* Posts by Gordon Johnstone

8 publicly visible posts • joined 29 May 2008

Leap Motion Controller: Hands up for PC air gestures. That's the spirit

Gordon Johnstone

Got mine, agree with review

I had to install Windows 7 in advance of its arrival as its not XP or Linux compatible. Installed it and found it smooth in places, jerky in other. But once I realised it uses light to track and my computer has many different light sources around it I realised it was getting confused. Moved the computer into a single light source area and it worked quite well. Then thought "what the hell am I doing". I can't think of any other peripheral I would have done this much to use. Not as useful as I thought it would be when I ordered it at the start of last year. Hopefully some of the Raspberry pi hackers will make something useful out of it

UK supermarket starts contactless payments

Gordon Johnstone

I've seen this fail

I was in a coffee shop with two people in front on me. The guy second in line leaned over, wallet in hand, to get a serviette. The machine beeped. The guy at the front asked how much and the person at the till said " you've already paid with your Barcleycard". He said "I don't have a Barcleycard".. The guy second in line said "I do". He had paid with out knowing. Try challenging that when the bill comes through. My Barcleycard went straight in the shreader

Exploit code for Kaminsky DNS bug goes wild

Gordon Johnstone

Back @Tom

I couldn't agree more about the client certs. Something I've been shouting about for a long while. It just makes so much sense to validate both sides of the transaction.

I'm always shocked at how "ordinary users" can get caught out by misunderstandings. I had a friend complain to me that the virus checker I had installed for them had prevented them opening an email attachment. They said they had to unistall the virus checker before they could open the attachment.<gasp>

Gordon Johnstone


Ah, but what you are missing is 1) the people who are going to the site for the first time and are about to hand over all the details required to set up online accounts, and 2) the people who, on seeing a popup saying "the certificate has changed and maybe owned by alien beings and agreeing to this will mean that you give away your first born", will just click "ok" anyway because they don't know any better. This adds up to a significant number of people at risk from this.

It's why SSL/TLS on its own is not really good enough for online banking.

O2 starts 3G iPhone stampede - and runs away

Gordon Johnstone


I've noticed that most of the people who have succeeded say they were notified by email, which I think means they are new customers, as I was notified by text to my iphone. Does that mean that most of the stocks/web resources were allocated to new customers, not upgraders?

Hmm, way to keep people loyal o2.

Gordon Johnstone

Yeh, I tried

for an hour. What a horribly complex process. I login, then I have to type my phone number ( I just logged in, its on the screen!!) and then it texts me a code ( except it didn't the first dozen times) and reloading gave a remedial screen which asked for credit card details before crashing. It also warns that it will need my account number ( I JUST LOGGED IN. YOU KNOW IT ALREADY). And then it broke completely. I wasn't even offered a phone number. Why not click "Yes I want it and put it on my next bill?", Or stagger then texts they sent out this morning?

NHS IT loses key contractor

Gordon Johnstone

Its only complex if

you try and integrate it with all the propriatry stuff that all the is already there. If you try and do that then I'm afraid £12.7 billion won't do it. In fact I can't imagine it being possible as each interface will have to be reworked or a translation package written and maintained. All that is required ( as others have said) is something to ship the info to the right people and there are so many simple ways of doing that which work. So which do you go for. The impossible or the achievable? Hmm, tough choice huh?

@ Anonymous coward, I have worked on large scale projects and integration stuff. If the scope of the project is spec'ed as " We want it all and we want it now", its always doomed to failure. Occams razor and the old KISS ( keep it simple stupid) never let you down. My experience of NHS IT projects are all of disjointed, over ambitious projects that normally end up expensive and unused.

Gordon Johnstone

Whats the problem?

Its a simple database server with a simple user interface, that requires security so tight it squeaks. £12.7 billion????? I'll do it for a pie and a pint.

So is the managers that have spec'ed it as a mammoth project, or the contractors who have sucked their teeth like some Del Boy mechanic and said "thats gonna cost ya". £12.7 billion buys an awful lot of hip replacements. Simple problem, simple solution, screwed up by money grabbing bastards