A credit card worth having

My general view on debt is that is it is that is mainly useful when acquiring an asset that will give you some tangible returns. For example, if a business wants a loan to buy some machinery that would allow them produce their widgets more efficiently, then that is a good reason to borrow. On the other hand, if a person runs up huge debts buying clothes, then clearly that’s not so good.

So when it comes to debt, and credit cards in particular, I think we need to be very careful. There is a tendency for some people to think that credit cards are free money; they don’t realise the pain of paying it back until it’s far too late.

Of course credit cards are not just about debt. They can be useful in protecting you against dodgy traders or companies going bust and if you pay them off in full every month, you can even profit from them if they offer cashback.

I got my first ever credit card around the year 2000 when I was 18, and it was an Egg card. The reason I chose that card was that they allowed you to manage your account on-line, charged lower fees, and offered a good rate of cashback. However, over the years since they have steadily upped their fees and reduced the cashback, so much so that its benefit now is almost negligible.

Capital One World Mastercard

Last year, Brendan (the king of credit cards) alerted me to a much better cashback card. It’s called the Capital One World Mastercard, and it’s essentially a cashback card that will pay you 1% of whatever you spend on it. If you shop sensibly, this means a further 1% discount on everything you buy, and because it’s a Mastercard it will be accepted pretty much everywhere.

However, the main reason I decided to write about them today is that I just tried out their new online banking system and it is probably the best I have ever used. I say this because it allows you to download your statements in a number of formats such as QIF (Quicken / MS Money), CSV, Tab Delimited etc and for every transaction it provides detailed information including even the MCC / SIC (standard industry classification) code. It also gives you the Merchant’s town and postcode.

All I need now is a good accounts package to import these transactions into!

Site seeing in Rural Andalucia – Ronda

Aimi and I have been on a bit of a mission to find a wedding venue in Spain for the past week or so, but yesterday we took some time out to do a little site seeing. When most people think of Spain, the first thing that comes to mind is probably the hotel-lined beaches along the Costa del Sol with their hordes of sun seeking tourists.

If you drive just a little way inland a different picture emerges. Rhonda is a great example. Less than an hour’s drive from the coast, it is an historic town surrounded by beautiful mountainous countryside. Anyway, enough words, I’ll let the pictures that we took do the talking.

Rhonda’s new bridge was completed in 1793. The gorge is spans is almost 100 metres deep.

Secure browsing on an insecure network – the easy way!

In my post yesterday, I talked about how to securely browse the web on an insecure Internet connection. The method I used was to install a proxy server (squid) on a trusted machine and ssh tunnel to it. However, one of my developers, Andy, kindly pointed out to me that there is a much easier way – just use SSH’s dynamic port forwarding as a SOCKS proxy.

To create the tunnel:

ssh -D 3128 root@pablo.bunker.fubra.net

To configure OS X to use the proxy, go to System Preferences > Network > Advanced > Proxies

OS X SOCKS Proxy Settings

Tick SOCKS Proxy, and specify the server as 127.0.0.1 port 3128, then click OK and Apply on the following screen, and that’s all you need to do!

Secure browsing on an insecure network with my Macbook

UPDATE: There is a much easier way to achieve a secure tunnel/proxy that doesn’t require squid to be installed. I’ve blogged it here. The method described on this page may be useful if you want to log the pages you visit. Also, if you wanted to block out ads, you could swap out sphinx for another proxy such as privoxy.

I’m currently on holiday in Avoriaz in France, and I’m browsing the Internet via an open wireless hotspot. Given how easy it is to intercept traffic on an open wlan, this could have posed a bit of a security problem as a lot of the website admin panels I access (including my blog’s wordpress admin) are in an insecure (http) area.

However, there is a solution that ensures that all my traffic (not just https) is encrypted, at least until it gets back to a more trusted part of the Internet.

The solution involves setting up a proxy server (squid) on a trusted server somwhere (e.g. a datacentre, or your home or office) and then connecting to this server via an SSH tunnel.

For this particular howto you will need the following:

  • An Apple laptop running OS X 10.5 (Leopard)
  • A Linux server (preferably running Centos / RHEL) in a trusted location

Installing Squid on your Linux Server

Firstly install squid using your desired package manager… I have a Centos 5 server, so I’m going to use yum:

[root@pablo ~]# yum install squid

Next, edit the squid config to allow any local ips that might be listening on that server:

[root@pablo ~]# vim /etc/squid/squid.conf

I added a line to allow my servers public ip. NB, at this point we aren’t permitting your laptop’s IP, only the local IP addresses on your server.

acl localhost src 127.0.0.1/255.255.255.255
acl localhost src 87.124.70.62/255.255.255.255

Now setup the runlevels for squid so that it starts when your server starts:

[root@pablo ~]# chkconfig squid on

If that worked, it should be set to on for run levels 2,3,4 and 5:

[root@pablo ~]# chkconfig --list squid
squid 0:off 1:off 2:on 3:on 4:on 5:on 6:off

Finally start squid if it isn’t already running:

[root@pablo ~]# service squid start

Setting up your laptop to use the secure proxy

To get the laptop using our secure proxy, we must do two things. Open an ssh tunnel to the proxy, and then setup Safari (or your browser of choice) to use this proxy for any required connections.

To setup the secure SSH tunnel from port 3128 on your laptop to port 3128 on the squid server, just run the following command:

paul-macbook:~ paul$ ssh -L 3128:localhost:3128 root@pablo.bunker.fubra.net

Then all you need to do is configure Safari (or Firefox) to use port 3128 on your local machine as its proxy, and all traffic will be routed via this secure tunnel before being re-routed to the rest of the Internet. Of course, this won’t secure your browsing from then on, but you can at least be sure that it is not being intercepted by fellow users of the wifi hotspot.

So click on the Safari Menu at the top of the screen, and then click preferences (or press CMD + ,) This will open up the Safari preferences. Make sure you have the advanced tab open.

Safari Advanced Settings Menu

On this menu, click the Change Settings button next to Proxies. This will take you to the System Preferences Proxy menu.

OS X Leopard Proxy Settings

Select the protocols you wish to enable the proxy for (in my case I just chose HTTP), then fill out the proxy server address, which is 127.0.0.1 (localhost) and the port, 3128.

And that’s it! You should now be able to browse the web as if you were using your Linux server directly. This method has the added advantage that it can be used to bypass geographic ip based restrictions, as it makes you appear to be where you server is located.

Bed Bugs

My friend Jake is currently staying in Malaysia. Last week his Mother came to visit him, and they stayed in the Heeren Inn in Melaka. Unfortunately for them, the beds were ridden with bedbugs, and after their first night’s stay Jake’s poor mum was bitten more than 50 times. The worst thing is that the owner of the hotel did not even care!


Under the microscope….
Bed Bug
A bed bug feeding….
Bed Bug
Full with blood….
Bed Bug