Category: thoughts

#0004: Dangerous non-compliant BS1363 plug

Otto

#0004: Dangerous non-compliant BS1363 plug

picture of a non-compliant BS1363 plug, with a shrouded earth pin
picture of two BS1363 plugs, one with a shielded earth pin and another without.

Now, I am no electrician. However I’d like to think that I know enough to spot when a consumer device isn’t fit for purpose. In this case its a non-compliant (British Standard) BS1363 plug. Look at the above picture, can you tell which one is potentially dangerous. If you (probably, after looking at the title image) said the one with the shrouded earth terminal, you are correct.

  • picture of a standard UK female BS1363 switched double wall socket faceplate. The left socket is damaged and red tape has been used to close it.

So, what is actually wrong with it?

Well, the earth pin’s base is shrouded; in other words: it is electrically isolated. Why is this a problem? It means that any device that you connect to mains with this cable will not be earthed. Worse yet, an inattentive user (that’s most of us): will very likely think that their device is earthed, and thus conclude that they are safe in the event that the device develops an electrical fault within it. It can’t be serious if it didn’t trip the mains, right?

It is especially nasty in this case, due to the layout of contacts within the female socket for the BS1363 type of plug. You see, unlike the Live and Neutral pins whose female contacts are at the base of the socket; in other words contact and mate with the tips of the plugs pins. The earth pin’s female contact is much closer to the mouth of the socket. Consequently, this means that when the plug is fully inserted, the socket’s contact grips the Earth pin closer to it’s base than it’s tip. Under normal operation, this is to insure that Earth is the first pin to make electrical contact when the plug is inserted, and the last to break electrical contact when the plug is removed from the socket. Its actually really quite a lovely design in my opinion, simple and effective.

Unfortunately, this is exactly what makes this particular plug so egregious. When the plug is fully inserted into the socket, electrical continuity will be broken by the non-compliant plug’s shrouding on the base of it’s Earth pin. But the basic user would think that their device is earthed because the tip of the earth pin is exposed in the same way as the Live and Neutral pins. Its the dangerous subversion of expectations that makes this thing so offensive.

image of a portable oil room heater with a metal chassis
image taken from homedepot.com

Why is earthing devices important?

I’ll answer this with a real world example. Imagine a device, something that demands a lot of current. A high amperage device like a portable room heater with a metal chassis. What if it had been either modified or manufactured to use smaller gauge or lower quality wire (e.g. using aluminium instead of copper), or they skipped adding heat-shield braiding to protect the internal wires from the device’s high residual temperatures. Whatever the case may be.

And due to a combination of carrying a strong current and/or the environmental heat, a wire carrying 250 volts mains melts its plastic sleeving and just touches the metal chassis from the inside of the device. If the device (and consequently the metal chassis) was earthed, then the 250 volts would immediately run down the earth path back to the local RCD (Residual Current Device) switch and trip it. This is because electricity naturally takes the easiest path (or path of least resistance) to earth.

However in the case where the device isn’t earthed; then what’ll happen is that the metal chassis will now be at mains voltage potential. Essentially Live. And odds are that the device in question could still very well function in this state, like normal; making it even harder to notice the fault. If then an unaware user touches the chassis, and in doing so presents a path to earth (usually through their hands, then body, then feet). Well, the electricity is likely to travel through them towards earth, probably killing them in the process. That’s why earthing devices is so important. It provides a very low impedance path for electricity to get to earth, in the case of a fault like the one mentioned above.

close up on a C13/BS4491 and a BS1363 plug showing their power ratings: 10 amp at 250 volt and 13 amps at 250 volts respective
close up on a C13 BS4491 plug showing it's 10 amp at 250 volt rating

Aren’t there any other safety measures in place?

I should note that BS1363 plugs have another safety feature that might save the day in the above example. Namely the replaceable (Live side) fuse within it. In the case of this BS1363 to C13, “kettle” plug. A C13 plug’s maximum rating is for 10 amperes. Logically then, the BS1362 fuse in the BS1363 plug should also be rated at a maximum of 10 amps. That is unless one would prefer that the plug give out before the fuse does, in the case of a surge current exceeding 10 amps (but not 13 amps which is the next category up in the standardised BS1362 fuse ratings).

Notably, the phrase “its not voltage that kills, its current” comes to mind. Although this is strictly not true due to the nature electricity. A high current, low voltage (e.g. a 5 volt 10 amp power-supply) shock is relatively safe, in the same way a low current, high voltage shock (such as static electricity) is relatively safe as well. You need both to be high in order to kill people. To bring it back to the point, we are dealing with 250 volts at or up to 10 amps before the fuse breaks and cuts the power supply. That’s more than enough to seriously electrocute a person. Assuming that it is in fact a 10 amp fuse in that plug. Whose to say that a fuse that came within a non-compliant plug, is itself compliant.

I don’t really want to put too fine a point on it. The inline fuse is just another line in the defence to stop people from accidentally killing themselves. The buildings RCD switches, the plugs fuse, the products internal fuses, and earthing; are all lines in the defence between the person and the power, that have the cumulative effect of making them safe.

Just as a fun thought experiment, imagine if all of these safety features where not present, and you gripped the live chassis, well then in that case: you’d probably be cooking until the power cuts off due to lack of payment of bills. Or rather surge protection outside of the property kicks in, but that’s less fun, and in all likelihood McGrippy would be long dead by then anyway.

picture of a BS1363 to C13 plug (also known as a IEC cord). It's earth pin has been shielded in the same manner as the live and neutral pins.

Where did you even get this thing?

Some background. If I remember correctly, I got the plug along with an unbranded Chinese power-supply from Ebay (or was it Amazon?) a couple of years ago. I took some pictures of it with my dumb-phone (hence the quality images, you’re welcome) due to it’s novelty, but otherwise thought nothing of it. Luckily for one reason or another, I didn’t press it into service.

It was only much later as I progressed in this hobby, did I realise how dangerous it actually was. And after doing some research: I came to the conclusion that one is most most likely to come across these types of sub par electronic equipment from websites like: Amazon, Ebay, Alibaba, Aliexpress, and Banggood. I’m not pointing those particular websites out for any reason, other than their relative dominance of the online market place for consumer grade electronic goods. All ship internationally, and all act more as online market place themselves, then they do actual product vendors. In other words, they aren’t a seller themselves (although some do this too), but have independent sellers operating through their marketplace. Many of these are either drop-ship sellers and straight from factory sellers. Which can sell unbranded and non quality assured dreck; just like this plug.

  • close up on a C17 and a BS1363 plug showing their power ratings: 10 amp at 250 volt and 10 amps at 250 volts respective
  • close up on a C17 plug showing it's 10 amp at 250 volt rating
  • close up on a C17 plug showing it's two ports: Live and Neutral
diagram illustrating the similarities between the C13 and the C17 type plug. The only difference is that C13 has an Earth.
original images taken from wikipedia.org

What should I do if I have one of these plugs?

It largely depends on you, your use-case, the people around you, and your environment. The puritan in me will say cut it and chuck it. It’s not worth the risk of forgetting and accidentally putting it into service in the future. Especially if you store all your extra cables together as I do.

However to avoid turning it into e-waste, you could just chop it up and use it as spares for repairs or projects. Another thing to consider is: if you are hard up for plugs, you could even scrape the shrouding off of the Earth terminal and use it as a normal C14 plug (after testing it of course, I think the earth pin might be too thin to function effectively/reliably/safely after this). Alternatively just use it as a C17 plug, which doesn’t have an earth terminal so the shrouded earth will not matter in the slightest.

One recommendation I would make regardless, it that you clearly mark and label this cable to differentiate it from the others.

image of a non-compliant BS1363 plug, with a shrouded Earth pin and a thin profile that indicates no presence of a BS1352 fuse inside the plug

Oh, while I am talking about dangerous non-compliant plugs, look at this thing. Shrouded earth, and not even a fuse. Any device that comes with this plug, just has to be hot garbage… and I sincerely hope you aren’t trusting your household’s safety to it.

References / Sources / Further Reading:

https://www.hse.gov.uk/electricity/standards.htm#appliance
https://en.wikipedia.org/wiki/List_of_International_Electrotechnical_Commission_standards
https://en.wikipedia.org/wiki/AC_power_plugs_and_sockets:British_and_related_types#BS_1363_three-pin(rectangular)_plugs_and_sockets
https://en.wikipedia.org/wiki/IEC_60320#C19
https://images.homedepot-static.com/catalog/productImages/1000/5a/5ab2c7d6-d116-4e66-b78e-a38049a7771c_1000.jpg
https://en.wikipedia.org/wiki/Residual-current_device
ElectroBOOM – Which is the Killer, Current or Voltage?[https://www.youtube.com/watch?v=XDf2nhfxVzg]
John Ward – Dangerous Multiway Extension Lead ASTRA BT311 (Part 2) [https://www.youtube.com/watch?v=C1h9LLJJvk0]
John Ward – MK Socket Outlet BS1363 Dismantled & Examined [https://www.youtube.com/watch?v=H1gMYu5VHus]
ElectroBOOM – The Outlet that Saves Lives [https://www.youtube.com/watch?v=GlM6PE2kKVY]
ElectroBOOM – 7 MILLION VOLT TASER (stun… thingy)!!! [https://www.youtube.com/watch?v=DOMs7mYm_zs]
https://hackaday.com/2016/05/19/hackadays-fun-with-international-mains-plugs-and-sockets/
https://hackaday.com/2016/05/11/looking-mains-voltage-in-the-eye-and-surviving-part-1/

#0001: On creating a website

Otto

#0001: On creating a website

image depicting "w w w ."

I find myself sitting here at a loss as to what topic I should go with for my first article on this site. It needs to be something interesting, and more importantly this first post will set the standard for those to come; so it needs to be good.

If you read the title, you probably can guess what topic I chose. Yeah, after spinning it in my head for a while; I decided just to go with how this site came into existence. This is after all supposed to be a technical blog (of sorts), so it seems fitting that we start with the basic technology of this website itself.

So what is it that you actually need to create a website? Well, like most questions in life, the answer is: it depends. In this case I needed three things to get up and running: 1) a domain name, an official registered name for my website; 2) a site-builder, software to help me make the thing; and finally 3) a host, some always-online servers to hold the code and contents of the site, these are the computer(s) that users will connect to when they visit the website.

image depicting logos of HTML5, JS, and CSS3

Initially I thought that creating a website would be no sweat. Just get a domain name, get a host, and hash out something in HTML, JavaScript, and CSS (the holy trinity!). No builders necessary. No worries. It should take me exactly “one weekend” to do this. Right?

Well, unfortunately no. I think I fell victim to my own hubris, or more accurately the Dunning-Kruger effect. There was and is so much more to the process that I was unaware of, that I actually thought it’d be straight forwards and easy. Having said that however I should outright state; that yes, creating a web site has never been simpler or easier for the uninitiated. With site builders and turn-key solutions (like wordpress.com or squarespace.com for example); that largely abstract out all the mechanical technicalities, into simple graphic interfaces that a non-technical person can intuitively operate. A good real-world example customer for these would be an artist creating an online portfolio of their works.

logo of squarespace.com

These solutions however did not particularly interest me much, as I am interested in the technicalities of the actual infrastructure of the website itself. This I found to be something that is largely abstracted out of relevance by these public facing and user friendly interfaces. Another concern I’d like to voice is that, although these company services do make it very straight forward to get an online presence. They do however charge you for every step on the way, and at the end of it you may end up with something that you don’t exactly want and have spent money on it to boot.

Examples include: purchasing a packaged feature-set that after gaining some experience you realise that you have no use for; or in a bid to save money: purchasing the cheapest packages available then realising after the fact, that your use-case requirements are in excess of the service package’s limitations.

This was one of my primary concerns, and as a result caused me to be very cautious when selecting something out of the numerous and quite frankly somewhat overwhelming options. So many companies, site-builders, hosts, and all the packages and deals that they use and offer. So, after some time being put off from pulling the trigger on anything in particular; then procrastinating (naturally). I finally decided to write up a clear criteria of exactly what I wanted.

I always find that when venturing into the unknown (a bit melodramatic granted), it pays to have a plan, a goal, a list of objectives, a criteria, whatever you want to call it. I have also found it most effective for that plan to be concise in nature and hierarchal in structure. Id est: a numbered list.

So here’s mine:

  1. I wanted a basic website for blogging and a light hosting of files. It will consist predominantly of written articles, image rich guides, as well as to host small to medium files and programs of my own creation (<100MB each). This means the storage size needs to be in excess of 50GB. All those files and HD pictures add up quickly.
  2. I wanted my own unaffiliated domain name. It looks more professional in my opinion. For example: mywebsitename.net instead of something like: mywebsitename.wordpress.com or mywebsitename.googlesites.com.
  3. I wanted the site to be adequately secure against malware, spam, and intrusion with minimal intervention on my part. In other words I wanted to be hands off when it came to securing my contents. I need good ready on-hand security without having to divert my time and efforts into a rabbit-hole of research, at least for now.
  4. And finally, and most importantly. I wanted to be able to have this whilst maintaining a degree of privacy. I want an online presence without freely advertising my personal information to the world at large.

So that’s it: basic small bloggers site, with it’s own name, adequate hosting, some protection, some privacy, and with a comfortable storage limit. Obvious right, well not so in my experience. There is merit in writing down the obvious and enumerating it. It brings it to the front and centre and adds it to an objective hierarchy that one can work from.

In the end, after a frustrating period of paralysis via analysis, and exploring a multitude of different options on the market; I decided to just take the shortest route to my goal. Perhaps not the best route for my personal use-case, but that is the kind of thing one sees with experience and hindsight. So I decided to pick a reasonable option and just jump in and see how it goes.

And that is exactly what I did; I ended up going with wordpress.org as my choice of website builder. Three main reasons: one, it’s ubiquity – it is well known, well used, and well documented. So any issues I may come across, chances are good that someone else has, and probably documented a solution to boot. The second reason I liked WordPress, was because of it’s open-source and community driven nature. This makes it versatile meaning if there is a particular feature I wished for, chances are that someone else has, and has a documented implementation of it somewhere. Lastly, the third reason is simple, it is free. This allowed me to tinker with it without any financial investments.

As to why I didn’t just build the website out from source myself. Well beyond making a basic website consisting of static webpages linked together, this was beyond my skill-set and interest level at this time if I am honest. I wasn’t willing to spend the time and effort to learn to implement every little feature that I wanted for it. This could include anything from animated drop-down menus, to allowing user comments, or embedding videos within articles. It would have required more of a personal investment than I was willing to put in at the time; especially since I just wanted something useable and customisable to be up and running in a timely fashion. That, and I couldn’t justify taking time from other projects and responsibilities, the reward to work ratio wasn’t sufficient.

image depicting wordpress.org logo next to wordpress.com logo

Please note, there is a distinct difference between wordpress.org and wordpress.com. WordPress.org is just the open source website builder software. Whereas wordpress.com is a company that bundles in the website builder with their own hosting and support services. They are not the same entity.

Next up, hosting. This one is quite simple since as far as I know, one competent host is as good as another. I went with bluehost.com since they were recommended from wordpress.org via affiliate links. Their prices for what I wanted were also reasonable. Funnily enough, I got my domain name via bluehost’s partners. So it was a case of choosing WordPress and being funnelled to affiliates and partner’s services for the rest. It made things simple and since I actually have little experience in setting up websites; I was more concerned with not using the “wrong” company (dodgy or otherwise) or “wrong” tools (wasting time learning inferior tool sets – been there done that…), than I was concerned with choosing the best deal. As long as what I got was what was advertised, and what was advertised was good enough to get started.

With the WordPress optimised setup, I ended up with a “shared webhost service”. Essentially my website would be sharing the server with many others like it. This is because a simple WordPress website doesn’t really need anything that requires dedicated hardware. For example: large processing capabilities for online gaming. This website wasn’t going to be folding proteins or using their server for automated stock trading or anything like that. It also didn’t need a large reservoir of storage space available, since it wasn’t an archival or file hosting website.

The “shared webhost service” is the one of the cheaper options available. Others include a “virtual private server”, this is a mid-tier option allowing the subscriber to have a virtual server with it’s own allotted RAM and CPU usage. Additionally, and probably the most expensive option available is renting a dedicated server. Its exactly what it sounds like, the subscriber just rents a box dedicated to just them; and consequently they can have complete control over it. The latter two mentioned here are overkill for this humble hobbyist’s blog. They are more appropriate for the other examples I mentioned above.

While I was going through the processing of setting up the host; and looking through their various options; two features/services that they offered popped out to me, and I would like to highlight them for you. The first is “domain privacy” and the second is that of “SSL Certificate”.

Domain Privacy. This basically allows you to own the website without having your personal information plastered all over whois.com (or who.is, or whois.net, or what have you). Websites that comb website registrars for ownership information. As the newly minted website owner, your contact information would be listed there. Alarmingly, this includes: your full name, address! and any contact numbers or email addresses you provided whilst registering the site. It should also be noted that lying on the registration is apparently punishable by law (I read that somewhere during the signing process, but I can’t find a direct reference or link stating that. Apologies). Unfortunately I can’t actually speak to exactly where it applies, and what kind of punishment.

This is not really a problem for a business, with its own legal identity and premises; however it most certainly a problem for the private individual. If you then purchase “domain privacy” from the hosting or registering company, this will result in them acting as a mediator and using their information as a substitute for yours on these public listing.

I believe different countries have different laws regarding public displays of website owner’s personal information, via sites like who.is. Some permit it by default, others favour the owner’s privacy and don’t allow the display by default. My concern here is, although I live in a country that [with regards strictly to this] favours the individual’s privacy, the company that I’m doing business with is in another country, one that does not. Whose countries laws takes priority? Is seemed like the more prudent thing for me to do was to just purchase this service, rather than leave it to chance.

The second feature of note I encountered, is that of a “SSL certificate”. Put simply this gives the website a certificate of authenticity. This is issued from some association charged with verifying that the websites users connect to are who they say they are. In addition this allows secure connections to site servers using the HTTPS protocol. This is important to me as I know I am rather reticent to visit many non-https websites, especially since many modern browsers such as Firefox (circa 2020), warn users who connect to non-https or unsecured websites. Its just another layer of security to take advantage of. One that grants a level of authenticity.

image depicting orange "CPanel" logo

Moving on. It should be noted that when I purchased the hosting I also got the ability to setup my own emails system using cPanel. cPanel is a general control panel for web hosts that enables you to control all the various programs for your website. In this case an email client. I decided to go with one central email address (mail@tinkerersblog.net) using the webmail service and the roundcube mail client. There are other options of email client available, including: Horde and squirrelmail.

That’s basically the process from start to finish. At this point I have a basic WordPress template site and email. All that was left was to customise it to my liking and create content. In retrospect, the biggest hurdle for me was the over-abundance of choice on the market. It required an exhaustive process of researching and vetting the various services, and options available there-in. Other than that, once you have chosen a particular company, host, or web-builder you like; they tend to do a good job of keeping you in their ecosystem for the rest of the things you need to get set up. They do this predominantly via affiliate links and discounts.

The funny thing is now that I am committed and have paid approximately £180 for a 3 year deal for this site; I still think that maybe I could have found something better. A particular tool-set, or cheaper deal that would suit me more, maybe I invested into a bad company or technology, or perhaps I made a mistake when buying optional add-ons? Who knows? I guess I will, later. Still though, it is a nagging feeling that lingers on after the decision has been made.

Besides, the primary objective was to get started and that has been done. It’s only really with hindsight that I can make better decisions for my particular use-case; and that comes later. I guess that Steven Wright quote holds water here: “Experience is the thing you get just after you needed it” … I am paraphrasing. Anyway, That’s all for my musings.

Thank you for reading.

Sources / References / Further reading:


https://whois.icann.org/en/domain-name-registration-process
https://whois.icann.org/en/about-whois
https://en.wikipedia.org/wiki/WHOIS
https://en.wikipedia.org/wiki/CPanel
https://en.wikipedia.org/wiki/Webmail
https://en.wikipedia.org/wiki/Roundcube
https://en.wikipedia.org/wiki/SquirrelMail
https://en.wikipedia.org/wiki/Horde_(software)
https://en.wikipedia.org/wiki/Domain_privacy
https://en.wikipedia.org/wiki/HTML
https://en.wikipedia.org/wiki/Cascading_Style_Sheets
https://en.wikipedia.org/wiki/JavaScript
https://www.dreamhost.com/blog/wordpress-differences-beginners-guide/