Root login

I think I mean logging!

It is a tad windy outside A&A towers today. My wife was parked there a few minutes earlier.

[nice pic, Paul]

Don't worry - we're not opening a new branch office.
Update: The root of all evil was removed very quickly yesterday.

Apology to BT

I recently blogged on how migrating an FTTC line had several issues, partly that it costs £50 not a lower figure used for normal migrates, and also that the old ISP is tied to 12 month term at the same time as new ISP.

It seems that in some cases the migration is only costing us £11 not £50, where it is BTW to BTW migration (so no Openreach involvement). This is in line with normal migrations of ADSL where BTW to BTW. The fact that we thought this was £50 was indeed one of our primary complaints, and as that appears to be based on a mistake in our reading of the price list, I do apologise to BT.

We are trying to confirm how we can tell when this applies from the checker. The £50 applies when migration from non BTW FTTC (e.g. direct LLU/GEA FTTC).

Sorry if this sounds a tad technical, though that is part of the problem here :-)

We think that BT are still holding previous ISP to 12 month term even where new ISP takes over the line. If we have that wrong, we are more than happy to apologise for saying that... We're trying to confirm that now as it is not clear.


Pashley vs Dutchie

I used to have a Pashley Roadster Classic, and I have just got myself a Dutchie Dapper 3 speed.

Dutchie Dapper 3 speed

They are both black steel framed sensible bikes. They are not racing bikes or mountain bikes - they are comfortable easy to ride street bikes, and I use it to cycle to/from work and station and shops and so on.

So, differences...

1. The Pashley took weeks to arrive, but the Dutchie is next day delivery. +1 for Dutchie.

2. The Pashley is £525, the Dutchie is £329. +1 for Dutchie

3. I paid extra on the Pashley for a hub dynamo and front light, but this is standard on the Dutchie. The Dutchie actually has front and rear lights on the dynamo, with the rear staying on after you stop (LED). The front is a bright halogen light. +1 for Dutchie

4. The brakes are different. The Pashley was hub brakes front and rear - they are softer than conventional brake blocks but consistent wet and dry, and I got used to them. The Dutchie has back-peddle rear brakes and conventional side pull brake blocks on the front. I think I prefer the Pashley, but it is pretty marginal and I expect i will get used to the Dutchie brakes in no time.

5. Saddle. I like the Brooks leather saddle on the Pashley. The Dutchie came with a smaller, less comfortable foam or gel thing. I swapped the saddles, especially as the Brooks is €150 alone! +1 for Pashley.

6. The stand on the Pashley is under the rear wheel, lifting it off the floor and standing the bike upright. The Dutchie has a side stand, so the bike leans. I think the Pashley is better. +1 Pashley.

7. Both have a built in lock on the back wheel.

Overall, I think I prefer the Dutchie, especially as I have now fitted my basket and swapped the saddle over. We'll see how it goes. Now you know what the MD of an ISP drives :-)

P.S. Both are in fact company bikes.

Cookie law

I blogged at the time about how stupid the legislation on browser cookies was.

Basically, the issue is, people started to notice targeted adverts. I have seen this myself. If I visit several camera web sites then all the adverts on other web sites start to be for cameras.

People feel somehow aggrieved that "they" (the advertisers) know something about them, and what they like or dislike, and this is "personal".

So, you have to wonder if this is something that should be regulated, and, also, given that the way it works crosses international borders you have to consider how it could be regulated even. Should profiling people in some way be illegal?

I don't know the answer to that, but the knee jerk reaction was a cookie law, outlawing the sending of information to a browser that is later sent back to something on the internet. The problem with such a law is that it actually covers normal browser links, a lot of general and needed headers, as well as cookies, so it is an unworkable law that undermines the whole way that browsers work. It is also the case that by the time the law came in the browsers had more sensible defaults covering the way data was sent back that helped address the issue and give users more direct control themselves.

Today I discovered https://panopticlick.eff.org/ which is interesting. It basically looks at standard browser things, like version number, operating system, plug-ins, and so on.

Using things like this one can create a unique fingerprint of a user with some ease. It is not foolproof, but more than adequate for the likes of advert targeting.

It works by using information that is provided by the browser, which is not information sent to it in the first place, so quite simply not covered by the cookie law at all.

As targeted adverts were not outlawed in the first place, advertisers can meet the cookie law completely, and maintain targeted adverts, and bypass user controls of cookies. Indeed, one can argue that such changes are a result of things like the cookie legislation - making it harder for people to stop targeted adverts than before the law.

So the law is worse than useless in that respect, as well as now plaguing us all with cookie policy pop-ups on web sites and driving everyone mad with that as well as targeted adverts.

Why can't people think a bit more before making stupid laws, please.

Also, as it is clear that this law is pointless - is there not a simple means to revoke it? I wonder if laws like this (and perhaps all laws) should have an automatic expiry date built in to the law at the start - requiring positive review and evidence before it can be extended. That would get rid of a lot of pointless and out of date laws from the statute books.

5 + 5 = 7.7

I am sure they have some logic somewhere to explain this, but as a visitor to their site the idea that two reviews scoring a full 5 stars somehow makes a total of 7.7 out of 10, is a tad, err, special. I am not sure I trust their maths.

We were wondering is somehow older reviews counted loss somehow - but you would make then have less weighting in an average, not make the a worse review.

There really is no sane way to make two reviews of 5 somehow make a total of 7.7 out of 10.

Very strange.



This may turn in to a series of blog posts on the matter. At the moment I am a bit behind the game here and only just starting.

It seems that HMRC have decreed (with legislative backing) that we (and indeed, most) employers will have to change the way we do payroll. They list various cases on their web site, such as those with a few employees (who can use HMRC web site), or those using an outside agency or accountant, and those doing payroll in-house. This final option they explain to contact the payroll s/w suppliers. That sounds simple and painless, no?

Now, payroll is not hard. It is something you can do with a pocket calculator, and as a programming exercise it is a piece of cake. So we are in a 4th category - in-house payroll that we wrote.

Sadly this is the worst case. We don't have hundreds of paying customers for our payroll s/w funding new development - yet HMRC want some XML interactions direct with them to submit details of pay in real time (i.e. each payroll run). This changes a handful of sums and a few database summary reports to a task of a hundred times the complexity.

Don't get me wrong - we do this for a living and XML is a piece of cake, but it is massively more complex that just doing payroll normally. I have yet to extract all the specs (which appear to be a moving target) or get on to a test system (assuming they have one).

But it gets worse. It looks like they have "approved" software. I have not got as far as working out what is needed to get approved, but that is never a phrase I like to see.

The reason I say I am a tad behind is that this kicks in for April 2013. Or does it? It turns out there is no penalty in 2013/14 for a late submission, just an inaccurate one. So in fact we have until May 19th 2014 to submit the 2013/14 "real time" submissions without penalty, as long as they are accurate - phew...

But actually, even if we used someone else for payroll, we have loads more work to do at very short notice. We use BACS - we have a service user number. This is because we do Direct Debit. We use Lloydslink Payment BACS service. It is a handy BACS submission bureau used by lots of people for Direct Debits and Direct Credits (e.g. payroll). Works well, easy to use, not too expensive, used it for years.

The files we send include a lot of the BACS fields to allow payments and Direct Debits, but do not actually include all fields. It seems there is an otherwise unused four character sub-reference field (field 7) in the underlying BACS file. We have no way to include that in the submissions. Why would we? It is an unused field as far as we can see.

Sadly, it seems, Lloyds are not prepared to upgrade their BACS system to allow us to include that field. It would cost too much. So they are shutting down their entire BACS bureau service, at only two month's notice to us. This is a nightmare. BACS systems typically take months to set up - they are tightly linked to our billing systems. And to rework it all, finding a new BACS bureau, and getting it set up and tested, in only two month's notice, is scary. I have little doubt we can move fast, but nobody in banking moved at any speed, so this is tricky!

Why is this happening? The answer is that HMRC are to blame. Even if we did not use the BACS files to pay people, the fact that some people do means that they need to populate this magical "field 7" in their BACS payments now, and Lloydslink cannot do that. So we all suffer with the service being withdrawn by Llloyds bank because of HMRC's actions.

The reason is that HMRC want to tie payroll in to BACS in some way. It seems they would actually like real time PAYE reporting to be totally in a BACS file, i.e. detailing the pay and deductions as BACS records. This seems to be partly because it ties actual bank payments to PAYE records, but also because they think the banking system is better placed to handle the data processing for them.

However, they have not quite managed to do that (they still plan to), so they have an interim system which involves BACS/VOCA sending (presumably) HMRC daily SHA256 hashes based on the BACS payment made to the member of staff including this new four character sub-reference field.

This means that to comply with HMRC RTI rules, anyone using BACS directly to pay staff has to be able to include this field in the payments so HMRC can match the BACS/VOCA hashes to the submission.

Oddly they do not include the BACS user number in the hash, so will get duplicates in their files (they acknowledge this). They use sort code (from and to) and amount and 3 random characters, so will get clashes. Why the hell not make it unique - i.e. include BACS user number in the hash and make it a rule that the sub-refrence is unique. Heck, include date as well. That would be easy for s/w providers doing payroll and make sure the hashes are actually unique!

This is an invasive link of payments to HMRC reporting, but more to the point it is creating all sorts of side-effects. We are now having to do two software projects at short notice - one to do a completely new BACS system for Direct Debits, and one to do a new payroll system. The payroll had more notice, had we noticed, but the BACS was a surprise. We had no idea Lloyds would shut down their bureau at short notice.

Well done HMRC costing me money - I'll make sure we account for the time as an R&D project and reclaim extra tax relief for it...

When is a filter not a filter

When you don't have any phones!

The typical ADSL/broadband filter contains a number of components to filter the telephone line from the broadband line parts (which use different frequencies).

The usual arrangement is a plug-in filter, which has a phone plug, and then has a phone socket and a modem socket on it. There are also faceplate filters which do the same, but also filter the extension wiring (which connects to the back of the face plate).

This picture gives you some idea, with the normal passive faceplate (left) and a plug-in filter (right).

What surprises many people is that the broadband part of the filter is pass through. The two wires in the phone line go straight through with no change at all from the plug to the modem socket. The filtering is all on the phone side. It stops any unexpected sounds from broadband getting to the phone, and stops any unintended high frequency from the phone affecting the broadband.

If you have a broadband only phone line, with no extensions and no phones, as increasingly common, you do not need a filter. All you need is a means to connect the modem lead (RJ11) to the phone line.

The answer is a non-filter modem-only faceplate like this (below). These have RJ45 sockets (8 pin) which means they can connect directly to structured cabling but they are designed to take an RJ11 modem lead directly as well (as RJ45 is normally).

This has much less in it - and so less to go wrong. It has no phone socket, but also specifically does not have the extension wiring connection at the back either, which is important. Even with no phones in use, normal filters can be a cause of ADSL/Broadband issues if they develop a fault. This faceplate, however, is so simple there really is nothing that can go wrong that is not a direct short or open-circuit.

There is one downside, which we are bracing ourselves for now that we are sending these as standard for any broadband-only phone lines, and that is that BT engineers expect a filter. They have been known to go to a site that has no filters (modem to phone plug leads) and fit a filter, leave, and say that this was the cause of the fault (not having a filter). We expect they will be confused by these face plates, but we may be surprised. We'll see.


Zen Flight

There are many new spells for the Monk class on the latest WoW expansion, and given that Mikey and I have been playing lately, I noticed that a couple of these have some useful side effects.

Zen Flight comes from a minor glyph, and usable from level 60. It allows one to float on a cloud. It seems to be slow moving, but has a few interesting quirks.

  • Instant cast, so very useful for getting away from tricky situations (can't cast in combat, but can cast while falling, which is handy).
  • You can do lots of things from the cloud, including mounting a proper flying mount. So I have the mouse keys set to Zen Flight, and then move upwards and cast a proper mount from there.
  • But the most useful bit seems that you can collect stuff and even mine from the cloud. This makes collection quests really simple - as you simply float over the collection item and collect it even if an enemy is right next to it. It was even useful to hover over a cauldron in the Boiled Blood quest in Hellfire Peninsular, avoiding all of the beetles.

Zen Pilgrimage is automatically available from level 20 and takes you to the Peak of Serenity. It is not that useful a place and does not even have an Inn to rest. It has various training including a useful daily quest to get an hour of faster XP. From there you can Zen Return to near where you started (grave yard).

The trick is that you can set the Hearthstone to a major city, Zen Pilgrimage from wherever you are currently questing, and from the Peak of Serenity you Hearthstone to the major city, and then, from there, you can Zen Return back to where you started. You don't have to move your Hearthstone as you move from zone to zone.

Anyway, neither of us get a chance to play much (far too much work to do) - the Horde guild is only level 2 so far and we each have a Panda at level 63 so far, but plodding away at it a few hours a week.

Anyway - busy week - no Cloud Commuting for me...


Well done BT

For a change, we had a very positive meeting with BT.

To my surprise they have been looking in to fault repair in some detail, looking at the faults we put in and how they have been handled in some detail to work out how they can improve things.

With any luck this will lead to process changes that make it easier to get faults fixed in future. I hope so. All very encouraging.

So, well done guys, and I hope you like the dragon.

Thar's your problem

You pay plumbers and heating engineers to sort why the heating is not working properly, and they fail to find the cause, and charge anyway, and fit an isolation value because something is losing pressure somewhere.

As always it is a matter of doing it yourself. Well done Andrew and Lee.

Who the hell fixes an underwater piping problem with a cheap plastic push-fit connector.

And, of course, it is under the nice new carpet tiles. Fortunately that is going to be a small job for them to re-do for us.

So, finally, we should be able to move people in next week. Somehow staff prefer it when we can heat the room they are working in :-)


OMG Barclays Springboard Mortgage

I have helped my kids get their first house, putting up tens of thousands, as a loan, and (so far) losing it.

I just saw a TV advert that made me think that I want the thing advertised. A way to help my kids get a house, pay money, but the bank pay me back with interest after 3 years.

Well, three more kids to go in terms of house buying, I think I finally have a way not to lose out.

I am not sure what surprises me more - the fact that I may not keep losing out - or that a TV advert was selling me something I want for the first time in an age!


Looking good

Carpet down - looks like we'll be moving people in to the office next week, weather permitting.

Well done with all the hard work from Lee, and others in the office. Nice to see the contractors not stopped by a little snow - they sorted the carpet tiles quite quickly this morning.

I have had a few people ask - so just to clarify we are not moving at all - we are moving around which rooms we are using in the same offices. This is the biggest room (now we have removed the partition wall), so allows us to run a single team for sales and support which should help with customer services.


I'm not giving in to threats of bad reviews and ADR, sorry.

I have someone that has been using internet service bought by is former employer and now, after he has left their employ, he is upset that our customer (his former employer) has asked for service to be ceased. It almost equates to using a neighbours wifi and getting upset when they turn it off, in my opinion.

We were working with him and our customer to arrange for him to take over the line, and obviously we want that to be seamless so that there is not a gap where neither old or new customer is paying for when service was provided. This sort of thing is not that uncommon, though usually when a company takes over a previous company. He would not take over from when the existing customer stopped wanting the service, so we did not reach an agreement. Shame. Now our customer has requested a cease of the service, which we are doing - what else could we do?

What is odd is that, before even becoming a customer, he has: threatened to take us to court; said he would claw back a direct debit if he became a customer; accused us of blackmail; had someone claiming to be a solicitor call and hassle us; said he will take us to ADR; and threatened to give us bad reviews. He had me at "blackmail", to be honest - I decided that it was not good business sense to have him as a customer, sorry. It kind of went down hill from there, proving I made the right choice.

Now I have the prospect of a laughable ADR case, which should fall flat on its face as he is not even a customer, as well as bad reviews from someone who has never, in fact, had service from us (and never will). We are not making services available to him, so at this stage is not even a prospective customer. To add to the fun, on his account application he said he is a communications provider, so not even eligible for ADR even if he had become a customer.

When I say someone claiming to be a solicitor, I mean someone that is not listed on the law society web site. Later we were told he is a barrister, but oddly he is not listed as a barrister either. He claimed to be from a practice which oddly is also not listed on the law society web site. Maybe we spelt him name wrong or something. What can I say?

I know that we get a lot of customers simply because we (well, I) do have some principles and I am not afraid to stick by them. I learned about bullies the hard way and I am not going to be bullied now. Taking on a customer like this would tie up time, money, and resources we could be spending on other customers and that is not fair on them.

If this means bad reviews, it will mean a calmly written "right to reply" on whatever site he posts reviews. If it means ADR it will be discussions with the new ADR company about what exactly they are doing taking such a case. After the previous, and only, ADR case, we tightened up the contract terms and wording on our web site a lot to avoid this sort of crap. This will be an excellent test of those changes.

I am not trying to be unreasonable with anyone - we tried to sort this amicably, but once someone goes down this sort of road it really makes no sense.

If he feels he had "poor customer service" from us, then (pretty much by definition) I have to agree with him. Customer service is about perception of the customer, so no dispute from me on that - and I am happy to publicly apologise for any poor customer service, perceived or real, that he has had (as a prospective customer). I think we tried to help him, but as I say, it is all about perception. Just to be clear, that means there is not a dispute to resolve regarding customer service or a need to ask an ADR for an apology as I have just apologised.

I'm blogging this because it is stressing me - I take the business seriously and I take customer satisfaction seriously. If people think I am not doing the right thing, tell me. But I really feel one should not give in to bullies.

I do sincerely wish him good luck - I hope he manages to sort new Internet access he needs promptly. It is a shame that he has, apparently, made sure his business relies on a single ADSL line with no backup, but what can I say. Perhaps his neighbour has wifi he can use (with permission, of course).


publicservice.co.uk Break the law: apologise

Bloody junk callers.

Just had a bunch called publicservice.co.uk call me - well, call the office insisting on talking to the director.

Googling while on the call I realise that it is a scam trying to sell me the opportunity to contribute to an article - for a large fee.

I had to ask him "are you trying to sell me something" several times, and then "will anything in this call lead me to have to pay you money" which finally got a "well yes".

I then had to explain that unsolicited marketing calls to numbers listed in the TPS are a criminal breach of the Privacy and Electronic Communications regulations.

He apologised for that - and tried to carry one selling me stuff.

Why do people think that simply apologising is sensible - I mean, its like someone breaks in to a house, and gets confronted and they just apologise for breaking the law and carry on.



Working down

Well, we have new ceiling tiles in...

Now we work down from there?

I feel sorry for the guy doing the floor as it has taken him two days to lift the carpet tiles. Anyway, more structured cabling in the ducts and progress being made for our new customer service office...

Next is floor being finished, coated and carpet tiles.

Then desks and people.

Should be fun.


Use the force

We are moving around the office, and making a bigger open plan area for the main customer facing team.

But really, one should not have to use a cold chisel to lift carpet tiles! They have been stuck down using really strong glue. Apparently carpet tiles should not really be stuck down anyway, they should be movable if needed. This looks like someone has poored blobs of evostick on the concrete floor and put the tiles on top.


What are the ASA for?

It seems the ASA have some strange ideas. We know, for example, that advertising "fibre broadband" is allowed when not actually provided by fibre. We know that "up to XMb/s" has to be a figure that only disappoints 90% of people expecting the XMb/s figure not 100% of them and hence forcing web sites to lie about the top speeds you could get.

However, as adverts often annoy me, I recently made a couple of complaints. Simple on-line web form on which to complain, so why not? It has to be better than just shouting "I don't belieeeeeve it" in my best Victor Meldrew voice.

One was about SkyGo "you don't pay for nothing" when you do pay for mobile data. Apparently that is not at all misleading so they are doing nothing. Not impressed.

Another was broadbandchoices.co.uk who advertise that they compare the best deals from all of the providers in my area. They don't. It looks like they cover some of the major providers only. I suspect they only cover those paying them commission or some such. Understandable as a business model to list every provider for free (like many comparison sites) does not make enough for TV adverts generally. But none the less, if that is what they offer they should not claim to cover all providers. They could even say "major" providers, I expect, and be truthful enough.

Interestingly the site says they get commission from some providers, and states they are completely impartial, so maybe we can get listed. I'll contact them and find out. Even so, until AAISP and every other provider is in fact listed they don't compare all providers as the advert suggests.

So, first off, ASA ask for some evidence. I explain that, for example, they do not list AAISP for my postcode, or other small providers like us. Why they could not see that themselves I do not know.

They now come back basically saying that the web site is outside their remit, as, whilst they do cover some web site adverts, they don't cover search engine type stuff like this. They seem to have forgotten that I complained about a TV advert (which is in their remit) being untruthful... I have replied to that effect. We'll see what they say.

In the mean time, I'll try and get us listed and see what happens :-)

Update: Brodbandchoices say that it would be logistically impossible to include a listing for us. Odd that - somehow ispreview and thinkbroadband manage it. They have not answered my complaint that the TV advert says *all* the best deals, not just "major providers" or that their web site says they are impartial.

And so it begins

It has been reported by thinkbroadband and ispreview that plusnet are running tests for Carrier Grade NAT on their network. Unfortunately this was to be expected as the exhaustion of IPv4 addresses means ISPs are finally running out.

The big disappointment here is that general IPv6 deployment really should have happened first, at least in my opinion, and that of others in the industry. At least if end users are able to do IP properly using IPv6 at the same time as suffering CGN on IPv4 they stand some chance of being able to use Internet based services that need some reliable end to end communication.

It is also unfortunate that there are many who do not understand the problems with NAT, and especially CGN. It is all very well people like myself saying NAT is evil, but it helps if people understand some of the reasons why this is the case.

This all stems from one of the fundamental design principles of IP, that every endpoint has a globally unique address. IP packets are addressed to the target address, and the addressing stays the same as the packet passes through a network. Each router sends the packet to a neighbouring router which is logically closer to the final destination. In fact, the only real thing to change on the way is a hop count or time to live which is there to stop infinite loops.

It is worth pointing out that this is not the only way to design a network - there are other ways. One could, for example, have a sort of circuit routed system (like phone calls) where you establish a connection and send packets using a local handle for the connection which is changed at each step via a pre-established route. ATM works a bit like this too. It is a way to do things, but does not allow the same level of re-routing when things break. Circuit switched systems handle capacity limits and re-routing round failure in different ways and would not be as good as the packet based routing used by IP.

The key problem with NAT is that it breaks this principle by changing IP addresses as packets pass through the network. It only works because some protocols, like TCP, have an handshake and some level of logical connection or session which can be tracked and mapped buy the device doing the NAT. This is not true of al IP based protocols, which simply don't work with NAT. It breaks all sorts of protocols which are designed for use by IP in the way it was designed. It is not the end of the world as protocol designers can work around NAT to some extent, and NAT systems can be fudged to understand specific protocols. Many NAT routers have a long list of protocols they know how to fudge which can even include games like Age of Empires. The problem here is a new interdependency between people making protocols and people making NAT boxes which never existed before, and creates flakey operation of networks and stifles development. It also means routers have to keep up with changes. Don't take my word for it though, this is a key point when people from RIPE talk about NAT even though it is RIPE that have run out of IPv4 addresses now.

Carrier Grade NAT adds an extra layer of problems. More normal NAT is done on a router in control of an end user. It has devices that connect on the LAN directly connected. This means that protocols like uPnP have popped up allowing devices to talk to the NAT router and arrange exceptions to the normal operation of NAT. It also allows applications like Skype to pre-empt the operation of routers, guessing the next port to be assigned for NAT. These are all very clever, but do not really scale to CGN. With CGN you are dealing with lots of end users, many of which are behind a layer of NAT at their router as well as the CGN. Devices cannot use uPnP with the CGN, and guessing ports is far less likely to work. Obviously new protocols could allow routers to interact with CGN, but if you are upgrading routers simply adding IPv6 is a much simpler answer to the problem.

There are other issues, such as running out of source ports. Other systems are also being used where each router gets an IP and a range of ports to use for its own NAT, so allowing several routers to share one IP address. This again means new router code at the end user, and so would be better done as IPv6.

We already see issues with NAT on individual routers, including running out of ports and running out of sessions. CGN faces the same problems on a larger scale, and is also costly for an ISP.

Ultimately CGN creates a sort of second class Internet access.

The problem is that, for vast numbers of people, this will mostly work. Anyone that simply checks email, accesses facebook and a few web sites, will probably be fine. If that is all the Internet was or could become, then NAT and CGN would be fine, but we know it can do more and over the years innovations have amazed us all - innovations that should not be stifled by short sighted ISPs ignoring IPv6. There is an irony that many of these common services, facebook, google and even games like WoW already work with IPv6.

There is another factor which is that IPv4 addresses become almost untraceable as they are used by more than one customer at a time and change from moment to moment. This could only work if an ISP has huge logs of every connection (a privacy issue and technical challenge). Even then, tracing a connection may require not just the source IP and port but the target IP and port as well because of overloading of ports. It would also require very accurate timestamps.

Anyway, our policy at A&A is that we have IPv6 (have done for over ten years) and it is standard now on all new connections (and has been for some years). Ultimately we will have to start charging for, and eventually, clawing back IPv4 blocks from customers, but we expect to be able to provide a fixed IPv4 non NAT WAN address to all customers for a long time to come - hopefully long enough to avoid considering CGN.

So, brave of plusnet, we'll all watch with interest.



I finally managed to make a new guild on World of Warcraft on the Horde side: AAISP Darkside, on Thunderhorn realm.

Mikey and I have been levelling a Horde character for a while now - as we both only play occasionally, and it is a shame none of that was gaining any guild reputation.

What was annoying is how long it took. They have made it a lot easier - all you need is four signatories, which means separately meeting 4 friends in-game and them clicking OK.

So basically I needed four friends, each with no life or at least prepared to log in for 5 minutes at the same time as me. It has taken me weeks! You can see why this is a questing guild as we would never manage to be logged on at the same time to do any sort of raids.

Anyway, we have me, two staff, two family and one customer in the guild now. Let the fun begin.


Thar be dragons!

It has been a busy week, especially when, on Tuesday, a large van arrived with our dragons in it - 84 boxes of them!

They are rather cute though.

I took a box to last night's LONAP AGM - fun evening - thanks for the Scotch, Seb.
I think they went down well :-)


The phone line is dead?

I am pondering doing a survey on this, but really, who uses a "traditional phone line" these days.

On my limited sample of friends and family it is rare. Everyone has a mobile to actually make phone calls these days!
  1. People have no phone line and just use mobiles
  2. People have a line, but it is only there for broadband
  3. People have a line, maybe for broadband and perhaps "just in case", e.g. calling 999, if mobile breaks, etc.
  4. People use VoIP (probably over broadband that uses a line)
  5. Some people really use a phone line to actually make and receive calls!
I wonder if phone lines are becoming just a legacy thing now. I don't even have copper pairs to my house.


Response to nominet .uk namespace consultation

Now I have the proposal in front of me this is my response to Nominet which I am emailing today.

F. About You: Nominet know exactly who I am and that I represent Andrews & Arnold Ltd in my reply as a nominet member, ISP and small business.

The proposals appear to deliberately confuse several aspects :-

1. Better quality of registrant details to make domain owners more accountable
2. Requirement for a UK service address for registrants
3. Use of DNSSEC
4. Malware scanning websites

I think that lumping these issues together in one consultation and making them all an aspect of a new area of domain space is misleading. These are mostly orthogonal issues which may want to be applied to .uk domains in various ways if they are sensible. As such I think the consultation itself is flawed.

The objectives are to make a more trusted domain space - this sounds good, but means you are making all existing .uk domain space less trusted! That is bad, very bad.

As the registrant of .net.uk, .co.uk, and .ltd.uk domains I am opposed to Nominet telling the general public that my domains are no longer to be trusted and forcing me to pay to register a .uk domains to regain that confidence.

G. Security: Offering a web site owner a malware scanning service is indeed a useful thing for many web site owners. I am sure many such services exist and will have their own "trust" mark of some sort shown on the sites in question. However, linking this to the working operation of the domain is very bad.

1. It confuses the remit of a domain registrar and virus scanning companies.
2. It makes the rather odd assumption that domains have to even have a web site and seems to ignore the many ways a domain can be used in connection with malware (e.g. as an email target).
3. It is unworkable as the website may have malware on secure areas of the site which cannot be "scanned"
4. It is unworkable as the website may host end user content for which the domain owner is not responsible, and result in a usable vector for taking a domain down but posting malware
5. It does not help user confidence as a website could easily contain links to external malware, which consumers would not realise are not part of the scanning process. Making them part of the scanning process makes things even more unworkable.

G. Security. DNSSEC. I think making DNSSEC mandatory is a good idea. This is, however, a separate issue and could be consulted on. One idea is that any new domain space under .uk should have DNSSEC mandatory, that a deadline be set for all new domain registrations in all .uk space to have DNSSEC mandatory, and a deadline for mandatory DNSSEC on existing domains with chasing of domain owners. One idea would be to make some of the existing space more trusted, e.g. mandate a deadline for all net.uk domains to have DNSSEC sooner.

H. Verification: This looks a long winded and costly and confusing process which will not actually add any extra security.

1. I am not entirely sure myself if I prefer to ensure a UK presence. This seems like a good idea though, and perhaps should be something considered for direct .uk registrations. Again, this is a separate issue, and making one part of .uk space more trusted than other parts is bad. Requiring a UK address could easily be something phased in for existing .uk domains.

2. A postal process of verification seems excessive. For a start, as you expect this to be companies, why not make it so the company registered office is always a "trusted" address and allow immediate registration to any company. Link in to Companies House to check company name and address. That is simple, automated, and passes the buck on address checking to someone else (Companies House). Indeed, why not make the company registered address part of whois for all domains registered to a company, not just the new direct .uk space?

3. Verification of an email contact would be useful and again, can be automated.

4. However, all of this is pretty academic. There are many "service address" services already and they will simply start offering service address services for UK domains for non UK domain owners, and for people not wishing to publish usable addresses. So is there really a point?

I. Third level sub-domains. Restricting sub domains is totally wrong and unworkable.

1. The whole idea of "owning" a domain is that it belongs to the person that bought it. If they then have restrictions on what they do with the domain then that means they don't really own it. None of the existing domains have restrictions on what can be done, either at a DNS level, or at the level of content on web sites or use of email addresses. This is a fundamental change to the way domains are used and inconsistent with the whole worldwide domain system.

2. I cannot see how the restrictions would work in practice. The idea is preventing "sale" of sub-domains. But what is "sale". I could sell web space on a sub-domain, which is not selling the sub-domain. I could sell DNS services on a sub-domain - not selling the sub-domain as such, and not even delegating by NS record, but to all practical purposes the same and clearly the same from a consumer point of view. I could "rent" a sub domain not "sell" it (which is what happens anyway). I could simple sell paths under the domain on a web site, which to a consumer would carry the same trust as the main domain but be someone else's web site.

3. Basically, if the "rules" allow any use of the domain by third parties which are not directly under registrant control, then you have the scope to have the uk.com type scenario and lack of consumer understanding. If you restrict so all use has to be under registrant control you stop a variety of "legitimate" use of a domain and make it a lemon.

J. Reserved and protected names: I do not quite understand what the hell you are saying here.

1. This seems to be suggesting restrictions on third level names within the new second level domains. This makes no sense. Again, owning a domain means doing what I like with it. How exactly will Nominet stop me putting "co" in my DNS? And why would they. There is nothing stopping me have com.aa.net.uk now as a fourth level domain, so why would there be a restriction on com.aa.uk ?

2. If this is in fact talking about the restrictions on second level domains, e.g. not allowing com.uk, then that is consistent with existing policies in top level domains, and not actually needed as most restricted domains of relevance already exist under .uk. This almost does not need to be a rule - nominet could simply register these restricted domains themselves first.

3. Restricting other second level domains - not sure why this is needed.

K. Phased Release: The way sunrise has been handled in other areas of .uk space worked reasonably well and I don't see a reason not to do the same. What I would say is that only UK registered trade marks should be considered, or considered with higher preference to non UK trademarks as this is, after all, .uk namespace. This also makes the process of validating a trademark simpler and ideally cheaper as the UK patent office has a web site that can be easily checked.

1. There is also a consideration that maybe existing .co.uk, .net.uk, .ltd.uk, .plc.uk holders should have some preference in a sunrise period. Obviously only on long standing domains predating the consultation. This would seem sensible if Nominet are forcing existing domain owners to get new domains in order to maintain any trust in the domain.

L. Channel to Market. Nominet seem to be saying that as a Nominet registrar, you don't already trust me to correctly register domains and you want me to jump through new hoops to somehow prove I am worthy. That is silly.

M. Existing domains. Obviously don't take away any existing sub domains. Some of them already have (or should have) higher trust such as .ltd.uk, .plc.uk and .net.uk.

N. General views.

1. The consultation is a confusing mix of different ideas which should be considered independently including considering how they apply to existing domains. Some of the ideas are good (DNSSEC). Direct .uk domain registration itself does not seem like a bad idea. Mixing it with other ideas, and making it have restrictions on DNS records allowed within the domain is crazy, and virus scanning web sites is not Nominet's job at all.

2. The objectives of the proposal appear to be to devalue trust in existing domains, which seems like a stunningly bad idea.


Second level .uk domains

There is a proposal by Nominet to allow the registration of second level UK domains, i.e. something.uk rather than something.co.uk, etc. It is a simple idea in principle and consistent with the fact top level domains are opening up, but is it sensible.

I have to say, I checked the nominet site and found Q&A on this, and all sorts, but not the actual detailed proposal. I only checked for a few minutes, but still - why is this not clear?

Firstly, and I am far from the first to point this out, there are separate issues here. Nominet are proposing that the second level domains also come with a load of "security" and "trust' checks that try to give consumer confidence in these domains. The issue of trust in domains and better checking of registrant details is a separate issue from opening the .uk domain to direct registrations.

So, first issue - opening .uk to second level registrations: To be honest I am in two minds on this. I like shorter domains (says someone with the domain e.gg) but I see the issues with diluting the existing registrations and ensuring everyone with any commercial name to protect has to now register yet another version of their domain. There is some sense that a "name" can be global (like, starbucks) and so warrant a top level domain or can be UK specific like us (AAISP) and warrant a .uk domain, but duplicating what we have now is just more work and confuses consumers even more.

If we do open second level domains we need a sunrise period and auction like the two letter .co.uk and so on, but i would think a GB trademark registration should take priority over a non GB registration as we are talking UK domains here. We also want a price just high enough to stop the main domain squatters but be commercially sensible, e.g. £50 not £5 or some such. That's my view, if we think it is sensible anyway. If .uk is for commercial use one would think perhaps .co.uk owners get first choice of .uk, but then surely more restrictive .plc.uk and .ltd.uk and .net.uk should come before them?

The separate issue is the checking of domains in some way to engender trust. This seems odd for any registrar. The idea of adding security is odd. I can slightly see a new domain space demanding DNSSEC perhaps - that simply helps technical improvements in the quality of DNS and is not really an issue. I can see some merit in confirming contact details but I am not sure any postal service is sensible. The postal one could be done by a public enforcement - e.g. anyone reporting invalid contact details gets first refusal to take the domain when deregistered for having invalid details, perhaps. That is my somewhat controversial idea there, but the risk of simply losing a domain would ensure good contact details and the benefit of winning a domain would encourage public scrutiny of contact details for free. Probably possible to work around somehow.

There is an idea of virus scanning a domain. Now this seems crazy for a registry to even consider. Domains and web sites are not the same thing. A domain can be used for any number of things not a web site. There is merit in some verifiable independent checking of a web site but is this the role of a registrar. It is an idea to consider, but not a Nominet issue, surely.

I hear they are also trying to stop selling third level domains which has to be nonsense and unenforceable. I hope to find the definition of this but it is mad.

So, my plan it to try and get my hands on the actual proposal and pull it to bits properly.


Discount Communication Online Store

Clearly a reputable establishment, they sell something called a "Mills Line Tester", this is the picture (right) and is the same as on other web sites selling these.

However, what arrives is somewhat different!

For a start, it is not "Mills" anything (I assume Mills is the manufacturer),  It claims to be an "Eaglehawk Product". It also has "C.E." (yes that is not a CE mark), and a "Patented Product". Hmm.

This is what it actually looks like when it arrives :-

We took it apart, and it looks like this :-

Note the way the plug is crimped - looks to have been done with a screwdriver blade and not a crimp tool.

We won't be using these, or anything else from this supplier :-)

ISO8601 is wasted

Why did we even bother? Why create ISO8601? A new API, new this year, as an industry standard, has JSON fields like this "nextAccessTim...