Making job applicants wait

I’ve applied for a fair few jobs recently and I’ve noticed that companies seem to enjoy making job candidates wait.

For one position the prospective employer was really keen but took a week to do anything. After applying they got back to you after a week. After the initial interview they took a week to let you know you are through to the next round. When no next round notification happened after almost a week and you emailed them, they took a week to reply to your email. The email said they’ll be in touch in a week. WTF? Is there some internal policy around taking seven days to action anything?

For another position the company said that I was the only candidate. Great, what happens next? They need to talk to the board. After ten days of hearing nothing you reach out. Nothing. Radio silence. You mention to someone you know at the company that you are now looking elsewhere and you then receive an email letting you know that they are still keen to hire you and discussions internally are ongoing. You hear nothing for weeks and continue to apply for other roles. You then receive an invite for a second interview. Hold on, I thought I was the only candidate? You are but you now have to speak to other people in the company before your application can be taken further.

Some of these companies are small, less than twenty employees yet they have so much bureaucracy and red tape. How many perfect-fit candidates are they losing due to these processes and lack of communication?

That is what it essentially comes down to: a lack of communication.

If only these companies would let you know what is going on. The equivalent of the in-progress spinning graphical animation that most software uses to let you know that something is happening and that we haven’t forgotten that you are there. To let you know where you stand, that they are still considering you but that this or that is happening and we will be in touch by so-and-so date. But no, nothing. Radio silence and the hope that you will wait on them.

We’ll get back to you, in a week.

Mini retirements instead of actual retirement

Retirement is wasted on the old. I mean, there’s no guarantee that you’ll even reach it, and if you do that it will be long. So I’ve adopted the approach of taking mini retirements throughout my working life.

When I can afford to I take time off from work. A month or two, maybe three. Sometimes 6-months to a year. On one occasion two years. The point being to blend working with enjoying life. Taking time to travel or spend time working on your home, car, or fitness.

If you do manage to reach retirement, at whatever age, and you do get to enjoy a long one. Then congrats you got to have your cake and eat it. For me, I’m taking as many mini retirements as I can while both enjoying life and working as retirement at the end of your lifespan is not guaranteed.

Short code scams

Short code scams are rife. You receive a text message from an unknown source informing you that you have been opted-in or signed-up to some such service, or you receive an unsolicited text message asking you to reply to this short code.

Your best bet is to delete and ignore them.

Short code scams work by tricking you into responding. Either by messaging the short code or by supplying personal data. The former results in you being charged for a premium service, either one time or repeatedly, and the latter by trying to elicit data such as usernames, passwords, and PIN codes from you, known as smishing.

You can look up short codes at https://www.shortcodes.org/ to see if they are a scam. Although to be honest if you did not initiate or request the message your best bet is just to delete it and not reply or click on any links it may contain. Also flag it as spam if your phone provider offers this service.

It’s the side missions that count

I’m playing a computer game following the main campaign and I keep dying. Over and over again at the same point. It seems impossible to make any progress past this particular point in the game. Not with my character’s current level of experience, armour, and weaponry.

The only way that I can make any kind of progress is by taking a break from the main mission and spending some time in the game world undertaking side missions. This way I can build up my character’s stamina, strength, XP, buy new armour and weaponry and practice combat with easier opponents. Then I can get back on the main path and start to make real progress.

This got me thinking about how relevant this strategy is to life in general. Everyone is trying to get ahead as fast as possible without investing any time in bettering themselves. Improving your skills and experience can only help you be a better version of yourself in anything you tackle in life.

We often forget that half the fun of the journey is who and what we encounter along the way that contributes to small changes in ourselves making us who we are today.

So don’t rush to the finish line. In life sometimes it’s the side missions that count.

Drone swarms

I watched a drone swarm on TV and was fascinated about how they worked. Could you just buy them off the shelf and program them yourself?

Turned out that the answer was no.

Drone swarms work like a hive mind using complex code. Each drone has a copy of the code along with its own set of instructions. They can be lighter and smaller than other drones as they don’t need all the recording and camera gear. Instead they use GPS and sensors to move and position themselves. Then depending on their function they move and activate LED lights or smoke canisters.

There is no master drone as the whole swarm could fail if something happens to the master. Instead they act independently. They are aware of each other via communications and sensors and should a drone fail another can take its place.

Custom software such as DroneShow is used to program and test the swarm. GPS coordinates are used to define a safety boundary outside which the drones cannot go, known as a geo-fence. This prevents the drones from harming the audience or drifting over private land causing security and safety issues.

A fall-back system may also be available whereby the swarm could be controlled from a base station should there be a problem such as a loss of GPS signal or to land the drones due to a failure.

Devices constantly waiting

Smart meters can show you how much energy your devices are actually using, even when on standby. Tools like nmap and Wireshark can help you map-out your home network and monitor how chatty your devices are, even when you think they are turned off.

Nothing is truly turned off unless it is unplugged. I have an integrated microwave that looks asleep but it is constantly waiting for you to touch its fascia so that it can wake up or open its door for you. My set-top boxes have powered down their storage media but they are still polling servers on the internet for updates and waiting for an IR signal from the remote. The smart TVs are also waiting for IR signals or your voice. Some even record your voice and analyse it in a buffer just on the off-chance that you are talking to it. Always listening.

Your home might be full of devices just waiting for you to address them, with a button press or voice command. Constantly waiting and consuming power. All in the name of efficiency.

An app for Ronin

An app for Ronin

The last company I worked for offered all employees a health benefits package that came with an app. By completing physical and mental exercises each day recorded by the app, you could earn coins and those coins could be turned into vouchers at retailers such as Amazon and John Lewis, essentially gamifying physical and mental fitness.

When you left the company the app still worked but the coins were not worth as much. Still, the offer of free money, however little, in return for activity remained alluring despite many of my colleagues that also left uninstalling the app.

Those of us that kept on using it were added to a public leaderboard, consisting of hundreds of individuals that had formerly worked at other companies. All of us are now Ronin, masterless, completing the activities partly out of habit, and partly for the free money.

When working for my last employer I was always in the top 5 on the company leaderboard but against many many more people I struggled to stay in the top 20, yet the challenge that represented only made me more determined. The more activities I completed the more coin I raked in.

Until it all came to an abrupt end. After ten months of no longer being attached to a company the app announced that my coins could no longer be traded for vouchers unless I joined another participating employer. I could still play without reward, and out of nothing but sheer habit I continued for a few more weeks until an app update resulted in my login details being requested, and as the email address belonged to my former employer I was true Ronin: on my own.

Digital thefts of physical assets

It seems hard to imagine that someone can steal your home but it can happen. With everything becoming digital these days proof of ownership is key. In the UK proof of ownership of a property resides with the Land Registry. It maintains a database of all registered properties within the UK along with the names and contact details of their owners.

A criminal using identity theft can assume the identity of a legitimate owner of a property and then either instruct a solicitor to sell it or a lettings agent to rent it out with the proceeds of the sale or rental agreement going to an account set up in the name of the stolen identity. These types of thefts are often targeted at unmortgaged, rented, or unoccupied properties.

To combat this type of fraud property owners can set up an alert for any properties they own with the Land Registry’s free Property Alert service here: https://www.gov.uk/guidance/property-alert

After your home your next biggest asset is probably your car. In the UK proof of ownership is a combination of the V5C document combined with receipts from wherever you purchased the vehicle. Scammers target the V5C by attempting to get you to share a copy of it (for example in order to advertise it for sale online) or by applying for a copy reporting it lost or stolen after cloning your identity or intercepting your communications. You can reduce the chance of this from happening by keeping your V5C safe and secure and not sharing it with anyone. Also keep a copy of all receipts relating to the vehicle to support your proof of ownership.

Data brokers

Data about us is so valuable that companies now offer cheap or free services in return for collecting data about us. If you’ve ever wondered why there are so many free email providers, or free streaming services, it’s because you are the commodity, or at least the data you generate is.

Data brokers make a living by collecting all this data about you and building a profile linking data from various sources. This profile data is organised and analysed and then sold to whoever can make use of it.

Examples of some of the data collected includes:

Your name, contact numbers, email, and address
Age, gender, and other physical attributes
Employment status, income band, credit status
Geographical region for home, work, and travel
Political beliefs, religion, marriage history, dependants
Patent and copyright data, businesses owned
Property and vehicle ownership
Social media membership
Club and organisation membership
Digital entertainment subscriptions and viewing habits
Web surfing usage
Fitness and health tracking

Data brokers, also known as Information brokers collate all this data and sell it to anyone that can make use of it. There are some restrictions to what they can collect, store, and sell, depending on the country they operate in and where the individuals the data is about resides, such as GDPR in the UK.

The data can be scraped from public sources and then combined using bespoke software or AI. This may introduce errors. Individuals can submit freedom of information requests to brokers requesting details of what information is held about them in their database. In some regions you can then request to have this data removed known as the right to be forgotten.

Some data brokers have been hacked due to lax security practices. They are an attractive target as they contain consumer data that is useful to malicious actors that do not wish to pay for it nor wish to be identified as having access to it.

The main types of data broker are:

Marketing and advertising
People searching
Financial information
Personal health

How much info do data brokers have about you?

Thoughts on CCTV hacking

CCTV stands for Closed-Circuit TeleVision. Or at least stood for, as today it’s rarely a closed circuit nor TV. It’s usually online and over IP and available to access via an app on your phone, making it all the more hackable.

So how easy is it to hack modern CCTV?

I did some research and the answer is it depends. It depends on the manufacturer, the availability of software and firmware updates, and how it is configured.

Let me explain by switching sides to that of a potential attacker. First you have to find the target CCTV system. This can be achieved using a database like Shodan and tools like Angry IP Scanner. With an IP address and a port scanner such as nmap or the aforementioned Angry IP you can locate the login page. Then it’s just a matter of trying the manufacturer’s default passwords, employing a brute force attack, or making use of an exploit where available.

So how do you secure your online CCTV system? First, make sure it’s a closed system unless you really need to be able to access it remotely; in which case secure the connection by changing any default passwords, make sure all software and firmware is up to date, employ a firewall and VPN (or whitelist IPs for access) and monitor access logs for anything suspicious.

Simple?