Category Archives: Timing

Hacking, QA, and software bugs

Swordfish film - Wiki
Swordfish film – Wiki

A few weeks ago I wrote about software development and hacking, and this is a loose follow-up. The image of hackers presented in films – Swordfish is a fair example, or GoldenEye – is of rather scruffy individuals who type incredibly quickly with keyboard at arms length, undeterred by all kinds of enticing distractions around them.

But most often, a successful hack is the result of careful analysis into some existing code, and a good dollop of insight into what kinds of precautions developers forget to take. In that, it shares a great deal in common with my own trade of QA. Effective software testing is not really about repeating hundreds of test cases which regularly pass – there are automated ways of dong those – it’s about finding the odd situations where proper execution fails. This might be because some developer has copied and pasted the wrong code, but it’s much more often because some rare but important set of circumstances was overlooked.

Trojan horse illustration (Wiki)
Trojan horse illustration (Wiki)

Missing values, extra-long pieces of text, duplicate entries where only one was expected, dates in weird formats – all these and many more keep us QA folk in work. And problems can creep in during the whole life of a product, not just at the start, Every time some change is carried out to a piece of software, there is the risk of breaking some existing behaviour, or introducing some new vulnerability which can be exploited by somebody.

It has been said that a great many of these things persist through laziness. One particular hack exploit – “SQL injection” – has been around for something over 15 years, in essentially unchanged form. You would think that by now, defences would be so automatic that it would no longer be an issue. But it is, and systems still fall prey to a relatively simple trick. I have worked with a lot of different computer languages, and find that pretty much the same problems turn up in any of them. As computer languages get more sophisticated and more robust, we expect them to do more interesting and more complicated things,

Estimated cost of data breaches in Germany (Wiki)
Estimated cost of data breaches in Germany (Wiki)

QA and hacking are at different parts of a spectrum, and a fair proportion of hackery goes on specifically to help firms and charities find weaknesses in their own systems. The legal distinction of when an activity crosses a line has to do with intention of malice, though a number of governments take a much stricter line where there own systems are concerned.

What has this to do with fiction? Well, Mitnash and Slate spend a lot of their time tracking down and defending against hacking in the area of finance. Their added complication is that the physical locations they travel to are scattered all around the solar system, with journey times of weeks or months, and signal times of hours. It is interesting to think about how hacking – and the defence against it – might evolve in such a situation.

In Timing, due for release in the late summer or early autumn, they are first sent to Jupiter to resolve a minor issue. It doesn’t seem very interesting or important to them. But then a much larger and more serious matter intrudes. To their dismay, the hackers – malicious ones in this case – have designed a new form of attack which our two heroes don’t really understand. They need help, and aren’t very sure they can trust their new-found helper.

To finish with, I can’t resist adding one of NASA’s pieces of artwork concerning the Juno probe, now successfully in orbit around Jupiter. It’s a great achievement, and we can look forward to some great science emerging from it.

Juno at Jupiter - NASA/JPL
Juno at Jupiter – NASA/JPL

A short extract

I have had major broadband problems this week as BT have struggled to get their equipment working properly. So today is just a short post, mainly to say that Far from the Spaceports is on Kindle countdown offer for the next few days.

Far from the Spaceports cover
Far from the Spaceports cover

This means from ( it is just 99p, and from ( just $0.99. Both prices go back to their regular values in the middle of next week, so don’t delay!

Meanwhile, I am preparing the sequel Timing for release later this year, probably in the early autumn, and here is a short extract to be going on with.

Rydal opened her door just as we turned into the little access corridor down to her door. Slate had signalled Capstone, presumably. Like a lot of the entrances I had already passed since the dock, the approach was decorated with murals. She had chosen a butterfly theme, and I touched the delicate blue wings of one as I passed.

My greeting was awkward, and whatever words I chose didn’t sound at all fluent, but she didn’t appear to notice. It finally occurred to me that her anxiety about the coming crisis was back in the ascendant, and she didn’t have much emotional space left to be attuned to my problems. She hugged me in a sisterly way, and turned back inside.

“You’re a bit earlier than I thought, Mitnash. Come in for a few minutes while I finish getting ready.”

We went in. She had suspended gauze in loops and strands from the ceiling to soften the bluntness of the original drilling. For some reason it gave the sense of being in woodland. She gestured towards the back wall.

“You go and talk to my pets for a while. I won’t be long.”

The idea of pets intrigued me. I thought of the parakeets that flocked around the St Mary’s market area, and wondered if she had a couple of those somewhere.

There was a clear panel, floor to ceiling, separating the living room from a separate, much narrower chamber. At first all I could see was vegetation, lots of leafy stems with exotic flowers. It was all too small and cluttered for parakeets, and I was perplexed.

Then something moved. I had thought it was a flower, but it had wings, and with an abrupt internal shift I realised that it was a butterfly. Now that I knew what to look for, I could see more in there, a couple of dozen, of several different varieties. Most were resting, others were eating some sort of syrup. All at once, with no signal that I could see, two of them took flight, wings alight with colour as they danced around the chamber for a while before settling again.

“So how do you like my little friends?”

Rydal had come back while I had been fascinated by the pair. I kept watching, hoping to see another one in flight.

“I have never seen anything like it. They are quite extraordinary.”

I caught my breath as another pair took to the wing and circled each other for a while.

“It must be difficult keeping the environment just right for them.”

I didn’t know much about butterflies, but I had heard that ones this large needed a lot of heat and moisture. She moved close to the glass, watching the pair flit about. I looked at her reflected face, peaceful in contemplation of flight.

“Not very different to us humans, when you compare it to what’s outside of here.”

She gestured towards the ceiling. The first time I had been on the Scilly Isles, I had been disturbed by the thought of airlessness so close. It had seemed different to the experience on board a ship, in some visceral way I could not explain. That had changed, and I was now unphased by the thinness of the skin which kept me safe here. Instead, I was captivated by her words, and was imagining us as human butterflies, straying out of our inner system home, moving away from the sun which had overseen our birth.

She turned suddenly, to catch me looking at her, and the spell was broken. Her anxiety and my shame resurfaced.

“Shall we go?”


Coding – past, present and future

'Hello World' in JavaScript (Wiki)
‘Hello World’ in JavaScript (Wiki)

Today I thought I’d write about coding. Not in a technical manual, how to do your first “Hello World” widget kind of way, but just to give a general sense of how it’s done, and how things have changed over the years. This was prompted by the passages I have been writing for Timing recently, in which Mitnash and Slate have been crafting a fix for a particularly unpleasant hacking threat. The plot is all wrapped up in blackmail and personal relationships, but their ability to code is what gets them sent here and there. But first, let’s look back in time.

Colossus being operated at Bletchley Park (WIki)
Colossus being operated at Bletchley Park (WIki)

Not so many years ago, computers were relatively simple things to work with. They didn’t look it – all the complexity was visible by way of valves and a spider’s web of cables connecting them. But the range of things you could tell them to do was quite limited. The available options were limited, and they were essentially isolated from each other. Today’s computers are almost the opposite – they look simple on the outside, but they have a hugely expanded range of capabilities, sensory inputs, and ways to communicate with nearby devices.

The art of the coder has changed along with that. Once upon a time the programmer had to do everything. If you wanted to draw a blob on a screen you had to know exactly which bit of memory to poke with which binary digit. You needed to master a whole range of disparate skills in order to accomplish quite modest tasks, and oftentimes you needed to deal with the innards of the machine’s firmware. Porting the results to a different machine was a serious challenge.

Logo Neuframe (I worked on this, long ago)
Neuframe (I worked on this, long ago)

Times have changed. If you need graphics animation, or remote communication, or artificial intelligence, there’s a library for that nowadays. Today’s coder relies on standard modules and frameworks, pulling in this one and that as the need arises. Moreover, he or she is insulated from the nuts and bolts of the device, so can write essentially the same program to run on a high-end server, a regular desktop or laptop, and any one of hundreds of different mobile devices. That is enormously liberating, but brings in a whole raft of new problems.

Does the borrowed code actually do what you want, neither less nor more? Do you trust the library writer with the innards of your system and, what is usually more precious, the data it contains? Does it already come with adequate security against hacking, or do you need something extra? On one level, the coder is freer than ever to be creative with a wealth of open source material, but to offset that, there’s a long and rather dull checklist to work through.

Some while ago I made the transition from pure development to testing and QA: it’s a decision I have had no cause to regret! I still get to write code, but it’s behind the scenes code to validate, or sometimes to challenge the work of others. QA has changed over the years alongside development. Once upon a time there was an adversarial relationship, where the two teams were essentially pitted one against the other by commercial structures, with almost no rapport or dialogue. That has largely gone, and the normal situation now is that developers and testers work together from the outset – a collaborative effort rather than competitive. There’s a lot of interest in strategies where you write the tests first, and then code in such a way as to ensure they pass, rather than test teams playing catch-up at the end of a project.

Certified Ethical Hacker qualification (
Certified Ethical Hacker qualification (

Coding and hacking are central to the plot of Far from the Spaceports, and its successor Timing. Hacking, then and now, isn’t necessarily bad. It all depends on the motive and intentions of the hacker, and the same techniques can be used for quite opposite purposes. Some of the time Mitnash and Slate are hacking; some of the time they are defending against other people’s hacks.

I have taken the line that the (future hypothetical) work of the ECRB, to – protect financial institutions against fraud and theft, would need a freelance coder more than a policeman. Moving from place to place around the solar system’s settlements takes weeks or months, and even message signals can take hours. It seems to me that it would be much more efficient for ECRB to send someone who could actually identify and fix a problem, rather than someone who might just chase after a perpetrator.

On one level, Mitnash has it easy. He can pass all the necessary but time-consuming work of testing, validating, and productionising his code to somebody else. If I ever worked with him, I’d get frustrated by his cavalier attitude to the basic constraints of working in a team, and his casual approach to QA. But then, he gets to travel out to Mars and beyond, and has Slate as his team partner.

Artist's impression: Dawn, Ceres and Vesta (NASA/JPL)
Artist’s impression: Dawn, Ceres and Vesta (NASA/JPL)

Bits and pieces

Daybreak at Gale Crater (NASA/JPL)
Daybreak at Gale Crater (NASA/JPL)

Several bits and pieces to talk about today. First, I was nominated in one of these “post seven lines from page seven of your current Work in Progress” challenges. It’s always a bit tricky picking out where page seven is, since I write initially for Kindle. But what follows is a fair guess. The story is (provisionally) called Timing. It opens with Mitnash and Slate back on the Scilly Isle asteroids, having just come in from a long and seemingly dull trip out to one of the moons of Jupiter. They are at Frag Rockers Bar with their friends, and one of them has just mentioned a leaflet which appeared recently, circulated by a group called Robin’s Rebels which Mitnash has never heard of.

Eibhlin took the leaflet from Rydal.

“Here, listen. ‘We are the voice of the downtrodden poor. Financial oppression is slavery; deals and investments are today’s whips and chains. But we speak for freedom and justice, and we have the technical talent to fight back. We will strike again and again at these parasites until the entire system is destroyed, root and branch. We will force out those who grow rich from others by means of clever financial tricks, and make them work at honest labour. You do not know us yet, but you will know us soon.’ Then there’s quite a bit more, all much the same.”

Finn was reading over her shoulder.

“Sounds like they’re up for a fight. Do you think they’re for real or just making noise?”

Robin’s Rebels feature prominently in Timing, along with several other old friends and adversaries – and new ones. As well as on the Scilly Isle asteroids, some of the action takes place on Mars and one of its moons, Phobos. All being well, you will find out more about all this towards the end of the summer…

Sruti Nayani (Google+ photo)
Sruti Nayani (Google+ photo)

As well as that, Far from the Spaceports has appeared in several reviews and interviews, which has been very gratifying. There has been something of an international flavour here. Sruti’s Book Blog, over in India, carried a review and two-part interview, which can be found at:

What was interesting about the book besides the awesome set up, and the background, was the author keeping in touch with the subtle ways of humans, way into the future.

Of course, there is fraud and there are people investigating it, but he manages to grab the reader’s interest, right at the start. How do the two of them manage to solve the mystery? How does it all work, in an environment that is so different from ours?

Arnis Vēveris (from his blog)
Arnis Vēveris (from his blog)

Then we move to Latvia, where Arnis Vēveris reviewed Far from the Spaceports on his blog. He kindly provides an English translation along with the Latvian. Among other things, he wrote:

“Wonderful atmosphere, great dynamics between characters and good mystery about the financial case”.

Don Massenzio (from his blog)
Don Massenzio (from his blog)

Then finally it was over to the US of A for an author interview with Don Massenzio, including an extract featuring the Frag Rockers Bar, my favourite hangout on the Scilly Isles. This starts with some easy questions like

DM: Can you summarise your book in one sentence?
RA: A human-AI partnership tackles hi-tech financial crime among the asteroids.

and then moves through several other questions to finish with the extract I mentioned.

Far from the Spaceports cover
Far from the Spaceports cover

News from the asteroid belt

I thought it was about time for another space-themed blog today, so here are some interesting recent finds.

Ceres' Haulani Crater, from 240 miles up (NASA/JPL-Caltech/UCLA/MPS/DLR/IDA)
Ceres’ Haulani Crater, from 240 miles up (NASA/JPL-Caltech/UCLA/MPS/DLR/IDA)

First, here is a high-resolution NASA picture of Haulani Crater on Ceres, taken from an orbital altitude of under 400 km.  The crater is about 21 miles in diameter, so would comfortably fit inside the M25 motorway around London. The level of detail is quite extraordinary, showing not only surface features such as landslides, but also allowing some inferences about the relative age of the different portions.

The scattering of bright spots on the surface of the asteroid has excited a great deal of conversation since they were first identified as Dawn drew closer on its long journey. Even with the close-up views, uncertainty remains, and probably will do until such point as something can actually land there. Meanwhile, the best guess is that they reveal traces of chemical deposits, probably some kind of salt. When you read of the asteroidal settlements called the Scilly Isles in Far from the Spaceports, imagine scenes like this out on the surface…

Pluto’s atmosphere, backlit by the sun (NASA/JHUAPL/SwRI)
Pluto’s atmosphere, backlit by the sun (NASA/JHUAPL/SwRI)

Atmosphere! When you read old science books, or old science fiction, most moons and similar small objects were believed to be completely airless bodies. Atmospheres were thought to be the province of “real” planets. But the more we have been able to get a close view, the more we realise that atmospheres are the rule rather than the exception. This image shows the view of Pluto captured by the New Horizons probe as it receded further away from the sun – the atmospheric haze extends out to about 80 km, considerably further than anybody had expected.

These atmospheres are generated by a whole mix of local conditions. These include the effects of the distant sun’s warmth driving chemical reactions, nearby bodies flexing the surface slightly, and so squeezing gas out of the rocks, as well as internal chemical or seismological actions. Now, it’s as well to remember the vast majority of the gases found are not only toxic, but also far too thin to be of much use… nevertheless finding them at all has been a surprise.

A 'dust devil' in Marathon Valley, as seen by the Opportunity rover (NASA/JPL-Caltech)
A ‘dust devil’ in Marathon Valley, as seen by the Opportunity rover (NASA/JPL-Caltech)

Finally, Mars. A good chunk of my forthcoming book (which currently has working title Timing) is set on Mars and one of its moons, so naturally I have been following discoveries there with interest. Now, our present selection of gadgets on Mars, while extremely clever and carrying out their missions in exemplary manner, come a long way short of what I have in my fictional imagination. Mars in the new novel has a wide variety of different communities, from a financial training college out near the giant mountain Olympus Mons, through to an anarchic and hedonistic settlement at Elysium Planitia. We are some way from achieving those yet, but there’s plenty of time…

That’s it for today. There seems to be plenty to discover out in the solar system. Some of the findings reinforce what was previously believed, but others open up whole new and unexpected areas. Happy reading – both fact and fiction.