As web developers, we’re used to working around the bugs in Microsoft Internet Explorer. The older versions are worst, and I’m certainly glad to not have to write code that
works in Internet Explorer 6 (or, increasingly, Internet Explorer 7) any more: even Microsoft are glad to see Internet Explorer 6 dying out, but even IE8 is pretty ropey too. And despite what Microsoft claim, I’m afraid IE9 isn’t really a “modern” browser either (although it is a huge step forwards over its
predecessors).
But imagine my surprise when I this week found what I suspect might be a previously undiscovered bug in Internet Explorer 8 and below. Surely they’ve all been found (and some of them
even fixed), but now? But no. It takes a very specific set of circumstances for the bug to manifest itself, but it’s not completely unbelievable – I ran into it by accident while
refactoring parts of Three Rings.
A completely useless Internet Explorer error message. Thanks, IE.
Here’s the crux of it: if you’re –
Using Internet Explorer 8 or lower, and
You’re on a HTTPS (secure) website, and
You’re downloding one of a specific set of file types: Bitmap files, for example, are a problem, but JPEG files aren’t (Content-Type: image/bmp), and
The web server indicates that the file you’re downloading should be treated as something to be “saved”, rather than something to be viewed in your browser
(Content-Disposition: attachment), and
The web server passes a particular header to ask that Internet Explorer does not cache a copy of the file (Cache-Control: no-cache),
Then you’ll see a dialog box like the one shown above. Switching any of the prerequisites in that list out makes the problem go away: even switching the header from a strict “no-cache”
to a more-permissive “private” makes all the difference.
I’ve set up a test environment where you can see this for yourself: HTTP version; HTTPS version. The source code of my experiment (PHP) is also available. Of course, if you try it in a functional, normal web browser, it’ll all work fine. But if
you’ve got access to a copy of Internet Explorer 8 on some old Windows XP box somewhere (IE8 is the last version of the browser made available for XP), then try it in that and see for
yourself what a strange error you get.
On this day in 1999 I sent out the twenty-eighth of my Cool Thing Of The
Day To Do In Aberystwyth emails. I wasn’t blogging at the time (although I did have a blog previously), but these messages-back-home served a similar purpose, if only for a select
audience. You can read more about them in my last On This Day to discuss them or the one before.
For technical reasons, this particular Cool Things Of The Day appears to have been sent on 27th October, but in actual fact I know that the events it describes took place on
5th November 1999. The obvious clue? The fireworks! I knew that Cool Thing Of The Day as shown here on my blog was out-of-sync with reality, but this particular entry
gives a great indication of exactly how much it’s out by. And no, I can’t be bothered to correct it.
Back in 1999 I started as a student at the University of Wales, Aberystwyth (now Aberystwyth University), moved away from home, and had a fantastic time. One bonfire night, I called up
two new friends of mine – Rory and Sandra – and persuaded them that we should wander over to nearby Trefechan and
climb the hill (Pen Dinas) there to watch the fireworks. It was a wild and windy night, and certainly not the conditions to climb an unknown and occasionally-treacherous hill, but we
weren’t dissuaded: we set out!
You know those films or sitcoms where the protagonist (usually through their own stupidity) ends up on a date with two people at the same time, trying to keep each unaware of the other?
That’s what I felt like at the time: because (though neither of them knew this at the time) I had an incredible crush on both of them. Of course: back then I was far shyer and far
less-good at expressing myself, so this remained the case for a little while longer. Still: my inexperienced younger self still manged to make it feel to me like a
precarious situation that I could easily balls-up. Perhaps I should have better thought-out the folks I invited out that night…
A storm blew in furiously, and the fireworks launched from the town scattered around, buffeted and shaken and only occasionally still flying upwards when they exploded. The rain lashed
down and soaked us through our coats. We later found ourselves huddled around a radiator in The Fountain (under its old, old ownership), where the barman and the regulars couldn’t believe that we’d been up
Pen Denis in the
Looking Forward
A little later, I got to have a ludicrously brief fling with one of the pair, but I was fickle and confused and ballsed it up pretty quickly. Instead, I fell into a relationship with my
old friend-with-benefits Reb, which in the long run turned out to be a very bad chapter of my life.
Trefechan – exotically across the river from the rest of Aberystwyth – didn’t seem so far away after a few more years in Aberystwyth… only a stone’s throw from Rummers! But for three new students, just a couple of months into their new home, lost and drunk and fumbling
their way using an outdated map and seeing by firework-light, it was an exciting adventure. In 2004, SmartData (my
employer at that time) moved into their new premises,
right over the road from The Fountain and in the shadow of Pen Denis. The Technium turned out to be a pretty good place for SmartData, and it suited me,
too. Some days in the summer, when it was warm and sunny, I’d leave work and take a walk up Pen Dinas. It wasn’t the same without the fireworks, the company, or the mystery of being
somewhere for the very first time, but it’s still a great walk.
Sometimes I’d go up there in the rain, too.
This blog post is part of the On This Day series, in which Dan periodically looks back on
years gone by.
As part of the ongoing challenges that came about as part of the problems with my dad’s Will, I was required the other week to find myself a local solicitor so that they could witness me affirm a statement (or swear an
oath, for those of you who are that-way inclined). Sounds easy, right?
One of the more-significant issues with my dad’s Will was that it was re-stapled sometime after it was signed. This was probably legitimate, but it quickly makes it look like it’s a
forgery.
Well: it turns out that the solicitor I chose did it wrong. How is it even possible to incorrectly witness an affirmation? I wouldn’t have thought it so. But
apparently they did. So now I have to hunt down the same solicitor and try again. It has to be the same one “because they did it partially right”, or else I have to start the current
part of the process all over again. But moreover, I’ll be visiting the same solicitor because I want my damn money back!
I’ll spare you the nitty-gritty. Suffice to say that this is a surprising annoyance in an already all-too-drawn-out process. It’s enough to make you swear. Curse words, I mean: not an
oath.
Last month, I volunteered myself to run a breakout session at the 2012 UAS Conference, an
annual gathering of up to a thousand Oxford University staff. I’d run a 2-minute micropresentation at the July 2011 OxLibTeachMeet called “Your Password Sucks!”, and I thought I’d probably be able to expand that into a larger 25-minute breakout session.
My expanded presentation was called “Your password: How bad guys will steal your identity”, because I wasn’t sure that I’d get away with the title “Your Password Sucks” at a larger,
more-formal event.
The essence of my presentation boiled down to demonstrating four points. The first was you are a target – dispelling the myth that the everyday person can consider
themselves safe from the actions of malicious hackers. I described the growth of targeted phishing attacks, and relayed the sad story of Mat Honan’s victimisation by hackers.
The second point was that your password is weak: I described the characteristics of good passwords (e.g. sufficiently long, complex, random, and unique) and
pointed out that even among folks who’d gotten a handle on most of these factors, uniqueness was still the one that tripped people over. A quarter of people use only a single password for most or all
of their accounts, and over 50% use 5 or fewer passwords across dozens of accounts.
The four points I wanted to make through my presentation. Starting by scaring everybody ensured that I had their attention right through ’til I told them what they could do about it,
at the end.
Next up: attacks are on the rise. By a combination of statistics, anecdotes, audience participation and a theoretical demonstration of how a hacker might exploit
shared-password vulnerabilities to gradually take over somebody’s identity (and then use it as a platform to attack others), I aimed to show that this is not just a hypothetical
scenario. These attacks really happen, and people lose their money, reputation, or job over them.
Finally, the happy ending to the story: you can protect yourself. Having focussed on just one aspect of password security (uniqueness), and filling a 25-minute
slot with it, I wanted to give people some real practical suggestions for the issue of password uniqueness. These came in the form of free suggestions that they could implement today. I
suggested “cloud” options (like LastPass or 1Password), hashing options (like SuperGenPass), and “offline” technical options
(like KeePass or a spreadsheet bundles into a TrueCrypt volume).
I even suggested a non-technical option involving a “master” password that is accompanied by one of several unique prefixes. The prefixes live on a Post-It Note in your wallet. Want a
backup? Take a picture of them with your mobile: they’re worthless without the master password, which lives in your head. It’s not as good as a hash-based solution, because a crafty
hacker who breaks into several systems might be able to determine your master password, but it’s “good enough” for most people and a huge improvement on using just 5 passwords
everywhere! (another great “offline” mechanism is Steve Gibson’s Off The Grid system)
My presentation – marked on the above chart – left people “Very Satisfied” significantly more than any other of the 50 breakout sessions.
And it got fantastic reviews! That pleased me a lot. The room was packed, and eventually more chairs had to be brought in for the 70+ folks who decided that my session was “the place to
be”. The resulting feedback forms made me happy, too: on both Delivery and Content, I got more “Very Satisfied” responses than any other of the 50 breakout sessions, as well as specific
comments. My favourite was:
Best session I have attended in all UAS conferences. Dan Q gave a 5 star performance.
So yeah; hopefully they’ll have me back next year.
Looper is a time travel movie of the “self-healing timeline” mechanic (a-la Back To The Future, although Looper “fixes” itself faster and changes to the time stream can be
observed and remembered by everybody affected by them). As a result of this, and a few other issues, it suffers from a handful of plotholes and internal inconsistencies: however, it’s
still an enormously fun film that I’d recommend that you see.
Looper. The second-best film of its category. For a given definition of “category”.
Looper is the second-best of all three movies that feature Bruce Willis travelling back in time and encountering a younger version of himself – and now it’s going to bug you until you
work out what the other two are.
The other Three Ringers and I are working hard to wrap up Milestone:
Jethrik, the latest version of the software. I was optimising some of the older volunteer availability-management code when, by coincidence, I noticed this new bug:
Well, at least she’s being rational about it.
I suppose it’s true: Lucy (who’s an imaginary piece of test data) will celebrate her birthday in 13/1 days. Or 13.0 days, if you prefer. But most humans seem to be happier
with their periods of time not expressed as top-heavy fractions, for some reason, so I suppose we’d better fix that one.
They’re busy days for Three Rings, right now, as we’re also making arrangements for our 10th
Birthday Conference, next month. Between my Three Rings work, a busy stretch at my day job, voluntary work at Oxford Friend, yet-more-executor-stuff, and three different courses, I don’t have much time for anything else!
But I’m still alive, and I’m sure I’ll have more to say about all of the things I’ve been getting up to sometime. Maybe at half term. Or Christmas!
This game is just pure fun. It’s not easy, and there’s a lot of learning to be done, but it sort-of reminds me of playing NetHack for the first time, if NetHack were set in the
Battlestar Galactica universe (or perhaps Firefly) rather than in the Dungeons of Doom. Seriously lots of fun, and great to “come back to”. You’ll never forget your
first win.
Here are three ideas I’ve had for movies recently. If only the movie studios would stop making pap like Dredd 3D (or as I call it, Judge Dreddful) and take on some of my ideas, perhaps I’d find myself at the cinema more often.
So here are my three pitches:
Knights of the Living Dead
A twist on the Arthurian legends. With zombies.
King Arthur’s trusted White Knight (Lancelot) on a “routine” quest to oust Brandin, a corrupt ruler of a nearby township, who is accused of evil sorcery. Lancelot rallies the townpeople
but Brandin escapes to his lair in a cursed cemetery. Lancelot slays Brandin, but – an an effort to decode a riddle Brandin made about the source of his power – lifts an enormous
metal plate over a mysterious tomb, exposing the world to a dangerous plague that turns those affected into monstrous zombies.
Knights of the Living Dead
Under instruction from the Church, Arthur and his knights set out to find the Holy Grail, which has the power to defeat the curse, questing through zombie-infected lands. There’s lots
of hacking and slashing and eating of brains, Lancelot shags Guinevere, Arthur dies a heroic death to let the others escape (hinting at the time that he knows about the affair and
wants them to be happy together), and ultimately the knights use the Grail to save the world from the zombie plague.
My Daughter’s Hand
A tale of love, homophobia, and the meaning of family, inspired by a true story.
My first thought when I heard this news story was that she should find a man who’s willing to “marry” her, and split the money between the two of them. Hell: for £20M, I’d
fly to Hong Kong and marry her for a fortnight. Where’s my plane ticket.
Hong Kong corporation heiress Gigi Chao (right) with her wife Sean Eav.
But then I thought of an even better variant on the story. In my version, a (disowned, unless she recants and marries a man) lesbian daughter has her partner dress as a
man and pretend to be a suitor. There are slight overtones of the story of Hua
Mulan, a legendary Chinese heroine who pretended to be a man in order to take her aged father’s place in the army, during a conscription drive.
In any case, the partner, disguised as a man, succeeds in impressing the father, and the father eventually comes to admire this young “man” and gives his blessing to marry his daugher.
But as the wedding approaches, their secret is exposed when they’re caught having sex. However: after much soul-searching the father sees that he liked his daughter’s partner as a
person when he believed that she was a man, and so he agrees to accept her into his family as a woman, too.
It’s a story about combating homophobia with deception, I guess.
These gentlemen were in such a rush to get the fame of collecting the most dinosaur bones, that they resorted to ludicrous (and somewhat shocking) measures: using dynamite to blow away
hillsides (probably destroying many fossils as they went), spying on one another (to such an extent that they would sometimes operate through fake companies to try to evade each other’s
spies), and bribing people to keep quiet about the locations of big finds.
I have a vision for a film in the style of A Dangerous Method, which I enjoyed earlier this
year, telling the dramatised story of these men and their rivalry. There’s already been a comic book and even a board game
about them: isn’t it time for a movie, too?
Like the TARDIS, your time machine has a fault. The fault isn’t a failure of its chameleon circuit, but a quirk in its ability to jump to particular dates. Picture courtesy
aussiegall (Flickr), licensed Creative Commons.
You own a time machine with an unusual property: it can only travel to 29th February. It can jump to any 29th February, anywhere at all, in any year (even back
before we invented the Gregorian Calendar, and far into the future after we’ve stopped using it), but it can only
finish its journey on a 29th of February, in a Gregorian leap year (for this reason, it can only jump to years which are leap years).
One day, you decide to take it for a spin. So you get into your time machine and press the “random” button. Moments later, you have arrived: it is now 29th February in a
random year!
Without knowing what year it is: what is the probability that it is a Monday? (hint: the answer is not1/7 – half of your challenge is to work
out why!).
Like the TARDIS, your time machine has a fault. The fault isn’t a failure of its chameleon circuit, but a quirk in its ability to jump to particular dates. Picture courtesy aussiegall
(Flickr), licensed Creative Commons.
You own a time machine with an unusual property: it can only travel to 29th February. It can jump to any 29th February, anywhere at all, in any year (even back before we
invented the Gregorian Calendar, and far into the future after we’ve stopped using it), but it can only finish its
journey on a 29th of February, in a Gregorian leap year (for this reason, it can only jump to years which are leap years).
One day, you decide to take it for a spin. So you get into your time machine and press the “random” button. Moments later, you have arrived: it is now 29th February in a
random year!
Without knowing what year it is: what is the probability that it is a Monday? (hint: the answer is not1/7 – half of your challenge is to work out
why!).
Earlier this month, Ruth and I spent a long weekend in the North to celebrate five years together as a couple.
Technically, I suppose that we should have celebrated it the previous month, but we were up in Edinburgh at the time: we had, after all, first gotten together during our 2007 trip to Edinburgh, in lieu of actually watching any comedy.
Because of our change of date, we ended up celebrating the fifth anniversary of our relationship… on the same weekend as the fifth anniversary of QParty, the celebration of Claire and I’s relationship. QParty in turn took place five months after Claire and I changed our names, which itself happened on approximately the
fifth anniversary of Claire and I meeting for the first time.
In Ruth and I’s case, this five year mark isn’t just a excuse to celebrate our success as a couple, but also to celebrate the success of she, JTA and I as a “vee“. Our unusual arrangement hasn’t been without its share of challenges: many of them challenges that more-conventional
couples don’t face. But here we are, looking back on a busy five years and… well… still kicking ass.
She and I have been talking, on and off, about the idea of a party that the pair of us would like to throw, a little way down the line: something to celebrate us as a
couple. Nothing quite so grand and enormous as Ruth & JTA’s wedding (what could top
that!), but some variety of event. Needless to say, you’ll hear about it when it’s time to!
It’s a stamp. It stamps. It looks like it’s going to dry out, but it doesn’t. It works, and it’s great.
The only thing it could have benefited from would have been the word “PAID”, the appropriate way up, on the top of the handle as well as the bottom, so it’s easier to double-check that
it’s perfect before you stamp.
Otherwise: a perfectly good product at a perfectly fair price.
Since my dad’s funeral earlier this year, I’ve been acting as executor to his estate.
What this means in real terms is lots of paperwork, lots of forms, and lots of dealing with lawyers. I’ve learned a lot about intestacy law, probate, inheritance tax, and more, but what
I thought I’d share with you today are some things I’ve learned about Wills.
Note: This blog post discusses the duties of an executor in a way that some people might find disrespectful to the deceased. No disrespect is intended; this is just the
way that I write. If you’re offended: screw you.
Here are 4 things you should do when writing a Will (which my dad didn’t):
1. Keep it up-to-date
What you should do: So long as you’re happy with the broader clauses in your will, there’s no need to change it frequently. But if there’s information that’s
clearly missing or really out-of-date, it ought to be fixed.
What my dad did: My dad’s Will was ten and a half years old at the time of his death. In the intervening time, at least five important things had happened that
he’d failed to account for:
He’d bought himself a flat. Unlike his other real estate, he’d not made specific mention of the flat in his Will, so it fell into his “everything else goes to…” clause. We can only
assume that this is what he intended – it seems likely – but specific clarification would have been preferable!
I changed my name. This was a whole five years before he died, but his Will still refers to me by my birth
name (which wouldn’t necessarily have been a problem except for the issue listed below under “State your relationships”).
I moved house. Seven times. The address for me (under my old name, remember) on my dad’s Will is one that I lived in for less than six months, and over a decade ago.
That’s a challenging thing to prove, when it’s needed! Any of the addresses I lived at in the intervening 10+ years would have been an improvement.
The ownership model of a company in which he was the founder and a large shareholder changed: whereas previously it was a regular limited-by-shares company, it had become in those
ten years an employee-owned company, whose articles require that shares are held only by employees. This posed an inheritance conundrum for the beneficiaries of these shares, for a
while, who did not want to sell – and could not legitimately keep – them. Like everything else, we resolved it in the end, but it’s the kind of thing that could have been a lot easier.
His two daughters – my sisters – became adults. If there’s somebody in your Will who’s under 18, you really ought to re-check that your Will is still accurate when they turn
18. The legacies in my dad’s Will about my sisters and I are identical, but had he died, for example, after the shares-change above but before my youngest sister became an adult, things
could have gotten very complicated.
2. State your relationships
What you should do: When you use somebody’s name for the first time, especially if it’s a family member, state their relationship to you. For example, you might
write “To my daughter, Jane Doe, of 1 Somewhere Street, Somewhereville, SM3 4RE…”. This makes your intentions crystal clear and provides a safety net in
finding and validating the identity of your executors, trustees, and beneficiaries.
What my dad did: In my dad’s Will, he doesn’t once refer to the relationship that any person has to him. This might not be a problem in itself – it’s only a safety net,
after all – if it weren’t for the fact that I changed my name and moved house. This means that I, named as an executor and a beneficiary of my dad’s Will, am not referred
to in it either my by name, nor by my address, nor by my relationship. It might as well be somebody else!
My workload has been increased significantly by the fact that I’ve had to prove my identity every time I contact somebody in my capacity as executor. Here’s why.
To work around this, I’ve had to work to prove that I was known by my old name, that I did live at that address at the time that the Will was written, and that
he did mean me when he wrote it. And I’ve had to do that every single time I contacted anybody who was responsible for any of my dad’s assets. That’s a job that gets old
pretty quickly.
3. Number every page, and initial or sign each
What you should do: If your Will runs onto multiple pages, and especially if you’ll be printing it onto multiple sheets of paper (rather than, for example, duplexing a
two-page Will onto two sides of the same sheet of paper), you should probably put page numbers on. And you should sign, or at least initial, the bottom of each page. This
helps to reduce the risk that somebody can tamper with the Will by adding or removing pages.
What my dad did: My dad’s will is only dated and signed at the end, and the pages are completely un-numbered. It clearly hasn’t been tampered with (members of the
family have seen it before; a duplicate copy was filed elsewhere; and we’ve even found the original document it was printed from), but if somebody had wanted to, it would have been a
lot easier than it might have been if he had followed this guideline. It would have also made it a lot easier when he made an even bigger mistake, below (see “Never restaple
it”).
4. Never restaple it
What you should do: Fasten the pages of your Will together with a single staple. If the staple bends or isn’t in the right place, destroy the entire Will and
re-print: it’s only a few sheets of extra paper, the planet will cope. A Will with additional staple marks looks like a forgery, because it’s possible that pages were changed
(especially if you didn’t number and/or sign every page) after the fact.
In this picture of my dad’s Will, you can see clearly the marks left from a previous stapling, alongside the actual staple. Sigh.
What my dad did: His biggest mistake in his Will (after failing to identify me in an easily-recognisable manner) was to – as far as we can see – print it, staple
it, remove the staple, and re-staple it. It was the very first thing I noticed when I saw it, and it was among the first things out lawyers noticed too. In order to ensure
that they can satisfy the Probate Registry, our lawyers then had to chase down the witnesses to the signing of the Will and get statements from them that they believed that it hadn’t
been tampered with. Who’d have thought that two little holes could cause so much work?
More?
I could have made this list longer. I originally started with a list of nine things that my dad had done when he wrote his Will that are now making my job a lot harder than it
might have been, but I cut it down to these four, because they’re the four that have caused the most unnecessary work for me.
Unless your estate is really complicated, you don’t need a solicitor to write a Will: you just need to do a little reading and use a little common sense. I’m a big fan of people doing
their own legal paperwork (hence my service to help people change their
names for free), but if you’re going to write your own Will, you might like to do half an hour’s background reading, first. This stuff is important.
When I first looked at the task of acting as my father’s executor, after his death, I thought “I can have this all wrapped up in eight months.” That was six months ago, and there’s
probably another six months or more in it, yet. I heard from a friend that they call it “The Executor’s Year”, and now I can see why. We’re getting there, but it’s taking a
long time.
Even when all the crying’s done and the bereaved are getting on with their lives, the executor’s always got more to do. So please, for the sake of your executor: check today that your
Will doesn’t make any of these four mistakes! They’ll thank you, even though you won’t live to hear it.
Before he died earlier this year, one of the last pieces of work my dad had done in his career
as a transport consultant was to visit Trent Barton bus company and make some suggestions about how the new “The Threes” service should be branded and launched. Following his death,
Trent Barton decided to honour my father’s memory by naming one of their brand new vehicles after him, and
my sister Sarah and I went up to Nottingham to attend the naming ceremony.
My sister Sarah and I at the christening of a bus named after my dad. Click the picture for the full story.
I’m not sure that they expected me to attend. I’m certain that they didn’t expect me to bring a bottle of Guinness Original with me. But I had a plan: when the moment seemed right, I
got everybody’s attention and – explaining that my dad was never really a wine drinker but enjoyed a good stout – christened the vehicle with a spray of beer.
In spite of how this photograph is staged, I decided that smashing the bottle against the front of the bus, as one might a ship, would probably make me unpopular amongst the staff,
and I opted to “shake-and-spray” it instead.
I think that this is a wonderfully fitting tribute to a man who did so much for the transport industry, and – based on the mutterings I heard at the naming ceremony – I wouldn’t be the
only one to think that perhaps other bus companies ought to have done the same! In any rate, as I joked to my sister: “My dad would have been delighted to know that now all of the young
ladies of Nottingham can ride on Peter Huntley all day.”
If you find yourself in the vicinity of Nottingham, keep an eye out for a big orange Optare Versa, registration YJ12 PKU. That’s Peter Huntley you’re
riding, too.
Further reading: another
take, including a photo of the new bus driving around.
