The 55 Words you Can’t Say in Faster Payments

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Step aside, George Carlin! Sam Easterby-Smith – who works at The Co-Operative Bank – wants to share with the world the 55 words you can’t say in a UK faster payments reference (assuming your bank follows the regulator‘s recommendations):

So you know, this list is provided by Pay.uk the uk’s payment systems regulator. This is their idea of how to protect people from abusive content sent via the payment system.

Of course (a) all abusive messages must contain one of these English words, spelled correctly and (b) people are not in any way creative.

We’ve called it out and they are making us do it anyway.

  • bastard
  • beef curtains
  • bellend
  • clunge
  • cunt
  • dickhead
  • fuck
  • minge
  • motherfucker
  • prick
  • punani
  • pussy
  • shit
  • twat
  • bukkake
  • cocksucker
  • nonce
  • rapey
  • skank
  • slag
  • slut
  • wanker
  • whore
  • fenian
  • kufaar
  • kafir
  • kike
  • yid
  • batty boy
  • bum boy
  • faggot
  • fudge-packer
  • gender bender
  • homo
  • lesbo
  • lezza
  • muff diver
  • retard
  • spastic
  • spakka
  • spaz
  • window licker
  • gippo
  • gyppo
  • golliwog
  • nigger
  • nigaa
  • nig-nog
  • paki
  • raghead
  • sambo
  • wog
  • blow Job
  • clit
  • wank

Excellent.

Mobile phone, held in a white person's hand, showing an online banking screenshot: a payment to John Smith is being configured, with the reference set as "Minge fuck slag".

The big takeaway here, for me, is that it’s okay to send you money and call you a “dick head” (so long as I put a space between the words), “fuckface”, or “shitbag”, or talk about a “blowjob” (so long as I don’t put a space between the words).

But if I send you money to pay “for the bastard sword” that you’re selling then that’s a problem.

×

UK’s secret Apple iCloud backdoor order is a global emergency, say critics

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

In its latest attempt to erode the protections of strong encryption, the U.K. government has reportedly secretly ordered Apple to build a backdoor that would allow British security officials to access the encrypted cloud storage data of Apple customers anywhere in the world.

The secret order — issued under the U.K.’s Investigatory Powers Act 2016 (known as the Snoopers’ Charter) — aims to undermine an opt-in Apple feature that provides end-to-end encryption (E2EE) for iCloud backups, called Advanced Data Protection. The encrypted backup feature only allows Apple customers to access their device’s information stored on iCloud — not even Apple can access it.

Sigh. A continuation of a long-running saga of folks here in the UK attempting to make it easier for police to catch a handful of (stupid) criminals1… at the expense of making millions of people more-vulnerable to malicious hackers2.

If we continue on this path, it’ll only be a short number of years before you see a headline about a national secret, stored by a government minister (in the kind of ill-advised manner we know happens) on iCloud or similar and then stolen by a hostile foreign power who merely needed to bribe, infiltrate, or in the worst-case hack their way into Apple’s datacentres. And it’ll be entirely our own fault.

Meanwhile the serious terrorist groups will continue to use encryption that isn’t affected by whatever “ban” the UK can put into place (Al Qaeda were known to have developed their own wrapper around PGP, for example, decades ago), the child pornography rings will continue to tunnel traffic around whatever dark web platform they’ve made for themselves (I’m curious whether they’re actually being smart or not, but that’s not something I even remotely want to research), and either will still only be caught when they get sloppy and/or as the result of good old-fashioned police investigations.

Weakened and backdoored encryption in mainstream products doesn’t help you catch smart criminals. But it does help smart criminals to catch regular folks.

Footnotes

1 The smart criminals will start – or more-likely will already be using – forms of encryption that aren’t, and can’t, be prevented by legislation. Because fundamentally, cryptography is just maths. Incidentally, I assume you know that you can send me encrypted email that nobody else can read?

2 Or, y’know, abuse of power by police.

‘All Americans legally female’: Trump invites mockery with sloppy executive order

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Obviously all of the 118 executive orders President Trump signed into effect on 20 January fall somewhere on the spectrum between fucking ridiculous and tragically fascist. But there’s a moment of joy to be taken in the fact that now, by Presidential executive order, one could argue that all Americans are legally female:

One of Trump’s order is titled “Defending Women from Gender Ideology Extremism and Restoring Biological Truth to the Federal Government.” In the definition, the order claims, “‘Female’ means a person belonging, at conception, to the sex that produces the large reproductive cell.” It then says, “’Male’ means a person belonging, at conception, to the sex that produces the small reproductive cell.”

What critics point out is the crucial phrase “at conception.” According to the Associated Press, the second “order declares that the federal government would recognize only two immutable sexes: male and female. And they’re to be defined based on whether people are born with eggs or sperm, rather than on their chromosomes, according to details of the upcoming order.”

So yeah, here’s the skinny: Trump and team wanted to pass an executive order that declared that (a) there are only two genders, and (b) it’s determined biologically and can be ascertained at birth. Obviously both of those things are categorically false, but that’s not something that’s always stopped lawmakers in the past (I’m looking at you, Indiana’s 1897 bill to declare Pi to be 3.2 exactly…).

But the executive order is not well thought-out (well duh). Firstly, it makes the unusual and somewhat-complicated choice of declaring that a person’s gender is determined by whether or not it carries sperm or egg cells. And secondly – and this is the kicker – it insists that the point at which the final and absolute point at which gender becomes fixed is… conception (which again, isn’t quite true, but in this particular legal definition it’s especially problematic…).

At conception, you consisted of exactly one cell. An egg cell. Therefore, under US law, all Americans ever conceived were – at the point at which their gender became concrete – comprised only of egg cells, and thus are legally female. Every American is female. Well done, Trump.

Obviously I’m aware that this is not what Mrs. Trump intended when she signed this new law into effect. But as much as I hate her policies I’d be a hypocrite if I didn’t respect her expressed gender identity, which is both legally-enforceable and, more-importantly, self-declared. As a result, you’ll note that I’ve been using appropriate feminine pronouns for her in this post. She’s welcome to get in touch with me if she uses different pronouns and I’ll respect those, too.

(I’m laughing on the outside, but of course I’m crying on the inside. I’m sorry for what your President is doing to you, America. It really sucks.)

Dark Patterns Detective

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

This was fun. A simple interactive demonstration of ten different dark patterns you’ve probably experienced online. I might use it as a vehicle for talking about such deceptive tactics with our eldest child, who’s now coming to an age where she starts to see these kinds of things.

Screenshot showing a basket containing a 'premium package' including several optional add-ons, with no obvious way to remove those add-ons.

After I finished exploring the dark patterns shown, I decided to find out more about the author and clicked the link in the footer, expecting to be taken to their personal web site. But instead, ironically, I came to a web page on a highly-recognisable site that’s infamous for its dark patterns: 🤣

LinkedIn screenshot showing not one but two popups to try to encourage me to log in to see more content.

×

Maybe Later

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Maybe Later

“Install update” Maybe later.

“Sign in to access this content” No.

“It’s better in the app!” Whose fault is that?

“We completely redesigned this thing you need to do your job for no good reason” Got it.

“Disable any adblocker.” Absolutely not.

I don’t know if I’m supposed to read this as a poem, but I did, and I love it. It speaks to me. It speaks of my experience of using (way too much of) the Web nowadays, enshittified as it is.

(This toot about the evolution of videogaming seems almost like a sequel. Less like a poem, though.)

But yeah, I run a fine-tuned setup on most of my computers that works for me… by working against most of the way the Web seems to expect me to use it, these days. I block all third-party JavaScript and cookies by default (and drops first-party cookies extremely quickly). I use plugins to quietly reject consent banners, suppress soft paywalls, and so on. And when I come across sites that don’t work that way, I make a case-by-case decision on whether to use them at all (if you hide some features in your “app” only, I just don’t use those features).

Sure, there are probably half a dozen websites that you might use that I can’t. But in exchange I use a Web that’s fast, clean, and easy-to-read.

And just sometimes: when I’m on somebody else’s computer and I see an ad, or a cookie consent banner, or a “log in to keep reading” message, or a website weighed down and crawling because of the dozens of tracking scripts, or similar… I’m surprised to remember that these things actually exist, and wonder for a moment how people who do see them all time time cope with them!

Sigh.

Anyway: this was an excellent poem, assuming it was supposed to be interpreted as being a poem. Otherwise, it was an excellent whatever-it-is.

Recreational programming

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

the world needs more recreational programming.
like, was this the most optimal or elegant way to code this?

no, but it was the most fun to write.

Yes. This.

As Baz Luhrmann didn’t say, despite the implications of this video: code one thing every day that amuses you.

There is no greater way to protest the monetisation of the Web, the descent into surveillance capitalism, and the monoculture of centralised social media silos… than to create things just for the hell of it. Maybe that’s Kirby eating a blog post. Maybe that’s whatever slippy stuff Lu put out this week. Maybe it’s a podcast exclusively about random things that interest one person.

The pre-corporate Web was fun and weird. Nowadays, keeping the Internet fun and weird is relegated to a counterculture.

But making things (whether code, or writing, or videos, or whatever) “just because” is a critical part of that counterculture. It’s beautiful art flying in the face of rampant commercialism. The Web provides a platform where you can share what you create: it doesn’t have to be good, or original, or world-changing… there’s value in just creating and giving things away.

(And, of course, the weirder the better.)

A Friend Used AI to Wish me Happy Birthday

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

“I was sincere! I wanted to tell you happy Birthday but I wanted to have AI do it.”

“Why?” I shot back, instantly annoyed.

“Because I didn’t know how to make it lengthy. Plus, it’s just easier.”

I felt as if I’d been punched in the gut. I just sat there, stunned. The last sentence repeating itself in my head.

It’s just easier. It’s just easier. It’s. Just. Easier.

Robert shares his experience of receiving a birthday greeting from a friend, that had clearly been written by an AI. The friend’s justification was because they’d wanted to make the message longer, more easily. But the end result was a sour taste in the recipient’s mouth.

There’s a few things wrong here. First is the assumption by the greeting’s author (and perhaps a reflection on society in general) that a longer message automatically implies more care and consideration than a shorter one. But that isn’t necessarily true (and it certainly doesn’t extend to artificially stretching a message, like you’re being paid by the word or something).

A second problem was falling back on the AI for this task in the first place. If you want to tell somebody you’re thinking of them, tell somebody you’re thinking of them. Putting an LLM between you and then introduces an immediate barrier: like telling your personal assistant to tell your friend that you’re thinking of them. It weakens the connection.

And by way of a slippery slope, you can imagine (and the technology has absolutely been there for some time now) a way of hooking up your calendar so that an AI would automatically send a birthday greeting to each of your friends, when their special day comes around, perhaps making reference to the last thing they wrote online or the last message they sent to you, by way of personalisation. By which point: why bother having friends at all? Just stick with the AI, right? It’s just easier.

Ugh.

Needless to say: like Robert, I’d far rather you just said a simple “happy birthday” than asked a machine to write me a longer, more seemingly-thoughtful message. I care more about humans than about words.

(It’s not my birthday for another month, mind.)

kirby vs. this blog post

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

A cute use of Javascript to make a fun post more-fun, helping to keep the Internet fun and weird.

I want to do more crap like this.

But meanwhile, I should show this post to my 8-year-old, who recently finished playing through a Kirby game and won’t stop talking about it. He might appreciate it, but perhaps in a different way to me.

Balance bikes are just better

if [the option of a balance bike] isn’t available, you can convert a normal bike into a balance bike by removing the pedals and lowering the seat. Once the kids has learned how to balance as they roll, add the pedals, raise the seat, and watch them go.

An excellent suggestion from fellow RSS Club member Sean McP (he’s been full of those lately; I’ve been enjoying encouraging drivers through our village to slow down by smiling and waving, too).

Like Sean, I learned to ride a bike using training wheels (“stabilisers” on this side of the pond). Unlike him, I didn’t have any trouble with them, and so when I came to hear about balance bikes as an alternative learning approach I figured they were just two different approaches to the same thing.

But when our eldest learned using stabilisers, she really struggled, and only eventually “got it” with an un-stabilised bike and lots and lots of practice. It’s true what Sean says: for most children, learning to balance atop a bicycle is harder than learning to pedal and/or steer, so that’s the bit we should be focussing on.

Our youngest is (finally) ready and keen to learn to cycle, and so I’m thinking that when I get him his first bike (maybe for Christmas!) I’ll get him one that, were I to put the seat into its lowest position and remove the pedals, he could use as a balance bike for a day or two to get the feel of the thing before re-attaching them and letting him try the full experience.

Cable Car Marquee

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Was playing around with some HTML and made a cable car for my page. Hmh.

Beautiful. It feels like it ought to have been wrapped in a HTML Web Component, maybe called <cable-car>, with progressive enhancement bonus features (maybe it’ll only run during daylight hours? or when the wind isn’t too fast?)?

But really: I can’t fault this. Beautiful.

Build Colors from Colors with CSS Relative Color Syntax

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

The feature here is that you can take a color you already have and manipulate its components. Which things you can change vary by the color space you choose, so for an RGB color you can change the red, green, blue, and alpha channels, for an HSL color you can change hue, saturation, lightness, and alpha, and for my beloved OKLCH you can change lightness, chroma, hue, and yes, opacity.

The syntax if you wanted to use this and not change anything about the color is:

oklch(from var(--color) l c h / 1)

But of course you can change each component, either swapping them entirely as with this which sets the lightness to 20%:

oklch(from var(--color) 20% c h / 1)

This is really something. I was aware that new colour functions were coming to CSS but kinda dropped the ball and didn’t notice that oklch(...) is, for the most part, usable in any modern browser. That’s a huge deal!

The OKLCH colour model makes more sense than RGB, covers a wider spectrum than HSL, and – on screens that support it – describes a (much) larger spectrum, providing access to a wider array of colours (with sensible fallbacks where they’re not supported). But more than that, the oklch(...) function provides good colour adaptation.

If you’ve ever used e.g. Sass’s darken(...) function and been disappointed when it seems to have a bigger impact on some colours than others… that’s because simple mathematical colour models don’t accurately reflect the complexities of human vision: some colours just look brighter, to us, thanks quirks of biochemistry, psychology, and evolution!

This colour vision curve feels to me a little like how pianos aren’t always tuned to equal-temper – i.e. how the maths of harmonics says that should be – but are instead tuned so that the lowest notes are tuned slightly flat and the highest notes slightly sharp to compensate for inharmonicity resulting from the varying stiffness of the strings. This means that their taut length alone doesn’t dictate what note humans think they hear: my understanding is that at these extremes, the difference in the way the wave propagates within the string results in an inharmonic overtone that makes these notes sound out-of-tune with the rest of the instrument unless compensated for with careful off-tuning! Humans experience something other than what the simple maths predicts, and so we compensate for it! (The quirk isn’t unique to the piano, but it’s most-obvious in plucked or struck strings, rather than in bowed strings, and for instruments with a wide range, of which a piano is of course both!)

OKLCH is like that. And with it as a model (and a quick calc(...) function), you can tell your CSS “make this colour 20% lighter” and get something that, for most humans, will actually look “20% lighter”, regardless of the initial hue. That’s cool.

I spent way too long playing with this colour picker while I understood this concept. And now I want to use it everywhere!

3D Workers Island

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Fake screenshot of Internet Explorer 6 showing 3dwiscr.com/what.html, a web page about a freeware screensaver.

If you’ve come across Tony Domenico’s work before it’s probably as a result of web horror video series Petscop.

3D Workers Island… isn’t quite like that (though quick content warning: it does vaugely allude to child domestic abuse). It’s got that kind of alternative history/”found footage webpage” feel to it that I enjoyed so much about the Basilisk collection. It’s beautifully and carefully made in a way that brings its world to life, and while I found the overall story slightly… incomplete?… I enjoyed the application of its medium enough to make up for it.

Best on desktop, but tolerable on a large mobile in landscape mode. Click each “screenshot” to advance.

Bluesky and enshittification

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Any system where users can leave without pain is a system whose owners have high switching costs and whose users have none. An owner who makes a bad call – like removing the block function say, or opting every user into AI training – will lose a lot of users. Not just those users who price these downgrades highly enough that they outweigh the costs of leaving the service. If leaving the service is free, then tormenting your users in this way will visit in swift and devastating pain upon you.

There’s a name for this dynamic, from the world of behavioral economics. It’s called a “Ulysses Pact.” It’s named for the ancient hacker Ulysses, who ignored the normal protocol for sailing through the sirens’ sea. While normie sailors resisted the sirens’ song by filling their ears with wax, Ulysses instead had himself lashed to the mast, so that he could hear the sirens’ song, but could not be tempted into leaping into the sea, to be drowned by the sirens.

Whenever you take a measure during a moment of strength that guards against your own future self’s weakness, you enter into a Ulysses Pact – think throwing away the Oreos when you start your diet.

Wise words from Cory about why he isn’t on Bluesky, which somewhat echo my own experience. If you’ve had the experience in recent memory of abandoning an enshittified Twitter (and if you didn’t yet… why the fuck not?), TikTok, or let’s face it Reddit… and you’ve looked instead to services like Bluesky or arguably Threads… then you haven’t learned your lesson at all.

Freedom to exit is fundamental, and I’m a big fan of systems with a built-in Ulysses Pact. In non-social or unidirectionally-social software it’s sufficient for the tools to be open source: this allows me to host a copy myself if a hosted version falls to enshittification. But for bidirectional social networks, it’s also necessary for them to be federated, so that I’m not disadvantaged by choosing to drop any particular provider in favour of another or my own.

Bluesky keeps promising a proper federation model, but it’s not there yet. And I’m steering clear until it is.

I suppose I also enjoyed this post of Cory’s because it helped remind me of where I myself am failing to apply the Ulysses Pact. Right now, Three Rings is highly-centralised, and while I and everybody else involved with it know our exit strategy should the project have to fold (open source it, help charities migrate to their own instances, etc.) right now that plan is less “tie ourselves to the mast” than it is “trust one another to grab us if we go chasing sirens”. We probably ought to fix that.

The Time Travel Movie That Doesn’t Move

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

When I saw the title of this piece by The Nerdwriter pop up in my RSS reader, the first words that grabbed my attention were “time travel movie”. I’ve a bit of a thing for time travel stories in any medium, and I love a good time travel movie1. Could I be about to be introduced to one I’m not familiar with, I wondered?

Before the thumbnail loaded2, I processed the rest of the title: the movie doesn’t move. At first my brain had assumed that this was a reference to the story spanning time but not space, but now suddenly it clicked:

We’re talking about La Jetée, aren’t we?

Like many people (outside of film students), I imagine, I first came across La Jetée after seeing it mentioned in the credits of Twelve Monkeys, which adapts its storyline in several ways. And like most people who then went on to see it, I imagine, I was moved by that unforgettable experience – there’s nothing quite like it in the history of film (if we’re to call it a film, that is: its creator famously doesn’t).

Anyway: Nerdwriter1’s take on it doesn’t say anything that hasn’t already been said, but it’s a beautiful introduction to interpreting this fantastic short film and it’s highly-accessible whether or not you’ve seen La Jetée3. Give his video essay a watch.

Footnotes

1 Okay, let’s be honest, my feelings go deeper than that. Time travel movies are, for me, like pizza: I love a good time travel movie, but I’ll also happily enjoy a pretty trashy time travel movie too.

2 Right now I’m in a rural farm building surrounded by olive groves in an out-of-the-way bit of Spain, and my Internet access isn’t always the fastest. D’ya remember how sometimes Web pages used to load the text and then you’d wait while the images loaded? They still do that, here.

3 There’s spoilers, but by the time a film is 60 years old, I think that’s fair game, right?