Blog

Ending on a High

For the final week of his 52 Reflect series and as a way to see off the year, Robin and I spent the last weekend of the year near Fort William to facilitate a quick ascent of Ben Nevis. My previous expedition to Britain’s highest point was an excuse for some ice climbing but I hadn’t actually come up the “path” route since an aborted expedition in 2009.

Dan and Robin atop Ben Nevis
Probably should have wiped the snow off the lens.

Somehow in the intervening years I’ve gotten way out of practice and even more out of shape because our expedition was hard. Partly that was our fault for choosing to climb on one of the shortest days of the year, requiring that we maintain a better-than-par pace throughout to allow us to get up and down before the sun set (which we actually managed with further time in-hand), but mostly it’s the fact that I’ve neglected my climbing: just about the only routine exercise I get these days is cycling, and with changes in my work/life balance I’m now only doing that for about 40 miles in a typical week.

Robin with the GCG6XD, the Ben Nevis summit geocache
My ongoing efforts to get Robin into geocaching continue to succeed: ice somewhat hampered us in our search for the cache nearest the summit but we got there in the end.

For the longest time my primary mountaineering-buddy was my dad, who was – prior to his death during a hillwalking accident – a bigger climber and hiker than I’ll ever be. Indeed, I’ve been “pushed on” by trying to keep up with my father enough times that fighting to keep up with Robin at the weekend was second nature. If I want to get back to the point where I’m fit enough for ice climbing again I probably need to start by finding the excuse for getting up a hill once in a while more-often than I do, first, too. Perhaps I can lay some of the blame for my being out of practice in the flat, gentle plains of Oxfordshire?

Dan ascending Ben Nevis
I’d have loved to have gotten a shot of me actually managing to get some use out of my crampons, but by that point visibility wasn’t great and we were rather cold and wet to be stopping in a wind to take photographs. So this rocky stretch will have to do.

In any case, it was a worthwhile and enjoyable treat to be able to be part of Robin’s final reflection as well as to end the year somewhat-literally “on a high” by seeing off 2018 in the Scottish Highlands. If you’ve not read his blog about his adventures of the last 52 weekends, you should: whether taking a Boris Bike from Brixton to Brighton (within the rental window) or hitching a ride on an aeroplane, he’s provided a year’s worth of fantastic stories accompanied by some great photography.

And now: time for 2019.

× × ×

Note #12736

Virgin Media password form, requiring 8-10 characters

2004 called, @virginmedia. They asked me to remind you that maximum password lengths and prohibiting pasting makes your security worse, not better. @PWTooStrong

In more detail:

  • Why would you set an upper limit on security? It can’t be for space/capacity reasons because you’re hashing my password anyway in accordance with best security practice, right? (Right?)
  • Why would you exclude spaces, punctuation, and other “special” characters? If you’re afraid of injection attacks, you’re doing escaping wrong (and again: aren’t you hashing anyway?). Or are you just afraid that one of your users might pick a strong password? Same for the “starts with a letter” limitation.
  • Composition rules like “doesn’t contain the same character twice in a row” reflects wooly thinking on that part of your IT team: you’re saying for example that “abababab” is more-secure than “abccefgh”. Consider using exclusion lists/blacklists for known-compromised/common passwords e.g. with HaveIBeenPwned and/or use entropy-based rather than composition-based rules e.g. with zxcvbn.
  • Disallowing pasting into password fields does nothing to prevent brute-force/automated attacks but frustrates users who use password managers (by forcing them to retype their passwords, you may actually be reducing their security as well as increasing the likelihood of mistakes) and can have an impact on accessibility too.
  • Counterarguments I anticipate: (a) it’s for your security – no it’s not; go read any of the literature from the last decade and a half, (b) it’s necessary for integration with a legacy system – that doesn’t fill me with confidence: if your legacy system is reducing your security, you need to update or replace your legacy system or else you’re setting yourself up to be the next Marriott, Equifax, or Friend Finder Network.
  • It’s definitely not the first time you’ve been told. Get your act together.

Note #12733

12-sided die with multiple "0" stickers placed over the sides

“All #boardgames can be legacy games if you want it enough!” – @fleeblewidget, after drunkenly stumbling upon @thegodzillagirl’s label maker.

×

Note #12728

Dan & Robin at the summit of Ben Nevis

Summit of Ben Nevis with Robin (on almost the shortest day of the year) to finish off his 52 Reflect project.

×

Dan Q found GCG6XD Britain’s highest Geocache

This checkin to GCG6XD Britain's highest Geocache reflects a geocaching.com log entry. See more of Dan's cache logs.

Found today at 11:30 with Robin, whose ascent marked his final expedition this year as part of his 52reflect.com project. I’ve been up here many, many times before since this cache was placed (and some before) but only this time taken the effort to find and sign. TFTC!

Making single color SVG icons work in dark mode

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

In a project I work on, we had a couple of buttons that consisted of just icons (with visually hidden help text). The awesome QA engineer I worked with, found some of those did not show up in dark mode, which rendered the buttons unusable for users of that mode. Using inline SVGs with currentColor fixed the issue.

This is neat. I’m not yet convinced of how wise it is for an operating system preference (dark mode) to be exposed via its browser, but I can see the logic. And I approve of the fact that CSS can be used to interrogate it. But really what I like about this article is the demonstration of how currentColor propogates even into inline SVGs: that’s neat, and a good observation by the author of the linked article.

So, a shipment of crickets for the lizard arrived via FedEx today…

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

So, a shipment of crickets for the lizard arrived via FedEx today. It was my first time ordering bulk crickets off the internet, and I naively assumed that they would be in like, a bag or some other contraption to facilitate easy transfer to another container. They were not.

They were in a cardboard box. And I cut the tape and opened the box and SURPRISE! Crickets everywhere. It was the middle of the workday and I didn’t have time to deal with cricket logistics, so I put the tape back on the box.

And then I put the box in the upstairs bathroom, the only semi-contained place in the house where I knew the kids and the cats and the dogs wouldn’t be able to get at the box and tear it open and unleash 250 hungry crickets into our warm, semi-humid environment.

About 20 minutes later I’m back at work on my computer, and I hear my wife in the kitchen: “where are these goddamn crickets coming from.” I freely admit I had not kept her fully up-to-date on my cricket purchasing plans.

And at first I was like “okay, maybe one or two got out when I initially opened the box. No biggie.” I kept working.
With the benefit of hindsight, this was a mistake.

I’m trying to wrap up a story but I keep hearing cricket-related exclamations coming from the kitchen. Eventually I get up to investigate. I say, “So uh the crickets got here toda–”

“I REALIZE THAT,” she says. “WHY ARE THEY ALL OVER THE KITCHEN”

I say “That’s a good question. Let me check something.” I walk over to the bathroom. I open the door. There are crickets. Everywhere.
Crickets on the floor. Crickets on the walls. Crickets in the sink. Crickets in the toilet.

For some reason my first instinct is to flush the toilet, as if that will do anything to solve the problem of crickets in all the other places that were not the toilet. I shut the door. “Uh, don’t come in here!” I try to sound cheerful.

Apparently I had not sealed the box shut as well as I should have. I ended up rushing out to the shed, in the 18″ of snow and below zero temperatures, to pick up a spare aquarium we had. I spent about 45 minutes collecting crickets from the bathroom.

Of course by this point many had migrated elsewhere. They were in the closet. In the shoes. Making their way downstairs to the playroom. The cats were having what I can only imagine was the greatest day of their lives.

I tried to collect all of them. It was like the world’s shittiest game of Pokemon. But here we are, roughly 10 hours after the initial catastrophe, and stray crickets are still turning up in odd places.

I make this information public because if I do not send any tweets tomorrow, it is because my wife murdered me after finding a cricket in our bed in the middle of the night.

And that’s the news from Red Lake Falls.
Good afternoon everyone.

I’m pleased to report that I’m still alive, and that my marriage is still intact! You all had so much fun with this that my editor made me turn it into a story, which I present to you here, as a sort of director’s cut of this thread.

To all you monsters who demanded photos of the infestation: believe it or not, while a horde of crickets was marauding through my house I did not think to whip out my phone and start snapping pics

I mean, can you imagine?
Wife: THERE’S A CRICKET IN MY PUMPKIN PIE
Me: This is tremendous content, where’s my phone

But I’m glad you all enjoyed our suffering, we’ve been laughing our asses off at your responses all day which almost makes it all worth it. To my new followers, I look forward to disappointing you in 2019.

Speaking as somebody who’s previously managed to accidentally infest a house with crickets, I feel this guy’s pain. We tried to ignore ours, thinking that they’d die out in the winter, but instead they just huddled into the warmest, least-accessible places in the house, such as under the fireplace and the fridge-freezer, and continued their incessant chirping. It was only when we started putting down ant poison that we began to bring the plague under control.

Note #12726

How did our parents cope with just I-spy and 99 green bottles on -hour journeys? This is definitely the way to hypnotise kids in the car!

×

Additional Processors

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Computerphile at its best, here tackling the topic of additional (supplementary) processors, like FPUs, GPUs, sound processors, etc., to which CPUs outsource some of their work under specific circumstances. Even speaking as somebody who’s upgraded a 386/SX to a 386/DX through the addition of a “math co-processor” (an FPU) and seeing the benefit in applications for which floating point arithmetic was a major part (e.g. some early 3D games), I didn’t really think about what was really happening until I saw this video. There’s always more to learn, fellow geeks!

An Honest Stock Market Update

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

NEW YORK — Stocks gained momentum on Monday, with the Dow Jones Industrial Average closing up 48 points, reversing losses from last week’s decline.

Experts hailed both moves as a “remarkable, textbook example of pure statistical chance,” chalking up Monday’s gains to a couple random marginal buyers being slightly more motivated than a few random marginal sellers.

“Imagine you pick 1 million random people from around the world every day,” said Toby McDade, chief investment officer of Momentum Fee Capital Management. “Some days, 51% would be in a good mood, 49% in a bad mood. The next day maybe it’s the opposite. Other days, random chance could mean 8% of people are really pissed off for no real reason. This is basically what the market is on a day-to-day basis,” he said.

Satire, obviously, but it might as well not be. I’ve long maintained that nobody, not even (and perhaps especially) economists, understand economics. It’s a fundamentally chaotic system and at best your years of training and practice on the stock market will give you the edge over a layperson; the fact that some people appear to be doing better is most-often a result of the fact that those who’ve been lucky historically are more-likely to stay in the game for long enough for you to observe how lucky they’ve been (I’m reminded of the old “tipster scam” where a scammer would send guesses as horse racing tips for free, and then to the people to whom the scammer had by chance sent good tips they’d charge for future tips, with increasing cost for the punter the more times the scammer had gotten lucky by chance).

But enough of my ranting. Go read this funny article.

100 Years of Periods

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Bitesize introduction to the (mostly-unspoken) history of the last century of sanitary products. It wasn’t so long ago – still within living memory! – that doctors’ advice was not to exercise during your period and that sanitary products had to be packaged in plain containers so as not to embarrass buyers nor sales assistants. Humans have had a long and complicated relationship with menstruation but the largest and fastest period (no pun intended) of cultural change has been only recently, and we now live in a world divided by a huge diversity of opinion and philosophy on the subject. This video covers only a fraction of the story of the recent (Western) social change, but it’s still a strong reminder of how far we’ve come as a culture.

Brixton To Brighton By Boris Bike

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Boris Bike on the road to Brighton

The Boris bike is a magical creature – aptly named after the former mayor of London ‘Boris Johnson’. I say aptly because the bikes are heavy, chunky, provide the absolute bear minimum service and they are expensive to the public.

At £2 per half hour and with 55 miles ahead of us this was ultimately a race against time, with neither Sergio or I having any experience of long distance bike-riding we trundled off up Brixton Hill and into the uncertainty of the day.

Another epic chapter in Robin’s year of “52 Reflect”, bringing us ever closer to the end of his year. I particularly enjoyed the part of this story where the duo are stopped by the cops who assume that the Boris bikes they’re riding so-far-from-London have been stolen! (After all, why would anyone in their right mind ride a Boris bike all this way out of the city?).

×

Note #12678

Netflix ask if I'm on WhatsApp for the billionth time.

No, @NetflixUK, I don’t want you to WhatsApp me. I never want you WhatsApp me. Why do you ask me every time? No means no.

×