Wireless Broadband for a SOHO using a Huawei E220 and a router

I’ve heard a few people are looking for a solution to using a cellular modem for their small or home office. The solution I’ve used is based on the Draytek Vigor 2800 and the Huawei E220 USB modem. The instructions on configuring these two can be found on Drayteks' site at http://www.draytek.co.uk/support/kb_vigor_3g.html

Cellular Broadband in the UK

For the last couple of months I have been using a cellular broadband system instead of a standard ADSL line and I’ve got to say that I think describing as broadband is probably stretching the truth a little. I’ve been using a Huawei E220 on both the Three and Vodafone networks and the biggest problem I’ve seen is signal strength. I’m currently in a village with around 5,000 residents which is three miles from the Maidstone (the county town of Kent which has around 80,000 residents), so I’m not exactly in the sticks.

Orange customer (dis-)service

After Orange coming up with a sensible solution to the “fun” of not existing in experian and equifaxes databases due to moving to a newly built house, they’ve unfortunately shown how not to treat a customer, and here is their special recipe. In order to prove to Orange that the house I live in existed I was asked to obtain a bank statement which showed my name and the current address.

Credit Reference Agencies - No substitute for customer service

I’ve recently moved into the second house to be finished in a new development and found out that due to a local transmitter the Vodafone signal is so poor that it’s barely usable, so I decided to switch to the Orange network (which has good signal strength), but hit a small snag called Experian. Experian basically make money from selling other peoples information, but the problem is their information isn’t update to date and so they say the house that I’ve now been living in for two weeks doesn’t exist.

Doesn't the UK have enough enemies already?

It’s rare that anything in UK politics actually surprises me, but you would have thought after the bungles in Afghanistan and Iraq the UK government would think twice about blindly following US policy, but, alas, the UK governments endorsement of the US’s recent sanctions on Iran seem to show that it is still more interested in staying close to the US than it is about thinking about anything else. One key theory in group control is that if you can get the group to fear a common enemy you can get away with a lot of big mistakes.

Advertising practices bordering on the dishonest

Everyone knows that in advertising there is a certain amount of creativity, and that there are bounds to what most companies would consider responsible advertising, but I’ve come across a company which seems to be willing to set the borders of responsible advertising a little wider than most.  The company is Crest Nicholson, a UK house builder, who, in web pages that are thinly disguised adverts for two of their developments (here and here) have large glowing quotes about how good these developments are and the company in general.

Distributed computing, the next money saving step?

A password breaking program called John the ripper has been modified to use the CPUShare pay-per-MIP parallel processing network as a test. This means that anyone with an MD5 hashed password can now look to rent enough machine power to take a serious shot at finding the original password. This is a step along the current path of technology which is leading us away from single expensive solutions and on to more organic systems which can adapt to changes in usage as neccessary.

Beware the bad spec........

I’ve recently been having an Email conversation with some the guys who wrote the technical specification RFC3920 about the language used and it’s left me wondering how many more times I will see the same mistake made. Specifications are suppose to aide clarity, they’re suppose to make it easy to produce compatible systems because a good specification will leave little room for ambiguity, but the big problem is the eagerness of specification writers to either make up terms or redefine words to fit their needs.

If your using Struts 2, make sure you're using 2.0.9

The struts guys were pretty swift in releasing a fix to the problem I blogged about before, so if you’re using Struts 2 you really should to 2.0.9.

Big security hole found in Struts 2 and possibly WebWork

In the programming world two of the most widely understood types of problems are cross site scripting (sometimes called XSS), and user command injection (e.g. SQL injection), so you can imagine my surprise when I found the Struts 2 framework which has only been considered suitable for production use suffers both. This serves as a good example of why any development team should have at least one person who has a background in application security and is tasked with checking for the common types of security problems which come from fundamental design mistakes.