A curious way to break Twitter's search results


Screenshot of a tweet. The HTML is malformed.

(This isn't really a security issue, although I've disclosed it to the Twitter team.) "Fuzzing" is a computer science term which means "sending weird data into a program and seeing what happens." It's a useful way to see how your code can break in new and unexpected ways. It's particularly good at showing what a […] Read More

Advertising Screens Hacked To Mine BitCoin


The display shows a windows desktop with a variety of icons. There is a window open

Spotted in London, yesterday. A large, Microsoft Windows-powered advertising hoarding has been hijacked. It's not uncommon to see broken-down Windows displays - I run https://windowsisbroken.tumblr.com/ - which is dedicated to pointing and laughing at such mistakes. But this is the first time I've seen a display repurposed for profit! It appears to be running NiceHash […] Read More

Updating all the examples in the HTML5 Spec


A screenshot showing the difference between two text files.

I'm currently helping to edit the HTML5 specification. As part of our preparations for HTML5.3 I've started going through the provided examples and improving them. This blog post explains the what, why, and when of the process. You can follow along on GitHub. (As part of my job, I'm lucky enough to be on the […] Read More

Artificial Intelligence is a Horseless Carriage


I've been thinking about words. The Chinese word for "train" - the mode of transport - is 火车. Which literally translates as "fire chariot". Long gone are the days when trains were pulled by a fire-breathing engine at the front, and yet this linguistic skeuomorph hangs around. English is not immune from this. The television […] Read More

Context-Aware Text Recognition?


A scanned document, the text is askew. Next to it is a computer-generated version of the text. A passage is highlighted.

I've been playing with Google's Cloud Vision API. It is OCR (Optical Character Recognition) - but in THE CLOUD and uses MACHINE LEARNING! When it works, it is indistinguishable from magic. When it fails, it reveals a very limited understanding of human text. Let's take a look at this quick example - a piece of […] Read More

The Policy Hack


Clip from the film "The Matrix" - a young bald boy is saying "There is no spoon."

I've found a delightfully exploitable social hack which I presented at UK GovCamp. It applies to any uncooperative bureaucracy. Here's how it works. You ask someone to do something and they reply with "I'm sorry sir, that's against our policy." You should say "I'm sorry to hear that. Please can you send me a copy […] Read More

MailChimp leaks your email address


Change email address page with obscured email address

An annoying privacy violation from leading email newsletter company MailChimp. Responsibly disclosed on 2017-12-04. When you click a link on a webpage or an email, your browser opens up that link and sends the newly visited webpage a Referer Header. (The misspelling is a historical artefact.) This says "Hello new site, I was referred here […] Read More

Emotional Technobabble


Screencap from Doctor Who. The Doctor says "Must be a Spatio Temporal hyperlink." Mickey replies "What's that?" The Doctor answers "No idea, just made it up. Didn't want to say 'magic door'.

"Reverse the polarity of the neutron flow!" "I'll create a GUI interface using VISUAL BASIC, see if I can track an IP address." "I love you, let's get married!" Technobabble sounds convincing to a lay audience. If you're not a computerist, then "hacking the mainframe" sounds plausible. If you're emotionally immature, then "I love you! […] Read More

Review - BlueSkySea DashCam


Dashcam product shot

The good folks at BlueSkySea have sent me their 1080p dashcam to review. It's a sub-£50 dashcam with built in WiFi and a 150° field of view. Let's take it for a spin! Unboxing and first use Video Samples Video resolution: 1920x1090 formatted to play back at 1920x1080. Audio: 16KHz AAC stereo - although seems […] Read More

Using canvas to shrink images for Google Cloud Vision


The HTML5 Logo

I've started using Google Cloud Vision for running text detection on OpenBenches images. There's just one problem - Google limits the size of the files that it will accept to 4MB. Why? Who knows! Obviously, it's easy to shrink an image server-side, but how do we do it in the browser? First, let's take a […] Read More