Tesco Scan As You Shop

Someone may point out the obvious that I am missing, but I am puzzled by the latest development with Tesco Scan As You Shop system.

Overall it works well, and even some of the issues I have seen in the past are now fixed (mainly that you could not scan through the notice of things being on offer, which you can now).

But this latest innovation seems a tad special. Scan As You Shop is all about convenience. You can pack bags as you go (something my wife takes very seriously) and then check out quickly.

Indeed, my wife gets exasperated at the occasional extra scan of like 5 items as it messes up her neat packing. I know why they do that - obviously to catch genuine errors and to catch those taking the piss as well.

However this new thing appears to be applied in a manual way, not part of the system. They have applied a red mark to some of the handsets and then they have staff force a full re-scan. Indeed, I wonder what would happen if you kept quiet about the red mark as I bet the "system" has no idea it is there.

I have to wonder what purpose this serves. If you are planning to shove a few things in the bag without scanning, you know not to if you get the red mark. So not for catching thieves at all.

Apart from having no advantages, surely it is just pointless in other ways. Sadly I think the system means you cannot simply pick up another scanner, as you have one already on that club card. Maybe take two club cards to the shop just in case.

But you can put the scanner back and walk away - go to a sensible shop instead.

You can also decide, well, if all is being scanned, I'll just use an ordinary till anyway, save me scanning stuff myself.

In what way is this at all beneficial to Tesco in any circumstance?

I can see us shopping elsewhere pretty soon. The pharmacy have already lost our business because they were unable to get Aviva blood test strips, and they are a pain for other reasons too.

Or have I missed the obvious here?



This is a quote from The Hitch Hiker's Guide to the galaxy trilogy (found here from Life, The Universe, and Everything).
Bistromathics is the most powerful computational force known to parascience. A major step up from the Infinite Improbability Drive, Bistromathics is a way of understanding the behavior of numbers. Just as Einstein observed that time was not an absolute, but depended on the observer's movement through space, so it was realised that numbers are not absolute, but depend on the observer's movement in restaurants.
The basic principle is that numbers behave in a totally different way in a bistro or restaurant bill, not following any of the more conventional laws of mathematics.

Whilst on holiday I managed to observe some of this for myself, and anyone that has been on an NCL cruise has probably seen it too. It really is quite amazing. Sadly I did not screenshot the bill on the app before leaving the ship, and the paper copy is in the hands of my friends, so I'll try and explain some of this from memoryUpdated now I have the bills.

Things technically add up, it seems...

Firstly, and very deceptively, the bill does add up in the conventional sense. It is how the items get on the bill, why, what they mean, and how any of that relates to the package as sold, which causes the confusion.

Some clues come from the ancient runes emboldened on the room card like so...


We have come to understand this to mean "Ultimate Beverage Package", plus "Coffee", plus "Juice". But that apparently has a string of restrictions, as we discovered last year. We managed not to fall foul of any of these this time.


The mystical "All inclusive" package they sell includes an "Ultimate dining package", and was on my card marked as "3UDP". We believe UDP stands for Ultimate Dining Package. However, even though the non-specialty restaurants are described as "unrivalled", it seems they are in fact rivalled on the very same ship by the "specialty" restaurants which is where the UDP comes in. It allows, in this case, for a 9 day cruise, just 3 evening meals in such specialty restaurants.

Of course, you have to know which are specialty restaurants, and the fact that when they do breakfast or lunch in the same place, that is OK and does not count.

There are also 3 of us, each with our own UDP quota of 3, and we did not all go to same restaurants all the time.

Why is this really Bistromathics?

Well, apart from the magical "Non-refundable on-board credit" and "Refundable on-board credit" entries that appear almost at random throughout the cruise, we got a tad confused on the last night. I made the mistake of looking at the accounts on the app and trying to work out if we would be paying for our last meal, or not.

My bill (shows no free dinners)

I had already had all 3 UDP as far as I know. They showed on the account on the app with no charge on them, so easy to see and count. I had two steaks from Cagney's (room service) and one Teppanyaki. So I was all used up. These all showed on the app during the cruise, but the final bill (above) does not show any of the free items! A shame I did not screenshot the app.

Mike and Simon each had Teppanyaki twice, and Moderno, but somehow this showed as 3 Teppanyaki on Simon's account on the app and none on Mike's. It only listed the $5 on the bill (for two of them) because they gave a tip (the cruise does say it is all included but they still ask!?). So in theory all of us had used all 3 UDP, but the app did not show anything like that.

According to the accounts on the app, we had 3 UDP left on Mike's, whilst Simon and I had none left, so we went to Cagney's expecting to be able to use the 3 UDPs (yes they are transferrable within the cabin like that). However they billed the lot?

So, we queried, and they came back and said Mike and Simon had used all 3 UDP, but I had 1 left?

We gave up and left them to it - and sensibly the waiter re-billed my meal, with one main plus all of the sides, and everything else as on my account (as one of the UDPs), and billed just the two mains to Simon's account.

However, Simon's account was in credit due to a "refundable on-board credit" for $50. Once they credited the first charge and recharged he was actually owed like $4 or something.

Magically, by morning, with no explanation, or signed bill, or anything, they magically added a $10 charge to Simon's account for Cagney's so they actually charged $6.44 to his Visa card. Mike's bill had no dinners at all on it!

Simon's bill (shows two free dinners as $5 tip).
Adding to the fun, we told them it was Simon's birthday. It was actually last month, but last time we did this they ignored the birthday (which was while on the cruise) so I ticked the box again this time. So there was even a complementary bottle of wine (which did not show on any bill) and a cake :-)

What is a shame is that we thought we understood the system. Last time, the cabin we were in, meant they did not stick to the 3UDP, and just did not charge. For that cabin it makes no sense for them to be petty and only do 3UDP not 9UDP each to be honest and I would far rather they did that than have rules they don't always follow and nobody understands.

Basically, the app, and bill did not reflect what actually happened, and did not reflect what they said we had done. Overall we all paid a small extra amount on an "All inclusive" cruise, but not worth even trying to argue to be honest - it was "Someone Else's Problem", a clear example of an SEP field in use.

It does, however, make me wonder if Douglas Adams ever went on an NCL cruise.

All good things come to an end

I am back from my holiday with my two friends Mike and Simon.

It was fun, and Norway is interesting. We had a couple of days with shitty weather so stayed on the ship (places we had seen before). In Geiranger we hired these strange little electric car-like things that they insisted were two seater! I volunteered to sit in the back, which was rather a squeeze. I could not even have my camera with me, no space! I think I am getting a bit of a hint here :-(

We were able to do more than was covered by the bus tour we did last year, and it was interesting. The car also did a GPS based tour guide thing which was nice.

I did have a few surprised for my mates, one of which was some custom marmite jars for the trip...

The butler had never heard of marmite, so we gave him some to try this morning before we left, and he likes it. So we donated a nearly full jar to him :-)

The internet worked well, as I have already said. Some work was done, but not a lot. Having a proper computer rather than just a laptop was good, but not suitable for all holidays. A lot of playing of cards was done (I brought a selection of decks).

Sadly, right at the start of the cruise (thankfully, after we had done those tiny electric cars) I made the mistake of leaning on the back of a chair, which slid out and I hit the deck hard on my bum. I have bruised or damaged my coccyx and been in pain all week and not been able to sleep properly either. I have to thank Mike and Simon for putting up with me to be honest - I was a tad grumpy and they were very helpful. Still in pain now, and I expect this will take some time.

We met some Americans, and it just happened to be that they were hugh fans of The Fifth Element. When I produced this from my wallet they were gobsmacked!

I was determined to see Shetland, and we got a tour from a taxi, which was nice, even if somewhat painful. I know A&A do VDSL on the island, so it is quite likely that we drove past our most northern customer!

For fun, a friend of mine decided to send a telegram to me on ship, and the confirmation he got said it was relayed by satellite, and printed for delivery by crew. Sadly it never turned up. Shame.

So overall, a good holiday. Shame I have managed to injure myself - it was stupid, I know.


This, Jen, is "The Internet"

It was a classic from The IT Crowd when they presented Jen (their boss) with "The Internet". We even have one of these boxes with flashing red LED in our office.

I have been looking at some kit to work with WiFi which you may find in a public hot spot of some sort, or, for example, a cruise ship.

Obviously, the simple answer is just point your phone or laptop WiFi at the service. But sadly, in spite of net neutrality in the EU, it is not always that simple. Some times the service will have loads of things blocked. Not just web sites, but ports and protocols so making things like IPsec unavailable. Of course, if you are being really special you may have something that does not have WiFi such as a VoIP PoE desk phone, which Simon has been using!

The answer is to bring along The Internet. I am far from the first to do this, as a friend of mine (Kev) had a cunning set up with a FireBrick and two access points strapped together, and (if I recall correctly) a way they ran off one power supply. To be fair, it is more compact than what I have done.

Mikrotik mAP light

The first solution used a FireBrick and the tiny Mirotik mAP light which can literally stick to the lid of the FireBrick. Powered by the USB on the FireBrick (which worked, to our surprise). However, not enough juice to power two of them. It did, however, have a cunning mode where it could be a client WiFi, and on the same channel it can be an AP as well. This is not perfect but I have to say it is very clever. The result is very small and neat. I did, however, have a Mikrotik die on me, and I found it very fiddly to configure. But well worth a try.

HPE/Aruba 501

I have now found a rather curious device that is a dedicated WiFi client bridge, the Aruba 501. I would have to say it is much more industrial than the Mikrotik (which matters to some customers, obviously), and it even has DIN rail mounting.

It has all the bells and whistles - multiple antennae, 2.4GHz and 5GHz, 802.11a/b/g/n/ac, roaming, etc. It is intended to allow a device that does not have WiFi to effectively have WiFi via Ethernet.

It even goes a tad further and even has an old school serial port which you can configure to connect to an IP address and port to pass serial data. This is ideal for old PoS (Point of Sale) terminals and things like console ports.

However, the big thing for me was that it can do "MAC cloning". This is where it connects on the WiFI using a MAC address of your choice, and passes packets to/from the device with that MAC on the Ethernet connection. The only down side is it stops answering ARPs for its internal IP when in that mode. Thankfully if you have the ARP cached you can still talk to it, but it does seem an oddity.

The reason this is important is that a lot of public access points are locked down so that only the MAC of the WiFi/radio side is allowed to send or receive packets. The MAC cloning allowed me to make the FireBrick appear as the WiFi device.

Where the FireBrick comes in to play

The reason for a FireBrick, apart from how cool they are, is that they are very good at being an endpoint on the WiFi and working in a variety of ways - such as NAT out to the Internet for locally connected devices on Ethernet, but also as an endpoint for various tunnels. These can include standard things like IPsec (which, as I say, may be blocked), or things like L2TP (not blocked) or even custom FB105 tunnel protocol, which can be configured on any UDP port.

It is even set up to flash its LED red if no connection, and solid green when L2TP is up, which is handy as you navigate a fjord.

The end result...

Actually, Jen, this is The Internet!

  • Top left: Aruba 501 WiFi Bridge Client
  • Bottom left: Aruba 305 WiFi AP
  • Top: Aruba 2580 PoE switch
  • Top right: FireBrick FB2900

The switch was mainly for simplicity - the FireBrick has enough ports, but the Aruba 501 and 305 are both PoE. But I also used a Snom on PoE off the switch as well.

Why the fibre: Well, just because - this is all testing stuff, and it was interesting as the switch would initially not talk to it. I had to find a CLI command to not check the manufacturer of the SFP. It was expecting it to be "genuine hp" and not a Flexoptics unconfigured SFP. But that worked. Fibre to the ship :-)

So now we have a LAN here, and WiFi, on fixed IPv4 and IPv6 addresses, all working. We ended up using L2TP with lower MTU as the tunnel solution that worked. And when we had some people we met come round for drinks they were saying "wow, this is way better than the ship wifi", which sort of makes no sense as it is the ship wifi!!!

And just to clarify, this is not some nasty hack too use WiFi for which we have not paid! We have paid for the premium WiFi 24/7 for the whole cruise which is listed as "unlimited" and allows streaming. In practice, it is around 2Mb/s up/down with 800ms latency. But this works, even for VoIP.

Obviously, as above, there are less "industrial" solutions to this. But I like "industrial", and some people demand it, so always useful to understand what is possible even if it is rather overkill for a holiday.


Taking a computer on holiday, or not

Some people have said to me that when you go on holiday you should disconnect from everything and just relax. Whilst those two things seem at odds for me, I thought it worth some pondering...

Totally disconnect

Many years ago, when I worked a 9 to 5 job (well, flexitime), I would get home at the end of the day and not have to think about work until the next day, or after weekend, or after a holiday even. I could go on holiday and leave work behind.

Back in those days though, we did not even have mobile phones. It really was disconnecting!

Taking a phone

Later, I had a mobile phone. Indeed, I had mobile phones before many people I knew as I worked for a mobile phone manufacturer.

It was, however, still a normal job, and I could leave work and go on holiday. As holiday would typically mean taking the kids to a caravan park in Cornwall, the mobile was no use most of the time anyway. Coverage was not good back then!

These days, a phone is pretty invaluable, even if just for emergencies, or just calling a taxi.

Phones are smart now

What has changed a lot since those good old days is not just what work is but what a phone is, and the very idea of social media. Up until we had social media, disconnecting would mean leaving work behind when on holiday, and for a lot of people that is a key part of a holiday.

But social media, on smart phones, is about social, not work. And holidays are about social. So leaving social media behind sort of makes no sense. You want to tweet and facebook and so on about what you are doing on holiday, and stay connected.

So I am not sure it makes sense leaving a phone behind, but of course the phone also has the email and everything else on it.

Running a business

This is where things get difficult. My phone has my work email on it, and work chat accounts, and so on. I know some people manage a separate work and home mobile, but I just use the one.

In my case the team we have at A&A are more than capable of running things without me while I am on holiday, but it is very much not the case for a small businesses. My friends are both trying to take a holiday too, and have people covering for them. But it is hard. We all want to keep up with things just in case, and watch out for anything that is urgent or important. For my friends here there is the fact that the office is one man down, and that costs money. Some small businesses, like being a lawyer, you literally sell your time by the hour! A chance to keep up on work stuff, even if doing work a little during each day, is useful, keeps the money coming in, and so can reduce the worry of what you face when you get back.

Taking a laptop

It makes a lot of sense for people to take a laptop if they do feel they need to keep on top of work. But a computer can be useful for social things too. With cameras and memory cards these days I could take thousands of shots a day on holiday and not fill the card. But if I take a few videos, I will soon fill it. Having a computer, and even extra disk, means I can edit videos and store them off the memory card during the holiday. This can be nothing to do with work at all and just part of a photography / videography hobby. If you are doing some work, a laptop is invaluable though.

Simon with monitor, keyboard, and track pad
Laptops are fiddly...

Of course, laptops are not the same as a good desktop computer - in terms of nice keyboard, nice screen, big screen, nice mouse, and processing power (for things like video editing). They are a compromise. Laptops are great for taking to a conference, or a meeting, or some such, obviously.

If you only take a tablet, they are even more fiddly. Thankfully a hotel room will usually have a usable desk, so actually taking more is possible. But it is a bit crazy perhaps.

However, it seems I am not alone in the crazy - Simon brought a laptop but also a monitor, keyboard, and large track pad so that he could use a computer as and when he wants with some comfort. I am inclined to agree, perhaps with the caveat of where you are staying being suitable (e.g. staying in a room with a large desk).

What do you do?

Do you take a phone, tablet, laptop, or more?

P.S. I am sort of stuck in the cabin for now, or at least until I get some better pain killers, as I managed to fall badly last night and no way I can walk around Flåm. So actually having a nice computer here is quite good...

P.P.S. Taking the snom/VoIP phone as well has been excellent, albeit mostly used by Simon and getting some random wrong number calls :-)



I got myself a FLIR One Pro! It attaches to my iPhone (there are different models), and has two cameras: a low res (160x120) IR and higher res (1440x1080) visible camera. It can display one or the other or a mix/overlay.

The first thing I pointed it at was a FireBrick FB2900...

This showed pretty much what I expected - most heat (and so most power usage) was the power supply units and the processor. The overlay is not perfect as it is two adjacent cameras, but pretty good. This example did not have all Ethernet in use, and did not have a working SFP, both of which will be interesting to see.


We are working on the next generation of FireBrick, and one of the key things is whether we can (like the FB2900) make a model that will work with no fan. Obviously there is a lot of work that you do just on paper and specifications first. Even with a fan it will need careful consideration of airflow. Using this will help us prototype heat sources to match the devices on the board and their proposed placement and consider air flow, and so on, for different scenarios. On the FB6000, for example, we channelled airflow over a heat sink. Being able to lift the lid and see the impact of changes can help verify the design.

Other uses?

Well, it is quite fun - I looked around my study, and could see what was using power and what was not. Devices that stay hot (even if a fraction of a degree) when supposedly switched off were obviously examples that would benefit with power off at the wall. I found a phone under some stuff that was on - could see the glow on the wall behind it, and did not need to be on. I have yet to look and see how much heat escapes from the house - a night in winter is best to try that.

It can also do spot temperature measurements with multiple spots. Cats and dogs have cold noses :-)

Any surprises?

Well, I was surprised that in a bundle of cables, you can spot the one that is actually charging something - a tiny bit warmer and so it glows.

We also tried looking at the car charging, and as you can see, the power lead glows!

It was interesting to see the 3D printer, obviously. The bed was set to 100℃ and the image shows 99.1℃ so seems about right (the bed being on a thermostat). In this case the print head was 230℃ so shows a tad white in the image.

And finally, I did point at things like a cruise ship (boring) and the water at Stavanger harbour (more interesting). There were flows of water several degrees cooler than the surroundings...


Insulin - an idea

As I said, insulin transported at wrong temperature can go bad.

The insulin I take is really clever stuff, releasing over time from one injection. But if it gets too hot or cold it is buggered.

So what we need is a clever means to include in the insulin something that changes colour dramatically if outside these temperature, but is also safe to inject.

That way, badly stored insulin could turn red or some such.

Surely this is possible?

P.S. As people have pointed out, far safer to have something external on the pen that shows out of temperature at some point, and no need to make it actually safe to inject.

P.P.S. Surprised manufacturers don't do this, as they would sell more where it was badly transported :-)

Did GDPR kill my blog?

No comments since 23rd? I almost had not noticed, I was sort of beginning to think I was boring all of a sudden. I have also been a tad busy.

Then I checked the "awaiting moderation" and loads of comments! I have approved all that look non spammy as always, sorry for the delay. Yay! I am not boring, well, that much, yet...

So I checked settings and the moderation email is marked "The email address added in this field will be invited by email, and will have 14 days to accept the invitation in order to receive notifications."

So I am wondering if I missed an email pre-GDPR and so stopped getting the moderation emails. Makes some sense...

Though, having changed the moderation email, I have not had any "invitation", so maybe it is just broken at blogger?

Sorry for the delay, and thanks for posting comments. And thanks to geekypenguin for asking on irc.

How could I think I was just boring :-)


Multihoming IPv6

I am lucky, I have an IPv6 PI block and announcements via multiple transit providers, but most people don't have that and rely on somewhat more flaky DSL lines and the like.

If you have two providers for IPv6 you end up with two separate PA public IPv6 blocks, which is exactly what one of our customers ended up with. A /60 from us and a /60 from someone else. Well, technically, from A&A he had a /48, but was only using /60.

He wanted some higher availability networking, so went for "prefix mapping" RFC6296. Now, this does seem a lot like IPv6 NAT, I agree, but not really and almost none of the usual NAT issues.

Basically he maps the low bits of the /60 from each provider incoming (68 bits of host) on to a local FD01::/60 block for machines on his LAN. He can have DNS for each device/IP on the LAN pointing to both the external IP blocks. No change of source IP, nor ports, just mapping the IPv6 space.

For outgoing he can map to a preferred link, or even randomly or randomly with a bias, mapping the host part of the FD01::/60 to each of the external public IPv6 blocks, and can even make that mapping apply depending on whether the PPP link in question is up or down!

So for outgoing, one link down, just works. For incoming, one link down means things trying both IPs from DNS, which is quite common these days in many protocols.

How has he done that? Well, he asked on irc if FireBrick do it, and the answer was no! We had something similar for IPv4 only on the older FB105 model but not on current FireBricks.

I ended up making him wait a whole 48 hours before I did an new alpha release that does this. The reason was I was waiting to issue a stable release with all the recent ACME code first. No last minute changes for a new feature like this - a stable release needs to be, err, stable.
But, it was a good idea, a good feature, restored some of the old FB105 features for block mapped addresses, and so I have issued it as an alpha now. My only thought now is if I should have some way to do random IP mapping one day... Hmmm...

Obvious the solution is more complex than the IPv4 only old FB105 FireBricks, as we not only allow IPv6 prefix mapping of any size, but also IPv4 prefix and range mapping, and IPv4 to IPv6 as well as IPv6 to IPv4 mapping. You can use this to make a NAT64 mapping engine putting all of IPv4 space in an IPv6 /96 if you want. Very flexible.

Have fun if you try the latest alpha, and obviously in a few weeks it will be in a general release.



I am diabetic, and it is inherited from my mum. So I am on insulin, for a few years now. It was to be expected.

I am lucky, as currently I only need one shot a day of a time release insulin (over 24+ hours) and some pills when I have a meal...

But my dosage is mostly pretty consistent, and I try to stick to routine.

I know I have had issues with insulin in transit before. I went to Greece for a week and quickly realised my insulin must have got cooked in taxi from airport to hotel as it was not working - high blood sugar, asleep all the time, and zits and boils (one on my nose ended up with antibiotics once I was back home). Really not nice.

So I wonder how well the insulin is managed before I get it from pharmacist. Recently after some change of medication I upped my daily dose from 40 units to 70+ units a day. Medications for blood pressure have caused such changes before, but this seemed a tad extreme.

I have taken to using a cooler pack specially for the insulin now even for short trips, and will do so this week for trip to a ship for a cruise.

But this week (yesterday) I started a new batch, and today, well, WTF? This morning I went for breakfast as usual at Costa, but by the time I got there I could hardly stand, was shaking, and really wondered if I would pass out! I had breakfast, coffee, and also 500ml of Lucozade as well, and when I got home was only a 7 on the blood sugar (which is high side of perfectly normal), but all day I have been hitting hypos and eating and drinking more and more sugary drinks! This is silly! That said, I got a shit load of work done!

WTF? I am wondering if I had a bad batch before, or something. I need to work on maybe lowering my dose over the next few days.

A holiday is bad enough for this, and time zone changes, but this on top of it is not funny. More test strips and reserve chocolate for this trip I think!