My combined Ashes squad to tour South Africa

Not a real tour, just hypothetical.

First XI

  1. Rogers
  2. Warner
  3. Bell
  4. Pietersen
  5. Clarke *
  6. Watson
  7. Haddin †
  8. Swann
  9. Siddle
  10. Harris
  11. Anderson

Rest of the squad

  • Cook
  • Root
  • Bairstow
  • Broad
  • Bresnan
  • Tremlett

Seven Aussies in the first team

Yep. I think Rogers is a marginal choice over Cook but it’s my team so I’m picking him. All the subs are English, although again Bairstow was a marginal pick over Khawaja. Nobody making a cast iron case for this spot though.

No Prior?

Bairstow is the reserve keeper and in slightly better form with the bat.

Broad not in the first team?


And Tremlett? He didn’t even play.

The other candidates rules themselves out by playing. Onions was unlucky.


The Decision Review System (DRS) – Part 1: Introduction


Part 1: Introduction <- You are here
Part 2: Technology
Part 3: Reviews & umpiring
Part 4: Proposals & conclusions

Ashes DRS horror show rolls on - Daily Telegraph

Aims & origin of the DRS

TV replays

Before the DRS was introduced we had two umpires on the field with nothing but their eyes and ears with which to make a decision. Television viewers, on the other hand, had the benefit of slow-motion replays and an increasing number of technology-led analysis tools that were developed to give the commentators something to talk about.

It was becoming clear that umpires’ on-field decisions were not as good as had hitherto been believed. Pressure grew for umpires to have access to the same technological aids that the TV commentators were using.

Preventing the howler

Eventually a compromise was reached. Technology would be made available to the umpires on the basis that it would enable them to correct the occasional grossly bad decision. Human error is always a possibility, went the theory, and if we can cut out some of the outliers then the average decision quality will be improved.

The TV umpire was introduced, first to re-examine run outs and stumpings, then to check on bump-ball catches, finally to allow reviews of LBWs and caught behind decisions.

And somewhere along the way the original message was lost. The DRS was seen now not as a way of highlighting grossly bad decisions but as an oracle that could determine the exact truth of any decision. I don’t know how this happened but it is now firmly stuck in people’s minds that the DRS is supposed to be 100% accurate.

It demonstrably isn’t of course. We’ll go through some of its shortcomings below – there are many. But each time the DRS fails to give the viewer an unambiguous, incontrovertible report on what happened, the calls for its abolition grow louder. The pitchforks are brandished most vehemently of course by the supporters of whatever team was most recently “robbed” by the villainous DRS, but all the protests contribute to the noise and the background noise is growing.

Perception & complexity

Perhaps the message of the DRS is too complicated? The DRS can say “Yes, it’s out”, “No, you’re probably right” or “I don’t know either, frankly”. Simple messages to me but this is a world where journalists want to know “Is that beefburger safe?” and a cabinet minister has to push one into his daughters’ face to answer the question. Because it’s not “yes” or “no” but “in all likelihood, yes, to the extent that the minor risk to my daughter is bearable”.

Journalists and TV commentators seem unable to assume any numeracy at all in their audience. Although arts journalists are allowed to cite Goethe, Dvorak and Klimt without supporting explanations, any probability information that is presented to a viewer has to be reduced to a simple binary answer.

Here’s Jagmohan Dalmiya of the BCCI[1] pretending to be stupid (he isn’t):

We will accept DRS when technology is foolproof. There’s nothing in between. Full stop. Let them come up with a system which is 100 per cent correct. They couldn’t fix the Duckworth-Lewis problem in 15 years, what guarantee do we have about an error-free DRS? The Duckworth-Lewis method is beyond most of the players and administrators, let alone the common fans. I am still trying to figure out how can a team total be increased on basis of projection. The whole process is very complicated and confusing. And rather than solving the riddle, DRS creates more confusion in its present form.

- Jagmohan Dalmiya doesn’t see any hope for DRS in present form

There’s a book to be written about the real reasons why the BCCI actually refuses to allow the DRS to be used in India’s test matches[2], but concern for the fans is not one of them.

Perhaps that is simply a timid reaction to a new situation that the administrators fear the viewer will not understand. Perhaps the viewer is more intelligent than she is given credit for.

Here are some complex systems that seem to have survived despite the supposed ignorance of the sporting audience:

The Duckworth-Lewis method

The Duckworth-Lewis method is a way of adjusting the score of a limited overs cricket match that is affected by rain. Its aim is to ensure that the target that the team batting second is chasing is fair, taking into consideration all the factors that might have affected it.

The Duckworth-Lewis method is a rational answer to a complex problem. It could not be simpler without being unfair. It’s outcome is a single number which is easy to understand.

It throws up some unusual results that are at first counter-intuitive (see Jagmohan Dalmiya’s complaint above). These are easily explained by reference to the resources available to both teams, without any maths being needed.

The current Duckworth-Lewis par score can be calculated on a ball-by-ball basis and modern scoreboards incorporate this in their design. Both teams and the crowd know where they stand at all times.

Although the algorithm behind the Duckworth-Lewis method is opaque, it is now widely accepted by players and fans as a good approximation. Nobody is calling for it to be replaced by the previous crude adjustments based on average run-rate.

LBW law

The LBW law Law 36 (Leg before wicket) is complex and could in theory be simplified. Trying to explain the law to a cricket neophyte is troubling. “You mean it has to pitch in line with the stumps?”. “No, it can pitch outside the off stump but not the leg stump”. “But it has to hit the pads in line with the stumps, right?”. “No, only if the batsman is playing a shot”. Exit neophyte.

Calls for the LBW law to be reformed have existed throughout the history of cricket, and it has been reformed several times Wikipedia – Leg before wicket. But the law as it stands is widely respected despite its complexity and few, if any, are calling for change at the moment.

Offside rule in football

Cricket is not the only sport afflicted by irreducible complexity. Association Football’s offside rule has always been a target for merriment based on people’s poor understanding of it.

The offside rule has been reformed several times too Wikipedia – Offside (association football). But, while mocked, it has stood the test of time and will remain part of the game for the foreseeable future.

Too complicated?

So the evidence is that the DRS does not have to be presented as an infallible oracle. People (even “common fans”) are willing to accept complexity if they know it is the minimum required for fairness. The DRS can produce and in some cases evaluate a body of evidence that can help a TV umpire assess a colleague’s on-field decision. We can observe that process and appreciate the subtleties of what we are watching. It can be an interesting part of the game without patronising administrators and commentators telling us that we are too stupid to understand it.

[1] Board of Control for Cricket in India
[2] As Deep Throat said: follow the money.

Cricket: The Decision Review System in 2013

Much has been said and written about cricket’s Decision Review System (DRS) in the last few weeks. About 95.3% of what has been said is total rubbish. But it is time to take stock of what we’ve learned about the DRS, where’s going and how cricket can make the best use of the available technology to improve the spectacle for its paying customers.

I’ll publish this in sections – it’s turned out to be a bit longer than I thought…


Part 1: Introduction
Part 2: Technology
Part 3: Reviews & umpiring
Part 4: Proposals & conclusions

Ashes DRS horror show rolls on - Daily Telegraph


To be done:


Evidence of absence


Sources of noise

Cum hoc ergo propter hoc

Real-time Snicko



Margin of error & “umpire’s call”


Outfield catches



Run-outs & stumpings


Umpire-led reviews



Loss of reviews & “umpire’s call”

Umpire-led reviews

Current situation with run outs

Conflict of interest

Gaming the system – a strategy for selecting reviews

  • Australia’s poor choices
  • Evidence of emerging strategies

Umpires’ role & guidelines

Benefit of the doubt & “walking”

Authority of on-field umpire

Umpires’ union

TV umpire’s conflict of interest



No loss of review for “umpire’s call”

No umpire-led reviews

“Evidence of absence” principle

Communication & transparency



Evolution not revolution

Benefits for the paying customer


[1] Board of Control for Cricket in India
[2] As Deep Throat said: follow the money.

In which I tell you my password for this website


I exaggerate. I’m not really going to tell you my password but I am going to tell you roughly how I created it. You may find it useful when thinking about your own passwords.

Over the years I got into the habit of using the same weakish password for every website I registered on. This was OK for a while then one of the sites I use got its password hashes published and within a few days they were cracked and my password was there for all to see.

I decided to do the sensible thing and create a strong, unique password for each site I use. The two problems I had are the same as everyone else:

  1. I wanted the passwords to be easy for me to remember but hard to crack
  2. I wanted them to be easy to enter on my phone

The second design goal was the one which made my approach slightly different to other ones you see around.

Here’s how I make my passwords:

  • To make a password that’s unique for every site you need to incorporate some attribute of that site into the password
  • If you have multiple accounts on the site, each should have a different password. So your algorithm needs to take account of your identity too.
  • The password must be long enough to be strong but short enough to enter on a phone keyboard
  • The password should only use the characters available unmodified on your phone keyboard (it’s too painful to keep changing the keyset for me)

The characters I have available on my Android phone are the lowercase letters a-z and the punctuation keys “,”, “.” and space. Your phone may be different.

Here are the components of my password:

  1. A word that’s memorable to me, let’s say “fart”
  2. Some letters from the website’s domain name
  3. Some letters from my email address
  4. Some mandatory punctuation

An example. Let’s say I’m signing up to Facebook with the email address

My password would be fart fcbk ae.. ,,

It’s made up as follows

  1. My memorable word, “fart”
  2. A space
  3. The consonants from the web site’s domain name, padded out to a length of 4 by full stops.
  4. A space
  5. The vowels from the domain name of my email address, padded out to a length of 4 by full stops
  6. Some punctuation; a space followed by two commas.

So my password is 17 characters long: not perfect but strong enough for today’s brute force attacks. It uses all the keyspace available without fiddling around on my phone’s keyboard. It’s unique for every account on every website (barring coincidences). It’s easy to remember.

You can obviously vary these elements considerably to suit yourself. For instance you could use the last four letters in the website’s name, maybe reversed or something. Rearrange the elements I’ve used.

This isn’t my actual algorithm, by the way. Just a little bit like it.


  1. Please don’t tell me about the XKCD cartoon. I know about it. I’m not going to type in a 28-character password on my phone.
  2. A password using this algorithm doesn’t lend itself to dictionary attacks or even rainbow table attacks. A brute force attack using today’s hardware would take an inordinate amount of time according to this chart:


Post-Strauss England

Assuming Andrew Strauss resigns the captaincy after the current Test and chooses not to tour this winter, my team for the first Test in Ahmedabad in November would be as follows:

1. Alastair Cook*
2. Joe Root
3. Jonathan Trott
4. Ian Bell
5. James Taylor
6. Jonny Bairstow
7. Matt Prior†
8. Stuart Broad
9. Graeme Swann
10. James Anderson
11. Steven Finn

And the rest of the first-class squad:

12. James Tredwell
13. Graham Onions
14. Eoin Morgan
15. Tim Bresnan

Not 100% fit (mentally or physically) so not included: Ravi Bopara, Chris Tremlett

Unlucky: Monty Panesar, Chris Woakes, Samit Patel, Nick Compton

A bit boring and predictable for me, but I think that’s a testament to the good stuff coming from Andy Flower and Geoff Miller.

Getting online

I’ve been asked a few times recently for general advice about getting a new business or project online. Here’s the skinny.

Any new business or project is going to need an online presence. So you just need to go and register a domain with GoDaddy, right? Stop! First read this handy guide to how to get it right.

You need three basic things

  1. A registered name
  2. A way of telling the internet where your services are hosted
  3. Hosting for your services (web site and email at least)

When you register a domain name, the registrar will want to do all these things for you. That way they get to keep all your money. But there are good reasons for keeping everything separate. Now read on…

Choosing a name

It’s fun choosing your name, but it’s not easy these days because all the good ones have already been taken. Here’s some things to consider that you might not have thought of:

  1. A .com domain name.
    D’oh!  Of course you thought of that. But if you didn’t then you should. Plenty of people will try the .com version of your name even if you register it somewhere else.
  2. A domain name in another top level domain.
    If you plan to allow users to make comments on your web site or even to upload files then consider having an alternate domain name that is not subject to US laws.
  3. A Twitter handle.
    Twitter is pretty crowded these days and getting your name as a Twitter handle will not be easy. And Twitter doesn’t have a secondary market in handles so you can’t make someone else an offer for theirs..

Registering your name

You need to tell the gods of the internet that you have chosen your name. You do this through a registrar. Many companies will act as a registrar for you because it’s money for old rope. They will also offer you other services like hosting and email. Here’s why you shouldn’t use the same company for everything.

Your domain names are your branding (and your trademark if you register it). It’s your identity and you should keep tight control of it. If you were a big company then your domain names would be under the control of your legal or marketing department, not your techies. If you outsource your web development, for example, you don’t want the developers owning your brand – what if you fall out with them?

So register the domain names yourself, but don’t buy any other services from the registrar. Keep the credentials for your account at the registrar very safe. Nobody else needs to know them except you. Ever. If they say they do then they are trying to rip you off.

My recommended registrar: Gandi. Many countries have appalling internet legislation that compels internet service providers to pull your domain on the say-so of law enforcement agencies. France, where Gandi are domiciled, is no exception. But Gandi at least have a policy of pushing back when asked to do something that is not in the customer’s interest. GoDaddy, on the other hand, are happy to hand over your data and your domain to the US security services at the request of a junior officer.

You’ll also need to register a Twitter handle. To do this you’ll need an email address, so let’s defer this until we’ve got our domain email services working. Registering a Twitter handle is easy: you’re just creating a Twitter account in the normal way.

Hosting your services

It’s no good having a domain name unless you use it for something. Here’s some of the services you might use it for:

  1. Email
    You’ll probably want email addresses at your domain ( The easiest way to do this is Google Apps. To complete the setup of Google Apps you’ll need to verify that the domain is yours – we’ll cover this in the following section about the Domain Name System. When you’ve got your email accounts set up, don’t forget to go and register your Twitter handle.
  2. Website or web application
    Traditionally your website would be hosted by a provider that gave you access to a virtual machine. On this machine would be a web server and you could simply upload HTML or PHP pages to create your site. The problem with this way of doing things is that it’s fiddly to keep track of what you uploaded and when. This model has been replaced somewhat by the idea of an application server. Providers like Heroku or AppFog will link to your web developer’s source code control systems to create more effective release control system.
  3. Blog
    Your blog is just another application, hosted by an application server. There are many companies that will do this for you. I happen to use WordPress software hosted on my own old-fashioned virtual server. But WordPress as a company will host your blog for you if you want.

Tying the bits together

As it stands we’ve got a domain name (good) and email addresses like (bleugh!) and maybe a website at (yuk!)

This isn’t what we want. We want emails like and our website to be at – how do we do this?

The thing we need is the Domain Name System (DNS). Your domain has name servers. These servers tell the internet where your own services are located. It’s a bit of internet plumbing that we need to use to tie it all together. Bear with me, it’s not that hard.

I recommend using Cloudflare for your name servers. They are specialists at this and they do a free account that gives you all your basic needs, plus a lot of extra value on top. The Cloudflare account setup gives you all the help you need to get your services running on the right domain names.

When you’ve been through the Cloudflare setup you’ll understand it a lot more. But the basic steps are:

  1. Tell the DNS where your web hosts are
  2. Tell the DNS where your mail servers are
  3. Tell your registrar who is running your name servers

The last step is what achieves the important separation of responsibility between your registrar and your other service providers. It gives you the freedom to choose the best-of-breed hosting provider, email provider and DNS provider. You don’t have to be tied to your registrar for these services any more.

If you’re using Google Apps, the final step is to verify to Google that you own the domain. Google Apps setup will help you through this, but it’s very easy with Cloudflare to set up a TXT record containing information provided by Google. You’ll see what I mean when you try it.

Comments and suggestions appreciated.