Marketing Fail

Fancy New Bottle (right)

We’ve been buying Filippo Berio olive oil for years. Some say that’s an error, and there is much better olive oil to be had, but we’ve been happy. Now some bright spark in their marketing department has changed the bottle.

“Why is that bottle empty,” you might ask, “if it is new?” Excellent point. Let me demonstrate.

Continue reading “Marketing Fail”

Glastonbury, See Tickets fail & Twitter win

The crazy Sunday morning browser refresh panic returned after a year off with the sale of 150,000 tickets to an estimated 750,000 punters. The promise of a beefed-up system (after it took 4 hours to sell out last time, to a number which did not include me) soon evaporated and even getting to the “holding page” seemed like a victory.

The next page was the “registration entry” where you added the numbers and postcodes. Naïvely, we thought we had succeeded the first time we got this far. Sadly, “0% uploaded” was as far as we got before being thrown off again.

Luckily for me, I was watching the twitter #glasto feed in another window. After about 40 minutes, somebody tweeted a hack – a line to add to your hosts file – which would get you through to the See Ticket servers. I didn’t really believe it, but had nothing better to do so gave it a go. Result! Straight through and tickets bought.

So how did that work? It was an error by See Tickets with their DNS entry.

For the non-technical: DNS (Domain Name System) is the “phone book” of the Internet. (For younger readers, a phone book was a list of people’s land line phone numbers listed alphabetically by their surnames, printed out every year and delivered to the house of everybody who had a phone – hard to believe, I know.) When you type “” in your browser, the browser asks your Domain Name Server for the IP address, and the server returns a number like “”.

Anticipating the demand, See Tickets had, to their credit, set up two servers. Both the addresses should have been entered in the DNS records, and thus 50% of the punters looking for tickets should have gone to each server. Sadly, somebody mistyped one of the addresses, putting 192 instead of 194. Thus half the queries failed, and the other server was hit by every sales request.

On your PC the hosts file is like a small, local Domain Name Server where your browser looks first to see if it knows the IP address of a name. Adding the actual address of the “spare” server in that file meant that you avoided the queue and walked directly up to the almost unused counter next door. Apparently, See Tickets did notice the very unbalanced load on their servers and fixed the DNS record after about 10:00am. The nature of DNS meant that it still took quite a while after that for the change to work its way through the Internet.

How was the error (and fix) discovered? It was because of the actual IP address numbers involved. Addresses starting 192 (or 172 or 10) are reserved for private networks. If you have a network at home, it will start with one of these numbers. Somebody trying to connect to See Tickets was doing it from work on a network which just happened to have a machine with the mistyped address. Instead of the same “could not connect” error that everybody else was getting, they saw a web page from a computer on their own network. So they looked up the numbers, worked out what the error was and shared the solution via Twitter.

Thank you, anonymous hacker, for getting me my tickets to Glastonbury.

Banks. Security. Will they ever get a clue?

Against my better judgement, but somewhat inevitably given my levels of laziness and inertia, I now have two Barclaycards. They bought Egg and so bought me as well. This has kept me entertained on and off via several low-level email complaints (about their ridiculous security, the ill-planned migration of accounts which meant I had two different on-line sign-ins for a while, the misleading email warning of an impending payment when I have a Direct Debit to pay in full every time).

Lately I mentioned that their monthly payment email is useless, because it only tells me the minimum payment and suggests that I could set up a Direct Debit. I suggested that telling me the actual amount, and that it would automatically be paid, might be more useful. They replied that “Security Protocols” prevented them from putting that information in an email. I said in that case that there seemed little point in sending it.

This seems to have irritated them, as they called me on my mobile this morning at 08:54. From a BLOCKED number. A guy with an Indian accent* said he was from Barclays and could he ask me some security questions.

He seemed surprised when I said no. (I’ve already been through this with Egg, but at least they sent the phone number which matched the one on their website. Sadly, that can easily be spoofed but it’s better than nothing.) They have a “Security Protocol” which stops them putting my current bill in an email, but expects me to give away my account access to random blocked callers? I despair.

*I only mention the Indian accent because all the spam callers also have them, thus making it inherently suspicious.

Nuclear Checklist

Here’s a quick checklist for Western governments concerned over the safety of their nuclear reactors after the media outcry:

  1. Are you expecting the largest earthquake in recorded history?
  2. Do you expect any 10 metre high tsunamis?
  3. Err..
  4. That’s it.

Oh yes – stop basing your policies on the ill-informed jabberings of journalists.

Facebook Prediction

I received an email from Facebook this morning:

Hello, Derek Law,
Your Facebook account was accessed using 'Trillian' (Tomorrow at 00:02).
Was this you? If so, you can disregard the rest of this email.
If this wasn't you, please follow the link below to protect your account:
<link removed>
To learn how login notifications like this one can help you to
protect your account information, visit the Help Centre.
Please note: Facebook will never request your login information through email.
The Facebook Team

I wonder what else they know that I am going to do?

The Car In Front..

.. is probably being driven by a moron. In a Guardian article about sticky Toyota accelerator pedals was this quote:

“I was driving in my Toyota Yaris at 60mph on a dual carriageway .. when my accelerator pedal failed to respond when I lifted my foot off the pedal. I applied the foot brake. It then took two and a half miles for it to be slow enough for me to drive half on to the verge, where the car stalled.”

Two and a half miles! Clutch, man, clutch.

Verified by SecureCode My Arse

Despite prolific online shopping, I had so far managed to avoid using the stupid and useless phishing magnet which is known as Verified By Visa or Mastercard Securecode. I’ve done this by pretending to use it and then cancelling it at the last. This has always worked.

Wen has less patience than me, so last time she used it she caved and registered.

Today I tried to buy something from Tesco, and up popped the Mastercard Securecode (or was it? who can tell as it is a separate window from another website – the very thing that we are taught never to trust when online) with the username filled in as MSWLAW. Clearly this isn’t me. I had just told Tesco that the name on the card was D Law.

This has happened because we have two cards on the same account, which have the same number. Egg clearly haven’t thought this through at all.

The terms and conditions of Mastercard Securecode are very strict. You are not allowed to write it down even though it must be 7 characters long and include at least 2 numbers. (So what will people do? Choose something obvious and easy to remember, of course.) More pertinently, you are not allowed to tell anyone. So I can not now use my credit card, because Wen has registered, and is forbidden to tell me her password. I rang Tesco: they said it was “the law” made by Mastercard and Visa and I must call my card issuer. I rang Egg, but the normal helpline shuts at 3pm on Saturday. What a surprise that I should shop online outside working hours!

I have another credit card, which is now registered in my name and Wen won’t be able to use that card online.

And yet, I have no idea why adding another password makes this in any sense “safer”. I suspect that what it does do is make it much more likely that any fraudulent use of my card will be blamed on me, because I must have told someone my password.

Gits. More on Moday when I’ve spoken to them.


It can’t be a lot of fun, working for a recruitment agency. However, it says very little for their chances of success pushing candidates if they can’t recruit decent staff themselves. I am on the mailing list of a company called JAM and they send me the most appalling emails. I received two in two days, and I’m now compelled to share them:

Here at JAM we specialise heavily within our market sector and have a second to none standard on candidate approaching us at all times. – Mark Davies

I’m not really sure what Mark is trying to say. Jamie, on the other hand, needs to get an emailer with a speelchecker:

Bryan is a widely experianced Mechanical Design Engineer, with vast experiance in the Defence and Aerospace sectors. – Jamie Wise

Gavin is a Chartered Engineer with extensive experiance in the lift industry, who is looking for a fresh challenge. I’m not sure if you have vacancy’s in his area, but hope he can be of use. If not just drag in the trash. – Jamie Wise

Poor Gavin, dragged into the trash. The next I have to quote in its entirety:

Hi there ive come across candidate 35890 whom is seeking a opportunity UK Wide. He has an in-depth electronics knowledge (technical level)

He has implemented the latest RoHS and WEEE standards to a number of companies and does not mind getting his hands dirty.

After speaking to him on a number of occasion about possible opportunity’s at your organisation he was immediately interested in getting to know more.- Imran Rafiq

I actually complained to the company about that one, pointing out to them that it was less than productive. I received no reply. I’d like to be able to tell the prospective candidates how they are being advertised, but there is obviously no way to get in touch with them.

Perhaps it’s a cunning ploy to make them stand out from the crowd? Nah.