A (very minor) privacy issue I found with the iTunes API - disclosed on 7th April. Apple provide an API to allow users to search the iTunes store. Let's suppose that a user wishes to search for Music Videos from The Beatles. The search itself is performed over HTTPS. https://itunes.apple.com/search?entity=musicVideo&term=beatles This means that anyone sniffing the connection won't see what…
Continue reading →
This is a necropost - resurrected from the now defunct blog of a previous employer. I've just come back from an amazing BlueLightCamp 2014 - held in the splendid offices of the Ordnance Survey. Themed unconferences are nothing new - but I think this was one of the first that I've been to focussed on such a vital topic - the Emergency Services. You can read a full write up of all the sessions…
Continue reading →
A few months ago, I was attending the National Hack The Government event. I was showing off some of the work I had been doing on "The Unsecured State" - looking at *.gov.uk website security. I was chatting to an envoy from the Food Standards Agency who was eager to hear more about what I'd discovered. "Oh," I said, "It's pretty easy. Let's take a look at your website. If I were to type some…
Continue reading →
Update! There's a new way to do this - read my latest post to find out how. Two or three years ago, I was contacted by a recruiter from Google. They wanted to know if I'd be interested in working for the advertising giant. We played the usual game of dancing around salary and schedules, when he dropped the bombshell - they were looking for people to work on Google+. I asked the recruiter if…
Continue reading →
My current ISP is Virgin Media. They get a lot of stick for being a bit useless - but I can't fault the speed of my domestic connection. They recently upgraded me for free to 152Mbps downsteam (and a less impressive 12Mbps up). As part of this upgrade, they sent me an email stating: now that your broadband has been supercharged, on the house, why not put it to the test? You've got the UK's…
Continue reading →
So, I've submitted my first patch to the Linux Kernel! It's trivial set of documentation improvements - mostly done so I could see if I've got everything set up correctly. This blog post is more of an aide memoire than a fool proof guide - I hope future me finds it useful! Install and Configure git I'll leave you to figure out how to install git on your system - one thing you will need to is…
Continue reading →
I looked at my Solar Generation meter and winked. My new Google Glass snapped this picture 116 days ago, on the darkest day of the year, we had our solar panels installed. They have just ticked over the 1MWh mark. The average British house uses about 10kWh a day. By our estimates, our house uses 8.5kWh - thanks to LED lighting, a new TV, and efficient computers. Basically, at this point in …
Continue reading →
This is a necropost - resurrected from the now defunct blog of a previous employer. Well, I've had Google Glass for all of 30 minutes - so I thought I'd give you my first impressions. No, I haven't read the manual. The first thing to note is that it is really well packaged. Everything from the USB cable to the bundled sunglasses are held together beautifully. As someone who doesn't wear…
Continue reading →
As part of my "National Hack The Government" win, I was awarded 100 DogeCoin! Although not my first foray into the exciting world of CryptoCurrencies, I'd never received DogeCoin before. I decided to set up an online wallet to temporarily store my loot while investigating more secure options. More or less at random, I went with DogeAPI.com. After registering, I received this email. Let's…
Continue reading →
I'm a big fan of the EU. For all its flaws, it has kept the peace for decades. Not only does it prevent physical wars - but it reduces the harm caused by companies warring against each other. Like most legislatures, it works on glacial timelines. Not only tackling the problems of the past, but also assuming the future is static. In the fast moving technology industry, this has been a mixed…
Continue reading →
We're all changing our passwords in the light of Heartbleed, right? Good! If you are a developer or designer, I want to explain to you exactly how not to create a password dialogue box for your users. We're all used to seeing this: Input password: Change Password This is incorrect! Why? Because it leads to this? Input password: Change Password ERROR! Your password must be longer than …
Continue reading →
Rewired State have just announced "End Of The World Hack" We know the earth is about to be bombarded with solar flares and magnetic storms of varying ferocity on July 4th, 5th and 6th 2014, by which time the infrastructure of the energy and communications networks will have been completely decimated across the entire planet. You have 48 hours to best prepare the human race for survival,…
Continue reading →
