Secure website, lazy website developers logoAre South African online retailers exempt from consumer security issues? It seems like some of them just don’t care, most notably,

Last week Friday I noticed an item appear in my basket on the site, a soft cover technical book. I was quite surprised and equally quite concerned as I never added it to the basket. So immediately I generated a new complex password for my account and proceeded to change my account password.

I followed up by emailing the Customer Service Manager with my concerns, as we’ve been in contact recently about some failed orders – a long story worthy of a series of blog posts! I don’t hear back from her and later I attempt to sign-in to my account once more only to be greeted with a sign-in failure dialog. So I try my previous password and it doesn’t work either.

Ok no worries, I use the password reset feature. About 10-15 minutes later I get an email with a new 5 character random password. I find it quite odd that the system generates such simple passwords, but at least its random I reckon. So I follow the instructions in the email and attempt to sign-in and change it to another suitably long and complex password. Alas their site doesn’t allow me to sign-in.

Dismayed I file off an email as per their instructions to their Support department, seeing as their Customer Service Manager at this point can’t be bothered to answer her phone or reply to my emails from earlier that morning. I get no response so I call the Customer Care line. The senior agent I get put through to explains that it takes about 30 minutes AFTER the new password is sent for the password to be reflected on the profile. So I wait another hour or so and try again. No joy. I give up.

On Saturday around lunchtime I get an email back from the support department telling me to sign-in with the following password and notice that it is indeed my password, not a new one, but my password is there in the email in clear-text!

Appalled by this I email the Customer Service Manager and explain how its not cool for Kalahari to store passwords in clear-text or even using reversible encryption, to which I get the following befuddled response clearly showing that the management doesn’t understand technology or how to read emails properly:

The support desk sign into your profile via our internal system called KMS, that enables us to do this without seeing / using your password.

What she failed to understand is that their Support staff managed to extract my password as clear-text and email it to me.

So now for the non-technical of you out there, let me put this in simple terms. Kalahari states in their Terms & Conditions:

You allow Kalahari to take all reasonable steps to ensure the integrity and security of the Website and back-office applications.

However it doesn’t appear that they implement the most common website security namely securing passwords. A common and recommended practice is for the website to store a one-way/non-reversible hash of your password. This means that if a hacker gets hold of their database or possibly even a disgruntled employee, they have no way other than brute-force to figure out your password.

But surely that shouldn’t be a problem as we all follow best practices and secure every site with a different password. Yeah right, not many people could be bothered. After all how dangerous is it if your Kalahari account is hacked ? Well What if you Kalahari password is the same as your company email account password or your online banking password? The risks are present, just not always clear to all.

My lesson out of this post is as follows, ensure every site and/or service you use has a unique and complex password. Use phrases, include spaces, include punctuation. Worried you will forget them, encrypt them using a master password in a password manager like 1Password (it syncs over DropBox onto all your devices). Just don’t be caught off-guard because sites like Kalahari don’t take all reasonable measures to ensure your data is safe.

Kinect for Windows announced

It was bound to happen. Soon after Xbox launched the revolutionary Kinect sensor/controller for the Xbox 360 platform developers and hackers alike quickly found ways of getting it to work on the PC platform. Now a year after launch, Microsoft has announced a Kinect for Windows commercial program to be launched in early 2012.

I think the corporate boardroom could become a more interactive experience. Just think what product like Microsoft Lync and PowerPoint could do with a Kinect sensor.

The official press release follows:

Johannesburg, South Africa – 31 October 2011 – One year ago this week, Xbox 360 set out to change the way we interact with games and entertainment with the launch of Kinect for Xbox 360. Controller-free games and entertainment – once the stuff of science fiction – had become a reality through the magic of Kinect.  Sales immediately soared with more than 10 million Kinect sensors sold, setting the Guinness World Record as the fastest-selling consumer electronics device in 60 days along the way.

Kinect opened up Xbox to a broad set of new audiences bringing new categories of entertainment to the platform.  Leading brands such as Disney, Sesame Street and National Geographic were inspired by the simplicity and intuitiveness of Kinect’s gesture control technologies, developing immersive, fun experiences for everyone.   

People were inspired. Six months ago, a diverse group of hobbyists and academics from around the world embraced the possibilities of Kinect. In a wave of creativity, they downloaded the Microsoft Kinect for Windows SDK and began developing creative applications and innovative uses in healthcare, education, art and so much more.  Microsoft has recognized this phenomenon as “The Kinect Effect.”

Marking the 4th of November anniversary of Kinect, (South Africa launched Kinect on 10 November 2010), Xbox 360 today announced that the Kinect for Windows commercial program will be launched early next year. The commercial program will give businesses the tools to develop applications that not only could improve their own operations, but potentially revolutionize entire industries. To date, more than 200 businesses worldwide—including Toyota, Houghton Mifflin Harcourt and Razorfish— have joined a Kinect for Windows pilot program to begin exploring the possibilities of Kinect. While no one knows what the future holds, if the past year is any indication, it’s going to be inspiring.

Sandton retailers that irk me

What’s the story with retailers that think the consumer must be honoured to be their customer? This weekend it really got to me, both times at Sandton City.

On Saturday night I tried to take two of my ex-pat friends to my favourite Thai restaurant, namely Wang Thai above the Nelson Mandela Square. We got there just after 9pm only to be chased away as their kitchen was closed for stock take. You gotta be kidding me! A stock take on a Saturday evening at the end of the month? That’s what Sunday morning is for damnit. Anyway Pappas on the Square next door was more than happy to feed us and the live entertainment was great too.

Now Sunday I found myself back at Sandton Shitty to watch Inception with friends – a great movie by the way – and found myself amidst the Sandton Winter Sale. Ok I’m not such a fan of the crowds but I love to shop, especially for tech. First stop, the Apple iStore for a wireless keyboard. Not a single salesperson offered assistance nor did they seemingly have any wireless keyboards on display or in stock. Useless!

Next stop, Incredible Connection – a trusted tech haven. Oh wait, it appears the store has moved from one side of the mall to the complete opposite side. No fear, brisk walk and lo and behold what do I find? A pathetic excuse for a tech store and not even the Incredible Connection store name to be seen – more HP and Vodacom signage than anything. A complete waste of my time!

My conclusion is to steer clear of the excuse that is Sandton Shitty.

Madiba Day Clean Up

On Sunday a bunch of us got together to celebrate Madiba Day at Zoo Lake as part of the 67 Minutes for Mandela campaign:

Mr Mandela has spent 67 years making the world a better place. We’re asking you for 67 minutes." Nelson Mandela turns 91 on 18 July, and the call has gone out for people everywhere to celebrate his birthday – and the global launch of Mandela Day – by acting on the idea that each person has the power to change the world.

The plan, inspired by David Alves, was to spend 67 minutes cleaning up around the lake and giving back. This isn’t the first time Dave has arranged such a venture and I seriously doubt it will be the last either. Next time I’m going to surely rope in a whole bunch of my friends as I’m sure a lot of them will want to give back.

Photo of Zoo LakeFor me this was actually the first time I’ve actually walked around Zoo Lake – yes yes shocking I know! It truly is a beautiful open space even during the middle of winter. There is an abundance of life ranging from duck through to lots of bird life. I was quite surprised to see so many families out spending the day in the sun and I’m definitely sure I’ll be returning for a picnic and to walk around.

IMG_3865Thanks to the Megan and the dancers from The Duncan Studio of Celtic Dancing who wore the Guerrillas Gone Green jumpsuits proudly and collected oodles of trash. They were literally diving into the bushes to find and remove the trash.

Later we were joined by a family that expressed interest in what we were doing and even brought a refuse trailer along to assist with the refuse removal. Great one guys!

Here are a few photos from the day. Be sure to check out the complete album of photos over here.


How I fixed my iPhone 3GS

When I purchased my iPhone 3GS from Vodacom the tethering functionality wasn’t available and Vodacom couldn’t tell me when or even if it would be supported. So I followed some guidance on the interwebs and installed custom carrier profiles to try and fix it. It worked for a few days and then upon changing my cellular network APN name from to internet, the tethering option disappeared, never to return again.

When Vodacom finally released support for it in iPhone firmware update 3.1.2 the tething option still didn’t return. And then subsequently the Visual Voicemail feature also didn’t activate. This really became annoying and I decided to jailbreak 3.1.3 so I could make the iPhone a WiFi access point for my new iPad WiFi. Using Tether I managed to fix the tethering options but couldn’t get Visual Voicemail to work at all.

On release of iOS 4.0 my phone functionality got progressively more impaired when I lost the ability to send and receive MMS – the settings were there, but it just didn’t activate. Another nuisance was that I kept receiving a Vodacom carrier update which applied successfully every time yet continued to prompt me on the device and through iTunes.

After much procrastination I synced everything off my iPhone and saved my text message database by extracting it from the latest backup and did that awful thing – I erased all content on my iPhone. When prompted to I connected it to iTunes, activated it and set it up as a new phone, wishing not to restore bad settings to the phone. I checked out the settings and lo and behold, the entire cellular data network settings menu option had disappeared. Good grief, it was worse than before!


In addition under the About menu it reported that my Carrier was Not Available. Previously this had reported Vodacom 5.0 or Vodacom 5.1 if I recall correctly.


I then attempted a restore to iOS 4.0.1 from within iTunes itself. It must have done something differently as suddenly my iPhone now has tethering, MMS and Visual Voicemail all working perfectly. Oh and the Vodacom 7.0 carrier update applied and soon afterward the Vodacom 7.1 carrier update went through too.


So if you’re iPhone is acting all wonky, I highly recommend restoring it using the latest firmware and setting it up as a new phone.

New Xbox 360 hardware announced

Kinect controllerFirstly the much anticipated new motion controller previously known as Project Natal has been given the name Kinect. Its going to be available in North America in November 2010 and I’m expecting it will be available locally soon after – stock dependent. Oh and before you get all worried about upgrades, etc., it will work on your existing console. Yes, how is that for good planning and design.

The controller totally revolutionizes the way games are played and opens up complete new game genres at the same time. I can somehow see myself doing yoga in front of my TV and getting achievements for doing so. There goes that image of the fat kid on the couch.

New Xbox 360 SKUNext off we have a new console SKU announced available immediately in North America. Its basically a slimmer, sleeker and might I say sexy new Xbox 360 console featuring a 250GB hard drive, 802.11n WiFi built-in and its whisper quiet. And no, no Blu-Ray player from what we’ve been told yet.

Good news is the pricing is supposed to be the same in the US, no idea when it will be available in South Africa but I’ll keep you posted.

From the game demos during the live E3 coverage, Kinect is going to ship with 15 titles from day one built specifically for the new Kinect controller – I can’t wait to get my hands on one. Its game changing… excuse the pun.

Xbox LIVE launches in South Africa Summer 2010

Hot off the heels of the E3 game conference in the USA, Microsoft South Africa confirms that Xbox LIVE is heading to South Africa.

South Africa – 14 June, 2010 – Microsoft today announces its commitment to launching Xbox LIVE in nine new countries – Brazil, Chile, Colombia, Czech Republic, Greece, Hungary, Poland, Russia and South Africa – delivering the core gaming and entertainment features that have made Xbox LIVE the world’s premier online gaming destination.

“Xbox LIVE is about building communities and connecting people to each other and to great content. This expansion is another step toward our vision for LIVE – to deliver the entertainment you want, shared with the people you care about, wherever you are in the world,” said Marc Whitten, General Manager, Xbox LIVE.

The service will be available this summer and will focus first on delivering the core gaming and community features that have made Xbox LIVE the world’s premier online gaming destination, including matchmaking, friends list, Achievements, Gamerscore, a tailored Games Marketplace and more.

“This is an exciting step forward in the experience we can deliver to our loyal and committed Xbox communities,” states Yvette van Rooyen, Product and Marketing Manager, Xbox 360 South Africa. “Xbox fans in South Africa will now be able play the best games in the industry with the 23 million other Xbox LIVE users across the world who have made this their online gaming destination of choice. “

Naturally this is fabulous news for South African gaming, but we all knew it was coming, just didn’t know when exactly. It makes sense though with the rollout of Windows Phone 7 using Xbox LIVE features. Now all we need to get is a firm date of when and what will happen with Xbox LIVE accounts for early adopters – will we need to/be able to migrate across countries for billing purposes or will the restrictions be lifted entirely.

I told you all Xbox LIVE will be coming to South Africa.

Photos from the Johannesburg 27dinner

On Wednesday night a bunch of geeks, nerds and wannabe geeks packed into the upstairs section of Primi Piatti in The Design Quarter Fourways for the final 27dinner of 2009. This time there were no formal talks just lots of socialising and some really awesome grub.

It also proved an excellent opportunity for me to test out my new 50mm f/1.4 prime lens without blinding people with a flash. Unfortunately though I didn’t check my auto-focus setting and as a result quite a few of my shots are a tad blurry. But that’s what being an hobbyist photographer is all about, learning.

@mikestopforth Mike can haz pizza

@SnowgooseSAHeidi is huge on Twitter…

@vincenthofmannVincent is the the man

@donpackett & @CraigrodneyNormally there is only on person, but Don and Craig both have cheesy grins


You can find the rest of the photo album over here. I welcome your comments.

Making date and time sense from the SQL Server Agent job history table

Sometimes you’ve got to wonder why database developers do things the way the do. Take for example the sysjobhistory table in the SQL Server msdb database. Its got two awful columns namely run_date and run_time. Why are they awful you ask? Well because they are integer representations of the date and time. Just look at the following examples to see the stupidity.

run_date run_time Actual
20091123 230000 2009-11-23 23:00:00
20091123 230001 2009-11-23 23:00:01
20091123 234500 2009-11-23 23:45:00
20091124 0 2009-11-24 00:00:00
20091124 0 2009-11-24 00:00:01
20091124 1000 2009-11-24 00:10:00
20091124 3000 2009-11-24 00:30:00
20091124 10000 2009-11-24 01:00:00
20091124 10636 2009-11-24 01:06:36

Now if you’re wanting to do something meaningful with them you’ll want to represent them as a DATETIME data type most likely. After searching for a quick and easy way I decided to hack a quick bit of TSQL up and put it up here so hopefully others might benefit.

            STUFF(STUFF(CONVERT(VARCHAR, [run_date]), 7, 0, '-'), 5, 0, '-') + 
            ' ' + 
            STUFF(STUFF(RIGHT('00000' + CONVERT(VARCHAR, [run_time]), 6), 5, 0, ':'), 3, 0, ':'), 120)
FROM    [msdb]..[sysjobhistory]

Let me know in the comments if you found it useful or if you have a more elegant way. If you use it a lot, make a user-defined function taking in the two values. I leave that in your capable hands.

Silverlight 4 beta and my disappointment with the WebBrowser control

Silverlight 4 logo by Tim Heuer So as most of you probably know by now, Silverlight 4 has been announced and a beta is already released, you can head off over here to find out what’s new and to download the bits you need like Visual Studio 2010 Beta 2, etc. One big warning though, if you have the Silverlight 3 SDK installed on your machine, uninstall it before installing Visual Studio 2010 as it might barf the Visual Studio 2010 installation.

So one of the features I’ve been eagerly awaiting in Silverlight 4 is the new WebBrowser control. Yeah as strange as it may seem I want to embed some web content in a Silverlight control. Well not a control as such but more a Silverlight application. And I’ve managed to do it since Silverlight 2 by creating iframe elements in the underlying HTML DOM and absolutely positioning them over my Silverlight control, all from within the Silverlight application. This has however one major limitation – you can’t put Silverlight content on top of the HTML iframe unless its in a seperate object element which doesn’t exactly suit my needs.

Silverlight 4 WebBrowser doesn't play niceAnd it turns out that the Silverlight 4 beta WebBrowser control suffers the same horrible fate, as you can see in a screenshot of a quick test application on the left. Except it has another awkwardness to it – it has to be run out of the browser as well. Looks like I’ll be sticking to my iframe approach for in the browser and consider using the WebBrowser control for out of the browser only.

Now don’t get me wrong, I do like the new control, but I would like it to be even better. If anyone on the Silverlight team reads this, please make the WebBrowser control a proper Silverlight control that can have pure Silverlight controls over it.