About Adam

Spotted Paint design and produce websites and online applications for companies and individuals both big and small. We offer friendly and practical solutions to your web problems. We also offer hand drawn cartoons and illustrations to create individual Graphic Designs that stand out from the crowd. Give us a call or send us an email to see how we can help you.

Kyber Lettings

Kyber Lettings

This is a small site for a new lettings and property agency based in Watton serving the Wayland area. They do plenty of property management, collecting rent making sure properties are safe, gas certificates, keeping properties full of tenants etc.
In the future it will list their properties for let.

Previously they had no website at all. With the opening of their new office in spring 2016 they wanted to have a website so they could be found online. We ended up matching the blue on the site to their building walls!

When the site has some properties to list they look something like this

Kyber Lettings Property

Mostly the aim is for people to be able to find them and contact them.

Technically the site is pretty standard WordPress with a custom post type for the properties and then custom fields for properties of the property like price, floor area, EPC etc.

Scumbags, Idiots and Charlatans

In the last few weeks experienced a lot of client abuse on the interweb.
Customers paying through the nose for web development and just being ignored.
Customers being abandoned.

I’ve been picking up the pieces for a couple of people and it makes me feel kind of sad its just that there isn’t any need for it. Ok things change and that is fine the web developer is not married to the customer and if you don’t have the skills in house to support them then that is fine but say that.

Not all customers are super technical and some need more hand holding than others many are actually frustrating.

But there isn’t any excuse really for treating people that badly. Building web stuff is a people business your coding stuff that will be used by humans in order to fulfil aims that other humans have. Whilst people are sometimes difficult and irritating and occasionally just downright maddening. Its developers job to help them, not impose stuff on them or extract money for nothing or exploit their lack of knowledge. If you can’t get on say that and leave them. Don’t just ignore them, you could even help them find someone new to sort things out.

Contributing to North Koreas economy

Fiddling with auto generating authentic text from sources. Using the speeches and writing of the North Korean Leaders, Kim Jong-Il and Kim Il-Sung leads to surprisingly realistic sounding stuff. I guess there speeches come off better in Korean before translation.

Solution of marxism-leninism and at the party is called revolutionaries who revived our times and help each country, which are freed from exploitation and heroic anti-japanese revolutionary outlook on building communism. In order to serve them by marx is not merely a stronger and knew that a society advances towards social democracy is the interests of the relationship of the reactionary, between comrades can be correctly combines the master of the masses are appeasing them to the ideological consciousness is inconceivable to achieve the relations of adaptation of the right to free of society and construction work style, and cultural needs.

By applying the people vigorously pushing forward by improving man’s cognitive activities of social democracy that can understand the people’s government bodies.

If Kim Jong-Un wants me to auto generate some speeches for him…

Onward, up grade

After upgrading several shops recently, I’ve been thinking about the upgrade process. Perhaps it should be central to the process of building an application. The ease of upgrading must help keep installed packages up to date, if its easier it seems much more likely to happen, if its automated even better.

To that end any tools that ease the upgrade process like wp-cli are great. I’m sure the ease of upgrade in WordPress must contribute mightily to their success in getting WordPress to its vast number of installs.

Even someone relatively motivated and informed when faced with an upgrade process that requires copying over a whole load of new files over old files feels deterred. I’m sure the effect is exaggerated in someone who doesn’t understand the error messages. Its also prone to error when you picking out different file paths /admin/theme/default/default/theme and /theme/default/default/theme. Even more frustrating if something that is supposed to have an upgrade process that then fails, as your trying to do the right thing and blows up in your face.

Its something I’m going to factor more strongly when choosing which packages to use for projects in the future.

Encryption

Reading about cryptography as its getting talked about quite a lot at the moment with even politicians talking about strong encryption. Also I’m working out how best to go ahead with some encryption in a project.

Cyphers

What recipe you use to encrypt the data examples being One Time Pad, Vigenère, Rot13.

Whats interesting is that mostly they are crackable its just how much time, computers and the access to Mathematicians/Cryptographers you have. So its really a matter of making something as hard and resource intensive as possible. AES / Rijndael is probably a good common one which succeeded DES in terms of standards.

Security / Strength

It is difficult to tell for sure what is ‘secure’ given that many past developments have taken place within agencies that don’t have incentives to publicise there discoveries. If someone has made big strides in designing more efficient cracking algorithms we might not find out until 20 years later.

Comparatively small changes in implementation (block cypher modes ) and algorithms can make a huge difference in terms of security. So creating your own cypher is usually a bad plan and choosing carefully is important.

Keys and key lengths

Then there is how long a key you are using generally the longer the key the stronger the encryption.

How long a key?

Start off from greater than 128 ideally 256 bits and what is that equivalent to when generating key pairs with ssh-keygen, RSA 15360 is equivalent to 256 according to more in US National Institute of Standards and Technology here (page 64).

How secure do you need something to be? (and given what situation)

Commonly you think of encrypting the message during transmission from A to B. In order to prevent someone reading the message in between. There are a lot more, places, stages and levels though. If you encrypt information in a database you have made that information difficult to read if the attacker only has the database. But if they also have the code or keys that encrypted that data then they have also the means to retrieve it.

Does it need to be secure if the attacker has access to lots of decrypted messages, pairs of past encrypted/decrypted items or has knowledge of the texts sent. Can the attacker intercept an encrypted message and alter it and that alteration be undetectable.

So mostly your using layers of security to make access more awkward each layer being an additional level of difficulty.

Perhaps the more layers the better so for a web application the layers could be

  • SSL/TLS to encrypt the traffic then encrypting information in the database
  • Architecture of the code
  • Security of the user accounts on the server
  • Security of the underlying server,
  • Security practices of the users and administrators of the system
  • Browsers and operating systems that the legitimate users might use,
  • How keys are managed and shared.

How important is it?

If your keeping peoples credits cards then you need to act differently to just publishing a blog that you can just restore from an earlier database dump.
How long would it take to recover from a breach and how much would that cost you in money and reputation. This makes you consider your backups and your policies on communication with users.

Are you merely deterring automatic attacks from script kiddies on you so they move on to easier targets. Or are likely to be a focus of attacks because of some sort of political or financial cause.

Security is complicated its not just a matter of I use this language, we use TLS version X or we only use such and such servers.

Spam text and Markov Chains would that make Turing happy?

I can quite easily using Markov chains some Python and a source text produce quite realistic texts. Turing might even have been pleased in a perverse way his machines are indistinguishable from humans. Many blog commenters seem to be using their second language which is fair enough. But does make it difficult to tell if they are genuine humans. Often the only way I can tell if comments are spam is to look at the links they include. Super cheap *** something is usually a clue.

Just for fun here is a brief auto generated example of text generated from the Henry Fords book ‘My Life and Work’. Markov Ford?

They think that is the business and who do not stand the assumption of mind.

The average person may be filled by foot of fear will respond.

Everything has won his maintenance and also happened to produce also we should prove that bread. If a very carefully tried to greedy for a business could ever really constructive thinking over to share; at a child to the railways and then is the filing of life, manufacture, a tractor came down you see, it must be easy. Success is the country that same with personalities.

To my plant at the limits his territory.

This is pretty crude an still quite easy to tell apart from normal text. With a little more effort I’m sure I could make it much more “human”. I hope most spam is generated by this sort of method I guess the alternative is poor people in foreign countries generating spam for money which is probably worse and doesn’t feature much technology at all so is pretty uninteresting.

Now I wonder if I can produce my own Management Guru book :)

Small Worlds Hypothesis

In the 1960’s Stanley Milgram and Jeffrey Travers tried an experiment sending letters.

  1. They sent letters to randomly selected individuals. In each letter was letter explaining the experiment and details of the target person.
  2. If the person receiving the letter knew the target they could forward the letter directly. If they didn’t know the target they were to forward the letter on to to someone they knew who would be more likely to know this person.
  3. Each time to letter was forwarded the forwarder added their name and sent an attached postcard to the researchers. In this way the progress of the letters could be tracked.

The result as its widely spread is the 6 degrees of separation in that on average it took 6 steps between the person who began the process and the person receiving it. So what gets spread about is you are on average 6 people away from anyone else in the world.

Actually it isn’t quite that simple

In fact if you read the experimental paper its not that simple. The target is a stockbroker in Boston of the starting points

  • 196 were solicited by mail in Nebraska of these:
  • 100 were owners of blue chip stocks.
    additionally
  • 100 volunteers were solicited through a Boston Newspaper

so 296 altogether.

Because the each person forwarding the letter could see who had previously handled it loops were avoided.

217 of 296 letters were sent on of which 64 actually reached the target. Of the completed chains the average distribution of links was 5.2 which is the number that gets rounded up to 6 degrees. So your discounting all the broken or abandoned chains.

To be fair the experimenters spot many of the issues and knowledge them these include

  • The starting points had a strong bias towards being middle class and the target was also middle class.
  • It depends very much on how well the participants were motivated.
  • Your avoiding the odd cases recluses and people who travel constantly for example.

Partly they were interested in how the letters were traveling was it based on geography, or through professional networks.

Failing or incomplete chains

The mean distribution of failed chains in 2.6 there was also a difference between the letters that originated in Boston where the chain was 4.4 and from Nebraska random where the chain length is 5.7 and Nebraska stockholders were 5.5.

Interestingly there was a lot of convergence with people towards the end of the chain occurring repeatedly. Think this is probably one of the more interesting things and linked to ‘super influencers’ and the hubs between networks.

So its interesting but its not so simple as everyone is separated by 6 degrees of separation.

Tuition Centre Dereham

I recently wrote a small site for a local tuitoring company in Dereham Norfolk. The Tuition Centre Dereham
Its quite simple and does what it says on the tin.

The thing that is different is how local it is. They don’t care about being found outside of Norfolk, UK and even within Norfolk they are only interested in being found in the fairly small area around Dereham and its surrounding towns and villages.

The opposition is all chains which don’t really have a presence. So its a case of real world where you drive into Dereham, opposite Roys, and see the Tuition centres quite obvious signs and building, and the virtual world where they are at the moment quite invisible.

Hopefully over the coming weeks we can improve their position in search so they get found online more easily within their local area.

Are coupons just a distraction?

Coupons are a good way of taking things offline a coupon code can be on a card or in the package with a new purchase. You can use them as part of a referral or affiliate marketing scheme. I wonder though are they turn off in checkout? How often do you go to a checkout see a box for a coupon code and then go off looking for a coupon.

If your thinking of coupons being an incentive to go and buy something then the coupon box at checkout is strange. The customer has already decided to buy something they put it in their basket. They saw the price they are happy to pay it and then you are offering a coupon. The coupon they are entering didn’t make them any more likely to buy anything?

Are you making them more likely to wander off at the point in the process when they were just going to enter their credit card details and complete a purchase. Perhaps its better off earlier in the process or perhaps its just me who acts in that way when faced with a coupon code box. I guess I’ll try running a trial and finding out.

Branding

Just been reading two different Wally Olins books on branding. “Brand New” and “The Brand Handbook”

Think my attitude before was a bit cynical and wrong along the lines of “that is something you do to cattle”. As Mr Olins wrote its more about authenticity and ties in with the way the firm is seen socially. I made me think about some of these ideas and perhaps rethink a little.

Its more than just a logo

Branding should be more than just a logo in fact the ethos of the brand. In a small organisation that may a reflection of the owner. In a larger company it might be the founders think the Cadbury family and their Quaker ethos and then the changes in perception and the uproar caused when they got taken over by Kraft. The brand is reinforced or damaged by how consistently the company acts. If all you do is change the logo from green to red or the name and nothing else changes its pointless.

Behavioural Consistency

If you say it do it, don’t say one thing and do another or claim to be something you aren’t. So Wally cites the example of Ryan Air as being and doing what the say on the tin. They aren’t saying we are the the worlds most luxurious or helpful airline. They are cheap flights if you follow their rules to the letter. If you don’t they will charge you for it. Its consistent and it goes throughout the organisation from the top Michael O’Leary, joking about charging for using the toilet to the abrasive people at the airport. That way even the newspaper reports reinforce their branding.

So perhaps as he sees it its more than using the corporate colors and elements consistently whilst that is important branding can be more of a holistic thing encompassing the organisations attitudes and aims.

Seemed worth reading to me of course I skimmed a little but worthwhile to read the thoughts of someone who did branding for 50 odd years.