Tuesday, September 19, 2006

Maybe I'm just too cynical

It appears the Royal Mail have launched a service for buying and printing postage from the comfort of your own home. (As reported in The Register)

I'm too cheap to buy a stamp and see what it looks like but I imagine it will be one of those groovy 2-D barcodes. In principle, this is a great idea but I just can't help thinking they've probably slipped up somewhere.

I assume there are already cryptanalysts looking at this. My guess is that it will be cracked within two weeks and we will see a "Royal Mail suspends online postage 'experiment'" story shortly afterwards (it will be rebranded as an experiment after the fact).

Any advance on two weeks?

12 comments:

andyp said...

Having worked in that particular business.... they've been talking about this for nearly 10 years.

They did mention on the radio that each barcode would be unique, so you can't just photocopy them. I wonder though about the level of clever tech behind the uniqueness.

The issue that I'm sure that you are far more worried about is the erosion that this represents for the position of the monarchy, given the lack of the Queen's image on the online labels.

Richard Brown said...

Hehe... where did the suspicion that I am a royalist emerge from?

I must admit that my youthful republicanism has waned but I'm not sure I've yet reached the point where you'd find me on the barricades were they to abolish the queen!

Ben said...

There is a picture on the
BBC news site.

If the barcodes are just serial numbers chosen at random then it would be pretty hard to crack.

Richard Brown said...

Ahhh... that's a fair point. I was assuming they were generated on the client side - but, of course, they can be generated (perhaps at random) on the server side and simultaneously shared with the customer and the reading machines.

OK - perhaps it would be less easy to crack this than I suspected :-)

Andrew Ferrier said...

So let's say I post a letter with an invalid numbers/squiggly barcode-like thing. What happens? Does the letter get returned to sender? Am I expected to pay for that? 'But your website, Mr. Postie, it just broke'.

An interesting experiment might be to send out 100 letters with an invalid barcode and see how many were returned: I'm willing to bet that not all of them are checked.

Although I think this idea is a good idea in the long run, past experience suggests it will probably reduce the reliability of the postal system for a while.

Richard Brown said...

past experience suggests it will probably reduce the reliability of the postal system for a while.

How would we tell?!

An interesting experiment might be to send out 100 letters with an invalid barcode and see how many were returned: I'm willing to bet that not all of them are checked.

An examination of the logistics involved would probably reveal this to be the case (e.g. how many scanners have they installed? where in the building are they located? are there incentives acting on the sorting staff to "forget" to check them? (e.g. too much effort to walk to the scanner, etc)?

The inclusion of a very short expiry date also intrigued me. I originally thought it would be to stop you using the same label more than once but then I realised you could print it a hundred times. If you posted the letters into a hundred different letter boxes over the country, would the successful scanning of the first result in a failure for the other 99? would that imply some sort of centralised checking server (which could fail - in which case a backup plan would have to be used)... How would a failure be communicated to the sorting officer? would it be the same sort of "beep" as "cannot read"?

So many questions!

Andrew Ferrier said...

I'm not sure I know the answers to those questions (in fact, I'm sure I don't), but you can bet there will be ways round the system. But what's the risk/reward?

I assume that your average large company won't be using this anyway (franking machines and other systems probably already handle what they need).

Therefore I assume that the only category of organisation with a significant motivation to crack the system will be a small business, since individuals don't tend to send out large volumes of mail.

So Royal Mail, watch out for your local curry house sending out flyers on the cheap!

Richard Brown said...

Good points.

I should make clear to those readers who don't know me that I have no intention of defrauding the Royal Mail but it's a useful thought experiment to speculate on how things would be if postage was free.... perhaps private individuals *would* start sending more letters!

Andrew Ferrier said...

Maybe... but who would they sent them to? Almost everyone I know personally has an email address, which is far more convienient and rapid. The cost of a stamp/crappy barcode doesn't normally factor high in my decision about whether to send a letter.

So, sorry, I'm not convinced :)

I remember reading somewhere that Royal Mail make a large amount of their profit from junk (sorry, bulk) mail anyway.

Richard Brown said...

But remember: twenty years ago, nobody would have thought you could make money out of people calling *you*.... maybe we need some sort of "premium" addressing system whereby you have to pay £2.50 to get a letter delivered somewhere... and the recipient receives a cut. *Then* there'd be na opportunity here :-)

Andrew Ferrier said...

Hmm, an 09 number for mail? Would certainly give the adult industry something to go for - they're normally the first ones into such markets (ahem, so some guy told me).

But sure, I think it's a good idea. I wouldn't necessarily expect the Royal Mail to innovate that rapidly - at least until some decent competition kicks in, anyway. Unless of course they read your blog and steal your idea.

Richard Brown said...

Unless of course they read your blog and steal your idea.

Nobody was more shocked than I earlier this week to find that a user in the consignia domain had found this article via a technorati search for "online postage".....