Even in the depths of British winter my solar panels'll still happily convert what little sunlight we get into delicious, free-range, organic electrons. Nice! Most of our domestic energy use is in the evening. So, when I'm out at work I can schedule the tumble dryer, robot vacuum cleaner, and WiFi rice-cooker to consume energy when the sun is shining. The rest is sold back into the grid for…
Continue reading →
I've got three Raspberry Pis around my house. Well... at least... I think I do. I can certainly ping three of them. I know the physical location of two of them... It's a testament to the success of the Raspberry Pi. Anyone with £30 to spare can pick one up and start hacking. Want to build an IoT fishtank? Start with a Pi. Need to monitor air pollution? Start with a Pi. Have a vague idea...? You …
Continue reading →
Just because I ask a question - doesn't mean I'm asking you a question! There's a certain class of Internet user who troubles me. He - and it is usually a he - will strive to answer any technical question he sees asked, no matter his lack of expertise. Here are the symptoms: Sometimes he responds with the first Google link for the question - as though I haven't thought of doing a basic…
Continue reading →
I accidentally caused a little brouhaha last week - for which I would like to apologise. In my blog post about BMW's unencrypted software updates, I said: Judging from the files, it would appear that the infotainment system is made by Magneti Marelli with components by Wind River, AutoSAR, and Nvidia Tegra. Looking at the copious mentions of systemd and freedesktop it's a Linux system! …
Continue reading →
Update! I now have an XSS which is only 18 characters! Here's a fun little game for all the family! What is the minimum number of characters required to perform a successful XSS attack? Let's take an entirely theoretical example - suppose we have a site which echos back user input without sanitising it. So a search for " <em>" turns the whole page italic. ahem A hacker might think, "Hurrah! …
Continue reading →
When is a string not a string? When it's a series of control characters! Not a particularly funny riddle, but one I've been wrestling with recently. Imagine we want to write a program which displays a Twitter user's name. Not their @ handle, but their "real" name. For example, instead of @POTUS, display "President Obama". Easy, right? Not quite. What happens when a user is named "️"? N…
Continue reading →
Friends, allow me to wallow in a little boasting! Four years ago, I made a modest proposal for a new HTTP Code to indicate censorship. A few days ago, RFC 7725: An HTTP Status Code to Report Legal Obstacles became an approved standard by the Internet Engineering Task Force. This allows a website, proxy, or ISP to explain to the user that the resource the user requested is unavailable for…
Continue reading →
I've just got a WiFi light switch. As I've explained previously, swapping out all my existing light bulbs with Smart Bulbs would be hugely expensive and has the disadvantage of not working when the switches are off at the wall. A WiFi light switch (theoretically) allows me to control the lights from my phone - and anyone else to use the physical buttons on the wall. That helps avoid this…
Continue reading →
The UK has some excellent laws preventing discrimination. According the Equality Act (2010) it is illegal to discriminate on the basis of... age being or becoming a transsexual person being married or in a civil partnership being pregnant or having a child disability race including colour, nationality, ethnic or national origin religion, belief or lack of religion/belief sex …
Continue reading →
The BMW i3 is an amazing electric car - let down by very shoddy software. That's a huge problem - software runs our lives and, if it is defective, it can ruin us. We used to have separate categories of device: washing machines, VCRs, phones, cars, but now we just have computers in different cases. For example, modern cars are computers we put our bodies in and Boeing 747s are flying Solaris…
Continue reading →
As regular readers know, I've turned a BLE Beacon into a wireless business card. Physical Web used the Bluetooth beacon standard to continually broadcast not an ID number, but a URL. If you're in my proximity, you can grab my contact details. The one problem with the beacon I have is that it has an exposed button. Every time it got bumped in my pocket, the token would emit a couple of shrill…
Continue reading →
Selfie sticks - like most modern inventions - are utter tosh. But they've rapidly brought down the price of Bluetooth buttons. So who am I to complain? Let's take the venerable AB Shutter 3 - You can find it on Amazon for around £2 including postage - or around $2 on AliExpress. Frankly, that's stupidly cheap. OK, let's put this to work as something other than a vanity clicker! There are no …
Continue reading →
