Monday 28 August 2017


Back in 1983, I had a Sinclair Spectrum, and so did a friend of mine, Mike. We played various games, investigated the internals a bit, and often lunched togather.

One day, after lunch, Mike asked me to come up to his office. He showed me the office computer, an IBM PC, and it was running Lotus 123, which was by far the best speadsheet at the time. And he showed me what he'd done on this. There were inputs, formulae and outputs, and he showed me how changing the input data, led to the outputs changing. His fingers flew over the keyboard, and I quickly lost track of what he was doing, but one thing was clear to me - this was actually a program.

My friend Mike, who was totally a non-programmer, had written a program, and he was obviously very proud and pleased with what he'd done. On the basis of this, I thought that a *lot* of people would want Lotus 123, and the IBM PC to run it on. And on that basis, I acquired one for myself, brought it home, and started writing software on it - that was how S & S Enterprises (later renamed S & S International, the Dr Solomon's Software) got started. Our first product was a £ sign for the spreadsheet - yes, the UK version of Lotus 123 could not do a pound sign. We sold it mail order for £10, and the business took off like a rocket.

But, back to spreadsheets. What we have now, is millions and millions of people writing programs. They call them "spreadsheets", of course, but they are actually programs, and the usual rules about programming and programs apply. Which, of course, most of these people are unaware of.

Accountants, lawyers, doctors and architects, all happily writing programs. It makes my toes curl.

Because 88% of these speadsheets have errors.

I have no idea what to do about this. If you google, you'll find articles like "17 Common Spreadsheet Mistakes" and "Stupid errors in spreadsheets could lead to Britain's next corporate disaster". Google will turn up some guidance, such as "10 Common Spreadsheet Mistakes You're Probably Making" (which makes me want to grab the guy who wrote that headline and explain that you Do Not Capitalise Every Word in a sentence) and "12 COMMON SPREADSHEET ERRORS".

But none of that really helps, because people who aren't programmers, haven't yet discovered one of programming's important lessons - everyone makes mistakes. And the more unreadable your code is, the more likely you are to get things wrong (spreadsheets are about as unreadable as you can get, with variable names like ad43 and z28 iinstead of $vatrate and $discount). The people creating these spreadsheets are blissfully unaware of the possibility of error ("it must be right, I did it myself"), or how to go seek for errors. They've not heard of edge conditions, or intermediate results. They won't hand-calculate a few outputs, or try unusual inputs.

And that's before we start thinking about macros, which are written in a language called "Visual Basic for Applications".

How many people setting up VBA macros (they call them macros, they're actually programs, but Microsoft doesn't want to frighten people) have had any VBA training?


I had a dream

It doesn't have to make sense - it's a dream.

When I start my car, I have to press the brake pedal and push the start button. But this time, when I pressed the brake pedal, it went down freely, no resistance. So I had no brakes!

I knew that this was because I'd was without brake fluid. Fortunately, I carry some in my boot, so I poured the contents of the bottle into the brake fluid container, but there wasn't enough. I needed more. So I got my bike out of the back of the car, and pedalled to the nearest garage, where I bought a bottle of brake fluid. I biked back to the car, and used that to fill up the brake fluid reservoir.

And then I woke up.

Actually, I don't carry a bottle of brake fluid, but I do carry a spare can of diesel, a jump-starter battery and an good kit of tools.

Thursday 24 August 2017

Too many customers

Yet another company has too many customers.

Every three months, I have to get an outside computer to scan my network for security issues, in order to be compliant with the PCIDSS, which you have to be in order to accept and process credit cards. So on August 18, I put in the request for a scan.

I happen to know how this works - they run a program like Nessus which checks for known issues. It takes a few minutes to run, and it's entirely automated.

As of August 24, my request is still in the queue, waiting patiently for its turn. So I contacted Saferpayments using the online chat. The person chatting with me told me that I'd get an email when it's finished. I already knew that. I asked what the problem is; apparently this is caused by there being a "heavier than expected workflow", meaning "we have too many customers".

So I called Worldpay to complain. After navigating through an annoying menu system, and listening to "your call is important to us" for several minutes, I got through to a human. He listened to what I had to say, and told me that I needed to talk to Saferpayments, and he's transfer me. "Before you do, what's their number?" I've been here before. The call transfer resulted in several minutes of complete silence, so I hung up and dialled the number he gave me, which was Saferpayments. So there was another annoying menu system, and more hold (in which I was told repeatedly that the queue was 3 minutes and 42 seconds long, which didn't fool me at all because I know that there is no way they can know how long the ongoing calls are going to take, and then suddenly I went from 3 minutes 42 seconds, to talking to a human, hurrah. Who listened to my story, and told me that I was talking to the wrong people, and I needed to talk to someone at Worldpay, and he gave me the number that I had called in the first place.

So I explained this to him, and that I was unwilling to be tossed back and forth between them like a tennis ball, and what I want is for Saferpayments and Worldpay to get their heads together, fight it out over who I ought to be talking to, and then call me back with that information. He agreed.

You'll have guessed by now, and if you've had any experience of these jobsworths, that no such phone call came back to me.

So I called back the next day, to Worldpay. I fumed my way through the menus and hold music, and spoke to a different person - you never get to talk to the same person twice. This time there was a new treat in store for me; after several minutes carefully explainng the problem the line went dead. So I called back again, getting yet another person, and now I had two complaints. The dead line, and the sluggish scanning system.

More menus. More hold music. The security questions yet again. And then I explained that I wasn't asking for any information, because I knew he didn't have any for me. Or any action, because I knew there was nothing he could do. My objective now was to explain to Worldpay that I entirely understood and sympathised with their problem of having two many customers, and I have two proposals that might help.

The first would be to reduce their customer load by one. I explained that if I had a customer who asked me for some important (important to them, because I knew that my servers were secure, it was Worldpay who required the scan) service, and after six days I hadn't even started  to provide it, then I too would be facing life with one fewer customer.

The other suggestion I had, was equally simple. These scans are done by a computer, and are entirely automated. My ingenious proposal to Worldpay, was that they should purchase a secnd computer, thus, for an outlay of a mere couple of thousand pounds, doubling their capacity to do scans, and creating the capacity to be able to handle the number of custmers that they had. I didn't bother to explain that they could even enlarge on this idea by purchasing a third computer, because obviously the notion of a second computer hadn't occurred to them, and would take considerable time to get budget approval and work its way through the manifold committees that comprise Worldpay.

"Actually, it's Saferpayments that do the scanning," he said. "Yes," I said, "now that you've pointed this out I can see that my proposal was naive and stupid. Hmm. If only there were some way to modify my idea so that it could indeed prevent the embarassment of having to admit that you have too many customers."

My complaint is now lodged with Worldpay, and I can expect that some time within the next several weeks, I'll get an email which will consist of several paragraphs that, in summary, will boil down to the words "go away".

I am honoured

I am one of the Select Few who have been chosen, on account of my tremendous geocachingness, to place a "Virtual Reward" cache. This is a cache without a container to find; you go to the relevant location, and to prove you've been there, you have to answer a question (and it needs to be something you can't answer from the internet).

Virtuals have been haram since 2005 (although existing ones were allowed to persist). But Groundspeak has revived the idea, except that the hoi polloi can't place them. Only one of the Chosen People can place such a cache, and only one per person. I'm one of the Few.

The irony. I don't actually like virtuals, I like finding an actual container.

So it had better be a good one.

So where will I put my "Virtual Reward" cache? I don't know yet. But I'm thinking that maybe I'll do a multi; you'll have to visit various locations to gather information and only when you put all that together will you find out the final location (there's a few in London like that). Or I'll do an Earthcache (which is a virtual, except that it has to be geothingish) that, when found, tells you where the "Virtual Reward" is. Or  I'll do a puzzle, and solving it will give you the coords and the other information that youll need to find the Virtual.

I don't think anyone has done a really complicated virtual before - if they have, I don't know about it. So, with any luck, this will be unique, and talking about it in this blog won't give away the secret, because only a handful of people read this blog, and they're all sworn to secrecy.

The final location will have to be somewhere amazing. The North Pole? The peak of Everest? Tranquility Base?

Readers of this blog are invitied to make suggestions.

Saturday 19 August 2017

Daedelus demise

The best page in every issue of New Scientist, was the page written by Daedelus, describing the latest invention or product from Dreadco. The nuclear-powered pogo stick and the black-hole garbage disposal appliance were his invention, and who can forget his proposal to measure the speed, spin and direction of a human soul, both before birth and after death. And, of course, the unridable bicycle.

David Jones, gone but not forgotten.

Friday 18 August 2017

How to repeal and replace Obamacare

 Repeal and replace Obamacare.

This is the Holy Grail that Trump promised (and he said he had a cunning plan during the electoral process). The cunning plan turned out to be "dump the problem on Congress". And it all went downhill from there. They called it the "American Care Act". The Democrats voted solidly against it, so it only took a few Republicans to think it didn't go far enough, or it went too far, and the plan ended up in the "too difficult" drawer.

But it can be done.

First, a few prelimiaries. 

Medicare is a healthcare program, paid for out of taxes, that covers people who are 65 or more, certain younger people with disabilities, and people with End-Stage Renal Disease, which sounds pretty dreadful and I hope I never find out what it is. Medicare comes in four parts; A is hospital coverage, B is ... well, read it here. Part A costs you $451 per month = $5412/year. To get part B (which also gets youC and D), you pay $105 per month = $1260 per year. So the whole package is $6672/year.

But there there's "deductibles"  (you pay extra if you actually go to hospital), and there's coinsurance (co-pay). Yes, it gets complicated.

55 million people are on Medicare. The Medicare budget in 2017 is $709 billion

Medicaid is for anyone who is low-paid, if you feel low-paid, then google for details, maybe you qualify. 74 million people are on Medicaid; Obamacare expanded Medicaid as of 2014. Oh, and 9 million are on both Medicare and Medicaid. The Medicaid budget in 2017 is $553 billion.

And then there's Obamacare, the Patient Protection and Affordable Care Act, also called the Affordable Care Act or ACA. After you've read that explanation, maybe you can explain it to me, because it's much too complicated for my tiny brain, which probably means that it's *far* too complicated for politicians, who often struggle to comprehend how arithmetic works. Obama said it would cost $94 billion per year, this is disputed. And I can't work out who pays what. No wonder there's controversy. The CBO, which is supposed to be non-partisan, say $134 billion per year. I'll take that figure.

And finally, if you're a Veteran, you can go to The Veterans Health Administration (VHA).  The Veterans (VHA) budget is $68 billion

So I added all these up. It comes to $1464 billion, which works out at $4531 per head, since there are 323.1 million Americans (I'm ignoring the detail that some Americans are older than others).

So that's what the government pays - that means that this much comes out of taxation. In addition, there's all the co-pays and deductibles, and additional insurance paymens made by people in these plans, and I haven't even tried to estimate how much that adds to the total, because it's just too complicated. And to that, you should add the money spent by Americans on the various privately-run insurance schemes. Aetna, for example has a revenue of $63 billion, Anthem takes in $85 billion and Met Life gets $70 billion. And that's just three companies of many. I could have included those in my total, but I didn't.  I don't need to dip into the healthcare insurance company revenues to make the case I'm making.

How good is American healthcare?

How do you measure how good a healthcare system is? I don't care how many CAT scanners you have, or how much profit is made by the healthcare companies. What matters to me, and what should matter to you, is the outcome. Are you healthier? But it's difficult to measure "healthiness". Do you live longer? Ah, now that we can measure. So I will.

It's always tricky to compare countries, but there's a few things that are comparable. The first of these is the mortality rate for under-fives. In the USA, that's 6500 per million, in the UK it's 4200. Please try to imagine a pile of 2300 dead toddlers.

And there's also infant mortality; deaths per million live births. USA is 5800, UK is 4300. So now imagine a heap of 1500 dead babies.

My older daughter is about to have a baby. It's all very exciting, and eagerly anticipated, but a couple of weeks ago we had a family discussion about "what if". Because giving birth is not without risk. In the USA, there's 21 mothers dying of pregnancy or complications, per 100,000. In the UK, that's 12 per 100,000. So that's 75% more in the USA - I'm glad that my daughter is in the UK!

And life expectancy in the USA is 78.8 years. In the UK that's 81.1, that's 2.3 extra years. Nice!

And on average, 643,000 Americans declare bankrupcy per year owing to medical bills. You break a leg - you lose everyting you own. And each of those 643,000 has a family.

I've compared with the UK, but if you follow the links, you'll see just how poor US health outcomes are compared with a great many countries. Look at the rankings, and ask yourself, why isn't American healthcare the best in the world? Because it really ought to be. Because the USA is a highly educated, prosperous and technologically advanced society, that spends a lot more per head on health care than any other country.

Compare that with the UK.

So that's public healthcare in the USA. And I'd like to compare that with public healthcare in the place I know best, the UK.

 The NHS budget is £124 billion, which is $161 billion, and works out at $2453 per head.
For that cost, UK citizens get healthcare, period. And pretty much everything is free (meaning, paid for out of taxation). A medication prescription costs $11, and if you're getting a lot of pills, you can pay $38 to cover all the charges for three months. But there's a lot of people get presciptions for free; I do, because I'm over 65 (also cancer patients, pregnant women, and so on). You also pay extra for dental work; $27 for routine stuff, $73 if you need a filling or root canal. Hospitals are free - I've never paid for any hospital visit. And there's a thing called the "Small injuries unit" which I've been to for a nasty scalp cut and before that for a splinter under my fingernail that I just couldn't get out. A nice nurse cleaned up the scalp cut and then glued it (apparently they prefer to use glue for small stuff). Another nice nurse got the splinter out while I shut my eyes and tried not to scream.  In my experience, you turn up and they just deal with it, 24/7. I get free spectacles and have for the last 60 years, although I can pay extra to get designer frames. And when my free biennial vision test discovered excessive pressure in my left eyeball, diagnosis and treatment has been free (a drop in my eye each morning seems to have fixed it).

Oh, and doctor's appointments are free. And I don't see how anyone in the UK could be bankrupted by medical bills.

And I don't think that the UK is exceptionally good. Yes, the NHS is good, but I've heard very good reports of the French system, and Germany was the first country to move to universal healthcare, in 1883.

The American Health Service 

So right now, Americans are paying twice as much as people in other countries, for an inferior health outcome.

So let's imagine a service which I'm going to call the American Health Service, AHS. It's free at point of need (with maybe a few exceptions, as above) and it's paid for out of taxation. If it costs the same as in the UK (I'll discuss this later) then that would be $2453/head, $793 billion per year. Which is a saving of $671 billion per year, and if you put that back into the pockets of the taxpayer, that's $2078 per person, which would be $8312 for a family of four. Tax cuts!

So all Americans would get healthcare to a high standard, wouldn't have to raid their income for health insurance, no co-pay, no deductibles, no cap on spending (sorry, you're only covered up to $1m, your insurance ran out, please die quietly now). And no "pre-existing condition". The way it works is, if you're sick, then you get treated.

Sounds good. Sounds very good. In fact, it sounds too good to be true! So where's the catch? How can you get univeral healthcare at cost of about half of what you're already paying?

There's two reasons why universal single-payer healthcare is so much cheaper.

The first is the cost of medication. 

A recent Trump tweet said “Now that Ken Frazier of Merck Pharma has resigned from President's Manufacturing Council,he will have more time to LOWER RIPOFF DRUG PRICES!” When Trump thinks that drug prices are too high, then maybe they are. Also, drug prices for the same drug in Canada are much lower. But why should Frazier lower drug prices? If there are people willing to pay his high prices, he'd be a fool to lower them.

The reason is monopoly and monopsony. If a company has a monopoly on something important, you can be sure that the price of that thing will be somewhat higher than a situation where there are several companies competing for your business. And, of course, that works the other way round - if there is only one buyer of a product then that buyer has tremendous leverage; that's called a monopsony. So the American Health Service (which doesn't exist, but ought to) would A) be buying in bulk, and that's always cheaper, and B) would be the only buyer, so you sell your Epipen to us, or you you don't make many sales. And here's the price we think we should be paying ... see above.

The second reason is insurance companies

In an UK NHS hospital there is no team of administrators working out the costs of treating each patient and filling in the necessary forms to claim on the insurance (and the insurance companies are not eager to pay unless it can be shown that the claim is valid). That team of administrators is matched by equivalent teams in each of the insurance companies, checking those forms. The entire cost of the processing of insurance claims is avoided, as is the profits made by those companies. You see, they aren't non-profits working out of the benevolence of their hearts.

The pharmaceutical companies are, of course, aware of this threat and they will fight tooth and nail to avoid having to face a monopsony. No tactic will be too underhand, no "sponsored research" stone will be left unturned. But, you might ask, why doesn't Medicare use its buying power to negotiate better prices? Because your congress won't let them. The Medicare Modernization Act of 2003 (MMA) included a ban on price negotiation. The pharma companies spend more than $100m on lobbying, seeking to persuade lawmakers by hook or by crook to maintain their high (or as Trump puts it, "RIPOFF") prices. That $100 million is a wise investment of a small fraction of the $374 billion that Americans spend on medication per year.

And what of the insurance companies? They will see most of the reason for their existence wiped away. In the UK, there are a few medical insurance companies, but nothing like the American behemoths. And they too will fight like cornered leviathans to maintain their lucrative business. Currently, they're spending over $10m per year.

 So that's why it's possible to have a single-payer, universal healthcare system at around half of what the government is currently paying.

BUT ...

"But this is socialism", I've heard people say. Yes, it is. And? It's a service for the whole population, paid for out of taxation. Just like the fire service, the police service, the public school service and the military. I don't hear cries from the anti-socialists "stop taxing us to pay for the military, we'll defend ourselves".

"But it's unfair, I'll be paying for a service used by other people". That's right. The rich will help the poor, the healthy will help the sick. If you're a Christian, then you'll probably approve of this because that's what Jesus wanted. If you're an Atheist, you'll definitely approve of this, because it's the Right Thing To Do.

"But taxes" you might say, if you're Republican. Or also if you're Democrat - no-one actually likes being taxed. Um, no. Because the AHS would cost half of what's currently being spent out of taxes, that leave room for a tax cut once the system is in place. TAX CUT!

"But it's untried, untested, how can we know if it would work?" Look at the 58 countries that already have a universal healthcare system. And these aren't just Western countries like the UK, France, Germany and Italy. They include Burkina Faso, Ghana, Bhutan and Sri Lanka  (and I bet many Americans won't be able to find any of those on a map).

The taxation will fall more percentage-wise on the rich; the sick will consume more of the healthcare that the healthy. And that's a good thing.

So I do support the repeal and replacement of Obamacare, but only if it's replaced by something like the American Health Service that this essay proposes.

And there's even something for you, Mr Trump. You can call it "Trumpcare", because as long as Americans get the healthcare that they need, I don't care what you call it.

The Thunderer fails.

Shortly after I praised the Thunderer for understanding the difference between a moped and a scooter, I came across a shuddersome blunder in their third leader.

The leader is all about the importance of STEM subjects, and the fact that the number of pupils taking maths is up (but English is down). And then it does on to explain how important maths is.

Calculus is essential to chart a rocket's trajectory, or the path taken by the shadow of the moon across the face of the sun in an eclipse.

I won't comment on the fact that you don't need calculus to chart a rocket's trajectory. But the Times writer thinks that the moon's shadow moves across the face of the sun?

Yes - we certainly do need people to be more educated in maths. Starting with journalists who are so ignorant that they don't realise that the shadow of the moon moves across the face of the earth.


Thursday 17 August 2017

Well done the Thunderer

I blogged recently about the mischaracterisation of criminal riding small motorised scooters as "moped gangs". Because the aren't moped gangs, they're scooter gangs.

Today I was delighted to note that The Times has taken notice of my correction, with a piece of news about "Robbers on scooters". The Evening Standard has also used the correct term.

But the battle isn't won yet. The Daily Mail, the Express, The Sun, the Independent, the Metro and Sky are all still incorrectly describing the vehicles as mopeds.

A moped is a vehicle with pedals and a motor, hence the term moped. It is capable of being propelled by the pedals, by the motor, or both.

You can see this on video.

Why is this important?

If you're looking for witnesses to a crime, and the criminal ran off wearing a grey jacket, then if you report this as a blue jacket, important witnesses might not come forward because they didn't see anyone with a blue jacket.

Never knowingly undersold

John Lewis have this well-known boast, "Never knowingly undersold".

But that doesn't mean what you think it does.

I always thought that it meant "If we know that someone else is selling the same thing cheaper, we'll match that price".

But it's a bit different from the policy I thought.

It turns out that if you tell them about another retailer (they exclude online and mail-order) that's selling the item cheaper, they don't drop their selling price. They only drop their selling price to you, and give you a reference code so that you can claim that lower price. Which means that for all their other sales of that item, they are indeed, knowingly undersold.

I know about this because ladysolly is buying a washing machine, found it a lot cheaper else where, told John Lewis, and they offered her a price match. A John Lewis employee told me about the price match being valid and gave me the reference number. And I wondered why we would need a reference number, so I asked her, and she told me that they wouldn't be dropping their price to other people, just to us.

It may be that some people think that if you buy from John Lewis, there's no point in checking any other prices, because "Never knowingly undersold". But in reality, you do need to shop around, because their claim should actually be "We'll price match, but only for you after you tell us where you can get it cheaper".

Wednesday 16 August 2017

The statues are moving

All over the USA, town councils have noted the uproar in Charlottesville, and have decided "not here, please". So in order to avoid the disorder, they've been quietly taking down statues of civil was leaders, and moving them to museums and cemetaries, which is a more appropriate place for them. And I can certainly understand their wish not to be sullied by a sudden crowd of Nazis to lead to more ructions.

To be fair, many of them aren't Nazis. To be pedantic, none of them are, because a Nazi is a member of the National Socialist German Workers' Party, which no longer exists. But in common parlance, someone who adorns himself with swastika tattoos and waves swastika flags, is usually called a Nazi.

Many of the protesters weren't Nazis. Many of them were Ku Klux Klan, and they, I'm guessing, would be upset at being called Nazis. And many of them were neither of the above, but if you march arm in arm with Nazis, don't be surprised if you get called a Nazi.

So, ironically, the Nazi's attempt to protest the removal of one statue, has resulted in the removal of many.

Yes, we have to stand up to Nazis. My father was at the Battle of Cable Street, and I would hope that I'd have been there too, except I wasn't born until several years later. They shall not pass.

 And another result is a sight we can all enjoy, the weeping Cantwell, a notorious and deeply unpleasant Nazi.

Tuesday 15 August 2017

Worldpay - goodbye.

I just got a letter (on paper) from Worldpay, telling me that they're about to merge with Vantiv Inc, a US company.


Worldpay is one of the companies (originally RBS, then after the takeover it was Natwest, then the payment processing division was spun off into a separate company called Worldpay which I access via Bucksnet who changed their name to BNS Payments) that I use for credit card processing.

This chain of companies happens to me a lot. I've been running this for 20 years now, throughout the internet boom. My DSL and megastream provider was originally Nildram, Nildram sold the DSL business to one company and the megastream business to another, and I went through several changes of ownership, leading to all sorts of problems later. I got the same when I colocated with Energis, who became Cable and Wireless, who then decided to bill indirectly via some third party Civitas, and the ensuing confusion led to me dumping a perfectly good colocation for a company called Saxon (who then changed to Safehosts) ... you see how this goes.

Each time there's a change like this, I get grief. I have to change this, or that, or the other.

My experience is that this change will lead to all sorts of hassles for me, including (but not limited to) huge volumes of paperwork required from me to assure them that I'm not a naughty person (it being well known that naughty people never lie about this), and annual reassurance that I haven't become naughty since the last time I told them (I get this from my bank in New York). Worse, I'm expecting a change in the way they want me to ship data to them. Perhaps a change in the file format, perhaps in the address I ship the file to, perhaps in the crypto system I have to use. Or perhaps all three.

So I phoned them, and told them loudly and clearly, that if they do wind up making changes in any or all of these formats, then they lose a customer, and I continue my business with one fewer payment processor.

I'm fed up with the way that I get forced to do significant amounts of programming in order to ease the life of people supplying me with services. I've lost count of the number of times I've had to change the way I do billings.

Plus their telephone menu system is very annoying. When you try to choose an option, it's not good enough to tap the number you choose, it doesn't recognise your choice unless you press and hold for a couple of seconds. And when it's offering you a series of six options, it won't let you interrupt with your choice, it insists on droning on through the full message before you can choose. And when it asks for ID, it asks for the 8 digit customer number, and I had to look that up because I had the six digit account number ready to give, and by the time I'd looked it up, it decided that I needed to go round their menu system again. And then the second time around, I took too long to enter the 8 digits, and it sent me round *again*. I've told them about this too, but I doubt if they care.

And although I tried to talk to the man who had sent me the letter, there is apparently no chance of that.

So I suspect that Vantic Inc aren't going to get quite as many customers as they thought.

Fame at last!

I came across your site while looking for resources for our next blog and I knew I had to
reach out immediately, kudos on a fantastic blog. My name is Joss, and I'm reaching out on behalf of a leading web hosting company.

This month, we're looking to secure sponsorship placements with five prominent blogs and your site jumped straight to the top of our list. Please let me know if this is something you're interested in discussing further.

Kind regards,

So I answered:

Thanks for the kudos; I might blog about this approach! What do you have in mind?

It's obviously spam; it carefully doesn't say anything about my blog. My guess is that, if Joss answers, I'll be given the opportunity to pay $$$ to get a mention of my blog on these "five prominent blogs", which will not be as prominent as they appear to be.

We'll see. I did warn Joss that I'd be blogging about this. My guess is that I won't hear back, because in my experience, when I do contact a company and show interest in their services, they discover that they already have too many customers and the sales people aren't as interested in getting more as the marketing people were in drumming up leads.

Barclays outages

I got an email.

We're writing to let you know that we'll be carrying out work on our systems, during which time our core services (Online Banking, Telephone Banking and our Mobile Banking app) will be unavailable. This work is required to prepare us for one of the reforms brought in by the UK government, called ring-fencing, which aims to strengthen the UK financial system. You can find out more details about these reforms below.

The work will take place during one weekend each month, for five months (with the exception of December). They will start at 23:30 on a Saturday and typically complete around 15:30 Sunday afternoon. We'll let you know the exact dates nearer the time through our app, online banking, or via SMS or email.

The next time we carry out work where our core services will be unavailable will be the weekend from 23:30 on Saturday 19 August until 15:30 on Sunday 20 August. We know this may cause disruption and we're sorry for any inconvenience.

Which services will be unavailable?

During the periods where we'll be carrying out work on our systems, some core services will be affected. However, we'll always let you know about these periods in advance so you can organise your banking.

I had trouble believing this - I get so many scam emails purporting to be from my bank. But the from address was, and that was confirmed by the header. And it isn't asking me to take any action (like "send me all your passwords"). So I went to the Barclays web site and that confirmed it.

I'm just a small business, but I have a backup for each customer-facing server or service. So if I have to take a server down, I first switch the load to the backup, then I do the necessary work on the server, then I switch back. Indeed, right now I've replaced three hard drives that were failing; replacing them took about an hour, and recopying the data will take about a week. But because I have a backup server taking the load, there's zero impact on customers.

Surely Barclays have a backup system? Surely they aren't like British Airways, where a small accident leads to complete lack of service for several hours?

Apparently they're just like that. The first outage will be for 16 hours, next weekend.


Sunday 13 August 2017

Bump bump

As we were getting off the ferry from Dublin to Holyhead (I can really recommend that ferry, great free food if you're club class, comfortable and the sea was glass) I scraped the right side of the car on the ferry, because the person driving off to my left was, I thought, a bit too close. Oops. All my fault. Ladysolly said "I bet you get away with it. If that was me, it would be major damage".

She was right. There was a big smear of yellow on the car, but when that was wiped off, there was no visible damage. And I'd guess that the ferry gets this all the time.

So on Friday, I had another bump. This time, I was parked in our front gravel, and the bump was ladysolly reversing into me. I have to point out in her favour that I was parked at an angle and too far forward, but I'd also point out that she has previous in this.

I had a look at the damage. The blue (from her car) easily rubbed off, leaving a couple of places at the front where the paint is slightly chipped. But I checked with a magnet, and the place where the paint is chipped, is plastic, so it isn't going to rust.

However, the damage she did to her own car is far worse; two long scratches in the side of her car. Plus I get considerable dibs on making hay of the incident.

Friday 11 August 2017

I was always an atheist

First, a definition. An atheist is someone who doesn't believe in any god or gods.


I was born an atheist. When you're a week old, you don't believe in anything, except milk and poop. Then I was eight days old, my parents decided that I wasn't quite as perfect as delivered, so they got a mohel to make a small snip. No-one consulted me about this, although if I had been asked, my response would have been either "milk" or "poop".

Age 0 to 5 - my interests became more diverse. I had bricks, and stacking cups, and a thing you pushed things into whereat they came out the other end, and books. I'm told that I was starting to read at an age that I frankly don't believe, mothers always exaggerate. But I do remember my first day at school, I was about 5, and I came home very disappointed. "All they did was play with water", I said, although actually they were also doing "A is for apple". Except I was reading books by then, and wasn't even interesed in "Janet and John".

Age 5 to 10. As I grew up, no-one gave me any good reason to believe in any god. I enjoyed reading a *lot*, the local public library was within walking distance, I persuaded the librarian to let me borrow ten books per week, and I was doing well at school. There was some sort of "assembly" in the morning, and I do remember "All things bright and beautiful, all creatures great and small", which is a great song, but the next line is "The Lord God made them all", and I classified that along with Santa Claus, because I already had read about evolution, and that was so obviously the right answer.

At the age of 9 or 10, I had to go to Cheder. Because my mother told me I had to. At Cheder, I learned two things. A) how to read hebrew, and B) how long I could hold my breath. Hebrew is really difficult - it isn't just a new language (and I found out later with French,  Latin and Russian that I'm really rubbish at languages) and it isn't just that the pages are back to front and the writing from right to left. It's also that the letters aren't the A-Z that I already knew, and the worst thing is that the vowels are left out and you have to guess what they are from just the consonants. Holding your breath, however, is really easy. The clock in the Cheder had a second hand, and in order to alleviate the excruciating boredom, I practiced breath-holding.

The purpose of Cheder was to prepare me for my barmitzvah, an ordeal that every jewish boy has to go through as a rite of manhood at the age of 12 or so. It's a bit like being given a spear and being told to go out and kill a lion, except that you're given a passage in hebrew, and you have to stand up in front of dozens of relatives and dozens of complete strangers, and not only read it, you have to *sing* it using the prescribed notes, which are, of course, not like the sort of music I was learning when learning piano - oh no, it was little marks amongst the hebrew that told you what pitches and lengths to sing. I would have preferred the spear and the lion. The only good thing about Cheder was that you got unlimited bread and strawberry jam beforehand.

I got through my barmitzvah unscathed. Because I got one-on-one tutelage, and more practice than I've ever used for anything else. Not completely unscathed; it was many years before I was willing to stand up in front of an audience and make a fool of myself.

So now I was a mensch. When a minyan was needed (you need ten men for some prayer services) I could be one of them! But even better - I didn't have to go to Cheder any more, and that was a real benefit; no longer was I in any danger of death by non-breathing. Also, I was in charge of the decision of whether to attend synagogue or not. I chose not.

The school I went to was all boys in gender, mixed in religion. Half jewish, half christian. Because of that, it would have been difficult for them to ram any kind of religion down us, but we still has a daily assembly, and I learned to ask for "forgive us our trespasses" which, at the time, I thought referred to that time in autumn when we would creep onto a field that we weren't supposed to in search of conkers. No-one explained this stuff to me. The whole of that prayer just sounded like nonsense; even the words I understood were being used in a way that sounded daft. "For thine is the kingdom"? What does that actually mean? It was just words, and meaningless. But we had to mumble them, although no-one explained to me why.

The school I was at was the Grocer's Company school (which I have to say was the best grammar school in the area, later called the Hackney Downs School, which isn't nearly as elegant). The motto was "God grant grace" and the school hymn was also  "God grant grace" This was completely wasted on me, because no-one ever explained to me the meaning of "grace" in this context. To me, grace was the opposite of clumsy, and the hymn was all about not tripping over your own feet. And the tune was a dreadful dirge.

It was at this school that I first learned the terms "jew boy" and "yid", which (judging from the tone of voice they were used) were supposed to be insults. But there were far greater insults, such as "cap crawler" (one who wears his school hat in conformity with the rules) and "swot". I was, of course, all four. I also learned that although I was wretched at French and pants at Art, I left everyone else behind at maths, which turned out to be useful later.

Grocers was an all-boys school. That didn't seem to be a drawback until I turned 15 or so, at which point the total absence of half the world's population became an issue. So I joined Habonim. That's a jewish youth movement whose objective is to get to to do Aliyah - emigrate to Israel. I had no interest in Aliyah, but a growing interest in that other half. And there they were.

Religion in Habonim is of very minor importance. Dancing, a lot more so. and mixed games such as British Bulldog, all of which gave boys an opportunity to clutch at girls, and vice versa.  There were also summer camps, also mixed, and winter activities. But included in all this, was a certain amount of what I would call cultural awareness, and it was there that I first found out about the holocaust. No-one had told me about this before, at school we were up to the Tudors and the Stuarts, and the syllabus ending in 1832. It's impossible for me to describe the impact that this had on me. Thinking about it still makes me cry, and although I've read lots of books about the second world war, I try to avoid books about the holocaust. Except "Maus", which I'd recommend.

My grandparents came from Russia at the turn of the century in response to the pogroms there (and no-one had told me about those, either, and "Fiddler on the roof" also makes me cry). They came from the part of Russia that became Poland, and if they hadn't emigrated, then 40 years later they would have been murdered by the Nazis, along with any children and grandchildren. And, of course, if they'd converted to christianity (which almost certainly they wouldn't have) that wouldn't have saved them - the Nazis didn't care about your religion, only your blood.

So between the ages of 15 and 17, I felt more jewish than I ever had, but not religious. I didn't go to synagogue (except for family barmitzvahs, weddings and funerals), I didn't pray, if you'd asked me I'd have said I was agnostic, but that was because I didn't know the definition of atheist - I was actually an atheist.

If I had believed in god at the age of 15 (which I didn't), then finding out about the holocaust would certainly have changed that. Some people say that you can't prove the non-existence of something, but actually you can. If you specify the thing in question (for example, a full-size elephant in my room) then I can prove the non-existence of that (I leave the proof to the reader, it's pretty simple). And I knew about this sort of proof from maths; you can prove the non-existence of a largest prime number, or that you cannot express the square root of two as a ratio of two numbers. I would very quickly have come to a strong belief in the non-existence of the god of the jews.

So I went up to university at 17 as an atheist to read maths, and soon discovered that I was the Only Jew in the College (if there were others, they were keeping a very low profile). There was Habonim in Cambridge, which was just as well because in student numbers, there were about 20 males for each female. In maths, more like 200. But in Habonim, five girls and two boys, which is small in numbers, but favourable in ratio, especially as there was already one couple paired off. But I'm not going to talk about my early sex life ...

As the Only Jew in the College, I found that there were people who thought that I hadn't heard the Good News, and that if only someone told me, I'd eagerly accept Jesus into my Heart and become one of God's Army. This is something I hadn't encountered before, and I was unpracticed at dealing with it. I fear that I was unable to sufficiently conceal my mirth at some of the approaches, which is not as well mannered as I should have been.

My worst misdemeanor was when a good friend of mine, who went by the handle of Li(3) of 1 (that's a mathematical joke) persuaded me to go to chapel, on the grounds that I've never been, and how do I know I wouldn't like it if I hadn't tried it, which is an argument that was also used on my to get me to start smoking (I didn't) and drinking beer (I did, and still do, occasionally). So I went with him to chapel, and maybe the fact that he called it "chapel" tells you which brand of christianity it was, but I never found out, and we went through a service that was every bit as boring as Cheder, and worse, because there was no clock with a second hand that I could use to practise holding my breath.

I shall pass over the incident when I was asked to eat human flesh and drink human blood and refused on the grounds that cannibalism was against my atheistic principles, even if it's symbolically, and skip to the part where Li(3) of 1 introduced me to the vicar (or priest, or minister, or whatever he was) with "This is my friend, he's, he's, er, er, he's a, um, he's of the Hebrew persuasion" at which I said, loudly enough for everyone in the chapel to hear, "No I'm not, I'm a jew".

I wasn't invited back.

I graduated, and there was a ceremony, and people prayed, and since I'd worked hard for that certificate I wasn't going to make a nuisance about that, and I got a job where they had an Elliott 503 computer, which I fell in love with, and I've been messing around with computers or the 50 years thereafter, and it turns out that if you like playing with the best toy ever invented, people chuck money at you, which is nice.

So for 60-odd years, I was an atheist, and thought nothing of it. I mean, it really is nothing, like "not playing football" or "liking brussel sprouts". I don't like football, but if someone else want to play, why should I care? And if someone else dislikes brussle sprouts, it's no skin off my nose. But then I was rummaging around Youtube, looking for yet another production of the Mikado, when I came across Christopher Hitchens, which led to Matt Dillahunty, and I discovered that for some people living in some countries, atheism is indeed a thing. Because in some countries, religion gets rammed down your throat whether you want it or not. Some people don't accept that other people's sex lives are none of your business as long as it's adult consensual.

I still go to synagogue for family barmitzvahs, weddings and funeral, but I've found that if I take a book with me and read quietly about such subjects as the "War of the Spanish Succession" while everyone else is either praying or pretending to pray, no-one seems to mind. Just don't read a book that makes you laugh out loud. At Pesach, I go to the seder at my sister's house (she does a great pesach meal with chicken soup, chopped liver followed by various Sephardi dishes (we're Ashkenazi, she married a Sephardi and now mostly cooks in that style) and because there's two seder nights, the other is at my sister-in-law (more chicken soup, chopped liver and then various Ashkenazi dishes). Because they both know how much I like chicken soup and chopped liver. And at the seder, it's laid down that you should ask questions about the exodus from Egypt, and boy, do I have some good questions each year. So if you want to, you could say that I'm gastronomically Ashkenazi Jewish.

When my kids were small, we did Santa Claus and the reindeer each year, and I actually do not care that some Christians think that they have a monopoly on Christmas, nor do I care that this maybe comes from a Druid festival or maybe from the Roman Saturnalia. And one of them was the Christmas Elf, who oversees the Distribution of Presents on Christmas Day, although I suspect that we might be the only family that had our own Elf. And I'm still willing to be Santa for grandchildren, because I think it's important for kids to learn that grown-ups lie about invisible people

Although in restrospect, I realise that religion has affected me, and not just the holocaust - I mean affected me personally. There was a thing in England called the Lord's Day Observance Society which led to legislation about what I could and could not do on a Sunday. And their idea was that the only thing I should do on Sunday, is go to church, which in my case wasn't going to happen. These days, the LDOS is pretty much a dead duck, and Sundays are full of activities.

But also the House of Lords (a total unelected anachonism in itself) includes 26 "Lords Spiritual" (bishops), which means that the cold dead hand of religion is infecting my government, although given the almost complete lack of power of the HoL, that isn't as bad as it might have been and nowhere near as bad as it is in the USA. Oh, and one of the Lords Spritual is a jew. These jews get in everywhere. But no Roman Catholics, because ever since Henry VIII, they've been persona non grata in the higher reaches of government.

I read with great dismay, the stories of people (mostly American) who have been inculcated with religion and who have considerable difficulty getting free of it, of the nightmares that some of them still have about an imaginary hell. About how the people they thought loved them, turned out to love their imaginary friend so much more that they'd turn their back on the newly declared atheist. About how people in one of the many religions of peace turned out to be anything but peaceful when push came to shove. About how even though the religion preaches charity, the devotees practise malevolence. About how faith is preached as an ideal instead of as the polite word for gullibility.

And I can only thank god that I am truly blessed because I am, and always was, an atheist.

Thursday 10 August 2017


When I went up to Cambridge, one of the first societies I joined was the Science Fiction Book Club. And each Wednesday afternoon, I bicycled to the college room where it was kept, to return a rucksack full of books, and borrow another rucksack full.

Before that, I got my fix partly from the Stamford Hill, Tottenham and Hackney public libraries, and partly from a Saturday market stall that sold old SF magazines for sixpence. My favourite was Analog, but IF was one of the good ones.

So imagine my delight when I located a treasure trove of 176 issues of IF. They are PDF files, and are the entirety of the magazine from start to finish. You can download them for free, here.

I downloaded them, put them onto my iPad (ladysolly's old iPad 1 which I inherited) and they make excellent reading, using the Kindle app as the reader.

Universal health care

Universal health care? Or the US for-profit model?

Here's an interesting fact. Under universal health care, it's in the interests of the health service to try to prevent bad health. By education (which probably doesn't work), by preventive measures, and by testing. Here's a couple of examples, from my personal experience.

1. Every few years, I get sent a testing package; I take a tiny sample of shit out of the mammoth amounts I create, put it in an envelope, and send it to the given address. They test that, and tell me if I have bowel cancer (I don't). If caught early, the outcomes are a lot better than if it's caught late.

2. Whenever I have an eye test, they also test the pressure inside my eyeball (as well as a few other tests). A few years ago, they found that the internal pressure in my left eye was twice what it should be. If left, that will lead to deteriorating vision in that eye. Because it was caught early, I take an eye drop each morning, and that keeps my pressure down, and I haven't lost the sight in that eye.

3. Vaccination. I had all my shots as a kid; more recently I had an anti-tetanus jab to maintain that immunity, and next winter I'm going to get the optional flu shot.

Now contrast that with a for-profit system of health insurance. Once the user is bankrupt (medical bills are the leading cause of bankrupcy in the US), there's no reason for anyone to give them any more healthcare.

In a universal health care system, the health service has an incentive to keep people healthy; that's cheaper, and, of course, it's the Right Thing To Do.

In a for-profit system, the incentives for the healthcare system is for people to be ill, so that profits can be extracted from them (until they run out of money or die).

Tuesday 8 August 2017

Ordeal by dentist

Root canal.

Two words that strike terror into anyone who still has teeth, and memories for everyone who doesn't.

I had an abscess next to a tooth. It wasn't very painful, except A) whenever I brushed that tooth there was a stab of pain and B) these things don't get better on their own, they only get worse.

The basic problem is, we're not designed to live beyond about forty; after that, things start wearing out, breaking down and not working. Especially teeth. This is becuase by age forty, you've most probably had all the children you'll ever have, and brought them to adulthood, so evolution no longer has need of your services.

My appointment was for 3pm. I lowered myself into the dental chair, and the ordeal began. A jab of local anasthetic in my left upper jar outside, near the canine. I'd expected that. I hadn't expected a second jab, on the inside, to totally numb the area. Well, it has to be good that I won't feel pain.

She'd done the main drilling work last week, cleaned out the pus and put in a temporary filling. The idea was to see if the drilling and cleaning had been sufficient. So she drilled out the temporary filling (which isn't as bad as any other sort of drilling) and had a look. And it was good.

Then she put a sheet of blue plastic in my mouth, to isolate the tooth to be worked on, so that I couldn't drip saliva (which includes bacteria) onto the tooth. And took an x-ray.

You'd think that taking an x-ray would be a piece of cake, but I have a gag reflex, and whenever they put that fairly large film-holder into my mouth and mess around with the x-ray projector to get it lined up, I have to fight against my gag reflex.

After the x-ray, she did a bit more drilling, then used a series of very thin files, to file away inside the root canal, to clean it out. Before she did this, she told me that it was possible for the file to break off inside, but very unlikely. She didn't tell me what the outcome of it breaking off whould be, but I guessed they couldn't just leave it there. I had my usual luck, and none of the files broke. But then she left one inside the root canal so that she could take another x-ray to see if she'd gone deep enough. "Don't bite down," she said, "there's a file sticking out". So, another x-ray, with me fighting my gag reflex.

She was happy with the x-ray, and dived into my mouth again. This time, she used an injector to squirt bleach inside the tooth. Again, she'd warned me about this beforehand, so I wasn't alarmed when I smelled chlorine. Then a bit more filing, more bleach, more filing ... you get the idea.

Eventually, she was happy with the preparatory work, and put the filling into the root. And then she followed that with an instrument that I wasn't expecting. There was a strong smell of burning, and I saw smoke coming out of my mouth. She explained later that the root filling was plastic, and she was burning off the excess. Apparently, this is standard, but I'm pretty sure that it was new to me.

Then filling on top of that, followed by ultraviolet light to set the filling, then surface filling, something I could chew on, and more ultraviolet light. And then, finally, she removed the blue plastic, and I could rinse out.

And then a final x-ray.

And we were done. This is the most thoroughly prepared root canal I've ever had. It took an hour, and although it wasn't pleasant, neither was it painful.

And becuase we have our wonderful NHS, it cost me £56.70, which is about a twentieth of the real cost.

 So now I have to look forward to another root canal, in a few weeks time, and then I'm dentally defect-free.

HRMC scam

I got an email from HM Revenue & Customs <>

From: HM Revenue & Customs <>
Subject: Company Excel Documents  

                                             Gov UK

                                  HMRC   HM Revenue & Customs

 We need to check some details about your tax credits. We are working to ensure that people get

         the right amount of tax credits. We think that your payments might be wrong.

 Please check your company report and send us all the information we ask for by 15 Aug 2017. If
 we don't hear from you by this date we will suspend all or part of your tax credits payments.

 In order to complete our check we also need your completed tax credits renewal. You will soon
    receive your tax credits renewal pack. Please complete this and send it to us as soon as
possible, if you do not renew it by 31 August 2017, we will stop your tax credits. You can renew
                             online at .

Its really important that you don't ignore this letter. What we're trying to do is to make sure
you don't end up being paid too much tax credits, resulting in a debt which you'll have to repay


                                         Mr Gary Brooks
                                CCBC/Mcol Correspondence Section

 The security and confidentiality of your personal information is important for us. If you have
         any questions, please either call the toll-free customer service phone number.

 All content is available under the Open Government Licence v3.0 [],
                         except where otherwise stated Crown Copyright

An excel spreadsheet is enclosed. When I ran that through Virustotal, only three out of 59 products flagged it; Fortinet, Ikarus and NANO-Antivirus. All the well-known products passed it as clean. Which means that people who trust their antivirus, will be sadly let down.

And that's because this malware is very recent. Virustotal said that it was first sent to them 2 hours ago (it was sent to me 4 hours ago). There's no way that the antivirus companies can respond as quickly as that, so there's no way that you should rely on any antivirus to detect malware.

But look at the "from" address carefully. You see where it says "hrmc" instead of "hmrc"? A small detail, but very significant, and so obviously this is an attempt to get me to run the malware in their excel file. I haven't, of course. is registered via Godaddy, on 10 July 2017, but the owner's name and address is concealed via a privacy service. is also registered via Godaddy, pm 2 August 2017.The owner's name and address is given. Is that a legitimate name used by HMRC? I don't remember, but the name server it uses is which doesn't bode well. I think that's another scam address, used by a different scammer. Or maybe the same scammer, and he needed a new address after was rumbled?

Wouldn't it be great if hmrc sent all their email via I've suggested before that they should. But they don't. They use all sorts of domain names, making phishing much more profitable for the baddies.

So I've forwarded the email to the HMRC phishing reporting address, and they'll reply saying "Yes it's a phish, and there's nothing we can do about it". Except there is.

HMRC (and banks, and other financial institutions). Please, choose one domain name, preferably the same as your web site, and make all emails come via that domain name. It isn't difficult to do.

... update ...

Here's an analysis of this.

Saturday 5 August 2017

The American Health Service

Just imagine a service, which I'll call the American Health Service (AHS), which is similar to our own National Health Service (NHS). One of the objections to such a service, would be the cost. So what would be the taxation increase required, to fund the AHS?

The Medicare budget in 2017 is $709 billion
The Medicaid budget in 2017 is $553 billion
The Veterans (VHA) budget is $68 billion

So that's a total of $1330 billion, which works out at $4100 per head.

The NHS budget is £124 billion, which is $161 billion, and works out at $2500 per head.

Taxation increase? It seems not!

There's a couple of reasons for this. In the UK, if you want to sell medicines in volume, there's only one buyer. And just as a monopoly (only one seller) pushes prices up, a monopsony (only one buyer) pushes prices down. That's why drug prices in the US are so much higher than elsewhere. Look at the spam you're getting - a lot of it is for non-US drugs sellers, and some of them are probably legitimate. The AHS would be a monopsony - in America, they refer to this as a "single-payer system".

Another reason - insurance companies aren't non-profit. The US insurance companies take a chunk of money out of the healthcare system, via their costs and their profits. The AHS wouldn't have that problem.

Another reason - the cost of administering an insurance-based system also falls on the hospitals, who have to have admin staff to document the claims that each case throws onto the insurance system (and the insurance companies have to hire admin staff to scrutinise these claims). In the AHS, none of that would be needed.

So, if we look at it from the point of view of the taxpayer, the AHS would be a lower burden in taxation ($1600 per head less), plus they wouldn't have to pay for the healthcare insurance that they currently pay.

This calculation doesn't seem to be widely known, and perhaps I'm missing some major point about the US system; if I am, please let me know. But on the face of it, the AHS would lead to a cut in taxation, so should be favoured by low-tax lovers (Republicans), should be favoured by Democrats as a social benefit, by Christians because Jesus recommended helping the poor and sick, and by atheists because it's so obviously the right thing to do.

Friday 4 August 2017


It occurred to me that I haven't read "Scoop", "Decline and fall" or any of the other books by Evelyn Waugh, so I went to Amazon, where I found that I culd buy them for £9.99 each, which seemed to me to be excessive. And I'd hoped that there would be a "Collected works", but that was £48 and didn't have his best works.

Remember, these are books written 70 or 80 years ago. And with that fact, I thought, hmm, out of copyright. So I went to the Gutenburg web site, no luck, and then to the Internet Archive, and struck gold, via the Digital Library of India. I downloaded half a dozen pdfs, onto my old iPad (version 1) into the Kindle app.

And then I thought, battery life. Because this iPad is so old, the battery life is gornisht. So I went onto Ebay and bought another battery-to-USB converter. I already have the batteries, so that's £0.99.


Wednesday 2 August 2017

Password manager

We all have a zillion usernames and passwords to remember, and the web sites' requirements to have at least 8 characters, some upper and some lower case, some numberic and some miscellaneous characters, make it impossible for anyone except Mr Memory to remember all these. And I'm Mr Goldfish.

The web sites don't make is any easier, either. Some require you to change your password every few weeks, most of them don't echo the password that you type in, and some won't let you cut-and-paste a password.

So many people use a password manager. Which sounds like a good idea, so I looked into it.

A lot of them thought it would be a jolly good idea if I kept my usernames and passwords on their server. No thanks. The rest would let me store MY data on MY computer, but I could only take their word for it that they weren't also taking a copy.

For example, OneLogin had a data breach, and anyone using it was advised to change all their passwords; for me that wuold be *hundreds*. Ugh.

For example, LastPass had a data breach.

So what is the Wise Virgin supposed to do to store her precious oil?

I don't know. It's a problem.

BUT! Every problem is an opportunity seen from the wrong end. So, I thought, I'll write my own password manager. What could be easier?

And actually, it was easy. I wrote it in perl, and I used the Crypt::CBC library.

I started off with a simple plain text file that looked like this:|user1|pass1||user2|pass2||user3|pass3|

So that's a domain name for the web site I'll be accessing, the username, the password, and the email address I gave them when I signed up. Because I give many different email addresses, all of which arrive at my mailbox eventually, but it means I can immediately tell if the email address I gave to Honest Joe has been sold on to Crooked Hilary.

To tell perl that I'm using the CBC stuff, I put near the start of the program:

use Crypt::CBC;

And now I can use Blowfish (or various other ciphers) without me having to get into the messy details of implementing the crypto.

Here's the code to encrypt that file:

sub encipherfile {
$cipher = Crypt::CBC -> new ( -key  =>'I'm not going to tell you the password'
                              -cipher =>  'Blowfish'
open KEYS, '>passwordfile.dat';
open PLAIN, 'plain.txt';
$/ = undef; # this tell it to read the entire file with a single read
$plaintext = <PLAIN>;
close PLAIN;
$ciphertext = $cipher->encrypt($plaintext);
print KEYS $ciphertext;
close KEYS;

That converted the plain text file into a file encrypted with Blowfish (which is considered to be a lot stronger than DES, and is currently fashionable, but I could easily change the algorithm if necessary one day).

The decryption code is very similar.

 sub decipher {
 $decipher = Crypt::CBC -> new (-key =>'I'm not going to tell you the password'
                                -cipher =>  'Blowfish'
open KEYS, 'passwordfile.dat';
$/ = undef;
$ciphertext = <KEYS>;
$plaintext = $decipher->decrypt($ciphertext);


Then I wrote a little cgi, that does a display like this:

And, of course, this is in a password-protected directory, using the usual apache access control system.

So I can add to the database with this form, or I can list all the records, or I can search for the domain name I want the username and password for. And it returns with a little table showing any matches.

It took me a couple of hours to write, and now I not only have a password manager that I know I can trust, but also if I think of any useful features, I can add them.

Tuesday 1 August 2017


Well, not quite.

I got a letter from Libby Barr at BT, offering me fibre broadband, and for free! Well, almost. I'd have to pay £60 installation fee, and £5 to make it unlimited, and after 12 months they're going to hike the price up to an unspecified (but I'd guess quite large) number.

And it probably isn't fibre; it's probably fibre to the cabinet (FTTC), then copper to my home, which isn't nearly as good, but which dishonest ISP's call "fibre" instead of what it really is. Not that BT is dishonest, of course. Just a little over-enthusiastic.

This is probably to do with the new BT cabinet that's sprung up a few hundred yards away from my home.

So I called Libby, and after a few choices on her automated switchboard, I got through to one of her minions. Libby, apparently, is humble enough to write to me, but too important to talk to me.

I told the minion about the letter, and asked when I could have fibre? "Not available", he said. "So why did Libby write to me offering this?" I asked. This is called "switch selling", you offer a great deal, but when the customer tries to buy, he's told that this isn't available, but would you like something that isn't a great deal instead. Switch selling isn't nice, so I complained. There is now a formal complaint in the BT system, and if they do this again, I'll escalate to the Advertising Standards Authority.

I don't mind them advertising this on TV, but when they send a letter to my home, with my postcode, it would be very simple to check availability before doing the letter. Clearly, they don't care.

However, the minion told me that the cabinet is indeed fibre, and that fibre (meaning FTTC, I guess) will be available to me in four months. That will offer me "up to" (which means in practice it can be anything they care to mean) 38 mbit (and that will probably be only download, upload will be a lot less).

I checked their pricing It's £32/month normally for BT Infinity 1, so that's what it will rise to after a year. Upload is half the download speed, which is better than I'd expected. BT Infinity 2 is "up to" 76 mb for £45/month. For comparison, my 100 mbit ethernet is costing £500/month but that's falling all the time.

But! If fibre is available via BT, it will be available via all the others. So when it does arrive (four months promised) I'll look around at what deals there are.