My report from UK GovCamp 2013

Open Data

First session was on Open Data.

The room was full of people like me passionate about Open Data. We nearly all felt that councils should take the lead and publish more Open Data We should try more to promote the use of Open Data and the benefits it brings to the community but we acknowledge that it is never high of councils priority list. Except in cases where legislation forces councils to publish Open Data. It is a pity that this is the only time the councils really take Open Data seriously.

How to Hack into a Government Website

A very intriguing title for a gov camp session. Talked about the security around networks and systems. First of all the issue of passwords was discussed.

No matter how robust an organisations password system is, bad password choice by users would still create holes within the security system. If you want to hack into a government system that the password system is an early port of call.

The presenters were amazed about the number of times that they came across the word password being used as a password. Some organisations insist on a capital letter being used in a password as well as lower case. In the majority of times the user will make the first letter of the password the capital letter. Some organisations insist on a number being in the password. For this the majority of users will add these digits to the end of the password and in 30% of cases they will add the number 1. If a special character is required this is most often an exclamation mark added to the end of the password. The more rules to add the more likely it is that users will create complicated passwords and then write them down and stick them under their keyboard or around their desk somewhere.

Password Length.

13% of passwords have 6 characters
17% have 7 characters
21% have 8 characters
16% have 9 characters
13% have 10 characters

Meaning that 80% of passwords are between 6 and 10 characters.

There is a temptation to add system names to passwords to obey the different passwords to different system e.g. Passwordtwitter, PasswordYammer, FacebookPassword etc. This should be discouraged as once you know the format you'll be able to access all that persons systems.

Also the use of names are common. Wives, Girlfriends, Lovers, Secretaries names being the most common. Research has shown that where a man has a name as a password in 80% of cases that name is female.

Going back to the use of digits. Whilst 30% will use the number 1 other popular variations would be persons age when setting up the password, their house number, Office room number etc If a 4 digit number is required then most popular choice would be either 19xx or 20xx.

Password good practice should be implemented from the day someone starts in the office and that security should be part of the induction process. An example was given of a US organisation which ran a competition to see who could break into their system the quickest. It was won one year by a guy who called IT helpdesk and got through to someone who had just started that day. He told the called that as he just started he might not be able to help, to which the caller replied. Don’t worry, I think you are the perfect person to help me..

One side issue about the helpdesk was mentioned in that in so many organisations one call to the helpdesk can get someone’s password reset without any cheking as to who the caller is. The helpdesk will even give the caller the new password.

Cross Site Scripting and SQL injection

These were also mentioned but these deserve a whole blog posting to themelves.

Wordpress

Wordpress was initially released in 2003 and its current version, version 3 has been reported to have been downloaded over 65 million times. Initially it was a blogging tool but now it is claimed to be more of a CMS. I attended this session to learn more about Wordpress. I use blogger.com for my blogs but I’m not happy with their stats package. Looking around the web and looking at my twitter friends blogs I see that many use Wordpress. Indeed the @weeklyblogclub which I support with my own blogs, use Wordpress for their site.

The hosts of the session were experts on Wordpress and it seemed that a lot of the attendees were at the same level as myself. Though there were some there that seemed to be experienced users of Wordpress and praised the software. The basic Wordpress software can be downloaded free of charge from their site main site wordpress.com but it’s main advantage is the over 1,700 themes and nearly 25,000 plugins that are also free to download from Wordpress.org. These have been written by other Wordpress users. A question was asked on how to know which plug-in were safe and which were not. The hosts of the session advised that it states on each plug in it shows the number of times each has been downloaded and users give a rating on each one. They suggested that you can be confident that those with high download figures and a high rating would be the best to use.

I had no idea at the time on how many themes or plug ins were available otherwise I would have seeked advise on how to search through the huge list to find the right plug in to use.

Had a small chat afterwards with someone from Department for Environment Food and Rural Affairs (DEFRA) who use Wordpress for their site. They use it as a more fully fledged CMS. This is something that I am defiantly going to explore further.

Wikipedia

The final session of the day was hosted by someone who I have got to know very well on Twitter after meeting him at last years UK Gov Camp. Since then Andy Mabbett has received the (well deserved) honour of being awarded a Fellowship of the Royal Society of the Arts for his work in the fields of Open Data, Wikipedia and Social Media. So who better to give a talk on Wikipedia.

I first created an account on Wikipedia back in September 2004 and have made hundreds of changes to the site since then, created some pages, added some photos to Wikipedia commons etc but nothing to the extent of Andy.

He talked about the time he spends being Wikipedia in residence at various museums, art galleries etc around the country. He talked about the time that he (and others) spent in Monmouthshire creating Wikipedia articles about the area and adding QR codes around the place to make it easy for people to access those articles via their smart phone. This really helped visitors get more from their visit to the area. It must also have been incredibility interesting for them to do such work and learn about that area. This is something that all councils, art galleries, museums can do. Editing Wikipedia is free and creating QR codes is free.

I also quizzed Andy about how I could use Wikipedia to help with my Historic Churches of Great Britain website and he gave me valuable help with this. Pointing to the many articles on churches on Wikipedia and we talked about the photographs on Wikipedia commons that are licensed for re-use by anybody under the creative commons licence. Since then I too have added to the collection of photographs on Wikipedia commons.

I was truly inspired by this sessions and feel that despite its detractors Wikipedia is a valuable tool.

Spotting (Part 1)

Fellow @weeklyblogclub member Louise once said to me that she would be interested in reading an article about why I go spotting aircraft, train, bus, tram etc and I’ve been thinking long and hard about this. I thought I’d start off with a brief introduction as to how I came to take part in all these hobbies.


It started in Junior school, Roy who was my best mate at the time told me that he went out to our local airport to spot planes every Saturday and he asked me if I would like to go out with him. I got permission from my mum and the following Saturday we headed across the fields to the airport. On arrival he told me that civil aircraft have registrations painted on them (military aircraft have serials) and the object of the hobby was to see as many different aircraft as possible. Pocket money was saved up to buy a book called Civil Aircraft Markings. This listed all aircraft on the British and Irish civil aircraft register. Plus listings of foreign airliners that came to the UK. I started ticking off all those that I saw. Whilst the Civil Aircraft Markings and it’s sister publication Miltary Aircraft Markings books are still published. I have computerised my sightings in a piece of software Aircraft Spotters software called Aerodata for which I pay £8.25 to receive updates for at regular intervals. Thanks to this software I can tell you that I have so far logged over 35,000 aircraft registrations.

During the early days I went on trips with other local aircraft spotters to far flung destinations such as Heathrow and Yeovilton. My friends at the time also collected numbers of other things whilst on route, some collected BMW car registrations (they were quite rare back in those days), some collected all car registrations that just contained a one in them (e.g. EL1 etc). I wanted something like this but different. Also I needed one fundamental thing. To have a list that I can check off. So I knew how well I was doing. I’m sure there is some physiological reason why I need a list but I do.

My list came in the form of a book. Buses of South East England by A M Witton. It listed buses own by the major bus companies. Buying that book lead me to start bus spotting. The actual collecting of bus numbers ceased when I was in my very late teens but I still like to photograph them. Which is strange as this is one area that I do deviate from my need for lists. Whilst I maintain my own on-line list of bus fleet lists of operators that I have an interest in. I don’t have complete lists of every bus and coach but do take photos of all that I can, both British and those from abroad.

Whilst I was in secondary school I was chatting to another friend about spotting who said that if he did any form of spotting then it would be trains. So we both agreed to start train spotting.

Going back to the need of lists. The train spotting books at the time only listed diesel and electric trains, not steam. Hence I’ve never collected steam train numbers, Again I photograph them when I see them, but never go out of my way to see them. I’m in the process of building a model railway and I read somewhere that people often model scenes from their childhood and this is certainly the case for me. My layout is set in the 1980’s and features British Rail Blue throughout

So that’s why I started. In future blogs Ill answer questions like. What exacyly is spotting? Does it take up all your life? How sad do you think it is? Ill also be talking about the plus side of the hobbies and some of the negative.



.