I generally like to look for the positives so following on from my last post that may have come across as perhaps a little negative it’s great to find at least one positive to ISP filtering:

“This is also a unique opportunity because no other government in the world has provided financial incentives to ISPs to implement a service which can be so readily sold on to customers.

We envisage that customers will be willing to pay an additional $5 per month on top of their broadband services to have that higher level of filtering,” Mancer said

- Watchdog Launches Hosted Filtering Services in Australia

Since this comes from the company that “supplied filtering systems to three of the nine ISPs involved in the recent Australia government filtering trials at the Enex Test Laboratory” they’re in an good position to put a positive spin on the whole thing.

I’m a little concerned about what paying an extra $60 a year for a “higher level of filtering” implies about the proposed mandatory ISP filtering scheme? Is the cyber safety of our children being fobbed off with some budget version of their filtering system?

But hey, this is supposed to be a positive post and it’s good to know there is an upgrade plan should the proposed plan be less effective than expected!

Taking the lead from Google’s post which outlines their views on the Australian Government’s plans to implement mandatory ISP filtering we feel it is important that all Australian based internet users also indicate their views. Here, then, is the official Ingredients view on the following plan to:

Provide a mandatory ‘clean feed’ internet service for all homes, schools and public computers that are used by Australian children. Internet Service Providers (ISPs) will filter out content that is identified as prohibited by the Australian Communications and Media Authority (ACMA). The ACMA ‘blacklist’ will be made more comprehensive to ensure that children are protected from harmful and inappropriate online material - Labor’s Plan for Cyber-safety

It’s rubbish.

If you think we’re being flippant, you’re correct, it’s intentional. We could spend ages going through the details of why it’s rubbish, but do we need to?. Why it makes us very disappointed that what appeared to be a very technologically forward looking Government is now being looked on internationally as naive and backward thinking, but do we need to? Why it may even have the opposite effect by creating a very false sense of cyber security, but do we need to?.

What we do need to do though, is add our voice to the many that already think it’s rubbish and you can too.

When developing web applications there is always this underlying paranoia that one day, you’ll be the one responsible for the hole that allowed a hack into your nation’s electricity grid control station, or other such similar scaled disaster. This story, while not quite as exciting, is one of those mildly entertaining and unnerving examples of how even the “big guys” can get it wrong.

Today I received an incorrectly addressed email entitled “Welcome to XYZ Club!” from a loyalty club, which I’ve thoughtfully renamed XYZ club, of a group of very large (hence my thoughtful renaming) hotel chains.

As it’s not uncommon for us to receive incorrectly addressed @ingredients.com.au mail, I started to prepare my “You’ve sent this to the wrong address” template to reply to the sender. Unfortunately, the sender was “XYZ Club Loyalty Program <noreply@xyz-club.com>”. The sole job of any no-reply email account is to send whatever mail you send to them, back, reminding you not to reply to them!

My next thought was to check the email footer for any contact information. No, there was no reply information but it did helpfully remind me of the following:

This e-mail, any attachments and the information contained therein (“this message”) are confidential and intented solely for the use of the addressee(s). If you have received this message by error please send it back to the sender and delete it.

Perfect, except, of course, the sender was a no-reply email!

Thinking perhaps their site would have a contact form I could use to report their mistake, I clicked one of the links in the email and arrived at their site to find I have been “signed in” ready to start Step 1 of the “Choose your XYZ Club program”. Clicking around with a little bit of surprised curiosity (ok, yes I was also being nosy, who wouldn’t be?) and trying to find a way to contact them, I find that I could probably have set the password for this person:

This is your first connection. Please enter a new password in order to complete your membership application and gain access to your account.

This only presented two fields; a password field and a confirm password field. Nowhere asking me for any information that was not in the email, eg a loyalty card number that only the real person could have had.

Searching for a simple contact form to report this issue proved fruitless as going via the “Customer Support” navigation, then via the “Report an issue” link, brought me back to Step 1 of the “Choose your XYZ Club program” page.

The only way to report the issue was to finally call them. I’m probably one of the weird few that would actually go this length, but I was now curious to see if their phone support was any better. Thankfully, it was and this particular person has now had their account closed without anyone pulling any 1337 hotel loyalty club hacking skills.

So why am I posting this? Well to gloat of course and have it on hand for the day when the electricity gets shut down so I can point and say “I’m not the only one!”

While trying to set-up version control using Mercurial, I hit a snag trying to call hg commands over SSH to our OS X development server, that took up the better part of an afternoon. Having finally found the answer I’m recording it here in case I forget or to save anyone else similar suffering.

This is the what I was doing and the resulting error (note I’m using the default bash shell):

$ hg clone ssh://example@192.168.1.100/Sites/example-project
remote: bash: hg: command not found
abort: no suitable response from remote hg!

So, first of all find out where your hg command is located by running the following command while logged into the remote box:

$ which hg
/usr/local/bin/hg

That gives us the path to the hg command so now we need to see what paths are available when logging into that remote box via SSH. To do so run the following command from the machine you are trying to access the remote box from (my MacBook in this case):

$ ssh example@192.168.1.100 echo $PATH
/usr/bin:/bin:/usr/sbin:/sbin

We can see that the “/usr/local/bin/” path to hg is not in there so moving back to the remote box create and/or open ~/.bashrc and add the following line:

export PATH="$PATH:/usr/local/bin"

Now back to my MacBook and run the previous command again:

$ ssh example@192.168.1.100 echo $PATH
/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin

Great! Now we can see that “/usr/local/bin” is available and our original hg command now runs.

While chatting to a friend and mentioning that my work on the book included diagrams, he somehow thought that included the cover. So just for clarification; I had no part in the cover other than choosing from a selection of three.

That said, I do quite like the characters on the Manning books even if the accompanying font choice seems a little dated. I imagine that having to choose book covers for tech books must be a painful experience if you don’t have something like the O’Reilly single-tone prints or these Manning characters. This old post on Manning’s forum really made me laugh though:

“As a frequent purchaser of computer books however, I feel that I would be remiss if I did not tell you how thoroughly the cover of the book sucks. It’s major league weirdo shit – and I mean that in the most constructively critical way possible.

Luckily, he wasn’t specifically talking about our cover which could be seen as representing the grace that Zend Framework brings to PHP, that, or it was the best one of the three they showed us. I do like the brown though!

Inspired by The Local’s accusations of abandonment, I realised I’d not mentioned one of my new hangouts. I’ve been trying to compete with Rob Allen on the blog for our almost-in-production book Zend Framework in Action. As always he’s way ahead of me just as he is on the Author’s forum!

So if you’re really missing what I have to say or need to tell me what you have to say, you can catch me in any of those places. Once the book comes out I’m sure I’ll have more time for this blog.