Technorama

Time is displayed word wrapped over two lines.

Replacement bus services are displayed for journeys that you are not on.

There's no way to check arrival time of a train I am travelling on.

I've noticed that most developers dont put in a retry function in software. What do I mean by this? Well, we use mobile devices and WiFi where connectivity is not constant. For a user experience, what should app do to compensate for?

* first attempt at sending email fails
* meetup RSVP fails first attempt
* app download fails first time.
* WiFi connection is lost while router restarts

Most software just gives up with strange error messages. Gmail app is good in that it retries for a few min.

Its easy to do retry... So developers, please take more care, implement retry mechanism.

Internet of things

We're not ready, everything is often insecure, full of defects, and doesn't automatically update when fixes for new flaws are rolled out.

How many devices still have old BASH? Or use SSL3.0 ? Or old openssl? My LG TV now crashes while changing channel (I did the firmware update it suggested). LG TVs want to do firmware update and re-tune around twice a month.

Products need 30 year software updates.

Software is usually only ever ran under good conditions:  1) known, expected inputs. 2) Expected available memory, files and connections. Software is not tested with 3) Bad inputs, 4) missing files, memory or network connections.

Commercial companies take open-source products like openssl that are maintained by hobbyists, and put in enterprise commercial grade products. Actually they are simply not ready. Most probably have not had static code analysis, a code audit, a security audit. test cases (including exploit vulnerability test cases) developed to confirm is safe. Without these reports there isn't confidence!

Open source presents a huge opportunity for a company to step up, audit, and offer patches to introduce hardened features from the results of static analysis, CERT compliance etc.

UTF8 is a cute way of storing compact international language files. If they are Latin based, they will be small. It utilises a variable length byte encoding for each real uncompressed character, 1, 2, 3, 4 bytes large

The problem is that software which needs to use the uncompressed character, if you say, want to insert an 'A' character, must decode them all, and must read the memory of every byte to know how much memory to allocate. Either you read the whole string once to determine the number of characters (and bytes) or you have some kind of buffered interface container abstracted behind it. Alternatively, you do UTF8 -> UTF32 and then process in that way.

How to handle the problem where there is not space to copy all 4 bytes? Software needs to carefully work back and NUL terminate before that last 2, 3 or 4 byte encoded character.

For simplicity, I would favour UTF32LE, and then just compress the stream using gzip etc if network bandwidth is an issue. This would allow software to always operate on UTF32

UTF16 is slightly simpler than UTF8, but of course, UTF16 is also a variable length format, also requiring surrogate pairs (e.g. Musical symbol G-clef). Of cause, UTF16 and UTF32 are then either Little Endian, or Big Endian, that should be

Are the memory savings worth the complexity and CPU performance needed to manage them?

However, life is simpler now we have one encoding. http://utf8everywhere.org/
Although a lot of Windows webservers still serve UTF8 files incorrectly as Windows 1251 encoding.

Microsoft APIs are botched, they have UTF16 versions and Latin versions. Writing unicode apps on windows is a frustration.

I've just received a letter from my credit card provider. They are going to issue me a new card and CCV because they received a notification from Mastercard or VISA. The notification from Mastercard or VISA only provided the account number, not what actually happened in the incident.

Possibly this is related to HomeDepot tills which were cracked and had malware installed that logged card details.

The cost to me is that I need to go through all my online payments, and add a new card. In some cases I need to wait for the test transaction that confirms this is my card. For the ones that I don't update, I will get notifications of failed payments, perhaps even on my credit record that I did not make the payment, this is a disappointment, as it is not my fault.

This incident will cost me around £100 of my time. Who is going to reimburse me.

Who is at fault?

* Interconnected services such as checkout tills which distil, and enrich massive qualities of personal account details into a single point of failure.
* The manufacturer of the checkout tills which were not developed correctly (software security, physical security).
* Staff training (physical security)
* Management oversight, human error.
* External software and hardware quality audit.
* HomeDepot incident response team.
* The crackers who actually exploit these loopholes in security.

Conclusions:
* While there is poverty and lack of education in the world, there will always be crackers and scammers.
* interconnected services may save money upfront, however, when done poorly, and not constantly carefully managed, will cost each credit card user £100 when they cards need to be re-issued.
* Using cash is also risky, can still be mugged.

Actions:
* VISA and Mastercard should claim back £100 per card number from every vendor that has a security breach and pass that on to the consumers affected.
* Consumers - remember to scrub off your CCV, and memorise it. Mastercard and VISA should stop printing it on the back of the card in the first place!

Ref



In Aviation and Automotive we have strict ISO Functional Safety and Quality standards. Why does commerce not have the same?

Need an easy way to report defects
Every website or app should have defect report button
Leverage the user input.. :)

Website or app developers can then upstream any bug reports that are due to library or other issues.

Enfranchise users.

I've written this after recent correspondence with the NHS.

Within a large organisation you'll get a lot of correspondence come in to your response centre. Its important to have an efficient procedure of management of such correspondence. Staff must be trained. Supervisors must make spot checks. Of course there should be a complaints department too.

Eg.

1. Email recieved.
2. Staff process, if they can give clear response do so. Also offer to look again if any further queries.
3. Staff dont know the answer, but know the team that does. Either provide full contact details. Name. address. Phone number. Email. If r even better, provide and email them with reporter on CC.
4. Dont know answer. Esclate to line manager. Inform reporter.
5. Reporter not satisfied with response. Offer them complaint handling guide. Explain how they can open a complaint.
6. Complaint opended. Provide complaint ref and handler name.
7. Investigate complaint
8. Offer training to staff if 5 is genuine.

Observations of problems at Chiltern operated London Marylebone. This is my opinion based on having doors closed on me and seeing others suffer the same - as a health and safety issue.

Passengers get train doors closed on them because trains observed depart early.
The 08:48 service typically leaves from platform 5. This is two min fast walk from display board. Display shows until 08:46, and is then taken off. Sadly dispatch crew signal the driver to close doors at 08:47.30. This leaves bewildered passengers on the platform and/or having the doors closed on them while the staff wave the train out one minute early.

Here's a novel idea, what Chiltern should do is advertise the time the doors will close if that is 08:47, that should be the time published on the board. Not the time it is already driving out the station 08:48.

Spoke to London Travel Watch, they didn't appear to understand the problems or want to get involved. I'm unclear if they have done anything. Disappointing response.

Other problems:
The automatic tickets machines are frequently broken. Staff at the customer servuce centre (including station manager) seem completely resigned to the problems. Chiltern should have signed an adequate service commitment with the provider.

11 March 2015 three of the four ATM are out of order. Chiltern should have signed an adequate service commitment agreement with the ATM providers. This mistake costs passengers lots of queuing time.

Chiltern, can you up your game? Support your staff in the station with the tools to give great customer service and satisfaction levels.