March 2024
Pupdate
March continued the succession of Atlantic weather front based wet and wind that’s been going on since mid October; but… it’s been warm enough for the coats stay off, at least some days.
Damian Lewis
I’ve loved just about everything I’ve seen Damian Lewis in, particularly Billions; so (despite his crooning of the National Anthem at Silverstone F1 last year) when the chance came up to see him with his band I was straight onto the booking page.
His stage presence was exactly what I expected after seeing him on chat shows, and he and the band put on a good fun show.
Rick Wakeman
I neglected to include this in my Feb post, but I also got to see Rick Wakeman at Trading Boundaries. He put on a virtuoso demonstration of keyboard playing. Perhaps my favourite bit was when he played various nursery rhymes in the style of different comedians – he’s a musical genius.
AI workshops
Last month I described AI as the bubbliest bubble I’ve ever seen, but that doesn’t mean I’m not interested in learning more about what the tools can achieve. So I attended a couple of workshops at Google’s London office.
Duet
The re-brand of all AI Googley things to ‘Gemini’ hadn’t quite rolled into their coding assistant, so we were still calling it Duet at the start of the month.
My main takeaway is that it’s possible to create a lot of mundane stuff very quickly. One concern that emerges is you can create a lot of code you might not understand, but that can quickly be batted back with ‘get the AI to explain the code to you’, which it can do – if you actually care.
Just as AI is a spammers delight for ‘content’, it seems that it’s now possible to create run of the mill websites and apps in enormous volume at great speed. This is probably not a tremendous thing in the (limited) attention economy.
The first thing I asked Duet was ‘what’s the latest version of the Go programming language?’ to which it replied 1.19.2. I subsequently asked ‘what’s the latest version of the Dart programming language?’, which got me 2.17. Coffee break chat touched on the ‘Stack Overflow problem’ of things being right at some past point in time, but no longer correct in current practice.
I can see how such assistants are useful for certain types of programming related work, but I’ve yet to see anything that’s particularly helpful for the challenges I personally face day to day.
Gemma
Gemma is the suite of open models that complements Gemini based services and allows people to build things that incorporate a model locally.
Much of the workshop was spent explaining why it’s an open model rather than open source, and agonising over the safety versus openness arguments.
But we did get to the fun stuff eventually, with a demo of an AI powered word game that could be run standalone on a laptop (without needing Internet connectivity). It was simultaneously impressive and underwhelming – the tech holds so much promise, but even fairly trivial demos can end up revealing weaknesses.
Monkigras
I’ve been going to RedMonk founder James Governor’s Monkigras since the beginning, so it was great to see it back after a long (not entirely to do with the pandemic) break.
The theme was (of course) AI with ‘prompting craft’, and James did an amazing job of bringing together a lineup of speakers with unique insights on the topic. Here’s the main takeaways I noted down:
- We’re quickly evolving past the point of large language models (LLMs) being used standalone into an environment where they’re glued into more complex workflows. The ‘mash-up’ is back, and there’s a bunch of new tools like LangChain and Griptape to help things along.
- Retrieval-augmented generation (RAG) is the present hotness, and inserting knowledge graphs into queries looks especially promising.
- Most applications of LLMs benefit from a process that Google’s Zack Akil calls IVO – Immediately Validate Output; meaning that the output generated by the model is immediately validated (and corrected) by a human expert before it gets in front of an end user. The example he showed of translating indecipherable (to a layperson) medical terminology into plain language was super quick, but clearly something that needed a doctor to click the ‘looks good to me’ button before getting to a patient.
- ‘AI skill risk’ is distorting the incentive structures within organisations – another complicating factor in office politics and the relationship between workers and management.
- The current ‘chat’ interface to most models doesn’t provide much in the way of user interface affordances – those little clues we get about what we’re supposed to do next. So we can expect a Cambrian explosion in new ways to interact.
- Asking a model for its reasoning can help give it an ‘internal monologue’ that improves the quality of output.
Lastly, and perhaps most importantly, there’s ‘no magic’. LLM based systems may not be deterministic in the way that we’re accustomed to with regular computer programs; but we can still reason about such systems, and scratch deep enough and there’s just applied statistics and a LOT of matric multiplication.
Podcasts
Nick and I have been recording a fresh season of Tech Debt Burndown, along with a special mini series; but I’ve also spent some time as a guest on other people’s podcasts.
- DevHops – Unpacking Leadership
- Ship It! – Scoring your project’s security
There’s also an episode of Nerding out with Viktor in the can that I hope will drop soon.
Plumbing
I got up one morning to a cold house. It didn’t take long to figure out that the central heating pump had broken. It had done OK (much better than its predecessor), lasting around 15y.
Worse was to follow though, as I cleared the way for the heating engineer I noticed a leak from the central heating/hot water diverter valve.
I have a Corgi insurance policy, which got an engineer the next day, but he was only able to fix the pump, which at least got the heating going again (which in turn made the leak less bad). He reckoned that replacing the valve would first mean draining and removing the tank – a lot of time consuming work.
After a bit of chasing, and another call out fee, and a visit to see the job, and a bit more chasing; a second engineer came to replace the leaking valve, which he managed without having to tear the whole system apart.
Turbo trouble
When we got the new Mini last September I decided to hang onto our Volvo, at least for a bit, as it’s not worth much given its age and miles, but still in nice condition. I’d also spent a bundle on it over the summer to get various things fixed. Sadly it’s been playing up again. On a short local trip it went into ‘limp mode’, meaning vastly less power from the engine due to no turbo. It reset when stopped, but would start limping again after any hard acceleration or big hills to climb.
I got hold of a code reader that threw up P0299 ‘Turbo underboost’, and with nothing obvious that I could fix it was off to the garage. They eventually tracked things down to a broken sensor – one that fails so frequently that they had one in stock. It’s behaving itself again now, but I wonder if it’s time for it to go, especially as we’ll shortly have $daughter0’s Mini back on the drive whilst she’s doing her industrial placement year.
Solar Diary
Despite the clouds and wet weather this March was actually better than last year.
Filed under: monthly_update | Leave a Comment
Tags: AI, Corgi, dachshund, Damian Lewis, Duet, Gemma, heating, leak, LLM, Monkigras, plumbing, podcast, prompt, pump, pupdate, Rick Wakeman, solar, turbo, Volvo
Just like Red Team Blues, ‘The Bezzle‘ is a book that I could have easily devoured in one sitting – if I didn’t have a job. As things were, I got through it in a matter of days.
Confession – I parked ‘The Lost Cause‘ so I could get back to Marty’s adventures. It was so worth it, another romp through the stuff that Cory writes about on his Pluralistic blog, with characters and scene setting to bring it to life. The prison industrial complex, private equity and tax audits – that may not sound like material for a gripping thriller; but it was, as the cons and corruption, the human greed behind that, and the frailty it brings all provide ample fodder for some great storytelling.
(Not for the first time) I get the feeling that if Cory had picked the spreadsheet over the word processor, he might have been a forensic accountant like Marty Hench.
It was gratifying to see my name in the acknowledgements along with other reviewers of Red Team Blues, and I can’t wait for the next installment Picks and Shovels.
Filed under: review | Leave a Comment
Tags: Cory Doctorow, review, The Bezzle
Ross Anderson RIP
I saw the sad news yesterday, via Alec Muffett that Ross Anderson had passed, which is an enormous loss the the IT security community (and the industry more widely).
I didn’t know Ross very well, so the obituary from his friend and colleague Prof Bill Buchanan OBE provides a much better summary of his work and impact. What follows are just a few personal reflections.
Ross did a great deal to shape my work and my career path, and I’m thankful that I got to meet him a few times along the way. I’ve previously described ‘Security Engineering‘ as “the bible of infosec”, and through that work Ross was impacting the world I worked in before I ever heard his name.
I got to meet Ross for the first time at one of his Workshops on the Economics of Information Security (WEIS). That series of workshops came about from Ross’s prodigious talent for picking up different lenses to look at the world of security through – in this case the lens of economics, leading to his seminal paper ‘Why Information Security is Hard – An Economic Perspective‘. My first encounter with Ross was a little prickly, as he had a huge distrust of banks, and by extension the people who worked for them; but I kept going back to WEIS, and over time our conversations became more collegiate*. My favourite memory of him was after WEIS 2010 in Cambridge MA where he invited anybody hanging around to join him for dinner, bringing together a wonderful slice of the community to talk shop over giant sushi boats. I wish I had a photo, as the happy relaxed Ross that evening was Ross at his best.
Through WEIS I got to know folk like Allan Friedman and Tyler Moore who are leading efforts to make us all more secure.
A few years back I found myself meeting a CISO for the first time and spotting a copy of Security Engineering on his bookshelf. I knew we’d get along just fine.
I’d hoped to see Ross again, and maybe chat to him about the Horizon scandal. I’d have also wanted him by my side as an expert witness if I ever got entangled in any legal trouble to do with computers. He’ll be sorely missed; though it’s a sign of the quality of his leadership that there are so many people that will continue his great work.
RIP Ross.
* After a conversation with Ross and Hal Varian about side channel attacks I recall thinking of an attack against pre-emptive execution in CPUs (like Meltdown or Spectre) which I dismissed at the time thinking the geniuses at Intel and Arm would have everything under control. Never assume – verify.
Filed under: security | 1 Comment
Tags: economics, infosec, RIP, Ross Anderson, security, WEIS
Today’s dose of doxorubicin marks the end of the third round of Milo’s second CHOP protocol. Each time I take him to the vets they ask how he’s doing, and I always answer “he’s doing really well”, because if he wasn’t there for chemo he’d seem like a fit and healthy young dog.
When he first had doxorubicin (which is the H in CHOP) we were told that he could only have 6 doses ever, but this was his 7th. That’s partly because dosing is lower for smaller dogs, but he also had a heart scan so that the vet could be confident that there’s no problem there from earlier treatment.
Counting the cost
So far this insurance year we’ve spent just shy of £6000 on scans then chemo, leaving £1000, which won’t quite cover the final round of chemo. It’s a similar story to first time around last year, but without the diagnostics it took to get us to the oncologist.
Insurance
After nothing happening for months (and numerous ‘Update on your claim’ and ‘About your claim’ and ‘A quick update from ManyPets’ emails that conveyed no useful information*) I saw a bunch of payments getting made today after I returned from the vets. We’re almost up to date now, apart from the last scan at my local vets, and the last trip to NDSR, which total a little over £1000 from 8 weeks ago. Frustratingly on one of those they’re asking for more information from the vet, after having already asked weeks ago and marked it as received in the claim tracker.
* They don’t even say which claim unless you click through to the web site :/
Past parts:
Filed under: MiloCancerDiary, Uncategorized | Leave a Comment
Tags: cancer, chemo, chemotherapy, CHOP, cystitis, dachshund, doxorubicin, insurance, lymphoma, ManyPets, scan
February 2024
Pupdate
It’s been something like the wettest February on record, which has somewhat curtailed long walks :( But the boys have still enjoyed getting out and about even if it’s meant washing their fleece coats every few days to clear off all the mud.
State of Open Conference
I’ve noticed a bunch of friends getting involved in Open UK “The UK organisation for the business of Open Technology”, so I submitted a talk for State of Open Conference 24 (SOOCon24) that was thankfully accepted.
The event was a really good gathering of the clan, and a chance to catch up with old friends and meet some interesting new folk.
Lots of the international speakers and attendees were passing through London on their way back from FOSDEM, so despite the UK focus there was a global flavour to the event.
OpenSSF Meetup
With a sizable contingent of Open Source Security Foundation (OpenSSF) people in town it provided an opportunity for the first OpenSSF London Meetup. It was great to see some of the tremendous work being done by the community, and have a chance to chat to folk about it over beer and pizza.
I sold all my tech stock
AI is the bubbliest bubble I’ve ever seen, and I’ve been paying attention to the tech market for over 40y now.
I’ve had a standalone post rattling around in my head for a few weeks, but there’s really nothing I could add to Tim Bray’s excellent ‘Money Bubble‘.
My biggest frustration is that the pursuit of AI rainbow ponies seems to have stopped work on some of the more mundane (but really serious) things that need to be done.
My biggest concern is the environmental impact. Those billions that are being poured into AI are using a significant chunk of fabrication capacity, energy and fresh water; and I’m not convinced that the return on ‘investment’ is clear.
Yocto
One of Atsign’s potential customers builds their stuff with Yocto Linux, so I’ve been taking a look at what’s involved in getting our stuff into an image.
It’s not an embedded Linux distribution,
https://www.yoctoproject.org/
it creates a custom one for you.
The M920q that I added to my home lab last month has been getting some proper work to do. My initial build of ‘Poky’ took around two hours, and had the fans spinning hard most of the way through. That machine has now been hidden away in a place where I can’t hear it.
I’m finding Yocto even more complex than OpenWRT (or LibreELEC), but I’m already seeing the benefit of super fast rebuilds for minor changes.
Bye bye Bennetts
I’ve used Bennetts for motorcycle insurance for pretty much the whole time I’ve been riding bikes, which is over 30y now; so my heart sank when (after getting an email saying my renewal quote was on its way) I got a letter saying they ‘needed more information’ before they could provide a renewal quote.
That turned out to be pretty disingenuous. They didn’t need more information. The actual problem is that their underwriters for multi-bike policies aren’t working with them any more, and so they can’t renew my policy. The quote for the CB1000 and Vespa separately was (of course) ridiculous.
Swinton still are doing multi-bike, and although I couldn’t get an online quote the call centre process was quick and painless (and was able to use info I’d filled in online for the main bike).
Root canal
Root canal has a bad reputation, it will probably be less bad than what we’ve just done.
My dentist Kevin
Kevin was right. The root canal work was less traumatic than cutting off a crown and dealing with what had happened underneath it. The worst part is it’s left me with a fat lip (and an ulcer) where the rubber dam was in contact.
Solar diary
A wet month also meant a cloudy month, so rather than 3.5% more solar for the extra leap year day there was almost 25% less :(
Beating Beat Saber
No fresh full combos, but I’ve been loving some of the new tracks in OST 6, and Lindsey Sterling’s ‘Heavyweight’ has turned into a real ear worm for me.
Filed under: monthly_update | Leave a Comment
Tags: AI, Beat Saber, Bennetts, bubble, dachshund, dentist, home lab, insurance, Linux, motorbike, motorcycle, open source, OpenSSF, pupdate, root canal, security, solar, SOOCon24, Yocto
TL;DR
pymarkdownlnt provides an easy way of checking that any Markdown you’re working on is complying to some sensible guidelines. If you’re comfortable with Python virtual environments you won’t really need the rest of this post.
Why?
I’ve spent a bunch of time recently adding OpenSSF Scorecards to the key Atsign repos.
Build better security habits, one test at a time
https://securityscorecards.dev/
When it came to the docs repos I needed some way of testing them, and checking the Markdown against a set of lints seemed like a sensible way of doing things.
Yak shave 1 – newer Python
The WSL2 environment I use day to day is Ubuntu 20.04. I should probably have bumped it to 22.04 ages ago, but given that 24.04 is weeks away…
Ubuntu 20.04 carries Python 3.8 as the system Python. Not too old for pymarkdownlnt, but also not ideal. I generally like to be using the latest stable release, which is now 3.12. Thankfully it’s pretty easy to install newer Python alongside the system one using the deadsnakes repo:
sudo add-apt-repository ppa:deadsnakes/ppa
sudo apt update
sudo apt install python3.12Yak shave 2 – Python virtual environment
I could have just run pip3 install pymarkdownlnt but there’s now an increasing awareness that installing Python packages with the system package manager isn’t a good idea. Newer distros like Debian 12 and Raspberry Pi OS ‘Bookworm’ prevent the use of pip. Lots of people find this annoying, but breaking system packages by installing never versions of their dependencies that don’t work is also annoying. After many years of avoiding virtual environments (venvs) it seems like it’s time to get with the programme.
I created a venv for the linter with:
python3 -m venv ~/python/venvs/pymarkdownlntInstalling pymarkdownlnt into the venv
First the venv needs to be activated:
. ~/python/venvs/pymarkdownlnt/bin/activateand then the linter can be installed.
pip install pymarkdownlntSide quest – using uv for venvs and pip
uv is a shiny new (released yesterday) tool from Astral. I’ve been using their ruff linter for Python, and it’s impressively quick.
With uv installed I could repeat the process above, with a few more keystrokes and a bit less waiting:
uv venv ~/python/venvs/pymarkdownlnt -p python3.12
. ~/python/venvs/pymarkdownlnt/bin/activate
uv pip install pymarkdownlntNow I can lint some Markdown
Whenever I want to check some Markdown all I need to do is activate my pymarkdownlnt venv and run the linter against my file:
pymarkdownlnt scan somefile.mdAutomating lint checks with GitHub Actions
It’s nice that I’m able to check stuff before committing it. But what I really want is to stop badly formed Markdown from getting into repos in the first place. That’s done with a GitHub Actions workflow pymarkdownlnt.yml.
The key section is:
- name: Install and run linter
run: |-
python3 -m pip install --require-hashes \
-r tools/requirements.txt
pymarkdownlnt -d MD013,MD024 scan */*.mdThis installs pymarkdownlnt from a requirements.txt file where I have the package hashes pinned (to keep the scorecard happy), and then runs the linter against all Markdown files in the repo.
In this case a couple of rules are being suppressed as we have some tables with (unavoidably) very long lines, and the functionality to set siblings_only doesn’t seem to work as it should.
Update
I’ve added pragmas above the offending lines in the various files that must have long lines, so no need to exclude MD013 any more. This is good, as it will now catch new files that have long lines that don’t need them.
I also opened an issue about the problems I was having with setting siblings_only for MD024. Meanwhile I’ve modified the workflow thus:
- name: Install and run linter
run: |-
python3 -m pip install --require-hashes \
-r tools/requirements.txt
pymarkdownlnt -c tools/pymarkdownlnt.conf \
scan */*.mdto use a config file tools/pymarkdownlnt.conf:
{"plugins": {"md024": {"siblings_only": True}}}Filed under: howto | Leave a Comment
Tags: Actions, github, lint, lints, Markdown, Pip, pymarkdown, pymarkdownlnt, python, scorecard, Ubuntu, uv, venv, venvs, virtual environment
After last year’s trip to The Three Valleys we decided on trying somewhere new again, and Espace Killy (the area that encompasses Val d’Isere and Tignes) came out of the sorting hat.
Inghams again
Having had a good experience with Inghams last year they were the first place I looked, and whilst I checked out the competition Inghams seemed to have the edge on customer feedback and price.
Hotel & Spa Le Savoie was a little pricier than some other options, but had consistently better feedback. I paid a little extra to upgrade to a suite, which turned out nicely as it gave my daughter and I our own private space for the week. My one concern was a message on the booking site that stated there might be a charge for under-occupancy (as the suite could accommodate four people), but that turned out not to be an issue (perhaps as we were visiting on a less busy week).
Food
The food at Le Savoie was exceptionally good. Each evening (apart from staff break day on Wednesday) offered a six course menu of amuse bouche, starter, main, dessert, cheese and petit fours. We very rarely had space for everything.
The dinners were comparable to some of my favourite restaurants at home, and they managed to come up with an interesting new menu every night that always had appealing choices.
Afternoon tea at 1600 each day combined with ample breakfasts meant there was no need to stop for lunch. Complimentary wine with dinner also meant we weren’t spending at local bars.
The Inghams team at the hotel were brilliant, delivering friendly service throughout our stay. Kudos to the Inghams managers on hiring, retaining and creating such a positive culture.
& no spa
Whilst waiting for the outbound flight I got an email from Holly at Inghams to say that the hotel spa facilities would be out of action for the week. This was disappointing but not devastating – I’d picked the hotel for the food, and thought that maybe the spa would be a nice way to relax after skiing.
We were given free access to the local Aquasports Centre, which was pleasant enough for the one afternoon that we visited.
Chambery – still awful, but not so bad this time
Last year I described Chambery airport as ‘best avoided’ and I’ll stand by that. Sadly there wasn’t an option to fly elsewhere, so we ended up on pretty much the same flights as last time.
This time was better, with the inbound flight on time, and no particular delays getting out of the airport. Sadly the bus to Val took about 2h longer than planned due to horrendous traffic delays. At least the hotel was still serving dinner when we arrived.
Location
Le Savoie is a 5m walk from the piste. There’s a bus option, but we never bothered. Walking up the hill in our Xnowmate boots wasn’t much trouble (and got us warmed up ahead of the first lift).
Everything else was super convenient, with a supermarket next door, and ski hire next to that.
Equipment
Once again we went for ski hire and lift passes together with Inghams as there was a discount, and once again we went with the Black package.
The pickup experience was a bit slow, and they weren’t interested in which skis I’d liked before. I never heard ‘come back if there’s anything you don’t like’. I was given Salomon boots, which were comfortable, and a pair of Völkl Deacon 80s which were OK but don’t make it to my good skis list.
Ski Tracks
I’d noticed a discrepancy between the speed shown on my Apple Watch and the app on my phone. After putting in a 71.4mph run I tried to screenshot the watch display. This turned out to be a mistake. Several attempts failed to get me a screenshot, but eventually I reset the watch, which meant I lost that morning’s data :(
Next time around I took the more analogue approach of just taking a picture of the watch (above) with my phone. That track gets reported as 69.1mph in the phone app:
I suspect this is because the apps average speed over different time sample sizes, but it’s a disappointing lack of consistency.
The skiing
At 300km the area is about half the size of The Three Valleys, and it certainly felt easier to get around the whole place.
After a too long wait first time on the Olympique we took to using the Bellevarde Express and Loyes chairs to get up and over. It was then a quick run down to Tommeuses to get over to Tignes.
On the Val d’Isere side it felt like there was a fair bit of under-grading with blues that might be reds elsewhere, and some reds that might be blacks. Though I did notice that some older maps showed some runs as reds where they’re now marked as black.
It was the opposite story on the Tignes side, with a lot of Blacks that weren’t particularly steep or technical. This was a good thing, as the ‘Piste Très Difficile’ signs kept the traffic away.
Best of the Blacks
The various runs feeding into Johan Clarey provided reliable smiles, and we’d frequently run Crocus and Cretes on repeat, alternating between the Toviere bubble lift and Paquis chair.
Sache provided a worthy target for one morning, and was really fun on sections, but a little slow and busy in places.
Descente from the top of La Grande Motte was a run that I’d liked to have repeated a few times, but the wait at the telecabin to get up there was too much – the juice wasn’t worth the squeeze :(
Pick of the Reds
On our way up to Sache the lift ran alongside a completely empty Cyclamen making us wonder if it was closed. It wasn’t, it was just nice and quiet, perfect for a high speed run :)
Ok from the top of the Marmottes lift also deserved a few repeats, and we were lucky to catch a quiet moment on our final run.
L became a favourite, and our pick for final run of the trip. Though possibly our first run was the best.
Beautiful Blues
On the way down from Grande Motte we ran Rabotch and enjoyed the solitude and views.
After an awful attempt at 3000 in poor light Leissieres provided some blessed relief. It’s a run that needs speed to be carried, and thankfully that was possible as all the traffic was on the adjacent Plan Millet.
Getting Home
The trip home felt much like a repeat of last year. A few hours of reasonably comfortable hanging around in the hotel lounge (mostly writing this post). An uneventful bus trip to the airport. Not much of a queue to check in, and then Chambery being the overcrowded zoo that it is when trying to handle all those extra charter flights.
Security was even worse than last year. My carry on ended up spread across 6 different trays, as they insisted on anything electrical/electronic being out on its own; and all shoes off, and my hoodie. It boggles my mind what sort of X-rays don’t go through a neoprene laptop sleeve? But that’s just one example of the overzealous silliness on display.
It’s not entirely clear if the problem is bad equipment, bad training, or some sort of sport winding up tourists; but Chambery’s security theatre is now 2 for 2 on the worst I’ve ever seen. The pilot even threw them under the bus (quite rightly) blaming our delayed departure on slow security.
Once we got going, the flight back to Gatwick was quick and uneventful, getting us in 45m late.
Conclusion
Val d’Isere deserves its reputation as a great place for advanced skiers, though most of the better slopes are on the Tignes side. I’d choose it again though just to stay at Le Savoie.
Filed under: travel | 1 Comment
Tags: Chambery, Espace Killy, Inghams, Le Savoie, Ski Tracks, skiing, skis, Tignes, Val d'Isere
January 2024
Pupdate
We’re now past the second cycle of Milo’s chemo, which is covered in a separate post – complications.
January brough a couple of cold but dry weeks, which has made it possible to go on longer walks without getting too muddy.
Skiing
A full report will follow. We’re now most of the way through a week in Val d’Isere, which has been excellent :)
Cross trainer repair
Shortly before Christmas my weekday workouts (or at least the TV watching during them) were being spoiled by a squeak. Previously a few drops of 3in1 oil have solved things, but not this time. After a bit of poking around the web I found ‘Elliptical Noise Troubleshooting‘, but that also didn’t fix it. Eventually I pinned the source of the noise down to the crank on my Horizon Fitness Andes 200. Thankfully it came off using a bicycle crank removal tool – something that’s been sat in my toolbox for decades unused.
A bit of rust cleanup, followed by reassembly and the squeak was gone. At least for a while, after a couple of weeks it was back. So this time I put a little silicone grease onto the parts, and got the torque wrench out for the securing bolt. My fingers are crossed that it will hum along for a few more years.
Home lab upgrade
I wrote in October about getting a Lenovo M720q as my main VMware machine, and I’ve been very happy with it. The one thing I’d change is that it doesn’t have any remote management. For that machine it doesn’t really matter, but for some other stuff I wanted to do it would be useful to have something like the ‘integrated lights out (iLO)’ capability that my old Gen8 HP Microservers came with.
I’ve now been able to pick up a (very reasonably priced) Lenovo M920q, which is pretty much identical to the M720q apart from having a chipset that supports Intel vPro. By enabling vPro and using Intel Manageability Commander I can now remotely control power, and get keyboard, video, mouse (KVM) access to the console. I’ve set it up to dual boot Windows 11 and Debian 12 so I now have a ‘bare metal’ system for testing various things.
Solar diary
The cold weeks did at least bring some sun. Though I’m not sure it will have made up for the extra electricity used running the heat pump in the evenings :/
Beating Beat Saber
Hardly any more Beat Saber this month, but (again) a lot of Gun Club VR. I completed all the achievements in the regular game, and I’ve now moved on to the S.W.A.T. DLC, which continues to serve up fresh fun.
Filed under: monthly_update | Leave a Comment
Tags: home lab, Intel vPro, lenovo, M920q, pupdate, repair, skiing, solar, vr
Today marks the anniversary of Milo’s first visit to the specialist oncologist at NDSR. I don’t think I expected to still have him with us a year ago, so it’s great that he’s here and generally enjoying life.
Since the last update:
- He’s completed the second round of his second CHOP protocol. So we’re half way along, and things get easier from here, with less frequent vet visits (fortnightly rather than weekly).
- ManyPets caught up with a months long backlog of insurance claims.
But, it’s not all been plain sailing. Milo seems to have been a little more susceptible to neutropenia than last time around, causing the specialist to recommend a reduced dose for his last vincristine injection. That did seem to work though, as his neutrophils were in decent shape for the doxorubicin a week later.
The complication that’s come along is cystitis. My local vet initially thought it might be a urinary tract infection (UTI), and he was getting antibiotics anyway for the neutropenia. But as soon as we saw the oncologist he said “it will be the cyclophosphamide”, so he’s now switched that out for chlorambucil and recommended some over the counter Cystease/Cystaid to help restore the bladder lining.
Past parts:
Filed under: MiloCancerDiary | Leave a Comment
Tags: cancer, chemo, chemotherapy, CHOP, cyclophosphamide, cystitis, lymphoma, neutropenia, neutrophils, UTI
Like most IT folk in the UK I’ve been aware of the Horizon scandal as it’s unfolded over the decades as a slow rolling train wreck ruining hundreds of lives.
The recent TV series Mr Bates vs The Post Office seems to have finally brought things to a head in terms of political attention, after far too many years of the victims being ignored. Sadly this shouldn’t be a surprise to anybody. To misquote Wilhoit’s law:
The British Establishment consists of exactly one proposition, to wit: There must be in-groups whom the law protects but does not bind, alongside out-groups whom the law binds but does not protect.
Computer Weekly has done an excellent job of covering the story and keeping receipts. I count 340 links to past articles in their ‘Post Office Horizon scandal explained: Everything you need to know‘. The most damning though is ‘Post Office tried to convince independent IT witness that he was wrong about Horizon‘. From the headline it’s a story about a powerful organisation leaning on an expert witness, but that buries the true importance of what happened.
Jason Coyne was hired as an expert witness for a case against Julie Wolstenholme, who was subpostmaster and one of the early victims of Horizon flaws back in 2001. Coyne’s findings (about the failings in Horizon) never made it to court because the Post Office chose to settle the case – with a payoff and confidentiality agreement. The Law Society Gazette’s coverage of the ongoing public inquiry doesn’t bury the lede – ‘Post Office lawyer wanted postmistress to ‘keep her mouth shut’‘.
This, for me, is the smoking gun, as it’s too often that the cover-up becomes more important to defend than the original (in)action. That payoff could only have been approved at the highest levels within the Post Office (almost certainly the CEO), which has to mean they were (painfully) aware of the Horizon issues, and choosing cover-up over fess-up.
I don’t yet see the public inquiry asking the most important question: “who approved the payment?”.
I caught a little of the inquiry live as I was washing the dishes earlier in the week. They were grilling one of the Post Office ‘inspectors’ Stephen Bradshaw, who came across as somebody with all the wit, charm and subtlety of a bailiff serving an eviction notice as he trotted out various versions of ‘I was a lowly foot soldier just following orders’. No doubt he’ll walk away from it all with his share of the blame and his share of the shame.
But that brings me back to the misquote above. The inquiry is another tool of the establishment, and if its purpose is to spread the blame and shame to the Bradshaws that pass through it, then that’s letting those that gave the orders off the hook. Bradshaw and the lawyers he tried to pass the buck to were working in a rotten culture, and that rot all traces back to the cover-up and everything done to perpetrate it and protect it.
Which brings us to the confidentially agreement, or Non Disclosure Agreement (NDA) as they’re commonly called. I can’t remember the number of NDAs I’ve signed over the years. They’ve become very much part of business as usual, and I totally acknowledge their usefulness in protecting business secrets, whether that’s a (new) way of doing something, or proprietary/sensitive data. What I can remember are the times I’ve refused to sign NDAs, or written NOT ACCEPTED into the box. Such things have become a too common part of the badging in process for US tech firms (like click through end user license agreements), and are in my mind entirely unacceptable as there’s no time for proper reading, never mind review by a legal advisor.
What I can vividly remember are the few occasions I’ve signed an NDA in the full knowledge that I was selling my silence. Such things are tools of oppression, wielded by the rich and powerful against individuals without the means to fight back. Such things are used to silence the voices that would otherwise speak out about the malfeasance of individuals, corporations and government agencies. They’re also very effective at blocking collective action. If an individual can’t speak on a topic then they can’t rally others, or join a group.
The (mis)use of NDAs to silence illegal behaviour was a feature of the #MeToo movement, and particularly Harvey Weinstein’s trial. One sad truth that emerged was that he got away with it for so long because after abusing people he was then able to further bully them through the threat of legal action. It seems the same is true for the Post Office (and their executives). This raises the thorny question of whether an NDA is even enforceable when used to cover up crimes, a topic covered (in relegation to the Epstein case) in ‘Why nondisclosure agreements may not be enforceable‘:
In general, the bottom line is: If a contract is specifically about something illegal, that contract cannot be enforced. (For example, an NDA that gives you $1 million in exchange for promising to keep quiet about a murder is clearly void, since it’s against public policy to cover up murder.) As such, any contract that involves illegal activities, including an NDA clause in a contract, would not necessarily stop someone from testifying about the illegal conduct to which the contract refers.
From the same piece:
Especially given the current climate, many judges are unlikely to look kindly upon NDAs that may apply to unsavory or wrongful behavior, as opposed to legitimate purposes such as the protection of confidential data.
So, if you’re an employer, you’d be well advised to refocus on proper risk management and training, to prevent problems from happening in the first instance… Don’t think for a moment that you’ll be able to escape liability by silencing witnesses under an NDA. And it’s a good idea to conduct business by the New York Times rule: Namely, if you wouldn’t want to see something on the front page of the New York Times, then don’t do it.
This sadly is a very US perspective on the matter. I fear that the London Times rule goes something more like “if you wouldn’t want to see something on the front page of The Times, then make sure you have a good libel lawyer on retainer”.
It’s good to see the sub-postmasters might finally get some of the justice and recompence they deserve. But what’s even better is this might be a turning point for the relationship between British people and State power. I get a sense that Mr Bates vs The Post Office might have the scales falling from people’s eyes. “If they did that to hundreds of people who were pillars of their community then what else is going on?”, is a question being asked across the country. It’s a good question, and it’s going to need a robust political response that goes way beyond exonerations and compensation.
Updates
17 Jan 2024 – this topic came up in today’s Prime Minister’s Questions. I wasn’t able to catch the name of the Conservative MP asking the question (over the background jeering), but it was good to hear her vociferously arguing for NDAs being stripped from settlement agreements. The PM’s response seemed to suggest that there’s already some political momentum on the issue.
22 Jan 2024 – Dave Farley has published an excellent video ‘Developers Blamed For The Post Office Horizon Scandal?‘ looking at the technical aspects of the Horizon system and its development, and asking what sort of duty of care developers (and those hiring them) have for the people using their software.
26 Jan 2024 – Returning to last week’s PMQs I can now see them in Hansard, and the question referred to above was asked by Dame Maria Miller (Con).
It is against the law to silence victims of crime, but that is exactly what the Post Office did through the use of non-disclosure agreements, and this is just the most recent case of NDAs covering up mismanagement, misconduct and even crimes at work. Will my right hon. Friend the Prime Minister consider banning their use in all severance agreements once and for all?
and the PM’s response:
My right hon. Friend is right to raise an important point. The ability to speak out about things is key to unlocking justice. While NDAs can have a place—and my right hon. Friend is right to say that they should not be used to stop victims of crime in particular getting the justice they deserve—I can tell her that the Ministry of Justice is carefully considering how best to address this issue, including the use of legislation, and I know that my right hon. and learned Friend the Justice Secretary will keep the House updated on further progress.
Filed under: politics | Leave a Comment
Tags: cover-up, establishment, Horizon, lawfare, Mr Bates, NDA, Post Office, public inquiry, scandal
Chris Swan's Weblog 