Parent friendly holiday


OLYMPUS DIGITAL CAMERA

Well it’s already two weeks since we got back from our first family holiday, and I did promise to report back, so while Buzz Light-toddler appears to be sound asleep here’s a very quick review of our stay in Dorset.

The plan was to find somewhere close to home in case things didn’t go too well. There was also a slight danger that we’d need two cars/trips to get everything there, so we wanted to find somewhere already equipped for babies. We found Hastings Farm Cottages on the Child Friendly Cottages website, and it had all the big stuff (cot, highchair, pushchair, etc.) provided, giving us a fighting chance of packing everything else for our four month night stay into a relatively small car!

I have no idea if all the Child Friendly Cottages are the same standard but Cowslip Cottage was excellent and came with everything we needed. Well, except for electricity for a bit but we were looked after with some hot water for an emergency cup of tea! (Entertainingly there was a small field of solar PV panels nearby but those were no use when the main supply is off, to protect the inverter- luckily they also had a generator to plug the kettle in to!)

It may not be far from home but Dorset has plenty of things to keep a toddler entertained, and Hastings Farm was a fabulous spot. We arrived with a baby, who decided it was a perfect place to start walking, so we had our own entertainment- chasing a new toddler!

Fortunately everyone survived and we now know that we can manage holidays, and we probably don’t need a bigger car. (They need less stuff when they get older, right?) So, any suggestions for where to go next?

Certifiable


I recently switched to a new ISP, who have so far been excellent, however they use certificates signed by CAcert. While I generally agree with the principle behind that decision, it does make life difficult. They cheerfully say, “You can check the certificate is signed by CAcert, if you like, before accepting it.” But how?

Warning: the following approach to checking the certificate is signed by CAcert is quite likely to be rubbish, so it’s probably not a good idea to follow it! In my defense, it seemed like a reasonable balance between just accepting some random certificate and complete paranoia but if you know a better way, please let me know.

They aren’t on Windows but the CAcert root certificates are already included in various places, so it turns out that the simple answer might be to grab the certificate from a suitable Linux distribution. Just to be on the safe side, I wanted to find a distribution I could download securely. The best option I found was Tails, which has a secure download and, for extra peace of mind, can be verified with OpenPGP.

My chosen method for trusting the tails signing key was a tad more interesting on Windows due to the lack of an sha256sum command. Luckily it seems you can do anything in PowerShell, so with a little help from Brian Hartsock’s blog, this did the trick instead:

$ha = [System.Security.Cryptography.HashAlgorithm]::Create(“SHA256″)
$stream = New-Object System.IO.FileStream(“tails-signing.key”, [System.IO.FileMode]::Open, [System.IO.FileAccess]::Read)
$sb = New-Object System.Text.StringBuilder
$ha.ComputeHash($stream) | % { [void] $sb.Append($_.ToString(“x2″)) }
$sb.ToString()

 

All good, certificate verified. I would still rather Andrews & Arnold just used a proper certificate though: there are clearly problems with trusting all the certificate authorities that are included in browsers/operating systems by default but CAcert doesn’t exactly look like a fantastic example either, and normal users really don’t have any chance of making a more informed choice.

Spy on them?


Apparently today is the day we fight back, with the launch of Don’t Spy On Us in the UK.

lynsey_wells83-slow-down

It’s puzzling why digital interactions are somehow viewed differently to other aspects of everyday life. I suspect the economics of getting away with mass surveillance online vs. offline has a lot to do with it. Whatever the reason, making it explicit that our offline rights extend online is well overdue. The six proposed principles don’t seem all that unreasonable:

1. No surveillance without suspicion
Mass surveillance must end. Surveillance is only legitimate when it is targeted, authorised by a warrant, and is necessary and proportionate.

2. Transparent laws, not secret laws
The Government is using secret agreements and abusing archaic laws. We need a clear legal framework governing surveillance to protect our rights.

3. Judicial not political authorisation
Ministers should not have the power to authorise surveillance. All surveillance should be sanctioned by an independent judge on a case-by-case basis.

4. Effective democratic oversight
Parliament has failed to hold the intelligence agencies to account. Parliamentary oversight must be independent, properly resourced, and able to command public confidence through regular reporting and public sessions.

5. The right to redress
Innocent people have had their rights violated. Everyone should have the right to challenge surveillance in an open court.

6. A secure web for all
Weakening the general security and privacy of communications systems erodes protections for everyone, and undermines trust in digital services. Secret operations by government agencies should be targeted, and not attack widely used technologies, protocols and standards.

If we miss this opportunity, there’s a real risk to democracy. How is oversight possible if the people you’re overseeing know things about you that you’d rather keep private. My last MP, a candidate for the Lib Dem leadership, certainly had things to hide. Perhaps we need to know more about MPs. A lot more.

Photo © Veronica Aguilar (CC BY-NC-ND 2.0)

Unfiltered


According to BT its parental controls are ‘completely customisable’ and apparently it is possible to add specific sites to allow or block which, unless you’re Claire Perry, is obviously essential. Even so I’ve experienced just how pointless internet filters are before, so I’m keen to avoid ‘porn’ filters on my home broadband connection for as long as possible.

CoffeeGeek-filter

I don’t know how filtering works on other ISPs but these are just a few of the problems with BT’s implementation which contributed to an upcoming switch to a completely unfiltered broadband provider:

  • Applies same filtering to every device… hopefully there aren’t actually any homes without adults around. Apparently they do allow you to schedule when the filter is active but that seems like a solution from the last century.
  • There’s no way for me to find out if a site would be blocked by the filter. There are sites I might want to make certain are blocked but I obviously wouldn’t want to have to visit them to find out!
  • There’s no way for site owners to find out if their own site would be blocked by the filter.
  • The standard filtering has a couple of glaring omissions which I would be interested in: I want to block adverts targeted at children, and I want to block any form of tracking.

There are more details of BT’s filtering in the Open Rights Group blog post, BT answers our questions about parental controls.

Photo © Mark (CC BY-NC-ND 2.0)

2013 in review


[Cheating, just in case I don't finish a real post in January!]

The WordPress.com stats helper monkeys prepared a 2013 annual report for this blog.

Here’s an excerpt:

The concert hall at the Sydney Opera House holds 2,700 people. This blog was viewed about 25,000 times in 2013. If it were a concert at Sydney Opera House, it would take about 9 sold-out performances for that many people to see it.

Click here to see the complete report.

Getting a handle on social MDM


Since this is the first work related post for a while, it’s probably a good idea to drop in the usual disclaimer as a reminder: “The postings on this site are my own and don’t necessarily represent IBM’s positions, strategies or opinions.”

Anyway, I recently spotted an MDM enhancement request, Improve Better support for social handle support, and it seemed odd that there wasn’t already something in the data model that could do a better job than using misc values. There are probably several options but I think this is what I’d do…

Add a new “Social Network” contact method category, and associated contact method types, for example: “Twitter”, “LinkedIn”, etc. Here’s what those look like in the Business Admin UI:

cdcontmethcat

cdcontmethtp

Now you can just add social network contact methods in the same way as you would for telephone numbers and email addresses, which means you get all the standard functionality you’re likely to need.

For example, here’s what an example getPerson response looks like with my Twitter and LinkedIn details:

<?xml version="1.0" encoding="UTF-8"?>
<TCRMService xmlns="http://www.ibm.com/mdm/schema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ibm.com/mdm/schema MDMDomains.xsd">
    <ResponseControl>
        <ResultCode>SUCCESS</ResultCode>
        <ServiceTime>17</ServiceTime>
        <DWLControl>
            <requesterName>mdmadmin</requesterName>
            <requesterLanguage>100</requesterLanguage>
            <requesterLocale>en</requesterLocale>
            <userRole>mdm_admin</userRole>
            <requesterTimeZone>EST5EDT</requesterTimeZone>
            <requestID>247353</requestID>
        </DWLControl>
    </ResponseControl>
    <TxResponse>
        <RequestType>getPerson</RequestType>
        <TxResult>
            <ResultCode>SUCCESS</ResultCode>
        </TxResult>
        <ResponseObject>
            <TCRMPersonBObj>
                <PartyId>531938348064117624</PartyId>
                <DisplayName>James Taylor</DisplayName>
                <PartyType>P</PartyType>
                <CreatedDate>2013-11-03 07:10:40.909</CreatedDate>
                <PartyLastUpdateDate>2013-11-03 07:10:41.175</PartyLastUpdateDate>
                <PartyLastUpdateUser>mdmadmin</PartyLastUpdateUser>
                <PartyLastUpdateTxId>153838348064091041</PartyLastUpdateTxId>
                <PersonPartyId>531938348064117624</PersonPartyId>
                <PartyActiveIndicator>Y</PartyActiveIndicator>
                <PersonLastUpdateDate>2013-11-03 07:10:41.767</PersonLastUpdateDate>
                <PersonLastUpdateUser>mdmadmin</PersonLastUpdateUser>
                <PersonLastUpdateTxId>153838348064091041</PersonLastUpdateTxId>
                <TCRMPartyAddressBObj>
                    <PartyAddressIdPK>537638348082796792</PartyAddressIdPK>
                    <PartyId>531938348064117624</PartyId>
                    <AddressId>539338348085784022</AddressId>
                    <AddressUsageType>3</AddressUsageType>
                    <AddressUsageValue>Business</AddressUsageValue>
                    <StartDate>2013-11-03 07:13:47.966</StartDate>
                    <PreferredAddressIndicator>Y</PreferredAddressIndicator>
                    <AddressGroupLastUpdateDate>2013-11-03 07:14:17.854</AddressGroupLastUpdateDate>
                    <AddressGroupLastUpdateUser>mdmadmin</AddressGroupLastUpdateUser>
                    <AddressGroupLastUpdateTxId>537038348085749779</AddressGroupLastUpdateTxId>
                    <LocationGroupLastUpdateDate>2013-11-03 07:14:17.839</LocationGroupLastUpdateDate>
                    <LocationGroupLastUpdateUser>mdmadmin</LocationGroupLastUpdateUser>
                    <LocationGroupLastUpdateTxId>537038348085749779</LocationGroupLastUpdateTxId>
                    <TCRMAddressBObj>
                        <AddressIdPK>539338348085784022</AddressIdPK>
                        <ResidenceType>11</ResidenceType>
                        <ResidenceValue>Office</ResidenceValue>
                        <AddressLineOne>IBM UK Ltd</AddressLineOne>
                        <AddressLineTwo>Hursley Park</AddressLineTwo>
                        <City>Winchester</City>
                        <ZipPostalCode>SO21 2JN</ZipPostalCode>
                        <CountryType>183</CountryType>
                        <CountryValue>Great Britain and N Ireland</CountryValue>
                        <AddressLastUpdateDate>2013-11-03 07:14:17.839</AddressLastUpdateDate>
                        <AddressLastUpdateUser>mdmadmin</AddressLastUpdateUser>
                        <AddressLastUpdateTxId>537038348085749779</AddressLastUpdateTxId>
                    </TCRMAddressBObj>
                </TCRMPartyAddressBObj>
                <TCRMPartyContactMethodBObj>
                    <PartyContactMethodIdPK>533238348104476375</PartyContactMethodIdPK>
                    <PartyId>531938348064117624</PartyId>
                    <ContactMethodId>534438348104476393</ContactMethodId>
                    <ContactMethodUsageType>10</ContactMethodUsageType>
                    <ContactMethodUsageValue>LinkedIn</ContactMethodUsageValue>
                    <SolicitationIndicator>N</SolicitationIndicator>
                    <StartDate>2013-11-03 07:17:24.762</StartDate>
                    <ContactMethodGroupLastUpdateDate>2013-11-03 07:17:24.778</ContactMethodGroupLastUpdateDate>
                    <ContactMethodGroupLastUpdateUser>mdmadmin</ContactMethodGroupLastUpdateUser>
                    <ContactMethodGroupLastUpdateTxId>535838348104476350</ContactMethodGroupLastUpdateTxId>
                    <LocationGroupLastUpdateDate>2013-11-03 07:17:24.762</LocationGroupLastUpdateDate>
                    <LocationGroupLastUpdateUser>mdmadmin</LocationGroupLastUpdateUser>
                    <LocationGroupLastUpdateTxId>535838348104476350</LocationGroupLastUpdateTxId>
                    <TCRMContactMethodBObj>
                        <ContactMethodIdPK>534438348104476393</ContactMethodIdPK>
                        <ReferenceNumber>http://www.linkedin.com/in/taylorjm</ReferenceNumber>
                        <ContactMethodType>3</ContactMethodType>
                        <ContactMethodValue>Social Network</ContactMethodValue>
                        <ContactMethodLastUpdateDate>2013-11-03 07:17:24.762</ContactMethodLastUpdateDate>
                        <ContactMethodLastUpdateUser>mdmadmin</ContactMethodLastUpdateUser>
                        <ContactMethodLastUpdateTxId>535838348104476350</ContactMethodLastUpdateTxId>
                    </TCRMContactMethodBObj>
                </TCRMPartyContactMethodBObj>
                <TCRMPartyContactMethodBObj>
                    <PartyContactMethodIdPK>539138348072352465</PartyContactMethodIdPK>
                    <PartyId>531938348064117624</PartyId>
                    <ContactMethodId>532838348072329035</ContactMethodId>
                    <ContactMethodUsageType>9</ContactMethodUsageType>
                    <ContactMethodUsageValue>Twitter</ContactMethodUsageValue>
                    <PreferredContactMethodIndicator>Y</PreferredContactMethodIndicator>
                    <StartDate>2013-11-03 07:12:03.523</StartDate>
                    <ContactMethodGroupLastUpdateDate>2013-11-03 07:12:03.57</ContactMethodGroupLastUpdateDate>
                    <ContactMethodGroupLastUpdateUser>mdmadmin</ContactMethodGroupLastUpdateUser>
                    <ContactMethodGroupLastUpdateTxId>536538348072325964</ContactMethodGroupLastUpdateTxId>
                    <LocationGroupLastUpdateDate>2013-11-03 07:12:03.523</LocationGroupLastUpdateDate>
                    <LocationGroupLastUpdateUser>mdmadmin</LocationGroupLastUpdateUser>
                    <LocationGroupLastUpdateTxId>536538348072325964</LocationGroupLastUpdateTxId>
                    <TCRMContactMethodBObj>
                        <ContactMethodIdPK>532838348072329035</ContactMethodIdPK>
                        <ReferenceNumber>@jtonline</ReferenceNumber>
                        <ContactMethodType>3</ContactMethodType>
                        <ContactMethodValue>Social Network</ContactMethodValue>
                        <ContactMethodLastUpdateDate>2013-11-03 07:12:03.289</ContactMethodLastUpdateDate>
                        <ContactMethodLastUpdateUser>mdmadmin</ContactMethodLastUpdateUser>
                        <ContactMethodLastUpdateTxId>536538348072325964</ContactMethodLastUpdateTxId>
                    </TCRMContactMethodBObj>
                </TCRMPartyContactMethodBObj>
                <TCRMPersonNameBObj>
                    <PersonNameIdPK>533538348064198718</PersonNameIdPK>
                    <NameUsageType>7</NameUsageType>
                    <NameUsageValue>Preferred</NameUsageValue>
                    <PrefixType>14</PrefixType>
                    <PrefixValue>Mr.</PrefixValue>
                    <GivenNameOne>James</GivenNameOne>
                    <StdGivenNameOne>JAMES</StdGivenNameOne>
                    <LastName>Taylor</LastName>
                    <StdLastName>TAYLOR</StdLastName>
                    <PersonPartyId>531938348064117624</PersonPartyId>
                    <StartDate>2013-11-03 07:10:41.986</StartDate>
                    <PersonNameLastUpdateDate>2013-11-03 07:10:41.986</PersonNameLastUpdateDate>
                    <PersonNameLastUpdateUser>mdmadmin</PersonNameLastUpdateUser>
                    <PersonNameLastUpdateTxId>153838348064091041</PersonNameLastUpdateTxId>
                    <LastUpdatedBy>mdmadmin</LastUpdatedBy>
                    <LastUpdatedDate>2013-11-03 07:10:41.986</LastUpdatedDate>
                </TCRMPersonNameBObj>
                <DWLStatus>
                    <Status>0</Status>
                </DWLStatus>
            </TCRMPersonBObj>
        </ResponseObject>
    </TxResponse>
</TCRMService>

Does that sounds sensible? Are there any enhancements? For example, I wonder about standardization: I put an ‘@’ on my Twitter ID, but I can easily imagine several variations ending up in there. I’ll leave that as an exercise for another day!

Check out the MDM Developers community for much more useful MDM related posts, forums and other resources.

Heritage Open Days 2013


Three years on from discovering that Clayton Tunnel was open to visitors for the Heritage Open Days event, we finally managed to book a tour. No mean feat as this was the first time we’d been away from home with a baby! It was such a hot day, I’m glad we left the baby with the grandparents…

OLYMPUS DIGITAL CAMERA

…ok, there may have been a spot of rain. Very pleased I had a human shield to take the worst of the bus-induced puddle tidal wave!

Fortunately the tour was well worth the wait, and the drenching. The current resident knows a thing or two about the cottage and its history, and the view out of the window is certainly unique, if not a little disconcerting.

I’ve lived right next to a railway before and, while not quite as calm as our host described (it’s amazing what you can tune out!), this was much much quieter.

There are some much better photos, and contact details, on the Clayton Tunnel webpage.