Category Archives: Technology

Dropping the dynamic, because everything is awful

Because I am a naive optimist, when I migrated various defunct blog archives from elsewhere to here, I assumed that running them on auto-updated WordPress would be fine. This was a stupid move. Not specifically because WordPress is bad, but because everything is bad, and hacking is easy. And, of course, happened.

After several months of this site being broken and struggling to keep client sites afloat, I’ve finally got everything sorted out.

My main websites, client and personal (this one included) are now signed up with crazy amounts of security. I’ve blocked all kinds of user agents, headers and IPs, and I’ve signed up with Cloudflare. They’ll probably get hacked again because YOLO, but at least less so than before. Meanwhile, the old websites are cloned HTML mirrors of the original with everything set to 644,  so nobody nefarious can nefare with them.

And now I can log into this site, I might even write something substantive here before anyone else dies.

Long-haul flying: we’ve never had it so adequate

Something which gets neglected by most travel writers – I think because long-haul economy-class flying is inherently a bit shit – is the immense extent to which the actually-flying bits of the long-haul rigmarole have improved over the last 15 years. The pre- and post-flying bits have worsened, of course, which makes short-haul flight far, far worse, but that’s a story for another piece.

At the turn of the millennium, by no means all planes flown by serious airlines even had seat-back in-flight entertainment (IFE). The last time I flew long-haul on a BA plane with only ceiling CRT screens was in 2002; the last time I flew long-haul on a US carrier (who count as somewhere between top-tier and third-world) which had them was in 2004. Surprisingly, the last time I ever flew long-haul without seat-back entertainment was on Air Canada in 2008.

But back then, even seat-back IFE was shit. You had perhaps eight channels playing on a continuous loop, so once you’d watched a film, you were stuck with whatever was next on the channel for 90 minutes until the loop ended, or joining something else completely halfway through. So even if there were channels featuring things you might reasonably want to watch, it was still a frustrating process. The same was true for music: at best, there might be one radio station vaguely to your taste, which repeated every two hours.

If you had a decent laptop, it’d be twice the size of your seat tray and would have a battery life of an hour or two. There were no power sockets in economy. If you were ridiculously dedicated to work, you might bring a second battery, taking your laptopping time up to a grand total of three hours. The concept of doing anything other than work was fairly ridiculous, not least because downloading films in the first place would have taken you all month and most of your disk space.

So you were often left with books, which are obviously a great medium, but a bit of a pain in the arse to lug around, especially if flying 20 hours for a two-week trip away.

Compare all of this with now, where any half-decent carrier has a video-on-demand system. As I’ve discovered on this Cathay Pacific flight, any carrier which isn’t from an English-as-first-language country [*] will end up with a fairly average range of videos to watch. Qantas are exceptionally good at VOD programming. BA and Virgin aren’t bad. But even Malaysian Airlines has enough to keep you occupied for 12 hours if you don’t mind watching HBO re-runs (and come on, there are worse ways to spend 12 hours).

If you do object to HBO, you also most likely have a Kindle with every book you own on it, a tablet or small-form laptop onto which you’ve pre-loaded your own favourite TV shows, music and online long-reads to catch up on, and you have access to AC and USB power sockets. The only thing you’re missing is the internet (unless you’re on Emirates, in which case you have all the fun of 1998-era dial-up internet, or above the continental US on a domestic flight). Noise cancelling headphones cost under $50.

And if you’re on an A380 or B787, newer thin-material seat designs, airflow systems and lighting systems mean that you can pack more people in without making legroom worse than it was in a 2000-era 747-400, you can breathe better and feel less groggy, and you’re subjected to lighting patterns designed to maximise sleep and wakefulness and minimise jetlag.

Don’t get me wrong. We’re not built to sleep in upright seats, and once a flight goes over the nine-hour mark even a Broadwalk Empire marathon starts to lose its appeal. Economy-class flying is still more of a chore than a joy; otherwise nobody would pay the price of a car to travel in the premium classes. And the improvement is largely down to wider improvements in the electronics industry, rather than anything specifically to do with carriers improving.

But that doesn’t negate my point. Long-haul flying is a hell of a lot better than it was when I was a callow youth – even though back then I was able to drink solidly through the whole thing and not worry about the destination consequences of hangover, no sleep and horrible back pain…

[*] insert your preferred first language if not English.

CBA’s Netbank platform was never vulnerable to Heartbleed

The suggestion has been doing the rounds, at least at the more paranoid/self-fancying end of the technology spectrum, that the Commonwealth Bank of Australia (CBA)’s Netbank online banking platform might have been vulnerable to the Heartbleed vulnerability.

TL/DR: it wasn’t.

Heartbleed only hit sites that use certain versions of the OpenSSL secure toolkit, with its Heartbeat function enabled. Netbank runs on SAP for Banking, implemented by Accenture. SAP for Banking is not affected by Heartbleed, which you’d expect given that it runs on Microsoft IIS (“Microsoft” and “open” go together like anchovies and custard). This isn’t a great surprise: no major western-world banks’ online banking platforms were ever vulnerable, because of the massively proprietary, as well as security-crazy, way in which online banking software is developed.

So why all the derp? Well, CBA’s non-transactional website does use OpenSSL, was apparently vulnerable to Heartbleed, and was apparently patched after the Heartbleed news broke. You don’t use your Netbank credentials to log into Commbank, it isn’t linked to your secure data, and it uses a different security certificate from Netbank.

This created some scope for confusion – and the scope was fully brought to reality by the combination of utterly stupid PR people, and self-satisfied circle-jerking techies happy to spread unjustified fear among CBA customers.

CBA published a blog post that completely failed to explain the difference between the two platforms, and then responded to comments asking for clarification with a meaningless copy-paste of the original post. Rather than doing the basic research that went into my post here, a whole bunch of tech folk who should know better then went crazy with the “WE DON’T KNOW IF OUR NETBANK PASSWORDS ARE SAFE OR NOT, WOES!!!!!!” line.

Stop it. Your Netbank passwords are safe. Someone in CBA’s PR department needs a long walk off a short pier, is all.

(thanks very much to Johnny and Chris for pointing me towards technical details here. Any screw-ups in this post, of course, are solely my fault.)

The Facebook decline paper is a disgrace to Princeton’s name

The obvious answer to the question “why won’t Facebook decline by 80% by the end of December this year” is “because obviously it won’t, what kind of idiot would even claim it would?”. It’s the leading social network in all age groups, and between July and December 2013 total user numbers only fell by 3%.

However, if you’re reading the papers today, you might be forgiven for thinking otherwise. The Daily Mail is the worst offender, because obviously the Daily Mail is the worst offender, but plenty of derp is being thrown left, right and centre. I’m quoting the Mail piece, because hell, why not:

Faebook is heading for a catastrophic decline and could lose 80% of its users by 2015, researchers warned today.

(yes, Faebook in the lede is the Daily Mail’s typo. QUALITY JERNALISMS!)

The researchers in question are proper academics, more or less: they’re two PhD candidates at Princeton, John Cannarella and Joshua A Spechler. They’ve written a paper which takes a standard epidemology model, the SIR (susceptible, infectious and removed) model, and tries to apply this to the spread of social networks. It’s not a bad choice in theory: it’s generally accepted that social networks spread virally; and the SIR model applies to diseases which are fatal or immunising (so once you’ve got over it, you can’t get it again, like measles [*]) – most people who give up on a network don’t come back, so fair play.

There are a couple of obvious [**] early alarm bells: the paper is not peer-reviewed, and Cannarella and Spechler are studying for PhDs neither in the epidemiology department nor the digital cultures department. They are mechanical and aeronautical engineers. Working entirely outside your discipline doesn’t necessarily disqualify you from doing good work… but it makes the need for review by someone who does know the discipline even more important than usual.

The global headlines are based on our stupid typo

But what does it say? Well, the paper does make the claim reported in the Daily Mail, on page 6 of the full document:

Extrapolating the best fit into the future shows that Facebook is expected to undergo rapid decline in the upcoming years, shrinking to 20% of its maximum size by December 2014.

Unfortunately, this claim is solely due to the paper not undergoing peer review, or apparently proof-reading, before being made publicly available. Page 7 says:

Extrapolating the best fit model into the future suggests that Facebook will undergo a rapid decline in the coming years, losing 80% of its peak user base between 2015 and 2017.

This second conclusion fits with the charts and data presented in the paper. So nobody at all is actually predicting the 80% decline by December 2014; the journalists reporting on it are gibbering halfwits, and the writers are monumentally half-arsed for failing to spot such a basic and disastrous mistake in such a short piece of work.

But also, the premise of what we’re doing is stupid

What about the “losing 80% of peak user base by 2017” conclusion, then? This is indeed what the authors’ model predicts.

Unfortunately, the authors’ model is not entirely robust.

My TL:DR summary of the paper’s methodology is “we modelled MySpace’s growth and decline against the number of Google searches for MySpace, and then applied the same model to the number of Google searches for Facebook”.

If you think this is a ridiculous way of doing things, given the niche, geographically and age-group limited status of MySpace versus the universality of Facebook, and given the different corporate natures of the two organisations, you are correct.

There is an excellent piece in The Week which covers these flaws in the paper’s central conceit very well (keywords: no Murdoch; profitable; less spam; universal; vast corporate cash war chest).

But also also, we’ve completely juked the stats

However, if the models line up, then – subject to critiquing the assumptions – there might be something of value in the paper, right? Well, no. This is where things move from “hmm, I’m not sure this fits with existing research on epidemiology or social networking” to “oh, go and stick your heads in a fire”.

The model used is not actually the SIR model. It is a model called irSIR, which the authors have invented (page 3). They have used this because the SIR model doesn’t work. They don’t cite any epidemiology research when justifying their irSIR model, just a “common-sense” theory about how social network users behave, coupled with a couple of descriptive papers about online network usage.

They don’t use any of the work on social ties that digital cultures theorists have spent the last 20 years developing. Nor do they use any of the work on epidemiology beyond the SIR model as detailed in first-year undergraduate classes. Because hell, where would be the fun in that?

Strangely enough, the model they have custom-built to fit their data on MySpace’s decline fits their data on MySpace’s decline almost perfectly.

However, there’s a new problem. The decline thesis doesn’t really fit the data on Google searches for ‘Facebook’, which remain at 2011 levels and don’t show much of a declining trend at all (the dotted bit is Google’s projection; feel free to ignore everything after January 2014 if you’re sceptical):

The authors get past this problem in a way that is truly ingenious: despite not having any evidence that the increase in October 2012 is fake, they scale back all post-October data by 0.8x. As a result, they end up with this beautiful chart, which not only matches the shape of the MySpace curve, but does so over a similar time period and is even steeper:

Strangely enough, following the modification to make their data on Facebook line up almost exactly with the data on MySpace, the projected decline for Facebook lines up almost exactly with the recorded decline for MySpace.

In short, this paper is incredibly sloppy, is based on a flawed premise, and only works because the data has been tortured until it confessed.

If the authors apply the same principles to mechanical and aeronautical engineering that they apply to social media uptake, then I’d be fucking reluctant to get in a plane that either of them had had anything to do with.

[*] A small proportion of people who get diseases like measles are at risk of getting them again, which more complicated models have been built by actual epidemiologists to allow for.
[**] If you are used to reading academic papers. Not, apparently, if you are a journalist.

Content filtering is stupid, but you are stupider

There’s been masses and masses of fuss over the last couple of days about the implementation of opt-out content filtering for porn in the UK.

As everyone sensible argued in great detail at the time the PM promised it following a Massive Stupid Media Panic, content filtering is pointless: it’s easy to bypass, provides a false sense of security, leads to false positives so that sex education sites get blocked, and puts the infrastructure in place for a more Daily Mail-friendly government to run wider censorship modes.

However, and unfortunately, most of the last couple of days’ Twitter chat about content filtering has involved gibbering idiots who know fuck all about fuck all talking embarrassing nonsense.

O2, one of the UK’s larger ISPs, has thoughtfully provided a tool so you can see how your website is categorised.

Here’s this website:

Like all websites, it’s allowed on the opt-in “open access” feed (where you tick the “I am a dirty whoremonger” box). Like nearly all websites, it’s allowed on the default “default safety” feed (if you leave the “I am a dirty whoremonger” box unchecked). And, like nearly all websites, it is blocked under O2’s opt-in-only under-12 filtering scheme, whose aim is to create a walled garden of whitelisted CBeebies-ish tiny-friendly sites which won’t produce unfortunate results when your kitten-loving sproglet searches for “i love little pussy”.

Because people are monumentally stupid, and crowds even more so, the fact that almost all websites show up as blocked under the under-12 filtering scheme has led to claims that they are blocked under the default filters. Which they aren’t. Almost every tweet today about a website being blocked has been a fuckwit claiming that a website is blocked under the default filter, when it’s actually blocked only on the whitelisted kiddy-friendly filter.

This is not to say that the default filter isn’t problematic. It is problematic. Because it focuses on sex, it is inevitably going to fail hardest at the areas of sex where young people (especially LGBTQ young people) most need information and resources. But if you’re wanking on about how your blog or Wikipedia or the Guardian or basically anything non-sexual has been blocked, then you are a fucking idiot and you are not helping and you should shut up.

What I did on my holiday

Answer: I went to India and spent a great deal of time buggering about with smartphones. And then used that as background material for writing a guide to mobile phone travel in India. The guide isn’t quite finished yet, but I’ve written an article about some of the more bureaucratic bits for Smart Phone Travel.

I also went to an amazing wedding, and enjoyed the coldest temperatures the northern hill city of Dehradun has seen since Independence. Which was, well, cold. Had great familial fun in Mumbai, and great touristy fun in Pondicherry and Chennai. Indian Railways’ day train from Pondicherry to Chennai was surprisingly good (and had a power socket for my mobile phone, amazingly and relevantly to the context of the post).

Artificial John B Impersonator

The text below is the output of my phone’s AI autocomplete app (SwiftKey), based on its knowledge of the things I say and do. My only interaction was to choose between the three suggestions it offered.

I have been made to the park. I am not going anywhere, and I will not receive the item is faulty, but the most important things. The only way I could have a good idea. The problem isn’t with the loan companies, who is a good film, but the subway. I am a real Zeus, and I am not sure what to expect.

The problem is that it is not a good idea. The only thing I have been a bit of fun. I have been a while, but I can confirm that you can get round to the zoo tomorrow, zoo tomorrow. And I know that analgesics, and I am not sure what to expect. I have a glass of wine. I have a glass of wine. The only way I could have a great day and the Machine, but it is. It has an appointment. The quality is the most of my own.

We have to do it. I have a glass of wine.. I don’t vividly the best. If I identified and then I will have the same. Federalism the best. The only problem is the first place to find a job, but the best way of organizing emails into the address below and click the Help section for the next few days ago.

It was a bit of a fine example of the most important thing. But it was a very long time to get the latest version, and the Democrats are total pansies who are not responsible for any reason. I have a glass of wine.

The quality of life and I am not sure what to expect. I don’t think it’s a good time to do it. It is a bit of a new member. I don’t vividly recall his own words. The problem isn’t a problem with your friends, but I guess the queen plays by her own rules.

K is technically right here at the moment. The quality is not a good day and night and then the next day or night. The only way to get a quote from you soon as possible to make a decision on the phone and the other side of things to come and see if you are looking for a few weeks, but it doesn’t matter how much I love you so that.

I have a glass of wine.

Slightly worried that in the reasonably near future, my phone will replace me.