2016-10-26

Latest attempt at filtering the Internet

This is serious stuff - the only hope we have is that every time this exact wording has been tried before it has failed. However, we are in 2016 where stupidity reigns at every level of government in all of the major countries of the world.

The proposed amendments to the Digital Economy Bill are detailed by Open Rights Group here.

So two issues.

1. That a filtered internet *must* be offered by ISPs unless the subscriber “opts in” to subscribe to a service that includes online adult-only content; the subscriber is aged 18 or over; and the provider of the service has an age verification scheme which meets the standards set out by OFCOM in subsection (4) and which has been used to confirm that the subscriber is aged 18 or over before a user is able to access adult-only content.

Now some of that is OK as EVERY SINGLE A&A CUSTOMER HAS OPTED OUT OF ALL FILTERING and confirmed they are 18 or over. We have no interest in contracting with under 18's as that is much harder to enforce and hence get paid. The only issue there is the "age verification" aspect - that has a shit load of issues as explained at length by ORG. I really hope that at least that bit is ditched - otherwise all out signup for new services will have an extra cost for us to pay some age-verification provider to check you are over 18.

REMEMBER! THIS HAS NOTHING TO DO WITH USERS OF THE SERVICE! This is only for subscribers, which we want to be over 18 anyway. Their kids can be accessing all the porn they like and we would be 100% compliant.

2. The other worrying clause is CENSORSHIP of the internet at court order. We have this a bit for copyright law now, but A&A is too small to have ever had such an order, and it has been proved time and time again that such orders simply do not work.

There is NO TECHNICAL WAY for any ISP to actually PREVENT access to some part of the internet. If we allow ANY PACKETS in and out, even just DNS, then ACCESS will be possible so it is IMPOSSIBLE to comply with such orders. This needs knocking on the head now. It is nonsense.

Let's be clear here - if every ISP has to pay some third party age-verification service before they can sign up any customer, that will cost, probably several pounds, and that will be added to cost of signing up. For us it would not change our service, we ONLY do opt-out of censorship and ONLY do 18 or over, so nothing changes but paying an extra fee. Why do that?

P.S. Seems like the amendment has been withdrawn - but why do they keep trying to throw this in to legislation - what is the point?

2016-10-22

Meta

One of the challenges when working on any software system is working out the database design and structure of the code.

My son is making a car paperwork tracking database website allowing tracking of service history and so on. Not a bad idea.

I made the mistake of going a bit "meta" on him and saying "car" is "vehicle".

He now has "car" or "bike" as a setting and is working on changing scripts and database tables to change to vehicle and not "car".

At this stage it its a couple of tables and half a dozen cgi files, but even now is a lot of hassle. It really does stress the need to "step back" in anything you do and consider how meta it can get,

Hopefully he can launch this soon - it looks cool, and "Bikey McBikeface" already has a place as vehicle type "bicycle"...

2016-10-20

Phone numbers

I was in Bracknell today and saw a sign on a roundabout which got me thinking.

The sign has two phone numbers. Both numbers are Bracknell numbers.

Bracknell is not somewhere that is split up but different groups of numbers or anything, so it is not like one number is obviously one part of Bracknell, and the other for a different part or something like that.

There was no clue as to which of the two numbers one should phone under what circumstances, and so it is simply that they have two numbers.

Their web site suggests only one address, but even that shows both numbers. WHY?!?

I am guessing here, but I think I know what is going on. Once upon a time, if you had a small business and a phone line, there would come a point when you would realise that one line was not enough. So you get a second line.

People would just order a second line, which would get a second number. The problem is that people calling would have to try both numbers if the first was busy. People would publish both numbers, so that people could try both, and also as a kudos thing "we are so big we have more than one phone line".

The daft thing is that this was probably never sensible. From the earliest days of electro mechanical exchanges it has been possible to get auxiliary working where you have more than one line on the same number. At one time this was done where you would actually have a small block of numbers (e.g. 10) where the main number would jump over the busy lines to get to a free one using an electromechanical device (uniselector). It meant one could call the other lines by a direct number if you wanted to. Electronic exchanges did this all in software and there was no need for these extra hidden direct numbers, but there was a service for them (bypass number) if you wanted.

People still wanted the kudos of multiple lines and you would see signs with "(10 lines)" on them after a number. Ironically, at my office (A&A) we really have no idea how many "lines" we logically have, and  I suspect thousands of simultaneous calls could come in if necessary (not that we could answer them all).

Even 25 years ago we had two analogue phone lines on the same number in my house in Bracknell on a system X exchange, and we had 2 (free) bypass numbers as well. I have just got the main number back and ported to VoIP for the hell of it, in fact.

There is one exception, but I doubt it applies to a funeral home - where taxi companies take over another taxi company they keep the number as lots of people have it. Even so, you may as well only advertise the one number (whichever is easiest to remember) even if calls come to the other number still. I can't see people having a funeral home on speed dial or muscle memory in the same way as taxi numbers, can you?

Of course, these days numbers are just an arbitrary routing thing and we can point numbers to multiple devices and allow multiple calls on the same number - being tied to a physical line is long in the past.

And yet, a recent sign on the road for a local company lists two random phone numbers and not just one. Maybe funeral homes are just living in the past.

I was also bemused by formatting. Yes, 6 digit local numbers are often shown XXX XXX style, or just as XXXXXX with no space, but their number is 883322 so why not show as 88 33 22 or 883322 instead of deliberately breaking the nice and obvious pattern by printing as 883 322?

Yes, this is the sort of strange thing going through my head as a passenger in a car...

2016-10-19

Taboo and privacy...

There are things we all do that are considered private.

Because they are private, and we have a right to privacy, that information is valuable. What people do in private can be used against them and information used to harm them - to extort from them.

We have seen the case of the Ashley Madison leak where people committed suicide, and marriages were ruined.

But the UK government is trying to create a system that will put in the hands of companies the details of the private sexual preferences of a lot of the adults in the UK.

They are proposing a system of "age verification" for access to pornography web sites, and such a system can only serve, by some means, to associate a real life identity of an adult with a sexual preference.

That data will be valuable, and will be hacked or leaked, and there is no doubt about that.

And why? Well, to reduce the risk of children accessing porn. Even though the filtering of porn sites is standard on so many mobile and fixed internet access in the UK, this is a step to go further.

Personally, in my opinion, this is silly. Young children have no interest in porn, and existing filters, and safe search and parental controls, stop access. Older children, teenagers, will find a way to access porn regardless. There really is no need for any change in this.

I am lucky - I am not in any sort of sexual minority as far as I am aware, liking conventional straight sex, and watching porn of such occasionally. But a lot of people would not be prepared to say that, and a lot of people are "in to" something more controversial. For a lot of people their sexual preferences can be a financial or political level and create a lot of problems.

Why is the UK government so keen on such a system - who knows. From news reports it is MPs that may have the most to fear from such a system.

Of course, any such system, will be flawed, and foreign sites will ignore these new laws as proposed. Kids of any age will have no issue accessing porn. But adults - normal people - will have their sexual preferences profiled and logged and hacked and abused.

Not a law yet, but close - the Digital Economy Bill - it is happening now.

Bending the rules? 07 mobile VoIP

We (A&A) are finally selling normal UK 07 mobile phone numbers as part of our service - both new and ported in. Unlike previous attempts, these work from all operators and even handle SMS.

This has been tricky, because there are rules on 07 mobile numbers. The specific rule is part of the OFCOM National Numbering Plan. In particular the definition :-

‘Mobile Service’ means a service consisting in the conveyance of Signals, by means of an Electronic Communications Network, where every Signal that is conveyed thereby has been, or is to be, conveyed through the agency of Wireless Telegraphy to or from Apparatus designed or adapted to be capable of being used while in motion;

But it gets interesting. The rule on the use of numbers is :-

Those to whom Ofcom has Allocated any Telephone Number listed in Part A of the Plan shall not Adopt or otherwise use it, except in accordance with the applicable designation given in Part A for that number range.

The good news is that we are not someone that has been allocated the numbers we are using for this (by OFCOM). The existing mobile operators are the ones that have been allocated these numbers by OFCOM. So categorically we are not breaking any rules here.

The question comes when considering if OFCOM will be unhappy with the mobile operators providing a service to us. Well, for ported in numbers from other networks than the one we are using, again, they are not the one allocated the number by OFCOM, so for ported in numbers they are OK as well - yay. The original network has to allow porting, and so cannot do anything, so they are in the clear.

But what of numbers allocated by the operator we are using?

Well, we have tried very hard to get OFCOM to answer whether they have ever enforced this rule on 07 mobile numbers. We see, every day, that all of the mobile operators break the rules, and OFCOM have confirmed no exceptions have been granted but no enforcement has been taken. I even pursued an FoI request.

But look at the reason for the rule - once upon a time mobile calls cost a lot, and if the calls did not use the Wireless Telegraphy to or from Apparatus designed or adapted to be capable of being used while in motion then it was a way of operating a sort of premium rate number without the normal rules on such things. These days the cost of calling a mobile, and importantly the terminating revenue, is really low (not quite as low as landline, but low enough not to make sense for that loophole). So there is no reason for the rule anyway.

Every operator allows calls to mobile numbers to go to voicemail. That is against the rules.

Every operator allows divert to landline. That is against the rules.

Some operators run call centres on their 07 numbers. That is against the rules.

Some operators allow wifi calling, which can be used over an Ethernet cable so not wireless. That is against the rules.

For this to be a problem OFCOM will have to enforce an outdated and unnecessary rule against mobile operators, and if they do that it means no more voicemail or call diversion for any of their numbers. They can try and pick on us, but we are not the ones allocated the numbers, and it would be treating us unfairly if they do not sort the other operators first.

Indeed, if an exception was made for call diversion I would say the mobile operator is just doing that, diverting to sip:...whatever and that is therefore as valid as any other call diversion they do.

What is needed is for OFCOM to formally abandon this unnecessary rule!

In the mean time, we do make clear to customers that 07 mobile numbers are intended for use with mobiles and recommend use with our SIP2SIM service - even if that is via our customer's PABX. So we are playing our part in trying to fit in with these rules anyway, even though we don't have to.

2016-10-11

To ten gigabits, and beyond!

Not quite buzz lightyear, but a challenge none the less.

I remember when we (A&A) started, turn of the century, with a 2Mb/s BT Central. We quickly upgraded, and I remember when we got our first 155Mb/s ATM BT Central link - that really made us a "proper ISP", and I think some comparison sites required it to be listed.

Times have changed and we now have a total of 6Gb/s spread over two carriers at present, we have a lot of 1Gb/s links to transit and peering. We have a large pool of 1Gb/s LNS that handle all of the traffic with plenty of space to spare and plenty more to expand.

But we have seen nearly 4Gb/s of customer traffic on occasion - not too much to handle, but growing, and time to take action.

Building our network to handle peak load, even when Apple do an iOS update, or there is football on streaming TV, or the Olympics, is hard work, but we have done well. We have done better than many other ISPs in some cases, but we always aim higher.

Our aim is not to be the bottleneck. This is not something most ISPs boast, to be honest, but we want the service to be of the highest quality all of the time. It costs a lot, which is why we are not the cheapest, but it is important to us to be the best. We also aim to be open with customers, which is why I am posting all of these details.

The next stage is 10Gb/s links. We have already upgraded our core network to use switches with 10Gb/s ports and 80Gb/s links between our main two London sites. But the next step is the 10Gb/s links out to the world.

The first step is upgrading links in to Talk Talk. We have asked Talk Talk to upgrade two links which will mean changing each from 1Gb/s to 10Gb/s. We expect it to happen soon, and I really hope that is a matter of weeks, but it is a tad out of our hands now. We have been trying to upgrade for a few months now based on our projections, but we have now seen some lines on TT back-haul showing some latency in the evenings some of the time (we've taken steps to improve this now anyway). Once this upgrade is in place we are making an order of magnitude increase in capacity which will last us some years. Even so, the switches we have allows us to add more and more 10Gb/s ports as needed.

The other important step is upgrading external links. We have a lot of 1Gb/s links, and at present this is working very well without causing signs of congestion for normal traffic. But we know that some times, such as iOS upgrade, some links can get really close to being full. So we are getting some 10Gb/s routers and upgrading some peering links soon. Again, this is expected in weeks, but depends on factors outside our control.

It is a brave new world for us, and a big step. But this means we have a massive amount of headroom for unexpected traffic bursts in future, and as always we aim to stay on top of demand and not be the bottleneck. Seeing at most 4Gb/s of traffic and having 24Gb/s of capacity will be good start!

If all goes well by Christmas, the plan is improved usage allowances on standard Home::1 - so watch this space.

Update: Current plan is week starting 7th Nov for the upgrade.

2016-10-10

Next it will be burning books

I really am losing the plot here - what the hell is happening with this country?

The idea of listing foreign employees to "name and shame" employers was crazy, and then the back peddling was crazier still. They suggested they would, instead, be secret lists - but that does not fit with "shaming". Now an MP has confirmed now that companies should "look first at the British labour market and offer jobs to British people before importing labour from abroad” which is something that would be illegal under British law (Equality Act 2010). Race discrimination includes discrimination on "nationality".

Now we have a crazy case of someone accused of researching and teaching encryption!

Well, I do that, see this video! I could get arrested!



So what next? actually burning books on encryption?

I can seriously see the need to find a new country soon. FaceBook group started. Feel free to join and contribute.

Update: Some people have sensibly pointed out that the person in question in the case of researching and teaching encryption is primarily suspected of being a member of ISIS and then these other charges are tacked on. However, please do read the comment below from RSchu11 October 2016 at 07:49 who explains that there is an offence of simply being in possession of things that give rise to suspicion. I.e. there is no need for prosecution to prove you were actually involved in terrorism or planning of terrorist acts, just that you gave rise to reasonable suspicion - that is the offence in itself! You then have a defence if you can prove you are have an innocent reason for possession - reversing the "innocent until proven guilty" principle we all expect. That really is unacceptable!

2016-10-01

Card fraud

Who is the fraudster and who is being defrauded?

I have just had a long and annoying conversation with Barclays after they authorised and deducted from my balance over £13k because someone in a Danish auction house used an old (invalid) card number for a card the bank had previously issued to me.

The wording of the call is very much around me being defrauded and me making a claim.

I even had Lloyds call when I tried to top up Monzo (seeing as I have no Barclays card at present from which to do so) and they talk of protecting me from fraud.

I think this is wrong.

A fraudster is someone that lies for some gain (or to make someone else lose).

So a fraudster using my card details to buy something is mis-representing themselves as "me". That is the lie - that they claim to be me. They make this claim by using identification tokens that relate to me. They make this claim to the bank via the merchant and card processing system.

The bank fall for this lie, thinking it is me, and as a result transfer some of the bank's money to a merchant. The merchant then provides goods or services to the fraudster.

I would say that the person being lied to here is the bank - as the merchant has no way to validate the identification tokens provided - they just pass them on, ultimately, to the bank. So the lie is indirect, and the party lied to is the bank.

The bank, having fallen for this lie, change my bank balance. But the bank balance is just a record of the banks liability to repay me the funds I have deposited with them. They can reduce that liability (and hence the balance) by acting on my instructions to transfer money. However, in this case, I did not instruct them to transfer money, so their liability to repay me has not been reduced, and so the balance should not have changed. The change in bank balance is a mistake by the bank which is based on the fact that they mistakenly thought it was me giving them the instruction, when it was not.

My part here is to advise them of that mistake, and confirm that it was not in fact me that gave the instructions.

Now, I can also appreciate that bank customers may lie to banks as well, so they have to be careful, but ultimately, in this case, I am an innocent bystander. I am not really the victim of the fraud, or even the subject of it, I am a victim of my bank mistakenly falling for a fraud and changing my balance - something the bank can (and must) change back. As it was not me that instructed them, they continue to have the same liability to repay what I have deposited as before.

All of the measures the banks put in place are not really to protect me - they are to protect the bank from fraud. I am protected by the simple fact that the bank have an obligation to repay the money I have deposited unless I instruct them to transfer money.

There is one caveat, of course. The bank do have terms about how I use the identity tokens which mean I should not give others the PIN or allow others to use the card, and so on. If the fraud happened, i.e. if the bank were fooled, as a result of my breach of those terms, then I would be liable to the bank to reimburse them for the fraud in some way. Even in that case it would not actually be me that was defrauded, it would still be the bank, but it would be me that broke contract terms.

Am I wrong to get so annoyed by the terminology banks use in these cases?

Missing unix/linux/posix file open option

What I would like is a file open option for "create replacement file". The idea is that this makes a new inode in the same mount p...