Weeknote 7: Traffic, snow and an awesome party (Week 49, 2017)

Another week means another weeknote and this one finished on a high because last night was the risual Christmas Party!

risual does Christmas parties rather well and I won’t go into the details here but suffice to say, a good time was had. I knew the weather forecast though and needed to be sober today (Mrs W wasn’t too happy about the idea of driving home in the snow) so I can bask in the delight of not-having-a-hangover.

Anyway, it was a joy to wake up in a Country House hotel this morning and see how the landscape was transformed. I took quite a lot of photos on my iPhone but Dropbox is currently refusing to upload them for me, complaining that one is corrupt (but not telling me which one!). I’ll edit them next week and post them then…

Then I drove home in the snow and ice. England can’t cope when it snows (or indeed with any other extremes of weather: too wet; too sunny; too windy). We do mild-grey really well though.

The week

My week was the usual mix of consulting (paid work), training and pre-sales. I was fortunate to spend a day at Microsoft in Reading on Tuesday, topping up my Microsoft 365 (Office 365, plus Windows 10, plus Enterprise Mobility + Security) knowledge. I’m hoping that, time permitting, some blog posts will come out of that.

I’ve been driving around the UK almost 30 years, and driving for work for most of them. This week drove home to me (excuse the pun) just how overloaded the UK’s road infrastructure is, when it took me more than 5 hours to drive to Reading and back (about 75 miles each way), then around 4.5 hours the next day to drive 190 miles on nothing but motorways and trunk A roads (180 miles of which were dual carriageway). It seems likely that the first place autonomous vehicles can take a hold is on major routes like this and I for one can’t wait. Maybe one day we’ll have segregated autonomous driving lanes on the motorways, where the cars can drive closer together (in constant communication and not constrained by human reaction speeds) and maybe even faster (if the law is changed).

This week also saw the quarterly Milton Keynes Geek Night, which I’m proud to have attended every one of! I’ve made a lot of contacts over the 5½ years it’s been running – some of whom I can now count as friends and this event had one of the best set of talks in a long while including:

  • Simon Collison (@colly) on “The Internet of Natural Things”
  • Laura Sutton (@L_Coull)’s “Non-geek’s guide to the Galaxy”
  • Dr Neil Smith (@neilnjae) showing us “Beatles vs. Rolling Stones: using data science to prove which band is best”!
  • Joe Leech (@MrJoe) wrapping up with “UX, Psychology and the Power of 100”

The next one clashes with my wedding anniversary, and Mrs W has even agreed to come along with me as an honourary geek!

At home

We’re hoping to convert our loft next year and the initial notice has been submitted for planning purposes. It seems that, now that councils are better at sharing information, marketers are scraping it to bombard us with offers of storage, home improvements, etc. Apparently, our neighbours will be getting mailshots from lawyers too… all very irksome…

Around town

I missed this event which was part of Milton Keynes’ 50th birthday celebrations – a floating carnival of decorated boats looks like quite a spectacle on the canal!

It’s really noticeable how many people are now sleeping rough on the streets of Milton Keynes. The Bus Shelter are trying to do something about that – but they need to raise funds to convert a double-decker coach to provide emergency shelter. To quote from their website:

“Homelessness can hit anyone – most of us are just three pay packets away from losing our home. With your help we can provide over 5800 safe, warm nights for people forced to sleep on the streets and help them find a positive future.”

Look out for the bus in the Intu part of the Shopping Centre (Midsummer Place) and please donate, if you can:

At the other end of the scale… I passed a man on the mean streets of MK proudly proclaiming that the best place to get a car parking space is the electric charging bays… it may not be illegal to park a petrol/diesel car in an electric space but it is selfish (especially as there are normal spaces free)…

Other stuff

Barclaycard sent me a new credit card “for security reasons”. It was nice to find that my Apple Wallet updated automatically on my phone and my watch. Sadly the many websites where I had the details stored for recurring payments (Apple iTunes, Microsoft, Amazon, M6 Toll, Transport for London, etc.) didn’t.

That reminds me… I wonder when my Curve card will show up… It seems I’ve been stuck with about 1500 people ahead of me in the queue for weeks now… in fact, the number seems to be going up (but if you use my referral link above, I can move back up the queue…)!

On the topic of referrals, my energy switch to Bulb completed this week. It was painless (though I will have to wait to get my credit from First Utility, my previous provider – who seem more interested in selling broadband to me now than reducing my energy bills…). Unfortunately, neither I nor my friend have received our promised referral credits from Bulb. Enquiries are ongoing…

My son and I needed to force-quit an app on my Amazon Fire TV Stick but weren’t sure how. This blog post helped by pointing us to Menu, Settings, Manage All Installed Applications where Force Stop is one of the options.

Sadly, Amazon and Google’s inability to play together nicely means my Fire TV Stick won’t play YouTube videos from 1 Jan 2018. One is not amused:

I’ve been watching Channel 4’s series about Donald Trump’s rise (An American Dream). I’ll leave the politics aside but it’s fascinating to see how the wealthy can grow to take such a position of power…

I noticed that my Nextbase Dashcam was showing the wrong time (1 hour ahead) and every time I changed it, it reverted after the next power cycle… then I realised there was a timezone setting and it was still on GMT+1 (BST). After changing to GMT, all was good. It seems that it picks up the time from the GPS, so the timezone is the important setting…

I’m torn about the use of the new HEIC image format on my iPhone. On the one hand, I want to store the best quality images I can, on the other, I need them to be readable on all my devices

Whilst I was at MK Geek Night this week, I spotted that War Horse is coming to Milton Keynes Theatre next autumn. I enjoyed the film and I’ve heard good things about the National Theatre production too, so tickets are booked for a family cultural treat:

My phone has decided that, when I get in the car, I’m headed for the local Tesco Express… that’s a little worrying (I wonder how does Siri determine my travel patterns?):

Podcasts

I’ve mentioned before that I listen to a lot of podcasts. One of these is the Microsoft Cloud Show. Sometimes, it can be a bit too developer-focused for my tastes but I enjoyed Episode 223, which pretty much encapsulates the conversations I have with customers as an Architect working with the Microsoft cloud!

I also got the chance to catch up with Matt Ballantine this week (one half of the WB-40 Podcast). It’s been a while since Matt and I had a chat but I really enjoyed bouncing around our thoughts on modern collaboration and team working. and team-working. Like Matt, I’m finding myself drawing/writing on screen more (at least when working, using a Surface Pro – my MacBook lacks any sort of touch capability) though it’s also showing how unpracticed I’ve become at writing!

Wrap-up

Anyway, before I get too far into Sunday evening I need to sign-off and check my children haven’t continued building their snow-wall across the neighbours’ drives…

Next week looks like it should feature a lot less travel (at least by road) and a return to cyclocross with my son. I might even be home a few evenings and maybe, just maybe, I’ll write a blog post that’s not one of these weeknotes! I live in hope…

Weeknote 5: Playing with Azure; Black Friday; substandard online deliveries; and the usual tech/cycling/family mix (Week 47, 2017)

This weeknote is a bit of a rush-job – mostly because it’s Sunday afternoon and I’m writing this at the side of a public swimming pool whilst supervising a pool party… it will be late tonight when I get to finish it!

The week

There not a huge amount to say about this week though. It’s been as manic as usual, with a mixture of paid consulting days, pre-sales and time at Microsoft.

The time at Microsoft was excellent though – I spent Tuesday in their London offices, when Daniel Baker (@AzureDan) gave an excellent run through of some of the capabilities in Azure. I like to think I have a reasonable amount of Azure experience and I was really looking to top up my knowledge with recent developments as well as to learn a bit more about using some of the advanced workloads but I learned a lot that day. I think Dan is planning some more videos so watch his Twitter feed but his “Build a Company in a Day” slides are available for download.

On the topic of Azure, I managed to get the sentiment analysis demo I’ve been working on based on a conversation with my colleague Matt Bradley (@MattOnMicrosoft) and Daniel Baker also touched on it in his Build a Company in a Day workshop. It uses an Azure Logic App to:

  1. Monitor Twitter on a given topic;
  2. Detect sentiment with Azure Cognitive Services Text Analytics;
  3. Push data into Power BI dataset for visualisation;
  4. Send an email if the sentiment is below a certain value.

It’s a bit rough-and-ready (my Power BI skills are best described as “nascent”) but it’s not a bad demo – and it costs me pennies to run. You can also do something similar with Microsoft Flow instead of an Azure Logic App.

Black Friday

I hate Black Friday. Just an excuse to shift some excess stock onto greedy consumers ahead of Christmas…

…but it didn’t stop me buying things:

  • An Amazon Fire TV Stick to make our TV smart again (it has fewer and fewer apps available because it’s more than 3 years old…). Primarily I was after YouTube but my youngest is very excited about the Manchester City app!
  • Another set of Bluetooth speakers (because the kids keep “borrowing” my Bose Soundlink Mini 2).
  • Some Amazon buttons at a knock-down £1.99 (instead of £4.99) for IoT hacking.
  • A limited edition GCN cycle jersey that can come back to me from my family as a Christmas present!

The weekend

My weekend involved: cycling (my son was racing cyclocross again in the Central CX League); an evening out with my wife (disappointing restaurant in the next town followed by great gin in our local pub); a small hangover; some Zwift (to blow away the cobwebs – and although it was sunny outside, the chances of hitting black ice made the idea of a real road bike ride a bit risky); the pool party I mentioned earlier (belated 13th birthday celebrations for my eldest); 7 adolescent kids eating an enormous quantity of food back at ours; and… relax.

Other stuff

My eldest son discovered that the pressure washer can make bicycle bar tape white again! (I wrote a few years back about using baby wipes to clean bar tape but cyclocross mud goes way beyond even their magical properties.)

After posting my 7 days 7 photos efforts last week, I saw this:

I’ll get my coat.

I also learned a new term: “bikeshedding” (nothing to do with cycling… or smoking… or other teenage activities…):

It’s scary to see how much we’re cluttering space – not just our planet:

There’s a new DNS service in town:

I’ve switched the home connection from OpenDNS (now owned by Cisco) to 9.9.9.9 and will report back in a while…

This ad tells a great story:

Curve is now available to ordinary employees and not just business-people!

We recently switched back to Tesco for our online grocery shopping (we left years ago because it seemed someone was taking one or two items from every order, hoping we wouldn’t notice). Well, it seems things have improved in some ways, but not in others…

On the subject of less-than-wonderful online shopping experiences, after I criticised John Lewis for limiting website functionality instead of bursting to the cloud:

It seems they got their own back by shipping my wife’s Christmas present with Hermes, who dumped it on the front doorstep (outside the notified delivery timeframe) and left a card to say it had been delivered to a secure location:

It may be silly but this made me laugh:

Finally, for this week, I borrowed my son’s wireless charger to top up my iPhone. Charging devices without cables – it’s witchcraft, I tell you! Witchcraft!

Next week, I’ll be back with my customer in Rochdale, consulting on what risual calls the “Optimised Service Vision” so it was interesting to see Matt Ballantine’s slides on Bringing Service Design to IT Service. I haven’t seen Matt present these but it looks like our thinking is quite closely aligned…

That’s all folks!

That’s all for this week. I’m off to watch some more Halt and Catch Fire before I get some sleep in preparation for what looks like a busy week…

Short takes: running apps from unidentified developers on a Mac; Dropbox stuck importing photos on a Mac; and virtual card numbers in Apple Wallet

A collection of snippets that don’t make a full blog post on their own…

Mac apps that won’t open because the developer is unidentified

Every now and again, I’ll download an app on my Mac that gets flagged as unsigned on my Mac (“can’t be opened because it is from an unidentified developer”. It turns out that, if you hold down the Control key at the same time as clicking its icon, you can open it.

Dropbox (Mac) stuck importing photos

I use Dropbox to upload my photos from my phone (it names them nicely for me by date!) and then copy them across to OneDrive (where I have more storage). A few months ago, I had a problem where I couldn’t upload my photos to DropBox. I’d plug my phone into a Mac, and the import would never finish. It showed a camera icon and said it was importing photos but didn’t show any progress, as though the DropBox app had hung. Looking around on the ‘net this is a common issue – but there’s no sign of DropBox fixing it…

In the end, my workaround was to upload the images directly from my iPhone, which seemed to clear the bottleneck, whatever it was…

Virtual card numbers in an Apple Wallet

Those who use their mobile phone for contactless payments (Apple Pay, etc.) may not be aware that each registered card has a virtual card number – the 16-digit card number used is not the same number as the physical card. That’s why (for example), if you touch in to pay for travel in London using contactless on a card but finish the journey with contactless on your phone, Transport for London won’t realise that the two transactions are linked.

I’m not sure how to find the full card number for the device, but you can find the last 4 digits of the virtual card number by pressing the “information icon in the lower right of Apple Wallet. That will give a whole host of information, as well as transaction history.

Device Account Number in Apple Wallet on iOS

Consumer banking security: two (or three) tales of farce

I’ve written before about the nonsensical nature of UK banking websites, with security theatre that’s supposed to make us feel that a sequence of restrictive usernames, passwords, passcodes and memorable words (all passwords of one form or another) linked with publicly available information (date and place of birth, etc.) is somehow keeping us safe.

Unfortunately, that farce looks set to continue for some time to come…

Second factor authentication

Recently, my bank (First Direct) went a step further in an attempt to introduce a second factor to its logon process (i.e. something I have, in addition to something I know).

“Bravo”, I thought, “at last, similar security measures for consumer banking, to those that are used on the back-end by employees”… except I was wrong.  At least, I hope I was.

First Direct gave me three options:

  1. Send me a device to generate a secure key.
  2. Use an app to generate a digital secure code.
  3. Continue using the old methods for Internet Banking logon, with reduced functionality.

On the basis that any device sent to me is unlikely to be where I am when I need it, I elected for the app option and, after upgrading the First Direct app on my phone, I went through a registration process.  I don’t recall the details of the process but the end result is that I now have a “Digital Secure Key password” (oh goody, another password!) in the mobile banking app, that can be used to generate a code to log on to the full website via my browser.

And how complex is this “Digital Secure Key”? Just 6-9 alphanumeric characters – no better than a very simple password – and as that’s now the only level of security between a mobile phone thief and my bank account (aside from a PIN on the phone), the app on my phone actually less secure than it was previously with the username/memorable data combination!

Still, at least there is some kind of second factor for website access…

Never write down your PIN (except when the bank does that for you…)

We all know that we shouldn’t write down the PIN for our cards, yes?

Ever.

It’s in the terms and conditions for your account – and if the bank suspects you have compromised security in this way they are unlikely to be able to help if there is fraud.

I have a Hilton Hhonors Visa card, provided by Barclaycard and, a few weeks ago, they sent me a new card as part of the rollout for Visa payWave (contactless) functionality.  The card had a sticker attached, telling me to use it from 23 June – and in the meantime I could use my old card. Separately, they sent a new PIN (quite why my new card couldn’t use my old PIN is beyond me) and, as soon as I received it, I went to an ATM to change the PIN to one I would remember.  Except I couldn’t – because the card wouldn’t work until 23 June!  I even tried using a Barclays ATM.

In the end, I had to keep the card and the PIN in my house for a few weeks until they were both valid.  Doesn’t seem very secure to me… and I wonder who would be liable if the card and the letter had both been stolen in the meantime?

And don’t get me started about 3-D secure

Verified By Visa.  Mastercard SecureCode. Just another password to remember – and as far as I can tell just a way for the banks to pass fraud risk on to merchants!

More retail banking security theatre

Yesterday, I bought a new suit. Nothing remarkable there but I paid on my Lloyds TSB Duo Avios credit card. A card that I will shortly be cutting into little pieces because it’s useless to me if the bank declines transactions on an apparently random basis…

You see, I also wanted an extra pair of trousers and they were out of stock. The very helpful guy at John Lewis went through the online order process, I supplied my credit card details and all was good. Then we went to the till and paid for the suit jacket and first pair of trousers.

The £250 transaction for the suit went through OK but a short while later I was called by John Lewis to say that the £80 order for the trousers placed a few minutes earlier had been declined.  That seemed strange – especially as it was placed before the larger transaction (I’d expect the large one to be declined if there was some sort of anti-fraud flag triggered by a small purchase and then a large one) so we tried again. No joy. Declined by the bank. So I supplied some different card details and all was OK.

I was annoyed. I use multiple credit cards for good reasons but at least I had been able to use a different card even if that does mean that my personal and business transactions are mixed up. Fast forward to this morning and I was incensed.

Sunday morning, 10am: enjoying a rare lie-in whilst the kids are away; the phone rings – it might be my in-laws and it might be important, so I answer.

“This is an automated anti-fraud call from Lloyds TSB…” (or similar). I’m angry now, but I comply with the whole process as I think I might be charged twice for my trousers.  This process involved:

  • Confirming that I was (imagine robotic voice) “Mr Mark Wilson”. 1. Yes, that’s me.
  • Confirming my year of birth. Not exactly a secret, especially not to anyone who might answer my home phone.
  • Confirming my day and month of birth. Again, public information, and known to all in my household.
  • Listening to some details of some possibly fraudulent transactions: two declined for £80 and one approved for £250; both flagged as Internet purchases at John Lewis, a “grocery or supermarket” retailer. Not much help there as John Lewis is a department store (Waitrose is their supermarket brand) and clearly store transactions are incorrectly flagged as Internet purchases – which means the information is unreliable at best and confusing if it had been a different retailer with whom I was less familiar.
  • Confirming I had made those transactions. Tempting to say no but that would be fraudulent. I said 1 for yes, anyone in the house who answered my phone could have answered anything…
  • Supplying my mobile phone number for future anti-fraud calls (I probably didn’t supply it in the first place because I was concerned they would use it for marketing…). Well, at least my mobile is more immediate, and more secure than the home phone (only I use it).

Pure security theatre.

I can understand the banks wanting to reduce fraud – it costs them millions. But my account has a significantly larger credit limit than transactions I attempted in John Lewis yesterday and they could go a lot higher before declining transactions and inconveniencing me as a customer. I can see some patterns that might have flagged the anti-fraud systems but not the sense in declining the first and third transactions yet accepting the second (larger) one. It’s possible that John Lewis stored my card details and applied them after a short delay but, even so, I’d think it’s pretty common for people to make in-store transactions and place orders through the retailer’s online channel at or around the same time (in scenarios like the one I described).

I’ll make the most of the interest-free period until my next bill, pay in full (as always) and then I’ll be closing my account with Lloyds TSB. “Security” that stops me using my cards when I want to, and disturbs my privacy at home (with an automated call using publicly-available information!) is “security” I can do without…