Santander UK PLC - Two Factor Authentication Policy

I think pretty much everyone is agreed that implementing two factor authentication on important online accounts currently represents the "Gold Standard" in terms of security for the average consumer. There can be few accounts as important to protect as our online banking accounts with password managers, email accounts and others very close behind indeed in terms of security requirements.

With this in mind it has always seemed odd to me that I can log in to a Santander account with no second factor being checked, therefore if someone did obtain my login credentials they would be able to access my financial information and I would be none the wiser. I do not believe this to be an optimal arrangement in terms of security, for such a sensitive system,

Being curious I wrote to Santander outlining my concerns and asking for an explanation why two factor authentication has not been implemented, others may be interested in their position, which is as follows:

Thank you for your letter dated 6th January 2018.
I understand you would like to know why Santander do not use two factor authentication for the initial log-in step for our online banking service.
Unfortunately, I am only able to advise that this is a business decision made by Santander, and that it will not be possible for me to provide an explanation of how this decision was reached.
I can confirm that Santander do take online and mobile banking security very seriously, and that we are constantly looking for ways to improve our security for customers, however they choose to bank with us.
I have raised a suggestion form detailing the concerns given in your letter, which will be reviewed by our feedback team. Our customer suggestions are recorded and are taken into account in future reviews our our policies and processes.
If you'd like to discuss any of the above points, please call me on 0151 2548618.
Thank you for raising your concerns with us, they will help us to improve and meet our aim to deliver the highest level of customer service.

In summary, no, we don't use two factor authentication and we are not going to tell you why that decision was made, but we are happy to look after your money for you.

Only a matter of time before 2FA is implemented but the Santander systems I believe are less secure in the meantime without it.

Damned Banks

At one time I thought banks were Ok, if you had a bit of money saved up they would give you a half decent payback in interest, they kept your money "safe" and they provided free banking services if you remained in credit. On top of this they would, if you were good, lend you some money for a large purchase or even let you overdraw your account a bit if you didn't go too mad.

Things are different now and I've come to dislike banks with a passion, they seem to me to be greedy self-serving organisations who want to milk their customers purely for their own benefit and profit.
I went to the bank the other day to withdraw some cash, not a vast sum, I was doing this because I have decided to change some of my arrangements. I approached the counter in the normal way and surprise surprise when I asked to make the withdrawal I was asked what the money was for. Yes, I'd heard of this but not actually experienced it, I was being asked what I wanted to withdraw MY money for.
I understand that with all the problems of crime, money laundering, fraud, etc. etc. these days vulnerable people need to be protected but to be honest being asked what I wanted the money for when I was withdrawing it from my own account didn't sit very well with me, it wasn't as if I was asking for a loan. I was tempted to say that the money was for drink, gambling, and prostitutes but decided against that but I did offer the following explanation.
I politely said that the money was for my own use and that I did not know at the present time what it was going to be spent on, but that I wanted it under my control rather than under the control of the bank. I pointed out that the money in the bank was not paying me any kind of reasonable interest but at the same time the bank was making money, using my money, by lending it to other people and charging them interest and that I didn't think that was very fair.
I explained that the bank was making a profit by having my money and that I thought it would be better if I just had the money rather than having to ask them to give it to me and to have to explain why I wanted it. I then also explained that personal data was valuable and that the bank was tracking my spending, through the use of a debit and credit card, and was giving me nothing in return for this, in fact, it was charging me to bank with them! I suggested that also didn't seem like a very good deal from the customer's point of view.
Anyway, I departed with the money I had requested without telling the bank what it was for and I have decided to make some changes as I am sick of being tracked, controlled, and being asked to justify myself. I will use a credit card only when it benefits me and not just for convenience and I am going to stop using a debit card unless it is to avoid paying a credit card fee when making an online purchase. This will mean only using a credit card for some online transactions and some large purchases where there is a potential risk of a company going into liquidation or where I want the security of insurance immediately following a purchase.
For the vast majority of my spending, I intend to withdraw cash maybe once a week or as required and just use that for my general shopping and day to day spending, thus avoiding my spending habits being tracked by the bank with no benefit to me whatsoever. I just don't see why I should accept this invasion of my privacy any longer in return for nothing. On top of the privacy benefits studies show that people are less likely to make impulsive purchases and more likely to limit their spending when they use cash, parting with cold hard cash is just that bit more difficult!
If I needed any more reasons to use cash the risk of card data being stolen by crooks using NFC wireless communication whilst out and about is only going to get worse. I'd rather lose a few pounds in notes than have all the hassle associated with identify theft.
I also have in mind that it's not just spending that is being tracked it's also, as a result of card spending, one's location that is being tracked and there is more than enough of that going on without me voluntarily adding to it.

QR Codes For The Common Man

I'm ashamed to say that I have never really given these little spotty things a great deal of thought or really considered how I might be able to use them in my own life to organise and retrieve material, particularly material stored in the depths of my Evernote account. As I started to explore their potential more deeply it very quickly became apparent that I have been missing not just a trick but many tricks in terms of what I could use these codes for and how they might become part of my everyday life.

A QR Code (the QR stands for "Quick Response") is a mobile phone readable barcode that's been around for quite a while and has popped up in all sorts of locations though many people make little use of them and they are often ignored. These codes can be used to provide pretty much instantaneous access to all sorts of things, below is a list which is by no means exhaustive:

Website URL, YouTube Video, Image File, PDF File, Google Maps Location, Twitter, Facebook, LinkedIn, Instagram, FourSquare, App Store Download, iTunes Link, Dropbox, Plain Text, Telephone Number, Skype Call, SMS Message, Email Address, Email Message, Contact Details, Digital Business Card, Attendance Tracking, Event (VCALENDAR), Wifi Login, Paypal, Buy Now Link, Bitcoin.

It turns out all I need to make use of them is access to a suitable website which will allow me to generate QR Codes, such as I then needed some way of printing out the generated QR Codes if I want to use them in printed form though they can of course be distributed electronically, and then a phone application to read these codes. The code reader I've been using on an iPhone is QR Scanner by MixerBox Inc which is very quick and convenient and available for the iPhone in the App Store.

Any printer can be used but I think the Dymo LabelWriter 450 Turbo is an excellent choice if you are going to be doing a lot of this kind of thing. The QR Scanner application I mentioned has the advantage of happily reading "text only" QR codes without the need for an Internet connection of any kind, this is not true of all QR Code scanners. This means that "text only" QR Codes can be deployed in remote areas or areas without coverage such as subways if required, they will still work. I find the and QR Scanner combination to be excellent.

My initial plan, having done some reading, is to make various digital versions of manuals available immediately where they are needed, that is at the device itself. I have all the manuals for household items available digitally in Evernote so part of the work is already done. The next steps are as as follows:

  1. Go to the relevant digital manual note in the Evernote application and select the "Copy Note Link" option in the "Note" menu, copy the link to the clipboard.
  2. Go to the QRStuff website (above) and paste in the note link, this will generate a QR Code.
  3. Download the QR Code and print it out onto an adhesive label, or paper.
  4. Attach the QR Code to the device to which the manual relates.

Then the magic can begin. When I need to access the manual I will have the device in hand and I can simply scan the QR Code with my iPhone or iPad and the digital version of the manual will immediately be retrieved for reference, no searching, no messing about in dusty files, no problem. It really does work like a charm.

Here's just a simple example. Need to refer to the instructions for that old battery charger you bought seven years ago and you've forgotten what that little light means? Look on the back of the unit for the QR Code you put there linking you to the scanned copy of the manual in your Evernote account and almost instantaneously there is the manual on your phone or tablet, just where and when you need it. No searching, no swearing about the fact that you cannot find it in an analogue filing system, try it!

QR Codes can also be used for home archiving purposes, coupled with Evernote this will make a brilliant bi-directional storage and retrieval system. I have a number of storage boxes up in the loft and what I'll do as a one-off task is create an Evernote note of the contents of each one, the first note will be called something like "Storage 01". The same process as above will then be used to generate a QR Code which will be attached to the top of the storage box.

Using this arrangement, if I want to know the contents of a box I simply scan the QR Code and the list pops up, it's that simple. However, another "reverse" use of the system is to search Evernote for a particular item, say "Glassware" and this will find that text and the note header will say something like "Storage 03" and you then immediately know which box to look in for the glassware.

The above are very simple examples but the options are endless. All the books on a section of shelving for example could be listed in an Evernote note and that section of shelving labelled with a QR Code which would make retrieval quick and simple rather than scouring shelves for a particular volume.

Are you going out? Don't want to forget important things when you leave the house briefly or for a longer holiday? Are you likely to forget to check the gas ring? Are the lights all off? Is the water turned off?

Simple solution, produce a "Must Not Forget" list in Evernote, get the note link and generate a QR Code. Print out the QR Code and put it on the inside of the front door, as you leave scan it and your "Must Not Forget" list will instantly appear, check it quickly and away you go, confident that nothing important has been left behind or forgotten. As times change simply update the note in Evernote and the new version will pop up when you scan the same QR Code. So, simply posting the QR Code below on the back of the front door and scanning it before you set off out will remind you of those "Do Not Forget" items, whatever they may be, try it!

A similar arrangement can also be applied to packing for a holiday. My plan is to use an existing general packing list which I already have stored in Evernote and I will produce a QR Code label using the link to that note, this QR Code will then be attached to my suitcase which will mean that when I come to pack for a trip I simply scan the QR Code and bingo, there is my packing list exactly where I want it, in my hand. A potential added benefit of this is that if luggage goes missing simply scanning a second identical QR Code attached to travel documents, or referencing the note, will provide an immediate list of suitcase contents for insurance purposes.

Dread that moment of blind panic when you are stuck by the roadside, you can make it more bearable if you have all the information you require. Create a note in Evernote containing the information you might quickly require such as insurance company telephone number and policy details, your vehicle registration number (easy to get wrong in a panic!) and vehicle make and model and of course the emergency phone number of a rescue company. You might want to also include instructions about retrieving your exact location from a SatNav as this can be fiddly with some models and it's far easier if instructions are to hand. For more general use things like tyre pressures can be included in the note to save looking them up on door panels or in manuals.

Once the emergency note is generated create your QR Code as above and attach it to the dashboard and when that horrible moment arrives fire up the QR Scanner on your phone and there is everything you need, immediately to hand.

The possibilities are endless, but you do need to remember your phone or tablet!

Q Field-Boden. December 2017.

The Decluttering Continues

Down to a single storage box with suspension files, easy to store and move if need be. End result of a lot of document scanning (stored in Evernote) and a lot of shredding of other material.

Now easy to find manuals is they are needed and everything available in one place. All legal documents retained but digital copies also stored in Evernote should the worst happen.

Recommended, much better for one's state of mind than a load of clutter.

The Cycling Network - Convenient?

Here are a couple of examples of why I find the provision of local cycle tracks to be inconvenient and unattractive to use.
On the map below there are three marked points, A, B and C. The most direct route is a gently sloping road which has a good surface and this route runs from A to B. Section A to C is a potholed track which does not have a proper surface at all, section B to C is a very steep hill on a narrow lane.
Arriving by bike at either point B or point A the marked "cycle route" is shown to be along route B->C->A or A->C->B depending upon your direction of approach.
No doubt someone thinks this is "safer" - I think it's just directing cyclists along a far longer route, all of which is either very steep or completely unsurfaced and terribly potholed.

If I wish to use the cycle route between Hipsburn and Warkworth when cycling from Alnwick I will arrive at point A on this map. If I ride along the road from point A to point D I will almost certainly be abused by or hooted at by motorists who will normally yell something like "get off the ****ing road" or "use the ****ing cycle track".
The problem is that to join the cycle track I have to cycle from A to B, B to C and then C to D where it then follows the line of the A1068, there is no cycle track between A and D.
Am I being ungrateful in thinking that having to ride along three sides of a square, including going down a hill and then back up it, isn't a very attractive proposition?

York and The National Railway Museum

Today’s plan was to visit the National railway Museum in York, visited it many many years ago and have been meaning to make another visit for a good while. Up and about in good time and then our host Ron again very kindly dropped us off at the Grimston Bar Park & Ride which worked out really well. Didn’t realise until we got there that there are designated spaces for motorhomes to park in (free), according to Ron York is the best place in the country in terms of provision for motorhome drivers!

The service into York runs every ten minutes which is great, two return tickets came to £5.80p and given the potential hassle that this avoided this seems to me to be a great option, certainly the service was well used. just goes to show that if public transport is reasonably priced and reliable people will use it.

Soon arrived in York (Piccadilly) and was immediately surprised by the degree of pedestrianisation there now is in comparison with when I was last here. Makes for a very pleasant experience and the place was really busy, there looked to be some sort of university graduation ceremonies going on, nice atmosphere all round.

About a 15 minute walk to the National Railway Museum and we were soon in amongst the exhibits. Sent a very enjoyable 3 hours in there taking photos and generally enjoying the experience, it has definitely improved a lot since my last visit and it was well worth returning.

What were our highlights? Both really enjoyed the world record breaking steam engine “Mallard" which was just big, blue and very beautiful, a real slice of history there. We enjoyed the exhibit covering “Hospital Trains" which really brought home the horrors of war, we had no real idea of the tremendous role that the railways played during both wars. Great to see Stephenson’s Rocket (albeit a replica of the original) which was the true start of the railway. The engineering skill that went into designing and building all these trains is simply staggering, also fascinating to see the Royal Carriages and to compare what at the time was absolute luxury with the present day, in many ways we now live as well as the royals did.

Online photo album of our visit to The National Railway Museum available here.

Rounded off a nice day by walking down to York Minster (£10 to go in so didn’t bother, £20 seems a bit steep to get into a place of worship) and down The Shambles then back onto the Park & Ride bus. Collected by our pal Ron and we were soon back at the One Hundred Oaks campsite for tea by the lake and a relaxing time before heading back up north tomorrow. Been lucky with the weather as it’s been good again today, in the end you just have to go with it and take your chances and this time we won hands down on the weather front.

Sitting around the lake peering through the binoculars we saw again the small flock of visiting greylag geese, the oystercatcher and our friend the brown hare going about his business. Nice way to spend time this, never switched the TV on at all and haven’t missed it one little bit.

The Exide Gel leisure batteries I installed in the motorhome before we came away seem to be doing their job nicely with no more of the problems I had with the old batteries that I inherited from the previous owner which were swollen and knackered. All in all we have been very pleased with this vehicle and we hope it will serve us well for a good number of years.

Yorkshire Air Museum

Lovely morning to wake up to the view of the small lake, ideal weather for our visit to the Allied Air Forces Memorial & Yorkshire Air Museum. Ron, our host, had kindly agreed to drop us off at the museum which is just a couple of miles away from the Hundred Oaks Caravan Site in Elvington. He was ready bang on time and we were soon on our way in his Range Rover, how lucky we are! Ron’s a really nice bloke, very friendly, has obviously worked very hard all his life and is now reaping his well deserved rewards.

The air museum was excellent, lovely atmosphere and you could really get a feel for what it was like in these places during WW2 when Elvington was a very active heavy bomber base. The main reason I had wanted to visit this place was because I knew from previous research that it housed one of only two Handley Page Halifax heavy bombers, the other one being in Canada I believe.

My stepfather, Eric Dunton, had been in the RAF during WW2 and had been a rear gunner (Tail End Charlie) in a Halifax, quite how he survived I cannot really imagine. At that time the average life expectancy for a rear gunner was two weeks but somehow he did survive many missions over enemy territory, a miracle really.

Unfortunately as luck would have it the Air Gunner section of the museum was closed for renovations but several other exhibits showed me the things I really wanted to see. I was frankly shocked and quite emotional when I saw for real a rear gun turret from a heavy bomber. The conditions, the exposure and the sheer terror these men must have experienced really shook me. They were alone in the turret, surrounded really by just a glass bubble in freezing temperatures with four machine guns for company which were fed ammunition by belts further forward in the tail. I honestly cannot imagine how these men managed to do what they did, truly humbling.

The Halifax Heavy Bomber was everything I had hoped it would be. It was staggering to learn that on the production lines where they were built at the peak of production there was one plane PER HOUR coming off the production line, such was the attrition rate of planes and air crew. This rate of loss really puts modern day warfare into perspective, again I was shocked.

There were many fascinating aspects to the exhibits, we particularly enjoyed the control tower and seeing the living conditions of the air crew. It’s extraordinary to realise that these men might be being shot at and killed over enemy territory at one moment and then several hours later, if they had been lucky, they might be back in an English village in the village pub, mentally how do you live like that?

A really unexpected bonus towards the end of our visit was a wooden contraption in a corner of one of the huts, I thought I knew what it was and I was right. It was the original wooden “catapult" that Barnes Wallace had used for his tests with ball bearings in a water tank when he was inventing and designing the “bouncing bomb" used during the famous WW2 Dambusters raid. Just brilliant to see an artefact like that survive with all the history that it essentially created.

This place really has been well worth the visit, it was excellent. Ron picked us up and we were soon back at the site for a leisurely late afternoon and evening. Nice walk up into the village of Newton Upon Derwent. Made a few new discoveries about the motorhome, a couple of features I didn’t even know existed but all good!

Now That's Service!

Back in January we bought a very nice and very expensive kettle which we were delighted with. We bought the item from Lakeland where we often shop because they offer such excellent customer service.

Sadly the kettle developed a fault recently so we decided to return it and obtain a replacement under the Lakeland "no quibble" guarantee.

Today we took the item into the store where we were immediately offered a replacement or a refund, as we had expected. What we had not expected was to be told that the item was now significantly cheaper and we were not only given a replacement kettle but the price difference was fully refunded, which was a significant sum.

Now THAT is service and that is exactly why we keep buying items from Lakeland when we can.

Turbo Tyre Temperatures

Did a little experiment just out of interest and I was quite surprised at the findings. I use CompuTrainers quite a lot when I’m training and for these units to be accurate the calibration procedure needs to be followed meticulously. This is not an onerous procedure and if done properly the power data from these units is very consistent and accurate. A while back I produced a short video detailing the correct calibration procedure to follow, see below:

The main reasons for this calibration being necessary are that the temperatures of the tyre and resistance unit increase as they are used and therefore a proper system warmup is required before use and prior to calibration. I decided to measure the tyre temperatures before warming up, after warming up and after a short ride at around 200W just to see how much things really did change, here are the results:

Tyre temperature before warmup: 19.2 degrees centigrade.

Tyre temperature after warmup: 32.2 degrees centigrade.

Tyre temperature after 30 minutes at around 200W: 34.5 degrees centigrade.

I was surprised just how much the temperature rose, I was also surprised how quickly it came back down again after the session, the tyre returned to around 20 degrees centigrade within 2-3 minutes.

The tyre Crr reduces by about 0.6% for every 1 degree centigrade rise in tyre temperature, it can be seen therefore that the tyre Crr will change by a very substantial figure with a temperature change of +15.5 degrees centigrade.

The moral of this story is that if you use one of these devices it is vital that the system is properly warmed up and that it is properly calibrated before each use, this will apply to any trainer where the trainer and it’s software are the power data sources, if there is a tyre-roller interface.

I guess taken to it’s logical extreme a rider wanting to have the fastest possible tyres should arrive at the start of a short TT as close to his or her start time as possible, with hot tyres, electric tyre warmers anyone? :-)

Litter Strewn Northumberland - What Have We Become?

For months if not years now I have become increasingly horrified about the state of what used to be beautiful countryside as it slowly but surely becomes little more than a public rubbish dump. At one time to take a drive or bicycle ride in Northumberland was a real pleasure but now such trips are frequently spoiled or at least degraded by the almost constant presence of discarded litter.

This litter takes may forms but for the most part it is made up of plastic bottles, cans, glass bottles, fast food cartons, disposable coffee cups, cigarette packets and a surprisingly high number of empty tablet packages ranging from painkillers to anti-depressants. We can only wonder at what passes through the minds of those who toss this junk out of their vehicles rather than disposing of it properly, maybe they think it's clever, maybe they just don't think at all.

In order to give some sort of quantification to this litter sampling exercise I measured the length of the section of verge I collected the rubbish from, I did this using a wrist mounted GPS. I only collected litter from one side of the road because of time constraints and the distance was 0.23 miles, or pretty much exactly 400 yards. I took me just under four minutes to walk the length of the segment at my normal walking pace, this was NOT a long segment of road by any stretch of the imagination. Here is a link to a map which shows in red the exact stretch of road where this litter collection took place.

At the end of the collection period I had collected eight bags of rubbish, I was staggered, it was truly shocking. This means that with the road segment being 400 yards in length I was collecting TWO bags of rubbish from the verge per 100 metres! When I got home I took some short video clips of the bags and then emptied them out to properly illustrate the volume of rubbish that I had collected, the video is shown below.

Surely it cannot be right for us as a society to accept this sort of filth as "normal"? Surely if we are completely powerless to stop people depositing their rubbish in this way, which we seem to be, then at the very least something needs to be done to clear at least the worst of it up before the problem becomes simply too large to tackle, if it isn't already.

This whole experience left me very saddened as I realised that the problem was in fact far worse than I thought it was, I foolishly thought I might just need one bag to pick the area clean, there was just so much more there that I thought there was. It seems to me that it is only a matter of time before our once lovely countryside is completely ruined by the plagues of littering and fly-tipping. It's noteworthy that we never seem to see a scrap of litter in Downing Street on the TV or around the Palace of Westminster, for many reasons our elected representatives seem to occupy a completely different world.

I guess the best we can hope for now is for willing (daft) volunteers to keep doing what they can and for their local councils to at least help and support them. My job would have been made a lot easier and safer if I had the correct equipment for the job. I had to provide my own black bags and now I have the job of taking those full bags to the local tip, how ironic would it be if under the new charging regime at the tip I was told that I had to pay to dispose of them!

It will be interesting to see whether I hear back from anyone in local government, if I do I will post an update.