Crims are clever..

You have to hand it to them, criminals are a clever bunch and in some ways we should thank them for entertaining us with their ingenuity. Actually we do thank them - with our hard earned cash when they get the better of us. This cat and mouse game will likely still be going on when Long Player (http://longplayer.org ) has long since stopped playing...

In the interests of learning and staying safe, we'll share some experiences of current attacks used to try to steal your information (and thus maybe your money a little later).

Example 1:  Socially Engineered Email Attacks

This is a popular one as we write and, having started off targeting large organisations, it is now trickling down to smaller organisations like yours.

What happens? Criminals have a look at public sources like your own useful website / Companies House etc. to identify who the main boss(es) of the company are and who is in the finance team. They then craft (forge) an email from the head of the company to the head of finance asking for help to make a payment to a supplier, which might be a perfectly normal thing to do and a reasonable request. If the scheme runs to completion then the head of finance replies, thinking that he or she is talking to the boss, and £15,000 (or such amount as the criminal deems appropriate to not raise suspicion) is transferred into the sunset. 

If the criminal can be bothered, they may even have sent a fake enquiry to your company prior to the attack, so that they have a copy of your email stationery and footers to make the mail more convincing.

To date (October 2016)  it is estimated that just short of a billion pounds have been lost by UK companies falling for this type of fraud. Not many people or large organisations are going to want to stand up and admit that they were caught out though.

The same exploits are used not only in attempted financial fraud but in other walks of life too. A salient example is noted at http://www.bbc.co.uk/news/uk-england-london-32095189 where a prisoner was released and ushered out of jail after his bail / probation had come through - albeit on a fake email which was not noted until his release.

Example 2:  Phishing Links

A newer threat that we are seeing in the wild at the moment is the digital equivalent of the chain letter, but with more malice. It starts when criminals trick you (through one of many possible ways) to reveal your login credentials for your email (MS Office 365 / Exchange / Lotus Notes / Google Mail). They then access your mailbox and send out a bulk email to all your contacts using your email account. Since this will be to people you know and who know you and is sent via your real email address and mail system, the chances are that it will get through all the email filters.

As they have access to your mailbox, they know your industry and how you write, along with your stationery etc.  They also have a full copy of your email box in case there is anything interesting or useful to them in there. What could a criminal or competitor do if they had a full copy of your email box, sent box, folders, contacts, diaries, public folders and web shared folders?  Have you ever emailed payment card details to people or noted passwords in email?  Although most of the time this may be disregarded as the prime aim is just to spread and spread malware to do more damage later.

A typical mail sent out from one company to another could include a note such as: 'Please can you review these deal documents?'; or something similar that is appropriate to the industry and company, such that it looks credible, as well as a link to a document sharing website like Google Drive / Docusign Form etc.

When someone receives this message, if they click on the link, they might get a login page such as the below to access the 'documents':

The above looks like a legitimate login page for Google Drive, but please look carefully at the address - it starts out with 'drive.google.com (which looks legitimate to the human eye), but the 'gotcha' is the bit after this of .kwaltaz.com ... so you will not be going to Google Drive at all in this case, but to a sub-domain (sub-site) of kwaltaz.com - easy to miss that small but vital detail. The page looks convincing so if you are in a hurry then you may just enter your details to log in to get to the interesting deal documents.

If you do proceed to enter your details as invited to do, then you'll have just given away access to your files / email / anything else you store on Google in this case to the criminals. Unless you have further login security in place, they can now log into your email, continue the chain and help themselves to any interesting items you have. You may well not know that they've been looking and lurking for a week or more, before your mailbox is used in turn and it is also possible that your login might be sold on the underground 'darkweb' markets - value being higher depending on factors like, organisation and connectedness.

When one of these email abuse attacks are launched to repeat the cycle that started this example, the person or group starting the bulk mail is said to have 'owned' your mailbox. They may also change your password to lock you out and to slow down the process of you getting control back once you realise what is happening (by which time the damage is done in mail sending and to your reputation in turn).  We've also seen that criminals like to interact with people when they are in the process of an exercise of abuse. For example: if a bulk mail goes out referring to deal documents etc. and a recipient is slightly suspicious so mails back to confirm validity (e.g. 'Hi Paul - can I check that this link was from you and is legitimate?'); then the crims in turn reply back to say something like - 'Hi Bob - yes, these are from me - please review and let me know your thoughts' etc... so encouraging Bob to become the next victim in the chain. The perpetrator of the fraud also likely deletes all your contacts and the replies / conversations they've had to further frustrate your recovery and communications as you wrestle back control of your mailbox.

Remember that, in this case, the email comes from the trusted mail account and no virus bearing attachments are included, only the link to the website for the 'documents' so the majority of virus scanners / junk mail filters will pass the email as 100% legitimate. There are effective defences but we'll come onto that later. Apart from just stealing your login details, scripts on the site also commonly detect what type of computer you have and which web browser and if these are known to be vulnerable to known attacks then they will often proceed to use these open doors to load malware onto your computer in the background without your knowledge. If you know that 90%+ of infections can be avoided by having your computer up to date so that known vulnerabilities are stopped, then you'll understand why your IT department focuses a fair bit of time and energy on patches and updates that get pushed out to your computer to keep you up to date. The odd reboot to apply these is a very minor inconvenience compared to the alternative of not keeping up to date!

Example 3: The Freebee USB stick.

Who doesn't like a freebie? For example a free promotional USB drive that you're sent in the post, or one that you were 'lucky to find' which someone else had evidently previously dropped. Statistically we're all suckers for the proverbial free lunch and 'don't look a gift horse in the mouth'.  So you proceed to plug the drive into your computer to make use of it, or if found to see if there is anything interesting (music/ files / competitor files / the original owner's contact details to return the drive) on the drive. There is a chance this was your lucky day, but equally there is a good chance that the drive might have been 'dropped' where you'd find it.

When you click to open files on the drive, these may not be what they appear and unbeknownst to you could silently install malware or viruses on your computer, especially if you don't disable the 'autorun' features on removable media. By the act of plugging in the USB device to your computer, you bypass all your network firewall and external security and there is a very good chance that if a hacker can be bothered to drop USB devices for you to find, then they'll be bothered to write a custom virus for you that will not be detected by your virus scanner.  Thus the last line of defence on your desktop could well be bypassed as well and the attacker has a backdoor to your office network and can likely get to anything you can get to, as well as maybe recording all your visited websites and keystrokes. Combine this with taking the odd screenshot in the background and letters 2 and 6 of your password may not be your secret for long.

Example 4:  Bank Phone fraud.

We're all very careful about our computing and personal data, which websites we trust and keep our cards safe, don't we?  So if you get a call from your bank's security department that they're worried about a number of transactions that have been put through for authorisation on your account, then you'll be glad that their anti-fraud systems have got your back, right? Not if the caller is not, in fact, your bank, but yet another clever criminal trying to catch you off-guard; to obtain your banking details to later abuse and enrich themselves. The fact that they appear to be trying to help you by flagging attempted transactions on your account is often enough for them to get your confidence before any of these 'transactions' go through.  Analogue telephones also have a flaw that is abused at this point; if you have any doubt as to whether the call is genuine, then you can call back the bank on the phone number printed on the back of your bank card and are encouraged to do so 'to satisfy yourself that the call is genuine'.  So you hang up the one call and then dial the number on the back of your card for whichever bank you are with. The call is answered - sometimes with a short 'your call is very important to us and we are connecting you as quickly as possible'; then you ask to be transferred to the fraud department where you are connected to the same, or another, agent who then verifies your details and helps you reset your security information to be very secure in future. In actual fact you've not called your bank, as the original call has not been cut off.  The flaw in many phones is that calls do not disconnect until the caller (that rang you) has hung up, thus you've been on the same fraudulent call all the time and likely given away your memorable word / date / date and place of birth etc. in the process, while all the time thinking you are helping the bank to protect you.  You can imagine how this ends; often within days of the original call.

There are a number of variations on this fraud call which targets businesses as well as individuals. Criminals know that certain professions, like solicitors, accountants and investment advisers may well hold short-term funds for clients in client accounts separate from their own funds. Where this is the case, there is a heavy duty of care on the holder and thus criminals may well target these groups as the modus operandum of the call appeals to and preys upon the instinct of the account holder to 'keep the funds safe'.  Variations have included suggestions that the 'bank' will call back (and then do) tomorrow to assist with moving chunks (often quite considerable) of money into 'safe' accounts away from the account which is currently being 'targeted'. So, in a desire to keep client money safe, the unwitting victim actually assists the criminals by transferring large amounts of other people's money to them; which in many cases is never to be seen again.

If you're thinking 'no one would fall for this', then have a read of http://www.bbc.co.uk/news/business-34425717 which is a real example of this fraud occurring. The article notes that in the case of this unfortunate solicitor, the implication of the fraud was personal bankruptcy and being banned from practicing her profession. We understand that the professional indemnity insurers also failed to pay out on the grounds that she 'knowingly assisted criminals' which we think counter to probability and good faith in insurance so also be reminded that not all insurance is the same, though you may only come to understand that when you need to call upon it. Would your insurer cover you for this case if you acted (in your mind) in utmost good faith but were fooled into transferring money to criminals? Now might be a good time to make a call and find out.

What can we do to stay safe?

The above are just some examples of common frauds that we see in the real world that are delivered by technological means. There are many more.

Some advice we'd generally give is:

  1. Remember nothing is secure.

    Sobering as it is, there is no such thing as a completely secure system; only degrees of risk reduction. Security is about reasonable justified degrees and measures which reduce risk of abuse. Admitting that you have a security problem (we all do) is the first step towards mitigating it. Never trust a security professional who isn't paranoid!
     
  2. Learn from the mistakes of others and don't repeat them.

    Take an active interest in security. The more you know, the more you are armed. There is a lot to read on the Internet and in the press and knowing that you are at risk is the first step in reducing risks.
     
  3. Respect the need for security.

    Security often (nearly always) comes at the expense of some convenience. Be that glass screens or steel bars in a bank branch that physically protect cash, or computer processes that ask for authentication or for you to change your password from time to time. Each time you have to go through the hassle of changing a password, remember that means you have a fresh start where anyone who might have known your password, now does not.  Equally if your computer prompts for a reboot to complete install of (security)updates, don't hit 'postpone' but instead save anything you need to save, hit reboot and grab a coffee or glass of water; the updates are there for a good reason - to keep you safe.
     
  4. Be part of security.

    We all need to be careful and vigilant. Even network administrators should normally only log in with normal user rights - see our other post on this at  http://www.onega.net/blog/2015/6/4/are-you-logged-in-with-admin-level-credentials-on-your-computer-right-now . More generally, ensure you consider things and share information on a 'need to know basis'. Recruitment companies and those involved with industrial espionage (the former might arguably be the latter in some cases) might charm information out of you under many guises.  We've even had phone calls where people claim to be calling from the Police (not the band or manufacturer of sunglasses, but the law enforcement crew) and naturally we want to help them, don't we? Even beware that, by reading security blogs and web pages, you are often giving away your network IP address and location.
     
  5. Make sure appropriate technical measures are in place to minimise your risks.

    Where appropriate, pieces of technology can help maintain security.  Make use of these and make sure they are configured, deployed, monitored and managed appropriately. There is a big difference between just 'having a firewall' and having a well-configured and well-run security solution in the same.
     
  6. There are no stupid questions when it comes to IT security.

    As a rule of thumb: If you have a doubt, point it out. If something looks too good to be true, or does not 'feel right', then be sceptical and check. This might be in the language used in an email that might not be quite characteristic of the sender. Remember it took the one little boy to point out the emperor wore no clothes - often we find this recurring on a digital scale. It can also be in person or on the phone.  Who is that new guy in the office and does everyone else just assume he has the right to be there?
     
  7. Trust your security.

    There are many computing tools that aim to minimise risks online while you get on with your work. Quite a few operating systems (including MacOS / Windows 7, Windows 8, Windows 10 etc.) and popular web browsers like Firefox, Chrome and Internet Explorer have pop ups when they are warning you about a potentially dangerous website, or when a piece of software is trying to change things on your system. Unfortunately many studies show that 95%+ of the time people just hit 'Continue' and carry on. Stop and think when you see these, and better to err on the side of caution.
     
  8. Maintain good backups (and test them).

    If all else fails, you've got your backups, right? There are many risks from threats like 'cryptolocker' which encrypt your files and ask for a ransom to restore them (which likely leads to only an empty wallet and no files back for you) and the value of your information to others which may be electronically leaked. But if you have good backups, at least you are still in business. Onega have developed a Backup Policy Template document which takes you through a number of risks to help make sure you have an appropriate strategy in place.  We'd be happy to share a copy of this with you. Do test your backups though; we can't stress that enough. Over time companies implement new systems and people put things in new locations. On the cloud, on their computer, on external drives and network shares. Pick some random files, note their details, move them to somewhere new and challenge yourself or your IT department to get them back. A good example of this is if you move all your Outlook contacts from Office 365 to a PST file - do you have these backed up and can you get them back easily? I digress, but in that example Onega would have you covered with our O365 SkyKick backup system to keep your MS Office 365 cloud data safe.
     
  9. Don't be complacent.

    This one is hard. Our natural inclination is to concentrate our attention on what is urgent, not neccessarily what is important. Even if your office is connected to the MOD secure network, or if you've got the shiniest new firewall, is everything else as good and is everyone briefed and playing the same way. If: you leave your computer unlocked while you are away from your desk; your Sage 'manager' password is blank (the default so do check if you use this); or 1001 other things, then you are at risk.  An external check can sometimes help to remind us of this and wake us all up.  Standards like the basic Cyber Essentials standards from the UK Government give a good basic baseline, also to make sure most of the low hanging fruit is covered.

    ** Please note the above are elements of what we consider salient advice but in no means comprehensive guidelines.
Think and read warnings before you blindly click continue.

Think and read warnings before you blindly click continue.

Onega can help with aspects such as Incident Response (although we'd rather help avoid incidents in the first place), Security Review / Audit, ensuring you have good Physical and Cloud Backup Solutions, implementing multi-level UTM Firewall protection, user education and security awareness, external mail filtering etc. The first step is to get in touch and we can discuss any particular concerns, run through any issues and decide what would be appropriate for your needs.

Epilogue:

The story header picture here is of a Lego Criminal, but in actual fact we're probably not giving them the credit they're due. Here, more accurately, your foe could be better imagined as:

.. the Evil Genius (complete with white cat)

.. the Evil Genius (complete with white cat)

But in reality would actually probably look more like this:

Average Joe..

Average Joe..

Be on your guard; keep safe online and in the real world :-)

Microsoft Exchange 10 Device Limits and Focus for Productivity

Like many things, sometimes you don't know there is a limit until you hit it, or at least are reminded what you learned long ago that things are not unlimited.

In my case, I've just hit a limit of having 10 mobile devices connected to sync to my email account with ActiveSync / Outlook on mobile or iPad devices. Of course, whilst like many, I do like my gadgets, I don't actually have 10 phones or iPads!

What has happened is that every time you add a device to sync to your Exchange Mailbox (this is true for MS Exchange on premise and also for Office 365 Hosted Exchange email), a new device partnership is created and there is currently a reasonable limit of 10 devices as a maximum. The Exchange server has to keep track of what the last messages you've had are, so it knows from when to push you the latest messages etc.

You can access the list of phones / mobile computer devices via the Outlook Web Portal for your email (or Exchange control panel). If you connect you can then choose Options -> Phone, from where the list will then load.

The view allows you to see what devices you are syncing with, when they last did a sync, and, should a phone ever be lost or stolen, you can attempt to initiate a remote wipe from here to protect your private data, even if the phone is lost.

In my case the list reads as a recent history of my mobile phones, showing the dates the respective device was last synchronised and hence retired. Thus I can see that I had an HTCAce (Actually an HTC Desire HD) until Jan 2013, an HTC One X Plus, an HTCOneM8 and now the Samsung Galaxy S7 etc. Is it me or is the life of a phone generally getting shorter these days as we use them more?

Once you have 10 phones in a partnership with your mailbox, you can't have any more. Thus it is probably good to get into the habit of removing old phones when you add a new one. Note that if you use the MS Outlook app for iPad / iPhone / Android phone, then this will take a second slot alongside the native Mail ActiveSync connection if you use that. The Outlook Mobile app is pretty good but we tend to recommend sticking with your native mail app in most cases, so that you have:

  1. All your mail in one inbox,
  2. More flexibility on sync schedules (and hence battery life) and
  3. Less data use abroad if you travel; the native mail apps are much better at being roaming aware for now.

So removing phones or devices no longer used is good for security, reducing server resource load and allows you to add more devices when needed i.e. if you are at the limit and your current phone dies, then you can't configure a replacement until you clear an old phone off the list.  This could cause some small delay at the time you need to get going with work / trips / other things you might need your phone for.

And now for a slight, but very relevant, digression: 

Of course, if you are in the office or trying to get some focused work done then one of the best things you can do is to turn your mobile phone off. Research such as that conducted by Kaspersky Labs shows that your productivity can be 26% better without the distraction of a mobile phone - see http://www.business-standard.com/article/technology/not-using-smartphones-can-improve-productivity-by-26-says-study-116082900664_1.html  for details on this particular example.

You may know that I like to make use of odd moments of time or travel on public transport etc. to listen to audio books (generally from Audible) as well as useful / relevant podcasts so as to make better use of time. Currently I'm listening to Deep Work by Cal Newport. This also reminds us that Facebook / Twitter / What's App and other social apps and services might be great, but they're also a massive form of distraction. Each tweet has the ability to take your mind off task and we all know that there is likely a 20 minute recovery time to re-focus fully again. At Onega, we aim to turn off our mobiles in the office (you are welcome to call us at the office on the phones here of course!) and we've blocked Facebook access for our own good for years, after I started to browse Facebook one morning and then realised 'crikey it is nearly past lunchtime already.'  I recommend that book highly and they also touch upon one of my favourite topics of eudaimonia in one section, in relation to architecture applied to provide a focused environment for deep work.

If turning your mobile off in the office can make you 26% more productive, think how much more focused and efficient you can be if you avoid Twitter, Facebook etc. With a logical extension you could easily get to 100% here and your results may soon reflect that. Likely you may be reading this and thinking 'I could turn my phone off anytime but I choose not to' and think of 100 reasons why you must, must, must keep it on... but this is also addictive behaviour. If you consider it, modern smartphones are designed (actively designed) to hold our attention and app developers work very, very hard to tune the experience to encourage you to indulge in more 'screen time' as every minute of screen time has a dollar (or pound or euro) value. It can be hard at first, but turn your phone off and the world does not fall apart; you'll likely get a lot more work done.

Other things you can do to help yourself focus are to turn off the pop up for new email notifications and just check your mail from time to time. This way you are in control of your focus rather than it being in control of you. Again, this one can be hard initially but you'll also find you soon get used to it. If there is anything urgent there is always the phone, which is generally the best way to have direct, focused attention, immediately.  You can also achieve more in a 5-minute call than 10 days of email back and forth on a subject which would take a lot more cumulative time.  You might notice that I'm not often on Skype either - this is for the same reason again. Nothing wrong at all with Skype, but If you have 10 different methods of contact then you risk simultaneously splitting yourself between IM chats on Skype, phone calls / emails / Slack Messages / Sametime / What's app / Linked in and Facebook messenger etc. and thus not focusing on any of the simultaneous conversations with the attention they deserve.

Onega Authorised to sell Microsoft Surface Computer Range.

Microsoft's Surface range consists of the SurfacePro tablet computers (the current line-up includes the SurfacePro 3 and SurfacePro 4 series) and the SurfaceBook which is a convertible laptop that can run in traditional laptop or folded screen only mode. They were originally introduced by Microsoft as much to point the way to the rest of the computing industry on design and what could be achieved, as to an actual product to sell to users. Given that Microsoft produce the Operating System for the majority of computers in the world it is not good form to be seen as competing with your clients.

In the object of taking direction, Lenovo have done so with their successful Yoga range which includes a series of convertible computers and Fujitsu (who have always been strong in tablets) have brought out new convertibles in the form of the nattily named Stylistic R726 which has been well received. However, the success of the SurfacePro range has taken even Microsoft by surprise and they sold over six million units in 2015 with 2016 likely to be double that.

Onega have been working with Microsoft products since MS-DOS 3.2 and although Microsoft is primarily known for its software, they have, for many years, made hardware which is known for being at the premium end, but reasonably priced for what it is. For example you'd always find a safe and dependable choice in a Microsoft keyboard and mouse. The SurfacePro computers are definitely at the premium end of the market and are very slick computing devices which have had very good feedback from users.

Until now, availability of the computers has been quite limited so you'd have to go to John Lewis or other big retail providers, or buy direct on the MS Surface website. Microsoft is expanding its channel to selected partners and we're happy that Onega have been accepted in the latest round as an authorised reseller. This means that we can provide clients with best pricing and support on the Surface range.

In another innovation, Onega and Microsoft are also making it easy to access the benefits of the Surface range. You can take the traditional route and buy a SurfacePro or SurfaceBook, but we can now also offer the choice of 'Surface as a Service' which allows a bundle of Surface hardware, software (if needed) and services to be made available for a monthly subscription. When the hardware and the warranty services are bundled this way there is no barrier for obtaining the very latest technology, with the peace of mind of a full warranty including accidental damage cover and a very reasonable monthly investment - you should, in any case, make sure your computers are covered under your general business policy for loss or theft.

The Surface as a Service scheme offers same day finance acceptance and we only need basic details to get approval in principle.

What do we think of the Surface and why would you consider this vs competitors? The Surface is a very slick computer which provides a lot of computing power at your fingertips and runs full MS Office and other Windows apps. If you try the touch and pen interface for handwriting or just drawing on the screen then having only a keyboard again can feel limiting on any other laptop. Potentially the Surface can save you from needing to carry around both a laptop and an iPad.

Any computer is a compromise between cost / weight / capacity / build quality / speed / expandability / badge / serviceability etc.  We often think of a laptop as being the 'sports car' of the computer world in that they are great machines but you have to make choices (unless you have an unlimited budget) to get things right for your needs. The SurfacePro ticks most boxes. The one 'gotcha' with it is that, due to the focus on ultra slim build, the spec you buy is the spec you'll finish with, in that the case is glue sealed, so you cannot upgrade memory or storage. So it is important to specify enough up front for your foreseeable needs. The comprehensive extended service warranty means that any service problems are dealt with by an advanced swap out if you have any hardware issues.

Competitors like Apple also go for the sealed device approach (seen any screws on the back of your iPad lately?) but others like Fujitsu do allow for upgrades and servicing at the slight (very marginal) expense of size and weight.

Post Brexit the British pound has been dropping in value against both the Euro and US Dollar so computers have been going up in price lately but a good computer, at whatever price, is still excellent value, especially if you get a good few years' use out of it (big hint - best money - from £10 - you'll ever spend on a computer is on the case that protects your laptop).

Onega's aim is always to find the best fit for clients and to recommend the appropriate device for your needs - so please feel free to run any requirements by us and we'll be happy to discuss.

Happy computing.

Thinking of doing The Knowledge? You may want to think again.

The archetypical London Black Cab or Hackney Carriage has been a regulated fixture in the City of London since the time of Oliver Cromwell in 1654 when The Fellowship of Hackney Coachmen was founded, later to be superseded by Parliament, the Public Carriage office and now amalgamated into Transport For London.

The thing that makes a London Taxi unique is that you can hail an available cab in the street, or climb aboard at a taxi rank and you'll be taken efficiently to your destination by a highly trained and tested driver and charged fairly according to the taximeter on the basis of time and distance.

Originally back in the 1600's the form of transport available was a horse drawn carriage which would carry nominally either two or four people. The horse was the common motive power behind the cab until the introduction in 1897 of electric cabs which started the move towards mechanisation. The limited number of electric cabs were discontinued a few years later due to problems with safety and reliability (and to think that we regard electric vehicles as a new concept now) and in 1903 the first petrol powered cabs were introduced to London. From this point the horse, noble beast as it is was destined to be put out to pasture (sorry for the pun).

The driver of a modern London Taxi has to train for typically two to four years in order to learn over 45,000 streets and landmarks in the city and environs of London and the best routes from one part of the city to another and no satnavs are allowed in the test. This includes some pretty obscure landmarks as well as the better known and main hotels and theatres etc. For example FatBoys Diner here at Trinity Buoy Wharf is one of the designated landmarks, and we often see people on motor scooters with their maps in front of them driving up to have a look and learn the location. More obscure landmarks include the only Nazi Memorial in London which is outside no. 7 Carlton House Terrace, off Pall Mall; which is now the Institute of Contemporary Arts but used to be the German Embassy in London.  

Traditionally once you've put in the hard slog of learning the roads and points of London then you'll have put a lot of miles on your moped (and likely been through a couple), physically enlarged the memory centres of your brain and after your final test can apply for the coveted London Taxi Driver's green badge and qualified yourself for a job for life that can reputedly earn you up to £100,000 a year depending on the hours you put in.

Unfortunately for the traditional hard working London cabbie, like the horse that pulled the carriage until about 100 years ago, there may well soon be one less organic entity involved in taking passengers from one part of the city to the other.

We think the perfect storm is brewing so far as this goes, and it is on a trajectory that looks to be unstoppable. Already we have social and connected Satellite Navigation in the form of products like Waze which are free for Android and iPhone users, and in the purchase of which Google invested over a billion dollars for good reason. Companies like Google are big investors in the automated vehicle and every time someone navigates with Waze, they learn most efficient routes, average speeds for the time of day, incidents to avoid,  source and destination hot spots and much more. This accumulates to more knowledge than all the London Cabbies put together could comprehend. Right now it is useful for commuters to be able to get from A to B quickly and if it is free who is going to pay for a TomTom again? Part of the reason that it is free to use is that we are all helping Google to build their route information knowledgebase and data maps - so maybe we should be the ones who are paid to use Waze!

So the electric car, the connected car, the autonomous car, the Internet of Things, the cloud of route knowledge will all converge to make for a future automated taxi service that is on a par with, or better than, the current London Black cab service.

The difference between data, information and knowledge is in the processing and application. If you recall how IBM's Big Blue supercomputer beat Chess Grand Master Gary Kasparov in 1997 this was a demonstration of brute force computing beating the same skill in a human. The same computing power multiplied and brought to bear on applications like transport will be as evolutional as it might be considered transformative.

Current state of the art in automated vehicles is still at relatively early stages, but the rate of evolution of the systems and vehicles is very substantial; such that the break out from research to production we think will be less than 5 years. It could be around 2020 or 2021 that hails the full introduction of the automated taxi to take you from one place to another in London.

The future of the black cab as we know it now - with a jolly cabbie - is thus somewhat grim unless they can evolve into the role of tour guide etc. However we'd suggest looking at how many are still driving horses and carriages in the same way. It is fun for tourists, but it is not economical transport.

We would go as far as suggesting that TFL (part of the UK government) should accept no new entries for people to start to learn 'the knowledge' from 2017.  At the very least they should be given a firm equivalent of a Government Health Warning. We'd light-heartedly suggest they apply a sticker to the registration papers for the Knowledge to state:

'WARNING:
This qualification is as likely to lead to employment as a Media Studies Degree'.


This would be fairest for current taxi drivers who will thus dwindle in numbers over time as they continue until retirement if demand holds that long.

Many people will defend the London Black Cab, but given the choice: If you want to get from A to B and an automated taxi will take you there as quickly, possibly more safely, for a lower cost, ultimately people will vote with their wallets.

I started writing this post in June 2015, after a barbecue with friends where one of the guests had just started on the Knowledge. I was too polite to share my thoughts then, so hopefully am making up for this now. I'm sorry it has taken me over a year to get back to complete it.  In this time, the number of people who will have started their Knowledge training will have been around 1,000 (or at least that many pass their final exam annually - more start and never get to the end). This may be a thousand people with lots of investment in training ahead for not much reward down the track compared to previous generations.

The London Taxi is just one example of the impact of the scale of digital transformation in all areas of life that is ahead. We can't change what will happen which is almost predestined and luddites don't win, but if we can foresee the change, we can be forearmed. Some would say 'if you can't beat them, join them'... so if you're thinking of doing the Knowledge, we'd likely suggest that a similar amount of time spent learning computer programming might be a better long term investment. It is sobering to consider that the company that makes Black Cabs - London Taxis International, now owned by Chinese firm Zhejiang Geely Holding Group, is rumoured to be already planning ahead for designs of driverless Black Cabs - and if they're not, they certainly should be else they'll be left behind by the competition.

At Onega we spend a lot of time keeping up to date with IT trends and keeping on top of the latest releases and news. We work with companies who are at either end of the digital spectrum to enable their businesses to be competitive and to use IT to a competitive advantage. More and more IT is evolving to be an integral part of a business as opposed to an add-on function. We must all look forward and anticipate that 'if this can be automated, it will be' and you're either on the road or sitting at the side of it in life.  There are some exceptions but on the whole we can't deny the progress of the future.

Water, water, everywhere, it's all we have to drink.

Day 7/10 of Onega's H2Only stint and this was my morning cuppa...

It's not too bad; we've had at least one 'Oops, I forgot' moment and Nicola and Ben bought a pass to celebrate her birthday with something a little more exciting.  All forgivable when the £12 'fine' has been donated to RNLI.  

Cake for Nicola's birthday gave us the opportunity to taste coffee without drinking it.   This backfired somewhat when we really, really wanted a cup of tea to wash it down with!  Most impressive so far has been Aneil's visit to the pub on Friday evening when he dutifully ordered nothing but water.  Our 10 days end at 5pm on Friday when we hope to celebrate reaching our target.

Thank you to those who have donated on our Just Giving page - all in aid of the RNLI and the invaluable work they do.  

JustGiving - Sponsor me now!

Onega Goes H2Only

We talk quite a lot about our coffee machine.  In our defence, it is a thing of beauty, producing a mighty fine brew - the carpet to the kitchen is wearing thin because of it.

A few weeks ago, Krunal made a very bold suggestion; that some or all of us take on the H2Only Challenge – an RNLI fundraising initiative involving a pledge to forgo all drinks bar water for 10 days.  One or two immediately suffered withdrawal symptoms at the mere thought of it but 8 of us decided to give it a go.   Whether there is such a thing as a selfless good deed is debatable; our first thoughts focusing on the health benefits and difficulties we may encounter.  All about us.

Except it isn’t all about us.  The RNLI had a very busy week last week – with bad weather around the coast, they had numerous well-reported emergencies to deal with – sadly with the loss of six lives throughout the UK.  This is just the work we hear about. In truth most of their weeks are very busy; it just doesn’t always make the headlines. 

If you’re quick, you can still catch two episodes of the BBC’s documentary series on the RNLI: ‘Saving Lives at Sea’ on iPlayer http://www.bbc.co.uk/programmes/b07l1z87/episodes/guide

10 days without coffee, tea, wine, beer or fizzy drinks is going to be a challenge, but we're determined to go H2Only and raise as much as we can for the RNLI. Their lifeboat crews and lifeguards know all about staying strong. They do it every day – dropping everything to go out on the water and save lives. Your support will help us stay strong too, so please give as much as you can.

Bear with us if we're grumpy on the telephone for the first few days - you can always make us feel better by sponsoring us!   Thank you.

JustGiving - Sponsor me now!

(Remember that, if you’re a UK taxpayer, choosing the Gift Aid option means the RNLI will get even more from your donation).

If you wish to take the challenge yourself, you can sign up here:  https://h2only.org.uk/#

What3Words - A Unique Address for Everywhere on the Planet.

Here in the UK we have a great addressing system, with street names, house numbers, post codes etc. which works very efficiently... most of the time (I'll explain that in a moment). Thus it comes as a bit of a surprise to learn that over two thirds of the world don't have a comprehensive system of addressing and in some cases, very few formal addresses at all.

The UK system is not perfect... take for example Onega's office at Trinity Buoy Wharf. The UK Post Office changed our postcodes a couple of years ago so that where we used to be E14 0JY, we are now more correctly E14 0FN. All good and well, but many delivery drivers find that their satnav takes them to the wrong place because the database on the unit does not correctly locate the new (not so new now) postcode. Hence we have to brief everyone to use E14 0FN for mail (else letters may be sent back as 'address not recognised') but for car / truck / bike deliveries to use E14 0JY to ensure they get to the right place. Understandably couriers have anti-fraud checks for changes in delivery addresses so you have to go through a number of hoops there.

So what's the solution? Well, one would be to use GPS grid co-ordinates for all addresses, but these are not easy to remember and one wrong digit can take you to a different country. A very interesting solution has been designed and implemented by What Three Words - what3words.com . They have split the whole planet into a grid of 3 by 3 metre squares and developed an algorithm that allows for just three words to describe any of these uniquely. Simple but pretty awesome and some examples help to explain how it works.

Right now I'm at EMFCamp2016 which is a UK hacker / maker camp taking place in fields in the grounds of Losely Park in Surrey (thanks for letting us use your beautiful venue). There are a couple of thousand of us here learning, sharing and having a great time. Due to the nature of the event much is dynamic so not everything is where it is on the printed maps etc.  Empty fields don't traditionally have addresses but thanks to what3words, they now do.  You can browse the map on the web via https://map.what3words.com/  There is an app for the iPhone and Android smartphones to allow you to find your what3words address on the map and find where others are. So here at the festival, my tent is at finger.intelligible.ridge which you'd find in the app or at https://map.what3words.com/finger.intelligible.ridge and Milliways (the restaurant at the end of the universe - or in this case at EMF2016) is at glory.hill.reds etc. 

If you remember David Brabban's original 1980's computer game Elite, this included a universe of star systems created in 32k of computer memory, all generated by a computer algorithm to come up with names for all the planets etc. This allowed for much more scale and efficiency than if the planets were just named in a list (which also would not have been possible at the time due to memory limitations). The reason for mentioning this is that it's likely that this may have influenced the development of the what3words system. The 3 x 3 grid across the planet equates to 57 trillion squares. To store all these as a list with the three word address and co-ordinates that they relate to would take more capacity than the average hard drive has, even in a compressed form, so the solution is to have a word list and an algorithm to map words to co-ordinates. This is what what3words does and fits everything into 10 Mbytes of java code, which will fit happily  on most mobile devices / smartphones etc.

The software is accessed over a web API (web integration) and has been designed so that the words are:

  1. Safe dictionary words (you're not going to live at floppy.eagle.dildo but if you're at floppy.eagle.disco you are in Longbranch, Washington).
  2. Not easily confused with each other - meanings / variations carefully assessed to make sure like sounding words avoided.
  3. Similar word combinations are far apart so risk of confusion is minimal.

The system has been taken up globally and, for example, may well become the prime addressing system in Mongolia, giving many locations their first address ever. There are many, many uses for this and in the hobby of amateur radio could be used for location to be given accurately and quickly for competitions etc.  I bet Alan Turing wished that he'd have had what3words when he buried his silver bars, never to be found again!

So now at Onega we can give delivery drivers or visitors a new address. Our office covers a fair few of the 3 metre by 3 metre squares so we can give them Empire.reduce.nation , Monday.grow.thin , interestingly our accounts department is under puppy.costs.snake , meeting room is under major.home.foam and kitchen is heavy.flops.coffee . The entrance though is at worker.point.organs so now you know how to find us!

You can see Onega's Solar install at clown.liner.lamps ..

The apps are not perfect yet - they rely on location reported by your phone and when I go back to my tent here at Electromagnetic Field 2016, it is showing up as risks.casual.scout which is 3 squares away (despite having a good GPS location and clear sky). Thus I'd not use it for an exact food delivery to my tent just yet, but it would get the delivery bot (or person) close enough for calling.

The new system looks like a winner and one of those things that make you wonder why no one has done it before? The timing is right for this and for connecting the world as we slowly but inevitably become one connected society. 

What is your what3words address? 

Many Thanks to Daisy.r for the photo at the head of the page.

How Did That Happen? I Just Bought a Late Soviet Era Water Tower in Latvia.

Last Friday was my birthday and some weeks back, a colleague had suggested doing something fun for the day and the thought grew on me. Indeed, I thought I would treat myself to a rare day out of the office – but what to do? Whatever I did one requirement was that there should be an element of ‘daft fun’ to the day.

Some of the options I considered were:

1.       Learn to parachute / skydive that day? (that would be fun, and full of adrenaline) – a high candidate and catching up with good friend Richard recently I was regaled with stories and his approaching 500th jump.

2.       Would I spend the day in the Radio Room of HMS Belfast? (Fun, and a great day & most rewarding not only working the radio but also teaching and enthusing the next generation about Morse code etc. )

3.       Visit the British Library – something I’d been meaning to do for some time to investigate the resources available, acquaint myself and spend the day contemplating, learning and writing etc.

4.       Spend the day at London Hackspace. I don’t get there half (or 1%) as much as I’d like. Great friendly and creative atmosphere where things get pulled apart, hacked, and made better etc. Many new skills to learn and plenty willing to share their mastery of said skills with others. A veritable trove for the autodidact with an engineering bent.

5.        Just spend the day catching up on sleep and being gloriously slothful for a day.

…. But then whilst browsing the web, and looking out of interest at the state of the Latvian property market (as you do), I came across an advert for forthcoming auctions from the Latvian Privatisation Agency which caught my eye. This specific ad was for a water tower in the district of Jurmala (translates to Seaside), which is about 20 minutes outside Riga and consists of connected villages and towns along with about 30km of unspoilt beach on the shore of the Baltic Sea.

For those that may not know, whilst was born and raised in England, I’m also half Latvian by birth on my mother’s side and have an interest and fascination with the country. I have spent a number of very enjoyable holidays in Latvia since university days, and have witnessed much of the rapid progression that has come since the country’s independence post communism. It is hard to describe but Latvia, with its people and countryside have a great draw for me. In particular I have a thing for slightly overgrown wild Latvian meadows, which I consider to be one of the greatest things of beauty on God’s earth. In Latvia the pace of life is a little slower than the UK and the seasons have clear definition. In winter there is snow, in summer there is sun and yes; this is probably a rose tinted oversimplification.

Since working in the city of London and particularly starting a family, we’ve not been over for quite some time. Last time I went the currency was the Lat, now it is the Euro etc.  From time to time I browse the web and look at Latvian property (real estate) web sites to day dream about a nice farm in Latvia and leaving the rat race behind. Approx 150 years ago everything in our lives would have come from within about 20 miles of where you were living and I find that the idea of a return to a more basic existence has a certain ‘grass is always greener’ appeal. Fresh air, healthy and hard manual work, and enjoying the fruits of your labour etc. Reality however would likely be very different, and besides; after 5 minutes of browsing a task is complete and there is more work to do.

The particular object of the water tower caught my attention though. It was not unique, but a good example of late soviet architecture, where form and function are equally celebrated. Who doesn’t like a good tower or folly?

The water tower was listed as 40m high with a capacity 40 cubic metres of water. Alongside the tower itself, its attendant guard house (basically an insulated shed in poor condition) and the small plot of land where it stood, and it was to be sold by auction on 20th May. I had a read on the particulars, which stated that the property was poorly served technically (no electricity, drainage, gas or – bizarrely for a water tower no water supply either!), and that the guard shed was in poor condition. The tower did appear basically sound though – having been built in approx. 1980 of steel reinforced concrete - they are built to last, and designed to support the weight of the water at the top which is one tonne per cubic metre.

I had a look at the location on Google Earth and StreetView which are very useful tools. These showed the tower, and the location clearly. The setting at the side of the lake was obviously photographed in summer as there are plenty of locals enjoying the environs of the adjoining small lake, and it is very scenic indeed. Slightly down from the water tower also next to the lake were the ruins (mostly intact) of an old mill (windmill?), which dated from the 18th century.  I was obviously interested and found myself looking over the particulars. The documents described the best suggested use of the land as to add to an adjoining property, and I wondered if Grand Designs had reached the Baltic yet.

It is hard to visualise what a 40m high object looks like. A quick search on the Interweb reveals that. for comparison; 40m is the height of roughly a 12 storey building, the same height as the US space shuttle vertical on the launch pad, and a tad taller than the height of the statue of Christ that looks over Rio de Janeiro (when pedestal included), about the same as 9 stacked double decker busses, and 5 m less than the height of the statue of liberty. Quite high then.

Not for any particular reason or purpose, I thought ‘who would not want a tower like that in a beautiful lakeside (albeit post industrial behind) location close to the sea?’ The auction process required advance registration and expression of interest in a particular auction listing. So out of interest, I registered my interest. Thinking about the auction process, I didn’t rate my chances though. I know how people get carried away in ebay auctions (been there), and also that water towers have many purposes in the latter day world – including for use as telecoms towers for the mobile phone networks etc.

Thus I felt that the probability of actually winning an auction against bidders with unlimited pockets would be somewhere from low to nill. In fact, thinking about it rationally (before you say it, you are probably thinking that the concepts of rational thought and 40m high late soviet era water towers is an oxymoron and I’d wholeheartedly agree), I’d not really be able to bid at all, as with family, living etc. it’s hard to justify splashing out money you don’t have on what is effectively a folly. I was curious though. I considered that it would be interesting to see how the auction process worked for future opportunities down the line, and who would end up the owner of this fine tower? So – the auction being set for the day of my birthday, and the prospect of a slow day in Riga also appealing in and of itself,  I booked the flight out.

Ryanair do a flight from the UK to Latvia which leaves at about 06:50 uk time,which takes about 2.5 hours and arrives thus at Riga International Airport (RIX) at approx. 11am local time (timezone +2 from UK time).  There is a return flight that leaves RIX at 21:30 in the evening, and thus a day trip to Latvia is entirely practical and thanks for to Ryanair economic also (Fares start at about £35 one way) – just a very early start to the day considering you have to get up and get to the airport in good time before the flight.

So I’d booked the day out of the office from work – got everything urgent done and let people know that I’d be away for the day, and then set off bright and early on my trip. I say I’d let everyone know I’d be away for the day, and that I had, diary filled in, colleagues mailed, and set Out of Office, but I didn’t say where I was going. I guess sometimes I’m rather shy about things, and considered that if I told people where I was going and what I was planning to do, I’d likely be poo pooed, and ribbed for it – ie ‘you’re going to fly 1000 miles to watch someone buy a water tower? Isn’t that a bit daft?’ – well, yes it probably would be. The plan was also to enjoy a pleasant day in Riga besides this, which would be one aspect to the day but only one small part of it. I’ve known friends to do similar things when going for driving tests to avoid the unwelcome pressure of ‘did you fail again, isn’t that X times now?’ etc. And I admit it was daft in the first place so didn’t really need others to tell me what I already knew.

Arriving in Riga at the end of a pretty smooth flight, Riga was bathed in sunshine and a pleasant place to be. As I was in for the day only, I was thankful not to have any luggage and only my work laptop bag with chargers for phone etc. On arrival I found that there had been some issues overnight with one of our upstream Internet connections which are redundant, but maintenance with one provider had had knock on effects with our routers, which was thankfully quickly resolved by a colleague Matthew in the office. Murphy’s law does dictate that the day you’re out of the office things like this happen but great to know everything in good hands.

From Riga Airport, you can catch the bus to town for EUR 2, which is not quite as quick as a cab, but as I was in no rush, and just there to enjoy myself for the day, that’s what I did and headed into town. I had a wonder around the old town, via Doma Laukum (Dome Square) etc. all was quite as a I remember it but with some evolutionary changes as you’d expect. Progress is progress, but I still think that KFC, Starbucks and McDonalds & now Pizza Hut are a little out of place in Riga alongside the more traditional shops and hostelries.    From the old town I wondered through the park by the National Opera House (Latvia has a very strong opera), enjoying the sun, the walking and the air. When you don’t have 101 things on your to do list and bustle to get things done, time itself feels more relaxed.

On the plane on the way over, I had a read of my PDF download from the night before of the ‘Riga in Your Pocket’ guide to the town where they have good reviews of where to go and where to avoid for a visitor or expat in Latvia. I stopped at a small Latvian Café  - ‘Cafe22’ where the food looked good and the wifi was free. Lunch was an excellent beetroot compote and then a Latvian pancake type dish which was also delicious and costing a very reasonable EUR 4.1 including a bottle of water.

After this was close to time to visit the Latvian Privatisation Agency in their building just down from the national art museum. I was not too sure how this would work with language etc. as I can order a beer and stop a taxi in Latvian, but not much else. Thankfully (and to my slight shame) many if not most Latvians speak excellent English.

There is an oft over used phrase ‘you have to be in it to win it’ – which to my mind equates to advertising for things like the national lottery, of which you have about 1 in 14 million chances of winning, so may as well read ‘you’re almost certainly not going to win it’…. But in this case it seems I struck lucky as it turns out that in fact I was the only person who had registered an interest in the water tower, and that the board of the Latvian Privatisation Agency had written a letter to this effect two days earlier but not bothered posting it as it would not get to the UK in time. As the only interested party, the building was effectively mine. Barring a small matter of payment – a grand total of EUR 5.17 had to be paid for taxes. Helpfully and to make paperwork less of an issue; the Latvian privatisation agency had paid this on my behalf to the district authority in Jurmala, and that I could repay them in 30 days, but no, they could not accept cash now. The staff were delightful, efficient, and answered a host of questions such as might be asked by a naïve first time buyer of Latvian Water Towers.   It turns out that this was also their first time privatising a water tower, and they were curious to see who would be interested in this. I’m pretty sure I’m down as the ‘mad Englishman’, which is likely true. Gift horse & mouth etc. so with a few signatures the water tower was basically mine. I do still have to file a document with the Land Registry, and pay another EUR 7 or so in fees for that, but that would not be possible the same day, as many state institutions work a short day on Friday (I did say that the pace of life is a little different in Latvia and no bad thing).

 So – wow – I guess I just bought a water tower sight unseen. How cool is that? What to do with it, what state is it in etc. ? I’d not actually particularly thought of those questions until then, as I didn’t really believe it myself until this point. Next, there was only one thing to be done – I resolved to skip my trip to the art museum and took a taxi to the tower. The Tower was down as being in Jurmala, which is the district (just) but more accurately is in an area called Sloka, which is a short way on from the main tourist centre of Majori / Jurmala town centre. Nicola and I had taken the train to Sloka years ago and walked to the campsite there where we stayed in simple huts on a fun holiday doing lots of walking on the beach etc. The area is quite wooded and not so densely populated, so you are a long walking distance from the hub of activity and thus at the more tranquil end of the sands. The water tower was (is) inland from the sea somewhat, but in view of the river Lielupe and next to the lake. I’ve never been to Ibiza, but I understand that there is the party side, and then the rest of the island which is actually quite beautiful and unspoilt. So it is with Sloka.

The taxi was a luxury, but the trains can be infrequent and I was keen to behold the tower and see what I’d just let myself in for.

In the property market they say that much is about ‘location, location & location’ and I think the location of the tower is pretty good, but judge for yourself and see what you think, as we’ll run through some photos below:

The tower itself:

Here is the tower. 40m high and holds 40 Cubic Metres (40,000 litres) of water which would weight 40 metric tonnes. Looks in need of a bit of a trim of the bushes at the bottom and a lick of paint at the top.

Detail of the lower half. You can see the the scale a little more effectively here (or get an idea) as the guardhouse (basically an insulated shed) can be seen to the right, and other former industiral buildings behinds which are between two and three stories high themselves. The guardhouse was last manned in 2002 from the papers inside, and has a desk, an armchair, and a print of Lenin on the wall ahead of you. It is quite amazing that despite only being help closed by a bent nail, that everything is in tact inside. The tower itdelf has an open entrance currently, but no known accidents in the last 14 years which is probably due to it being fairly obvious that it is to be treated with respect. Health and safety probably dictate that early actions should be a door, fence and a warning sign at least.

View of the top half of tower. The paint is usefully about the same colour as the rust, but fresh paint is called for at sometime which will be fun on the trapese. The steel water containers can be climbed down into via internal ladders from the top, though these have yet to be explored. The water bearing steel containers balance on a small concrete step so that centre of gravity transmits down the tower walls whilst looking ever so slightly improbable.

The view of the lake from the bottom of the tower.

Seperate view from the bottom of the lake. If you look at Google StreetView for the area you'll see people enjoyin the lake in summer and apparently people enjoy diving in it also. Navigate a little down the road and you can see the remains of the old windmill also.

Immeditely inside the tower if you look down you see water. I don't know why but this surprised me somewhat. Whereas you'd logically think that a water tower should contain water, somehow I didn't expect it at the bottom. It could be that this goes down for a few inches (having gathered and been held here) or much further (coming from source) - to investigate further.  

In this photo, you can see the ground level platform to start the climb to the top. To the right is the big water pipe that goes to the top, which either takes water up or down. At the bottom of the picture you can see some of the welded joins in the steel reinforcements in the concrete.

This is the view inside the tower looking up. There are a series of steel ladders going up, and platforms between the levels. I'm not sure what grade of steel was used for this part, but it is all fairly chunky and bar the visible corrosion relatively solid. To climb to the top you just go up up via about 5/6 platforms. Climbing to the top is certainly good exercise!

Ever wondered what the inside of a soviet water tower looks like from the top looking down into it? If so then this is your lucky day and the answer is (at least partly) in the picture below. Helpfully there is a ladder to descend the depths of the inside of the tanks. Given that I did not know the state of corrosion on the ladder bar the first bar which looked quite shiny, I decided that best not to venture down for now lest I languished at the bottom of the tank forever if a step broke. Resolution to investigate further later with caution and a harness secured somewhere solid at the top.

The good stuff: the above is part of the view from the top of the tower. What a view. The road and lake are in front, and you can see the river Lielupe in the background behind the trees.

Further to the left you can see the ruins of the old windmill on the banks of the lake.

Another view from the top - apparently the lake is popular for diving amongst other activities in the summer.

For scale - taxi and people walking along below.

Further round nearby fields, houses, industrial and small holding units.

To the rear of the tower are a number of post industrial units. The site used to be one complex for logistics and other operations before before the end of the communist regime from what I understand.

A short video also panning from the top.

 

So that's the tower for now.

I should have taken some more pictures and more of the guardhouse at the bottom etc.

So next questions include:

  • What should be done with the tower?
  • What's the best way to tell your wife you've just bought an ex Soviet Water Tower in Latvia? Answer: Have a very lovely and understanding wife who understands people can do daft things sometimes (or all the time) & immediately stepped forward as tower Health and Safety officer having since having listed about 47 ways the tower could kill you :-)
  • What would the rest of the family think?
  • Who is the best and most competitive insurer for Latvian Water Towers?
  • Would this make the ultimate AirBnB?
  • As a keen ham, what type of Yagi antenna would you best put up top?

etc.

These would have to wait for now though as I only had limited time and also had a keen sense of self preservation in not wanting to push things too much as to limits and risks.

Returning to Riga I visited the old central market, cooled my heels a while and picked up some finest Laima chocolates etc. to take back for home and office before taking the bus back to the airport for the return flight.
 

I was thinking of having a T-Shirt made:

It might say: 'I went for a day trip to Riga and all I got was this late soviet period 40m high steel reinforced concrete water tower with observation platform by a lake with views of the river Lielupe and the Latvian Countryside, complete with guardhouse (shed) with an armchair, desk and proudly displayed print of Lenin.' :-)

To be continued...

 

Sharks and Saints - Domain Rights on .co.uk and .uk

One of the many services that Onega offers clients is assistance with domain registrations and acquisitions. This can be a minefield but there is usually a common sense solution and balance in this; as to which are the appropriate domains for an organisation to own or register and to protect branding and reputation alongside trademarks etc.

We recently helped a client to buy a domain that matched the initials of their company name from a broker, to go alongside their other domains. In this case it was a four letter .co.uk domain that we helped to purchase.

This all went smoothly, transacting via undeveloped.com and the timeline on this was as below:

Negotiation - 7th Jan 2016 - Several offers and counter offers back and forth, thankfully managing to secure the domain in a small but happy spot where the offer was just affordable to our client and just acceptable to the seller, so all could proceed.

Purchase - 7th Jan 2016 - We paid for the domain directly so that things could move ahead and to seal the deal. Thus the .co.uk domain was now secured for our client's company. The purchase was for a .co.uk domain for which no .uk had been registered (so rights were still vested in the .co.uk domain for this).

Transfer - 27th Feb 2016 - This was the date that the domain came across to our client in the form of a transfer to their GoDaddy Domain Registration account, and from where we immediately updated the contact details to be correct for their company contacts, to ensure a valid Nominet registration.  The delay was partly down to us as the broker process was a little different from some others in this case (we normally do a Nominet tag change to the ONEGA tag as we are a member and registrar / tag holder with Nominet); whereas in this case a GoDaddy account transfer was the process used which was fine and smooth when done.

So far so good.

Fast forward a few weeks. We then came to register the .UK domain as part of good management and to realise the new and trendy higher level domain registration for our client.

It is worth explaining here for anyone unaware, that as a holder of a .CO.UK domain, you have a 5 year 'sunrise' right to register an equivalent .UK domain. Thus if you have (in our case) onega.co.uk then you also have rights to onega.uk. Here at Onega, we primarily use our onega.net domain but hold the .uk domains for secondary purposes and domain protection alongside our UK registered trademark of 'Onega'. After the 5 years which starts from the .uk domain launch date to the 'fully open' period, then anyone can potentially register an equivalent .uk address. This 5 years started on 10th June 2014 so protection ends and open season begins at 10am on 10th June 2019. Thus we recommend that clients with an active .co.uk domain exercise their right and protect their .uk domain with a long registration now (the cost is trivial) . It's also good contemporary branding to do this and use the domain.

Back to our narrative... we found that when we came to register the domain for our client as per best practice, that now it transpired from the .UK Whois data that the .uk domain had been registered by the seller of the domain under their own details on the same day as the transfer finally occurred (17th Feb)... hmmmmm....

It was our understanding and is common practice that when the domain of the .co.uk was purchased, that this would include the rights to register the .UK address. We were a little disconcerted to say the least when we discovered this registration, as we'd consider the domain and related rights effectively owned from the point of agreement and payment - the transfer being a formal process in the completion as would occur in the land registry work related to conveyancing and sale of a house.

Next course of action was to read up on the rules and check our position. Nominet has a good Q&A on the .UK domain rules, which we consulted; we also checked the Terms and Conditions of the domain broker. The Undeveloped Ts&Cs did not contain anything mentioning related domain rights. Nominet's Q&A is well written although it did not have anything specific on this case, but it did remind us that .UK registrations should normally be available for the .co.uk owner (who was our client at the time of the seller's registration though not reflected in Whois yet), also that these registrations can be referred to the Nominet Dispute Resolution Service if there is a disagreement on a registration. 

The majority of domain disputes are amicably settled but having a fair procedure for resolution as a formal path available is a good comfort should it ever be needed. Our next action at this point was to get in touch with the domain broker, through whom the purchase had been agreed, to raise the issue with them and also to contact Nominet DRS informally to ask about case history and precedent on this.

Nominet DRS were very helpful on our call and we learned that this issue has come up a small number of times already and is likely to come up again in the future as the .uk domains become more established. No cases of this type have yet to get to binding adjudication, but some have been through the DRS procedure which commences with mediation on the issue and thus far all have been settled at this stage. The outcome has so far been, in all cases that we are aware of where the complaint has been followed up in the DRS case, that the .uk domain has ended up being transferred to the complainant (who is normally the .co.uk rightsholder). Resolution at this stage avoids costs escalating for all parties in the process.

This was useful to be aware of and to better understand the position and case histories. At this time we heard back from the sales domain broker and they reasonably disclaimed involvement in a case not exactly related to the actual domain purchased and recommended that we contact the seller directly.

We did contact the seller with a professional, respectful while reasonably formal mail on the subject at hand - setting out the brief case and asking for an amicable agreement on this.

I'm delighted to be able to say that in this case, the seller called back within the hour and the domain has now been transferred to our client at no cost. The seller had apparently sought to register the domain to protect it from abuse by anyone else, though arguably that should not have been an issue as only the .co.uk owner can make the .uk registration. In any case, the situation has been resolved without further escalation. The seller was delightful to deal with and I'm happy that this was just a simple miscommunication issue rather than anything more.

What have we learned or been reminded of from this?

1) Don't make assumptions - in this case there was no discussion either way on the question of .uk domain rights in the negotiation process. It would have been better in retrospect if we had have explicitly said 'for the .co.uk domain in question and any rights vested in that registration' so that we made sure we were specifically reserving these rights.

2) Ideally domain brokers should be clear in their terms as to whether any rights vested in a domain are included in the sale or not. It would be fair and reasonable for a seller of a .co.uk domain to sell the .co.uk domain but reserve the rights and register in advance the .uk domain if they explicitly state that they reserve this right.

3) Most disputes are amicably dealt with and it is always best to try this route before looking at invoking a formal process.

4) The online reputations of Domain Sellers and Brokers are very important to them so as far as possible most will adhere to best practices.

If you need any help on domain matters please don't hesitate to Get In Touch and we'd be happy to discuss how we can help. 

Thanks to Ryan Espanto for the circling sharks photo.