Monday, 11 April 2016

IP address != address

For years I have been saying that the belief one IP address equals one household is rubbish and harmful. One IP address equals one router, or computer, or even an entire network hidden behind that one address which the outside world can’t see. Our provider like many in the UK uses rotating IP addresses, which can be fun when they shift and either you’re locked out or suddenly someone starts assuming you are someone you’re not (although seeing their google ads after a switch is sometimes amusing). It’s even more fun because the local college has one IP address, thanks to a security minded sysadmin. 600 odd people, changing every year, all on the same IP… It plays havoc with many US sites. And now it turns out that even law enforcement make these stupid mistakes. Not to mention scam victims, etc. and you don’t have to be on a rotating IP to cause the issue. It just takes one large company deciding to use your house as default: http://fusion.net/story/287592/internet-mapping-glitch-kansas-farm/ Maximind are moving the locations to the centre of bodies of water, but meanwhile I hope either they are going to compensate the victims for years of harrassment, that when it comes down to it are entirely their own fault. I use an open source system. If it can’t find a location for an IP, guess what it returns? Not a made-up map location, but a country code. It’s only one more function guys. Add it. And good for Fusion for figuring this out.


This blog has now moved to http://www.rablogs.co.uk/tirial, where the original article can be found.  IP address != address - http://rablogs.co.uk/tirial/2016/04/11/ip-address-address/ was published on April 11, 2016 at 11:29 am.

Thursday, 7 April 2016

Academic theft - against me?

I needed some data on the TJX case, so I went to google, expecting to find a few articles. The first one I found was from the University of Sydney, so I was curious and clicked on it. Oh, I thought, this looks familiar. Yeah. It’s several large chunks of my old squidoo article on the TJX case. In fact the first page and a half are pretty much my old article word for word. It has been put up uncredited, in PDF format, with no link to the source, no link to where my article has moved to, and they are taking my traffic because google ranks their data first. Squidoo was not Creative Commons and nor is Wizzley. I have put some of my work up under that, but not on those sites, it is all clearly marked, and it requires attribution and link back. This has happened before, and you might recall I always go after the culprits. I’m just shocked that this time it is a University responsible and it has done it this blatantly. This is theft. Every click to wizzley or squidoo I have lost over the years because someone clicks this instead has cost me at least one cent. I am trying to resolve this. I’ve tweeted them. If they don’t respond I’ll be calling their ISP about stolen data. DMCA takes far too long, and if they are like the last bunch it gets ignored. Of course, my contact data is available on any site they could have harvested it from, so it does raise the question of why they didn’t ask first. We’ll find out whether this was deliberate, the action of one misguided staff member, or an oversight, depending on their reaction. If they apologise and add a cannonical, my credit, or a link, it may have been a mistake or oversight, and we can sort it out. Otherwise, just for once in an IT matter, my membership of the Society of Authors is likely to come in more handy than my IPSE membership (although it is the second that gives me legal cover in these matters). Meanwhile for anyone who wants the actual live article it is on wizzley: https://wizzley.com/tjx-data-loss-and-security-breach-case/ It was up on squidoo before 2008, moving to wizzley when the site shut. I have an archive copy on hubpages with a registered date. The borrowed one? http://sydney.edu.au/engineering/it/~info5990/Supplements/Week07_Malware&Security/Supp07-4TJXCaseDetails.pdf – Put up in 2012 by its header info. You might notice just how close the first few paragraphs are.


This blog has now moved to http://www.rablogs.co.uk/tirial, where the original article can be found.  Academic theft - against me? - http://rablogs.co.uk/tirial/2016/04/07/academic-theft-against-me/ was published on April 7, 2016 at 7:31 am.

Friday, 25 March 2016

Fixing the National Lottery

No, not the draw, the payout system that is badly broken. In the last draw, people who got 3 numbers received £25. Those who got 5 received £15. In total. Not surprisingly there have been a lot of complaints. Camelot are saying they can do nothing about it, which is not true, but they would have to make a change to their payment system.
At the moment, payment is made by tiers, with amounts at each tier shared between those on that tier only. If there are too many winners on a small tier they get a very low payout.

How could Camelot fix this?

Basic maths.

You change the payout system to make it cumulative:
All users who get 3 numbers or more get £25.
All users who get 4 numbers or more get an additional share of the four number tier
All users who get 5 numbers or more get an additional share of the five number tier
All users who get 5 numbers & bonus more get an additional share of the bonus tier
All users who get 6 numbers get an additional share of the jackpot

So with the lottery last week:

Prize fund of £31,543,974 1,065,158 winners
Prize fund per tier:Numbers:Paid to: Total Paid: Remaining Fund: Each Winner Get:
£253126,199 £3,154,975£28,388,999£25
£33.5411,967£401,829£27,987,170£58.5
£14.9754,088£61,230£27,925,940£73.47
£10,0165+ 6£60,096£27,865,844£10,089.47
6no winners

This wouldn’t even reduce the overall prize fund to carry forward by much. It would make sure that a result like last Wednesday’s never happens again. What it can’t solve is the size of the tier allocations which are rather small, and the extra ten balls that reduce the winning odds to levels that are near daft.

But it would be a start.



This blog has now moved to http://www.rablogs.co.uk/tirial, where the original article can be found.  Fixing the National Lottery - http://rablogs.co.uk/tirial/2016/03/25/fixing-the-national-lottery/ was published on March 25, 2016 at 8:09 pm.

Thursday, 17 March 2016

A Domain Affair

So I picked up a copy of the Daily Mail (I know, but it is free and fits the cats’ litter tray perfectly) and saw this: Wheelchair-bound Tory disability campaigner sabotages party’s own website

A typical Mail headline in using the word ‘sabotage’ which is not accurate: he actually withdrew services, but I don’t expect the Mail to be highly technical.

However there is something in this article aside from the budget cuts that makes me see red. It still comes from the Tory party however, and it reads thus:
A Conservative Party spokesman said: ‘The Conservative Disability Group has not deactivated its website. ‘The owner of the domain, who is no longer a member of the Group, has deactivated it without any instruction to do so.’
If the man owns the domain and has all rights to it, then The Conservative Disability Group has no right to instruct him to do anything.

So I checked: http://www.whois.com/whois/conservativedisabilitygroup.org.uk
It is registered as type: UK Individual.
The address is of the gentleman’s company, Here2Support, not the Conservative Disability Group.

If the Conservative Disability Group had been paying for hosting and registration, it would normally be expected to be under their name and listed an organisation. Instead they know he owns it: note the “owner of the domain” in their statement. This is a pretty certain indicator that the gentleman has been providing it off his own back.

So why on earth do they think they have the right to instruct him to do anything, with a site they don’t own?

I’ve run into a similar problem with politicians before who refused to pay for the domain or hosting and assumed that we’d continue eating bills to keep a site up for them for free. We sent the email to Nominet, who laughed a lot and directed us to a section in their domain ownership rules: this PDF, specifically section 3.a.II.V.B. so, dear readers, a question for you:

If someone registers a domain for a third party and the third party doesn’t pay for it, the third party has what rights to the domain under dispute resolution?

None. Zilch. Squat.

What right do they have to force the currently registered party to sell to them at market rate?

None.

Even if not, check the Tesla case (finally settled for an undisclosed sum). As long as the current owner isn’t trying to extort money, infringing trademarks, or using it in a defamatory fashion (critiquing is fine), it is all theirs. And they have an absolute right to refuse to sell or to refuse the use of that domain to the third party.

Now, Mr. Ellis message on the website indicates that he was providing hosting: “owner of the hosting package Graeme Ellis”. The spokesman’s indicates that Mr Ellis owns the domain name: “The owner of the domain…”, so what of the site did the Group actually own? Sorry, but I suspect if the Group had been paying they wouldn’t be talking about instructions, they’d be talking breach of contract and the hosting and domain would have been under their name. They may produce receipts to prove this wrong, but somehow I don’t think so.

It would however be ironic that the Conservative Disability Group, meant to support the disabled, was expecting a wheelchair user to pay their bills for them and then lost their site because of the cuts their government made.

P.S. A domain is around £10. A Tory group can’t afford that?



This blog has now moved to http://www.rablogs.co.uk/tirial, where the original article can be found.  A Domain Affair - http://rablogs.co.uk/tirial/2016/03/17/a-domain-affair/ was published on March 17, 2016 at 11:47 am.

Sunday, 10 January 2016

Dear Argos...

Dear Argos, If I am checking for something on your site it is because I want to pick it up in the next thirty minutes or next day at 08:30 when your store opens. If you tell me it is not in stock, but I can order and collect it, I will just go straight to Amazon. Don’t tell me to order it for home delivery for only £3.95. Again, I can use Amazon to get the product cheaper and they will delivery it to me free. If I am looking at your site it is because you have stores with stock that I can walk in and purchase right now, a convenience Amazon simply can’t match. So how about you put some of that stock in the stores? Because when every store in a ten mile radius doesn’t stock any of the nine product variants I am looking for, but all can order it in within 24 hours, that rather means you have it in a hub, not one of the stores where people can buy it. That doesn’t make you look very competent. And because Boots actually have it in their shop, even at £10 more expensive, that 24 hours has just cost you the sale. Because if someone if looking at a Bricks and Mortar store, it is because time matters. Regards, Me


This blog has now moved to http://www.rablogs.co.uk/tirial, where the original article can be found.  Dear Argos... - http://rablogs.co.uk/tirial/2016/01/10/dear-argos/ was published on January 10, 2016 at 9:05 pm.