The security of a system is as strong as it’s weakest component

The pad lock that had seized shut on my back gate was proving hard to remove, the hardened steel U was not yielding to my hacksaw. I noticed some rivets underneath that turned out to be soft steel. 10 minutes of sawing and I was in.


Hardened steel U


Soft steel rivets on the bottom


After removing the rivets, hammering off the bottom plate


Bottom plate revealed, lock mechanism removed


Lock open!

Random graph

Random graph, from playing around with RGL in Ruby.
Random graph

Tagged ,

How to find if two nodes are connected in an RGL graph

Say you have a graph like this:


How do you find out if there is a path between any of the two nodes? By using a breadth-first search:

Tagged , ,

How to lose business, an example from Flickr

  1. Receive email from Flickr about Pro subscription due for renewal.
  2. Try to pay for it repeatedly over several days but always get some error message about a “bad panda” and they are aware of the problem and are fixing it soon. The problem persists over several days.
  3. Renewal deadline passes, check reminder email, it’s sent from a donotreply@ account.
  4. Find a support wizard, the problem isn’t listed after answering questions about it so I get an option to contact support.
  5. Fill in form saying what I’m trying to do, but notice there’s no field for an email address. They know my address though right? That’s where they sent the Flickr sub reminder?
  6. When I submit the form get a message “your response will be sent to”, an address I’ve never signed up for or used.
  7. Attempt to find Yahoo support system to add a note to the ticket or update my email, can’t find it.
  8. Attempt to send new support ticket to Yahoo. The new support wizard I find seems to have different categories to the first one, none are relevant, there is no “other” category and there is no option to contact support.
  9. Decide not to pay for Flickr Pro

At the beginning of this process I figuratively had my hand extended with money for them to take. I’ve subscribed to Flickr Pro for years, I was just going to pay.

At every step of the way they made it hard. They made it a fight to hand over that money. If they had fixed the payment form after the first error message (like it promised) they’d have my money. If I’d been able to reply to the subscription reminder email and get through to support they’d get my money. If their support process had worked they’d likely have got my money soon.

I think the idea to just not bother came to me when I was forced into their badly designed error prone advert encrusted shoddy attempt at a webmail “portal” that not only do I not need or want, I actually resent, everything else just added weight to it.


Please, please stop asking, I’ll give you anything!

Me: My order was returned without ever having got to me.
Amazon: I can see that it got sent to the wrong distributor who must have realise this and just returned it.
Me: I see, this has happened twice in the last few weeks, is it going to happen again?
Amazon: I’m sorry to hear that, I’ve extended your Prime by a month free of charge.
Me: Thanks for that, but it seems odd that this never happened before, but has happened twice in a few weeks now. Is this likely to happen again?
Amazon: I’ve upgraded the delivery on your new order to Express, you’ll receive it tomorrow before 1:00PM.
Me: …

Tagged ,

I got my pan tilt servos working

I’m making a simple camera gimbal and tonight I wired up the right analog stick on my xbox controller to control the pan/tilt servos:

Tomorrow I will print out a prototype gimbal structure.

Testing Github commit hook one liners

A couple of ruby one-liners for dumping out the content of a github commit hook payload:

For hooks that use type application/json:

$ ruby -rpp -rjson -rsinatra -e 'set :port, 8000; post "/*" do; pp JSON(; end'

For hooks that use type application/x-www-form-urlencoded:

$ ruby -rpp -rjson -rsinatra -e 'set :port, 8000; post "/*" do; pp JSON(params[:payload]); end'
Tagged ,

AWS IAM Policy for allowing s3cmd to sync to an S3 bucket

It’s a good idea to set an IAM access policy for anything that accesses AWS using your account details, I wanted to do this for s3cmd syncing a local directory to an s3 bucket. There are a number of posts on setting up the IAM policy for s3cmd already but none of the examples worked, I got a 403 permission denied error when running the s3cmd sync command.

After some digging it turns out that s3cmd now tries to set an ACL on the files it uploads, and this needs to be specifically allowed in the ACL. I’m guessing that it didn’t in the past, hence the now incorrect IAM advice. So here is the new working IAM policy, complete with the s3:PutObjectAcl permission added:

(See jrantil’s comment below on wether s3:ListAllMyBuckets is needed in this instance)

ping-pong press!

My robot was written about recently on the Raspberry Pi foundation blog, and now on the Pololu blog too, the place I originally got my tracks from!

Robot at RubyConf

I took my robot to RubyConf. It’s not really Ruby related, but I figured it would go down like a robot at a programmers conference… So I took the robot apart, packed it away and headed to Miami:


First job, putting the robot back together again. I was happy it made it through security. It was the first time I’d flown with a small toolkit.

The robot laid bare

I was carrying the robot around most of the first day, people constantly asking to try it out:


It worked well on the shiny floor of the lobby. You can just about see the new 3d printed lifter arm:


Totally coincidentally Ron Evans also did a great talk on Artoo and the newly announced Gobotio.

Programmers love robots!