Thursday, 24 July 2014

Virtual theft!

Should theft in a virtual world count the same as real theft?

There is an interesting article in The Guardian on this:

"If you've spent £500 building up your armed forces and someone takes them away online, I guess you can feel hard done-by and you want your £500 back," he told Buzzfeed. He also pointed out: "The perception from some people is that if you steal online it's less of a crime than if you steal physically."

But this massively misses the point, sorry.

Yes, hacking someone's account is bad, and we already have laws covering that. But the idea of virtual theft is nonsense.

For a start, the game providers can (and do) restore lost items. To them the items really are just a data record, no matter what people paid in real money for them, and it is a relatively simple matter for them to restore them to their owner. They can also arrange for them to be removed from their new owner if they want. They can suspend accounts involved in hacking. They have ultimate control of the virtual world. So there is no actual theft, and the cost of the items is irrelevant - the only cost is the inconvenience for the victim and the game operator but that cost is the same whether it is a £5 item that is restored or a £5000 item that is restored.

Obviously if the game operator will not restore items, the damage by the hacking is more severe, but as I say, we have laws to cover that already, and the financial loss, and time, and distress caused will obviously be a factor in such cases.

Of course there is another massive issue with making any law on virtual theft - it is totally valid in a virtual world to play a baddie, one who's role is to do bad things, and steel things in the game. If a law was made it could mean such legitimate in-game actions being criminalised!

P.S. The episode of Big Bang Theory portrayed this very badly - making out that the theft was almost real, when in fact Blizzard would have restored the lost items, and suspended the thief's account pretty quickly and painlessly. I know people who have been through this.

P.P.S. In a way, the difference between theft in the real world and in the virtual world is that in the latter you can have a chat to God and have him sort it out and put it right. That kind of makes it way less of a big deal.

Tuesday, 22 July 2014

New spam calls

One claiming to be related to British Airways, from a suspiciously local number. (Bracknell 01344 403511).

Junk calls are getting worse.

Recording.

If you build it...

... they will come?

"Build it" is exactly what we will be able to do some time next week.

We have had one of these bad boys on order for months: The Makerbot Z18.

Sadly I'll be on holiday when it arrives, but it has a built in camera and is networked, so I may be able to get a minion to load some plastic and work it from a holiday villa. We'll see.

Its claim to fame is that it is big enough to print a full size wearable storm trooper helmet. This means a big build area.

Getting that to work means some clever stuff with heat - and the whole thing has a heated chamber. It is all to do with making sure the plastic does not shrink and warp as it cools after printing.

Apparently it will be arriving on a pallet. Once we have it, we'll be offering our 3D printing services on a new and bigger scale.

The last job was heads for some fun robots for Plymouth Uni.


See more at: http://aa.net.uk/printing-3d.html

Dear David Cameron...

Got to be worth a try :-)

Monday, 21 July 2014

Is that legal?

I was quite shocked when someone, the other day, said to me "is that legal?"

I was with some friends in a restaurant, and to be honest I forget who it was that asked now, as most of my friends are more tech-savvy than that. I said "The O2 data here is crap, I'll switch this to vodafone", and this caused some surprise and cries of "is that legal?"

This was one of those rare occasions where the automated switching did not cope as there was just enough O2 signal to hang on. If I had lost coverage all together the SIM would have switched profile to an EU identity and connected to the strongest operator (in that location it was Vodafone). But the O2 was hanging in there with really almost unusable data. Switching to Vodafone worked a treat.

When I left the restaurant and got a good O2 signal the SIM switched back.

The roaming profile costs more. We have the pricing sorted at last, and we should be shipping the SIMs tomorrow, finally. The O2 profile on O2 in the UK is still only 2p/min, 2p/text, 2p/MB, and we charge only £2/month (+VAT). The EU profile anywhere in Europe, including UK operators, is 10p/min, 5p/text, 10p/MB (+VAT). It is not as cheap, and applies both ways, and is on top of any on-going call charges for any SIP provider used, but it is pretty nice being connected wherever you are. To be honest, 10p/min is not that bad really when you consider what mobiles cost a few years ago. I only wish we could get the data rates down more - though we should be getting proper fixed IP and L2TP on that some time. Even what we have now for data is unfiltered.

But I was, none the less, shocked at someone thinking I was making some sort of illegal hack. The idea of changing to another mobile operator in the UK is so ingrained as being "impossible" that it caused that reaction. No wonder David Cameron was calling for intra-UK mobile roaming recently.

In fact, I am tempted to send him one of our SIMs to play with. Maybe he'll calm down, as actually forcing roaming is not necessarily a good idea (who would bother to invest in totally not-spots knowing all other operators benefit?).

So, yes, quite legal for my mobile, on a Bracknell phone number (which you can call and text), to be on any of the UK operators and working perfectly, and I can still see it on the busy-lamp light on my desk phone and seamlessly jump the call to and from that desk phone as I like as well as recording the call.

I watched some of the first couple of series of 24, and the excellent spoof set in the 90's! You would think that the prime minister would have some slightly better comms kit, just maybe.

The technology works well - and it is surprising so many companies (and even politicians) are so far behind the times.

Friday, 18 July 2014

Micro Direct data leak?

I get loads of spam, like most. A few slip through the filters.

I got one earlier today that was a tad odd - it looks like a genuine report of some sort of order, with someone else's details in it, but the link to "secure login to your paypal account" is clearly bogus. A link to crankbaits.biz that redirects to warezoff.ru and tries to get my details.

OK, spam, what the hell. I noted that it was to an email I only gave to microdirect, so maybe could have been guessed, but maybe a data leak.

Later today I get one saying that my credit card information has been changed and my address removed and QUOTES MY ACTUAL HOME ADDRESS to me in the email. Again a bogus link.

So, this means Micro Direct have leaked not only my email but my details. My address at least, and who knows what else? The latest spam just tries to get my "Verified by Visa" details, which makes me think they have my card details.

I should report to ICO, but they are proving to be such a bunch of muppets, I am unsure if it is worth it.

Software release cycle

Software can have bugs, and any ongoing development has to consider carefully how the updates and development is released.

At one end of the spectrum, and obviously "best practice", one has carefully written and reviewed specifications not only of the overall system but each change that is being considered. One has a team generating the necessary test specifications, and another team writing the test systems, and another team that do module testing and regression testing. You have the developers and then people that review the code changes. Then you have alpha release to internal users, and beta release to external testers and then finally a planned and announced release along with a detailed and tested roll-back plan.

At the other end of the spectrum you have code that is hacked around on a live system and not properly tested and constantly changing and broken.

Both extremes have serious problems.

Interestingly, we are suffering from some of the "best practice" approach with the new roaming SIMs as it is taking ages for the mobile operator to get the new tariffing system in place for this. In the past, even with a serious bug in BT's 20CN network, it has literally taken years to get the bug fixed. The mobile operator is actually very agile for a telephone company.

We are at neither extreme - but annoyingly, over the last couple weeks, a couple of issues have come up which makes us want to improve things. We tend to be agile which means that we have much more rapid processes for testing and deployment. It does not mean we have none, obviously, but it has the down side that occasionally the live systems can run in to problems. Part of being agile is that you also have to be very good at fire fighting to reverse or resolve such problems, and we are good at that. We have a very good team.

I have mentioned some of the processes we go through for things like FireBrick development in the past. We have pretty good procedures for our LNS updates which use FireBrick. The issues of late have specifically related to our VoIP platform (though there was also a database issue which affected VoIP).

We have a couple of legacy platforms that are being phased out, but our main VoIP system is a pair of call servers, and a pool of RADIUS servers to direct calls as well as logging CDRs for billing. We have a pool of call recording and voicemail servers as well. We also have a separate test VoIP server connected to separate RADIUS server and separate call recording server.

When we make changes, fixing bugs or adding features, we test these locally, then we test on our office server and the test VoIP server. We are able to direct SIMs to the test server as well as have customers log in to the test server if needed. Once we are happy with the changes we deploy them on the live servers. In some cases there have been important changes that need to rolled out to resolve customer issues - lately there is a customer using a specific make of call server which has a number of quirks. This has meant that we are updating the live servers every couple of days.

We're not entirely happy that this system provides enough of a buffer between the stable customer experience of the service, and the active changes we are making, so the plan is to set up two more call servers along with RADIUS and recording platforms.

We'll have our test server which is really only for our use and the one customer at a time with which we are working. We'll have the agile test servers on which we deploy new code regularly and on which we expect there to be a number of customers that need the latest features or just like to be leading edge. We'll then have the two existing servers that are stable. The idea is that we can have people on the test servers indefinitely if necessary even if it is months before we do a new stable release. These test servers should be at least as stable as the existing servers, but the stable servers used by most people will change very infrequently.

Because the call servers all work within a specific published range of IP addresses, this work is a bit tricky and tied in with the legacy servers being removed. However, we think it is an important step for ensuring we have a good quality of service for customers.