Dewisiadau Iaith

Un cwestiwn sy'n codi'n aml tra'n dylunio gwefan dwyieithog yw sut i ddangos opsiwn i newid iaith. Wel, i fod yn onest, mwy na thebyg dydi'r cwestiwn ddim yn codi - mae nifer o wefannau yn jyst defnyddio baneri cenedlaethol, heb feddwl am arwyddocâd y baneri o gwbl - e.e.

ond mae hyn yn gwbl warthus!

Baner y ddraig goch yw baner POB UN Cymro a Chymraes, beth bynnag eu hiaith(oedd) - Cymry Cymraeg, Cymry di-Gymraeg neu dysgwr. Baner Sior yw baner Lloegr - ond Saesneg yw iaith bobl mewn llawer o wledydd, gan gynnwys Cymru.

Mae rhai hyd yn oed yn defnyddio Jac yr Undeb ar gyfer Saesneg:

(vistcardigan.com)

(dyna gwefan Cered, Menter Iaith Ceredigion - dylen nhw gwybod yn well! Ond o leiaf mae enw'r iaith yno hefyd)

Jac yr Undeb yw baner y Deyrnas Unedig, sy'n cynnwys Cymru (lle mae rhai bobl yn siarad Cymraeg), Lloegr (Saesneg yn unig, yn swyddogol), Gogledd Iwerddon (Saesneg a Gaeleg) a'r Alban (am y tro, o leiaf) - Saesneg a Gaeleg yr Alban. Gwbl anghywir.

Credaf mai'r unig opsiwn yw defnyddio enw'r iaith - yn yr iaith, felly 'Cymraeg' ac 'English' (ac efallai 'Castellano' yn Ne America ac 'Español' yn Ewrop, Български neu beth bynnag)

Dyma enghraifft o wefan wnaethon ni datblygu ar gyfer prosiect EU:

www.futureforest.eu

From Marathon to Waterloo....

I've always been interested in history and so it's given me great pleasure recently to develop a new website for an old friend who goes round giving extremely entertaining talks and lectures on a wide range of historical subjects to local groups and societies around Cambridgeshire, Peterborough, Lincolnshire and Northamptonshire, and other far-flung parts of Eastern England.

It's been an interesting project - we wanted (and needed) something relatively simple and straightforward, which gives the basic details of who he is and what he does, how to contact him, and what exactly he offers: a classic 'brochureware' site. We still wanted something attractive and so we made use of a selection of colourful open-source images of the subjects of his lectures, which really lifted the whole site. The main design was almost monochrome, but it works well with the flashes of colour from the images.

You can visit the site at www.chiswell-history.co.uk

The basic site went live in February 2014. It's built with our content managent tools so can be easily updated to add events and new subjects as they become ready. We still need to do a bit of SEO work getting a decent placing in Google, but that can't be done overnight.

E-mail hackers = evil scum

Without doubt, the criminal scum who attempt to rip off normal people through computer fraud will spend all eternity burning in the hell of their belief system. And if they don't believe in an after-life then I'm sure we can devise a hell especially for them.

I'm slightly peeved with these toe-rags as I've just spent several hours helping a friend to recover from an e-mail account hijacking.

Over the last year or so I must have had a dozen e-mails from friends and contacts with the usual sob-story that they're in Nairobi/Istanbul/Cairo/Casablanca or wherever and have been robbed/lost their money and tickets/been arrested and need some financial assistance. Most of them have been yahoo or btinternet accounts. It's a well known problem and seems to be almost inevitable for yahoo mail users, even the careful ones.

This one was unusual as it was a gmail account, which tend to be a lot more secure (or can be).

The hijacker was a bit nastier than usual as well.

The sequence of events:

1. They managed to log in to the gmail a/c
2. They changed the password
3. They set up a 'reply-to' to a yahoo a/c with the same user name that they'd just set up.
4. They sent out the begging letter to all the contacts in the address book
5. Then they deleted all the mail in the a/c and emptied the trash - although they left the address book intact
6. They also managed to get into his Facebook a/c and changed the password on that too.

Friend then gets lot of calls and e-mails telling him he's been hacked, and made the mistake of googling for assistance, and ended up talking to some dodgy company in India who used Teamviewer to control his machine and showed him the terrible things that were there and frightened him somewhat. (They weren't there I hasten to add). He agreed to pay them the £130 they wanted to clean up his machine. Luckily the bank stopped the payment! Total scammers, and presumably the same nice folk who phone little old ladies and claim to be from Microsoft and offer to remove the virus from their computers. What are the Hindus like for punishment in the after-life?

He then reported the issue to Google and got his password changed using the 'security questions' so he had his account back, minus all old e-mail.

He also reported the matter to the police (which will undoubtedly result in a series of worldwide dawn raids and arrests within days, if not hours - well, possibly in some parallel universe)

He also got all his credit cards changed.

Wisely he then asked me for advice and we've spent several hours sorting things out.

For reference, this is what we did.

• Firstly, check his gmail a/c to see if any other nasty surprises had been left, like filter, forwarding etc. Only obvious thing was that a reply-to address had been set up, and has now been removed.
• Then contact Google to see if they can recover his deleted mail. There's an excellent summary of how to report problems and get mail recovered at
  
  https://support.google.com/mail/answer/78353?hl=en
  
• We filled out the form and within 10 minutes the mail was all back. Serious "thank you very much" to Google for such fast work. (I suspect they have to do it quite frequently...) 
• Looking at the mail discovered some messages from Facebook about changes of password and e-mail a/c (to the new dodgy yahoo a/c), so then had to do a forced reset of the FB password and e-mail a/c. Not too stressful, although the option to recognise people in photos was useless!

Meanwhile we're wondering how it had happened in the first place. Checked that AV was up-to-date on friend's main laptop and ran full scan, completely clean. Ran different AV to doublecheck, and about to run Spybot as well. So probably not something as obvious as a keylogger. If they'd done that I think they may have tried high value attacks like bank accounts rather than a standard scam that's unlikely to work, and grabbing FB contact lists.

We chatted about his recent activities. Did he use an internet cafe or a strange computer? Could someone have shoulder-surfed when he logged in in public? And he travels a lot, in some slightly dodgy places (including Nairobi - where he met a nice lady who offered him TWENTY SIX MILLION US DOLLARS). He travels with an old laptop, and remembers using some unsecured public WiFi spots. We decided that was probably it - shoulder-surfing or unsecured WiFi with some nasty goings-on on the server.

That was actually quite encouraging, as he'd been worried that someone had hacked his actual laptop - but it doesn't seem to be that. (The nice lady in India who should go and get an honest job suggested that someone had hi-jacked his IP address - I'm not sure how that would work.)

So, we then looked at how to stop it happening again.

First off, we turned on Google 2-factor authentication. This is a seriously important step, and really everyone with a google a/c should use 2-factor. It's simple - when you try to login from an unfamiliar computer google will prompt you for a second, one-time pass code. It can either send it as an SMS to a previously agreed primary phone, or it can make a voice call to the phone, or you can install an app on a smartphone that generates a code that changes every 60 secs (like the good old SecureID tags that I used for remote dial-up loggin to Eagle Star many years ago). Some other services offer 2-factor, and everyone should use it whenever possible.

Then we looked at the issue of possible hi-jacking of a WiFi session. He's now going off to install VPN software (I suggested Hide My Ass Pro) which will create a secure connection over even an unsecured WiFi network. I've used it, and it works with Windows and Android devices, and I assume a whole lot of others. It has other uses too, but well worth the $60 p.a. (special offer) if it prevents a repeat of something like this.

That seems to be it. I'm not sure how effective it would be to report the dodgy yahoo a/c to yahoo.

We had a look at the gmail account history, to see if we could get an IP address for the soon-to-be-spit-roasted one, but we'd left it too long. Pity. Can one book a drone strike on an IP address anyway, or do they want a grid reference? (That's a question for you, NSA)

A useful lesson (or two) to us all. Mainly a) use two-factor authentication and b) don't use unsecured WiFi

Hopefully this particular scammer/hacker/little shit will shortly have an accident that wipes out all their savings on medical bills, without actually being life-threatening. May they live a long and miserable life of anticipation of the hell-fires that await them when DEATH finally comes to take them.

Companies in the community

We've been in business for over a decade now, and from the beginning we've been aware that there is more to being a small business in a rural area than screwing every penny possible out of every customer. In the big city you may get away with it, but living and working in a small community really makes it obligatory to contribute to that community in whatever way we can, whether as individuals or as businesses. That may be something as simple as paying for an advert in the village school's calendar, but in our case it goes further: we're always happy to contribute our professional skills to local community groups at reduced costs or even for nothing. From a pragmatic point of view this sort of pro-bono work may help to generate a bit of paid work by spreading the word about the company, and in rural areas reputation is everything: very few small businesses just look in Yellow Pages when they want a web developer - they go by word of mouth recommendations (or at least they do round here). That's one factor of course, but on the whole we do it because we actually want to - we want to get involved with local groups and businesses - they're our neighbours, after all.

One recent project comes to mind: Siop and Caffi Cynfelyn.

Siop Cynfelyn is a community enterprise (Cwmni Cymunedol Cletwr) that has taken over the site of a local petrol station/shop/cafe in the village of Tre'r Ddôl on the A487 that had been empty for several years. In May 2013, after a lot of hard work by a team of volunteers, the café and shop were re-opened to the public. It's grown steadily since then, staffed mainly by a team of dozens of volunteers, and is now in the process of applying for grants so that the group can buy the site and completely redevelop it. Our initial contribution to the project was an offer to develop a website (a freebie of course) to keep locals up-to-date with the project plans. That then evolved into a site aimed at advertising the activities in the shop and café and progress on the project. It was then added to with a private area for managing communication with the volunteers and to maage a general customer mailing list. Although the site was developed with our standard content management tools, we're still doing most of the content editing as well.

Of course in this case our involvement didn't stop there - somehow I'm now on the management committee and I also seem to be doing a couple of shifts a week making excellent lattes for the customers and standing behind the till (a strangely slow piece of advanced computer-based technology. Why does it take 7 seconds to calculate that there is £4.00 change from a £5 note when buying a £1.00 loaf? Very odd - I think there's a little demon in the box writing down the details of each transaction with a quill pen.)

You can see the website at www.cletwr.com

The managers have also been busy, and set up a Facebook account, which helps to spread the word

...and of course, if you're on the A487 between Machynlleth and Aberystwyth at any time, why not pop in for a cuppa and a slice of cake, and a chance to buy some excellent local produce - choose the right time and you might even meet Santa Claus

Backups? What backups? (fit the second)

In my last post I chatted about the sort of backup approach that I use for my own computers, but what about website backups?

We are responsible for managing dozens of client websites, on a number of different servers. All our server and hosting suppliers provide backup (obviously) but that's mainly to cope with server failures. Most of our sites are developed using content management tools, which means that the site owner could be adding or editing content every day.

So how do we guard against:

1) Client wants to revert to an older version of a page

2) Content is corrupted and not noticed for a few days
3) Hosting provider suddenly shuts down (it's not happened so far, fingers crossed)

We've set up a number of systems to protect against these situations.

The first is fairly straightforward: our CMS stores all previous versions of a page in the database and a client can view all of these and revert to whatever version they want.

The others are slightly more complicated.

We originally set up a system that backed up the latest version of our production sites to storage in our office. The procedure was fairly straightforward: copies of the databases were downloaded each night and kept for a couple of weeks, and a copy of the current state of the static files (pictures, pdfs etc) was also kept. The main drawback was doing this every night over a broadband line - some of those databases were quite large, and were downloaded every day even if nothing had changed. So how could we improve things?

Initially we set up a system using an 'unlimited' (hah!) hosting package which did something similar, but to a hosted server, so that we didn't have to worry about bandwidth and storage. It then turned out that the unlimited package we had bought wasn't quite as unlimited as all that. So on to plan C.

Plan C is our current version and now makes use of 'the Cloud'. We are using an Amazon EC2 server to run the backup processes, which now do a daily backup of all the static files and databases on all our production servers and then stores them in Amazon S3 storage. The costs are pleasingly low. We also make use of the Amazon 'Glacier' storage for older backups. This way we can have a complete snapshot of all our site data which is immediately available (so that we can restore individual files or database records) for every day for the last two weeks, and we have further daily backups for three months which can be recovered in a few hours. (Obviously all the backup files are password protected and aren't directly web accessible).

We've also developed a backup management system that warns us if a backup is overdue for some reason.

So now we can sleep easy in our beds!

The whole process of developing the backup strategy to the position we're now in has taken many weeks of development time. Apart from the obvious advantage of having a reliable backup system, it's also served as a useful opportunity to experiment with the Amazon Cloud services - which are pretty impressive.

But there are times when I wonder if we're very good at "business". We've done all this work to ensure our customers' data is safe, but do we charge them an arm and a leg for the extra security? Do we heck! All part of the Technoleg Taliesin service.

Backup? What backup?

You all take regular backups of the critical data on your computers, don't you? And backups of your entire hard drive? But do they work? A wise sage once said "Your backups are only as good as your last restore", and that's probably right.

Over the years I've heard a whole host of horror stories about the subject, some pretty ancient. There was a colleague who visited a local office where there was a problem and who asked for the disk copies - and was given a folder containing photocopies of their data floppy disks! (This was obviously a few years back in the days of 5.25 inch floppies) - fair play to the office staff, no one had explained what was needed. Someone had just installed this amazing new bit of kit, shown them how to use it, and then said "Don't forget to copy the disks every day" - and as far as they were concerned copies were made on the photocopier.

And there was another colleague (same sort of era) who discovered that the backup floppies (real floppy disks this time) were kept safely where everyone could find them - clamped to the side of a filing cabinet with a large magnet!

And some years ago in the Green Party office when the computer died, and someone asked for the backup. No problem, sitting in the filing cabinet, taken the previous afternoon. All was well - luckily - as yesterday was the first backup they had made in six months!

And the office in a large insurance company in the early days of IBM PCs, before networks, where PCs were stand alone, and they had installed a tape cartridge unit and software on the PC for daily backups - which they did. And one day the engineer was looking at something and discovered the cartridge drive door was covered in cobwebs - they'd been backing up onto the same cartridge daily for the previous year - and those cartridges had a recommended lifespan of 20 uses.

Of course we're much more sensible these days - aren't we?

Personally I'm paranoid when it comes to data backups. I look at a long list of scenarios and try and have a setup that can cope with (almost) all of theml:

1) Hard disk crashes
2) File gets overwritten
3) Office burns down
4) Burglar nicks computers from office
5) Computer gets lost
6) Global warming floods Taliesin
7) Meteorite hits Taliesin

As a result, my backup strategy has several strands. I have software on my main computer that automatically runs schedules backups. The entire hard disk is backed up weekly, and my data directories daily. I keep daily backups for several months, and occasional ones before then. The backups are written to a Network Storage Device in another building.

From time to time I mount one of the backup files to check it works - I haven't dared to run a full restore though! But I'm thinking of upgrading the hard drive on my laptop, so that may be an opportunity to try it out...

This setup can cope with (1) - the full disk backup should allow a straightforward restore to a new drive using a restore boot CD.
(2) - the daily data file backups mean I can go back to the state of every individual file, every day for the last couple of months
(3) - the backups are in a different building
(4) - ditto - it's embarassing if your backup is on a bit of kit next to the computer which the burglar also nicks.
(5) - buy a new computer and restore from the full disk image
(6) - hopefully I'll have time to escape clutching critical kit
(7) - if I'm at home at the time, I'm past caring. If I'm not, there is a weakness which I'll be addressing soon. I have a couple of large, cheap USB hard drives, and I'm going to do a monthly manual copy of the entire system and store it at the house of a colleague who lives 20 miles away. We'll meet up monthly and swap copies - I'll be doing the same for him.

Overkill? Maybe, but I don't think so. For a business that relies on data stored in electronic form, the security of that data is absolutely essential. Lose the data and you lose the business.

And what about individuals and their home computers? And websites? I'll discuss those later...

The joy of fonts

Amongst the many woes of the professional web developer has been the difficulty of explaining to clients, particularly those who have experience of preparing work for print, that a) web pages are not all the same size, b) web browsers sometimes do things differently and c) you can't use that nice Papyrus font that you've got on your computer (except in images)

The first two are still an issue, and in fact have got messier thanks to the rapid rise of mobile internet and the viewing of websites on some very 'odd' devices.

The third has got a lot better since Google released their webfonts. For those who don't know about them, the google webfonts are a very large collection of fonts that can be safely used on web pages (with a bit of extra coding - which Google provide). The code and fonts work on all modern browsers. No more are we stuck with the same old half-dozen slightly boring (if very readable) fonts.

To be fair, a lot of the available fonts are a bit iffy, but there are a nice selection that can be used for body text as well as wierd headings.

Our first attempt at using them was for a new site for Robin Huw Bowen, the world's leading player of the Welsh Triple Harp. Here we wanted something a bit more 'relaxed' for the menu text, and settled on the delightfully named 'Swanky and Moo Moo'

We also developed some interesting code for use in our Content Management System for when someone really, really needs a specific font. The code allows users to enter headings into the CMS as normal text but the system then generates an image of the text in the fancy font on the fly, and inserts it into the page (with appropriate alt text etc.) Quite handy.