Pages

Friday, 14 December 2018

Christmas presents

I am really difficult to buy presents for. My needs are simple, and can be supplied by Sports Direct and the takeaway round the corner. So what to get me for Xmas?

Mostly, books. During the year, I occasionally visit the Amazon web site, and when I see a book I like the look of, I add it to my Christmas list. So, by the end of the year, there's a good bunch of books, which I email to my daughters, and then haul away as gifts at Christmas time.

But ladysolly wanted to go for somethng better. After much thought, I decided that it would be nice to have another big monitor.

I have a Acer ET430K 43" LED 3840 by 2160 monitor, which I got last year. For Christmas. And I thought, it would be rather nice to have another one! So I went to Ebay, and found that the cheapest one was £503 (there were some nice 40 inch monitors for a bit less). Then I noticed that it was on sale from Scan, who I often buy things from. So I checked their web site, and, to my surprise, I could get it from there for somewhat less - £461, including delivery.

The one I've already used for a year, is really excellent, and I can recommend it, although you might need to upgrade your video card to get the full resolution. It means that I have a truly huge screen space, so have have a lot of windows open on any of the workspaces.

Merry Christmas!

The Walking Dead

Theresa May won the leadership challenge, 200 against 117. It's a pyrrhic victory.

So the situation now, is that we have  PM who doesn't have the full confidence of her party. And she's said that she won't lead the party into the next election. So she's a lame duck.

However, the rules of the party say that there can't be another leadership challenge for 12 months. So she's armour plated. An armour plated zombie lame duck.

And we still have the same Brexit problems that we had last week.

So May is kicking the can down the road a bit more; the parliamentary vote on the May Brexit plan, won't happen until after Christmas. And January is two months before March. Meanwhile she's touring Europe in the forlorn hope that the deal that has been laboriously agreed, can be renegotiated. No chance.

O Albion, what will become of thee?

Tuesday, 4 December 2018

All change!

Parliament has ruled that they get to see the whole legal advice on Brexit, not just the summary. Why is this a big deal? Because the government has been fighting tooth and nail to stop that happening, so there must be something juicy there!

And in another news item, an EU legal bigwig has said that if we want, we can change our minds about Brexit, which certainly wasn't clear before.

So when parliament votes next week against the May plan (and it looks like it will) what then?

May plan B? Unlikely.
Crash out?  I doubt if there's a majority for that either.

So how now, can the government kick the can down the road?

Sharpen your pencil - I feel another referendum coming on.



Friday, 30 November 2018

Barclays Merchant Services charges

BMS changed their charging system a few months ago. When I got the first bill from their new system, it was immediately obvious to me, by comparing it with my previous bill, that it was very wrong.

For example, in the past, I've been paying them about £50 per month in VAT charges, and now, suddenly, it was £5.

So I phoned them, and told them about that, and the other two obvious errors.

It took them about three months, and then they agreed with me about the VAT, and sent me a humungous refund on that (going back for years), which (of course) went straght to HMRC. But also a "sorry about that" compensation payment, plus "lost interest", which was nice to have.

Win!

But they didn't do anything about the other two issues.

Today, I got two letters from them.

One of them was to tell me that "due to a technical issue" they forgot to biill me £20 management fee per month. They aren't going to charge me for the back payments.

Win! Win!!

The other letter was to tell me that they've been charging me 1% for transactions, plus £0.10 per transaction, and it should have only been the 1%. So they are going to refund me a four figure sum for this cockup.

Win! Win!! Win!!!

I'm not going to complain about this, or make any suggestions to them about it, but I will tell you, confidentially, and hoping that you dno't mention it to them, make a modest proposal.

Test your software before you inflict it on your customers. Do a trial billing run, compare the amounts with what you charged last month, and when you notice that an item is twice as big as it was last month, try to work out why.

And some advice for their customers. I feel sure that I'm not the only one who has had the VAT cockup, but if you're also affected, then you should complain, and ask for compensation and lost interest. And as a general rule - compare your bill for the month with last month. Because they obviously don't.

Changing my epdg Barclaycard password

This has been fraught for a long time. I wasn't able to do it with Firefox or Chrome, but it used to let me do it with Opera. I have no idea why. But yesterday, when I went to use it, it told me that my current password will expire in three days, would I like to change it?

Yes, I would, I don't like leaving things until it's too late.

So I clicked on the link. It wanted my old password, and my new password twice, and then I clicked on Submit. Nothing happened. And the password hadn't changed. I tried it with Firefox, then with Chrome. No joy. Then I tried it on another computer. Still no luck.

So I phoned for tech support  0333 202 7930. The nice lady suggested that I email to epdqsupport@barclaycard.co.uk with a screen shot. So I did that.

I got a reply very quickly. They suggested that I type the new password instead of copy-pasting it. Why did I copy-paste it? Because their password has to be at least one capital letter, at least one digit, at least one special character and at least one lowercase. And at least 12 characters long. And changed every month. Do they seriously think that I'll be able to remember that? So of course I use a password manager. They also made another suggestion, but that didn't help.

So I tried typing this long and tedious password instead of copy-pasting. And it almost worked! This time, their page acknowledged that the password was strong (it hadn't said anything about it before) and that the second time I typed the new password, it was the same as the first. Result! But when I clicked on Submit, again it didn't change the password.

So I did another tech support call.

This time she suggested that I ask for a temporary password. The problem with that, I thought, will be that this temporary password gives me one login. So if I try to change the password and it still won't change, that's it, and I'm left with requesting a temporary password each time I want to use their system.


Still.  I might as well try it, my existing password will be nullified soon anyway. So I did.

And it let me change my password.

Because the password change page after a temporary password, is different from the normal password change page.

So what in future? Well, if I pretend that I've lost my password, then it'll email me a new temporary pssword, and I'll be able to change it from there.

What a performance! 

And the cream of the joke? Their idiotic system is what forces everyone to use a password manager, which for many people will be "write it on a post-it note" which is far less secure than just have a fairly simple password. And if you want it to be secure?

USE TWO FACTOR AUTHENTICATION!!!

That's what Barclays Banking online uses, with a little calculator-like gizmo that gives me a new code each time. And even HMRC use 2FA, via my mobile phone.

Idiots.


Sunday, 25 November 2018

Alley cat

A long long time ago, I acquired a copy of a game called "Alley Cat". It was a fairly simple game, running under Dos. But when I showed it to my daughters, who were at that time aged several, they loved it, and the beep-beep tune of Alley Cat could be heard very frequently.

Something made me think of it today, and I used Google, And to no great surprise, it's available now. You can run it via your browser.

So, knowing that they read my blog occasionally, I thought I'd mention it here.


Whither Brexit?

Now that the Mogg Coup (it isn't a coup, don't call it a coup) has failed, May will be PM for the foreseeable future. So it's the May Plan for Brexit. Or not.

So, maybe the EU will accept it (except, what about Gibraltar? What about Northern Ireland?) or maybe we'll continue to ask for something they can't accept. But will parliament accept it?

It looks to me like parliament is not going to accept the May Plan. There doesn't seem to be enough votes for it. If that happens, then what?

That leave two possibilities. Leave without a deal ("Crash out") or ask to change our minds ("Remain").

Who decides?

What if we then take a vote in parliament for "Crash out" and that's rejected?

Oh no! A "people's vote", which is what we seem to be calling a "referendum" theese days, because "referendum" is a four syllable latinate word, where's "people's vote" is Anglo-saxon.
But what else is there, at that point? Except that it'll probably be too late to organise, because it'll take a long time to squabble over whether there shoulf be three choices (May, Crash, Remain) or two (Crash, Remain). And I can't see how May could be a possibility because, in that scenario, it's already been rejected by parliament.

So we vote between Crash out and Remain. And now that we've seen how well our government has handled Brexit, why would we think they could handle Crash out?

And after we vote Remain, the EU says "Yes, but not with the favourable terms that Thatcher got for you"

Don't look at me. I voted Remain in 2016, 2 1/2 years ago.

Thursday, 22 November 2018

But Brexit aside ...

Everyone is focussed on Brexit. Something will happen on March 29. No-one knows what it will be. But there's something else happening.

On March 31, 2019, MTD happens. MTD is "Making Tax Digital". It means that a million unsuspecting small businesses, will suddenly find that they way they've submitted their VAT returns (and maybe others?) will suddenly not work.

Here's how it works now.

I calculate (actually, the computer calculates) how many sales I've made in each of the 28 EU countries. I apply the 28 different VAT rates to that, and that's how much tax I owe. I feed this in to a government (HMRC) web site (VAT MOSS), it adds up the total, and that's what I pay ... or rather, that's part one. I pay one lump to the VAT MOSS, and they pay from that to the 27 EU countries.

Then I work out how much I've spent in purchases and how much VAT I can reclaim on those purchases. Then I feed those numbers into a different HMRC web site, and it works out how much VAT I pay to HMRC (or what refund I get). How come a refund? Because *all* my purchases are UK, but only a moderate percentage of my sales are UK.

On March 31, 2019, all that changes.

What will it change to? I don't know. Currently, I don't pay any VAT on sales in the USA, because the USA isn't EU. So will I pay VAT on sales to Germany when the UK leaves the EU? I don't know. I phoned HMRC to ask them, and they didn't know either, and thought it was all quite amusing.

But let's focus on the UK VAT, and the form I fill in for that. My understanding is that this form will no longer be available, and I'll have to submit the same information (or is it the same?) electronically (meaning, I somehow ship them a file). What's the format of that file? I don't know. It is SOAP? JSON? XML? I don't know.

And I actually know that this is going to happen. The vast majority of small businesses don't know. No-one told them, just as no-one told us about the whole VAT MOSS system in December 2015.

There's a story that there will be an excel spreadsheet add-on to do this.  That seems to be just a rumour.

There's another rumour that there will be a free HMRC-supplied software to do this.

There's a rumour that, come the end of March 2019, we will be in such a state of utter omnishambles, that no-one will know that to do, and if HMRC suddenly disable the web page where we've been giving our VAT data, a lot of businesses will no longer have a way to report their VAT. And then what?

But all anyone can see is Brexit, Brexit, Brexit. HEY!!! HMRC!!!!! How am I going to report my VAT liability to you?

Tuesday, 20 November 2018

TalkTalk oops

Every three months, TalkTalk bills me a couple of thousand pounds for my ethernet link. This month they billed me. And then they billed me again.

We noticed this on the bank statement, so we called them. We got the usual runaround "not my department, try elsewhere" but eventaully, they admitted that yes, they double charged us. A "computer error", apparently.

"Why didn't you tell us you double charged?"
"We've done a refund."
"So you knew you'd double charged. Why didn't you tell us?"
"."
"And why didn't you tell us you'd done a refund?"
"."
"How many other people have you done this to?"
"Some."
"Do you know what happens when you take a couple of thousand pounds out of the bank account of a small business that they weren't expecting to be taken?"
"."

So I've asked them what they plan to do about compensation.


Monday, 19 November 2018

Electric shaver

My fuzzy ears and whiskers take me too much time to shave.

I've been using a rather cheap (£10) shaver, from China. I think the problem with it, is that it gets blunt very quickly, and a blunt shaver makes shaving take a long time.

So, for my birthday this year, I asked for a really good shaver.

I did the research, and decided that what I wanted was German Engineering - a Braun. So I got a series 9.

There seems to be a zillion versions of the series 9, but I think they all have the same shaver head, and that's got to be what matters. So I got one that was reasonably priced. It was the Braun 9 9240s, and cost £120 (list price apparently £300, but I don't believe that).

And it is a seriously good shaver. Whereas before I needed a few dozen passes to mow the beard, now it chomps it up in a single pass.

The s series doesn't come with a head cleaner, but I thought, how hard can that be? And indeed, head cleaning is easy.

The head, I'm told, lasts 12 to 18 months, and a replacement head is about £60. So that's on my list for next year's birthday!

Update on the accident

Now it's 6 weeks from the accident. The huge bruise has faded, and the ribs feel good. I can sleep on my right side now. I'm off all the medications except the ones I was on before the accident (Warfarin for blood, Statin for chloesterol and eyedrops for preventing glaucoma). But my blood INR is still unsettled, so I'm taking slightly less Warfarin.

I took a big buch of flowers to the first aider who stopped and helped me until the ambulance arrived (she was very pleased), and I wrote a detailed letter to the woman who caused the accident, suggesting that she make a substantial donation to the NHS (she agreed).

So will I get back on the bike? I want to, but I'm going to have to fight with ladysolly about that.

But I Jeremy Corbyn can bike around London, surely I can bike around Amersham?

After the accident

As I write this, it's a week after the accident. So here's what happened.

On Monday 8th October, I fell. I was on my bicycle, 12am, full daylight. I had my headlight on, for visibility. I approached a roundabout to go across it. I checked on my right, nothing coming, so I cycled on.

Halfway round the roundabout, a woman drove her car at me from my left.

In England, roundabouts are very common, and everyone knows the rules - you give way to traffic already on the roundabout. She didn't see me. There's word for this, because it's so common, smidsy, "Sorry mate I didn't see you".

And then she did see me, because she stopped, but she stopped right in front of my path. I braked as hard as I could. I have good brakes, I do my own maintenance. I stopped before I collided with her car. But when you brake that hard, you can lose control, and I lost control. I stopped, then the bike toppled to the right, and I crashed to the ground, to the hard, unforgiving tarmac. Wham.

I lay there for a moment, wondering if I'd broken anything, and what should I do? I watched that car drive off, and noted the registration number, in case I needed it.

Then there were people around me, offering help. One woman in particular, had first aid training, and she checked me for broken bones, and they helped me to the middle of the roundabout, out of the road.

Someone called an ambulance.

The ambulance arrived a few minutes later, and they took charge. The woman who had caused all this came back; she'd parked out of the way of the traffic (in England, if you're in an accident, it's illegal to just drive away). She was very apologetic. Smidsy.

I didn't feel very forgiving. The ambulance men helped me get into their vehicle, and checked me over. No, I didn't hit my head. Yes, I was wearing a helmet, and they checked that, no damage. No, my neck didn't hurt. No, I didn't remember my 

phone number. Yes I did remember my post code They poked and prodded my spine, and nothing seemed badly damaged. Not a big surprise; I hadn't been hit by a car, I'd fallen from a stationary bicycle.

They asked me if I wanted to go to a hospital, or home. I didn't feel too bad, just a bit shaken, and I thought a lift home (about a mile away) would be best. When we got there. I made them tea, they checked me some more, they wrote up their paperwork, and then they went on to their next case.

That evening, I had a long hot shower.

The next morning, it hurt. Quite a lot. If I sat up, or stood up, or sat down, or coughed, or breathed in deeply, some guy stuck a knife into my ribs on the right side. Even typing hurt, because of the arm movements. So I tried not to do any of those things, and self-medicated with paracetamol, a painkiller you can get from any pharmacy.

I went to bed that Tuesday evening. It hurt a lot to get into bed, and I knew that getting up again would be just as bad. But I also knew I'd probably have to get up in the night a couple of times, because I always do. And when I did, it hurt. A lot.

Wednesday, I was slightly better, but not much. The guy with the knife now had a sledgehammer instead, and he used it with enthusiasm. Stand up, sit down, reach out, reach down, cough, sneeze, breath deep ... all of these were punished with the sledgehammer. And again, at night, very painful to lie down, very painful to stand up, but when you've got to go, you've got to go. And you can't go too slowly, or you won't get there in time! Oh, and the action of pulling the lever to flush, even that hurt.

Thursday I decided I'd had enough. So I went to hospital, and told them my story. They were very efficient; they triaged me (I obviously wasn't an urgent case), but I still got seen very quickly by a doctor. She did the usual poking and prodding and stethoscoping, and decided that I needed an x-ray.

At the x-ray, I was in a queue, but there was only one person in front of me, a baby had hurt her foot, and they were doctoring that. So the baby went in to the x-ray, and there was a lot of crying and screaming, and then she was done. I persuaded them to shoot me standing, because the process of lying down is painful, with the added feature of looking forward to even more pain when I got up again. But they were very nice about it, and I was x-rayed standing. I was so brave about the whole thing, I didn't scream once, so they gave me a sticker!

So then I went back to the doctor so she could look at the x-ray. And there were two problems, a couple of broken ribs, and what looked like a puddle about half way up the chest on the left. She was worried about the puddle (which turned out to be nothing) and sent me off for a CT (computer tomography) scan. That's like a 3-D x-ray. So I hobbled off to the CT scan.

I forgot to mention, but you probably guessed - walking was painful, so I wasn't walking, I was shuffling along like a very elderly person.

At the CT scan, they saw me immediately. I had to lie down, no option. So I did, and it wasn't as bad as it might have been because they helped me a lot. They injected me with iodine because that's a heavy element and shows up well to the x-rays. The room was freezing cold, because the CT scanner needed that, and by the time they got my scan, I was shaking and shivering with the cold.

Then back to the doctor, and now we knew the extent of the damage. Ribs 7, 8 and 9 on the right side were broken.

And I already knew the treatment for broken ribs, because I've had one before. The treatment is ... nothing. You do nothing, and a couple of months goes by while the pain gradually diminishes. Which is why I hadn't gone to hospital on the day I had the fall.

Oh, and I forgot to mention the Bruise. The Bruise is huge, and black and red, and covers the right half of my arse and then down my thigh. I don't think the Bruise is actually a problem though, it's just a spectacular sight, and would qualify for a Guinness World Record.

But they decided to keep me in overnight, for observation. And they explained that I'd be getting medication. Most of the medication is painkillers, consisting of codeine and paracetamol. But there's more. Because of the pain doing a poo had become impossible, so by then I was somewhat constipated. So they gave me lactulose to help me with that (and, without going into details, that particular problem is no longer a problem). Because coughing was painful, I was accumulating phlegm, so they gave me carbocisteine for that. And Omeprazol for my breathing.

I hadn't known this - if you don't use your full lung capacity but only take shallow breaths, that puts you at risk to a lung infection. That's why I need to take the painkillers - so I can breathe fully.

They checked my blood pressure (fine) took my temperature (fine) and my blood oxygenation (low, probably because I hadn't been breathing well enough).

Overnight turned into a somewhat longer stay. The window next to my bed gave me a spectacular view of a rubbish dump. I shared a ward with three other people. The bed next to me was an 89 year old, he'd fallen, and hurt himself against some furniture. He sang at night, but it was OK, he wasn't loud. By the time I left, he was looking good, they had him out of bed and walking a bit, and if you can walk, that a very good sign.

Next to him there was a couple of brothers, and one of them had suddenly lost the use of his legs, the other one kept him company. But when I went to the toilet in the middle of the night, he was sleeping in a different position, and obviously had moved his legs without realising it. His brother was a pious Muslim, and we had a long chat about Islam (he was surprised that I knew so much). They self-discharged while the hospital was still trying to help them, and that's really stupid. What's he going to do, eat cumin seeds?

And the fourth guy in the ward had tried to kill himself with a bottle of vodka and 96 paracetamols. He told me how bad his life had gotten in the last few years, and I sat with him for quite long periods, just talking about this and that. This was his fourth attempt at suicide.

The nurses were great, and worked very hard. Before I left, I bought the biggest box of chocolates I could get, and left it to be shared by all the nurses and doctors and other staff.

So eventually, they decided that I was well enough to be discharged. But first - a final blood test.

To do a blood test, you have to take a sample of blood. They tried nine times, making nine little holes in me, and failed each time. Then they thought, maybe I'm dehydrated. So I drank three litres of water (that's about six pints) over the next hour, and they tried again. This time, they got the sample on the third attempt.

So they gave me a carrier bag full of pills and potions.

And this was all on the NHS, so the cost to me as zero, the service was excellent, and I love our NHS.

Looking at the other three guys in the ward made me realise how lucky I am with my physical and mental health. The woman who could have killed me has made me realise that I'm not going to cycle on roads any more (most of my cycling has been on cycleways where there are no cars).

So. Here I am with three broken ribs that will heal up over the next couple of months. It means I can't lift anything heavy (and at this point, "heavy" means a full kettle of water), but with the painkillers, breathing is a lot easier. Typing is sort of OK, but not in large amounts.

So now you know.

Tuesday, 9 October 2018

An accident

I cycled down to Amersham Hospital to have my routine blood test. On the way back, there's a few roundabouts. At one of them, I checked on my right, nothing coming, so I got onto the roundabout to go straight ahead.

A woman on the road to my left, didn't see me, and drove straight in front of me. And then I'm guessing she did see me, because she abruptly stopped. Right in front of me.

I have good brakes on the bike, and I applied them as hard as I could, and managed to stop before I would have crashed into the side of her car. But when you brake that hard, it's easy to lose balance, and that's what happened to me. I didn't hit her car, but I toppled off onto the tarmac.

I fell onto my right side, and lay there, in quite a lot of pain, and hoping that no-one would drive over me. The car drove away, but stopped a few yards further on and the woman came back. If she hadn't, she ould have been in serious trouble, because there were several witnesses, and someone took her number.

Meanwhile, another woman, who had first aid experience, checked me for broken bones, then helped me to the middle of the roundabout. Someone else called an ambulance, which arrived a few minutes later.

The crew checked me out, and decided that I wasn't so seriously hurt as to need hospital, so they took me, and the bike, home.

But by golly it hurts. The act of standing up hurts, sitting down hurts, moving my arms hurts, moving my legs hurts. I can barely manage a slow shuffle to get around. I'm on paracetamol.

Last time I fell off my bike it was on a bridleway, and it was entirely my fault.  Thus time it wasn't my fault, and the fall was onto hard tarmac. Last time it took months before I was fully recovered.

I gave her a piece of my mind, and she was very apologetic, it's never happened before. I explained to her about SMIDSY "Sorry mate I didn't see you". Hopefully she'll be more careful in future.

If you can't positively check that there's nothing coming towards you, then assume that there's a bike doing 10 to 15 mph, and that if you hit it, you'll kill or seriously injure the rider.


One cheer for Barclays

I don't know if this is a new feature, but I hadn't known about it.

It's page no the Barclays web site www.barclays.co.uk, which lets you check if a phone number really is a Barclays number.

https://www.barclays.co.uk/security/phone-number-lookup/

Well done Barclays!

Sunday, 30 September 2018

Moggiedawed

I just used the word "moggiedawed" and the person I was talking to didn't know what it meant. So I explained it, it means confused.

Then I wanted to see if I'd explained it accurately, so I googled it.

To my great surprised, it came up with four hits. And all of them were me!

So I checked with ladysolly. She also knew the word, and had the same definition. I'm pretty sure I learned it from my mother. She thinks she learned it from her family.

Is this word local to the drsolly family? Or is it yiddish? If it were yiddish, I'd have expected a few more hits.


Wednesday, 29 August 2018

Vat reporting changes

Three ironic cheers for HMRC.

At the moment, in order to report my VAT numbers and how much tax to pay, I log into their web site and type the numbers into a form. Simple.

But I've just heard that they are "going digital". In future, I will have to type the numbers into a Excel spreadsheet and run some software that transmits the same numbers to HMRC. I wonder if that software will work on Linux? Fortunately, I still have a Windows computer, and I probably have an old copy of Excel somewhere.

How is that an advance?

Meanwhile, at the end of next March, we leave the EU. Unless we don't. And at that point, what happens with VAT?

At the moment, I charge VAT on all sales to EU countries, at the various VAT rates of each country, and then I use a thing called "VAT MOSS" to pay the VAT to the 27 EU countries. On sales to non-EU countries, such as the USA, I don't charge VAT, because they aren't EU.

What happens after March 29?

I have no idea. HMRC has no idea. HMG has no idea. Seven months from now, it all changes, and no-one knows what it changes to.

Instead of messing around with how I report UK VAT, they should be sorting out what's going to happen with VAT and Brexit.


Friday, 10 August 2018

Beep beep UPS

I was doing some routine maintenance in the Data Shed, and it gradually dawned on my that I could hear a beep beep noise, as of a machine in distress. My binaural beep-location soon tracked it down, it was the UPS that protects the router that converts the fibre optic cables from the street outside, to the ethernet that the data shed requires.

This device has two power inputs, which is a good idea for such a critical piece of kit. It means that if one power cable goes down, the router will continue to work. So I have each of those inputs on a different UPS.

I tried powering the UPS off and on again, that didn't work. So I decided to just bypass it, and connect that power input, straight to the power mains, without the UPS.

I did that, but the red light on the router was still on, indicating that it was only getting power from one source, the remaining UPS.

Which, now that the louder beep was silenced, I noticed was flashing its lights in a "help help" manner.

And then I realised that the two UPSes were on the same 13 amp power main, and that the neon light indicating power on the six-way strip, was off. Meaning, that there was no power going to the UPSes, and that explained the distress signals they were both giving me.

And then I noticed that the trip on the fuse box had gone. I still call it a fuse box, even though fuses on house supplies are long gone. So I flicked the trip, power was restored, and the UPSes stopped making distress signals.

And then I thought. I've been silly. I should not have had both UPSes on the same 13 amp mains power!

Fortunately, no harm done in this case. So I ran a power lead from another 13 amp mains supply to one of the UPSes, and now each UPS is on a different power supply.


Blackmail!

From: Angie

Subject: hammer45

It seems that, (hammer45), is your password. You might not know me and you are most likely
wondering why you are getting this e mail, right?

in fact, I put in place a spyware on the adult vids (adult porn) web site and guess what, you
visited this web site to have fun (you know what What i'm saying is). During the time you were watching videos, your internet browser started off functioning as a RDP (Remote Desktop) which gave me accessibility of your screen and webcam. after that, my computer software obtained all of your current contacts from the Messenger, Outlook, FB, along with emails.

What did I really do?

I created a double-screen video. First part shows the recording you're seeing (you have a good taste haha . . .), and Second part shows the recording of your webcam.

what exactly should you do?

Well, I think, $11000 is really a reasonable price for our little secret. You'll make the
payment by Bitcoin (if you don't know this, search "how to purchase bitcoin" search engines like google).

Bitcoin Address: 16GcAcYntnJjJP1uApyYiuZRW5ryaf3Fsv
(It is case sensitive, so copy and paste it)

Important:
You've few days in order to make the payment. (I have a special pixel in this e mail, and at
this moment I know that you have read through this email message). If I do not get the BitCoins,
I will certainly send your video recording to all of your contacts including family, coworkers,
and so on. Having said that, if I get the payment, I'll destroy the video immidiately. If you'd
like evidence, reply with "Yes!" and I will definitely send out your videos to your 6 contacts.
It is a non-negotiable offer, that being said don't waste my personal time and yours by
answering this message.


This is a very old linkedin password (changed ages ago). And, of course, I haven't used it anywhere else.  I received six emails like this, asking for different amounts and with different bitcoin addresses. Also, the email itself was a bit randomised, using different words.

I wasn't aware that linkedin had been hacked, but on checking, I found that 117 million account details are for sale on the dark web, as of a couple of years ago. I do vaguely remember that I might have read abut this hack.

The email came from info@ednawest.com

If you get an email like this, don't worry. If you haven't changed your linkedin password for a while, change it now.


Tuesday, 31 July 2018

Another scam

I got a phone call. Apparently, my IP address is about to be changed! So I called them back.


I spoke to "Kevin Sharp". He had the usual difficult accent, and he asked my if I had Team Viewer installed (that's a commonly use Remote Access tool). No, I hadn't.So he talked me though accessing btopenreach5.webnode.com which is a very crude copy of a BT site.

I told him that my computer rebooted.

There was a conversation in Urdu in the background, and I was transferred to "Mike Morris".
Mike told me a whole selection of lies. First, he talked my through discovering one of Google's IP addresses, and told me that was my IP address. Then he told me that I've been hacked, and that someone tried to steal £904 from my account, but he's stopped that. He told me that this was because someone at my local Tesco was stealing my debit card number. But they now have a camera there, so they'll catch him soon.

Then he sent me to the fake BT site, and told me to click on a link there that would install a RAT (RemotePC.exe).  I told him I clicked on it and my computer rebooted. "It's been rebooting a lot recently, is this the virus?" I asked, innocently. He confirmed that it was.

More Urdu in the background. How stupid they must think we are. And they're probably right, they wouldn't be doing this is it didn't work, at least sometimes.

Then I panicked, and told him that I need to talk to my bank, to block my account, but he said he's already done it. I said I still felt that I needed to talk to my bank, and he offered to transfer the call to my bank. "Oh yes," I said eagerly, keen to find out how well they'd be able to impersonate my bank. But he didn't do that, and continued with his standard script. He wants me to visit my local Tesco. I have no idea why. He wants me to take my mobile phone with me when I go. I told him I don't have a mobile phone. "Are you sure?" he asked. I told him that it's possible that I hav a mobile phone that I don't know about. I think that piece of sarcasm flew over his head.

He asked for my address, so I gave him the address of someone who had spammed me a while ago. And he asked for my debit card number, and I gave him a 16 digit number to play with.

Then I told him I was very worried about all this, and I was going to talk to my bank,. and I hung up on him. That's so that when he tries to run the card, he isn't surprised that it fails.

Then I reported him to:

1) The Telephone preference service
2) Webnode abuse
3) BT Openreach

I'll give it an hour or two, then call him back. They don't get away that easily!

... later ...

I got an email back from webnode

" Webnode team, please check the content of the below-mentioned domain name. It looks like
phishing.


Best


Realtime Register Abuse Dept. "





One look at that site and they'll kill it, it's a very obviousd scam. A small victory :-)

Wednesday, 11 July 2018

Facebook fakes

It was recently noticed that there are a lot of fake accounts on Facebook.

These were set up several years ago - perhaps Facebook was less discerning then? They have the following characteristics in common. We see them when they try to join a group.

All claim to be in the USA
The account was set up several years ago, and contains two posts, one to set up the profile picture, and one to set up the banner. Then nothing for several years.
Many of them are an attractive woman in an attractive pose.
Others are an attractive man.
Many of them are members of several other groups with related subjects.

What is the purpose of these accounts, and the purpose of joining a group? Nothing good, I fear. By joining the group, they get better access to the members of that group. And here's what I've seen happen ...

The person offers to friend you. If you accept, then you later on get an invitation to a page, which is for a different person.

Reporting this to Facebook seems to have no effect.

How widespread is this?

I'm seeing more fakes than genuine people. That's a big deal. Is it possible that Facebook has less than half of the accounts that it claims?

Monday, 9 July 2018

Bojo bails

David Davis, Minister for Brexit has left the cabinet over the latest Theresa May proposal, supposedly agreed at Chequers.

Boris Johnson has followed suit.

I feel like I'm on the Titanic, and the crew hasn't merely given up on trying to save the ship or organise an orderly evacuation to lifeboats.

No. Half the staff have decided that now is the time to make more holes in the ship, and the other half have decided to shoot themselves in the foot.

So what now?

Can the May government survive this revolt? Is a leadership contest in the offing? Can Boris hold his nose and ally with Gove? Will Andrea Loathsome raise her hand? Will the Honourable Rees-Mogg indicate graciously that if asked to serve, he would not decline?

Dum de dum de dum de dum, dum de dum de dum dum ...



Bye bye Twitter

I just deleted my Twitter account. I've never used it apart from a few testing tweets. So it's just a database waiting to be hacked.

I only hope they delete my details.

Friday, 29 June 2018

PCI DSS

People following this blog have been reading about the various hurdles I've had to jump in order to become, and remain, PCI DSS complaint.

I used to have to fill in a huge form each year, with a couple of hundred questions. And then, every three months, they would test my server to check that it was secure to their exacting standards. And if it failed (which happened whenever a new threat emerged, like "Poodle" or "Heartbleed"), I'd have to work out why, and make changes to the version of Apache, or the version of Openssl, or to the configuration, or whatever.

Well, all that has completely changed!

Last week, I got a letter from Barclays, telling me that if I didn't get PCIDSS complaint by September, it would cost me an extra 0.3% per transactions. "Oh dear," I thought, then I realised that this might put up the amount I pay them by about 5%. And that's the worst case scenario!

So I stopped worrying, and filled in their online form, which I was surprised to discover was only about a dozen simple questions. Then I waited a week while they got around to processing it.

Today, I got the phone call. I was asked several questions, which duplicated the questions I'd already filled in, and I don't know why they did that. And then the lady on the call said "That's fine, you're compliant for a year." What about the quarterly security test?" I asked. "No need," she said.

So I went to the Barclay's web site, and sure enough, I'm compliant until this time next year.

They've abolished the server test.

My server tests out as A+ on the Qualys test, so I'm not worried about that. But this means that they've abolished the server test for other people too, and I don't know how many others.

Why?

Have they stopped caring about computer security? Surely not.

Friday, 22 June 2018

Spam from China

In my de-spammer, I have a category of email I call "non-roman". This is all email in alphabets that I cannot read. Maybe it's spam, maybe it isn't, but if I can't read it, I'll never know.

In the last week or so, there has been a huge rise in spam in Chinese. This is only part of what arrived in the last several hours. Over the same time period, there were only 24 spams that weren't in Chinese.


Monday, 11 June 2018

IPv6

IPv4 is the old familiar Internet Protocol, You get addresses like 12.34.56.121, four numbers in the range 0 to 255. That means there are 2 to the power 32 possible IP addresses.

When this was designed, that sounded like a lot, enough for indefinite use. This is 4 billion addresses, which is enough for half the people on the planet. Plenty, yes? No. They didn't anticipate the huge popularity of the internet, and it turns out that these 4 billion addresses are not enough. And there is an IP address shortage.

Enter IPv6

This consists of eight numbers instead of four. Which is 16 billion billion addresses. And that should be enough for a long time.

But.

Everyone uses IPv4 today. And people keep saying "We have to move to IPv6" because we've run out of IPv4 addresses.

And they've been saying that for seven years now.

So today, I decided to start making a move. Step one, talk to TalkTalk, to get some IPv6 addresses, and for them to route them to my connection. So I contacted TalkTalk.

 Huh.

They don't do IPv6. In April 2017, their Chief Operating Officer said that they will in future. But in the 14 months since then, there's been a deafening silence. And when I asked their tech people, they said they don't do IPv6 and didn't know when they might.

So I explained that when my contract comes up for renewal, the existence of IPv6 support will definitely be a factor in which service provider I choose.

I can't believe that they haven't done this yet.

Saturday, 2 June 2018

Barclays Merchant Services, and VAT

Six months ago, BMS (Barclays Merchant Services) changed over to a new accounting system. So when the first new bill arrived, in a totally different format from the old bill, I compared the old with the new, and I found a major discrepency. Previously, they had been charging me £50-£60 VAT each month. Suddenly, the VAT number was £5.

So I called them up. Either the old figure was inflated, or the new figure was too low. It took them about six months to look into it, and eventually, I got a nice refund from them.

I wondered, then, what they would do about all their other customers. Now I know. I just got a form letter from them, explaining about this.

This blunder must have cost them a lot.

TLS 1.2

From a few weeks from now, data transfer with Barclaycard must use the encryption of TLS 1.2. This is a good idea, because it's currently the strongest protocol available.

Wow. I remember when the only way to do this, was for me to print everything out on paper, and trundle down to the bank with it. They would ship it off to their data center, and someone there would type it all in!

So anyway. I upgraded my systems to TLS 1.2 six months ago. But I got a reminder from them, and, suddenly nervous about whether it was all working right, I phoned them up to check. They checked my recent uploads, and confirmed that I was indeed using TLS 1.2

But I wonder how many companies are going to be caught short by this.

Sunday, 27 May 2018

Uploading files to web pages

This turned out to be a bit more tricky than I had thought.

You have to use a cgi that starts off like this:

 <FORM method="post" action="upload.cgi" ENCTYPE="multipart/form-data">

And then there will be various elements to the form, depending on what other data you want, and then:

Upload:          <INPUT TYPE=file NAME=filename>

Then you parse the result of the cgi using

use CGI::cgi_lite;


$cgi = new CGI_Lite ();
$cgi->set_directory ($images) || die "Directory $images doesn't exist.\n";
$cgi->set_file_type ("handle");
%in = $cgi->parse_form_data ();


The name of the file will be in $in{'filename'};

And the file itself will be in the $images directory that you set. But, the filename will have an extra 11 characters appended to it, that's to ensure that the name is unique. If you want the original filename, you have to strip those off.

Then the thing that really threw me. If the original filename contains spaces, then $in{'filename'} doesn't contain the filename, it contains the bytes of the file itself!
I have no idea why.

open UPLOAD, ">$images/upload.file";
binmode UPLOAD;
print UPLOAD $in{'filename'};
close UPLOAD;

Then you'll have to rename the file to something unique.

Friday, 25 May 2018

Facebook security

Facebook recently announced that they tightened up their security, and have removed 583 fake accounts.

And they've put uip a notice saying that if you log in from a different computer, they're going to do a check on whether you're really you. Which sounds nice.

So we went away for a few days, and I logged in from the hotel's wifi, using a portable I took with me. So the IP address was different, and if Facebook had dumped any cookies on my computer, they weren't on this laptop.

Facebook immediately spat me out. So this is their security is in action. But what happened next ...

They asked me for a mobile number, so they could send a six digit verification code. Obviously I'm not going to give them my usual number. I dn't want to start getting spam on it.

So, I went around the houses. I have an old iPhone 4, inherited from Ladysolly a while back, and just festering in a drawer. I went to Vodafone to get it unlocked, which was pretty easy. Then I did a full reset, to wipe off all the data.

Then I went to freedompop.com. You pay £7 or so, and you get free minutes, texts and data. Not very much, and I think they're hoping I'll top up and pay for more. But I won't. And as a surprise, they gave me a second sim for an extra 1p. Nice. So I put the sim into the old iPhone, and gave Facebook that number.

And Facebook was happy, and I was happy, and everything is tickety-boo.

But.

Facebook didn't actually do any verification of me at all. All they verified, is that the person who logged in, also owns a phone.

It's just more "Security Theatre".

So. In future, when I go away, I'll VNC into the computer that Facebook expects me to be using, and they'll never know that I'm hundreds of miles away, using my laptop. I tested it, and it works fine.




Thursday, 24 May 2018

Mouse pad

Mouse pads are important. You want something that isn't too rough and isn't too smooth, and which is big enough for your mouse movements, but not so big that it takes up too much desk.

Also, I want a gel pad for my wrist to rest on, so I don't get tendonitis.

For many, many years, I've been using the Fellowes "Gel wrist rest and mouse pad". They must be more than ten years old now, and they still work great.

So I just bought four more on Ebay, about £12 each.

Recommended.

Power supply difficulties

The power supplies in PCs are one of the components that wear out. Sometimes the fan goes, because they are mechanical. That's easy, I just replace the fan. But sometimes, it just fails.

They are easy to replace; PCs are like Lego, but with screws. I have a small stock of PSUs (power supply units), so that I don't have to order one each time one fails.

And my small stock has dwindled - time to order more!

So I had a look around, and Bluepoint were offering 15 refurbished PSUs (which means, second hand and wiped over with a cloth) for a mere £1.91 plus Vat. "I'll have some of those" thought I, and ordered 15. "Yes we have them, no they aren't in stock, but we can get them". They took my money, then called back. They don't exist.

So I tried another bunch of PSUs they had, for the same price.

Same problem.

So I tried another PSU that they had on their web site. Not available. So I explained, "look, I tell you what. Rather than me try to guess which of the products that you offer, I can actually buy, suppose you make a list of what you can actually sell to me, and put it on your web site? Because I'm tired of playing "Guess the product" with you."

And I went to eBay.

Where I found some excellent, brand-new, 700 watt power supplies for only £5 each, free postage. So I bought ten.

A few days later, I got a message frmo eBay. Someone had been very naughty, and the items didn't exist, sale cancelled. I went to Paypal, where I found that the £50 had not been claimed, so I cancelled the payment.

Which took me back to square one.

So I went on a rampage on eBay, and bought every PSU that was the right kind and was under £7, which means I now have 13 assorted second-hand PSUs on their way to me.

Fingers crossed!

Tuesday, 15 May 2018

Hungarian rhapsody

I've just received a third communication from the Hungarian tax people. The first two were complaining about a non-payment of VAT on two dates, both of which I had indeed paid.

I was dreading what the third would be. But it's OK! It was an apology for sending the first two emails. Apparently, a "technical error".

Monday, 14 May 2018

PCI DSS woes

It's PCI DSS time again! Every three months, an external agent (in this case, Sysnet Global Solutions) has to check my Secure Server, to check whether some newly discovered insecurity has caused the need for an update.

So I submitted the URL for checking, and it came back "FAIL". That was the start of the nightmare.

The fail, apparently, was that one of the chain of certs (certificates) used SHA1, and SHA1 is no longer considered secure. The recommended answer was to get back to the vendor of my cert, Comodo, and get them to sort it out. So I did that.

First, I tried using their chat function. Using that, they sent me this cert and that, but each time, I got the FAIL.

Then I tried again, next day. First one new cert, then another, and so on, and eventually they gave up and told me to email.

So I emailed, and the email I got back said, "Don't worry, it's a false positive".

I wasn't happy with that, and phoned. Over a two hour transatlantic call, the Comodo tech and I tried this, that and the other. He even got me to edit the certs around; taking a piece out of one and another piece out of another. And still it failed.

But.

I learned a lot. Apache thinks that there needs to be three certs:

SSLCertificateFile SSLCertificateChainFile and SSLCACertificateFile

Actually, you can combine one of more certs into a single file. And until I understood that, I was getting a lot of grief, because Comodo were only offering two files. The SSLCertificateFile which is the file for my server, and the other file, which combines SSLCACertificateFile and SSLCertificateChainFile.

It turns out, that the problem lies in  the root certificate. The signatures of those aren't actually checked, so it really doesn't matter if they use SHA1 or not. They are trusted according to their identity, not their hash. And it was the root cert of Comodo that was SHA1.

So I boldly decided to tell Sysnet that they were throwing a false positive. I backed that up with quotes from Google and Microsoft, explaining that a SHA1 at the root wasn't a problem, and I put a cherry on top in the form of "I notice that the Sysnet web site also uses SHA1 for the root server."

It worked. After a week of agony, I got my cert authorised, and the cream of the joke is that I could have got it authorised the first time I'd tested it, if it hadn't been for that false positive.

But some good came out of it. When the time comes for me to renew my cert with Comodo for £90 per year, I shall instead be using "Letsencrypt.org", which is free, and gives me a cert that the PCI DSS is happy about - I know that, because that's what I'm using now!


Friday, 11 May 2018

Let's Encrypt

Every "secure server" has to have a certificate; this is a text file that certifies that the server is encrypting.

I've been getting my certificates from Comodo, because I decided that Verisign were too expensive. They seem to be part of Symantec now, and Symantec want $399 per year for a cert, $1999 for a wildcard cert (which covers all subdomains of a domain name). 

Eyewatering.

Also, Chrome will soon be untrusting Symantec certs. It's a sad story.

Comodo were charging me $60/year. Now it's £90, more than twice what it used to be. Feh. Godaddy are a bit cheaper, about  $60/year, but they warn you that it will be $75 when you renew.

I'm already using Letsencrypt.org for a few dozen domain names. Their big advantage is that it's free. Certs last for 90 days, but they make it easy to automate refreshing them.

So I thought, how about using this for my Secure Server? There's only one drawback to the certs from Letsencypt, and that is that they don't certify the name of the organisation. But when was the last time you checked the cert on a secured web site to verify that it really was the organisation you thought it was?  As long as the lock thing is shouling locked, and no alarming popups pop up, it should be fine.

So I downloaded certbot-auto, and made myself a free wildcard cert (the thing that Symantec wants $1999 for) and made myself a wildcard cert. I checked the server with Qualys SSL Labs and got an A+ rating, that's as high as it goes.

I just checked Barclays, my bank, and they only got a B! Naughty Barclays are still using SSL 3, which is known to be insecure.

So, while I was overhauling things, I also brought the server up to the latest Fedora, version 28, and the latest Apache web server, 2.4.33. And I also made a backup server, so I can slide that in immediately if the hardware goes pearshaped.

While I was building it, I had a bit of a clear-out of faulty motherboards. It seems to me that motherboards wear out; I'm guessing it's the capacitors. Anyway, that left me with a bunch of CPUs for which I had no motherboard. So I went to Ebay.

I found a guy selling suitable motherboards for £7 each, which sounded good until I noticed that each one came with a CPU and memory. Better than good! So I bought all six that he had.





Wednesday, 9 May 2018

Specific spam

This weird seed helps burns fat 1828% faster

This spam in interesting because of the strangely specific percentage.

Saturday, 5 May 2018

A strange cut-and-paste bug

I use cut-and-paste a lot. Often, I'm copying from a nedit text file, into the Firefox browser.

For a while now, that has stopped working. So I looked into it.

I can cut-and-paste from nedit into anything else, such as a terminal. That shows that copying from nedit to the clipboard is working

I can cut-and-paste from anything else into Firefox. That shows that copying from the clipboard to Firefox is working.

I don't understand it.

Upgrading to Fedora 28

Fedora 28 is out. So, naturally, I downloaded it and installed it on a machine. It worked fine. So I decided to upgrade more machines to 28. I ran into a couple of minor difficulties.

1. With Fedora 28, desktop icons are no longer there. It gives you a clean desktop - but I want my icons. I found this:

dnf install nemo

Then pico ~/.config/autostart/nemo-autostart-with-gnome.desktop and put into that new file:


[Desktop Entry]
Type=Application
Name=Nemo
Comment=Start Nemo desktop at log in
Exec=nemo-desktop
OnlyShowIn=GNOME;
AutostartCondition=GSettings org.nemo.desktop show-desktop-icons
X-GNOME-AutoRestart=true
NoDisplay=true


To start it, do

nemo-desktop &

And that gave me my icons back.



2. And then apache didn't work; this is version 2.4.33

pico /etc/httpd/conf.d/nss.conf

add: NSSEnforceValidCerts off

That's OK, because these servers are only accessed for http, internally.

Friday, 27 April 2018

New monitor

I just got a new monitor for a computer that I use regularly. It's 2560 by 1440 pixels, and 32 inches diagonally. It's big, it's beautiful and it's perfect. And it cost £189.99 on eBay, delievery free next day from Currys.

Recommended!

Wednesday, 18 April 2018

Defuse and diffuse

It seems to me as if journalists cannot tell the difference between these two words. They aren't even homonyms!

Defuse. That's what you do with a bomb. More metaphorically, that's what you do with a dangerous situation - you calm it down and remove the detonator and explosive.

Diffuse. When you add a drop of ink to a glass of water, the ink diffuses through the water, until eventually it's all mixed in.

Do, you do not "diffuse" a dangerous situation. You defuse it.

Please get these straight.

Thank you.



Monday, 9 April 2018

https blog

Visitors to this blog will no longer be able to access the unencrypted version (via http). All access will be via https.

It's not that there's anything secret on this blog - far from it. But this is part of a move on the whole internet to https.

Saturday, 7 April 2018

Hungary again

Several months ago, I got an email from Hungary claiming that I hadn't paid my VAT for Q1 2017, and I owed them 8.65 euros. I passed the email over to HMRC, because I use the HMRC VAT Moss system. That lets me pay the VAT to all 27 non-UK EU countries in one go, telling them how much goes to each. And then HMRC pays the various tax authorities in each country.  HMRC told me to take no action, they'd deal with it. So I just left them to it.

Today, I got another email, suggesting that I owe them for Q4 2017, the sum of 33.33 euros.
So I've passed that on to HMRC, and I've asked what happened to the previous demand?

Hungary is now quite low on my list of countries I love.

And.

We triggered article 50 a year ago. A year from now, we tumble out of the EU. There might be some intervening period, of a couple of years, we don't know the details of that yet.

What I'm wondering is this. When I sell the USA, there's no VAT to pay, because the USA isn't in the EU, and I don't have a tariff to pay. When we are disgorged from the EU:

Will I have to still pay VAT on exports to EU countries?
Will the VAT Moss system still be there?
What happens during the two years when we're partially in ?

What's going on?

Tuesday, 3 April 2018

Data Recovery

Jeff Bones emailed me - his computer won't boot up and he has valuable data on it. So I asked him to bring it round.

I used to do data recovery professionally, but I haven't done that for 25 years. Just occasionally as a favour to a friend.

He was right. The Advent laptop computer got as far as a screen from Windows telling me about a problem. That's good, it shows that the drive is at least working. The drive is a 500 gb 2 1/2 inch Sata drive, a Western Digital WD5000 BEVT. I had a look around; those are pretty much unobtainable now, but there's lots of other similar 500gb drives for sale.

So I connected up an external DVD drive (I couldn't persuade the built-in DVD drive to read my DVDs, I don't know why, and didn't investigate it because I was happy to use my own DVD drive) and booted up from Fedora Linux Live. Fedora Linux Live means that I'm running Linux, but didn't install anything on the hard disk. Because if I did install on the hard disk, that would wipe out the data I'm trying to recover.

So Linux booted up fine. I connected it to my internal network, which meant I could ssh into it and run stuff on it without having to use the inferior laptop keyboard (all laptop keyboards are inferior to my beautiful IBM Model S clicky keyboard).

I had a look around, and I was able to mount drives sda1 and sda2, and I could see all the files. So now I need to copy the files. But there's 150 gb of files. Obviously Jeff didn't want them all; a lot of them were system files, temporary files, ancient backups and so on. But Jeff needs to think a bit to decide what he wants.

I started off by copying the files across the network to my server. But that was going astoundingly slowly (I don't know why) and wasn't really going to fully solve the problem. Because I'd need 30-odd DVDs to copy that lot. Not practical.

Then I had an idea. I have a 1000 gb external drive. So I connected that, and started copying the files to it. Then I stopped, because I realised that I had a linux ext3 file system on that drive, and can Windows handle that? I don't know. But Linux can handle an NTFS file system. So I deleted the partition on my 1000 gb, and made a new partition, telling fdisk that it would be NTFS. Then I formatted it as an NTFS file system, and mounted it to the laptop.

I used rsync to copy the files from the laptop to my 1000 gb, and I was surprised how quickly that went. So now I have Jeff's 150 gb of data on this external drive. I've suggested that he bring his new laptop round, so that I could connect up the external drive and check that everything is accessible, and then he can, in his own time, rummage through the files that I've rescued, and copy them to his new computer.

Job (probably) done. I've still got it!



Wednesday, 28 March 2018

Silence is golden

I have a nice 32gb HP workstation, but it's unusable because the fans are too loud. So I decided to do something about it. I bought three things from eBay..

Computer cooling fans can be loud when they run fast. There's two ways to slow down a fan. One is to use a lower voltage than the 12 volts they're designed for, the other way is PWM, pulse width modulation. PWM means that you switch the fan on and off rapidly, umpteen times per second. Less power, means it runs slower.

My first purchase (£2) is a little board that takes 12 volt input, and has three header blocks for fans, one for a thermometer and one for a buzzer. You set the desired temperature ranges with the dip switches.

Next, I bought a few PWM controllers each for a single fan, £2.25 each.

And third, I bought five 4-pin extension cables, to make life easier.

I installed the board and connected up the two external fans, and the fan that blew down on the memory. This immediately made the box a lot quieter. But still a bit noisy, so I used one of the single-fan controllers to slow down the fan cooling the memory, and that was good.

So I put the board inside a plastic box, to make sure it wouldn't cause a short circuit, and I'm happy with the result.

Monday, 26 March 2018

A health tax?

Jeremy Hunt believes that there should be a dedicated tax specifically to be spent on the NHS and social care.

What a bad idea!

If you don't think very hard, it sounds like a nice idea. More money for the NHS!

Or is it? If you have a "Health tax" that garners £10 billion per year, then hey! We could reduce the NHS money that comes out of general taxation by £10 billion!

If the NHS needs more funding (which is a separate question), then wouldn't it be a good idea to simply raise income tax, which would bear harder on the rich than on the poor?  Rather than invent a whole new tax system, with a herd of civil servants to administer it, with bookfulls of legislation to enact it, and providing an whole new source of revenue for accountants as they sought ways to minimise clients exposure to this new tax?

If you want more money, raise income tax. And don't try to fool us into thinking that some new tax is ringfenced for the NHS.

Jeremy and the Mural

I am not a great fan of Jeremy Corbyn, and I am definitely against antisemitism in any form. But.

Jeremy is being attacked because of a mural. The mural was being removed, and jeremy said that he was opposed to the destruction of art.

That was a while ago, on a Facebook group. And now, just recently, it is revealed that Jeremy supported an antisemitic mural.

But look at this.


I see a monopoly board resting on the backs of people. I see six men sitting round that board. The implication is that these six men are exploiting the guys under the table.

What I don't understand, is what is it that tells you that the six guys are Jewish?

None of them is wearing a skullcap. I see no star of David. No clothing as per orthodox jews. No payot (the curls that hang down by the ears of orthodox jews. Only one has a beard.

Behind them, there's the pyramid with the eye. That's what you find on dollar bills. It's not any kind of Jewish ting that I'm aware of.

I can't actually see anything that says "These are Jews".

What they are, is old white guys.

So I really really don't see how this is being portrayed as antisemitic.

But what do I know? The witchhunt has started. And everyone (other than me?) seems to have accepted the mural as antisemitic.

Sunday, 25 March 2018

Give that man a medal

Never mind about the flat-earth nonsense, this guy is a hero.

He built a steam powered (!) rocket (!) strapped himself into it (!) and soared to 2000 feet.


“Mad” Mike Hughes - give him a medal.

Friday, 23 March 2018

Healthcare should not be left to religion.

Healthcare should not be left to religion.



Dr Prakash Chandra Saxena, principal and superintendent of Government Ayurveda College and Hospital in Pilibhit, said, "Not just for medicinal purpose, we will promote cow urine as a health-giving drink. We have prepared a plan and will discuss it with Ayurveda department in Lucknow for approval. Drinking 10 ml to 20 ml cow urine daily will act as a preventive against seasonal diseases, like fever, cough and stomach-related ailments. Daily consumption of cow urine will also help increase people's immunity. Our aim is to make cow urine easily available to common public."

But don't laugh.

Narrated Anas:Some people from the tribe of 'Ukl came to the Prophet and embraced Islam. The climate of Medina did not suit them, so the Prophet ordered them to go to the (herd of milch) camels of charity and to drink, their milk and urine (as a medicine).
Sahih Bukhari 8:82:794


Stop giggling, there's more.

A woman has died after undergoing bee-sting therapy, a form of treatment backed by Gwyneth Paltrow.

The 55-year-old Spanish woman had been having live bee acupuncture for two years when she developed a severe reaction.

She died weeks later of multiple organ failure.

And that's not funny. Neither is this:

2-Year-Old Girl Dies After Faith-Healing Parents Refuse Medical Treatment

Jonathan and Grace Foster attributed the Nov. 8 death of their daughter, Ella Grace Foster, to "God's will," according to a police affidavit.


And, of course, there's homeopathy, the belief that plain water is medicine.
Well, at least it can't hurt, can it?

Right on its packaging CVS' homeopathic constipation relief says it's safe and non-habit forming. Yvette d'Entremont disagrees."I was an analytical chemist," said d'Entremont.These days d'Entremont uses her mastery of chemistry on YouTube as the 'Sci-Babe" debunking what she calls medicinal myths with science. As for the claim here of a non-habit forming laxative"There was 20% alcohol listed as an inactive ingredient," said d'Entremont. "This is 20% alcohol by volume which means it's 40 proof."That's 40 proof, by standards for purchasing liquor, yet sold over the counter with no age requirements.

Wow. That's as strong as whiskey!

Thursday, 22 March 2018

The divine origin of the Quran

After speaking to Muslims, I find that for many of them, the reasoning
goes as follows.

1) We follow Islam because the Quran came from Allah.

2) We know it came from Allah because of the many scientific facts in the Quran that we now know to be true.

3) These facts could only have been known by Allah at the time of the Prophet (pbuh) 650 AD.

The problem with this logic, is that 3) isn't correct.

Dozens of examples are given. I don't want this post to be too long, so I'll look at three of them that are commonly given.


1) The Big Bang. The Quran 21:30 tells us that the Big Bang happened, but scientists have only recently rediscovered this.

Not so. The Ancient Greeks proposed this. Anaxagoras in the 5th century BC
proposed this, 1000 years before the time of the Prophet. And the Hindu Rigveda proposed this also, 2000 years before Mohammed (pbuh).

But how could an illiterate Mohammed (pbuh) have read the writings of the ancient Greeks?

He had Companions. Not everyone in that region was illiterate. And people talk to each other. The origin of the universe is an interesting question, and would have been discussed often.

2) The different stages of development of the human fetus. How, before X-rays and ultrasound, could they have known about that? Quran 23:12-14

Because of miscarriages. And the Ancient Greeks, 1000 years before the Quran was revealed knew this. And the Bhagavata Purana, 100 years before the Apostle of Allah, gave an accurate account of the development of the fetus.

3. The waters salt and fresh, not mixing, Quran 55:19:20. This explains that you can have water that is salt, and water that is fresh, side by side, not mixing.

If you live by the coast, near a river, then you can go out in a boat and see this for yourself. It isn't hard to check. Fishermen would have known abuot this for thousands of years. But how would an illiterate man, not living by the coast, have known abut this?

Again - people talk to each other.

And, by the way, if you think that salt water and fresh water can never mix (as suggested by the Quran), try it yourself. Take a half glass of fresh water and a half glass of salt water, pour them into a single glass, stir well, and taste. It will be half as salty as the original salt water. And you don't need to take my word for this, you can try it yourself.


So here's my suggestion to Muslims. Look through the Quran, and find some true scientific fact that could only have had a divine origin. And I will undertake to show you that this fact was already well known at the time of the Prophet (pbuh).

Wednesday, 21 March 2018

Idiot

Israel’s Chief Sephardic Rabbi, Yitzhak Yosef, called black people "monkeys".

And then his office made it worse, by explaning that he was quoting the Talmud.

If that's true, then we need to revise the Talmud. Call it Talmud, second edition.

We might need to revise the Old Testament, while we're at it.

But we definitely need to replace Yitzhak Yosef.

Tuesday, 20 March 2018

Annoyance number 4,592. Videos autoplaying.

When I go to a page that has a video, maybe I'll play it, maybe I won't. If I'm already playing another video, I definitely won't, I can't listen to two videos at once.

But HTML 5 lets videos decide for me.

To disable this in Firefox:

Type about:config in the browser's address bar and hit enter.
Confirm that you will be careful if the notification comes up.
Find the "media.autoplay.enabled"
Double-click on it.

Blessed silence.

Monday, 19 March 2018

The Irish question

There is an important question hanging over Brexit, that has not been resolved, and I can't see how it can be resolved.

It's the Irish question.

The Republic is in the EU. Soon, the UK will not be in the EU. So there will be a border. On one side of the border is an area with EU tariffs, on the other with UK tariffs.

When the UK was in the EU, this was not a problem; Eu tariffs = UK tariffs. But what now?

If we had a single free-trade area, there would not be a problem, even with the UK outside the EU. But this isn't going to happen. The hard-liners in the Tory party would rather cut their own throats.

If we had free trade between Northern Ireland and the Republic, that would solve the problem, but then there's a trade barrier between Northern ireland and the rest of the UK, so that isn't going to happen, the DUP would eat Theresa May *and* Boris before they let that happen.

So we are going to have a tariff barrier between Northern Ireland and the Republic, with customs barriers and infrastructure and everything that goes with a land border. Except that we've promised we wont. The Republic won't wear it, and they get a veto, as part of the EU27.

It's a problem like a fidget spinner, with three sides that you keep turning. Why didn't The Powers That Be see this coming two years ago?

Saturday, 17 March 2018

Italian scam for VAT part 2

Well, it turned out that it wasn't a scam. I really did pay my VAT to Italy in 2015 1Q, three months late. I can't remember why, this was three years ago, but I have a feeling it was because the HMRC Vatmoss system wasn't fully operational yet.

I contacted HMRC, and they confirmed the late payment, and my records said the same thing.

So I've paid them, Well, it was only 65 euros.
.

Poo in the post

I put some poo into the post box near me today.

Every two years, the NHS sends me a bowel cancel screening programme test kit. I have to take six samples of my poo, using the method they explain, and post it to them. They check it, and tell me if I have bowel cancer. So far, so good.

This is one of the benefits of a healthcare system where the priority is the health of everyone in the country. If the NHS's priority were profit, they wouldn't do this.

Aren't you glad we live in England?

 ... later ...

Result came back normal.

Sunday, 4 March 2018

School shooting shelters

When it became clear that WW2 was imminent, the UK government designed air raid shelters for families. These were called Anderson shelters, and they were effective against anything except a direct hit. So when there was an air raid warning (you usually got several minutes) the family would dress warmly, and get to the Anderson shelter in their back garden.

Anderson shelters were simple, cheap and effective. You got six pieces of corrugated iron, 1.95m by 1.35m. You dug out an area of the garden to a depth of a couple of feet, then covered that with the corrugated iron. Finally, you heaped earth over the top.



It worked. A family taking shelter in their Anderson, could emerge after the raid to see their house demolished by a bomb, which was terrible, but at least they were alive.

So how does this apply to school shootings? I went to Ebay. You can get 8ft by 3ft corrugated iron for £11 per sheet.  So if you bought six of these, and put it in the corner of a classroom, that would give you an area nine feet by nine feet by eight feet high; you should be able to get a teacher and a couple of dozen kids in there quite easily.

But will it be proof against bullets from an AR 15? I don't know (that could be tested easily). I'm assuming that it isn't, So what you do, is buy eight more sheets, and put those up as an outer shell, leaving a gap between the two shells. Then you fill that gap with sandbags; cheap and easy to handle.

And that will give you a shelter that would resist bullets. Add a door with a lock, and you have an Anderson Shelter. Total cost, £200. You would need one for each classroom. I would have thought that parents would be willing to stump up the necessary £10 per head, to keep their kids safe against a school shooter.

The bullet resistance comes from the sandbags. The corrugated iron is just a cheap way to make the structure.

Of course, I did all this in UK pounds, which is silly, because if you suggested this in the UK, people would say "Why?". But I'd guess that corrugated iron costs about the same in the USA (more after the Trump Tariffs start to bite) and that American parents wold be really keen on this idea.




Thursday, 1 March 2018

The acorn doesn't fall far from the tree.

Sir Oswald Moseley was the blackshirted scroat whi led the British Union of Fascists (usually known as the Black Shirts) until just before war broke out with Germany in 1939, whereupon he was confined to quarters until we'd dealt with his much-admired chum Herr Hitler.

Meanwhile, P G Wodehouse wrote a great spoof about a party he called the Black Shorts, led by a pugnacious bully called Lord Roderick Spode,


who usually got his come-uppance from Wooster and Jeeves well before the last chapter of the book. Recommended.

After the Battle of Cable Steet in 1936, when Moseley's Blackshirts were unable to intimidate the East Enders, his influence waned, reaching its nadir when WW2 started

Oswald Mosely had a son, Max. Young Max was involved in politics when he was a teenager, and the acorn doesn't fall far from the tree.

In 2008, there was this.













No longer a callow youth, Max turns out to have an interesting taste when it comes to his fun.

So he sued the News of the World in privacy grounds. After all, if someone wants to dress up as a Nazi and do sexy sado/masochistic things in private, that's not anyone else's business.

Max won the case. His private proclivities were, the judge said, not a matter of public interest.

But in the course of that case, reference was made to an unpleasant-sounding leaflet, with racist content, used in a political campaign that he was involved in, and signed off by him. Unfortunately, no-one had a copy of the leaflet, so his denial was accepted.

Now the leaflet, which says it was "published by Max Mosley" has surfaced. It includes ""Protect your health. There is no medical check on immigration. Tuberculosis, VD [venereal (sexually transmitted) disease] and other terrible diseases like leprosy are on the increase. Coloured immigration threatens your children's health."

He's in a bit of a pickle. Did he commit perjury? I don't know, but the penalty is seven years if he did. Here's Max being interviewed by Channel Four News.

 The acorn doesn't fall far from the tree.








Thursday, 22 February 2018

OK, Google

My Google Home mini arrived, and it's rather nice. It's a puck-shaped thing, about four inches across, and I can ask it to do things. So, for example, I asked it how long it would take me to drive to Leighton Buzzard, and it told me 55 minutes, which is right. And the weather, and whether pigs have wings. And apparently, some people think they do. Huh. Who knew?

But what I really want to do, is use it to control things.

So first, I installed the Google Home app on my iPhone, and used that to go through the rather simple setup steps for the Google Home. Mostly, this is to tell it the password for my wifi. And then - let's take CONTROL ...

I already set up a Pi Zero with a pair of relays, controlled via the GPIO ports, and a cgi so that I can switch them on and off over the web. So I decided to use that for the experiment.

Here's how I did it.

The key thing is the ifttt web site. I registered on that, and set up an app.
What my app does, is if I say "OK Google, switch on one" then Google Home talks to ifttt, and ifttt accesses my Pi Zero over the internet, and runs the cgi. The URL it accesses looks like this.


http://relay-3.drsolly.com/power/lights.cgi?'lights=on&port=1'

Where instead of on I could say "off" and instead of 1 I could say 2. Except that it doesn't seem to be able to understand the word "two". But it can understand three. Not four. Yes five. Then I thought, Two is a homonym for "to" and "too". Four is a homonyn for "for". So what works is 1, 3, 5, 6, 7, 8, 9, 10, 11, 12. So I think it's a homonym problem.

The way round it is to say "OK Google, switch on number two" and that works.



So I can switch either of the two relays on or off with a voice command.

Wow! This has potential!

There's a way I can use a Google SDK to make a Google Home on a Raspberry Pi, and I'm planning to have a bash at that; I have a few Pies not doing anything right now.

Friday, 16 February 2018

Hungary wants money

I got an email from the tax office in Hungary. They are saying that although I declared my VAT owing to them on Q1 2017 as 9.65 euros, I haven't paid them.

I have, of course, via the HMRC MOSS system, which lets me pay my VAT to all the EU countries as soon as I've calculated how much is should be. I pay it all in one lump, for all 27 EU countries (UK vat is paid in a different way) to HMRC, and they are supposed to take it from there.

This is annoying. I'm also being chased by the Italian tax office; they claim that in 2015 Q1, I paid the VAT three months late. Again, I didn't. I paid via HMRC's Vat Moss. So, three years later ...

Although I do believe that staying in the EU would be best for the country, these erroneous demands for small amounts of money are starting to annoy me. Just think, from 1 March 2019, I won't have to pay VAT to EU members. Or will I? No-one knows what will happen.


Another scammer

This one is with BT, at least that's what he claimed. Apparently, my IP address is being used in California. Oh no! So ...

First, he established that I have a computer. But I dn't know what browser I'm using. He suggested a few, but dopey me, I just don't know. So then he told me to find the Ctrl key. "Hold on," I said.

After a few minutes, I cme back. And then he wanted to know what key was next to it. He's looking for the Windows key, which my beautiful IBM Model S, vintage 1983, does not have. But I lied to him, and said, after a few minutes pause, "there's a sort of squarey squidgy thing".

At that point, he realised that the computer wasn't next to the phone. So he suggested I move the phone. No can do, there isn't a phone point where the computer is. So do I have a mobile? No.

So I suggested that I move the computer to where the phone is. Fun fun fun.

So then I left him waiting for five minutes, while I "moved the coputer". He called again, and I told him that he just interrupted me moving the computer because I went to answer the phone. "Do you do internet banking," he asked. I told him I did, just to get him excited.

Because I'm pretty sure I know this scam. He wants me to install a RAT (remote access tool) so he can take over my computer, install his trojan, and then charge me money to remove it, which he won't do anyhow. I've been here before.

So now I've moved the computer, but I haven't moved the screen yet. We had a lottle chat about that. These CRT screens are *heavy* and it takes a long time to move them, especially for an old geezer like me. Puff puff. And the keyboard.

And when it's moved, I have another disappointment for him ...

He wanted me to connect to british-telecom.webnode.com, which, I guess, he wants me to think is a BT site. I checked the whois, it's a Czech company. I've emailed them to alert them to the problem.

The internet connection is back where the computer used to be.

So he told me to take the computer back there. But that was after a riff that I dn't really understand, when he was asking me to look at the bottom left hand corner of the screen which is where the time is? Only it isn't. Maybe his version of windows is different from mine.

So now I'm "taking the computer back again" ...

So now, as if by magic, I'm able to sit in front of the computer and use the phone. So he talked me through starting up a run box (Windows-R) and british-telecom.webnode.com.

And the computer rebooted.

So he took me through the same process again

And the computer rebooted again.

So he took me through the same process again

And the computer rebooted again.

 So he passed me over to his manager, Mark Roger. Who got me to run Google, and do a search on "my 1p address" (not my ip address!).
 
IP Address66.249.79.92 [Hide this IP with VPN]
IP LocationMountain View, California (US) [Details]    




OMG! He's right! Time to panic ... (actually, it's a googlebot).

So he sent me to british-telecom.webnode.com. And the computer rebooted.

He told me that this is caused by the "hackers" locking me out from the british-telecom web site. 

He thought that maybe it is a loose power cable. So he got me to unplug and plug it back in.
And I was a bit clever here; I unplugged both ends of the cable and plugged it back in. Not excessively clever, though - I didn't switch it back on until he told me to.

So then it rebooted, and Windows came back up, and I told him that, abd he said "yes yes" and then the phone line went dead.

Am I rumbled?


Thursday, 15 February 2018

Going SSL, part 2

The two sites I upgraded seem to have gone well, so I did all the others. That turned out to be more complicated, because some of them are spread over more than one computer, and some of them have subdomains.

And then I decided to upgrade one of the computers, which was running Fedora 9, to the current Fedora 27. And that included upgrading the version of perl, and the newer version of perl has things that are no longer allowed, such as defined %array. So I had to change that.

Also, if a page includes something dragged ni from another site, then if that other site isn't using https, then the whole page shows up as "insecure".

So I've fixed that where I can, but in some places, it actually can't be fixed. That's usually a page that references a graphic from another site

Saturday, 10 February 2018

Going SSL

Chrome have announced that, come  July 2018, which is only six months away, if the browser accesses a site using http instead of https, it will be flagged as "Not secure".

For most sites, it really doesn't matter much if a site is secure or not. After all, we've been just fine using http for decades now, and only insisted on https when using Paypal or your bank, that sort of thing.

What https gives you, is end-to-end encryption. So the content coming from the remote server to your computer, is encrypted before it leaves the server, and only decrypted when it reaches your computer. So the picture of a kitten that you're viewing, is safe from prying eyes in between.

There are obvious advantages in increasing internet security. Firefox are moving in this direction too. But this is going to have a big impact on some sites, because if you don't move from http to https, that "Not secure" flag in the browser URL bar, is going to worry some (maybe most) users, who won't really know the implications, except that "Not secure" sounds really bad.

So I've started to get ready for this.

First, I've recompiled and reinstalled Apache so that it includes support for https. But then, each site that I manage will need a certificate. That certificate will tell Apache how to do the encryption.

Usually, these certs aren't cheap - you might pay $50 per year, per site. But there's a way round it. Let's Encrypt offer free certs. These aren't as flexible as the certs that you pay for - my paid-for cert on my Secure Server (the one I use to collect money from people) not only drives the encryption, it also reassures the user that I am who I say I am (if they know how to look at the cert, and I doubt if anyone ever does).

So, last November, after I installed the https version of Apache, I applied for a few dozen certs. It was a bit tedious setting this up, but I soon had it pretty much sorted, and that gave me all the certs I need, for free. They only last three months, but updating them is also free, and it's a lot easier to update them that to get them in the first place. You do

getssl -a

And it takes a while, but after several minutes, I was all updated.

Next, I needed to change the Apache config files, to tell it two things. First, where the certs were. Second, that I wanted it to use port 443 (that's the https port) as well as 80. And thirdly, I told it that if any user asked for an http connection, then it should switch to an https connection. That means I won't have to change a humungous number of links, both on my web sites, and scattered all over the internet. To do this, I used redirect.

Redirect permanent / https://www.example.com/

This redirect is so permanent, that Firefox, once it's seen it, remembers it, like, forever (there is a way to clear Firefox's memory of that). That caused me immense problems, because I hadn't known this, and my first effort was slightly wrong, and when I fixed the mistake, Firefox was still going to the wrong place, and I spent a lot of anguish and elbow grease trying various things to fix a problem that I had already fixed, dammit, except that Firefox carried on redireccting to the wrong place, until I cleared it's mistaken redirect.

So, I've changed two web sites over to being all https. I'll wait and see if there's any unpleasant side effects, but I don't think there will be, and I'll change everything else to https.

If you have a web site, you should also change over before July 2018.