Sydney

A couple of weeks ago I was on holiday in Sydney. When I arrived it was early evening so I had dinner at the hotel and went to bed.

I walked across the Sydney Harbour Bridge and visited the art gallery and various museums. After buying a hat I walked from Bondi Beach to South Coogee.

Being winter at the time, the early nights meant that the Light events of the Vivid Sydney festival were open in the evening. It's a good thing I went to the Royal Botanic Garden before it started because there were a number of barriers restricting access for the duration of Vivid. They don't take them down during the day (including the barriers on the harbour blocking access to some of the seating!).

I've been up to the Sydney Tower Eye (not as impressive a view as it could be with all the other high rise buildings in the way) and toured both chambers of Parliament House.

Using the extensive public transport system I visited Centennial Park, Manly and Kamay Botany Bay National Park (which was almost deserted at the time).

I spent a day at Taronga Zoo then stayed for the Vivid Sydney event Lights For The Wild.

Despite being over 10,000 miles away I was still able to watch the latest episodes of Doctor Who on the TV in my hotel.

On the last day I took a tour of the Blue Mountains which I recommend for the amazing views.

There was a wide variety of restaurants available in the evening such that I didn't eat the same meal twice. For breakfast however I had a pistachio and chocolate roulade almost every day from a nearby French patisserie.

I took a few hundred photos and some videos.

House Power Meter

I've recently installed an 80A Power Meter on the electricity supply to my house. It measures the current active, reactive and apparent power as well as providing a count of the total active and reactive energy. These reading are updated every second.

After installing a 100A isolator and pulling through extra cables, the installation of the power meter was relatively straight forward. It's in an enclosure with an 80A circuit breaker, located inside to avoid inconvenience if it ever trips and because the distribution board doesn't have enough space for it.

[Closed metal enclosure with electricity supply input/output cables and RS485 cable] [Metal enclosure with lid open showing 80A and 6A circuit breakers and the Power Meter] [Metal enclosure with the cover off showing the circuit breakers and Power Meter] [Electricity distribution board with the live supply out of the 100A isolator going via the Power Meter]

I intend to write an Android app for a real-time view but for now I'm just collecting historical data:

Bar chart of total active energy usage for each day of the month with detailed views of active/reactive power usage and supply voltage

Email address leaked by Santander

On the 5th of November 2013, I received 4 scam emails from "[The Federal] Tax Service" (containing a trojan executable) to an email address that has only ever been given to Santander (and is indeed unique to Santander, given that it has their name in it).

Some people will claim that this was caused by a brute force or dictionary attack and that it is a co-incidence that it only went to my Santander email address. The advantage of running my own email servers is that I can check the logs and see what other email was rejected. There were 4 rejected attempts to send email the day before to this address but nothing before that. On average there were 2 email attempts per day in November to completely unknown recipients, following a dictionary attack pattern. No one performs a brute force attack on email recipients, that would be ridiculous and take forever at the rate of 2 per day.

Apathy

As reported by The Register in Oi, bank manager. Only you've got my email address - where're these TROJANS coming from?, I wasn't the only person to have this issue which implies that a number of other customers have had their personal data leaked too. Unfortunately in the UK the only practical way to enforce our data protection laws is by reporting issues to the ICO, and as usual they decided to do nothing.

Responses from Santander Executive Complaints

I complained to Santander about this issue and received nonsense back every time:

2014-01-29

Firstly I would like to apologise for the misunderstanding of your previous complaint, that the emails you were receiving were from someone claiming to be Santander. I now understand that this is not the case and you are unhappy with an email you received claiming to be from "The Federal Tax Service" addressed to an email account used specifically for Santander and you would like to understand how this email address was obtained by the third party.

As I confirmed within my letter of 3 January 2014, Santander has never supplied your personal details to an unauthorised third party. However, I can confirm that our Security Team were highlighted to attempts by third parties trying to obtain a large proportion of customer related emails who used a specific email address for their Santander accounts.

So attempts ... to obtain ... customer related emails (sic) who used a specific email address for ... Santander could be the plot for a movie because it's pure fiction. It's also amazing what Santander can know about these "attempts" that were supposedly unsuccessful.

2014-02-17

Thank you for coming back to me. I can confirm we detected the attempt to obtain personal details in time to ensure preventative measures were in place and as advised within my letter our IT and Security Team are aware that the National Crime Agency's National Cyber Crime Unit (NCCU) are working hard to identify the source.

Please be assured, none of your personal data has been stolen or compromised, the only data obtained was the Santander specific email address, which I understand you have now changed, to a more secure address.

So my personal data hasn't been stolen except for my email address which is personal data!?

Santander email practices

Reviewing all the legitimate email received from Santander, it either comes direct from servers owned by Santander UK PLC (relating to my account) or it's a general marketing email in which case it comes from servers owned by Marketing Source Limited (from the domain "yoursantander.co.uk" because nothing says trustworthy like using separate unverifiable domains to email your customers!).

It's possible that the personal data leak occurred from within Santander or within Marketing Source. Both companies have the personal data of customers (including postcodes used to "authenticate" the email). What's interesting is that all the general marketing email up to August 2013 (before the spam started) comes from "santander@info.yoursantander.co.uk" and all such email from June 2014 (after the spam started) comes from "santander@service.yoursantander.co.uk", so Marketing Source have changed something in that time period.

The long-term effect

What happens when you leak customers' email addresses to third parties? They receive junk email to that address forever. At its peak this was on average 4 emails per day but it has reduced to 1 every 3 days, as this graph illustrates:

Shrinking toilet paper

ASDA are at it again with the shrinkflation, this time with their own brand toilet paper "Shades So Soft". In August you could buy 24 rolls with a total area of 65.18m² for £8.00 but from September the same 24 rolls (also £8.00) have a total area of only 63.20m². That's about ¾ of a roll less paper for the same price.

Contents: 24 rolls, 2 ply tissue. Average 210 sheets per roll. Sheet size 122mm x 106mm. Total area 65.18m².
65.18m² for £8.00 (2016-08-12)
Contents: 24 rolls, 2 ply tissue. Average 210 sheets per roll. Sheet size 120mm x 104.5mm. Total area 63.20m².
63.20m² for £8.00 (2016-09-19)

Death of a Kindle

I turned my Kindle on last night on the train and most of the screen failed to update. Only a small area at the bottom now updates. I pre-ordered this when it first came out in the UK so it has lasted for 6 years and 1 month (the battery life is still very good).

[Kindle with partially frozen screen]

Restoring a Garden Bench

I've started restoring my garden furniture as the existing paint is now peeling off everywhere. I'm using an electric sander which is a lot easier than sanding by hand. Some mahogany wood stain has then been applied with a paintbrush to the bench, floor covering and my clothes.

The first bench is now complete:

[Bottom side of the bench after sanding] [Seat bars before sanding]

[Top side of the bench after sanding] [Bottom side of the bench after partial painting]

[Top side of the bench after completion of painting]

Shrinking shampoo bottles

Alberto Balsam have brought out "new" 350ml bottles of shampoo that ASDA sell for the same price (£1) as the previous 400ml bottles, so you now pay the same price for less. What makes it worse is that when they originally replaced the ASDA branded product with the Alberto Balsam equivalent, it had a "same 400ml fill" label despite it being smaller than the 500ml ASDA version.

ASDA Essentials Coconut Shampoo (500ml) [Source: mySupermarket.co.uk]
500ml
£0.80 (2013)
Alberto Balsam Coconut and Lychee Shampoo (400ml) [Source: Tesco]
400ml
£1.00 (2015)
Alberto Balsam Coconut and Lychee Shampoo (350ml) [Source: Ocado]
350ml
£1.00 (2016)

Garage Roof

The roof on my garage had been leaking for over a year; it has now been replaced by Taylor Joinery Services.

[Original garage roof with felt] [Garage without roof]
[Garage with wood roof only] [New rubber garage roof]

[European Championships Landyachting 2015]

Last week ago I was in Oostduinkerke, Belgium to watch the Scottish team compete. I took plenty of photos and some video of the event. The top 10 sees France moving back up the rankings but The Netherlands are still in first place.

We had a Prehistoric Theme Night hosted by Z.C. De Krab which included a performance of the evolution of prehistoric landyachting.

Adafruit Proto Cape Kit for Beagle Bone

I bought one of Adafruit's Proto Cape Kit for my Beagle Bone Black so that I could put 3 relay circuits and pin headers on it. The double-sized PCB is supplied with separate pin headers that you have to solder on yourself.

It provides access to all of the pins but only SYS_5V is provided as a set of power lines and not VDD_5V, so limited current is available. However, this doesn't matter too much given that there is very little space for components.

I had to really squash everything in and use a lot of wires because there was no chance of creating an optimal layout:

Find recent content on the main index or look in the archives to find all content.

Content authored by myself is just my honest opinion.

  • Linux
  • Get Firefox!
  • Get Thunderbird!