Feeds

* Posts by D Moss Esq

140 posts • joined 19 Jun 2009

Page:

Australia mandates* cloud use by government agencies

D Moss Esq

Re: The Cloud vs Inhouse IT

What do you think happens to a company trying to negotiate a cloud services contract when they know nothing about the subject? They pay top dollar. That's what. And when the cloud service goes down, they're last in the queue for attention.

As the percentage of in-house IT departments closed down tends towards 100, the cost of cloud computing will tend towards or go through the roof. Bang goes the cost advantage.

Long before that happens, it will be cheaper to replace the shop and hospital IT staff you say are so hopeless with competent personnel.

It will also avoid the disappointment of discovering that the cloud suppliers' staff are just the same.

1
0
D Moss Esq

Re: Thank goodness we've got the cloud sorted out here in the UK

Glad you enjoyed it.

I compare cloud now with timesharing in the 70s, Comshare and GEISCO, not holiday apartments in Spain. Timesharing died. So will cloud.

1
0
D Moss Esq

"Maybe I'm an idiot"

– Was it Larry Ellison himself who said: "The interesting thing about cloud computing is that we've redefined cloud computing to include everything that we already do, The computer industry is the only industry that is more fashion-driven than women's fashion. Maybe I'm an idiot, but I have no idea what anyone is talking about. What is it? It's complete gibberish. It's insane. When is this idiocy going to stop?"

– D'you know, I think it was.

4
0
D Moss Esq

Thank goodness we've got the cloud sorted out here in the UK

They do seem to be in a bit of a pickle cloudwise in Australia.

They should take a lesson from the UK, where "Cloud First" is the rule for central and local government.

And where we have the CloudStore, an on-line supermarket for cloudy products and services.

Admittedly no-one knows what "Cloud First" means and very few people have heard of it. Also, the CloudStore was meant to close down on 30 September but it's still limping along because someone can't get the replacement Digital Marketplace to work.

"Someone" is the Government Digital Service (GDS) and their advice to central and local government is "Don't procure. Commission". No-one knows what that means either.

The Government cloud programme (G-Cloud) has its own Twitter account, @G_Cloud_UK, and that's where we Brits go to find out what's happening. The Australians could usefully pay a visit.

Cloud computing depends on trust frameworks. Everyone knows that. Then a few months ago Chris Chant started Tweeting on @G_Cloud_UK about how trust can never be achieved, what you really need is truth. "24hrs to go" he said on 30 July 2014, "until @RainmakerCXO totally disrupts UK Cloud security capability. Truth better than trust. truth.rainmaker.solutions @G_Cloud_UK".

It wouldn't matter what he says if it wasn't for the fact that he's the principal architect and advocate of G-Cloud. And what he's saying is that you're wasting your time holding out for trust. What you need is GuardTime, an Estonian product marketed by Rainmaker Solutions. Let the Australians take note.

Some of us Luddites are a bit anti-cloud.

It's something to do with the OECD saying "cloud computing creates security problems in the form of loss of confidentiality if authentication is not robust and loss of service if internet connectivity is unavailable or the supplier is in financial difficulties ...". And ENISA saying about cloud that "its adoption should be limited to non-sensitive or non-critical applications and in the context of a defined strategy for cloud adoption which should include a clear exit strategy ...". (ENISA is the EU's Network and Information Security Agency).

What with that and Kim Dotcom and Edward Snowden and Bruce Schneier, it's a relief to see that local goverment in the UK is generally forswearing the cloud.

The other day, a journalist tried to snap these fuddy-duddies out of the 18th century and wrote "Council IT teams overstating cloud security concerns". But he didn't really mean it and was last seen on @G_Cloud_UK asking "why is cloud any less secure than a server sitting under a desk?".

Then yesterday, when Bruce Schneier's #IPExpoEurope comments on the cloud were reported – "We’re losing control of our data because of the cloud" – the CEO of Omnis Systems leapt to the cloud's defence on @G_Cloud_UK: "Actually it's because of public #cloud hosted in other countries. Host them in UK/EU & you'll have no issues" before adding 17 minutes later "#Cloud is not safer or cheaper for many use cases but it sounds good so who cares, they say".

That shared understanding of the cloud that we have in the UK, the confidence in its security, that's what Australia needs. Just ask that lady whose pictures were leaked the other day. She'll tell you.

3
0

DVLA website GOES TITSUP on day paper car tax discs retire

D Moss Esq

Re: Worked for me....

Renew-a-tax-disc always has worked really well, ever since the web facility was introduced in 2006, eight years ago, five years before GDS sprang into existence.

5
0
D Moss Esq

Re: Worked for me....

Are you trying to suggest that because the site worked for you yesterday it isn't really down today?

0
0
D Moss Esq

"Transparency is the bedrock of change"

... that's what Oliver Morley said the other day. He's the Chief Executive of DVLA and he should know. What users are experiencing now is not an outage. It's a bedrock.

Further, as you know, the great virtue of using the cloud is that capacity expands instantly to meet demand. As demonstrated in this case.

Who runs taxdisc.service.gov.uk? NSLookup says the IP address is 62.25.101.198. And RIPE says that belongs to Energis UK in Watford.

0
0

Labour outsources digital policy, Tories turn up to finish it

D Moss Esq

BOGOF

There are at least two Labour Party digital manifestos.

The one Andrew Orlowski cites is by Jon Cruddas.

Then there's the one by Chi Onwurah which hasn't been published yet.

While we wait for Ms Onwurah's, let's remind ourselves of some of Mr Cruddas's obiter dicta. These are taken from a speech he gave at the Royal Society of Arts, Radical Hope, where he was channelling the thoughts of a consultant he approached, Plenty Coups, great chief of the Crow Indians (Native Americans). He says:

• Our welfare state is ill-equipped to deal with modern social evils like loneliness and the loss of community.

• Our health service is struggling to cope with the rise of chronic illnesses like depression, obesity and diabetes, and we literally lack a proper system of care for our growing elder population ...

• Our present model of education rewards conformity in pursuit of a narrow, logical and mathematical form of intelligence. It fails far too many children and it reproduces the power of the already privileged. It is wasteful of our most important economic resource which is human ingenuity ...

• The future represents a powerful challenge to my party. Historically, our instincts have too often been to centralize, conform and control. To shape the future of our country we in Labour know that we have to do things differently.

That's the problem.

And the solution Mr Cruddas proposes, him and the old Crow, is digital government.

Deploy digital government, and the buffalo will come back.

"I've always been ready to admit I'm on the romantic and conservative side of socialism" says Mr Cruddas, "one that values the local, the parochial and the magical as sources of political agency and power".

Ms Onwurah's manifesto, we may radically hope, will rely less on magic.

1
0
D Moss Esq

On-line voting

Armed with our free 1Gbps broadband I see that we are to have on-line voting in local and general elections, please see paragraphs 80 and 81.

This will ensure that the result of elections is not determined by the voters but by the body with the greatest hacking ability.

Not all that democratic but achingly fashionable.

2
0

Give us a digi-Czar and more bureaucrats, begs UK tech-services biz

D Moss Esq

Re: Is it just me or do Tech UK come across as ...

On reflection, sad and desperate seems about right.

0
0
D Moss Esq

Re: I'm confused

Can't help you there, sorry, Spine 2 will have to remain the object of confusion.

What is certain is that GDS released their application-to-register-to-vote system with no identity assurance worthy of the name. They've been promising identity assurance for years. If democracy is your bent, then further assistance with authentication of the electoral roll is quite an attractive prospect. But no, it was too much for them. No identity assurance.

0
0
D Moss Esq

Re: Trust the UK?

A. Several senior members of the industry have declared that IT trust can't be achieved. Acknowledge that fact, they say, take it on board, digest it and give up the hunt. You won't find a world-leading trusted domain and you can't become one. Because they don't exist.

Stop wasting your time bashing your head against the wall and try something else – truth.

B. "Truth, not trust". That's their motto. The truth is revealed, according to them, by using products/services from Rainmaker Solutions.

They could well be right about A. Which would leave the Czar with the same clothes as the emperor. As to B, you tell me.

0
0

Pedals and wheel in that Google robo-car or it's off the road – Cali DMV

D Moss Esq

Re: From the archives, 1999

No, a Sony Xperia. Restarting it involves taking the back cover off and jamming a 2" No.8 into the reset hole.

0
0
D Moss Esq

From the archives, 1999

http://www.snopes.com/humor/jokes/autos.asp

QUOTE

At a computer expo (COMDEX), Bill Gates reportedly compared the computer industry with the auto industry and stated: "If GM had kept up with the technology like the computer industry has, we would all be driving $25.00 cars that got 1,000 miles to the gallon."

In response to Bill's comments, General Motors issued a press release (by Mr. Welch himself) stating:

If GM had developed technology like Microsoft, we would all be driving cars with the following characteristics:

1. For no reason at all, your car would crash twice a day. [Rather like my Android smartphone]

2. Every time they repainted the lines on the road, you would have to buy a new car.

3. Occasionally, executing a manoeuver such as a left-turn would cause your car to shut down and refuse to restart, and you would have to reinstall the engine. [Rather like my Android smartphone]

4. When your car died on the freeway for no reason, you would just accept this, restart and drive on. [Rather like my Android smartphone]

5. Only one person at a time could use the car, unless you bought 'Car95' or 'CarNT', and then added more seats.

6. Apple would make a car powered by the sun, reliable, five times as fast, and twice as easy to drive, but would run on only five per cent of the roads.

7. Oil, water temperature and alternator warning lights would be replaced by a single 'general car default' warning light.

8. New seats would force every-one to have the same size butt.

9. The airbag would say 'Are you sure?' before going off.

10. Occasionally, for no reason, your car would lock you out and refuse to let you in until you simultaneously lifted the door handle, turned the key, and grabbed the radio antenna. [Rather like my Android smartphone]

11. GM would require all car buyers to also purchase a deluxe set of road maps from Rand-McNally (a subsidiary of GM), even though they neither need them nor want them. Trying to delete this option would immediately cause the car's performance to diminish by 50 per cent or more. Moreover, GM would become a target for investigation by the Justice Department.

12. Every time GM introduced a new model, car buyers would have to learn how to drive all over again because none of the controls would operate in the same manner as the old car.

13. You would press the 'start' button to shut off the engine.

UNQUOTE

3
6

Go on, inhale our G-Cloud via 'Digital Marketplace' – UK.gov

D Moss Esq

Truth, not trust

"Truth, not trust" is a slogan that Chris Chant and Tim Hanley have been spraying around @G_Cloud_UK for the past two months or so.

What they mean is that it is impossible ever to achieve trust in the cloud.

Far better, they say, to go for truth, by which they mean some incontrovertible way of knowing that your data in the cloud has been changed or stolen.

How do you achieve that? By hiring Rainmaker, a consultancy promoted by Chant and Hanley.

And how will Rainmaker help? By deploying Guardtime, an Estonian product that uses some keyless authentication product.

Having these two point out that you can't trust the cloud doesn't seem to worry Tony Singleton, the head of G-Cloud. He's never bothered to deny their allegations.

But it may worry G-Cloud's prospective customers, whether they're buying from CloudStore or the Digital Marketplace.

----------

Cloud computing goes up in smoke

http://www.dmossesq.com/2014/08/cloud-computing-goes-up-in-smoke.html

0
0

FTC calls for Congress to crack down on consumer data harvesting

D Moss Esq

Re: Strange that they missed some big harvesters.

And Experian.

See Brian Krebs:

(a) Experian Sold Consumer Data to ID Theft Service, http://krebsonsecurity.com/2013/10/experian-sold-consumer-data-to-id-theft-service/

(b) Experian Lapse Allowed ID Theft Service Access to 200 Million Consumer Records, http://krebsonsecurity.com/2014/03/experian-lapse-allowed-id-theft-service-to-access-200-million-consumer-records/

And it's not just the FTC taking an interest but the Congressional Committee on Commerce, Science, & Transportation, too, http://www.commerce.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=a5c3a62c-68a6-4735-9d18-916bdbbadf01&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=b06c39af-e033-4cba-9221-de668ca1978a

On 16 June 2014, 19 days time, Mr Hieu Minh Ngo will be sentenced in a court in New Hampshire, having already been found guilty of 15 charges related to identity fraud, http://krebsonsecurity.com/wp-content/uploads/2013/10/NgoIndictment.pdf

He conned personal data out of Experian for months and his scheme only came to an end when the US Secret Service told Experian it was happening. The new Hampshire judge may have a few choice words for Experian, as well as Mr Ngo.

Which has nothing to do with us over here in the UK, of course, we don't have "data brokers", we have "credit referencing agencies", that's quite different.

Experian is one of the Government Digital Service's five remaining "identity providers" on whom their invisible identity assurance scheme depends. Nothing to see here, http://www.dmossesq.com/2014/03/rip-ida-16-june-2014.html

0
0

PAF! MPs go postal over postal location data sell-off by Coalition.gov

D Moss Esq

Re: Barriers to entry – 3

Barriers to entry deprive society of the fruits of innovation.

What fruits of innovation?

Mr Shakespeare doesn't tell us in his report.

He appeared in front of the Public Administration Select Committee with Professor Sir Nigel Shadbolt on 22 October 2013. You can watch them performing here. But you still won't find out what it is we're missing.

Professor Sir Nigel is chairman and co-founder of the Open Data Institute, of course. The ODI think that open data will lead to all sorts of valuable innovative apps. Although they haven't said which apps those will be yet, nor how valuable.

He's also chairman of the midata programme. That's an initiative of the Department for Business Innovation and Skills. They want us all to have personal data stores (PDSs). PDSs will empower us, apparently, and they will help us stupid people to make rational lifestyle decisions and, what's more, they'll make the economy grow. How? By creating an enormously valuable industry of innovative apps, obvs.

What innovative apps?

Glad you asked.

Professor Sir Nigel set up the midata Innovation Lab (mIL). mIL were let loose, like innovation tigers, and they produced five prototype apps. The Prof was so pleased with these prototype apps that he said they would allow us to "get to the future more quickly".

"Prototype", here, by the way, means "not really apps, you can't buy them". Take a look at them. They're just like all the other apps you can already buy on Google Play and the iTunes App Store and the Windows Phone store. There's nothing innovative about them at all. They are not Professor Sir Nigel's HS2 to the future.

So what are we missing? What innovation is society being deprived of by barriers to entry? Answer, stuff you can already buy in the market for once-off prices like 69p.

Therefore there was nothing wrong with selling the PAF along with Royal Mail.

0
1
D Moss Esq

Re: http://www.royalmail.com/postcode-finder

Sure Don, let's see.

If and when they start charging let's see if we can guess whether charges would have been imposed if the company had still been owned by the Secretary of State for Business Innovation and Skills. The way they are for accessing Companies House data, for example.

0
1
D Moss Esq

Re: Typical Govt b0llox

Crimea.

Now there's a country that understands barriers to entry.

1
0
D Moss Esq

Barriers to entry – 2

Mr Shakespeare is a very generous man. He thinks the PDG data should be given away for free. Charging for it is a barrier to entry.

A lot of data is managed by Companies House, the Land Registry, the Met Office and Ordnance Survey. These four together are apparently known as the "Public Data Group" or "PDG" for short.

Admittedly, Mr Shakespeare's generosity would cost us a bit. Currently the Exchequer earns millions of pounds a year by charging for PDG data. That hole would have to be plugged somehow but, according to Mr Shakespeare: "As government would no longer need to purchase the [PDG data] itself, the direct loss to the Exchequer on an annual basis is in the order of £143 million ... It seems a straightforward decision to invest £143m to make Trading Fund data widely available is a relatively small price to pay to leverage wider economic benefits far exceeding this by orders of magnitude".

It seems ... straightforward ... relatively small price to pay ... leverage wider economic benefits ... orders of magnitude ...

It may seem that way but just how straightforward is this investment decision really? Is that a relatively small price or a relatively big one? How many orders of magnitude?

He must know the answer, mustn't he, otherwise he wouldn't have written that on p.30 of his report.

The strange thing is that he also writes on p.30 that: "Forecasting future benefits is also hard to predict. How businesses and individuals might use datasets in the future to generate new products and services and by implication impact economic growth, is equally unknown".

What we seem to have here is a straightforward guess leveraging several orders of magnitude of hope.

Once again.

Those barriers to entry.

Set them higher.

Meanwhile, you can kind of see a certain hard-headed logic in selling Royal Mail with its PAF intacta.

0
1
D Moss Esq

Barriers to entry – 1

One of the arguments against charging for large-scale access to PAF is that the cost represents a barrier to entry.

That's supposed to be a bad thing. What do we know about barriers to entry? We don't like them.

What's wrong with barriers to entry? They deprive society of the fruits of innovation.

That's the line taken by Stephan Shakespeare in his report, An Independent Review of Public Sector Information.

Mr Shakespeare is the founder and global CEO of YouGov, the polling organisation. As you might imagine, he thinks you can find out the truth by polling people. Looking at health care data, for example, he says: "70% ... of total respondents think that we should make public all that we can about our health care system ...".

Convinced? Are you happy that giving away health care data is the right thing to do because 70% of respondents to a YouGov poll said it is?

Before you make your mind up, consider this.

Mr Shakespeare conducted not one but two polls and 18% of respondents in one poll said they were "highly informed" on data issues and in the other poll that figure was 4%. A fuller conclusion might therefore be this: "Between 82% and 96% of people asked said they didn't know what they were talking about but nevertheless 70% of them think that we should make public all that we can about our health care system so we should".

Sometimes you can't help thinking the barriers to entry should be set a bit higher.

1
1
D Moss Esq

http://www.royalmail.com/postcode-finder

Those rapacious private sector companies, they really know how to exploit us poor innocent consumers. I just took a look at Royal Mail's find-a-postcode site and you know what they told me? "You can still do 50 more [free] searches today." Heartless.

0
0

Nudge Unit flies into Nesta's arms: Is the hype justified?

D Moss Esq

Whaddya mean you've never heard of midata?

We should remember the Behavioural Insights Team's magnificent contribution to the soaraway success of midata, the Department for Business Innovation and Skills initiative to empower the consumer and make the economy grow.

Back in 2012 BIT and BIS jointly published a review of midata and a consultation document. Based on the results of which Whitehall legislated to make compliance statutory.

It is that crucial insight that if you want people to behave in a certain way then passing a law is probably the best way to proceed that NESTA are buying, with money that would otherwise finance mere innovation.

I am often asked about the genealogy of behavioural psychology. There is no doubt that the discipline owes everything to King Canute and his understanding of the behaviour of the sea.

0
0

GOV.UK's criminal record check IT job blow: Home Office snubs new design

D Moss Esq

Re: GDS

"... Also the humility to realise that incumbent civil servants might know something about how complex the requirements really are ... Sadly their default starting position in any conversation I've had with them has always been, "We know how to do this better than you. So, what is it that you do?"

See also:

Frankee Llonnygog @ Thursday 12th December 2013 09:26 GMT: GDS consistently alienate the people they're supposed to be working with. People who know how to build and maintain big systems that cannot be replaced with Rails. GDS walk in with the attitude of "we know how to do your job better than you" and "we know what your requirements are".

and

Anonymous Coward @ Thursday 12th December 2013 17:27 GMT: They are keen to tell their client what to do and pay scant regard to business requirements or needs.

----------

See for example GDS's blog post Submitting to the language of users:

Plain English is mandatory for all of GOV.UK. This means we don’t use formal or long words when easy or short ones will do.

For example, we normally talk about sending something (whether online or in the post), rather than ‘submitting’ it. This is short, clear and unambiguous. It’s also listed in the Plain English Campaign’s A to Z of alternative words.

We’ve recently been working with HMRC on moving VAT content to the ‘mainstream‘ (services and information for citizens and small businesses) part of GOV.UK. In the first draft, we used the plain English ‘sending your VAT return’ across all of this content.

However, our HMRC colleagues felt very strongly that we should change this back to ‘submit’ to match the terminology used on the HMRC website, as this is ‘used frequently and known by VAT businesses’.

GDS were trying to tell HMRC that they shouldn't talk about "submitting a VAT return". In their informed opinion the correct locution is "sending a VAT return".

This must be the very exemplar of prattish inanity.

In what sense can GDS be said to be "helping" HMRC?

The word "submit" is too long and formal, is it? Then how come it occurs several hundred times on GOV.UK? (Enter "submit" in the Search box and start counting.)

0
0
D Moss Esq

Re: GDS (@Julian)

... it ain't GDS's fault that they've got no data ... Their end of the work has met expectations and has been forced to sit there waiting for useful data to be fed into it ...

Your case would be stronger if you gave some examples.

Here is a counter-example.

GDS took part in a so-called "data-mining" exercise to identify eligible voters in GB elections who haven't registered. The exercise was reported on in the Electoral Commission's Data mining pilot – evaluation report July 2013.

GDS were given data by the Student Loans Company (SLC) among others to match against local electoral rolls. According to the Commission: "There seemed to be issues with the addresses on this data being incomplete. Only one pilot area reported usable results for this database and they found that nearly a third of the addresses were quite clearly incomplete. SLC informed us that the addresses they provided to GDS were complete, so it seems that these issues may have arisen in the matching process, although we are unable to say for certain" (p.7).

The Commission's report is a 134-page catalogue of problems like that with GDS being repeatedly criticised for their end of the work not meeting expectations and the exercise was declared a failure: "The findings from this pilot do not justify the national roll out of data mining".

0
0
D Moss Esq

Paging DMossEsq

J Arthur's bellhop couldn't find me on 12 December 2013.

Not surprising. I've been following a punishing schedule of Christmas celebrations.

Was that the day I went for a bicycle ride with Tom Loosemore, Tony Singleton and William Heath? Was it the day Nigel Shadbolt picked me up in his Maserati and, together with Stephan Shakespeare and Craig Belsham, we went for a spin round Cowes in his boat? Or was it the day ex-Guardian man Mike Bracken invited me and a couple of satisfied customers from DWP, HMRC and the Electoral Commission round to Aviation House for a glass of paraquat?

I can't remember.

0
0

UK public auditor, scourge of tax-dodging big biz, hosts its site on ... Amazon

D Moss Esq

I'm no tax expert, so don't ask me how that applies to subsidiaries of Amazon that don't have a presence in the UK

See CFCs, permanent establishment, tax residence, thin capitalisation, every combination of double tax treaty and, as you mention, transfer pricing.

0
0
D Moss Esq

Cloud computing = losing control of your data

The NAO must of course abide by the procurement rules.

Equally, as auditors, they have a duty of care. They must keep their clients' data confidential. Handing that data over to a third party and storing it beyond the jurisdiction of English law makes it hard to guarantee confidentiality.

Next time the NAO want to investigate DWP, or whoever, there might be an objection that the NAO can't guarantee to keep the data revealed to them confidential. DWP, or whoever, might refuse to co-operate with the investigation on that basis, and so contracting with AWS, however indirectly, might mean the NAO can't do its job.

Incidentally, it's not just the NAO of course. Consider, for example, Halarose Ltd, who have contracts with 80 local authorities in the UK to maintain their electoral rolls. Where is the data stored? With AWS, in Ireland. Under who's control?

Search me.

Given that AWS have no – that's no – servers in the UK, how come they're allowed on G-Cloud's CloudStore, where all the customers owe a duty of care to keep our data safe, confidential and under their control?

It's an old saying, a bit of a cliché, but worth repeating – the the only time you're really safe is when CloudStore's down which, recently, has been quite a lot.

2
0
D Moss Esq

... I know you ain't Spartacus

... you is more like an Amazonian astrosurfer, whereas Spartacus was Kirk Douglas (né Issur Danielovitch Demsky) from nowhere near the Amazon.

1
0

IBM thrusts mighty cloud erection at US gov after Amazon beds CIA spies

D Moss Esq

IBM need help ...

... from Stephen Fry, http://www.dmossesq.com/2013/10/cloud-computing-and-sizzling-stephen-fry.html

Only he can provide the historical perspective and the technical grasp of evocon (evolutionary economics) which Amazon so obviously possess and which has eluded IBM in the first 100 years of its existence.

0
0

'I don't trust Microsoft' after NSA disclosures says former privacy chief

D Moss Esq

1. Chapeau bas to Caspar Bowden.

2. Given that most people can't read the Guardian, how can UK awareness be raised?

"As for the secret surveillance agenda, most people in the UK do not seem to care about it, because they lack accurate information in the media about what exactly is happening."

One idea: -

Communications Data Bill

For years, the Home Office have been advocating the Communications Data Bill and the Interception Modernisation Plan before it on the basis that the security services must have the interception tools needed to defend us against terrorism.

The implication was that the security services didn't have these tools.

It now transpires that they do have them.

Which means that the Home Office were deceiving parliament, the media and the public.

That ought to be a story the media would consider running.

Even if they believe that interception is justified the media might at least ask why the Home office been wasting parliamentary time?

http://www.dmossesq.com/2013/07/communications-data-bill-unnecessary.html

1
0

Now we know why UK spooks simply shrugged at SSL encryption

D Moss Esq

Communications Data Bill – why bother?

"In July 2012, Britain's top spook Charles Farr made a rare public appearance: sat across a table from MPs in Parliament, he was quizzed by backbenchers scrutinising Home Secretary Theresa May's widely criticised plan to snoop on Brits' internet connections."

"Theresa May's widely criticised plan to snoop on Brits' internet connections" is the Communications Data Bill. It is widely criticised. The Home Office has put in a lot of hard work trying to get it, and its predecessors, passed into law.

Why bother?

After all, per Edward Snowden, GCHQ already have the technology needed. And William Hague, the Foreign Secretary and political boss of GCHQ, says that their work is perfectly legal. So does Sir Malcolm Rifkind, the Chairman of the Intelligence and Security Committee.

Surely the Bill is redundant.

Why does the Home Office waste all that energy trying to push through an unpopular bill that is unnecessary?

One would genuinely be interested in an answer.

http://www.dmossesq.com/2013/07/communications-data-bill-unnecessary.html

1
0

Tory think tank: Hey, civil servants! Work with startups to save £70bn

D Moss Esq

Sell the sizzle, not the sausage

ElReg readers already know that the Government Digital Service (GDS) is all sizzle, no sausage.

Never mind the lack of sausage, GDS are hard at work selling.

GOV.UK has its awards from the Design Museum and D&AD. That helps. They have the imprimatur of Tim 'Government As A Platform' O'Reilly and Martha Lane Fox, no mean salesman herself. The BBC and the Guardian think GDS are exciting and are providing free PR (http://www.dmossesq.com/2013/06/gds-pr-blitz.html). Well done ex-Guardian man Mike Bracken and ex-BBC man Tom Loosemore.

And now the Times have joined in (http://www.dmossesq.com/2013/08/toe-curling-gds-pr-blitz.html). And Policy Exchange. How did that happen?

It is inconceivable that GDS could have gained the support of Policy Exchange while Charles Moore ran it. But he handed over the reins years ago to Danny-now-Lord Finkelstein, a different kettle of fish altogether, whose gib is cut the other way and who luckily is very senior at the Times.

This is soap opera, of course, but then who buys the sizzle? Individuals. Individuals with personal preferences. Individuals not necessarily endowed with the skills or the will to examine the effectiveness of an IT department.

It's all a bit depressing but there is the occasional laugh. Like the Tweet from ex-Conservative Home editor Tim Montgomerie, hired by Danny-now-Lord Finkelstein to write SDP opinion pieces. Mr Montgomerie is a bit of a sizzle aficionado and in his opinion (https://twitter.com/TimMontgomerie/statuses/309258485252636673): "One of the outstanding successes of this Coalition is likely to be its digital strategy http://twitter.com/Policy_Exchange/status/309257138381938688".

0
0

Verizon, Experian and pals bag £25m to inspect Brits' identities for UK gov

D Moss Esq

Re: Before you slag them all off..

"MyDex are all about helping people to own and be gatekeepers to their personal data. Most Reg readers would like Mydex."

Why do you say that?

(Background, http://www.dmossesq.com/2012/11/identity-assurance-only-future-is.html)

2
0

Ha ha, Osborne, these Gov 2.0 web wranglers have wiped out UK debt

D Moss Esq

How journalism works – Re: That Times article ...

If you enter "rachel sylvester" and "i am told" into the Times search box and hit enter you get 39 hits. That's 39 separate articles in which she has used the phrase.

I suggested to Private Eye once that they start a new column, "Eye am told". No dice.

0
0
D Moss Esq

GOV.UK is not Government on the Internet, but of the Internet

Not my words. The words of ex-Guardian man Mike Bracken, executive director of the Government Digital Service and senior responsible owner of the pan-government but non-existent identity assurance programme. And he's right. You commentards just have to be more agile, http://www.dmossesq.com/2012/10/govuk-is-not-government-on-internet-but.html

As for worrying about statistics being accurate, how old-fashioned can you get? Just ask Stephan Shakespeare, the founder of YouGov who has been inexplicably asked to devise a national data strategy, https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/198752/13-744-shakespeare-review-of-public-sector-information.pdf – search on "publish early even if imperfect" and you will see the way.

1
0

Mobile location data identifies individuals

D Moss Esq

Re: location markers

"... unless people actually, y'know, do the science, you never know which bits of obviousness are actually true ..."

Quite right.

What's a phone? An IMEI? A phone no.? Sometimes you use someone else's phone. Sometimes someone else uses your phone.

A discipline will develop stitching the patchy record together over the years, over the IMEIs, over the phone no.s, excluding the other people's use of one phone, including the use of other phones, into one person.

It will have to.

Because there will still be a job to do, creating new identities, e.g. for ambassadors travelling under a false identity or people in witness protection programmes. The location identity created for them will have to look realistically patchy.

From my misspent youth, Dematerialised ID, May 2003, http://dematerialisedid.com/BCSL/29%20May%202003.pdf pp.31-3, §4.9.

1
0

Stop excluding vulnerable Brits from digital agenda - MPs

D Moss Esq

DWP using same PR agency as HMV?

"... the [Universal Credit] project has been repeatedly hampered by a perceived IT management crisis that the DWP has strongly denied."

Not so long ago, HMV strongly denied that they faced any trading problems.

http://www.dmossesq.com/2013/03/universal-credit-tricky-confinement.html

1
0

Berners-Lee says snoop law could see spies blackmail soldiers

D Moss Esq

Pari passu

TBL "cannot imagine a perfect security regime" for the government snoopbase. Neither can anyone else. So the Department for Business Innovation and Skills (BIS) midata project is a no-no since it requires us all to store our personal data on a personal snoopbase or PDS (Personal Data Store).

TBL says that "the surprisingly-accurate advertisements served to users of social media websites ... represent a privacy threat to many internet users". Too right. So the BIS midata project is a no-no since the whole point is make the economy grow by targeting adverts more accurately.

What do BIS have to say about TBL's comments? http://search.theregister.co.uk/?q=midata

And what does TBL think about the UK's eight "identity providers", our official snoop facilitators? http://search.theregister.co.uk/?q=identity+assurance

2
0

UK.gov: You didn't trust us with your ID, so we gave it to private biz

D Moss Esq

Round II promises to be very busy

Census – Francis Maude speaking at the ICO conference in March 2012 promised a new way of doing the census in 2021. There can be no suggestion that the census would constitute a single national identity register. http://www.cabinetoffice.gov.uk/news/information-commissioners-conference-francis-maude-keynote-speech

Electoral roll – June 2011 Individual Electoral Registration Bill promises a new way of compiling the electoral roll, including data-sharing across government departments to check for completeness. Associated impact assessment notes that this data-sharing is illegal. Copies of the electoral rolls compiled constituency-by-constituency would all be stored unedited with the credit referencing agencies. There can be no suggestion that this electoral roll would constitute a single national identity register. http://www.cabinetoffice.gov.uk/sites/default/files/resources/individual-electoral-reform-impact-assessment.pdf

Personal Data Stores (PDSs) – July 2012 midata review of midata and consultation introduces concept of everyone having one or more PDSs, files which identify you and include unlimited transaction data stored with a trusted third party in the cloud. The cloud isn't safe. The web isn't safe. Why trust the third parties? Why concentrate a lot of data about yourself in one place? Breaks all the rules of cybersecurity advocated by the Department for Business Innovation and Skills (BIS). But BIS want you to have a PDS because it will "empower" you. The only supplier of PDSs they ever mention is Mydex, whose chairman sits on the midata advisory board at BIS. And the Government Digital Service (GDS) want you to have a PDS because it will allow you to verify your identity when you access public services. GDS have appointed seven "identity providers", one of them being Mydex. All part of GDS's Identity Assurance Programme (IDAP). GDS are part of the Cabinet Office. Another part of the Cabinet Office is responsible for cybersecurity. They warn individuals and businesses to beware of the web. £10 million of the £650 million cybersecurity budget was used to fund IDAP. No doubt it all makes sense and the suggestion of inconsistency is frivolous. https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/32687/12-943-midata-2012-review-and-consultation.pdf

4
0

Is it all over for UK.gov's G-Cloud 3.0? A footnote in history awaits

D Moss Esq

Remember what a good job Bill Crothers did at IPS on the ID cards scheme ...

... G-Cloud in safe hands, UK in safe hands

1
0
D Moss Esq

Soory to say but Chris Chant on Twitter not impressed

https://twitter.com/cantwaitogo

0
0
D Moss Esq

Not all small suppliers have trouble getting listed -- Skyscape, for example

Skyscape Cloud Services Ltd have only £1,000 of share capital, all owned by one man, but they got onto the Mr Crothers's G-Store and they're now due to host ex-Guardian man Mike Bracken's https://GOV.UK and Phil Pavitt's HMRC local office data. If they got past Mr Crothers's stringent procurement tests surely anyone can.

http://www.dmossesq.com/2012/11/hmrc-skyscape-and-2nd-response-from.html

0
0

ID providers signed for Blighty's One Dole To Rule Them All plan

D Moss Esq

Re: That's quite the amazing government press release

"So that eight party they haven't quite announced yet is facebook? Or at least google? Some party we've at least heard of? No?"

No idea.

We could try being logical about it. The system has to be "operational" for 21 million people "from Spring 2013", see notice in OJEU,

http://ted.europa.eu/udl?uri=TED:NOTICE:68791-2012:TEXT:EN:HTML&src=0.

Where are you going to register 21 million people?

You need a national network of premises. Bank branches (RBS and Lloyds)? Retailers (Tesco and Sainsbury's)?

But there's only £25 million on the table to do the job, so why be logical?

(Incidentally, do you notice something? No biometrics.)

0
0
D Moss Esq

Re: Ah, the out-sourced ID card

It's not an ID card, I tell you, it's a personal data store, a PDS, when will you get this into your head?

And why can't you tell the good news? With identity providers, now, at last, everyone will have their own ... nanny.

Now brush your teeth.

http://www.dmossesq.com/2012/11/identity-providers-electronic-mary.html

2
0

Axe falls on Directgov as GOV.UK launches

D Moss Esq

Akamai 1 - 0 Skyscape

Enter nslookup www.gov.uk and back comes the answer:

Non-authoritative answer:

Name: e6453.b.akamaiedge.net

Address: 2.23.20.23

Aliases: www.gov.uk

www.gov.uk.edgekey.net

Check up with RIPE on that 2.23.20.23 address and you get:

inetnum: 2.23.16.0 - 2.23.31.255

netname: AKAMAI-PA

descr: Akamai Technologies

country: EU

admin-c: NARA1-RIPE

tech-c: NARA1-RIPE

status: ASSIGNED PA

mnt-by: AKAM1-RIPE-MNT

mnt-routes: AKAM1-RIPE-MNT

mnt-routes: CW-EUROPE-GSOC

source: RIPE #Filtered

Things are looking good for the Akamai theory and not so good for Skyscape.

1
0
D Moss Esq

Re: GOV.UK + IdA + G-Cloud + midata + ... + NSTIC - Government Gateway

I dug on www.gov.uk and got a poor user experience:

QUOTE

What are you looking for?

Sorry, but there are no results for 'akamai'

Please try

Searching again using different words

Browsing from the GOV.UK home page

Visiting the support pages if you need more assistance

UNQUOTE

Using Google found a few thousand references to Skyscape and GOV.UK including this one

http://www.computerworlduk.com/news/public-sector/3404042/hosting-govuk-in-the-cloud-to-cost-gds-record-breaking-600000/?intcmp=rel_articles;pblc-sctr;link_1

QUOTE

Hosting GOV.UK in the cloud to cost GDS record-breaking £600,000

Government Digital Service signed a deal with Skyscape last month

By Derek du Preez | Computerworld UK | Published 10:29, 10 October 12

The Government Digital Service’s (GDS) infrastructure-as-a-service (IaaS) deal with Skyscape to host single domain website GOV.UK, which was procured through the G-Cloud, is worth an estimated £600,000.

Denise McDonagh, G-Cloud programme director, revealed the figure in an article for the Financial Times, where she said that the deal is the biggest sale to date from CloudStore and is “an important milestone for G-Cloud, showing that the public sector is ready to embrace low-cost utility cloud services”.

UNQUOTE

The meaning seems pretty clear. From what you say, Mr Newton, these claims are simply false and GOV.UK is after all not being hosted on Skyscape.

Is this possible?

0
0
D Moss Esq

Re: GOV.UK + IdA + G-Cloud + midata + ... + NSTIC - Government Gateway

Akamai? Maybe they've disintegrated?

Mr Newton, I am as mystifyied as you, please explain the following:

http://digital.cabinetoffice.gov.uk/2012/09/18/introducing-a-new-supplier-skyscape/

QUOTE

Government Digital Service

Introducing a new supplier (Skyscape)

by Mark O'Neill on 18/09/2012

... To meet the needs of GOV.UK, we are planning to work with a number of different Infrastructure as a Service providers. We are happy to announce that the first cloud hosting provider we are working with is Skyscape.

UNQUOTE

also

http://gcloud.civilservice.gov.uk/2012/09/18/first-iaas-purchase-completed/

QUOTE

HM Government | G-Cloud

.gov.uk hosting bought through G-Cloud

Posted on September 18, 2012 by Eleanor Stewart

We’re really pleased to be able to announce the first major sale of Infrastructure As A Service. Government Digital Service have signed a contract with Skyscape for:

1) Compute as a service

2) Compute as a service (test & development)

3) Storage as a service

This is all intended to support the exciting work they’re doing on .gov.uk to revolutionise the way citizens access information and services online.

UNQUOTE

0
0
D Moss Esq

GOV.UK + IdA + G-Cloud + midata + ... + NSTIC - Government Gateway

Savings? Improving the user experience? Those are the issues Messrs Bracken and Maude might like to restrict us to in our discussion. But there are a few more:-

1. You can't deliver public services on-line if you can't identity the users. GOV.UK needs IdA, identity assurance, major announcement due next Monday, or read leaks to the Independent,

http://www.independent.co.uk/news/uk/politics/national-virtual-id-card-scheme-set-for-launch-is-there-anything-that-could-possibly-go-wrong-8196543.html

2.1 GOV.UK is being hosted in the cloud by a one-man company, Skyscape Cloud Services Ltd. Bit small?

2.2 GOV.UK is being hosted in the cloud. Loss of control over data, staff, costs ...

3. Identity assurance relying on Facebook, Google, Twitter accounts may not be quite as reliable as the identity assurance offered by the Government Gateway but the Gateway's going anyway and soon Facebook and the others will have become part of the British Constitution. Not mentioned in Francis Maude's blog post but nevertheless the case.

4. The Enterprise and Regulatory Reform Bill continues to meander through Parliament and, if it gets through, we will all have PDSs (personal data stores). PDSs are the foundation on which midata is built but, again, mysteriously, they make no appearance in Mr Maude's missive.

5. It is tempting to say that ex-Guardian man Mike Bracken is over-fond of Google and will do anything to further its interests including giving it the UK to play with, a power apparently in his remit. Tempting, but wrong, because what he really loves is Estonia. GOV.UK is his way of making the UK just a little bit more Estonian,

http://www.dmossesq.com/2012/05/francis-maude-seeks-future-in-estonia.html

6. ...

They go up to 17,

http://www.dmossesq.com/2012/10/press-release-govukdigital-by-default.html

0
0
D Moss Esq

The savings are for me, the costs are for you

"A taxpayer service that saves taxpayer money... Hmm".

There may be savings. We may find out when we see the audited accounts. But wherefrom comes the touching belief that these savings will be enjoyed by taxpayers?

Go back to the Bible, Martha Lane Fox's 10-page letter to Francis Maude, and you will read:

"I recommend that any savings from the reduction in duplication should remain in departments, once transition costs and ongoing funding for the new central team have been taken into account".

http://www.cabinetoffice.gov.uk/sites/default/files/resources/Martha%20Lane%20Fox's%20letter%20to%20Francis%20Maude%2014th%20Oct%202010.pdf

2
0

Page: