back to article Spooks made 1,061 bugging errors in 2010

MI5 wrongly collected subscriber data on 134 telephone numbers as a result of a software error, according to interception of communications commissioner Sir Paul Kennedy's annual report. A spreadsheet formatting error caused the service to apply for data on the identity of telephone numbers ending in 000, rather than the …

COMMENTS

This topic is closed for new posts.
  1. Bodestone

    Spreadsheets, really?

    They are using spreadsheets to manage this information?

    Can, worms, open.

  2. Anonymous Coward
    FAIL

    You really couldn't make it up.

    Luckily none of the 134 was tracked by an armed squad of assasins and terminated with extreme prejudice on a London Underground train.

    1. Anonymous Coward
      Big Brother

      Maybe they did....

      ...see title

  3. John Smith 19 Gold badge
    WTF?

    Indicative of the desire to go on more fishing trips.

    5% year on year growth.

    Icon says it all.

  4. davenewman
    FAIL

    Yet another govt. department using a spreadsheet for database work

    The shocking thing is not that the error wasn't noticed - but that they used a spreadsheet, a tool that easily allows errors such as these.

    While it is not surprising for an Olympic agency to use Excel for a database of all cultural events, I would have expected MI5 to have the third best CRM system in the country (after GCHQ and MI6).

    1. Cucumber C Face
      Paris Hilton

      re: Yet another govt. department using a spreadsheet for database work

      Whaddya mean?

      Everyone in .gov.uk knows all about databases..

      1. Important managers qualifying for MS Office Pro get Microsoft Access on their laptops

      2. Microsoft Access is a database

      3. Microsoft Access is a useless version of Excel that doesn't do colours, fonts or calculations

      Paris - because she has a higher IQ than the aggregate of the entire UK Civil Service.

      1. Anonymous Coward
        Trollface

        @Cucumber

        Hey - don't have a go at the civil service or we'll go on strike!

    2. Alexander Vollmer
      Big Brother

      They do ...

      Its really the third behind MI6 using an Open Office and GCHQ with Vi-si-Calc.

  5. Anonymous Coward
    Anonymous Coward

    Anything else?

    I wonder if they kicked the wrong doors in too.

  6. Robert E A Harvey

    Legal problem

    See this is a legal problem. It's all these damn rights. If only the law let them listen to everyone, then such mistakes would not be, err, a mistake at all.

    </satire>

  7. Wang N Staines
    Happy

    "spreadsheet formatting error"

    lol ... probably one of the interns from Oxbridge!!!!!

  8. Anonymous Coward
    IT Angle

    MI5 using spreadsheets?

    > MI5 wrongly collected subscriber data on 134 telephone numbers as a result of a software error .. A spreadsheet formatting error caused the service to apply for data on the identity of telephone numbers ending in 000, rather than the actual last three digits ...

    This is what happens when peoples only exposure to computing is Microsoft Office. When they get into employment they can't think outside of the Excel/Word paradigm ...

  9. Anonymous Coward
    Anonymous Coward

    @Yet another govt. department using a spreadsheet for database work #

    It was only a couple of years ago, while analysing another, less secure government department's ludicrous 40 million a year bill for two ICT systems, that I concluded that all enforcement systems are essentially an XRM solution and nothing else.

    Having proved we could reduce the cost of their IT by at least 80%, naturally, at that point, I believe (but am not certain,) the two companies involved sent in their principal contract negotiators.

    Not withstanding that the department (who shall remain nameless,) should have its CIO sacked, I cannot see why Microsoft's on premise Dynamics system, hasn't been agressively sold into the pizza express north bank massive.

  10. Anonymous Coward
    Anonymous Coward

    through the mist

    @MI5 also acquired data on the histories of 927 internet protocol addresses without authorisation from a sufficiently senior officer, of GD3 rank or above. This was due to an "incorrect setting on the system used by the Security Service," according to Kennedy,

    Unlikely - the operatives were probably doing their own "research" and did not want to be bound by red tape, in fact they are probably allowed some scope to do so outwith "guidelines".

    If we could query the excuses given and dig deeper we would probably find that like they have almost free access to query what they like.

  11. nyelvmark
    Black Helicopters

    552,550 requests for communications data during 2010

    "John Smith? But we've got 461 customers called John Smith".

    "No problem - give me the data on all of them".

  12. dephormation.org.uk
    Childcatcher

    Oh please, pull the other one.

    MI5 admit making 1,061 mistakes in 2010.

    While TalkTalk are busy intercepting private/confidential communications for all of their 4m subscribers, and engaging in man in the middle/replay attacks using kit supplied by Huawei.

    While Vodafone are busy intercepting private/confidential communications for all of their 0.6m customers, and relaying it to the USA for a replay attack using kit supplied by Bluecoat.

    Experian Hitwise are covertly processing the private/confidential communications of millions of UK internet users too.

    And Mike Galvin of BT is advocating involuntary mass communications interception to fulfil Ed Vaizey & Reg Bailey's mad national communications censorship 'for the children' amibitions.

    And I didn't bother to mention Phorm.

    MI5's failings, while sinister enough, are almost irrelevant to the extent of illegal mass communications interception in the UK.

    You could be forgiven for thinking it was MI5's job, as a counter espionage organisation, to stop it.

    1. Anonymous Coward
      FAIL

      Eh ?

      I thought the Reg article on this made it clear that BT was AGAINST this - and not supporting it ?

  13. Steve Evans

    Excellent...

    Thanks to the NOTW phone "hacking" we now have a going rate for illegally listening to telephone calls, so where do we go to find if we were affected, and if so, how quickly can we expect the cheque?

  14. ukgnome
    Coffee/keyboard

    Splutter

    All data destroyed?

    Surely they mean all data locked away for 6 years to comply with DPA

  15. NoneSuch Silver badge
    FAIL

    Meanwhile in Uzbekistan...

    A naked lone figure crammed into a 4' x 4' x 4' steel barred enclosure blindfolded and gagged with cockroaches crawling all over him hears a door open and footsteps approach. The door to his diminutive cell opens, he is hauled out and a voice says, "Terribly sorry old man. Seems to have been a bit of a bugger-up down in files. Would you mind awfully signing this release promising not to sue and we will have you on a BA flight back to Luton within the hour. Economy, of course. Budget is a bit tight if I'm honest. Oh and here is your phone. Sorry about the gaffer tape. The back rooms boys were a little over-enthusiastic doing their examination."

  16. A handle is required
    FAIL

    (fail)

    Curse you, Excel!

  17. K. Adams
    Big Brother

    Basic math...

    Population of UK:

    -- -- 61,840,000 (approximate)

    -- -- -- -- Source: World Bank, World Development Indicators

    Snoop Requests:

    -- -- 552,550

    -- -- -- -- Source: Sir Paul Kennedy

    Doing the math, presuming One Snoop Request Per Person

    -- -- 61,840,000 / 552,550 = 111.92 (approximate)

    This means that if authorities are requesting just one "snoop request" per person (which may be the case, if UK law allows for "open-ended" requests; I don't know, because I do not live in the UK), government minders have their collective eyeballs watching approximately 1 out of every 112 residents (about 0.9%).

    If multiple snoop requests are initiated per individual, say 5 per person on average, then that still means at least one out of every 560 people is on the snoops' radar.

    Buggers the imagination, that does...

  18. John Smith 19 Gold badge
    Meh

    Shock News. Interception commissioner reports something *slightly* critical about MI5

    Only *slightly* of course.

    Everything A-OK otherwise.

  19. Anonymous Coward
    Black Helicopters

    ? Buttle ? Tuttle

    You know the outcome.

  20. Anonymous Coward
    Anonymous Coward

    Peanuts and monkeys

    I saw some IT jobs advertised on the MI5 website a couple of years ago. Salaries started at about 19K for work in London, for graduates with a few years experience. My Russian wife commented "This is why we can buy them so easily".

  21. Frederick Karno
    Holmes

    Really ??

    i think it would be a better thing to say all our communications are intercepted its just whether they then use this information......

  22. Anonymous Coward
    Anonymous Coward

    Bollocks

    "Wrongly collected"? "Software error"?

    Doubt it.

  23. This post has been deleted by its author

  24. dssf

    A handful of rules would have prevented this...

    Some parsing and simple checking "is right (phone-num) 4, 000" or "is right (phone-num) 4, 0000", 'last 4 end in zeroes', right (phone-num) 4" or the like againts the first parsing and subsequent parsings of the phone number.

    A simple linked table would enable use of a detail table which would display the likely-erroneous numbers, and then a clicking on them could further produce relationally-linked persons of the same surnam, first name, city, state, workplaces, and so on to help sleuth out the possible ACTUAL person of interest.

    Even if/though hexed cell (excel) can do this, spreadsheets have NO business being used as databases. Even a simple relational database such as Lotus Approach can handle this, in a more sane presentation if it is allowed to log in to the main or a working datatabase subset. Approach lacks some enterprise features, but if the user is in a steril environment, using a machine lacking access ports and having tamperproofing and alarmed cabling, then a simple database tool with not internet access installed from a known-clean source could have been used.

    Even outside of MOD/DOD usage, spreadsheets sometimes SUCK. Using excel instead of a real database is why an employer of a friend of mine sometimes doesn't get invoices out or overlooks some for months and quarters on end.... Imagine a cleaner cashflow and reconciliation efforts if excel were dumped and left to financials ANALYSIS and not payrol/invoicing.

This topic is closed for new posts.