Willie’s Delectable Chocolate Revolution

I’ve been watching Willie’s Chocolate Revolution on Channel 4 for the past few nights, and it’s definitely made me want to try some of his world class cacao!

So I tried searching in Google for “willies chocolate” and “willies delectable chocolate” but I couldn’t find his site! After delving a bit deeper, I’ve found it, so in case anyone else is wondering where you can get it from, here are some links:

Willie’s Website

Online stockists

Chocolates

He currently sells two black chocolates (100% cacao) and two dark chocolates (70-72% cacao).

  • Venezuelan Black (100%) – Hacienda El Tesora, Rio Caribe Superior, Carenero Superior
  • Peruvian Black (100%) – San Martin
  • Venezuelan 72 (72%) – Rio Caribe Superior, Carenero Superior
  • Peruvian 70 (70%) – San Martin

willies-cacao

Coming soon… a new Gangster MMORPG

Around the start of the year we invested in a new company , Bytewire Limited, that specialises in building online games. Over the next few weeks they plan to release a new version of their Street Crime Gangster Game.

Street Crime Gangster Game
Street Crime Gangster Game

The game is based around building up a gang to take control of a city such as London, Rome, New York, Tokyo etc… You work your way up from Hobo to Godfather as you progress from petty street crimes to organised bank jobs.

Pre-register now to be alerted when the game is released.

iPhone 3.0 Software Update

Apple held a media event today to announce the new iPhone OS 3.0 firmware update. The new software adds many new features to the iPhone including:

  • Copy and Paste – at last! Speaks for itself.
  • Bluetooth Stereo (presumably A2DP) – allowing you to stream high quality audio between devices. This will be great for in car audio systems, no dongles required!
  • Bluetooth P2P – uses bonjour to automatically discover nearby phones, allowing peer-to-peer applications and (hopefully) file transfers.
  • Spotlight Search – search across mail, calendar and other 3rd party applications.
  • Tethering – allows the phone to be used as a modem for your laptop other computers.
  • Messages App – can now forward and delete individual messages. Supports MMS, and can send and receive files and contact cards.
  • Push Notifications – allows the phone to receive notifications over the air from a 3rd party’s server – e.g. useful for instant messaging.
  • Voice Memos – record audio notes.
  • Landscape Keyboard – rotated keyboard now works with most built-in apps.
  • Turn by Turn Directions – spoken directions available as part of the core location API.
  • 3rd Party Accessories – better support for interfacing with 3rd party accessories via bluetooth and the dock connector. The iPhone could be used to control other hardware.
  • In-App Purchases – extra content maybe purchased from within an app, e.g. e-books for a reader app (kindle), or extra levels for a game.

iphone-30-firmware

That’s pretty much everything I could have wanted in the new firmware – and more! The only extra thing I will be looking for in the next hardware version is video calling.

Monetising the debt – BoE to buy UK Government Bonds

So it has happened: these extraordinary times have caused our Government to look to Zimbabwe for economic policy inspiration and so, as of last week, the Bank of England will begin a £150 billion programme of printing money.

Technically referred to as Quantitative Easing, it’s actually a lot easier than printing money, and more environmentally friendly too: the Bank just types a number into a computer to increase the balance of a customer’s account and, unless the customer wants to actually withdraw the money, no trees will be harmed.

The majority of this money will be used to purchase Government bonds, but some will also be used to buy high quality company bonds. You might think that using Central Bank money to buy government debt is illegal under EU law, but, as long as they go through an intermediary (even if that is a bank like Lloyds or RBS, who they majority own), it’s allowed:

Article 101 of the Treaty establishing the European Community states:

Overdraft facilities or any other type of credit facility with the ECB or with the central banks of the Member States (hereinafter referred to as “national central banks”) in favour of Community institutions or bodies, central governments, regional, local or other public authorities, other bodies governed by public law, or public undertakings of Member States shall be prohibited, as shall the purchase directly from them by the ECB or national central banks of debt instruments.

The Government and the Bank of England are side stepping this law by purchasing Gilts (UK Government bonds) from Commercial Banks indirectly in the secondary market. However, in the long run, the effect will be exactly the same: The Central Bank is printing money to lend it to the government.

Lorenzo Bini Smaghi from the European Central Bank highlighted the potential consequences as follows:

Central bank independence: from theory to practice

It is beyond doubt that conducting an independent monetary policy, aimed at the achievement of low and stable inflation, is made significantly more difficult by the existence of large budget deficits. This is true for two related reasons.

First, when deficits and public debt become unsustainable, the incentive for the government to force the central bank to monetise its deficit, thus eliminating public debt via inflation, increases substantially.

Second, the larger the budget deficit and the accumulated debt, the more market participants become aware of the risk of monetisation.

In addition, they may believe that the central bank will be forced to “bail out” the government by assuming its liabilities, even if Article 103 of the Treaty explicitly prohibits this.

This may jeopardise the anchoring of inflation expectations and make the control of inflation more costly. In this case, fiscal policy may become dominant over monetary policy, thus undermining, de facto if not de jure, the functional independence of the central bank.

The government is taking on so much debt, that it will take many generations to repay. It’s therefore looking more likely that at some point it will need to be eroded through a period of high inflation, which is affectively another stealth tax – the inflation tax.

The Bank of England says this Asset Purchase Programme is temporary and they will look to sell any assets purchased under the scheme back to the market when the economy recovers. Let’s hope they resist the temptation to dramatically expand it, and are serious on their commitments to low inflation.

The Ultimate OS X Text Editor – Coda

Just yesterday I was recommended a new text editor for the Mac. It’s called Coda and I’m loving it! Here’s why:

  • The layout is really nice, it makes good use of your whole screen with a single editor window.
  • It has an innovative “sites” feature that takes a screen shot of all your project’s home pages, which serves as a nice way to browse them.
  • It has built in SFTP support – if I’m honest, I was getting a bit fed up of TextMate + MacFusion to access all our sites.
  • It has a built in terminal, so you can instantly SSH to your servers as the same user as you use for SFTP.
  • It supports subversion, you can commit and update from the file browser side bar.
  • It has a collaboration mode, so you can simultaneously edit the same script as a co-worker.

panic-coda

Coda Keyboard Shortcuts

  • CMD + 2 – Switch to edit mode for the currently selected file.
  • CMD + 3 – Switch to preview mode for the currently selected file.

Creating a Virtual Host with Webmin

These instructions apply to Webmin version 1.450
  1. Create a folder where you wish to store your sites files. 
    • You can do this in the Others > File Manager section. 
    • We typically use something like: /sites/domainname.com/http/
  2. Setup the vhost.
    • Click on Servers > Apache Web Server in the left hand menu.
    • Click the “create virtual host” tab.
    • You can leave most settings as their default values, but you should fill out the following:
      • Port: Generally, you’ll want to use port 80.
      • Document Root: This is folder where you site’s files will be stored. Pick the folder you created in step 1.
      • Server name: This is just your site’s domain name, e.g. domainname.com (leave out the www.)
    • Click “Create Now”
  3. Add a server alias for www.domainname.com 
    • Click on the “Existing Virtual Hosts” tab in Servers > Apache Web Server.
    • Click the virtual server you just created.
    • Click on “Networking and Addresses”
    • In the “Alternate Virtual Server Names” box, add any additional server aliases you want to use for this site, such as www.domainname.com
    • Press “Save”.
  4. Click “Apply Changes” to get Webmin to restart Apache.

    Changing the default Umask on OSX Leopard

    We use Macfuse to connect to our office development services. It lets us mount remote folders via SSFHS. The problem is that when we create a file via this connection, the default permissions are missing the group write bit, and so other users who connect to this system can’t write to them.

    There is a fix available for OS X 10.5.3 and above – http://support.apple.com/kb/HT2202

    One of our developers at Fubra has released a small package that automatically fixes the umask settings this for you. You can download it here

    Or if you want to do it yourself via the command line, I’ve written some brief instructions. Basically, it involves 2 steps.

    1. Open up the Terminal application, and then create a file called /etc/launchd-user.conf 
    2. Add a line to the file containing the umask setting you want, in our case this was umask 002 

    Commands

    sudo vim /etc/launchd-user.conf
    umask 002

    NB: This sets the umask for every user on the system. So be careful what you choose!

    PHP Web Application Security

    Here are some tips to help you think more about security when developing a web app. 

    1. Buy a good book on the subject, such as Securing PHP Web Applications and implement what you learn in your code.
    2. Read through Web Application Security section on of the SANS Institute 2007 top 20 security risks. There are some useful tips on securing PHP in particular. 
      • Check PHP configuration settings:
        • Turn register_globals off, use super globals such as $_GET instead (from PHP 4.2.0 this is the default).
        • Turn allow_url_fopen off (unless you really need it).
        • Disable magic_quotes.
        • Configure open_basedir for each site to restrict access from PHP scripts to certain directories.
        • Consider running PHP with FastCGi instead of mod_php
      • Use best practices when developing:
        • ALWAYS validate user input! This is probably the most important point in the entire list. There are many nasty bots and spiders going round the web trying to break into your site, and the most common way in is through your web forms. There are various validation libraries out there to make your life easier  (e.g. PEAR Validate, Zend Filter Input)- use them!
        • Avoid SQL injections. If you validate user input correctly, then this should help you avoid SQL injection vulnerabilities. To be doubly safe you could use a database abstraction layer, that if used correctly with prepare statements, will automatically escape user input data. Check out PDO and Zend DB.
        • Avoid XSS attacks. An XSS attack is where malicious users are able to inject their own code in to pages on your site that may be viewed by other users. You could strip tags from user input, and encode html entities in any plain text being output.
        • Don’t transmit passwords and other secret information over plain text, submit to a secure URL.
        • Be careful when allowing uploads. Check the file types, and only allow files you expect. Resample uploaded images in case there is any hidden code inside.
        • Use sessions instead of cookies, unless you really need the persistence of a cookie. Sessions are temporary and keep everything except the session ID hidden from the user’s machine.
        • Peer review your code. Get another developer to look through it, two heads are better than one!
    3. Download the Wapiti and Grendel Scan web application vulnerability scanning tools and run them on your sites.

    This is of course an overly simple list, and it can’t protect against things like logic flaws, but at least – if you were wondering where to start then I hope it will give you some useful inspiration!