A rough transcript of Richard Clayton’s BBC interview

Dr. Richard Clayton from the University of Cambridge (who writes for the very good Light Blue Touchpaper site) was interviewed for the Pods and Blogs podcast on the 18th December 2007 in the wake of the massive data loss at the end of last year. He had some harsh words to say (this is the same Dr. Richard Clayton who signed a joint letter to Parliament’s Joint Committee on Human Rights).

This is only a very rough transcript, and is only word-for-word when the text is surrounded by speech marks. I’m afraid I’m not sure which of the hosts was the interviewer. I do have audio file for anyone who wants to listen to the original (the BBC removes the mp3 after seven days for reasons of rights, apparently, despite this sucking horrendously).

Starting at 1 minute 25:

What lessons could be learnt from this latest security breach?

“.. it’s not possible to build computer systems which are accessed by large numbers of people which are secure.”

2:42

“.. what’s the key problem with these big data concentrations?”

“You can’t make systems like that secure – you don’t just lose the information for one GP surgery you lose information for the whole population all at the same time”

What’s the alternative?

“The alternative is small databases and good communication between them – most of the time that doesn’t happen”

Can anyone make these databases work?

“The commercial sector is a little better at building them … the national health database will be accessed by a million people … if you look at the data collected by a supermarket it’s only accessible by a few dozen people in the marketing department, the risks are completely different.”

“The real problem is we do not know how to build very large databases, have them accessed by hundreds of thousands of people and keep them secure. The government believes this is possible, and I’m sorry but it just isn’t.”

Is there any way to build a big secure database? you seem to be saying no.

“I’m saying no. it’s as simple as that. you can’t build these, the government should stop trying.

Ends at 6:53

(Incidentally, when you start dragging the progress indicator in Windows Media Player, it blanks the time panel, so you can’t tell when you’re moving to until you drop it again and the file starts playing. Very frustrating. Media Player Classic doesn’t suffer from this.)

More on the BBC iPlayer and RTMP

There appears to be some work going on to try and get iPlayer working on the XBox Media Center according to this thread on their forums (thanks for the link, Iain) and although it only seems to make progress up to where I did, it does include this comment from Ian Forrester of backstage.bbc.co.uk (a terribly nice chap who I met at XTech 2007 in Paris, and who as it turns out used to DJ at a club I used to go to in Bristol) We’re happy for people to hack around for non-commercial uses. which is really good to hear.

Additionally, tonight I came across WiidiaPlayer which is built in MTASC, an open-source ActionScript 2.0 compiler written in OCaml and plays back RTMP streams. Wiidiaplayer is open source and that source is on Google Code. My initial tests haven’t been that successful, but they’ve only been ten minutes long :)

Downloading from the BBC streaming iPlayer is hard

(this was mostly written on Friday 14th December, although no-one else seems to have stepped up to the plate yet)

The new Flash-based BBC iPlayer streams its content over Adobe’s proprietary RTMP, making it very hard to download the stream and save it for later.

There are some native, commercial, applications to do this on Windows like Replay Media Catcher but as far as I can tell, nothing on Linux. There has been a first-pass MythTV integration but this seems to use an embedded browser window.

snagged iplayer content

Red5 is a Java-based open-source Flash server which also comes bundled with some code for a sample client (download the tarball and then look in src/org/red5/samples/client). It might be possible to use this to download the stream; I haven’t yet tested. There also appear to be some code samples in Ruby and Python lying around, but these look very incomplete.

The URL for the stream is along the lines of this:

rtmp://217.243.192.52:1935/ondemand?_fcs_vhost=cp41752.edgefcs.net&auth=SECRET_KEY&aifp=v001&slist=STREAM_NAME

where both SECRET_KEY and STREAM_NAME come from a file of the name http://www.bbc.co.uk/mediaselector/3/stream/check/iplayer?pid=PID where PID is a BBC Programme ID such as b008h3zq as found on http://www.bbc.co.uk/programmes/ – the base URL for this address is found in the config.xml file linked to from every iPlayer page: http://www.bbc.co.uk/iplayer/emp/xml/config.xml

So this looks hackable, with the most promising chance probably being with Java at the moment.

Digital photo frames

I am very much looking forward to the coming increase in quality and drop in price of digital photo frames.

We currently have five photo frames in our living room (three are curved, four are glass-edged). I wouldn’t mind swapping them out for digital frames provided there were a few criteria:

• they have to be no thicker than our existing frames
• they can’t be plugged into the mains
• the power supply, whatever it is, must last at least two months without intervention
• the photos can rotate on a custom timed interval

wifi would be a plus, as would a remote control and avi/mp4/ogm support but these aren’t necessary.

a picture of a digital photo frame
Testing the Philips Digital Photo frame © mathowie / CC

I have over 4,000 photos on Flickr and a huge stack of analog photos which get put into a box never to be seen again because I’m too lazy to put them into albums. Most are terrible, but there are a lot of friends, family and various events which I’d love to be able to see from time to time without sitting in front of a PC for an hour ploughing through

The power supply appears to be the biggest stumbling block. My boss suggested that inductive charging might be a good solution and someone else suggested a rechargeable Li-On battery built into the frame. An obvious ways of saving power would be to turn off when there’s no-one around to see the pictures you’re displaying – a timer for turning itself on and off would be perfect. Any of these would probably work but I don’t see anything out there that really meets these needs. Then again most of the merchant sites selling them give pretty rubbish technical details anyway.

So, they’re not quite good enough to convince me to buy one yet, but golly they’re getting close, and once they’re good enough and under fifty quid, I’ll probably get one (and if they make curved ones, three!).

Nokia N95 assessment

Jabber on my N95

I got a first-generation Nokia N95 two months ago. The Gadget Show rated it better than the iPhone in pure functionality. Ben Ward (and his commenters) have had some really serious problems, so I thought I’d give a hopefully more balanced view.

With that in mind, I’ve had a mobile phone for the last ten years and my favourites have all been Nokias which means that I’m very, very familiar with the Symbian OS. Thanks to JimH I was on the Early Access trial of Python for S60. All of this serves to show that I like to think I’m balanced but I’m probably not :)

Executive summary: The Nokia N95 is a great phone, but terribly terribly slow. If you get one, buy the newer Nokia N95 8GB which has a bigger screen, better battery life and obviously more memory.

I’ve now upgraded the firmware and the whole device is much, much snappier, including the previously ponderous camera

The good

The integrated WiFi means that I now use the podcasting support above texting, phonecalls, calendaring and taking photos. But it’s a poorly integrated application; for example the bundled WebKit-based browser supports RSS subscriptions but this list is separate from your podcast subscriptions and items are not interchangeable. This means it is very difficult to browse to a site which provides podcasts and then subscribe in a suitable application (the best route seems to be copy and paste of the URL). You can at least import and subscribe to an OPML file so you’re best off maintaining the list online somewhere, perhaps using something like del.icio.us and an rss2opml converter.

The TV-out is great and actually useful given the native mp4 support and free xvid player available.

Running Apache on your mobile phone is super-cool and would open some interesting possibilities if it didn’t murder your battery life.

Python support is good and getting better all the time. Most of the phone’s functions are available to scripts, making it quite straightforward to hack your phone, provided you can set up a decent develop/deploy/test cycle

My 3-branded X-Series N95 came with Skype and MS Live Messenger and a simple menu layout.

If you hurled it at someone hard enough, you could probably kill them.

The 5MP camera with Carl Zeiss lens is amazing but…

The bad

The 5MP camera with Carl Zeiss lens is amazing but slow beyond belief and pushes it very almost beyond utility.

As with most Nokia phones in the past five years they seem to have too many hardware designers. As Russ says, the dual-direction slide is a gimmick and the media buttons should be elsewhere. They would have had room for them if they hadn’t had so many redundant buttons on the existing design. When the slide is open for normal use and including the keypad, there are twenty-nine buttons available. Twenty-nine! I never even use one of the largest two (about which Russ says The “media key” is stupid and the media menu is stupid)! I say this every time, but Nokia need to drastically rethink their button strategy.

Connecting the phone to your PC via mini-USB does not charge it.

Some of Ben’s other criticisms are valid:

  • the “notes” app can’t be synced. The phone comes with no other text viewer or editor.
  • changing between profile and landscape views aren’t accelerometer based, despite there being one
  • the gallery application is a step backwards from the previous version found on devices like the 6630 (presumably because of the increased size per photo)

The indifferent

The GPS has been variable for me. Sometimes I get a fix within 30 seconds, othertimes it takes up to five minutes, which is clearly useless. Nevertheless, as a first-generation device with this functionality it makes a good first pass with excellent application support where the location will default back to that of the cell ID you’re connected to.

The iPhone has quite good overall usability, most other phones suck at usability and I’ve certainly got used to it.

Other criticisms seem to be unfounded:

  • text recipients can be chosen by typing their name in, you don’t have to browse
  • I can’t find a place outside of third-party apps where the number pad can’t be used for navigation
  • Each entry in the missed call list has an option “use number” which appears to reflect the number which called
  • the battery life is more or less what I’d expect from a handheld device running bluetooth, GPS, Wifi a digital camera and a phone.

There is a brand-new firmware release out today which claims to solve a number of these problems, but it requires you to completely wipe the internal memory and reinstall all your apps and reconfigure your phone. As one of the commenters on the AllAboutSymbian article says Imagine having to do a complete re-install every time Microsoft released a Service Pack. Eugh.

Parsing Atom with libxml2

Whilst trying to parse some Atom (my Blogger backup) with libxml2 I appear to have run into the same problem that Aristotle hit two years ago in XPath vs the default namespace: easy things should be easy, to wit: The story is that you can’t match on the default namespace in XPath.


>> import libxml2
>> doc = libxml2.parseFile("/home/pip/allposts.xml")
>> results = doc.xpathEval("//feed")
>> len(results)
0

Unbelievable.

Immediate potential solutions:

  1. XSLT my Atom document to add “atom:” to all my default-namespaced elements
  2. use an entirely different method of parsing
  3. remove the atom namespace declaration from the top of the file
  4. something else

Option 3 looks like the only sane route to take in this one-off job, but I’m quite surprised that I have to do it at all.

Actually, this turned out to be my fault – I was parsing two documents at the same time, one with a namespace declaration set correctly (for parsing my Atom file), and one with no namespaces set. I used the latter for my xpath query, which clearly didn’t work – many thanks to everyone who left a comment!

HOWTO download your Google Reader starred items

How to create a backup of your starred items in Google Reader, should the need ever arise:

A screenshot of the Google Reader settings page

  • Log in to Google Reader
  • Click ‘Settings‘ in the top-right of the window
  • Click the ‘Tags‘ tab
  • Check the “Your starred items” box
  • Click the “Change sharing…” dropdown box and select “public
  • Now click on ‘View public page‘ which has appeared to the right of “Your starred items” (this will open in a new window by default)
  • In the right-hand column there is a link to a feed. Right-click it and save it to disk.

Congratulations, you now have an Atom feed of your starred items to do with as you wish. With any luck it will even be valid.

Google-be-gone

So, my Google account is still disabled a week later and I still haven’t had a response to the two mails I’ve sent the accounts team. My blog was powered by Blogger. I’ve switched to WordPress and hope to import all of my old blog sometime this week (I’ll have to screen-scrape my own blog archives).

In related news I was using Gmail to power my email, but was using my own domain to forward it, so I’ve currently switched that to forward to my work account. Not having access to the past three years’ worth of emails is a pain, but not as much as having no address book, which is much worse than you might think.

I am still somehow logged in to Google Reader but have exported my feeds and am now running my own copy of Venus (lots of pruning to do which Google Reader was hiding from me – and that’s after removing all the dead feeds).

The blog uses the default WordPress theme. I’ll get that changed at some point but at the moment the priority is extracting all the data I can from the Google services which I still have access to and finding alternatives to things like Google Browser Sync.

I am not particularly pleased.