How to start a Repair Cafe in your Town

14 September 2019

Repair Cafe Reading - Sep 2018-15-800x566As an organiser of the Reading Repair Cafe I am regularly asked how to start a Restart Party / Repair Cafe. So to I dont keep repeating myself here is an outline of the advice.

The key steps I think you should do in order to get a successful event happening are:

  1. Visit some events, bring something that needs repair, and talk to people, see how their event is run, copy the good bits.
  2. Set up your organisation, or find a charitable organisation to be a part of. The key thing you need here is Public Liability insurance, and finance (bank account etc). In Reading we formed under an existing organisation Transition Town Reading.
  3. Find your repairers. You need to gather together a group of people that are happy to volunteer and have the range of skills that that will help people. Local Hackspace is a good start for electronics skills. Linux user group for computer people, Community cycling groups for bicycle repair, etc. Build a list of contacts, keep then updated with regular emails.
  4. Find a venue. You need somewhere that wont object to soldering irons, computers etc being brought in. Has power and Wi-Fi available, and you can afford. Community halls, church halls are good places to start, but most of these need to charge to cover their costs.
    We have tried roaming between different locations, and being based in the same location. Having a fixed location and regular schedule of events is best. You become known and can advertise your events more easily.
  5. Set up and advertise your events. facebook, twitter, website…
    Start small, and build. Don’t be disappointed if you don’t have many visitors to your first few events, don’t become too confident if you have too many visitors as well.
  6. Track your visitors and repairs. Keep a log of all repairs, we use the restart project tool for this. You will need this later to show what you have done, to apply for grants and other money.
  7. Participate in the Repair community, Fixfest, network with other groups.

Resources:

Restart party wiki has lots of useful guides on how to repair different devices.
https://wiki.restarters.net/Main_Page

iFixit is a company and a website focused on Repair. They sell great tools, and they also have fixit guides for many types of devices. Phones and computers mainly.
https://www.ifixit.com/

The Restart party has guidance on hosting your own event
https://therestartproject.org/restartparty/
The Repair Cafe site also has some good guides on how to start an event.
https://repaircafe.org/en/start/

Advertisements

Letter to Mr John Howarth MEP

21 March 2019

With the coming calamity that is the Directive on Copyright in the Digital Single Market, and Article 13 and Article 11, I wrote to a number of MEPs asking for their support in ensuring that this does not pass. Most were supportive, but Mr John Howarth MEP replied with a lot of rubbish. I have copied my reply to him below. Please do write to your MEPs about this issue.

Dear Mr John Howarth MEP

Thank you for your reply, but with respect I think you are very wrong about the effect of the Directive on Copyright in the Digital Single Market, and Article 13 and Article 11 that is before you. You had a series of claims on which I think you are wrong. I respectfully ask you to reconsider your position.

On 21/03/2019 13:41, John Howarth MEP wrote:

Among all of this claims have been made about the proposed legislation that are wildly exaggerated or simply untrue. The implementation of updated copyright legislation will NOT end the internet as we know it.

No, it will not end the internet, but it will seriously change it. As the internet is now the means of communication and organisation for society the dominance of the giant companies will shape the internet in ways that support their business, not be a conduit for social change. Article 11 imposes a tax on linking. The link is a fundamental part of the internet, taxing and restricting this will change the internet in ways we cannot predict, but probably not good ways.

It will NOT constrain or unduly limit ‘free speech’,

And this is my main point. Upload filters are a pre-restraint on speech. A fundamental right. This amounts to institutional censorship of the internet. Who will police the upload filters to ensure that they are not over-blocking? There will be no penalty for falsely claiming copyright on a work in the blocking list. This is designed to promote over-blocking.

It gives more power to the vested interests that are already using the current powers to limit free speech. The notice and take-down requirements are repeatedly used the claim copyright in content to force unpalatable content off the internet. Are you a regular contributor to YouTube? if you are you will know that your uploads are randomly taken down because of spurious copyright claims. Or because you have accidentally incorporated some background music that has been detected. Here are some links to documented abuse of Notice and Take-down:

https://www.takedownabuse.org/
https://www.eff.org/wp/unsafe-harbors-abusive-dmca-subpoenas-and-takedown-demands
https://iamstevein.files.wordpress.com/2019/02/free-speech-and-dmca-abuse.pdf

it will NOT place an unreasonable burden on the internet giants who have put significant time and effort into misleading people because they believe it threatens their super profits.

Yes Here I agree with you, that the large companies will not be unduly affected, it will cement their market dominance, and any smaller company that grows above the threshold will suddenly have to implement filters at huge expense. Nobody will be able to challenge the dominant players and this will stifle innovation.

It will not “outlaw memes”, it protects and defines the notion of satire and parody (which, by the way, were not in any way protected in the outdated copyright regimes that have applied till now). Exceptions set out in the legislation protect free academic enquiry, small businesses and bloggers.

I welcome the exceptions for academic research Article 4, but even here copyright claims (false or valid) will affect everyone, there will be no way to turn off the upload filters just because you are doing research, or your usage is satire, or parody. You will have your upload blocked and will have to go through a lengthy process to obtain remedy. Upload filters give a presumption of gilt.

I do not believe that the legislation in any way limits the ability of the open source software community to continue to trade on the business model it has operated for some time – in other words the ‘sharing economy’ will continue to do just fine. The monopolistic platforms benefit from this “free internet”, however the fact is nothing is “free” – someone always pays, whether through collection of personal data in exchange for access or by the exploitation of their work.

Well that is not the view of Github, perhaps the largest open source community on the internet. Even as the latest version seems to have a very explicit exception for open source software.

https://github.blog/2019-02-13-the-eu-copyright-directive-what-happens-from-here/

Yours sincerely

Stuart Ward


Reading Repair Cafe poster

14 January 2019

Reading Repair Cafe 2019 Dates


I help run the Reading Repair Cafe. As always with these things the effort of actually running the event is small compared with the effort of organising and promoting. So anyone reading this in and around Reading it would help if you could put up a poster. Either click on the picture above to get an A4 version to print out, or come along to an event where I have lots of A5 versions.


Book recommendations for 2019

4 January 2019

books

Last year I posted my holiday reading recommendations both from Me and those I work with. This year I have not had the same level of responses from team, but most of them are new this year. So I am posting again here hope that the ex-team can again come up with some good suggestions in the comments.

I hope this will prompt you to add your own recommendations. It doesn’t have to be a book published last year, just one you have read an recommend.

The Long Earth, Terry Pratchett & Stephen Baxter

I am not a big Pratchett fan, but I have read a few. I have read a few Stephen Baxter and quite like them. In this book I think you get the best of both of them, The wild speculation of Baxter, and the crafted prose of Pratchett. Be careful as there are a further 4 books in the series.

https://en.wikipedia.org/wiki/The_Long_Earth

If the Universe Is Teeming with Aliens… Where Is Everybody? Seventy five Solutions to the Fermi Paradox and the Problem of Extraterrestrial Life, Stephen Webb

There is a simple paradox first articulated by the physicist Enrico Fermi. The contradiction between the high probability of extraterestial live, and the lack of evidence. See wikipedia for an introduction. This is a fun romp through a lot of issues and on the way Webb offers up all the solutions to the Fermi Paradox he can find, and mostly debunks them.

https://books.google.co.uk/books?id=QWKyrQEACAAJ&redir_esc=y

Things to Make and do in the Fourth Dimension, Matt Parker

I am a fan of Mat Parkers YouTube Channel standupmaths. I also went to the show Festival of the spoken nerd this year when it was on in Reading. This is a fun romp through some interesting mathematics. No maths doesn’t have to be boring, and Matt is on a mission to make it approachable and fun.

https://makeanddo4d.com/

17 Equations that changed the world, Ian Stewart

OK so there is a bit of a maths theme to my recommendations this year, but this really is a must read. Ian Stewart starts each chapter with an equation, and then goes on to give a history around it and how it has changed our world. He starts simple with Pythagoras, Einstein E=mc^2, and Newton’s law of Gravity. If you want to understand our world then you need to have some understanding of the maths behind it.

https://profilebooks.com/seventeen-equations-that-changed-the-world.html
https://ianstewartjoat.weebly.com/equations.html


Biometric Security

26 April 2018

A lot of projects I am seeing are starting to use biometric elements to secure the system. Biometric credentials are fundamentally different to other credentials because they are not absolute. Many of these try to use the biometric in the same way as a password, this is the wrong approach. Hence the refrain “A biometric is your username not your password.”

A sensor will make a reading and this is then compared with a template, and result in a measurement of the degree of match. Usernames, passwords, keys (not physical) are all binary in that they either match exactly or not.

But most biometric systems do not directly store the recording of the physical measurement, but a template. That is a set of characteristics of the biometric. So a fingerprint reader analyses the image of the print and finds a number of unique points or minutiae features. where ridges divide, stop, or have small islands. The template that is stored will be a list of these minutiae and their location rather than an image.

This means that for a biometric credential there is a level of confidence that the reading is from the same person. When the system is set up we must set the minimum confidence level that we will accept. This is driven by a number of factors.

  1. How often the attempt is detected as false when it is the same person. This is called the False Negative Rate, or False Non-Match Rate (FNMR).
  2. How often the system accepts an attempt by a different person. This is the False Positive Rate, or False Match Rate (FMR).
  3. How many fail attempts we allow before locking the system.

The higher we set the threshold the lower the FMR, but this increases the FNMR, and if we have a low number of attempts we may lock out legitimate users. But if the threshold is low, then we will be letting in attackers more easily, especially if the number of fail attempts allowed is high.

The Birthday Problem

There is a parlour game where you ask everyone in the room the call out the date (day/month) of their birthday, and if you have about 25 people the odds are better than even that you will find 2 people with the same day. Because there are 365 days in a year we think that the probability of a match would need ~150 people. But what we are really doing is saying what is the probability of everyone having a different birthday.

How is this relevant? If we are using a biometric credential, how many templates are we comparing it against for a match. if you are using a fingerprint to unlock a phone or a laptop, you will only have a at most a couple of your fingers registered. If we are using the biometric to identify and individual from hundreds or thousands, then we quickly get into a Birthday Problem situation. If we are designing a security system it should first identify the individual, and then compare the biometric with that individual’s template.

Identification and Authorisation

These terms are often confused, so lets start with a definition.

Identification, The presentation of a unique data that selects a specific account on the system.
Authorisation, The presentation or verification a credential that permits actions on the system under a specific account.

So in the old world your username is the Identification, and the password provides Authorisation to log on. A biometric credential can provide Identification. But sometimes all we need is identification. A contactless card transaction you present your card for identification, and for small transactions that is enough.

Many applications of biometric systems assume that because we have identified the account, that a separate authorisation step is not necessary. This may be true for low value (or low risk) applications, but not for many other applications.

What is different about Biometrics

Because a biometric credential is based on reading a physical characteristic of the body we cannot change or invalidate that reading. We can choose a different component to present, ie a different finger to a scanner. This is why we cannot treat a biometric as a password.

Secondly this data is not secret, we leave fingerprints everywhere, they can be copied from high resolution photographs, and facial recognition systems have been foiled with pictures, or masks.

Lastly the process of reading a biometric depends on a set of hardware and software that is open to attack. Because hardware must perform the reading, many systems also contain the templates, and the processing to compare the reading to the template. An attack could replace the biometric reader with a simple device to say there was a match, so the integrity of the this subsystem needs to be assured.

This is why Apple have been clamping down on repairs that replace the fingerprint sensor on their phones. A hacked sensor could tell the phone that every finger matches.

Data Protection

Biometric data is clearly personal and so needs to be processed and stored according to Data Protection requirements (Like GDPR & HIPPA).

For example from hand geometry the level of testosterone exposure during pregnancy can be determined by the relative lengths of the first and third fingers. https://en.wikipedia.org/wiki/Digit_ratio this has been correlated with a number of health and lifestyle factors like Sexual orientation.

Further Reading
https://pages.nist.gov/800-63-3/sp800-63b.html
https://privacyinternational.org/node/1454


How to use a computer

25 April 2018


I am often asked for advice on doing various things on a computer and I assume that they are doing everything else securely, and then I find that they don’t have the basics right. So here is my guide to doing the basics right.

Don’t use Windows

OK so some people still haven’t upgraded to a Linux distribution, and I have hit brick walls in trying to convince some of my friends to do this. But this is one of the best things you can do to improve your security. OK keep a separate partition with windows for playing games, everything else is better on Linux.

Update, Update, Update

Make sure that you keep all your software up-to-date, not just the operating system, all those other bits and pieces of software need updating.

When you install software always do this by adding a repository to your package manager, that way when you do your apt full-update everything is updated in one go. (this is one of the main reasons why Linux is better)

Backup, Backup, Backup

All computers can fail, taking your data with them, so you need to make sure the rule of 3 is followed. All data should have 3 copies, the live version, a backup version, and a remote backup.

Use a password Manager

We are just frail humans and we can not remember a different, complex password for every site we need or want a password on. The only way to remember all these passwords is to use a password manager. There are better and worse managers out there but you are much safer using a bad password manager than not using one at all.


Missing Maps Reading

24 February 2018

Unmapped Places

I have been doing some mapping of late for the Missing Maps project. In conversation with people at Reading Geek Night we wanted to see if we could run an event in Reading. Well we have managed to get the use of space at work.life and the promise of some Pizza from Zizzi in King Street.

In the west we take maps for granted. That post arrives, that people can find your place, that government and companies can plan the services they provide. These are so fundamental the functioning of society that we take them for granted. But they require the investment and effort to create.

The picture above is an analysis of data in the OpenStreetMap database. It shows the number of town and village entries that do not have surrounding residential roads. It is a fairly good indicator of the coverage of maps in various areas. Notice that big band of red across the centre of the map. That is the problem.

But there is a very effective way we now have of solving this. We have access to high resolution images of the entire world, we have the software to allow people to look at these and create a simple map of roads and buildings. When we have these base layers it is relatively easy for local people to add names to roads, tag hospitals and schools.

The Missing Maps project is aiming to get the rest of the world mapped. Working with OpenStreetMap, and specifically the Humanitarian OpenStreetMap Team (HOT), to create an open data map of the world. Here is a great little video that explains the project.

So if you are in reading and want to come along, get your ticket here. The first event is 20 March 2018 at work.life 33 King’s Road, RG1 3AR Reading. If you can’t make that we are already planning the next event on 17 April 2018. Come along and help map the world.