Using Secure https (TLS) over http

This blog is now accessible via more secure https (TLS).

The default site address is now https://j12.org/blog/

Here are lines in .htaccess file for this j12.org website that mean http requests are redirected to use a https connection

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

but before that had to ensure had a certificate set up as well as https itself for the j12.org domain. My website hosting provider site5 sorted this for me on request. It was really straight forward with them. But there was a little bit of messing around to get the pages that previously had been on sub domains redirected to directories of single j12.org domain as I had not wanted to pay extra for wild card certificate. It was much less hassle with this shared hosting than when I had to install a certificate myself on vserver I manage for a large website. But even that was all pretty much do able following instructions.

The trend for more and more websites to use https over http is good. Some only use it in addition and so require using HTTPS-everywhere plug-in with rule for website being visited to be sure to use https over http when visiting site.

I have set up a rule for area of EducationCity.com use by one of my family as did not come with http-everywhere default rule set.

<ruleset name=”EducationCity”>
<target host=”stigandsten.educationcity.com”>
</target>
<rule from=”^http://stigandsten\.educationcity\.com/” to=”https://stigandsten.educationcity.com/”>
</rule>
</ruleset>

similarly for:
energynetworks
mumsnet (although layout does not work well as hard-linked to non secure version so browser locks unless over-ride, I wish there was a way for my browser to remember over ride as have the main text forum content secure is better than whole page being insecure)

Other rules not in default rule-set were created by an additional plugin that works them out:

mygreenstarenergy
libcom
indymedia.org.uk

All modern browsers support https/TLS so I recommend websites use it as default themselves so no need for plugins like HTTPS-everywhere..

Many websites I use do use https, but many don’t. I intend to write to those that run them and ask them to set up https if have not already and set it use by default. See my previous blog post on Encryption.

Posted in General | 1 Comment

Reading at moment or in past few months.

The 9 Lives of Ray The Cat Jones By Stewart Home

Mandy, Charlie & Mary-Jane by Stewart Home
Pannt-ante Editions

Alex’s Adventures in Numberland by Alex Bellos

Agile! – The good, the Hype and the Ulgy
by Bertrand Meyer
Springer

The Toyota Way to Lean Leadership by Jeffrey Liker & Gary L. Convis

Workplace Management by Taiicho Ohne


THE DISTRIBUTION OF GAS
BY
WALTER HOLE

MEMBER OF THE INSTITUTION OF GAS ENGINEERS
SUPERINTENDENT OF THE CITY OF LEEDS GAS MAINS AND DISTRIBUTION DEPARTMENT
LECTURER ON GAS DISTRIBUTION AT THE UNIVERSITY OF LEEDS
EXAMINER IN GAS SUPPLY TO THE CITY AND GUILDS OF LONDON INSTITUTE
THIRD EDITION
LONDON
JOHN ALLAN & COMPANY
THE GAS WORLD” OFFICES, 8 BOUVERIE STREET, E.C.
1912

Gas Distribution Engineering
The Principles for Students
R.N. LE FEVRE
First Edition, 1948
Walter King Ltd.


Health and Safety
Executive
HSE/Ofgem: 10 year review of the Iron
Mains Replacement Programme

Every thing by Richard Scarry as well as Dr Seuss,
As well as lots by Julia Donaldson

Posted in General | Comments Off on Reading at moment or in past few months.

Indicies of Multiple Deprivation

SNS website uses Open Street Map as background mapping to show areas of Multiple Dreprivation.

Equivalent statistics for rest of Great Britain uses Ordnance Survey (OS) mapbase.

If you apply for a online quote for a Gas Service pipe (new or alteration)in Wales or the West of England then can mark up on large scale OS Mastermap.

Posted in General, Maps & GIS | Comments Off on Indicies of Multiple Deprivation

Use Encryption

There are many ways I recommend to use and deploy, where you have opportunity, encryption, to keep your privacy, and encourage others.
This blog is not available via SSL/HTTPS but I am considering it [Update: now available via SSL: https://j12.org/blog/ ]. The extra cost including of certification of certificates are an issue though.
Although CAcert is a poor man’s alternative but gives most users poor experience but better than nothing and considering using for at least own blog login.
While the recommendation use of HTTPS/SSL (padlock next to browser address bar) is established where using forms to supply personal information , there is now more to encourage us to adopt SSL/HTTPS everywhere: not just from the EFF but also Google encouraging use of SSL/HTTP everywhere (video).

It looks like it may get easier to setup websites to have encrypted access with Lets Encrypt project.

You can check how good SSL of a website is via:
https://www.ssllabs.com/ssltest/
http://toolbar.netcraft.com/site_report

and if you do run a web server check out: https://wiki.mozilla.org/Security/Server_Side_TLS

Email Server to Server encryption:
https://starttls.info/
https://ssl-tools.net/mailservers/

Email End to End encryption:
GnuPG
OpenPGP best practices
My old PGP page

Before passing personal details via a website:

You may wish check site domain ownership using whois:
https://whois.domaintools.com/

To check status UK companies:
https://ukdata.com/
which is website I use but there are others that nay have better interface and search to same data and if you need copies if annual accounts etc get them for free from Companies House or direct from company in question.

Details of US companies:
http://www.corporationwiki.com/

as well as general websearch.

Posted in Technology | Comments Off on Use Encryption

Future Energy

I recommend detailed but readable reports from Carbon Connect.
Look out for Future Heat series coming on tails of Future Electricity Series.
They are preparing them now.

Government releasing interesting Energy stats and reports including household energy usage breakdown from the National Energy Efficiency Data-Framework (NEED)

Pity licensing issues mean that Address-level data from the National Heat Map to load into your own GIS software is only available to local Authorities. But you can use web interface on DECC website to draw polygon around around areas and then generate reports of Heat usage, with breakdown by property type.

David Mackay still makes an interesting contribution.

I am wondering if there is good carbon saving to be made by City Centres using district CHP systems distributing low grade waste heat as steam for use in summer for cooling using Absorption Chillers like in New York. The switch to Gas (methane) powered CHP is a greenhouse gas emission saving over Electricity presently used for cooling, and even better if bio gas is used, with utilization of gas, distribution and CHP assets throughout year. But would need to get critical mass and retrofitting would be barrier but might free up space in buildings.

Posted in Energy | Comments Off on Future Energy

GB Addresses

I have followed the saga of opening up Address datasets in UK.
If we can not open PAF or NLPG then let build an open set.
See some developments:
http://knowwhereconsulting.co.uk/twos-company-threes-a-crowd/

This would hopefully be opportunity to get away from distortions of the PAF’s POSTTOWN based on delivering mail.
e.g.Penistone is not in SHEFFIELD, even if PAF has it as POSTTOWN for addresses in Penistone, Yorkshire.

Let get to know our Traditional Counties again.

Posted in Maps & GIS | Comments Off on GB Addresses

Population

Video talks by Hans Rosling are well worth watching including on TED, Vimeo and YouTube. He lays out statistics on population growth and child mortality.

Posted in General | Comments Off on Population