The Ministry of Defence has agreed to the next phase of its Defence Information Infrastructure programme, provided by HP's Atlas Consortium. DII increment 3a, which the MoD agreed to on 18 December 2009, will involve 42,000 more computer terminals working with restricted and secret material at permanent MoD sites, replacing old …
All your favourite government con-tractors in one bunch
So being 18 months late in Jan 09 its now about 30 months in Jan 10.
Only 2 /2 years.
Dont they know there are a *couple* of wars ons?
Or perhaps this is just averagely bad for a large UK government contract?
Money well Spent but Whom does IT Benefit Really ..... the Future MOD or HP Atlas Consortium?*
Are we to assume from that DII increment 3a news, that increment 2c, for a version of DII that could handle particularly sensitive material, is successfully delivered for MOD control . .....at extra £191m deal cost ........ or in all such particularly sensitive and secret material handling cases, is there always an Element of HP and Atlas Consortium Remote Proxy Control and Covert Oversight for Field Monitoring and Mentoring .....Virtual Influence?
In a Similar Sensitive Supply Position of Technology dealing with the Handling of Secret Material, would you not Provide a Remote and Secret Covert Facility to Ensure and Assure Clients that Abuse was Impossible without Client Knowledge ?
* Although that hanging question will always ever be present in such cases as handle particularly and peculiarly sensitive and secretive information and intelligence.
It will still be shit
Runs like a dog and uses IE6 - but a lot of mandatory paperwork is done through DII/JPA now, so you don't get a choice about using it.
Did the spec change?
I'm just wondering.
I still say
they need to get actual trained staff in to do a lot of the work - as apposed to the call centre monkeys they promote into key roles. A large amount of the lateness is down to in house squabbling between FJ and what was EDS, Poor staff retention and the need to train replacements does not help either.
Still, least It keeps most of the Chav's in Bracknellistan off the streets and employed.
So that's £450m payout to provide functionality which was already supposed to be there? And they're late why? Becuase they abjectly failed to adequetely scope the proect and design the systems correctly from the outset.
Sod the computers, stick that money in the forward equipment budget where it belongs.
DII - The biggest pork-barrell contract of them all
DII is the slowest piece of crap I have ever worked with. Why reward failure with more money?
I object to the statement that this has 'enhanced' our working lives in any way! As for savings, factor that against wasted staff time and it the savings or benefits suddenly don't look so great any more.
Even the clunky old Win NT wagons we used before were technically limited, but at least functionally more reliable.
@ Bumpy Cat
"Runs IE6" Is this speculation or do you know?
That *alone* makes it a Fail. The lateness and the additional bag of cash move it up a notch.
Dll is that DLL or D11? or is it DIL .. most big contracts are about arses and complete DILS.
Just don't ask
What the MoD pay per computer with support with your tax payers money, we're talking one computer on a desk, think of a number and triple it and your probably not even close.
Guberments wasting hard working tax payers money since the removal of the guillotine as a punishment for being a bad leader of the people.
@ John Smith 19
he is correct, its IE6 and all server connections are made via Citrix or connection to a DRAC (notoriously un-reliable)
I'm more concerned about this bit.....
"Davies told Parliament on 19 January 2010 that the cost of the whole programme,....<snip> remains unchanged at £7.1bn. He added: "DII is on track to deliver estimated benefits to the department in excess of £1.6bn over the 10 years of the contract."
Now providing I'm not reading this incorrectly, but that is 1.6bn OVER 10 years and not 1.6bn per year over 10 years...
I can imagine the comments from our board if I proposed anything costing that much with such little return.
Surely you want complete ROI within 3-5 years...
"he is correct, its IE6 and all server connections are made via Citrix or connection to a DRAC (notoriously un-reliable)"
So that IE6 vuln that MS are touting as a good reason to upgrade is quite serious to MoD apps.
My quick look at DRAC says it's accessible through a browser, telnet or SSH connection, even when the server is switched off, and with the capability to upload software from the controller PC via a "Virtual CD" facility.
Hmm. Take over IE6 and you could (in principle) stuff whatever you liked on the server.
I'm guessing the secure procedure would be block browser access and *only* permit server management access via an SSH compliant terminal emulator, if that's possible.
Bespoke apps locked to IE6. Another "qualtiy" development bought to you by HMG's favourite IT con-tractors.
Give it a whirl, son
Your speculation might have a little merit if the systems we are talking about were on the Internet. They're not. Your first attempt to get an attack vector onto the infrastructure will set off alarm bells all over the place.
A title is required, but should not be interpreted as encouragement to commit offences under the Official Secrets and Misuse of Computers Acts. Hence anon.
... On Budget...
Pick any two from three.
to be fair AC @ 09.58
its not like the NFSM monitoring team will be awake to notice the attack is it?
Thanks dad, but I think I'll pass.
Honestly I'd think it *very* foolish to connect *any* of these systems to the Internet. However the US experience of hooking up ATC systems to the 'net does make me wonder.
OTOH with what 300k desktops (is that bigger than the whole British Army?) you have to wonder if *absolutely* every one of them is secure. Preventing file upload/download to newley attached devices and disabling CD drives are obvious
But then again shouldn't that have been the case at HMRC when the child tax credit details went walkabout?
Is it possible that this will *finally* get people to only develop to *open* standards? I don't mean open source (that would be nice) just properly standards compliant so the desktop is de-coupled from the backend apps.