2013-10-28

ASN.1 BER

I really don't know why ASN.1 BER winds me up so much, but every time I end up doing anything with it, it annoys me.

I think it may be the way it is based on telco standards not Internet standards. I have use ITU-T and ETSI based stuff in many jobs, as well as many RFC based stuff, and the IETF based standards are always so much easier to deal with.

One of this things that always drives me round the bend is when standards refer to bits as 8-1, not 7-0 (or worse, 1-8). There is only one sensible way to number a bit in a word, and that is with the power of 2 that its numeric value represents. Bits in a byte are 7-0, with values 128 to 1 respectively (2^7 to 2^0).

Essentially ASN.1 is a good idea. It has syntax that allows all values to be parsed even if you have no idea what the values are, and so allows extra values to be skipped or rejected. This is the very basis of extensible languages (like XML). The best types of extensible languages are ones where unknown types include a bit that says "comprehension required", so you know you have to know that data object or it is safe to ignore it. ASN.1 lacks that.

ASN.1 also has a machine processable syntax for the definition and hence knowing what objects exist, much like MIBs for SNMP (which also use ASN.1 BER), so this allows a meta data level to be processed in an automatic way.

But still, something about ASN.1 BER seems to bug me, and I am not 100% sure what. It is not as if the functions to parse and generate it are at all complex, really.

Latest job is a very simple and light weight LDAP server with mysql back end. Yes, openldap does this as do some others, but I am after something very simple, or rather MikeB is, who is hassling me. Should be simple enough to do.

2013-10-26

FLOSS Unconference

Never done an "unconference" before, but it was interesting. They had me talk on IPv6, and lasers. There were quite a few interesting talks, including stuff on Python, DNSSEC, Puppet, and even DNA sequence analysis. Shame we don't have DNASEC :-)

The agenda is not set, and instead is decided as the day goes on, which seemed to work well. The event (hosted by BCS off The Stand in London) ran perfectly to time.

The Coal Hole afterwards was packed, but they do serve Aspels, so not bad.

Thanks for the warm welcome to a newbee, and the feedback.

2013-10-24

Juice may be one thing, but WTF is "popcorn chicken" ?

Just got "popcorn chicken" from KFC.

TBH it was OK, much like chicken nuggets from MacD, but smaller, and I found some BBQ sauce.

But why "popcorn"?

It seems to have no popcorn, or corn in any way in it?

Why are foods allowed to be sold with such misleading descriptions?

/me assumes he is getting old and turning in to Victor Meldrew.

The most demanding customers?

Unrelated picture, for the hell of it
Well, we have a few demanding customers, and we have a lot of solutions to try and ensure a reliable Internet connection (like Office::1, multiple line).

But we have a couple of customers who are especially demanding, namely my son and his girlfriend.

To be fair, they are guinea pigs, in that they are on a fibre linked via our office router, and one of the final stages of testing a new release of code it to use it ourselves. It is a tad inconvenient for staff, and my son, if there are any issues, but we would rather suffer problems ourselves first.

Unfortunately, by doing in-house testing, using several staff connections, the office, and other sites, we managed to create some unexpected issues and hence the off crash. It is why we test. The result is a loss of routing for 2 to 3 seconds, and loss of phone calls.

So I do apologise if anyone was talking to the office on the couple of occasions today, and I am sure staff will have called back. Sorry.

The problem is that a certain young lady is playing League of Legends, and ranking games, in the middle of the day. Even a couple of seconds downtime can drop her from the game. We've even set up some firewall session logic to try and restore TCP/UDP sessions cleanly, but somehow the outage for a crash is just long enough.

To be fair, if this was any other router, or even a switch, it would not be back in a couple of seconds. It seems very few manufacturers take care over their boot times. FireBricks can do a controlled reboot in a fraction of a second, and we tested that LOL games carry on almost seamlessly if we so a s/w upgrade. Sadly a crash is (deliberately) not as seamless as it ensures a full hardware restart including the Ethernet ports.

Anyway, at the end of the day, I am still keen to test things ourselves before affecting customers. It is the last stage of a lot of testing, but necessary. Well, sort of last. We now have alpha releases that selected FireBrick customers can test, before we issue beta code and then finally a general release. We expect a release soon, maybe at the weekend.

Thinking of gamers, we (A&A) even allow people to pick the window over night where they would prefer to have a PPP restart if we are doing any LNS upgrade work. I know the gamers will be playing at 1am (they are in the bedroom next to mine). So when they finally move out (real soon now, honest) they can have the same reliable Internet that the rest of our customers enjoy, and not be guinea pigs any more.

Sorry...

2013-10-23

Clever, and a bit spooky

So, I have apple maps on my MacBook Pro now, as it is in Maverick.

I clicked on it, and it showed my current location.

Spot on, within a couple of metres.

Err, my MacBook Pro does not have a GPS in it.

So, err, how?

[I have some theories]

2013-10-18

Censoring the Internet

"Something must be done" is the cry we hear, with primarily the likes of Daily Mail readers demanding that something be done to stop kids getting access to porn on the Internet.

There are, as I have previously blogged, a lot of issues here - it is not a simple matter (as some in the government seem to think) of ISPs blocking smut. I have re-listed a few of the issues at the end of this post. Importantly it is not a matter of "doing something is better than doing nothing" as there are many down sides to even simple filtering.

Larger ISPs are offering some filtering solutions, and well done to them for trying. If there really is public demand for such services then they will do well. The government has said they want small ISPs to follow suit. Well, AAISP have no intention of doing so, sorry. But we are getting a chance to help with the debate at last. ISPA have managed to get the ear of a few MPs and I was lucky enough to be involved in the meeting (aka dinner). It was interesting, and important to try and explain some of the issues to even a few MPs.

The political problem is the cries for "something must be done", and if nothing is done then something bad will happen some how. That seems to be how these things work. So addressing the public concern is what they need. Arguments about whether there is actually an issue to solve apparently don't help, i.e. kids have always managed to get access to porn, and still managed to grow up to become normal people, even MPs. Arguments that ISPs are "mere conduit" seem not to help either.

One concern is that the MPs see "the industry" as needing to do something, but sort of lump together the ISPs, hosting companies, software developers, content providers and search engines all together as "the industry". ISPs understandably say "we just pass packets" and "were are mere conduit". There is a lot that can be done at the PC level, and Windows have done a lot to make parental controls easy. There is a lot that can be done by the content providers (needing some international co-operation) to help ensure kids do not access content. There is a lot that can be done by search engines. It may be that these things are "good enough" and ISPs do not have to worry, but it seems we may have to have some "answer" to the issue somehow.

It did seem that the idea of ISPs like AAISP saying "we don't filter" was not seen as an issue. One comment is that it would mean we lose business to the ISPs offering filtering but several of us quickly corrected that view explaining that people come to us because we don't filter. As I said, I am very keen to ensure it is clear what we do and do not offer at sign up.

One idea is that this basically an education issue - we should be doing more to educate parents on the perils of the Internet and the options they already have. Smut is just one small aspect of the issues that can arise, and, in my opinion, far from the most serious of issues which include bullying and grooming and all sorts via social media. Even the increased peer pressure kids now face as part of the facebook generation is an issue. The idea of more prime time TV soaps covering stories involving such issues was suggested, and I suppose that is one of the ways to educate large parts of the adult population.

This is not quite "government talking to small ISPs", it is a few of the more clued up MPs talking to ISPA, but that is a huge start. I intend to try and continue such discussions if possible and help educate the MPs on the issues and work to come to some answer to their concerns.

One important suggestion from the MPs was that ISPA members should invite their local MP to discuss the issues, and maybe visit and see how an ISP works. This would get more MPs to understand the issues. We may have to try that.

A few of the issues:-
  • Filters need to be tailored to the users, as filters appropriate for a 6 year old are different to those for a 16 year old (who could be married with kids!), or an adult. This is not something that is viable "in the network" (which is what is being called for) as an ISP cannot tell who is at a computer in a home.
  • Filtering by default creates a stigma around people then having to ask for the filters to be removed, and creates a list of people who have so asked. But removing the filtering opens the whole home to the smut (see above).
  • All ISPs doing filtering (as seems to be wanted) creates a framework for national censorship of the Internet, and it is done with no control, visibility and oversight. Even now for IWF filtering (which is not mandatory) the lists are secret (even from the ISPs staff that implement the filtering). Secret censorship of all Internet in the country is bad, and we already see calls to extend beyond legal porn to "esoteric web sites" and other vague categories. This sort of filtering also has human rights issues as it is blocking freedom of expression and communication. You can be sure that once filtering is in place, the "filtering off" option will still have some filtering as the tools will exist.
  • Filtering can (and does) undermine the integrity and reliability of the network. It creates more ways for things to break. We need more reliable networks not less.
  • Filtering is going to be ineffective. You have to filter all types of VPN and proxy to be sure, and that then stops lots of very legitimate uses. As one MP said, they VPN in to the parliament network, but to ensure people cannot access porn you have to block all VPNs. Indeed, you would have to block all encrypted traffic and hence stop access to banks. If you don't porn sites will simply switch to using https.
  • Filtering will overblock (not just VPNs) but will block web sites that are not within the criteria, largely because of automated categorisation of sites. There is unlikely to be legislation on this, so no formal process to get incorrect blocks removed in a timely fashion, or compensation for such blocks. This is a big issue on mobile networks that routinely have filtering already.
  • Filtering will not be effective - whatever technology is used will still allow loopholes. It will, however, create a false sense of security and leave parents happy to allow unsupervised Internet access when they might not have without filtering. Even in environments such as schools where the pupils can't really complain about over blocking, the people running such filters have to block new things every day where pupils have found new sites. We see from piratebay filtering, which targets just one web site rather than "all smut", how easily people get around the blocks. Indeed, one view is that adults wanting access to porn and not wanting to talk to their ISP will get help from their teenage kids to get around the filters!
  • As an ISP with no blocks, it will be costly to add any sort of sensible filtering, not just in technology but all of the maintenance and support staff for such a system. As soon as we have filtering technology we can easily find we also have to filter other stuff based on civil court orders.

2013-10-16

Any MP that can correctly use "regex" in conversation is OK by me.

I have to say that, in the past, I have been unimpressed by MPs, but this evening I met three that were surprising sensible, and one in particular that clearly has a clue. They were all very good and I had a nice meal and some drinks in the Stranger's bar afterwards.

Chatham House Rule prevent me from naming the MP but he does, apparently read my blog, and I would be delighted if he would post a reply confirming his perl scripting abilities.

Well done.

2013-10-11

iPhone 5S not on the level

Spot the deliberate mistake?
Same table, not moved. Used to show level on my old iPhone 5.
I am not sure these new iPhone 5S's are on the level.
Chatting to their support now - had all sorts of reset settings, set true north, power off and on, etc.
Lets see what else they suggest.


Update: Nice grammar?

2013-10-10

ACR

I have written to the ICO again...

When the PECR came in, we raised the issue with the ICO that the mobile operators were not providing anonymous call rejection service.

At the time, the mobile operators, and OFCOM, and the ICO were saying that the means reject such a call was to "press the red button on the phone".

This provided the "user" with means to reject the call, but not the "subscriber" as required by the regulations.

At the time, in spite of the clear breach of the regulations by all of the mobile operators, the ICO did not take any action.

We now have the situation where, on my iPhone, when a call comes in, I no longer have any option to "reject" a call. There is no "red button". At best I can silence the call but not "reject" it as per the regulations.

Once again, as per section 32, I request the Commissioner to exercise his enforcement functions.

Defence for spam case

Well, to my shock, the guy from Deane has suddenly started sending more reasonable emails. Up until now almost every email has been somewhat stroppy, in my opinion, and even threatening, but this morning he was being reasonable!

What he has done is raise the very interesting question of section 30(2): "In proceedings brought against a person by virtue of this regulation it shall be a defence to prove that he had taken such care as in all the circumstances was reasonably required to comply with the relevant requirement."

I have said that I would still want a judge to decide, so not withdrawing the case. It would be a shame if he settled now and avoided court on this really.

The wording is interesting. If I was sending an unsolicited marketing email, what steps could I take to comply with section 22 I wonder?

There is basically no way to tell who is the party to the contract for the communications service. Even an email address that is obviously a work email address or quoted as a work contact could have an individual as the subscriber. So, in my opinion, the only reasonable step one can take in order to comply is not to send any unsolicited marketing emails.

It will be interesting to see what a judge says. What would be worrying is if a judge says that "buying from a list broker that assures you they are business contacts" is a reasonable step, then the regulation becomes pointless. If the judge agrees with me that there is no step you can take then that makes the regulations much more useful. Hopefully we'll see, one way or the other.

P.S. I have emailed the ICO asking what steps someone can take to ensure compliance with section 22.

2013-10-09

Spam court case

So, I have a spammer case that is actually going to go to court next month.

The case is clear cut - I was sent an unsolicited marketing email to an email address for which I am an individual subscriber. It is very simple. The email address used is one for which I personally pay Dedicated Programmes. They own the domain and own and operate email servers that provide the email to me, and they also provide email and other communications services to the public making them providers of public communications services. None of the grey areas I am currently discussing with the ICO over @aaisp.net.uk emails.

It is hard to see a more clear cut case. I am looking forward to it going to court.

The other side (Deane), have made offers to settle in full, but only if I remove all details from my blog, which is not going to happen. Though it was almost tempting to agree and then post a blog linking to archive.org copies of the posts. Anyone else wanting to archive and report the blogs on this guy, please do, and please post comments linking to those copies if they suddenly vanish from my blog. Not likely to happen, but who knows.

He has been aggressive the whole time, even accusing me of fraud. I have a right to claim damages for his apparent criminal breach of the regulations.

The latest amusement is that he claims that he has not received the paperwork, including the copy of the invoice and receipt from DP for the email services. Yet I know he received that by email previously as he replied to it. He claims it was marked as spam, which is odd as, well, he replied, so a tad inconsistent. Now he claims not to have the recorded delivery paper copies of the papers I intend to rely on in court. Royal Mail say they carded him and have them for collection. Even providing the RM reference, he claims not to be able to get it! Strange how, when I put the reference in to the RM website I have the option to request redelivery. Why can't he do that? Clearly he is just being difficult for the sake of it, in my opinion.


Well, I have done my bit and paid to post it to him and have proof of that - I really cannot see it being sensible to humour him any more by either emailing or posting stuff again, at expense of my time and money. He already stated that he wants to waste my time and money on this.

Anyway, court paperwork here, any comments, let me know. Maybe he'll read the paperwork here...

His only defence was that the regulations do not apply to B2B emails. I get the impression someone took him to court before who was not an individual subscriber and lost. Pity for him that is not the case here.

P.S. It is worth pointing out that as this is small claims track, if I lose this case, I get to pay his travel from Weymouth and that is it - not the threatened lawyers fees or other costs, a small amount, which will be a very low cost for any sort of training course on the legal system in the UK. It is hard to see how I would lose, but if I do we will all learn a valuable lesson and my blog will be enriched with the details.

2013-10-07

Arbitration

I was interested to learn a bit more about the court service's arbitration service recently. When I had previously taken people to court this was not available, but in a recent case the paperwork offers both parties an arbitration as an option.

Obviously, having previously encountered arbitration in the way of The Ombudsman Service for ADR I was a tad sceptical, but the fact that we could go on to a normal hearing if the arbitration did not work meant there was  no risk. So, I had a case go to arbitration.

One of the key, and rather annoying, points is that the arbitration is that it is confidential. Part of the agreement to arbitrate, and the final settlement agreement that can be reached by arbitration, is that the details are confidential to the two parties. This means I am unable to comment on the specific case, sorry.

I did, however, discuss a couple of points with the arbitrator, and he is happy for me to blog on the process itself. Also, he noted, very sensibly, that there was no point trying to change things that were already posted on my blog, even about the specific case - what is published is published. This seemed a sensible enough compromise that I agreed to the terms in this case. Interestingly, in a case that is coming up (and not going to arbitration), the other party (Deane) has offered to settle if I remove all details from my blog. This was the same tactic tried by someone else previously. I did not agree to his offer, or agree to make his offer confidential. With any luck this will go to court in November and we'll have a much clearer case on the whole spamming issue. The case is pretty sewn up, but the defendant seems determined to fight it having won a case before (where the target email was not an individual subscriber, from what I can gather).

Anyway, the arbitration process was simple enough. They book a one hour slot, and call you each on the phone, in turn, to discuss the case. The objective is to try and come to a settlement without having to go to a hearing, and both parties have to be prepared to try and do that, which may mean compromise. The arbitrator was friendly and helpful and offered useful advice. He had read the paperwork that we had submitted to the court (claim and defence and so on). If the agreement is reached, then that binding.

It as amusing that he said he had learned something from this as he did not know you could take action against spammers :-)

I did ask what if one side does not stick to the settlement agreement, and apparently this agreement is not simply like a normal contract where you would sue for a breach of contract - if the agreement is broken then I could apply to the court for summary judgement, of if I prefer, to have the case go on to a hearing. A timescale is agreed for the parties to do what is agreed. So it is quite a simple process.

Another key point is that the arbitration call is free of charge, though you do have to made a claim in the first place which can cost as little as £25 in the county court.

This does rather lead to some serious questions about the ADR process that telcos are forced to join. The cost for ADR is of the order of £350+VAT just to take a case. Some recent rule changes are being considered where the arbitrator can decide that the case is vexatious and dismiss it, but that still means the case fee is paid by the telco as I understand it.

Now, if the county court service can do an arbitration call, and even a hearing in front of a judge for a few tens of pounds, why on earth would ADR cost £350? Something is very wrong there.

What I have suggested via ISPA to CISAS is that taking an ADR case should have two stages. The first stage would be an arbitration call just like the court service's arbitration. This would allow many cases to be resolved, and would allow the arbitrator to determine if a case is totally unfounded or vexatious. Only if the arbitration call fails would a full ADR process then happen. Such a call could be done for tens of pounds, if that. Even though this would (unfairly, by design) fall on the telco, it would allow cases to resolved quickly and cheaply, and bogus cases to be dismissed cheaply.

In an ideal world, that initial cost, lets suggest £20, would be payable by the claimant if the case is dismissed or resolved in the telco's favour. Perhaps, to come to agreement quickly, the telco could offer to cover that fee, if it is agreed that the issue is just a misunderstanding. That would mean that telcos would not be unfairly burdened with bogus case costs, and would create a small but very reasonable barrier to abuse of the process. Apparently the EU regulations creating the need for ADR do not actually say it has to be free, so this would be sensible. If that was the maximum risk to claimant, e.g. a full ADR cost is always paid by telco, that would still avoid a lot of risk for the claimant.

That's the suggestion. If any other ISPs think this is sensible, please let ISPA know.

2013-10-01

Juice

Can anyone please explain why something sold as "Mango & Passionfruit" has 87% apple juice?


Surely that is "Apple, with a little Mango and even less Passionfruit"? How many things have one of the two main headline ingredients at 4% content?

What is wrong with Trading Standards in this county?

Also, it says not from concentrate, but surely "puree" is a form of concentrate?

Update: Some interesting comments here, thanks. I think I have worked out my biggest gripe here with it - the brand is sold as a premium "juice", and even says "not from concentrate" to highlight the quality. It is not sold in the same way as flavoured squash or even flavoured crisps - so you (mistakenly) think that the headline description might vaguely describe the juice you are buying rather than just the [real juice] flavouring that has been added. To my shock, the "Orange & Lime" was mostly orange, some grape, and 0.5% lime juice. The lime is very much "just the flavouring". To be fair these drinks do taste nice, and I dare say that any sensible quantity of lime juice would taste rather nasty. Ultimately if the headline is just the flavour it just lacks the one word "flavoured" in the headline. It is that small detail that is missing, in my opinion. Oh well.

FB9000

I know techies follow this, so I thought it was worth posting and explaining... The FB9000 is the latest FireBrick. It is the "ISP...