Nov 302016

WWF StatsI have been playing ‘Word with friends’ for several years. I have played something over 1600 games so far, mostly against family and friends. I win more than I lose, this is mostly because I have a fairly large vocabulary, I am pretty good at pattern recognition and also I try words that I think might be legal.

Sometimes I will play a random player, just to see how I stack up against others. Again, I am usually pretty good.

So imagine my surprise when a random person, with whom I have been very closely matched over many, many games for a couple of years, suddenly ups their game. The scores went from 320ish each and a very close parity in won/lost stats, to an absolute demolition. In the last game we played they scored 617 to my 341, the previous game to that was 558 to my 337. Prior to that it was something like 500/350.

Words with friends is a game where improvements come gradually, my average score has increased by a small number of points per game over the years, because I have learnt how to avoid giving others big score chances and how to leverage the multipliers.

So, how has this person suddenly got a whole lot better – and, I may add, a whole lot faster so quickly ?  Continue reading “Cheating at Words with Friends” »

Nov 162016

img_3780If you are not aware of PlanetX bikes, then you are probably not into bicycles and you should probably skip this blog entry entirely. If on the other hand you are aware of them, then I probably do not need to tell you much about the company, because you probably already know.

I’ve been riding mountain bikes for a long time, probably 15 years or so, the last mountain bike I had was a home-brew bike that was literally made out of discounted parts from local bike shops and the internet. It had a 2×10 Shimano XT drivetrain and very high end, but previous year components. It was fast and fun to ride. It was also a 26’er, which in modern terms means that it was archaic and not worth bothering with. I disagreed.

Earlier in the year PlanetX had a sale – again if you know them, this is absolutely nothing new, they are always selling something cheaply. I took advantage of the cycle-to-work scheme and snagged a 45650B with pretty much every option maxed-out within the limits of the scheme. The pre-sale price was something over £2000, talking off the VAT and making the payments pre-tax I will end up paying way under £1000.

The name 45650B comes from the bikes ability to run 4, 5 or 6 inches of front travel and 650B wheels 4-5-650B, get-it ?

Configuring it was hilarious, ‘would sir like a dropper seat-post’, oh, yes please ! Would Sir like the upgraded brakes ? Obviously, and the ? check, check, check, check, double-check. The only things I did not upgrade were the saddle and the handlebars. Honestly I probably should have done, but I wanted to ride it before I committed to changing the touch points.

In hindsight, the saddle is terrible and the bars are a tad wide for me. The bars are an easy fix, the saddle less so.

So, what did I get for my money then ?

A steel framed, hard-core trail monster ! Continue reading “Bike review – On-One 45650B” »

 Posted by at 3:23 pm
Nov 152016

KirkAsk anyone what the best gig they have ever been to is, and you will get a multitude of answers.

Some may say that it was a mega stadium hair-band thing, others a small intimate performance is way better. For me though, it was neither, it was simply a very unexpected gig that made me smile.

Back in October 2004 we went to the El-Ray theatre in Los Angeles, a small venue with seating capacity of apparently just seven hundred and seventy one people. I would have guessed lower than that, but irregardless it was packed out. Sure there were ticket touts selling outside the door, but they seemed to be running low while we queued to get in.

Ben Folds was playing a gig. He has never really done the ‘big stadium’ thing, his style and music does not really translate to big audiences. I had seen him play at a small venue in Solana Beach called the Belly Up Club (capacity 450 ish) a couple of years prior and really wanted to see him again. Our seats were on the left, but close to the stage.

There was a buzz, there was chat that there was a special guest, that that guest might be William Shatner. That you could buy a copy of the (rather good) William Shatner CD called ‘Has Been’ from the merchandise stand seemed to confirm this, but there was no official word.  Continue reading “The best gig ever…” »

 Posted by at 3:08 pm
Nov 082016

Open DoorThe news is full of the US elections today, but yesterday there was a different headline.

‘Thousands of Tesco Bank Customers lose money’

Or similar to that.

Immediately the security world started to look into the reports. Within minutes links to previous issues were being pointed out, within hours a big old game of ‘join the dots’ was mostly complete.

So, what happened ?

Well quite a few things it would appear. Mostly, from guess work and taking the odd peak at the defences that Tesco put up is looks like this.

  • The main web site – still supports TLS v1.0 – this is utterly stupid. TLS 1.0 is long deprecated due to the ease with with a malicious actor can perform a ‘Man in the Middle’ attack.
  • There are literally hundreds of phishing sites that appear to be aimed at tesco. A simply search using a database of domains logged 214 domains added within the last six months that contain ‘tesco’, of which 12 of them appear to refer to bank or other financial products. None of these are owned by Tesco.
  • The password requirements appear to be rather dumb – 6-10 characters, mix of letters and numbers, no special characters and upper/lower case treated the same.
  • Getting the password wrong many times does not appear to lock out the account.
  • There does not seem to be any place for multi-factor authentication (MFA)

Actually figuring out which of these vectors a malicious actor actually took is quite difficult.

Continue reading “The (Tesco) Bank Job” »

 Posted by at 2:45 pm
Nov 012016

I am not going to get an iPhone 7.

This is weird for me, because almost every year since the very first iPhone came out, I have caved in and bought one within a few weeks/days/hours of its release. Worse still my entire personal computing infrastructure is built around Apple products. I have a MacBook Air, an iPad, iPhone and even an Apple watch.

So, I hear you ask, why not an iPhone 7 if you have had near all of the predecessors ? Continue reading “The iPhone 7” »

 Posted by at 6:00 pm
Aug 102016

A Squid

In motorcycling terms, a squid is the name given to bad rider that wears minimal protective clothing and rides a bike way beyond their abilities.

The term ‘squid’ refers to the way that they look after they have been scraped up off the road.

Sadly, motorcycle licensing in the US is very bad. A license is obtained simply by completing a safety course which contains no street riding and no speeds beyond about 25mph.

Other than a small insurance discount for having passed a test, there is pretty much no incentive. You can simply walk into a dealer and buy the fastest bike on the planet and ride out. Obviously a riding buddy can teach you all you need to know in a few minutes because riding a motorcycle is dirt easy. Right ???

Sometime a wannabe rider will ask experienced bikers for their opinion on a good starter bike. Almost without fail the conversation goes like this.

Q. Hey guys I’m looking to start riding, I’m thinking about getting a Kawaduci 1000RRR as a first bike, is there anything (sic)  I need to know ?

editors note: The more R’s in a bike model name, the more it is aimed at racing use rather than street use. Additionally, 1000cc bikes make 150-200hp and are absolute spaceships, our wannabe rider here is aiming way too high.

Continue reading “Squidly Mc.Squidface” »

Aug 012016

Passwords are rubbish.

They are an inherently flawed method of securing your information.

Don’t believe me ?

If your password is less than seven characters long, it can be cracked in minutes using cheap off-the-shelf computing hardware.

If it is longer than seven, but still a word that appears on a word list, even if you substitute e’s with 3’s and sprinkle capital letters in there, again it is rubbish.

There are wordlists out in the real word that have  60 billion words on it, while that number might seem high, a dedicated pawed cracking machine that costs less than $5000 will check 6 billion combinations per second. Continue reading “Even with a password manager….” »

May 252016

As regular readers will know, on August 1st 2014, an errant driver in a Toyota Aygo hit me while I was riding my bicycle.

The crash was pretty brutal, I broke my collarbone.

The break was a bad one, three surgeries later I am still not fixed.

Today I was seen by the medical assessor who will create the report for the insurance company that will be looking to settle my compensation claim.

This is the final opinion, it has been close to two years, it is time to put this to bed once and for all.  Continue reading “Crash – the last update ?” »

 Posted by at 6:32 pm
Mar 242016

I used to think that the next American civil war would be caused by an uprising of the great unwashed. The red-necks, the cowboys, the NRA nut jobs and their ilk.

I believed that one day they would all jump in their good old boy F150 pick-ups, loaded up with more ammunition than the average third world militia owned and head to Washington to teach the ‘guvmint’ a lesson.

I imagined that it would be a fairly short, but incredibly bloody confrontation, resulting in perhaps thousands of casualties, perhaps a lot more if the red-necks managed to make a few bombs.

I suspect that the red-necks would become domestic terrorists, protesting government over-reach, protesting laws that protect those that they hate – basically everyone that is not a  white heterosexual male and that the civil war would probably all be over fairly fast.

That was before Trump.

I see now that this can go two ways.  Continue reading “The next American civil war ?” »

 Posted by at 9:42 am