“Why I deleted my Facebook account”

There are 40,600 Google search results which match this search term. Here’s the forty-thousand, six hundred and first.

Facebook privacy concerns tend to centre around inadvertent exposure of your content and your activity. New features like the News Feed and Timeline produce a flurry of blog posts, and posting on the site itself – with people complaining about the effect of the new functionality, and seeking ways to turn it off.

These concerns miss the point.

If this was the problem, I’d still have a Facebook account. I understand that I need to manage my privacy settings, and also that once my content (and comments) are out there, I can’t rely on being able to control them. That’s part of the trade-off we all make when we use social media.

I like this article:


but point 1 (I am not the sum of my data) is only half of the story. Increasingly, I am the sum of my online activity. And having an interest in marketing at a technology company, the hairs on the back of my neck stand up when I see just how much data about people can be provided by Facebook. And if you write an app… wow.

It comes down to data mining.

Let’s say I hand you a photo album full of pictures of strangers and asked you to flick through it. If I tracked how long you spent looking at each photo, where your eyes go, which photos you returned to – and did this with a large number of people, I bet I could start to draw some inferences about your sexual orientation and your personal preferences for physical characteristics.

Let’s say I watch over your shoulder as you’re reading a newspaper at which articles you skim; which you read in depth; which you skip. I bet I could start to draw some inferences about your political sympathies, your general awareness and your intelligence.

Who you hang out with. Which of your friends you really like. Whose comments you jump on and whose you dismiss. Whether you read the news or play a game when you go to the toilet.

No one person knows as much about you as this – not even you. But whenever you’re using Facebook – or increasingly, just using a web browser with Facebook logged in – this data is being collected by one organisation. Imagine the effectiveness of an advert which was targeted at you, and customised for you, taking all of these things into account. Would you want an advertiser to know all of these things about you?

And that’s just people selling stuff. What about political targeting? What about the equivalent of phone hacking?

Think that’s far-fetched? Why do you think Facebook, which doesn’t charge a penny to its users, is worth $100Bn?


dd-wrt pptp vpn bandwidth

Earlier today, I received a comment from @RyanMeray on twitter, and on my blog post PPTP VPN, dd-wrt and private DNS resolution. Ryan’s transfer bandwidth across the VPN is 150Kbps, despite having upstream bandwidth of 4Mbps – and he wondered what my experience was.

I’d not noticed things being slow, but I hadn’t ever checked. I don’t know what work’s upstream bandwidth is these days, but I’m on a contended 50Mbps cable service at home and I wondered whether I could max out the CPU on the router (which I’ve now upgraded to a Cisco Linksys E3000).

My domestic upstream and downstream bandwidth:

Try broadband speed test
I started a large file transfer from work to home, and then hopped to dd-wrt’s bandwidth monitoring page:

a fairly steady 2Mbps.

dd-wrt’s router status page showed CPU utilisation:

maxing out at 50%.

The CPU is a 480MHz Broadcom chip, which is reasonably fast – but is the same chip as Ryan’s ASUS RT-N16. So it seems unlikely that this is what’s causing his VPN bandwidth to be clipped to 150Kbps. I’d be interested in gathering more data – so if you’re using the dd-wrt pptp client, please comment with your maximum throughput, router model, CPU speed and CPU utilisation. Thanks!

Augmented Reality just blew my mind – a great insight into colour blindness

I’ve been excited by the potential of Augmented Reality since Ben Adderson (blog | twitter) first showed me Layar a couple of years ago. The sort of heads-up experience we’ve seen in the movies and the military has become available – with the added bonus of location awareness. The creative use of this technology has kicked up a gear recently but an article I chanced upon via twitter this evening has just blown my mind.

I am colour blind, as were my mum and my aunt. Although I’m aware that I can’t differentiate between certain colours as easily as other people, it’s always been very difficult to describe the experience to anyone else. I’ve been trying for thirty years, and never really come close.

Until now.

The article considers whether Van Gogh was colour blind by simulating his paintings through the eyes of someone with the condition. Fascinating stuff. But it also mentions the author’s iPhone app, Chromatic Vision Simulator. It’s an Augmented Reality app which shows a view of the colour blind world. To give you some idea of how it works, here are some views around my kitchen. The top image is unprocessed, and the bottom image is close to what I see – in other words, to me, the two images look the same.





I’m delighted because I now have a tool to explain my colour experience. And my wife now really gets why I’m no good at matching colours…

Thanks to Kazunori Asada ( blog | twitter ) for this fantastic technology.

Super-fast email address shortcuts with iOS 5

I’m using my iPhone more and more as a primary means of Internet access. This also means I’m typing my email address on my phone, more and more frequently. There are two problems with this: it’s slow and difficult to type, and autocorrect makes things even more difficult – it knows I’m “Gareth” so if I start typing “gareth@”, I get corrected to “Gareth@”.

Fortunately, the new shortcuts feature in iOS 5 can make autocorrect work for, rather than against you.

To set this up, go to Settings -> General

20111208-220037.jpgHit Add New Shortcut…


For “Phrase“, add your email address, and for “Shortcut“, choose a short word. It’s best to start this with consonants – something which isn’t going to clash with a normal word. I’ve used my initials, followed by “gm” for “gmail”.


Do this for all of your email addresses.


From now on, typing your shortcut will prompt you to replace it your chosen email address. Press space to accept, or hit the cross to cancel the substitution. You’ve reduced the number of keystrokes required to four, using just the home keyboard, improving your speed and accuracy. Hurray!


The only niggle is iOS auto-capitalisation. Usually, a text field will force the keyboard into upper-case. This will force your email address to begin with a capital letter too. To prevent this from happening, you need to remember to hit shift before you type your shortcut.


PPTP VPN, dd-wrt and private DNS resolution

The number of network devices in our house has increased significantly recently. With two Apple TVs, a wii, iPad, two iPhones, a Kindle, an xbox, two laptops, a desktop and a nettop, my creaky old AirPort Extreme was struggling to cope, particularly streaming media across the network. I also need to bridge two sections of wired network and as I need to reach the work network from several devices at home, I wanted to share a VPN connection into the office. All of this took some figuring out and some heavy googling, so in the interests of helping out anyone with a similar problem, here’s what I did.

Network Layout

Home Network


Hardware Requirements

  • A simultaneous dual-band wireless-n router at the gateway
  • A normal dual-band wireless-n router to bridge to the LAN
  • Gigabit switches at both ends
  • dd-wrt support on both devices (PPTP support at the gateway, and bridging or WDS at the LAN)
  • Same chipset on both routers for compatability

I ended up with a Cisco Linksys WRT610n for the gateway router, and a Cisco Linksys WRT320n for the LAN bridge. Both second-hand/refurbished models from eBay. Total cost £80.

Gateway Configuration

  1. Flash the WRT610n with dd-wrt.
  2. Create two wireless networks. The 2.4GHz carries 802.11b/g/n for maximum compability. The 5GHz carries 802.11n for maximum bandwidth.
  3. Add a virtual interface to the 5GHz network with its own SSID to carry the inter-router link.
  4. Set WPA2 AES encryption on all networks with pre-shared key.
  5. Connect to the cable modem, reboot and check that internet connection is established by connecting with the iPad to each of the wireless networks in turn and web surfing.

LAN Bridge Configuration

I wanted to use WDS to link the two routers but I ran into some problems. I could establish a connection, but the link bandwidth fluctuated significantly, and I also couldn’t get PPTP traffic to tunnel successfully. Data transfer over the VPN stalled for larger packets. This is a classic symptom of incorrect network MTU but despite resorting to packet sniffing, I couldn’t get this working properly. I ended up using dd-wrt Repeater Bridge mode which solved these problems straight away. The steps were:

  1. Flash the WRT320n with dd-wrt.
  2. Disable the WAN connection and give the router a static IP address ( with the gateway router’s IP as the gateway address.
  3. In “Advanced Routing”, set the Operating Mode to “Router”.
  4. In Wireless Basic Settings, set the Wireless Mode to “Repeater Bridge”, and the Wireless Network Mode to “N-Only (5 GHz). Give it the same SSID as the inter-router link in step 3 of “Gateway Configuration”
  5. Add the appropriate Security Mode, WPA Algorithm and WPA Shared Key in the “Wireless Security” section.
  6. Under “Services -> Services”, Disable DNSMasq (which turns off the DNS and DHCP servers).
  7. Reboot, connect the desktop PC to the gigabit switch on the bridge router, check it picks up an IP address from the gateway DHCP server and that it can reach the internet.

At this point, I added the rest of the wireless and wired devices to the network and checked that things were working properly. AirPlay working from an iPhone to one of the Apple TVs, streaming audio and video from the PC to the TVs and download content from the internet were all evidence that dd-wrt was correctly bridging between the different networks and things were behaving properly.

The final stage was the VPN, and this is where information online started to run a bit thin.

DD-WRT, PPTP VPN, routing DNS queries correctly and handling unqualified hostnames

The requirements for the VPN connection were:

  1. The gateway router establishes the VPN connection and handles routing.
  2. Only work traffic crosses the VPN – everything else gets routed straight to the Internet.
  3. Home LAN access to the work LAN is NATted to remove the need to add routes back to the home LAN.
  4. Unqualified hostnames are in use both on the host LAN and on the work network.
  5. DNS resolution for the work domain should be handled by the work internal DNS servers; DNS resolution for the home LAN should be handled locally; everything else gets handled by my ISP’s DNS servers.
  6. All LAN client configuration is done via DHCP, so that all devices including the iPhones and iPad will work immediate on connection.

Steps 1 to 3 are straightforward:

  1. On the Gateway router, under Services->VPN, enable the PPTP Client.
  2. Use the IP address rather than the DNS name for the server – this will not change frequently, and makes DNS configuration more straightforward.
  3. Configure the remote Subnet and Subnet Mask as appropriate – my work uses an RFC1918 Class A address space.
  4. I changed the MPPE Encryption settings to “mppe required,no40,no56,stateless”. This was in the middle of my “trial and error” phase of trying to troubleshoot WDS – it might not therefore be necessary but if it works, it won’t hurt!
  5. Leave MRU and MTU as the defaults. Enable NAT and complete the User Name and Password fields as appropriate. NB if this is authenticating against a Windows domain, you need to put username in the form DOMAIN\\username.
  6. Hit “Apply Settings”. Reboot the router.

If all is well, you should now be able to ping IP addresses of machines on your work network from client machines on the home LAN. traceroute should also show that this traffic is being carried across the VPN, where traceroute to www.bbc.co.uk goes via your gateway and across your ISP’s networks in several hops.

Next step is to confirm that you can reach your work DNS servers. Ping them first, and then attempt a hostname lookup: our intranet server is called “intranet” so “nslookup intranet <WORK DNS IP>” should return the correct IP address. To complete requirements 4-6, we need to use the dd-wrt DNS/DHCP server DNSMasq to manage home LAN DNS registrations, pass off work DNS queries to the work servers over the VPN, to send the rest to the ISP and to send appropriate search domain information to all LAN DHCP clients so unqualified hostname resolution will still work. I have to admit that these settings were reached through some trial and error so there could be a better way of doing this. But at least this works:

  1. In “Services->Services”, under “Services Management” “DHCP Server”, add a local value to LAN Domain. I use “marlow.org.uk” here. This will be added to the hostnames of your LAN devices while they’re on the home network to give them an FQDN.
  2. DNSMaq should already be enabled, but you should enable “Local DNS” and disable “No DNS Rebind”.
  3. In “Additional DNSMasq Options”, add the following (changing the bits in red):
    dhcp-option=15,"workdomain.com homelandomain.org.uk"
  4. Hit “Apply Settings”
  5. Renew the DHCP lease of one of your home LAN clients and check that DNS resolution is behaving as expected by pinging www.bbc.co.uk, followed by the unqualified hostname of a machine on the work network and then one of the clients on your home network.
  6. Pour yourself a stiff drink.


Working in Cambridge with clever people doing clever things with computers

We were the first generation to grow up with computers at home. Iain got one first – a BBC Micro, just as we were leaving primary school, but many of my friends got BBCs, Spectrums and Commodore 64s for Christmas 1983. Although 1984 has significance in the history of computing in other ways, it was the year when it became clear that this wasn’t just a fad; this was here to stay. My sister and I got an Acorn Electron for Christmas 1984.

The Electron was an interesting machine. It was an attempt to provide BBC Micro features for a ZX Spectrum price. Problem was – the games weren’t as good as the Spectrum and the limitations compared to the BBC were significant. Acorn struggled to manufacture enough units for sale until Christmas 1984 by which point it was a bit too late. But I couldn’t get enough of it. I read the manual cover to cover. We got Electron User and Acorn User, and I typed in all of the listings I could. My friend Daniel and I discovered that if he brought his official Acorn tape player round to ours and plugged it into my parents’ hifi, we could copy games. Good times.

Just before my fourteenth birthday, I read something which changed everything.

The May 1986 edition of Acorn User contained an article called Exploring the Mandlebrot Set by David Johnson-Davies. It blew my mind. In one article, a few lines of code and the hours of experimentation which came afterwards, I encountered complex numbers, the fascinating beauty of fractals – and the realisation that exploring these things was only possible with computers – but the computers that we now all had at home. Things like this were happening to lots of us (like Richard Kettlewell).

I read Natural Sciences and Chemical Engineering at university – but there was only one place I ever wanted to go. An early page of my Electron manual says “All correspondence should be addressed to: Technical Enquiries, Acorn Computers Limited, Fulbourn Road, Cherry Hinton, Cambridge CB1 4JN”. A lightbulb moment. Cambridge was where to find all the clever people doing clever stuff with computers. That’s what I wanted to do. I’ve worked for a couple of Cambridge colleges, for a couple of software companies and I ran the IT team at DAMTP, Stephen Hawking’s department at Cambridge. Now I’m at Red Gate and it’s 26 years since we got the Electron, and 20 years since I came down here – but I’m still doing what I’ve wanted to do since I was fourteen – working in Cambridge with clever people doing clever things with computers.


Luke has just started secondary school. All of the kids have been given a Toshiba netbook, and when he was with us a couple of weekends ago, we struggled for a while to get it to connect to our wireless network. I tried to open a command prompt to diagnose, but the machines had been locked down so I couldn’t.

“Dad,” he said, last time he was down, “You remember when you couldn’t open that command prompt on my laptop? All you have to do is open notepad, type in command.com and save it on your desktop as a file called command.bat. Then if you double-click it…”

That’s my boy.

The mega birth post

Where were we? Oh yes: pre-eclampsia. The causes of this condition aren’t well-understood; the management of it is. Shortly after my last post on the subject, the midwives and obstetricians at the Rosie Hospital in Cambridge started to manage Nessa’s pregnancy more closely, and we found ourselves in and out of hospital every couple of days. By Maundy Thursday they’d decided to admit her, and because her blood pressure had continued to rise, on Easter Sunday they decided to induce the baby.

He didn’t want to come and so after a very uncomfortable night for Nessa, a caesarian section was booked for the afternoon of Monday 13 April. I’m not going to scare anyone with tales of the management of pre-eclampsia; nor of how unpleasant a c-section is, but after 20 minutes of hard work, Daniel Benjamin Isaac Marlow was born at 4:38pm, weighing 5lbs 14.5oz. He was taken to the Lady Mary ward first, and then transferred to the Special Care Baby Unit as his oxygen saturation was too low. Meanwhile, Nessa was transferred back into the delivery unit where she had to stay for 24 hours after the birth. Being separated from Danny for all this time was horrible; I tried to fill it by running between the two of them with my digital camera but it wasn’t a good substitute.


Eventually, Nessa was moved onto Lady Sara ward, which is adjacent to SCBU, and could visit him at any time. He was still a tangle of wires and tubes at this point – oxygen through his nose; a canula and glucose drip into his arm; a pulse and O2 saturation sensor on his toe, and a feeding tube up his nose. But by the third day, he’d had some “kangaroo care” or skin-skin contact with Nessa.



This was a surreal time for us. The first few days were absolutely horrible; it was very difficult to hold our baby; he was fed hourly through a tube on a 24-hour cycle and day blurred into night. He was four weeks early and being delivered via c-section meant that the fluids hadn’t been squeezed from his lungs. All the while, the medical staff attempted to eliminate other causes for his low oxygen saturation – lumbar punctures to detect infection; chest xrays; ultrasound. But every day he got a bit stronger and a little less dependent on the external support.


Still, it was nearly two weeks before he could come home and almost three weeks until he met his older brother and sister.


Douglas Adams compared a child’s early development to a computer booting up, and this is what we see with Danny. His awareness of what’s around him gets wider each day.


Working out how old he is, is also difficult and even confuses the medical staff. A GP was concerned that he’d not started smiling by six weeks old; the hospital confirmed that these development checkpoints in the first year can all have four weeks added on to account for his prematurity. Still, no problem with smiling now.


He’s now doubled his birthweight and it’s interesting to compare him to his cousin, Charlie, who was only a week old at the time this photo was taken.


He’s becoming a lot more aware of his own body and has started to grab for his knees and his toes with his fingers.


He’s also become a lot more facially-expressive.



So Danny’s now nearly four months old and we’re well into the routine of having a young baby in the house. Time to go and sterlise the breast pump!


Technology, Photography, Management