Going fast, buy now

So the wheels on the great unannounced project have begun to turn, and I’m thinking I’ll let the cat out of the bag soon. Or introduce a mixed metaphor of unspecified gender and culturel heritage.

To begin with, I definitely need to be disposing of a good number of goods that are cluttering the house up. To that end I’ve set up a page which will list everything I need to clear away. I hope to be able to sell some re-enactment items, but for the rest, I will not set a price.

That might been fool hardy, but I think that I would rather that if there is anything that people want, they will offer what they think it is worth them. Otherwise I am likely to get little for the effort of lugging items to a second hand vendor.

The Trouble With Passwords (Again)

Part of my efforts to grab my life by the corners and twist it into a different shape was a decision to switch my “primary” computer to be a laptop, rather than the ailing iMac. I’ve almost finished making that move, and have just a few things to move across from the old machine onto this laptop. So I sat down last night to recover some passwords and account information that I had been missing that I knew was in the Keychain on the old machine. And there the hassle began again.

It’s been pointed out, and I’ve ranted about it in the past in different forums, that the Mac OS X Keychain is a parson’s egg. It does a really good job of noting authorisation credentials for software running as the current logged in user, pretty well invisibly, silently and hassle free. Most software that needs authentication credentials has been written correctly to use the Keychain, and as long as nobody swipes both the keychain file and the master password, it’s reasonably secure.

Where the Keychain Access program falls down badly though is usability for a specific but pretty common use-case: being able to bulk-export credentials for import to a different keychain.

It’s not that Apple are unaware of this as a failing in the product, their support forums are littered with people asking how to do a bulk export, and the response is always the same – use the Migration Assistant to move the whole account from one machine to another. And there’s the fallacy in their design world view: Apple desig software with the belief there is a one-to-one relationship between a user and a user account on a single machine. For all their talk about cloud services, they still have this vision of a single user with a single user account instance publishing to the cloud. Bzzt. Wrong. It’s only loosely true for most users, and very wrong for the minority that for one reason or another have different accounts, potentially on different computers, for different uses and contexts.

The canonical and simple example is where I was a few months ago – a main desktop which was a document repository and work bench and media player, and a laptop which contained a subset of documents that were currently being worked on. And a computer at my work place with some internet connectivity, and a strict injunction against plugging private devices into the network. Oh, and the FrankenPuter Windows 7 box I built for games. Getting this to work, in general, was fairly straight forward – I used ChronoSynch to keep specific folders in synch, and Spanning Sync to keep calendars and addresses in synch between the two computers and Google. Using IMAP for Gmail kept mail sort of in synch, and Chrome’s facilities for synching bookmarks between instances via Google works ok.

But two things did not work at all well. There was no good way to keep two instances of Things in synch (but they are [working on that]), and absolutely no way to keep credentials and secure notes in synch (caveat, no way without committing to drinking the 1Pass kool-aid, which I may yet do).

I sat down on Monday night to finally get all the passwords out of the iMac keychain and onto the laptop somehow. Exercising Google-Fu, I found a pretty good AppleScript solution which did the trick, even if it had to deal with the annoyances of the Keychain. The trick was to unlock each keychain before running the script, then for each item in each keychain, as the script was running, click “Allow” on the two modal dialogs that Apple threw up. Somewhere over 300 clicks later, I had a text file with pretty well all I needed in it, and a firm decision to leave the data in a text file for reference, and not muck about trying to get it into the laptop keychain (See, I’m already thinking that 1Pass might be the better solution).

The next part of the puzzle was to get it onto the laptop. Now I’m slightly paranoid about things like this, and wanted to have at least a third copy while I got it across. Ok, it was late at night, and I wasn’t thinking straight. I’ve misplaced my last USB thumb drive (damn, need another), so decided to toss the file onto [DropBox] to aid in the transfer. Which led to the next issue: there was no way I would throw this file into the cloud without it being encrypted, and hard encrypted.

Ok, easy solution there – encrypt it with PGP. Done. Now to install PGP on the laptop… wait a minute, when did Symantec buy up PGP? And they want how much for a personal copy? (As an aside, for an example of entirely obfuscating costs and product options, the Symantec PGP subsite is a masterpiece). When it comes to companies I am loathe to entrust with protection of my secrets, Symantec is pretty high on the list. Ok, second plan, grab MacGPG. I’ve used earlier versions, and have used GPG and its variants on other platforms, and am confident in it. On the other hand, I really miss the point-and-click integration of MacPGP. Fortunately there’s a project under way to provide a point-and-click interface on top of the underlying command line tools, and I’m pretty happy with what they are doing. If you need it, go check out GPGTools, but be aware that you’ll probably need some of the beta versions of stuff – the stable release at the time of writing doesn’t provide an interface for decrypting files. The only thing I’m unhappy about is that it automagically decrypts files for me, without prompting for the pass phrase. So while it’s good for protecting the file in the cloud, it’s not so great for protecting the local copy (yes, I know that there’s little protection if someone swipes the laptop).

Which leaves me with the old hack – create an encrypted DMG with the file(s) in it. It’s a pretty straight forward process:

  1. Run Disk Utility
  2. select “New Image” and specify one of the encryption options. Other than the size and name, the rest of the options can be left as their default.
  3. copy the files into the new DMG
  4. there is no step 4

The only alarming gotcha is that it appears that you can decrypt the image without providing a credential, if you have allowed Disk Utility to store the pass phrase in your keychain. The trick is twofold – first, credentials are kept in a cache for a few minutes after use so that you usually don’t have to provide them in rapid succession. You can flush the cache by locking the keychain again. The second part is that by default the keychain remains unlocked after login. You can tweak these settings by going into the preferences for Keychain Access – I like to select “Show Status in Menu Bar”, and deselect “Keep login chain unlocked”.

All of which takes me off on a ramble from what I was thinking about. It seems to me like the battle to allow and encourage strong personal encryption and digital signing has been abandoned, and the focus has shifted purely to secure use of online services. There are a few personal file protection products on the market, of unknown and unverified strength, and a few more business focussed products. The intended widely available public key infrastructure for general public use never eventuated, subsumed instead by an industry focussed around providing certificates for Web sites and certificates for B2B secure communications.

Apple provides File Vault as a means to encrypt the entire disk, and there are similar products available for various versions of Windows, but the trouble remains that for encrypting a subset of files the software remains dodgy or highly technical. And don’t get me started on digital signatures on mail.

Abbey Countdown

It’s really not long until the Abbey Medieval Festival. Every year it always comes around too quickly, but this year feels different. I really don’t have many things left to prepare, but in a large part that’s because I’ve decided not to attempt most of what is in the back log.

Yes, ok, cryptic comments that will be made clear in coming weeks. Skip over that part.

Anyway, the list has become pretty short, and I’ll try to keep this updated with progress:

  • sort out a wider mattress
  • tinker with the big velvet gown for the feast
  • finish my new fencing doublet
  • make a bodice and shirt for Bear
  • make a backgammon board

Train FanBoy

It’s true: the Brisbane urban rail network and Translink SEQ do have fans. It’s just that I’m not one of them. Alright, that’s a bad pun, but the fans that have been and are being installed at Central station intrigue and irritate me.

Something that I’ve learned over my time in IT is that small errors and warnings should be taken notice of – they are almost always symptoms of an underlying error or incipient failure that is serious, even thought the symptoms themselves are not harmful.

So it is with public policy and the action of public entities in Australia, and the fans are a good symptom to take notice of.

Central station has seen several overhauls, or at least face lifts, over the past 20 years. It’s always been a hot and grubby place, but it was quite noticeable that the most recent renovation (how long ago was it? 10 years?) exacerbated the problem. An awning was installed over the concourse outside the ticket gates, which did have the probable desired effect of providing shade and some shelter from the rain.

A parenthetical rant – what is it about architects and builders in Brisbane that causes them to frequently forget that we are in a sub-tropical city prone to sub-tropical rain. If you are designing or installing an awning or veranda: please make sure that it goes all the way to the stairs, and meets up with the awning on the adjacent property. The awning at central almost protects you from heavy rain when you’re exiting the property. Sometimes.

The trouble with the awning over the concourse is that it traps heat, and during summer gets really hot very early in the day, and stays that way. Because it’s long and low, there is seldom any air flow through the space to provide cooling. The platforms have a similar problem. So the obvious solution is to install fans. The fans that are going in are effective, and have an intriguing design – huge blades, folded at the end like a long-haul airliner, moving an enormous amount of air and doing it fairly quietly.

The interesting part is how the fan installation project is progressing. The first five fans went into the concourse a few weeks before Christmas. Well, to be precise, the fans were installed, but not wired up for power. The electricians came in during the week after The Great Flood, some 8 weeks after the fans went in. Another few fans appeared on one of the platforms a few weeks later. A month on and they are still not connected to power and operating – I suspect they will be functioning when winter comes.

I have a horrible suspicion that I can blame Microsoft Project (or PowerPoint), and a machine for enacting projects made up of people with very limited power to actually do anything. You see, I am guessing the MS Project plan and resulting PowerPoint presentation has continued into a concrete set of actions, and went something like this:

  • Budget
  • Concourse Fans
    • buy fans
    • hire builders
    • deliver fans
    • install fans
    • hire electricians
    • wire up fans
  • Platform 3/4 Fans
    • buy fans
    • hire builders
    • deliver fans
    • install fans
    • hire electricians
    • wire up fans
  • Platform 1/2 Fans
    • buy fans
    • hire builders
    • deliver fans
    • install fans
    • hire electricians
    • wire up fans
  • Platform 5/6 Fans
    • buy fans
    • hire builders
    • deliver fans
    • install fans
    • hire electricians
    • wire up fans
  • Project completion meeting.

With each step carefully timetabled and resourced in sequential order. And the people who drew up the plan are not the people who carry out the plan, and do not have the power or experience to think up a better plan. And the people who carry out the plan do not have the authority to deviate from the plan. And the people who budget for the installation only care about the final bottom line dollar amount, and the managers above these three groups care only that the project was completed by the time specified by the Microsoft Project plan. And at no point is there an individual with the combined authority, experience and common sense who is allowed to stand up and say “hang on, this is bloody stupid”.

Which brings me back to my underlying concern. It is not that any individual in the process and machine of public policy and application of policy is venal, or lazy, or incompetent. I’m certain that essentially all of them are competent, hard working and dedicated within a narrowly defined work scope. A significant number of public entities responsible for upkeep of public infrastructure appear to have grown so large, and accreted so many policies and procedures and protocols, that a significant part of their resources are tied up with managing the process and protocols rather than delivering the service. Taking that thought a bit further, I see many indications in the behaviours of the QRail CityTrain / TranslinkSEQ duo that both struggle and probably fail to keep their core business in focus. Certainly if you listen to the frequent and repeated complaints from the heads of the organisation that train travellers are rorting the system by having their daily commute subsidised by (Insert Semi-Random Dollar Value Here) from other tax payers, you have to think that they miss the point: from the top of the QRail CityTrain / TranslinkSEQ entity to the bottom, their absolute top priorities are to:

  • get passenger bums on passenger seats safely and comfortably;
  • get the services from source to destination safely and reliably on time
  • don’t run over any kittens or nuns.

So, a plea to the project manager of the Fan Project: your job is to get the fans installed as quickly and cheaply as possible, not to make sure that the power point presentation for each week uses the corporate template, is reviewed according to protocols, and loaded into the CMS on time.

Off the rails

One of the reasons why I threw financial caution into the blender and bought a laptop was to be able to use my morning and evening commutes to write, or at least return to writing, or at least attempt to return to attempting to write. There is a danger in publishing any of this though, because as I tap away on the train, my mind is mainly on the journey. Which means that I’m likely to rant endlessly about the service.

There is an often repeated and often rejected dictum that we should write what we know. It is of course a facile suggestion, but there is value in writing about what we see and experience daily, so long as that is not the limit of what we write, dumbly hammering out mere reportage – the sky today is clouded, there is a girl on the train that looks like Scarlet Johannsen, this carriage has more graffiti on the seats than yesterday’s. For me, I experience the Grovely railway station, and the Central railway station, and the train trip between the two, ten times a week. Sometimes more. Sometimes slightly less. It forms a significant part of my daily experience. And an idle mind coupled with idle hands is going to lead to strident criticism. Be warned.

I will preface what will likely be a lengthy series of rants (long mulled) with some positive notes. The suburban train service, when the trains are running and operating correctly, is clean, comfortable, air conditioned, and passably speedy. In general terms the trains are safe, pretty well policed by security services and real police, and not prone to running off the tracks and bursting into flames. These factors have been true, and unchanged, since they began the electrification of the network in the very early 1980s. The trouble is that there has been little other improvement in the service since then.

And a final positive note: Translink and Queensland Rail staff are usually, generally, on the whole, mostly not actively hostile toward passengers.

All in a twitter.

There has been some talk already regarding the use of Twitter as Brisbane sank beneath the waves. Unfortunately all the talk I’ve seen so far has limited itself to merely cheering that the service was marevelous (for example, some of the talk over at The Drum), without examining what worked and what did not.

As I tap away at this on the train, I note that John Birmingham has touched on the subject, and his comments are certainly accurate and pertinent. I definitely echo his thoughts on the essential uselessness of traditional broadcast media through all of this. The offerings from the free-to-air television services were worse than useless, and the commercial radio stations carried forward as if nothing was happening. I say “worse than useless” because all that I saw from the FTA television services was distorted, often inaccurate and out of date, and carried an air of desperately attempting to manufacture panic and crisis.

There was a particular gulf between the representations of what areas have been affected. If you watched any of the three commercial stations, you would gather that the only flood affected areas were Toowoomba, the Lockyer Valley, Rosalie, Milton and West End. If you watched the ABC you knew that Rocklea and Fairfield were trashed. If you monitored Twitter and other social media, you saw people on the ground with phones desperately broadcasting that areas like Fig Tree Pocket and Goodna were essentially destroyed, and can we please stop talking about the Three Monkeys Cafe in West End?

Of course, I no longer have any expectation that traditional broadcast media can be either informative or effective. And I include our apallingly bad newspaper of record here – the joke in Brisbane goes “Is that true, or did you read it in the Courier Mail?” Direct dealings with representatives of the broadcast and print media here over the last ten years or so have consistently emphasised that they will not travel more than a few kilometers from the center of town, and absolutely will not seek anything other than a single image or 15 second film grab that can be used as a sting. [refer channel 9 drinking game here].

What interested me most over the past week has been how various “official” Twitter voices have used the service. There were some marked and intriguing differences. Individual users definitely grok Twitter – a constellation of different #hashtags coalesced to one or two within about 24 hours, and the crowd mainly acted to filter out spam and emphasise important and useful information. There was a constant background hum of spam and attempted scams in the feed, but I noticed whenever an important message was submitted from one of several voices of authority (and a tip of the hat to John Birmingham here, he carries a lot of weight on line), the crowd spontaneously amplified the message and ensured it was being heard: the flow was usually from Twitter to other social services like Facebook and LiveJournal, and even back onto the comments pages on web sites for the traditional media outlets.

Three particular accounts interested me: the 612 ABC channel, the Queensland Police channel, and my bete noir, the TransLink SEQ channel. A parenthetical aside here as well, I use the word ‘channel’ in the sense of water (and information) flow, not in the sense of a TV or Radio channel.

Someone at 612 has understood Twitter right from the beginning, although it’s pretty obvious when their official operator is working, and not working, as the rate of messaging fluctuates wildly over the day. The bulk of their messages are snippets of information, or direct questions requesting feedback or information. Occasionally they will point off to their own website for further interaction, usually to pages used to gather information rather than distribute, and occasionally point off at other resources.

The QPS channel historically was of mixed quality, and their direction zig-zagged over the week before settling into a solid pattern: messages were well #hashtagged, important information was emphasised and repeated, messages about deeper background information held on other sites had sufficient summary information to allow the reader to tell whether they needed to go to the external site.

TransLink, by contrast, was an example of how not to use the service. There was every indication that they were explicitly refusing to respond to direct messages or any sort of feedback, and virtually all their messages contained no content and directed readers to their web site. Of course on Tuesday as the CBD was to all intents and purposes evacuated, the web site melted down, and it was unusable for much of the week. I will refrain from pointing out the flaws of their site, here and now, but may come back to it. The height of their lunacy on Tuesday was when many, many people were asking if the rumour that public transport was halting at 2PM was true, and the *only* response in return was to keep repeating that they had a page with service statuses on it.

Energex and the Main Roads department had similar problems with their websites failing under load, and in retrospect this is an argument for the QPS media unit using Facebook to distribute further information: the chance of failure of Facebook as a web destination is far lower.

The twitter stream from TransLinkSEQ is particularly interesting for the relative lack of information:

Through the morning, we had the following:

  • All CityCat & CityFerry suspended. Check the web for connecting buses. Leave extra time. More info http://www.translink.com.au
  • Due to heavy rain delays to some bus services, diversions on some routes. Check service status http://www.translink.com.au
  • Caboolture Line inbound and outbound services delayed up to 15mins due to signal fault. http://alturl.com/2thz8
  • Caboolture bus services majorly affected by flooding. http://alturl.com/b2brf
  • North Coast Line delays up to 40mins due to track/signal faults. Effects
  • Caboolture line, delays up to 15mins. http://alturl.com/y99ap
  • Rosewood-Ipswich train services suspended due to water on tracks at Rosewood. Buses arranged. http://alturl.com/c6yvq
  • All CityCat & CityFerry services expected to be out of action all day due to strong river currents –> http://twurl.nl/7bwxnl
  • Caboolture bus services cancelled. Visit http://translink.com.au for more.
  • All Kangaroo buses cancelled. Visit http://translink.com.au for more.

After about 12pm there were wide spread rumours – and a lot of direct questions were sent to TransLink about this – that public transport in the CBD was to be suspended at 2pm. This was what they broadcast in that period:

  • For more information on flood and weather affected services – http://twurl.nl/jct4cl
  • For information on the current status of flood affected services please refer to our website – http://twurl.nl/6z52j0
  • TransLink advises there are delays and disruptions on parts of the network. Services continue to run where possible.
  • Public Transport continues to run where possible – for latest disruption information see http://www.translink.com.au

At no point did they respond to the simple question “are services halting at 2pm”. The only rebuttal of that rumour came from the QPS Media service. After about 3pm they changed their message, and seemed to understand that people were understandably cranky:

  • Services are running throughout this afternoon. Expect delays & some cancellations. Check the website for service status info.
  • Our call centre is receiving a high number of calls, causing delays in answering. Check website for info to help us manage the call volume.
  • Trains are not operating to schedule this evening due to flooding. Services are still operating on all lines -> http://twurl.nl/z2i223
  • All train services at reduced frequency until further notice, some services have been suspended. Find out more –>http://twurl.nl/7c7esj
  • All train services suspended until 6am Wed 12 Jan. An hourly train timetable will then be in place, until further notice.

It’s no surprise that their website melted down after midday – note that virtually all their messages contained no useful information and just redirected to the website.
Successful use of Twitter as a meaningful and important information and communication tool recognised a handful of very key features of the service that distinguish it from many other services:

  • it is more like a broadcast service than an an asynchronous service like a web page;
  • messages should be considered ephemeral and only made meaningful by currency;
  • the tiny messages mean that it is accessible through an extremely broad range of mobile devices;
  • a very significant number of users use Twitter via mobile devices;
  • the infrastructure has evolved and been designed to support a staggeringly large number of simultaneous requests;
  • relevant information-rich messages are spread further and live longer than information-poor messages;
  • the service is inherently a two-way information flow, and questions and criticisms that flow back are indicators of errors or inadequacies in the outgoing flow;

I am hoping that organisations involved in this disaster take stock of how they used these services, and how these services can and should be used. The big lesson that can be learned here is that significantly more people have mobile phones with internet access than have battery powered radios.

A cunning device

My elderly cat appears to have changed, slowly and subtly, into a cunning device which emits a never-ending stream of urine at one end, and a never-ending stream of complaints at the other. So far, in 2011, she has proved remarkably inventive in her choices of where to pee.

I shouldn’t be too hard on her though. She’s elderly, and for complex reasons I cannot give her age more precisely than “about 19 years old” (although, of course, this year I shall have to start saying “about 20 years old”), and for the comfort and company she has given over the years, and continues to give, I can hardly be grudging of her laissez-faire attitude. It’s like living with an elderly relative who ran a bordello in Chicago in the 1920’s, and insists on telling you that Truman Capote was a far better host than you are.


Water Everywhere

I could turn this into a rant about the places that my elderly (19+ years) cat has peed in the past few days, but will limit myself to puzzled amazement that one small cat can emit so much liquid.

The past week or so has seen SE Queensland drenched with the remnants of and precursors to cyclones, combined with a general swing to wetter conditions. We’ve been in drought for quite a few years, so I think many people have forgotten that the region is really sub-tropical, and rain in summer is something we should expect. Of course, in this instance there is more rain than can be comfortably dealt with, and as I write this an area roughly the size of Germany and France combined is under water.

I don’t have problems with flooding in my house, being on the side of a hill well above the water table, and the house is raised up to let water flow through underneath when needed. Which it has been. Every so often the rain comes down hard enough and long enough that the soil is soaked past the point where it will absorb any more water, and the rain starts to run off the top, down the slope, through my garage and out under the garage door. Today I sat and watched the rain coming down onto my soaked yard, and watched a constant stream rush out of the downpipes, away and lost and never to be used.

All of which highlights the daftness of the issues around potable water in SE Queensland.

A few years ago, as the dams became lower and lower, it looked like we’d run out of drinking water altogether. The state government, and local governments, went crazy, and advised us all on how to save water, how to ration water, how to conserve water. All the while ignoring the reality that the amount of potable water from the dams used by households was only a fraction of what was being used by industry. Still, we saved, and installed water tanks, and fiddled with grey water solutions. Fast forward to now, and the dams are overflowing, there is more potable water than can be used… and yet water is significantly more expensive now than when it was in the middle of the drought.

You see, at the same time that there was a panic about how to manage water, the State Government took back control of all water matters from the local governments, for a variety of mainly ideological reasons, under the assertion that it would be cheaper for the consumer. Except, of course, an extra layer of bureaucracy was created, and several semi-private entities born to sell water to each other, and to the councils, and ultimately to us. It was inevitable, and entirely unsurprising, that when the new distribution companies were faced with the massive costs of recovering from decades of underfunding of maintenance and new construction… the costs were flipped straight onto the consumers.

In the middle of the wettest months SE Queensland has seen, potable water has become one of the biggest imposts on household budgets, with indications that price rises of at least 15% will happen over the next 6 months, and the high probability of more rises after that.

Surely the water tanks and grey water systems have ensured that consumers are buying less water? Well, no. The trouble is that the by-laws around use of the water from the tanks, and water from grey-water systems, are managed at the local government level, and are different from area to area, and generally forbid the use of tank water and grey water for anything other than the garden (and in some areas, you cannot put grey water on the garden, either). So all that extra water that previously was lost? Is still mainly lost. Unusable.

Want to reuse the water from the washing machine to flush the toilet? You can’t. Want to use the water in the tank for drinking water? You can’t.

The panicked reactions of state and local governments to the drought resulted in the familiar patchwork of half-implemented, half-considered, half-reformed schemes. But because it’s the 21st Century, it’s dressed up with a cunning new logo, and a bravely re-badged water company with an exciting name.

It’s not hard, really, it’s not hard at all. On the east coast of Australia, we have ample water. More water than can actually be consumed by households as potable water. All that is needed are some relatively simple, albeit politically pungent, changes. Reform the by-laws so that they are the same across the whole state. Allow the use of grey water, suitably filtered, for toilets. Allow the use of tank water, suitably filtered, as potable water. Mandate the use of water recycled from the sewerage system for most industrial applications. Please, somebody on the treasury seats – take the bit between your teeth, and just get it done.


Moving…

I’m back to updating this site, and will soon publish a link on the main site page to it. For the time being, I’m transferring pieces from Deviant Art, backdating entries to roughly correspond to the publication date. It will be interesting to see how long this takes, as I’m testing the use of ecto again, and it will take me a little time to adjust. Not to mention that I will halt every so often from boredom…