The personal blog of Stuart Breckenridge

Privacy and Security

A few years ago I applied for a bank account and was asked to provide identity, address, and income proofs either via fax or email. This struck me as odd for two reasons:

  • individuals don’t tend to have fax machines; and,
  • sending (private) documents over email is not even close to secure.

In my situation using a fax machine was immediately excluded, so I enquired about the email option and highlighted my concerns about security. I was told that in order to protect my documents, I could compress them and then add a password to the compressed file. “And how would you like me to send the password to you?”, I asked. “By email”, I was told.

The person I was speaking to didn’t seem to realise the sheer stupidity of sending a password in cleartext or, as it turns out, the security shortcomings of password protected zip files. I didn’t press the matter further as I decided to drop the application.

I don’t think that it’s unreasonable to expect that, at a minimum, businesses should be using PGP or S/MIME for encryption, and providing clear instructions to their clients as to how it should be used. For bigger institutions (e.g. banks) that need documents from you, they should provide a secure, online portal for document upload.

Any business stating that they respect your privacy and then ask for your documents over an unencrypted channel should be viewed with suspicion. It’s nothing more than corner cutting.


Chinese iPhone Users Hit By Keyraider Malware  

Seven paragraphs into the linked article:

“It found that an attacker had made changes to software used on jailbroken iPhones.”

BBC


Talk about misleading headlines.


FATCA FFI List - Roadmap

What I’m planning for the rest of 2015 for FATCA FFI List (via fatcaapp.co):

Not only is iOS 9 just around the corner, the published FFI list from the IRS is about to be expanded significantly with the inclusion of Sponsored Entities. Both of these require updates to FATCA FFI List.

##v3.0 Coming in September, FATCA FFI List will receive an update that bumps the version to 3.0 and brings the following changes:

  • iOS 9 will be the minimum supported version
  • App performance during the initial app launch will be improved
  • New multitasking (Slide Over and Split View) features in iOS 9 will be supported on iPad
  • Saved FFIs will be searchable from the home screen without accessing the app

##v3.1 Coming later in the year, FATCA FFI List will receive another update that adds support for Sponsored Groups.

Some undisclosed features may slip into each release depending on how testing goes. If you have any feedback, don’t hesitate to use the in-app feedback features.


Currys and PC World to Sell Apple Watch  

“MacRumors has learned that British electronics retailer Currys, which co-brands some locations as Currys and PC World, has added the Apple Watch to its internal inventory system as it gears up to begin selling the wrist-worn device.

Currys and PC World has a large presence throughout the United Kingdom and Ireland, with a combined 295 superstores and 73 high street stores in both countries. It remains unclear how many of those locations will be carrying the Apple Watch.”

Joe Rossignol


Reminder: Currys and PC World are part of the Dixons group, the former haunt of John Browett, Apple’s short lived Retail SVP. Tim Cook was panned for hiring him, mainly due to British consumers knowing just how bad the customer service was a Dixons stores.

But you don’t have to take my word for it (via Ars Technica):

“…but that seems to go against the description given to us by several readers about the customer service at Dixons stores—branded Curry’s and PC World in the UK—which they described as ‘shite’ and ‘the epitome of appalling service.’”

Chris Foresman


My point is this: selling the Apple Watch in these stores does nothing more than cheapen its image.


Facebook Records Over 1Bn Users In A Day  

“Here’s a crazy statistic for you: For the first time in history, one billion people used Facebook in a single day this past Monday. That means one out of every seven people on the planet was logged into the network at some point during that day.”

Napier Lopez


Mind boggling. Remember when Friends Reunited was all the rage?


Swift 2 Adds Another Try Keyword

In Xcode 7 beta 6, Apple has introduced a new try? keyword to the Swift language. try? will attempt to perform an operation and if it succeeds the result is wrapped in an optional, otherwise the result is nil. One of the critical differences—and which I consider to be a downside—is that errors are no longer surfaced. In practice, try? looks something like this:

enum DayError: ErrorType, CustomStringConvertible
{
    case NeedADateError
    
    var description: String {
        switch self {
        case .NeedADateError:
            return "Error: A date must be provided."
        }
    }
}

func isItTuesday(date:NSDate?) throws -> String
{
    if date != nil
    {
        let dateFormatter = NSDateFormatter()
        dateFormatter.dateFormat = "EEEE"
        let day = dateFormatter.stringFromDate(date!)
        
        if day == "Tuesday"
        {
            return "It is."
        } else
        {
            return "It isn't."
        }
    } else
    {
        throw DayError.NeedADateError
    }
}

Pretty simple: a function which throws an error if a parameter isn’t provided.1

The new try?:

// Example 1: result is nil with no error surfaced.
if let today = try? isItTuesday(nil)
{
    print("Date has been set.") // Never called.
} else
{
    print("Uh oh. No error handling. Result is nil.")
}
// Example 2: result is an optional. 
if let actual = try? isItTuesday(NSDate())
{
    print(actual) // Returns "It is." (Optional)
}
// Example 3: do-try-catch with error handling. 
do {
    let x = try isItTuesday(nil)
} catch
{
    print(error) // Error: A date must be provided.
}

I don’t think I’ll use try? all that often. I like to know why something failed and deal with it correctly.

  1. Obviously you can work around this scenario by using a non-optional parameter. ↩︎


FATCA Metadata for Windows

Metadata Screenshot

I’ve been playing around with C# and Visual Studio recently and my test project was to build an app—in this case a Windows form—that took user data, validated it, and then created a correctly formatted XML file that could be used as part of annual FATCA submissions. As part of this learning process two technologies stood out as really impressive: XDocument and ClickOnce Deployment.

The XML file I wanted to create was pretty simple:

<?xml version="1.0" encoding="UTF-8"?>
<!--Sample XML file generated by XMLSpy v2014 rel. 2 (http://www.altova.com)-->
<FATCAIDESSenderFileMetadata xmlns="urn:fatca:idessenderfilemetadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
	<FATCAEntitySenderId>000000.00000.TA.840</FATCAEntitySenderId>
	<FATCAEntityReceiverId>000000.00000.TA.124</FATCAEntityReceiverId>
	<FATCAEntCommunicationTypeCd>NTF</FATCAEntCommunicationTypeCd>
	<SenderFileId>000000.00000.TA.840_Payload.xml</SenderFileId>
	<FileFormatCd>XML</FileFormatCd>
	<BinaryEncodingSchemeCd>NONE</BinaryEncodingSchemeCd>
	<FileCreateTs>2015-06-30T00:00:00Z</FileCreateTs>
	<TaxYear>2014</TaxYear>
	<FileRevisionInd>false</FileRevisionInd>
</FATCAIDESSenderFileMetadata>

Creating this on a Mac using a technology I’m familiar with—NSXMLDocument—is simple, if overly verbose:

func generateXMLFile() -> NSXMLDocument
{
    // Header
    let xmlFile = NSXMLDocument()
    xmlFile.version = "1.0"
    xmlFile.characterEncoding = "UTF-8"
    xmlFile.standalone = true
    xmlFile.addChild(NSXMLNode.commentWithStringValue("FATCA Report") as! NSXMLNode)
    
    // Root Element
    xmlFile.setRootElement(NSXMLElement(name: "FATCAIDESSenderFileMetadata"))
    xmlFile.rootElement()?.addNamespace(NSXMLNode.namespaceWithName("", stringValue: "urn:fatca:idessenderfilemetadata") as! NSXMLNode)
    xmlFile.rootElement()?.addNamespace(NSXMLNode.namespaceWithName("xsi", stringValue: "http://www.w3.org/2001/XMLSchema-instance") as! NSXMLNode)
    
    // Child Elements
    xmlFile.rootElement()?.addChild(NSXMLElement.elementWithName("FATCAEntitySenderId", stringValue: "000000.00000.TA.840") as! NSXMLNode)
    xmlFile.rootElement()?.addChild(NSXMLElement.elementWithName("FATCAEntityReceiverId", stringValue: "000000.00000.TA.124") as! NSXMLNode)
    xmlFile.rootElement()?.addChild(NSXMLElement.elementWithName("FATCAEntCommunicationTypeCd", stringValue: "NTF") as! NSXMLNode)
    xmlFile.rootElement()?.addChild(NSXMLElement.elementWithName("SenderFileId", stringValue: "000000.00000.TA.840_Payload.xml") as! NSXMLNode)
    xmlFile.rootElement()?.addChild(NSXMLElement.elementWithName("FileFormatCd", stringValue: "XML") as! NSXMLNode)
    xmlFile.rootElement()?.addChild(NSXMLElement.elementWithName("BinaryEncodingSchemeCd", stringValue: "NONE") as! NSXMLNode)
    xmlFile.rootElement()?.addChild(NSXMLElement.elementWithName("FileCreateTs", stringValue: "2015-06-30T00:00:00Z") as! NSXMLNode)
    xmlFile.rootElement()?.addChild(NSXMLElement.elementWithName("TaxYear", stringValue: "2014") as! NSXMLNode)
    xmlFile.rootElement()?.addChild(NSXMLElement.elementWithName("FileRevisionInd", stringValue: "false") as! NSXMLNode)
    
    xmlFile.XMLStringWithOptions(NSXMLNodePrettyPrint)
    return xmlFile
}

Now, compare that to XDocument:

XDocument generateXMLFile()
        {
			XNamespace metaNS = "uri:fatca:idessenderfilemetadata"
			
            XDocument xmlFile = new XDocument(
                new XComment("FATCA Report"),
            new XElement(metaNS + "FATCAIDESSenderFileMetadata",
				new XAttribute(XNamespace.Xmlns + "xsi", "http://www.w3.org/2001/XMLSchema-instance"),
                new XElement(metaNS + "FATCAEntitySenderId", "000000.00000.TA.840"),
                new XElement(metaNS + "FATCAEntityReceiverId", "000000.00000.TA.124"),
                new XElement(metaNS + "FATCAEntCommunicationTypeCd", "NTF"),
                new XElement(metaNS + "SenderFileId", "000000.00000.TA.840_Payload.xml"),
                new XElement(metaNS + "FileFormatCd","XML"),
                new XElement(metaNS + "BinaryEncodingSchemeCd","NONE"),
                new XElement(metaNS + "FileCreateTs", "2015-06-30T00:00:00Z"),
                new XElement(metaNS + "TaxYear", "2014"),
                new XElement(metaNS + "FileRevisionInd", "false"),
                )
                );
            xmlFile.Declaration =  new XDeclaration("1.0", "utf-8", "true");
			
			return xmlFile;
        }

XDocument, in comparison to NSXMLDocument, is both simpler and more concise. However, I think Swift itself also contributes to the complexity with constant forced as! conversions for each element. It’s generally very untidy.

With the app built, I started looking at how it could be deployed and immediately came across ClickOnce. ClickOnce is an easy to use deployment technology that lets you publish self-updating applications. For this app, I’ve chosen to deploy via my website. It can be installed via the link at the end of this article. Despite ClickOnce ease of use, the issue I’ve found is with Windows SmartScreen which prevents the app being installed until it’s built up enough reputation. This is somewhat annoying considering the app is code signed (see the note at the end of this post).

The app is open source and available on GitHub. Or you can simply install it by clicking the button below.

Install Now User Guide


Code Signing: You may see installation warnings; however, as long as you see my name in the Publisher section (below), you can be almost sure that the code hasn’t been tampered with.


Gears of War is Still a Mad World  

…nearly nine years after the launch of Gears of War, Microsoft’s created an homage to the 2006 Mad World trailer with its launch trailer for Ultimate Edition, due out on Xbox One later this month. It’s not exactly the same as the (superior) original, with different footage used throughout. But the trailer’s going for the same melancholy effect.

Wesley Yin-Poole


There are so many remasters being released for this generation of consoles that it’s becoming somewhat irritating. That said, the trailer for Gears of War: Ultimate Edition is still very good (though it’s ruined by the Xbox plug at the end).


Star Wars-Themed Lands Coming to Walt Disney World and Disneyland Resorts  

“I am thrilled to announce the next chapter in the long and exciting history between Disney Parks and Star Wars,” said Iger. “We are creating a jaw-dropping new world that represents our largest single themed land expansion ever. These new lands at Disneyland and Walt Disney World will transport guests to a whole new Star Wars planet, including an epic Star Wars adventure that puts you in the middle of a climactic battle between the First Order and the Resistance.”

Bob Iger


This is worth the 28 hour (minimum) flight from Singapore to San Diego.


Boot Camp Now Supports Windows 10  

Boot Camp 6 also includes support for several Mac features within Windows 10, including USB 3, USB-C, Thunderbolt, built-in SD and SDXC card slots, built-in or external Apple SuperDrives, and the Apple keyboard, mouse and trackpad.

Husain Sumra


I’m interested to see if the new version of Boot Camp—version 6—resolves the issues I’m having with installing any version of Windows on my 3TB Fusion Drive: it continually places the Boot Camp partition outside the 2TB boundary supported by Windows (see this issue).1

I have, however, been running Windows 10 on my MacBook Pro under the previous version of Boot Camp without issue. While it’s certainly a solid release, I think streaming games from Xbox One is my favourite feature.

  1. I have a support ticket open with Apple and they've suggested some of the weirdest things (e.g. remove the Windows USB install media after you've formatted the Boot Camp partition to NTFS).

    </li> </ol></div>