sungate.co.uk

This week saw the second part of the CCNA training - four very packed days. I now need to arrange to take the exam to qualify for the certification. My plan is to do so within a few weeks, if possible: soon enough for all of the unfamiliar (and not routinely exercised as part of my job) topics to still be fresh, but enough time to prepare.

The whole course covered a wide range of topics: ICND1, the ‘easier’ first half explored some fairly familiar aspects of networking in general, going into not much detail on a wide range of topics (switching, routing, Ethernet, wireless). It also covered IPv4 addressing in a lot of detail, an area in which I am pretty familiar.

ICND2, the second half, went into more detail on a smaller subset of topics: spanning tree, various routing protocols, VLANs, NAT, IPv6, PPP, Frame Relay etc.

A most enjoyable learning experience, since the instructor was entertaining as well as informative. There were eight of us attending the course and we get on pretty well.

The first half of my CCNA training course started today: it’s full time each day Monday to Thursday this week; the second half is a further four-day course in a June.

So far so good: a little bit slow to get started, because we spent a bit of time doing ‘introductions’ and so on, then began covering a lot of material to establish terminology that I already know. A few useful reminders, though. Hopefully going to get rather more stuck into it all tomorrow.

You already know I don’t like Phorm. You already know I don’t like the activities of the incumbents in the Home Office. Mind-bogglingly, they have been involved in joint “corruption”, according to this article.

The Home Office asked a private company (Phorm) for advice in drafting a document stating the Home Office’s own views on the company’s possibly-illegal internet interception product. Phorm were, it seems, allowed to edit the Home Office statement to meet Phorm’s own requirements. Yes, that’s right. A government’s official views on a controversial project initiated by a private company were prepared by that company.

These two entities should have no such relationship. This is corruption, pure and simple. It’s sadly what you expect from a private company, since they are profit-driven, but this is behaviour that should not be tolerated in government. Please, please, please vote them out when the general election takes place next year.

On a slightly lighter note, and in what at face value looks like a sudden outbreak of common sense, former Home Secretary David Blunkett has said that the ID Cards project should be scrapped. He must have been blind not to have seen that this was a sensible position to take previously. (Yes, terrible joke/pun … apologies)

For an excellent summary of Microsoft’ anti-competitive history, read this document and discussion at Slashdot. It’s an very well-written and fully referenced article, and also very readable.

Where do I start? This blog post has been simmering within me for ages, but I’m finally writing the thing up… I’ll try not to make it ramble too much.

Bad things:

• Ever since 11.09.2001 and, in the UK since 07.07.2005, new laws and initiatives curtailing freedoms and personal privacy have been flooding in;
• Specifically, UK Internet Service Providers have been coerced by the government into introducing routine monitoring of all network activity: including emails sent and received, web sites visited and so on, to be retained for a long period of time. That means that ISPs will be routinely monitoring and recording everyone’s traffic, not just people accused or even suspected of a crime. Everyone’s;

The latter means that the ISP and the government will be in a position to carry out data mining on your data under the guise of “Oh, this’ll help stop terrorism and it’ll help find paedophiles and …” Well, frankly, that’s bollocks. What’s worse, is that they know it too.

Imagine all this data collected and then tied in with your personal identity via the National ID Card Register… “I’m sorry, Sir, we can’t renew your medical insurance. I see that you have been ordering too many pizzas…”. Or, “I’m afraid I can’t let you on to this plane, Sir, I see you read the Wikipedia page about how to make a suitcase nuclear weapon last Tuesday.”

Here’s an interesting quote about behaviour of the government from twenty years ago:

“[Lord Whitelaw in the 1980s] boasted how after any security lapse, the police would come to beg for new and draconian powers. He laughed and sent them packing, saying only a bunch of softies would erode British liberty to give themselves an easier job. He said they laughed in return and remarked that “it was worth a try”.”

So by his reckoning that makes New Labour a bunch of softies. I won’t argue. However, one may argue “Hang on though, in the 1980s technology was very different, surely that explains why greater powers are needed?”. Well, no, I don’t think so. The current monitoring of all web and email traffic is equivalent to the recording of all telephone calls and the interception and copying of all post. That was never deemed necessary. In criminal investigations, warrants could be obtained to do the above for specific individuals. There was never any question that it should be done in any more widespread manner. And don’t forget that at that time, there was a genuine and on-going “terrorist” risk - the IRA bombing campaign affected far more people than more recent incidents.

Perhaps the reason is that now it is more technically feasible (i.e. cheaper) to do this. Essentially, it’s a power-grab. In other words, they’re not doing this because they should, but because they can. They also claim that they’re not recording the actual content of emails or the content of web pages, just the sender/recipient details plus web site addresses. Frankly I don’t buy that: they have the capability to record it all and disk space is cheap.

In fact, there are some entities who do look at the actual traffic. Some ISPs have signed up with an organisation called Phorm who are putting adverts on web pages, based on records of your web-browsing behaviour. I don’t really care about the adverts. However, the point is that in order to tailor the adverts to you, they need to have information about you. Your web traffic is intercepted and recorded, then analysed in order to determine which adverts to present to you. There are at least two problems with this:

• When the technology was being trialled, it was tested without anyone’s consent, meaning that a third-party was given access to the web-browsing records of ordinary people;
• Phorm, and the ISPs hoping to use this technology, have continually refused to consider making it “opt-in”. The closest I’ve heard is that Full user consent will be obtained and there will be the ability to opt-out. Erm, that’s not right: if “full user consent” is to be obtained, that means it’s opt-in, so there’s no question of needing to opt-out. My expectation is that they may implement it while making it very hard to opt-out

So, you may ask, what’s my real problem with all of this? I guess it boils down to the following:

• My email and web browsing history are private and none of your business. You don’t need to know about them;
• I don’t trust my ISP or the government or anyone working on their behalf not to lose this data or to pass it on to other entities. Data security is hard. The government don’t have a good track record with data security.

Would you like your web browsing history or email messages to be left on a laptop on a train somewhere, for example? No thanks.

I’d rather not give them the opportunity, so I have been putting in measures gradually to mean that this data simply cannot be collected from me, by my ISP. That is:

• I have set up a VPN which bypasses any attempts from my ISP to monitor my web traffic. See my HOWTO guide for rationale, setup and configuration ;
• Email messages will be encrypted whenever possible;

I feel the same as Tim Berners-Lee (inventor of the world-wide web) where he says:

“[My data and web history] is mine - you can’t have it. If you want to use it for something, then you have to negotiate with me. I have to agree, I have to understand what I’m getting in return.”

So there you go. You can’t have it, ISP.

This may or may not be a hypothetical question. Let’s say I don’t trust my ISP. Let’s say that I don’t want any traffic at all to pass in the clear across my broadband connection. No DNS, no SMTP email, nothing.

Let’s also say that I have control of a server Out There On The Internet that I can use for anything that Debian/Linux can provide.

Given the above, what would be a good way to ‘tunnel’ traffic from a PC behind said ISP’s broadband (running Ubuntu) via the server? IPSec/VPN?

Note that I don’t simply want to proxy web traffic - that’s easy using a web proxy server; that’s only half the picture, though.

Suggestions, thoughts, pointers to HOWTOs etc. most welcome. Bear in mind that I likely just need a very simple setup here: I don’t need anything in place to support multiple connections from multiple locations, really.

For the first time in over ten years, I entered a chess tournament this weekend. I used to play a variety of competitions, quickplays and club matches. As the tournament was taking place locally, I thought it was worth a go.

• Round One: White against player graded 140 (broadly equivalent to what I used to be graded, I assume I’m rated lower now). This was a very long game and in the end, we were both down to the last few minutes of our allocated 1 hour 45 minutes. I had a slight edge all the way through but not enough to convert it into a win. So, a draw. Score 0.5 out of 1;
• Round Two: A pre-arranged bye so that I could spend some time with the family over the weekend, worth the same as a draw. Score 1 out of 2;
• Round Three: Black against a higher-graded player (161). This went pear-shaped very quickly: I walked into a pre-prepared opening variation that he told me afterwards he knew very well. I managed to deny him a quick win and played a knight down for a while, but it was always going to be Lost. Score 1 out of 3;
• Round Four: White against a lower-graded player (128). A fairly mundane game turned bad when I made an outright error after an hour or so: a more experienced opponent would have made light work of beating me quickly after that. However, I fought back quite well and I ended up, as in Round One, with another time scramble. Computer analysis later shows that I might have failed to notice a mistake by my opponent and thus missed a win while playing with just a few minutes left on the clock, but it ended with another Draw. Score 1.5 out of 4;
• Round Five: Black against player graded 145. In an effort to make something happen in the game I played a move which was technically unsound, but my opponent spent about 40 minutes over his reply. He was then winning, but in terrible time trouble. In the end, he was unable to capitalise on his advantage due to shortage of time and we ended up with a Draw. Final score 2 out of 5.

On balance I’m reasonably happy with the result. The only game I lost was to someone who went on to come 3rd overall in the competition scoring 4 out of 5, so I can perhaps be forgiven that. I had chances to win all of my drawn games, but equally I could have lost at least two of them. It would have been nice to win at least one, but at least I didn’t make a complete fool of myself.

I met up with a few old acquaintances from my chess past, chaps who were at clubs I played at. The three of them all scored less than me (0.5 out of 4 - went home early fed up(!), and two with 1.5 out of 5), so I was happy with that

Edit: Just calculated that my grading for the tournament, based on these four games, is 131. My last posted grade was 142 in 1997/8.

For the last few days it has seemed like it was a nation-wide wind-up that there was snow, seeing as everyone all around us in the country was claiming to have had loads of snow, yet we had hardly seen a thing. This morning, however, it arrived. About 4 inches, I think. Not 10cm, because you measure snow in *Imperial*, like beer.

One thing that depressed and upset me this morning though was the behaviour of certain younger members of the public: some 10-13-year-old schoolboys. They were throwing snowballs at the bus[1]. I wasn’t upset about the fact that they were throwing snowballs, which in the circumstances is acceptable scallywaggery. No, I was upset because their aim was so shocking. Clearly, these boys lack even a rudimentary understanding of simple projectile mechanics. It’s very, very sad. This is surely a reflection on their Modern Education. I mean, come on! The bus was 10m long and moving at less than 20mph: a toddler could have managed to hit it…

[1] No way I was biking today, thank you

I’m sure I’ll regret this, but this week I finally began using Twitter. Yes, yes, I know. Anyway…

If you haven’t used it before, or seen the results, then the simplest way to explain it is to compare it with this weblog: here, I send out reasonably well-thought-out ‘articles’, of perhaps a few paragraphs in length, every week or two. Twitter encourages you to send out very short messages as often as you feel like it: every few hours, or even more frequently (Yes, I’m looking at you LoudMouthMan).

Some say this results in rather more banality in the messages, such as “Just having a cup of tea” or “Wondering where to have lunch”. The messages don’t have to be like that, of course. They are like that, though, if you happen to be Stephen Fry. Many UK-based people will follow Mr Fry’s twitterings, since (with the exception of the above) they are usually Quite Interesting and often insightful.

I’ve added a Twitter feed to the front page of this web site, showing the most recent of my own messages. Some of them may appear out of context, if they are addressed to someone else (i.e. if they start with “@someone: …”).

It’s interesting following some of the celebs: Mr Fry told us all about the nice lunch he’d had with Alan Davies and the producers of QI; Robert Llewelyn described some detail of the recording of the new Red Dwarf episodes and so on.

So, if you’re interested, you can follow me.

It occurs to be, with the advent of 2009, it is approaching twenty years since I first started using email. This began in my first week of my undergraduate degree at Exeter in the autumn of 1989, aged 18.

Here’s a bit of computing nostalgia for you…

My course was MSOR: a combination of statistics, maths, operational research and computing. We were being giving an introduction to the computing facilities for our department and, given my previous background consisted solely of ZX Spectrum (at home) and BBC micros (at school), it looked very interesting. We were all sat down at our own terminals - and I do mean terminals: single units consisting of a screen and a keyboard in a single moulded unit. The terminals were connected to the mainframe/server system via cabling throughout the room. The mainframe/server was big, noisy and in a room next door.

The lecturer began showing us how to use the system: beginning with issuing us usernames and passwords. This was actually the first time I’d had a username or password for *anything*: the closest previously must have been my bank card PIN, I suppose. After we logged in, he explained: “What you have in front of you now is a command prompt. You type stuff at the command prompt and things happen. Or not. Depends on what you type, really. Type ‘ls’ and then hit ENTER, people.” And so I typed ‘ls’ and it showed that we all had an example text file in our home directories. “Now type ‘cat example.txt’ and you’ll see the contents of the file.”

And so on.

Given the state of computing systems now, it’s a little hard to explain how new this all felt - for all of us, even those who knew a bit about computers. You didn’t have usernames or passwords or even ‘files’ on the ZX Spectrum or the BBC micro. This was a big shift in thinking, but it seemed quite intuitive.

He explained how to read files, how to copy them, rename them and edit them (commands: cat, cp, mv, edit - don’t know which editor this was). Then, in more detail he showed us how to use the editor to write out a short Pascal program, compile it, and run it. A very simple “Hello, World!” program. That, he said, was enough for us to be able to do the first couple of weeks assignments: we’d been learning Pascal in parallel with this.

And then, just as the lecture was finishing, he mentioned - almost in passing, as if it wasn’t really all that important - that we could “send each other mail” via the computers. He then proceeded to demonstrate: this was using the old-fashioned Unix ‘mail’ command, and he sent a message to one of the other students. He explained how to check for and read the received message, and his message was read back to him from the other side of the room.

This may not seem like a big deal, but to the whole group of us in 1989, this was something quite amazing. I remember thinking at the time: “I’m *so* going to use *this*”.

And that was it. My introduction to email. At that stage, we didn’t really have an email ‘address’, actually: we emailed others in our department simply by typing ‘mail USERNAME’, where USERNAME was the username of the recipient and then typed the message. However, we obviously socialised with others in other departments and those other departments had their own email systems. How could we send email to *them*? We spent a while figuring it out. This was before the days where all email address were of the form something@somewhere.co.uk - or, in the Exeter academic realm, something@department.exeter.ac.uk Over time, we figured out through a huge amount of trial and error that it *was* possible to send email between departments, but that a certain amount of black magic was required in the addressing to make it work.

For instance, emailing to Maths from my department (MSOR) might have needed an address written like: username@uk.ac.exeter.maths%gateway.msor.exeter.ac.uk for it to work. I expect that’s not quite the form we used, but you get the idea. A similarly obtuse - and not necessarily symmetrical - version would be required for a message to return in the opposite direction.

And that’s how it all kicked off. I’ve had an email address in one form or another for almost twenty years and it seems incredible how mainstream it has become.

Email. Brilliant.