Outside WiFi

Whilst we have excellent WiFi in the house, due to three access points, the garden was not as well covered. A brick wall and conservatory in the way, etc. The WiFi was OK in the garden but I thought I should really try out an actual proper outdoor WiFi access point.

I now have one of these, an Aruba AP-375, and yes, they do cost over £1,000, which is silly, I agree. But it works with the WiFi we have (all one controller), and is clearly robust and weather proof.

We now have excellent WiFi in our garden, and the gardens of several neighbours!

The garden really is not big enough to justify the cost, and if it was not more of an experiment to see how well it works, I doubt I would have got it.

As with the others it is run of PoE, so a simple network cable in to the loft to a PoE switch. I got proper external grade cat5e cable - from Amazon (here).

With solid core network cable you have to get the right plugs that work with solid cable. I actually got some cat6 plugs for solid cable from Amazon (here) which "just work".

I had to also order the wall bracket. Do not be fooled by pictures in the Internet, there is an "H" and "V" version for the surface on to which it is mounted being horizontal or vertical. There are sites selling one with a picture of the other! I fitted with some wall anchors, which, you guessed it, I got from Amazon (here) and drill bit (here).

I walked around the block, and even found a spot on the main road where our WiFi is just visible (through a few houses /gardens). It goes quite a way in open air from high up.

Walking around, it is amazing how many WiFi signals you see. It was nice to see, amongst the VM and BT names, at least one aa.net.uk signal from someone in the next street :-)

Obviously, where these access points make more sense is when you do have a large open space, not just a simple residential garden like mine. We have done WiFi at a beer festival a few times, and if we do that again I can see us putting a few of these in.

When is an email address not an email address?

I just saw an interesting tweet...
This case hinges on what is an email address. The key issue was that someone mistyped their email address on a form, leaving out a dot in the local part and hence did not get an email that was sent. The email did not bounce (which is not that uncommon), so the sender has no way to know the email address was not right.

The judgement is odd to me, it is that it is not in fact an email address if it is not valid. i.e.
I have come to the view that the expression “an email address” means an actual email address and not, as here, an address that has never been set up or registered to any user or users.
So, to be an email address, it has to be set up or registered to a user, whatever that means!

This raises all sorts of questions. What does set up, or registered even mean even? Who has the authority to say if an email address is registered to someone - where is this register kept? What if the email is registered to someone else, i.e. it is not the email address that was intended?

This does, however, raise a huge issue with both judgements like this and legislation like the PECR (The Privacy and Electronic Communications (EC Directive) Regulations 2003). In both cases there is a big issue which seems to have been missed - how does someone determine what they have? How does one actually apply the law/ruling in practice?

In this judgement, how does the sender know if the email address is an email address where the test is whether it is set up, or registered to any user (not even to the intended user). There is no test for that, and no way for the sender to know. They cannot rely on "does the email bounce?" as in this case the email did not, and that was not good enough.

In the PECR there is a test of whether the email address is for an individual subscriber. This too is defined, but it depends on the way the subscriber contracts for the communication service. This is something that the sender has no way to tell, but it changes whether they can send an email without being in breach of the regulations. Essentially the PECR only works if the sender has to assume every possible email address may be of an individual, so is not valid for unsolicited marketing. They have no way to know, meaning ALL emails are in scope and should not be sent (if unsolicited marketing emails). If that was the intention of the law, then why not say that - why create the illusion in the law that sending to commercial subscribers is OK when there is no test a sender can apply in order to comply. Either that of the sender has a defence that they could not know, and so the law is effectively useless. Basically the law is bad law as those that need to follow it have no way to reliably do so.

In this judgement there is a similar issue - the party sending the email needs to know they have an email address or not as it changes what they do and what timescales things have. They have no test they can apply to determine if what looks like an email address is in fact an email address based on this judgement.

Indeed, as warned in the case, the intended recipient of the email can game the system by providing an email they know to be invalid but which does not bounce.

You also have the question of when the email is valid. Is it set up, or registered to a user when supplied, or when the email was sent? Anyone with a domain can decide if and when an email is valid on a whim as they require.

And then there are wildcard domains, which some people have, and emails using wildcards and pattern matches. None of these (as complete email addresses) are registered to a user so does that mean all such email addresses are now invalid, and not an email address under law?


After a bit more discussion, I still feel quite strongly this is just wrong.  The wording is :-
(3)  An early conciliation certificate will be deemed received—
(a)  if sent by email, on the day it is sent; or
To me, this makes it pretty clear that the sender has done their job if they send an email (to the address notified to them). This is pretty common wording for email and post, and it means that if the person providing the address makes a mistake, then that is their problem. The sender is expected to send to the address notified - there is not any more you can expect from them, and it is not their fault if the address turns out to be wrongly provided to them, and also not their fault if the delivery system (post, or email) does not get it to the recipient.

The wording could have been something that requires the recipient to have actually received the notice/certificate. I have seen things like that. That would put the onus on the sender to somehow check the recipient has got it, and make the sender responsible for correct addressing and delivery. But that is not the wording in this case. To me, this means a typo is the problem of the person that makes the typo.

The ruling could have said a typo is the problem of the person making the typo, with possible exception that something that is obviously not an email address should be spotted by the sender (i.e. just has to have the appearance of an email address, or meet the internet standards). The ruling could have said this is all down to communicating, and the email has to actually be the correct one for the recipient, and if the email does not get to them, it is not "deemed received".

To me, the whole point of "deeming" it received is because actual receipt is not the senders problem. If the law as that it actually has to be received, by the right person, it would not need a clause on "deeming" it so.

The actual ruling is in the middle. It says that it is not "an email address" even if it "looks like one" if not "set up" or "registered to a user". So a typo is the problem of the person making the typo if and only if their typo ends up being a valid email address. But if their typo makes an email that is not a valid email address it is the problem of the sender (who has no way to tell there was a typo), even if the mistyped email has a valid domain with MX record and email correctly goes to that server.

Surely the judge should have clearly decided - "whose responsibility is it if a typo is made?" Having decided that, one way or the other, he could make a ruling on whether this is an email address or not. This ruling does not actually answer that.

This comment muddies the water even more :-
Since the object of the Form is to enable communication, the intention must have been to solicit an email address that could be used to send the certificate. If so the phrase must mean an actual email address.  That is what the request on the form sought. I find it difficult to accept that Parliament intended the words “an email address” to include invalid addresses that could not be recognised as an email address by a server and forwarded.
But the email address was one that could be "recognised and forwarded" as the domain part was not mistyped, so the mail could be sent to the correct MX record. This is the same as sending a letter to a postal address. What happens then is down to name or department written on the letter, but it has been delivered to the "address" by the postal service.


Decent WiFi

The Aruba AP-515 "WiFi-6" Access Point
My home needs more than one WiFi access point. This is partly because it is a 5 bed house, and partly because the garage conversion for my office involved a lot of Celotex (metal foil coated insulation) in the walls and ceiling, which kind of stops WiFi signals dead. It would be just about possible to cover the whole house with one access point in the ceiling at the top of the stairs (as my neighbour does) but that would not get to my garage. So we actually have three access points.

Getting good WiFi at home

If you have a large home, or one with thick or insulated walls, you may need more than one access point to get good WiFi coverage. BT are making a point of this in recent adverts, but please do think carefully about this. WiFi is simply part of your home or office network infrastructure and a totally separate thing to your Internet Connection. Yes, smaller homes often have one box for all (modem, router and WiFi), and that does work for smaller homes. But if you want good networking at home or office, I'd recommend thinking about your network infrastructure (WiFi, Cabling, and switches) as a separate project than your choice of ISP. Good networking at home can make all the difference. WiFi repeaters and power ethernet devices are generally no match for running a network cable to where you need an access point. With PoE (power over Ethernet) that can be one cable and no need to find a power socket near where the AP is located (important when on the ceiling). Any fixed machines on desks, or TVs, etc, are often better handled on cable as well, and there are some nice PoE powered 5 port switches that are available making it easy to run one cable to behind the TV for several devices and not need another power socket.

Please, don't do what I saw in one place. We spent a weekend at a large holiday home. WiFi did not reach from one end to the other. They had installed two totally separate ISP connections each with a separate WiFi modem/router with the default ISP set SSID and password, in order to "cover" the whole house!


Ubiquiti have been pretty groundbreaking in making a lot of network equipment available at a reasonable price, including good WiFi access points. I tried these and we were selling them at A&A. I am using Ubiquiti IP Cameras and they are pretty good (just got some of the G3 Pro models which do proper PoE, and they are nice).

I tried these access points at home, and I did run in to a real problem with iPhones, roaming between access points, and IPv6. At one point we thought FireBricks may be a factor, but it seems that is just because A&A sold Ubiquti APs, FireBrick routers and IPv6 networking - the problem was seen with non FireBrick routers. The problem looks like it is probably iPhone related, but hard to say if iPhone bug or not. The big clue was when someone found that turning off IGMP snooping on the AP solved the issue. This makes some sense as IPv6 uses multicast for neighbour discovery, so broken IGMP and multicast could break IPv6. What is interesting is we have also seen this on another make of AP now, though still iPhone specific, and it looks like it relates to 802.11r roaming. My guess is an iPhone bug.


I changed to Aruba access points. They are a bit more pricey than Ubiquiti - around twice the price. Ubiquiti really have done a good job on price.

They have a confusing array of model numbers which fooled me a bit. Not only for different grades of WiFi standard and speed, and number of radios, but for indoor and outdoor, and for internal and external antenna. They have models for specific countries - the one we need is "RW" (which I assume means Rest of World).

Like most systems to manage a set of access points you need a controller. Ubiquiti do controller software for multiple platforms for free. What Aruba were doing is a separate hardware controller, but they then added Aruba Instant which is where one of the APs acts as a controller for the set, providing a nice web interface. This has the advantage of no separate controller, but also, if that AP is off line another takes its place with the same config, so redundancy built in. What was confusing is that this was a separate model - the IAP-305 is the one that can be a controller and the AP-305 cannot. What fooled me further is that later models are all able to be a controller but don't have the I in the name, so an AP-375 is an outdoor AP and there is no IAP-375 which confused me. The AP-375 can be stand-alone / controller. I'll be trying an outdoor AP (AP-375) soon, to ensure good coverage of the garden for the summer, and I'll no doubt post more on that.

As for roaming iPhones and IPv6, the Aruba has control of separate roaming related settings for 802.11r, 802.11k, and 802.11v. It seems only the 802.11r breaks iPhones and IPv6, but roaming is pretty seamless with the other two settings turned on. I am sure one day this will be fixed in iPhones and so 802.11r can be enabled.

Personally I like the Aruba better, but that does come at a price.


One of the interesting things for both manufacturers is the new 802.11ax standard (aka WiFi-6). I don't have a device that can use it yet, but it is rumoured that iPhones may have this year. Aruba have an AP that does it (AP-515). Once they are both available, I'll give them a try and keep you posted.


Don't make up email addresses

Why do people do this?

I have a junk domain, one I use for signing up for stuff, and which works. It usually has the name of the place I used the email address in the address. E.g. youtube@example.com for signing in to YouTube, though obviously example.com is just an example and not my domain.

Some idiot keeps signing up for instagram and using my domain.

This is annoying. But also it is pointless, as I am now simply using the "forgotten password" on instagram to set a strong password, change the profile pic to something rude, set default date of birth, change the name to "Idiot using my domain", confirm the email address, and turn off all email notifications.

It is rather odd of instagram, by the way, that they see my login as "suspicious" (presumably as from a different country even) so they send a 6 digit security code for me to enter. What is odd is they send that by email, to the same email address they just sent the password link. What is the point in that?

So the idiot does not get to use the instagram account at all.

What is weird is that not only do they try and login to it (which just makes instagram send me a "you are having trouble" password reset link), but they have even tried the "forgotten password" link that emails *ME* a reset password link. Why do that?

At one point they tried to change the email address on an account - not sure how they did that - maybe it is one I had not set a new password on yet - but I was emailed and given the option to revert that change and confirm my email address. So I did. They were trying a Russian email address.

If his keeps happening, I'll make a small shell script to automatically zap the login the second they create it!

By why do it? Why use someone else's email address on such things? What is the point?


An interesting scam (I wonder how Amex will cope).

I am no expert on scams, honest, but I thought this was interesting.

I saw an advert (on Facebook) for a handheld inkjet printer. This looks cool, and I have previously seen some article on them. I vaguely recalled that they cost several hundred pounds, and the advert was for $44, which seemed very cheap. To be fair, many printers you can buy are stupidly cheap as they sting you on the consumables - so very possible. This is what the printer looks like: https://youtu.be/Va3A7QcBlLE

I decided to order one. My reasoning was that :-
  • If it is real, it is a cool gadget at a good price.
  • Not totally implausible I guessed (turns out I had mis-remember the cost of these).
  • I rashly assumed Facebook would have taken down a scam advert, LOL.
  • I assumed Amex would not deal with scammers.
  • I assumed Amex would be good at handling a dispute if it was a scam.
  • It is only $44 so not the end of the world and worth a shot, even though I kind of guessed it was a scam.

So how did I fair?

Well, it was a scam - what a surprise! Shame, as it would have been cool.

Basically, I got an email confirmation of my order, but it said it would ship in a few weeks. The first step in causing delay.

After nothing arrived, I put in a dispute with Amex.

Out of the blue (and perhaps because of dispute) the scammer sent an email saying it had been shipped! I did not hold out much hope, and I assume another delaying tactic.

The advert on Facebook popped up several more times, with different company names, and I complained to Facebook. They would not take action even though clearly a scam - the comments made it clear too. Also, it seems, these printers are normally around $8000 or something crazy so obviously a scam, had I bothered to check.

A while later, something arrived in the post... Signed-for, from China:-

They have the right description, but what they sent was a paper tape for a dymo labeller! As it happens, I had just got a Dymo labeller for my grandson, so it did not go to waste.

So, what next?

The "dispute" on Amex showed as complete, and no credit, and no contact from Amex. I did wonder if it had gone in spam and been deleted (spam not held for long). Seems not, as emails now from Amex are not going in to spam.

I raised a dispute again, and now even that has vanished, not showing a dispute complete or anything. Both were via the Amex app, which seemed to make raising the dispute quite easy!

I ended up doing a chat on their web site - apparently the dispute was stuck somehow, which is odd. He cleared it and made a new one and gave me a link to upload documents (e.g. above image). It would not take a jpeg but would take a PDF with a jpeg embedded! Crazy!

One issue is they wanted details of what the merchant had advertised. They were sneaky as the original advert was a video on Facebook and not there any more, and I did not even have a screenshot. Later Facebook adverts were different company name, so I could not use that. The confirmation email just had the description "Handheld Portable Printer" and even the "view my order" link (which no longer works) only had that description and not more detail nor an image.

So the evidence to Amex that I can provide is somewhat limited. Indeed, only the description on the label is in my favour. I wonder if they will claim that there is something lost in translation and a paper tape is all they were trying to sell? Oddly, such a tape is not even worth $44.

I hope Amex do not deal with scammers - we will see.


Personal (medical?) data

I am having a bit of an issue with a company called Withings!

I purchased a sleep monitoring gizmo, it goes under the mattress. It is actually pretty cool as it tracks sleep, and heart rate, and snoring. Working out what to do with the data is another matter, but is interesting, and could be quite helpful.

Obviously this device needs a way to present the data to me, and that is via an app on my phone. The ideal way would be to, say, bluetooth it to the app. Simple, and it has bluetooth.

But no, it seems to be set up so it uses my wifi to send data to Withings over the internet, and then the app on my phone gets it from them and displays it. This is not ideal, and it annoys me a little that people make devices work like that, but, in theory, GDPR comes to the rescue.

My sleep is not always good
Once upon a time companies could probably do what they like as part of T&Cs of some service they offered (though, bear in mind, I have not bought a "service", I bought a "device"). However, these days, they cannot simply use my data, they need to have a legal basis, and perhaps even consent.

Also, arguably, this is sensitive personal data (medical data), so subject to even tighter controls.

So, in theory, I should be able to use the device with the data being conveyed to them and back too my phone, and no more. Data being deleted when no longer needed, and not used for any other purpose. Or so you would hope.

The first clue of a problem was that the installation not only required me to agree their T&Cs (annoying) but "consent" to their privacy policy (here). This immediately rang alarm bells as "consent" is meant to be "freely given" under GDPR. Insisting I consent as part of installation is wrong.

So, I consented on the basis I want to use the device, and immediately emailed withdrawing my consent, as is my right. To be clear, I explained I accepted that there would be some data processing to provide the core functionality of monitoring my sleep and displaying that on the phone app, but I withdrew consent for any other purposes - specifically (as per their privacy policy): Developing and managing Products and Services, Conducting data studies, and Marketing, advertising and making recommendations. The last one being my main concern.

It is worth noting, had they had a number of entirely optional consent settings such as "share data with our developers to help improve the product" and so on, I may well have clicked on some. Making it mandatory to consent to usage as per their privacy policy was what kicked this all off!

They basically have no clue, seriously. Many emails back and forth. They kept telling me where their privacy policy was and asking if there was anything else they could help with. They totally failed to understand their obligations or what I was asking. Finally I have an email saying if I don't consent then that is not compatible with use of the product and they offer a refund. Well, no, I want to use the product, but my data only be used for that usage and nothing more. That is my right!

We'll see what happens next - I have written to them now as well.

However, there is a big gotcha here, and this is the same with T&Cs for installing a smart TV and a lot of other internet of shit stuff.

EVEN IF I CONSENT, what of other people?

This is not entirely hypothetical now. I was away for the weekend, and my sleep tracker says I slept one of those nights I (someone that does not snore!). Now, I happen to know who did sleep in my bed, he is 5, and not only did he not consent to Withings having his data, but he legally is too young to have done so.

(I believe my having his data probably comes under personal/domestic use in much the same way as if I marked his high on a door post).

But Withings will presumably want to use the data for Developing and managing Products and Services, Conducting data studies, and Marketing, advertising and making recommendations.

If the basis of this use is "consent", which they seem to suggest, then when and how did they get his consent exactly? I have asked them this. We will see what they say.

Basically, they cannot assume they have consent for any sleep data they collect to be used in such a way, at all, ever, as even if the installer or owner of the device consents, they do not know the person sleeping in the bed has consented.

As I say, this is much the same as smart TVs that could be recording you viewing patterns. Even if the installer has agreed terms and consented to such data processing, the people viewing the TV may not have.

This is a legal issue that needs sorting. I wonder if the sensitive nature of medical data in the case of the Withings sleep monitoring device will help get this to a test case? ICO have been told.

P.S. I checked, and it is at least talking over https.


Etiquette of giving

Etiquette is complicated. It is a set of rules for social behaviour. There are, of course, many books on this, but at the end of the day etiquette only works if those involved are working to the same rules, and for that reason I am not going to read/reference any formal etiquette in this post, but rely on those rules I have learned :-)

When they work, the rules of etiquette help avoid awkward situations and ensure social interactions run smoothly. They are not usually logical though, which is a nuisance. If there were logical, one could work out the rules (or close enough) for any new situation. Unfortunately they have to be learned, sometimes the hard way by getting them wrong.

So, I was pondering the rules on gifts...

Giving gifts

Of course, there are different rules for gifts to children, so I am mainly talking here about adults giving gifts, e.g. Christmas and birthday, and so on.

There are, of course, many different, and sometimes overlapping, social groups. These will often develop their own set of traditions and etiquette for giving gifts. Sometimes these are more formal, such as a "secret Santa" arrangement in an office at Christmas - with explicit rules on value of gift.

There are, of course, "token" gifts (often the case for secret Santa). These are usually low value, sometimes humours, and sometimes useful.

But sometimes, between adults, there may be gifts of more value given. These are more complex. I have already commented how Christmas seems to be a time of several months where one dare not buy anything you actually want in case someone gets it for you for Christmas. There is also the risk of duplicate gifts. It is not usually etiquette to simple state exactly what you expect as a gift as that is obliging someone to get it for you. Of course you are expected to appreciate the gift, not discard it. This creates a problem as not saying exactly what you do want people are expected to get exactly the right thing, and not some lesser model with which you will be unhappy. Subtle clues are then involved, and I don't do subtle well!

There is also a usual expectation of some reciprocality of gift value. Sheldon from The Big Bang Theory takes this to extreme, working out the cost of gifts to the cent so as to avoid leaving any lingering imbalance and obligation (and I know how he feels). Of course this then creates a problem if a gift is "too much". If I was to gift a friend something worth thousands of pounds, they would feel obliged to do the same, and may not have the means to do so.

So, no, I don't really have many answers. I would say if buying a gift of value, i.e. not some token gift, then really try and work out exactly what they want rather than getting something "close". Dilbert has comments on gift vouchers - basically why swap currency you can spend anywhere with currency that only works in one place and for a limited time. Well, they can be useful I suppose as a way to help someone get just the thing they want without getting it wrong - if you know someone wants a new apple watch, an apple gift voucher maybe better than getting the wrong version/size/etc.

There is, however, one rather complex type of gift:-

Lottery tickets

On the face of it a lottery ticket makes a perfect "token" gift. It is low value, e.g. £2, and nobody is going to say "oh, shame, I already have a lottery ticket". It is a "fun" gift in a way.

There are, of course, two big issues with giving a lottery ticket:

Worth nothing!

The most likely case, as with over 90% of all lottery lines, is that it is worthless. You have literally given someone a worthless scrap of paper. That struggles to even be worthy of a "token" gift.

Obviously the "logical" approach is to consider the gift to be worth what was paid for it, £2, so logically the same as giving a £2 coin - but if the recipient would not have bought a lottery ticket then this is sort of forcing them to throw away £2 and be left with nothing, so not the same as giving a £2 coin. Etiquette does not necessarily follow logic.

There is sort of one way around this, and this is what led to my making this post - an event with quite a few people where it is customarily to give the attendees a token gift. Giving all a lottery ticket, especially with a couple of "lines" means that there is likely to be someone that at least wins £30. This means all can sort of participate in the gift receipt process vicariously to some extent. It is not hard to have enough tickets to be pretty sure someone will win £30.

Winning £30 is pretty much the ideal outcome of giving a lottery ticket - it is fun and not a crazy amount for a token gift. Indeed, one could be devious even in the case of giving a couple of people a gift (e.g. at Christmas) by using something like my lottery ticket mazes to give tickets that supposedly were put in the maze before the draw - if you actually buy many tickets, and pick the ones that did win £30 to include, at the last minute, perhaps swapping with the maze boxes previously on display before the draw, you could make it that everyone is a winner. Not sure how well that would work, but it would be fund if everyone in a small group all won on their lottery tickets.

Worth a lot!

The bigger issue is the etiquette around the gift recipient winning a lot more. This is where there may not be clear etiquette in place, and it could cause hard feeling. What if the ticket wins £1,750 or £1,000,000? Is the recipient expected to share that with the giver?

Again, logic suggests the gift was worth £2 and the winnings are entirely the recipients, but will that leave bad feeling. What if the ticket is a £10million jackpot? The way that is handled could destroy a family. Thankfully it is very unlikely, but even winning £140 could cause some hard feeling in some social groups.

I do have a suggestion in this case, but it doubles the cost. If the giver gets for themselves the exact same lottery lines, then anything won by the recipients is also won by the giver - no feeling of any obligation to share with the giver as they are already a winner to the same extent. I think that will work.


Putting the maze to bed...

I have tinkered on and off with the maze box stuff since Christmas, and we have actually found a really good use for the lottery ticket boxes for a small project (more on that after the event).

I have done loads to fine tune the clearance between the lid and the box, with lots of testing (each test takes hours, during which I have other work to do). It is a bit of a trade off - you need the lid to not scrape on the maze, or be too tight to move, but also not be too loose, and you also need to adjust the "nub" a bit and the "ridge" where it parks when complete. All these are now options on https://www.me.uk/puzzlebox anyway, and tested on my TAZ6. I will have to test on a Makerbot Replicator 2 to confirm if they work on the current defaults, or need more tweaks.

I have also gone for three nubs on the maze by default (again, this is a setting), to be more stable, especially as it is now a tad looser. This works well, but means less maze area and so simpler mazes. Even so, I think the new maze logic does create a good puzzle. I find it hard to tell as I don't have any problem solving these, sorry.

I changed the park ridge and nubs to directly calculated polyhedrons to make them the exact correct shape and size and skew to fit the maze, that was a challenge. It is quite fun getting your head around three dimensional geometry though.

Some of the tinkering has been a bit more complex. One of the changes I made was to allow any number of sides on the outer box. It used to insist on a multiple of the nubs - this ensured you could make the maze any way around (e.g. if 3 nubs, any of the 3 ways to start the maze would work). However, I thought it would be more fun to allow for other combinations, so as per the image above, 7 sides and 3 nubs. This means only one of the 3 ways to start will line up with the base at the end. To help, I added a subtle mark on the lid and the maze for alignment as you may be able to see. That was a slight challenge to code as the starting point of the maze could be wrapped around several times compared to the end point, and the combinations of maze inside, outside, both or neither, made for some fun testing.

Also, I found the lettering was not ideal on the ends. I have an option to do a proper chiselled effect (45 degree angle) in to the letters, but you ideally need a thin/fine font. I have made an ExtraThin variant of my 5x9 font for this now - and overall the 5x9 JTD font looks pretty good in 3D print I find.

I also used parallel command to make the sample boxes without trashing my machine in device waits!

All in all I am running out of things to improve. I have one idea which is to do with fonts: I made a bodge to use Noto Emoji if the string starts with top bit set, which is to allow some hearts and rings, but ideally each block of text should use fontconfig to find if the chosen font has the glyph and have fallbacks and make OpenSCAD for each separate block (as OpenSCAD does not seem to allow a list of fonts with fallback). Doing that could also ensure text does not go off the end of the space. Not sure if I'll go that far yet as the text is usually fixed, and I have already added a scale setting.

Apologies to the many people downloading from thingiverse. I have tried to ensure the various versions I have uploaded are all "good" even if they have slight changes, but just a few times I have messed up and only realised when the test print finished. Thingiverse is very slow at deleting and uploading new models, so I am sure it looked wrong at times. I included a "version" box (as shown above) in the uploads for reference. There are a good selection of test boxes on thingiverse but always best to make a new maze yourself as they will all be different. Still loads of accesses, likes, comments and makes on this puzzle, and even some people making the code direct from github (thought some of the comments were verging on trolling).

I was actually surprised to find at least two people selling these on ETSY! I hope they like the new version.

I did have fun making one the right size for an Annoy-A-Tron though - not sure where to put it :-)

Anyway, I have a bit of printing to get done for this small project :-)


Maze complexity

Making a maze is relatively simple, or so you would think. In this case the maze only has one path to get from start to end, and no loops, and all squares are occupied.

Firstly I have to consider what makes the maze "hard" or "easy", and I did a lot on this when I coded the first version of my maze back in 2017. In that case I created random mazes and "scored" them, including factors like how many dead-ends there were. I picked one with a good score.

The issue is that some of the factors are not obvious. E.g. a good factor is how long the solution path is - longer the better, or so you would think. The problem is that the longer the path is, the fewer "squares" on the maze are occupied with dead-ends. The longest path has no dead ends so whilst it takes a while, the maze is ultimately very easy as you cannot take any wrong turns.

Similarly if the path is too short, e.g. straight line from start to end, it is far too easy to find the solution, especially if you can see the maze. So there is a compromise.

The number of dead-ends is also not an ideal metric - you want dead-ends, but they need to be long enough not to be obvious as dead-ends, especially if you can see the maze.

The simple algorithm

The basic algorithm I have used to make mazes in the past is one where we have a current point on the maze (you can start anywhere as ultimately every square is used, and so it will always create a path from any arbitrary start point to any arbitrary end point). You consider the options of moving to an adjacent vacant square, and pick one at random, drawing the maze to that next point. When you find you cannot move you back track until you can. Ultimately you back track to the start and the maze is full.

A minor enhancement is to bias the directional choice. E.g. starting at bottom of maze a bias to go back down can create a maze that has more ups and downs than just random. Similarly, with a wrapped maze (as we have here) a bias to left and right can create long horizontal paths which are fun.

Another minor enhancement is to pick the exit point at the longest path, if that is an option.

However, the algorithm as a whole as a major flaw - because, when you reach a dead-end, you back track until you can move, you are making dead-ends as short as possible. You always back-track as little as possible. The result is a path from start to end which has lots of short and obvious dead ends.

A simple fix

A very simple enhancement was to start two paths in parallel from the start point of solving the maze. This allows two long paths to exist and creates a "wrong direction" from square one, which is not obvious. The trick of picking the longest point for exit helps ensure the longest of these paths is the solution.

A more complex algorithm

I have now come up with a more complex algorithm. This works by having a set (queue) of points, each of which looks at the adjacent empty squares and picks a direction (as before), but the new point is added to the end of the queue of points to consider next. This means the maze spreads out like a tree from the start point. The trick of picking the longest point for exit helps ensure the longest of these branches is the solution.

This does not work in itself, as you create a maze that is way too simple - far too many paths at once means that they have no choice where to go and hence have to be simple. Even picking the direction randomly, the results are all stupidly simple.

When adding the next point to the queue, I can add to the start of the queue (for immediate consideration) or to the end of the queue (considering all other points in the queue first). If added to the start, then it makes for a long path that can travel unimpeded around empty space before the other paths are tried. If added to the end, then the other paths are handle in parallel with the above result. The same decision applies to the current point considering other directions it could take.

This creates an opportunity for a parameter - one that controls a random chance of adding to start or end. I have added this as a maze-complexity setting.

By allowing a bias as to which end of the queue is used, it creates a range of maze complexities. However, even at one extreme, always adding the next point to the start so it can continue (much like the original algorithm) the key difference is what happens when a dead end is reached - in this case the alternative path is the earliest added to the end of the queue, i.e. the longest "back-track" we can do. This alone makes for more complex mazes.

Of course if you push it too far towards short dead-ends you get some very odd mazes...

Needless to say, this makes for more challenging maze puzzles now.



Around 18 months ago I made a Russian Doll Puzzle Box on thingiverse. This was after initially doing a simple two part box. The idea was pretty simple - the box has a maze on it, so the lid has to be moved around the maze to close or open the box.

It is surprisingly popular, with over 150,000* views on thingiverse and no idea how many from my site that makes the random versions on the fly.

The original code was almost all done in OpenSCAD, with a small bit of C code to create a random maze and set the various parameters used by the OpenSCAD script. It worked, but rendering the OpenSCAD was quite slow.

This Christmas I thought I would have a bit of fun re-doing it. There have been various requests and suggestions since the original design was posted. So I have incorporated a lot of those. The big one was having the maze on the inside of the box so making it way harder to solve! I have also added a helical option, and ability to emboss an initial on the ends of the box.

I decided to take a new approach. Instead of designing in OpenSCAD, I designed it all in C code, making OpenSCAD from scratch from the C. This is only subtly different, and it uses OpenSCAD to carve the maze from a cylinder in much the same way as before - just more of a long list of functions generated by C code rather than iterative OpenSCAD script. This worked, after a lot of tinkering, and after a couple of days I had a whole new set of test mazes. There are loads of tweaks once you print something for real on a 3D printer, and that takes a lot of time, so the test cycle is slow...

Last night I ended up re-writing a whole chunk of it in my sleep! Today I coded the changes, and it works. The change was simple in concept - instead of using OpenSCAD to carve shapes from a cylinder, I would construct a polyhedron from scratch in the C code to make the maze surface.

This was not as easy as it was in my sleep as I learned a bit about manifold polyhedrons, but it works. It makes the OpenSCAD unreadable as it is a huge list of 3D points and faces.

The end result is a much neater maze, and it is away quicker. The most complex test I had was taking OpenSCAD over an hour to convert to STL, but the new version is just over a minute, and most tests are a few seconds.

The other big difference is I have also released the C code on github. Enjoy.

See https://www.me.uk/puzzlebox for a custom maze SCAD.

P.S. Updated many times since I started on Christmas day. Always one extra tweak :-)

*I do not trust the download count - the file download count goes up way faster, so even counting "download all" as one download it is way off, and there are 50 files. It seems someone downloads every minute or two, and just as many access my web site to make custom mazes - amazing!

P.P.S. One more tweak - I added a mode to alternate "inside" and "outside" maze :-

P.P.P.S. One of the things I have done in this case (as you can see from the source) is make use of popt more than usual. Apart from just using as command line arguments, the same structure is then used to parse QUERY_STRING args, generate the comments in the header of the output, and even generate a web form. This means I can add new options in one place and not repeat myself.

P.P.P.P.S. I worked out a way to make the maze more challenging: The maze is drawn by a path from a point, taking random turns (with some bias) and back tracking when no options. I have now made it run multiple paths from the starting point concurrently so that there should be multiple reasonably long paths from that point, all but one of which will ultimately be a dead end.