maniacmartin

I read in the latest edition of Which? that you can get a card that entitles you to 20% off food and drink in many outlets in stations. It appears to be valid on franchises run by SSP - including Pumpkin, Burger King, Caffè Ritazza, Camden food co, Millie’s, The Pasty Shop and Upper Crust outlets in stations.

The card, called the BiteCard is totally free, and apparently has no expiry date. You can get it here. The website details which outlets in which stations it is valid in.

Featuring Bush, McCain, Clinton and Obama. See it here

I’ve decided to cycle the length of the UK for fun (and charity as well). And what better way to get in the mood by trying to learn Django and make a semi-useful Python app. So, I’ve given it a shot with a GPS/Google Maps mashup thing to analyse blogged route parts from maemo mapper on one of Andrew’s Nokia internet tablets. Obviously you won’t be able to see all of that until after we have actually blogged something - so check back after Monday, 12th August to see live progress (if it all works that is).

It also accepts pledges of sponsorship, you can donate, whilst browsing the source code in subversion. Before anyone tells me, I know I’m not the best programmer in the world and that I took corners. Its made available only in the hope it’ll be interesting or useful.

You can check out more details at Martin’s Land’s End to John O’Groats cycle ride.

Previously, I thought that that the cheapest way to travel from Market Rasen to Oxford and back was a Saver Return (Route not via London) with a Young Person’s 16-25 Railcard, costing £32.35.

However, that was before I learnt about Split Tickets. Basically, if on both your journeys, your train goes through a certain station, and the train makes a stop there, buying 2 tickets — one to this station, and one from that ticket to the destination — may be cheaper.

This is usually when traveling to a busy station from far away. Get a ticket to an en-route nearby small station, then a ticket from this station to your destination.

First of all, I needed to find an outgoing and return route that were the same, as previously I have taken previous outbound and return routes. Such a route exists, and it is:
Market Rasen → Lincoln → Nottingham → Birmingham New St → Oxford.

In this case, the greatest saving can be made by splitting around Leamington Spa, 2 stops up the line from Oxford. This also holds for returns from Oxford to Market Rasen.
The Saver Return with 16-25 Railcard from Market Rasen to Leamington Spa is £20.95, and from Leamington Spa to Oxford is £9.10, totaling £30.05, which is £2.30 or 7.1% less than a direct return ticket. Enough to pay for a sandwich en route

Note that if you buy these tickets, you’re committed to traveling via your split point on the return route. This is not a problem for me, as all non-London routes between Market Rasen and Oxford stop at Leamington Spa.

Also, on busy routes, 2 singles may be cheaper than a return. So, with split tickets, the cheapest way to do a return might involve 4 single tickets.

I have recently started using Opera for my day-to-day surfing, as Firefox 3 Beta 5 locks up now and again, and decides to use 100% CPU. This usually happens when I have a few tabs loading that have Flash video in them. However, Opera’s javascript engine isn’t quite like IE or Firefox’s.

This caught me out when I tried to login to Internet Banking at a certain bank. Like many other banks, they have some drop-down menus for you to select the requested digits from your security code, presumably to stop keyloggers. But unlike password entry fields, drop-down menus are much easier to shoulder surf, so they use Javascript to make the entry display an asterisk in the drop-down as soon as you’ve made your selection.

Of course, this caused Opera to fail to login, with a message along the lines of “You’ve got your account details or security details wrong, or you’re not registered for online banking“. So I tried again, and soon locked myself out.

Had they actually tested the site on a few browsers, this would have been easily discovered, and could have been fixed, or they could sniff the user agent and display a different page, or a message telling customers to use a different browser. That’s not ideal, I know, but it stops customers locking themselves out.

Of course, at the other end of the spectrum, Natwest sniff user agents, and reject virtually every browser, yet faking to be IE yields a perfectly working site anyway.

And then there’s HSBC. When their site eventually loads, has the first part of the login process on a non-SSL served page, which POSTs to an SSL page. Whilst this could be argued to be secure, it goes against what the banks have been telling Joe Consumer (”look for the padlock”), and its possible for a fake entry form to be sent through DNS poisoning or a man-in-the-middle attack, which POSTs elsewhere. People will not spot this as easily as a canned phishing email.

Maybe someone can enlighten me on why banks feel the need to reinvent the wheel. We have SSL. We have EV SSL certificates. SSL has been proven to work. Why do banks make sites that depend on Javascript, specific browsers, and bulky calculator-like devices that fit oh-so-easily in your wallet?

Of course, its their response to keyloggers and phishing emails. However, I don’t have a virus-ridden Windows box, nor do I believe the scams that drop into my inbox every day. I don’t see why I should have to waste time because someone couldn’t be bothered to sniff the user agent, display a warning or actually test some Javascript which was designed to safeguard users who’ll type their bank details into anything and open any attachment without a second thought. (Should people who pose such a security risk to their own account even be given internet banking?)

In fact, I don’t think the bank has any reason to need my email address at all, but it doesn’t stop MBNA sending official advertising emails from suspicious looking email addresses, with links to URLs that look equalling fishy. When you have real banks sending out these phishy emails, no wonder Joe Consumer falls for scam ones. (For the record MBNA didn’t reply when I emailed them asking why they engage in this practice.)

Something that’s been bugging me for a while is that when I updated my Wordpress install (using svn), file uploads ceased to work. Attempting to upload a file resulted in the message “An error occurred in the upload. Please try again later.”.

It seems that the latest Wordpress uses Flash to show a progress bar during the upload. This site details many possible solutions, but the easiest one that’s guaranteed to work is downloading the No-Flash-Uploader plugin. Simply drop it in your wp-content/plugins folder, then activate it in the Dashboard, and your uploads are fixed.

Having just put Windows XP back (in a dual boot configuration) I wanted to share the password manager that I have in the KDE system tray with Windows. I looked on the internet, and the only thing that has been ported is the pwmanager_dump program. However, combined with some the Windows ext2 driver, GNUWin32 tools (grep, awk, xargs etc) and a program that copies its command-line argument to the Windows clipboard, I have a hacked-up working pwmanager that syncs with linux.

I’m not 100% certain, but I think all of the tools I use are under the GPL, except for CopytoClipboard.exe, whose license I do not know. To get it to work, simply edit the first line of the bat file to point to your pwd file - of course you’ll have used the Windows ext2 driver to mount your linux partition to a Windows drive letter.

PwManager in Windows

Whilst I’m not one to cover a news story that’s already been covered elsewhere, TorrentFreak has a priceless quote from Virgin Media’s CEO: “This net neutrality thing is a load of bollocks”.

Virgin seem to have no problems in admitting that they are throttling sites that do not pay Virgin extra cash, despite the fact that these sites have already paid their own hosting providers.Read the full story here, and if you’re a customer, ring up, moan and consider switching

Lately people have been telling me about emails that I never received. A quick analysis reveals that these ended up in my Trash folder - meaning that SpamAssassin gave them a high spam rating.

After delving into Perl and examining Hotmail’s mail headers, it seems that Hotmail recently changed the structure of their headers (probably with the merge with Windows Live Mail), and as such the characteristic header style that SpamAssassin expects from Hotmail’s SMTP servers isn’t found, and it thinks that its a spammer is pretending to be hotmail.

Luckily, SpamAssassin 3.2.x has a new FORGED_HOTMAIL_RCVD2 header with the new hotmail header structure defined. But this version isn’t available in the stable Debian Etch. Version 3.2.x is, however, in the Debian Lenny repository, and being all Perl, installs and runs fine on Etch with no extra dependancies. All of your settings from Etch’s SA will still work (or at least they did for me).

To upgrade, simply type the following from a root console (The old version of SA will be removed automatically):
wget http://ftp.uk.debian.org/debian/pool/main/s/spamassassin/spamassassin_3.2.3-1_all.deb
dpkg -i spamassassin_3.2.3-1_all.deb


If you haven’t discovered the joys of Debian, I’m sure you can find a SpamAssassin 3.2.x package for your distro if you hunt hard enough.

I found the new version to be slightly slower, but more accurate, than the old version.

I have discovered a most annoying bug with Microsoft Publisher 2000’s BorderArt feature.

It all started when I was making a poster for dad on his Windows XP PC, using his version of Publisher 2000, the Office afterthought desktop publishing application. All of a sudden, dad’s PC rebooted instantly. That is to say it went straight from working to BIOS, with no errors and no visible shutdown sequence. Thinking it was probably a rural power blip, I just reloaded Publisher and remade the poster I had lost. However, by the third instant reboot, I began to see a pattern emerge, and tested it a final time to get some proof.

Dad has virtually all Office settings on the default for Office 2000 Small Business Edition, and rarely ventures outside of Thunderbird, Firefox, Word and Publisher. He never even got round to working out what Excel does. In Publisher, If you make a rectangle shape, then click Format, Line/Border Style, More Styles…, a dialog box will appear.

In the BorderArt tab, you can select one of many tacky picture borders for your rectangle.

Except on dad’s PC, once you scroll about two-thirds of the way down the list of possible BorderArt types, the PC will instantly reboot as if you’ve hit the reset button. No errors, no blue screen of death (thanks to SP2 suppressing one maybe), nothing.

Unfortunately I cannot do more extensive testing because the reboots are very annoying, and because I don’t have a pile of Windows boxes around to test on. However, I would be very interested to hear if this has happened to anybody else, and into any insights and possible fixes would be much appreciated.