloons and now the railroad is coming! Cactus Gulch is one such small town, founded 20 years ago and tonight it has a festive air as the townsfolk get set to start their 20th anniversary celebrations.

However, all is not running smoothly. Land disputes, disreputable card games, strange folk from out of town and hostile Indians all add to a tense atmosphere. Join us in the Silver Dollar Saloon as celebrations begin and find out how the evening unfolds…

Hope to see you there, pardner.

Space Cowboy

If you’re not following Castle, yet, you should be. I can’t believe that I’ve not recommended this more loudly by now, but seriously, this show is awesome. And I’m not just saying that because the episode I watched most-recently was the single best bit of Whedonverse fan service outside of the Whedonverse. And would be great even if it wasn’t.

Nathan Fillion as Richard Castle as Nathan Fillion as Malcolm Reynolds. This show just got meta. Click on the image for animated version.

The ten second-summary for those of you with short attention spans: Nathan Fillion (of Buffy/Firefly/Dr. Horrible fame) plays Richard Castle, a crime fiction writer who’s drafted into helping the NYPD on a murder case. He then continues to hang around (thanks to his connections with the mayor and the chief of police) with detective Kate Beckett – played by Stana Katic (she was in Quantum of Solace, but we remember her most-fondly from the third Librarian film) – in an effort to use her as the inspiration of his next fictional crime fighter, Nicky Heat. Its cleverly-spun mysteries will appeal to mystery lovers and its comedic elements – generally quite dry but sometimes verging on the silly – prevent the show from being “just another crime drama.”

CTRL-ALT-DEL comic from 28th Feb 2011

The third season’s broadcasting right now (and you can also watch it on Hulu, assuming that you’re in the USA or you know how to Google for how to “watch Hulu without a proxy or VPN”), and the first two seasons are available on DVD. You’ve got my recommendation; now go try it.

×

IE6 Countdown

Microsoft recently tweeted“It’s not often that we encourage you to stop using one of our products, but for IE6, we’ll make an exception”. This coincides with the launch of The Internet Explorer 6 Countdown, a website that tries to encourage people to drop this hideously old and awful browser in favour of better, modern, standards-compliant ones, thereby saving web developers heaps of work.

Internet Explorer 6 usage stats, from IE6 Countdown. I'm honestly shocked that the number is still as high as 12%. Where are they getting that from?

That’s not strictly true; they’re encouraging people to upgrade to Internet Explorer 8 and 9, presumably, which are still a little lacking in support for some modern web standards. But they’re a huge step forward, and everybody who’d like to stick with Internet Explorer should be encouraged to upgrade. There’s no excuse for still using IE6.

 

They’re even providing a tool to let you put a “Upgrade now, damnit!” banner on your website, visible only to IE6 users. It’s similar to the IE6Update tool, really, but has the benefit of actually being supported by the browser manufacturer. That has to count for something.

Will it make a difference? I don’t know. I’m frankly appalled that there are modern, high-tech countries that still have significant numbers of IE6 users: Japan counts over 10%, for example! We’re talking here about a ten year old web browser: a web browser that’s older than MySpace, older than Facebook, older than GMail, older than YouTube. Internet Explorer 6 was released into a world where Lord of the Rings that would take you a long time to read, rather than taking you a long time to watch. A world where in-car CD players still weren’t universal, and MP3 players were a rarity. Do you remember MiniDisc players? Internet Explorer 6 does. The World Trade Center? Those towers were still standing when Internet Explorer was released to the world. And if that’s making you think that 10 years is a long time, remember that in the fast-changing world of technology, it’s always even longer.

Just remember what Microsoft (now, at long last) says: Friends don’t let friends use Internet Explorer 6.

On This Day in 2002 (New Job!)

This will be the first time I’ve ever written an On This Day post where I haven’t been able to link back to a blog post that I actually wrote in the year in question. That’s because, in 2002, I was “between blogs”: the only thing I wrote about online that I still have a copy of was the imminent re-launch of AvAngel.com, my vanity site at the time. In that post, however, I did mention that I’d re-written my CV, which was relevant to what was going on in my life in March 2002…

Looking Back

On this day in 2002, I first began working for SmartData, my primary employer for the last nine years. A few months earlier, Reb – my girlfriend whom I’d moved in with in 2001 – and I had broken up, and I’d recently found the opportunity to visit Aberystwyth and visit friends there (the trip during which I first met Claire, although we didn’t get together until a little later). On that same trip to Aber, I also met Simon, who at that point had recently accepted a voluntary redundancy from the Rural Studies department of the University and was getting started with the launch of his software company, SmartData. He’d recently landed a contract with the National Dairy Farm Assured Scheme and needed an extra pair of hands on board to help out with it.

Sorting out premises was coming along somewhat slower than he’d planned, though. As part of the SpinOut Wales scheme, SmartData had been offered cheap accommodation in a University-owned building, but they were dragging their feet with the paperwork. On our first day working together, Simon and I crammed into his tiny home office, shoulder-to-shoulder, to hack code together. The arrangement didn’t last long before we got sick of it, and we “moved in” to the room (that would eventually be legitimately ours) at Peithyll, a former farmhouse in the village of Capel Dewi, near Aberystwyth.

The entrance to Peithyll, where SmartData established itself for much of the first six years of its life. It was quite a cycle to get out there every day, but in the summer it made for a great office: not many people can sit at their desk and watch red kites hunting outside, or go for a lunchtime walk up a hill with a picnic.

Over the last nine years since, as the company has grown, I’ve always felt like a core part of it, shaping it’s direction. As we transitioned from developing primarily desktop applications to primarily web-based applications, and as we switched from mostly proprietary technologies to mostly open-source technologies, I was pointing the way. By working with a wide variety of different clients, I’ve learned a great deal about a number of different sectors that I’d never dreamed I’d come into contact with: farm assurance schemes, legal processes, genetic testing, human resource allocation, cinema and theatre, and more. It’s been a wonderfully broad and interesting experience.

Looking Forward

When I began making plans to move to Oxford, I initially anticipated that I’d need to find work over here. But Simon stressed that my presence was important to SmartData, and offered to allow me to work remotely, from home, which is most of what I’ve been doing for the last year or so. Thanks to the miracles of modern technology, this has worked reasonably well: VoIP phones keep us in touch, tunneling and virtual networks allow us to work as if we were all in the same location, and webcams help us feel like we’re not quite so far from one another.

But this wasn’t to be a permanent solution: just a way to allow me to keep contributing to SmartData for as long as possible. Last week, I was offered and accepted a new job with a new employer, here in Oxford.  Starting in April, I’ll be managing the administration and the ongoing development of the website of the Bodleian Libraries, the deposit library associated with Oxford University.

My new office, right in the heart of Oxford. It looks a lot less green, and a lot more prestigious, than Peithyll.

It’s a huge change, going from working as part of a tiny team in a West Wales town to working with hundreds of people at one of the largest employers in Oxford. I’ve no doubt that it’ll take some getting used to: for a start, I’m going to have to get into the habit of getting dressed before I go to work – something I could get away with while working from home and that might even have been tolerated in the office at SmartData, as long as I threw on a towel or something (in fact, I have on more than one occasion taken a shower in the SmartData offices, then sat at my desk, wrapped in towels, until I’d dried off a little).

This feels like a huge turning point in my life: a whole new chapter – or, perhaps the completion of the “turning a page” that moving to Oxford began. My new job is a brand new position, which provides an exciting opportunity to carve a Dan-shaped hole, and I’ll be working with some moderately-exciting technologies on some very exciting projects. I’m sure I’ll have more to say once I’m settled in, but for now I’ll just say “Squeee!” and be done with it.

Oh: and for those of you who follow such things, you’ll note that Matt P has just announced his new job, too. Although he’s a sloppy blogger: he’s actually been working there for a little while already.

This blog post is part of the On This Day series, in which Dan periodically looks back on years gone by.

× ×

Jedward and the Aurochs

Part One – Jedward

I’ve just worked out what Jedward‘s debut single reminds me of. But first, because I expect – hope? – that the folks who read this blog are oblivious to Irish teen popstars Jedward, I’ll fill you in. Identical twins John and Edward, Jedward lost at The X Factor in 2009 and then went on the following year to release a single which reached #2 in the UK charts and #1 in the Irish. That single was Under Pressure (Ice Ice Baby), a simultaneous cover/mashup of Queen/Bowie’s fantastic Under Pressure, and the monstrosity that was Vanilla Ice’s Ice Ice Baby.

If you’re not familiar, go watch the music video. Don’t worry: I’ll only make you do it once.

It’s an obvious combination because it’s easy: perhaps the laziest music mashup I’ve ever heard. Ice Ice Baby already (very noticeably) sampled Under Pressure, although Van Winkle denied this to begin with, so Jedward barely had to “shuffle the two together”. I’m not claiming that it’s not catchy, just that it’s not original.

Oh, and you’re likely to see more of them: they’re poised to be Ireland’s entry into the Eurovision Song Contest, this year.

Part Two – and the Aurochs

Aurochs (Bos primigenius) were a huge species of bovine – the predecessors of modern domestic cattle – that roamed freely around much of Europe and Asia right up into the 17th century (although their numbers had diminished greatly since about the 12th-13th, primarily as a result of hunting, and the destruction of their habitat by climate changes and human expansion).

Painting of an aurochs. From ground to shoulder, these animals stood about two metres high, and weighed about a tonne. That's about the size and mass of a small rhinoceros, or - perhaps more-aptly - eight to nine thousand quarter-pounders.

Why am I talking about these beasts, you ask. Well, apart from the fact that Jedward and the Aurochs would be an amazingly-cool band name, I’ve been reminded by the song above of the Heck cattle. Allow me to explain:

Heck cattle are a breed of cattle which have been bred over the last 70 years or so as part of an effort to “breed back” the Aurochs by combining the relevant genetics of those species that succeeded them. The idea is that all of the characteristics of the species can still exist in some form or another in modern domestic cattle, and with sufficient selective breeding it’s possible to get back whatever you want.

It’s controversial, especially when it’s used to “bring back” extinct species: after all, no member of the “new” aurochs will ever be genetically identical to any “old” previously-living one. But then, no aurochs and it’s children will ever have shared the exact same genetic code, either. There’s a philosophical question, there: suppose we managed to breed back an animal whose genes shared a specified level of similarity with a previously-existing species (say, 99.8% – about the level of DNA shared between all humans): could one legitimately call it a member of that now-extinct species, recreated?

A male Heck cattle. Sure LOOKS like an aurochs, doesn't it?

Heck cattle aren’t even close, so this is just a thought experiment. They’re neither large enough nor distinct enough from domestic cattle to be called aurochs: they’re just a primitive-looking breed of cattle. But there’s a point to this whole thing; hang in there.

Part Three – breeding back music

I wonder if it’s possible to “breed back” music by remixing and mashing-up, in a similar way to that seen by the breeders of the Heck cattle and other similar schemes. The family trees are much smaller, but many of the same principles apply: Under Pressure (Ice Ice Baby) samples both Under Pressure and Ice Ice Baby. Ice Ice Baby, in turn, also samples Under Pressure. There’s presumably original elements in the final song, too, which represents the introduction of new (genetic) material: let’s call that mutation. Add a few hundred more remixes and mashups, samples and loops, and make a dozen more songs from these: would it be possible to “get back” the original Queen song by using samples of all of the surviving parts?

That depends, really. Do sufficient samples exist? There’s a lot of loss of information if everybody only uses the iconic dum-dum-dum-de-de-dumdum melody. Do we accurately know what we’re trying to recreate? A big problem with the Heck cattle is that we know a lot about how they looked and only a little about their temperament, their behaviour, or – and let’s face it, this is what people are actually asking – their taste. Is somebody’s memory of a song sufficient that they could be asked to identify a “recreated” piece of music, in the same way as we try to use rare contemporary pictures of aurochs in an effort to reproduce them?

This is a rarely-seen Heck Mercury. It's a pale comparison to the real deal: it looks the same, but it doesn't sing even remotely as well. Sadly, efforts to find descendents of the rock star himself have been hampered by his sexuality, a problem not encountered with the aurochs... although it would provide another, perhaps more-amusing, explanation for their extinction.

Or maybe Jedward’s song reminded me of the Heck cattle simply because hearing it made me say, “Heck, no! What’s this bull?”

× × ×