* Posts by D Moss Esq

181 posts • joined 19 Jun 2009

Page:

Warning flags were raised over GDS farm payments system – yet it still failed

D Moss Esq

Kainos

Some of the rural payments problems are put down to the users. Too old, not computer-literate, these farmers, and they live in the countryside, where broadband speeds are low.

That seems fair.

Others are laid at the door of Kainos, who provided the graphics software for mapping. And which prize did they win at Digital Leaders 100 yesterday? Industry Digital Leader of the Year.

0
0
D Moss Esq

Quiz

Who said:

I go weekly now. I go to the meeting of the Common Agricultural Policy Reform Group. It's the RPA. It's the Rural Payments Agency.

Why I'm so excited about that is because they've embraced agile completely. They're going with an agile build out of a whole new programme. That's going to affect everyone in this country, and how they deal with land management, all the farmers, all the people who deal with crops, all the data. It's going to create, I think, a data industry around some of that data.

It's going to help us deal with Europe in a different way, and quite rightly we're building it as a platform. It's going to be another example of government as a platform.

I'm on the Board, and I'm trying to help them every week, and GDS will be working very closely with them to deliver that.

Answer

0
0

Nosy Brit cops demand access to comms data EVERY TWO MINUTES

D Moss Esq

If dinosaurs had got any bigger ...

... so we are told, when they stubbed their toe it would be a week before the signal reached their brain and they experienced pain.

20 December 2002, you will remember, as if it were only yesterday, is when the BBC reported Phone firms 'flooded' by crime checks:

Almost half a million inquiries are made to the firms every year by police and customs officers, the BBC has learned.

That's about one inquiry per minute. 14½ years later, the "worrywarts" have got the number wrong and they've forgotten about HMRC.

Not all the dinosaurs were wiped out when that comet landed in the Gulf of Mexico.

7
0

GDS to handle Govt payments? What could possibly go wrong?

D Moss Esq

Re: The Busines Case?

You will find the business case set out with admirable clarity by Mark Thompson, a public services consultant, in What is government as a platform and how do we achieve it?.

It all depends on the location of the digital profile of Payments on the Certainty-Ubiquity surface.

Providing a single pan-government Payments platform will unleash "unprecedented innovation, efficiency, and savings":

There are lots of discussion going on at the moment about digital “platforms”, and the impact they might have on UK public services. A rough and ready calculation suggests such an approach could save the UK £35bn each year – but the jury is still out on how best to go about making it happen.

0
0

G Cloud 6? No, not for us, say hundreds of suppliers

D Moss Esq

For the avoidance of doubt ...

G-Cloud sales figures are always quoted from inception. They are the total turnover since 1 April 2012, when G-Cloud opened for business over three years ago. £431 million may sound quite good if you think that's sales to date this year. But it's actually the value of public sector sales in 37 months.

0
0

After #Election2015: How can we save Big Data?

D Moss Esq

Downvoted for missing the obvious point that if only our new Chief Data Officer had been appointed earlier the pollsters could have been scrummed into shape.

0
0
D Moss Esq

According to Wikipedia ...

... Nate was hatched from an egg at the Sea Life Centre in Weymouth, England, then moved to a tank at one of the chain's centres at Oberhausen in Germany. His name derives from the title of a poem by the German children's writer Boy Lornsen: Der Tintenfisch Nate Silver.

According to Sea Life's entertainment director, Daniel Fey, Nate demonstrated intelligence early in life: "There was something about the way he looked at our visitors when they came close to the tank. It was so unusual, so we tried to find out what his special talents were."

1
0

Scot Nationalists' march on Westminster may be GOOD for UK IT

D Moss Esq

Next stop Venezuela

No mention of the Scottish financial sector? It's huge and it would emigrate within 24 hours of independence. Don't believe that? Take a look at the oil sector. Prices are down, exploration has stopped and extraction and refining are fast grinding to a halt.

The Scots are sensible people. They will not vote for independence.

Which leaves Alex Salmond and Nicola Sturgeon in a more precarious negotiating position than the media suggest. They pretend now to advocate the merits of socialism which have done so much for life expectancy in Glasgow.

Will Salmond and Sturgeon stand on a "next stop Venezuela" ticket?

No. They're too sensible. See above.

They'll do the best they can by their constituents. Which is as it should be. And that's it.

2
4

VOTERS! This Election: Vote #Smart, Vote #Digital

D Moss Esq

More ¡Bong! for our $buck$

A public service consultant writes:

The inescapable DNA of a digitally-enabled public service model is a set of clean, agreed, and common capabilities, distilled and evolved from the currently duplicated and siloed functions, processes, roles and even organisations that exist across government.

Why can't we have more like that in ¿ElReg?

0
0

How Groucho Marx lost his voice and found his funny bone

D Moss Esq

Don't let's forget Mae West ...

... and WC Fields

0
0
D Moss Esq

Re: I have to say

The Big Store was dreadful?

Oh come on.

"Shoot the talcum to me, Malcolm"?

"The bassinet with a built-in lullaby", 40 years before Victoria Wood's "sockette with a built-in wolf whistle"?

1
0

Bruce Schneier's Data and Goliath – solution or part of the problem?

D Moss Esq

Brave man, Andrew, tackling this subject.

Relax, I shall make no original contribution, I promise. I can't.

Roger Scruton can: "... the shared assumption was that rights are liberties. They are there to protect the individual against oppression, and especially oppression wielded by the clergy, the sovereign or the state. Their existence is fundamental to anything that we could call government by consent, and they capture the essence of the political process as we, in the West, have since conceived it – namely as a device for protecting the individual against the group".

Inventing the Individual: The Origins of Western Liberalism by Larry Siedentop – that might help, I can't claim to have read it, but my friend Scott reviewed it.

All very elevated. Back here down on terror firmer, what do we get?

A person is a set of entitlements. Or a set of credentials. Or a fingerprint. Or a mobile phone with a lot of digital certificates and an associated location history. Or, GOV.UK Verify, a person is a credit history.

That, or the Mydex/Ctrl-Shift idea, that a person is a quantified self represented on-line by his or her 100% guaranteed hyper-secure personal data store. That quantified self can have rational decisions made for it by utilitarian apps which process the data in the PDS. Never mind the Enlightenment. Back to the ancient Greeks, when people were pawns in the Titans'/Gods' game of chess.

Just saying ...

1
1

UK now part of another Euro data-spaff scheme

D Moss Esq

Who told you that?

The UK has hitherto not been extended access to the SIS II as it is not part of the Schengen free movement area. However, as of April 13 it is now allowed to use the SIS within the context of police and judicial cooperation, though not in relation to external border policy.

Re SIS I: "The UK was given access to sensitive information on criminal and policing matters held on the Schengen Information System, an EU-wide directory, in 2000, but there have been repeated technical problems".

Re SIS II, I was told at a meeting at the Home Office on 23 February 2010 that the UK should be able to use it from 2012.

Interpol weren't impressed with UK border control in 2004. Or 2007.

Raytheon didn't help.

The problems lie in the UK Border Force. Not the EU.

5
0

Instead of public sector non-jobbery, Martha, how about creating REAL entrepreneurs?

D Moss Esq

Let's get our duck in a row

Tim Worstall: She walked away to join a couple of resolutely non-digital boards, signed up for a couple of quangos and that was it. The quangos led to the government tsar bit, which in turn led to the peerage and now has led to... umm, well, a committee to tell people to be digital, I think.

Is it any wonder that we're not creating serial entrepreneurs when that's the preferred career path for those who could be one, to have one success and then aim for the tiara, not the next big thing?

I think you're wrong about British entrepreneurs but that's irrelevant as MLF isn't an entrepreneur, is she. She's a salesman. She's a motivational speaker. But not an entrepreneur.

0
0

Home Office awards Raytheon £150m over e-borders cancellation

D Moss Esq

£150 million?

We could have bought 150 modern, mature and powerful Tomahawk Cruise missiles for that.

0
0

Ark scoops £700m to host ALL UK.gov's data centre needs

D Moss Esq

ARK & Skyscape

Take another look at those directors – stuffed to the gills with the usual suspects: G-Cloud, GDS, HMRC and Skyscape, the company with just one director, who owns all the shares – Whitehall SNAFU

Then take a look at the original plans for G-Cloud – efficient, consolidated, centralised, trusted, green: G-Cloud Overview

Remember that Skyscape claim to have picked up 50% of all G-Cloud business – they're no longer an SME: Skyscape – the Surprise as a Service company

What does that add up to?

It's not clear, especially with this latest revelation that the Cabinet Office have taken a 25 percent stake in ARK, but it doesn't add up to central government outsourcing to the private sector, especially SMEs, while taking advantage of the cloud with its mythically low costs (practically free), magically releasing billions to be spent on cakes, bunting and post-it notes for GDS's walls.

1
0

MPs 'alarmed' by millions of mugshots on Brit cops' databases

D Moss Esq

The appropriate response? Mockery

No-one who gave evidence to the House of Commons Science and Technology Committee's enquiry into biometrics said that mass consumer biometrics work. No statistics were put forward to measure how reliable this technology is.

Many witnesses went out of their way to say how unreliable mass consumer biometrics are. Not least the police themselves – "the technology is not yet at the maturity where it could be deployed", says Chief Constable Chris Sims at para.95 speaking for the Association of Chief Police Officers about face recognition.

There's no need to be alarmed by the deployment of a technology that doesn't work. It is more appropriate, surely, to mock the deployers, in this case the police, for wasting their time deploying it. You could also be angry that they are wasting their time. And our money. But not alarmed.

Chief Constable Sims is also quoted as saying that he is "not aware of forces using facial image software at the moment". Are we to believe that the police have gone to all the trouble of uploading 12 million+ faces onto their national database but they aren't using them? If so – and that's what the Chief Constable says – then cue more mockery.

Mockery or fury at the waste of time and money and the absence of logic. But not alarm. Alarm suggests that you think the technology works. Even the police don't say that. They say the opposite. It doesn't work. All you do by expressing alarm is to help the salesmen to sell this flaky technology. "Why would all these cowardly children with something to hide be alarmed", the salesmen may ask a prospective credulous customer, "if the technology doesn't work?".

There is plenty of room to be angry at the police for ignoring the High Court for 2 1/2 years. No room for alarm. And otherwise just wall-to-wall mockery at the twits for buying this rubbish and pretending that they are thereby doing something in the interests of crime prevention/detection.

0
0

Give biometrics the FINGER: Horror tales from the ENCRYPT

D Moss Esq

Wishful thinking as a platform

The House of Commons Science and Technology Committee published its report yesterday, Current and future uses of biometric data and technologies.

Drugs companies have to undertake extensive trials before letting their products loose on people and ditto aircraft manufacturers.

But not biometrics systems suppliers (para.54):

When biometric systems are employed by the state in ways that impact upon citizens’ civil liberties, it is imperative that they are accurate and dependable. Rigorous testing and evaluation must therefore be undertaken prior to, and after, deployment, and details of performance levels published. It is highly regrettable that testing of the ‘facial matching technology’ employed by the police does not appear to have occurred prior to the searchable national database of custody photographs going live. While we recognise that testing biometric systems is both technically challenging and expensive, this does not mean it can be neglected.

The deployment of mass consumer biometrics without first establishing that the technology is reliable is not scientific, businesslike or responsible. It is wishful thinking.

It is wishful thinking when it comes to biometrics based on face recognition and on all the other candidate modalities, including flat fingerprints.

The Science and Technology Committee made that point in July 2006. Here they are making it again, nearly nine years later. There has been no progress in between.

0
0

US Senators hope to crack down on the trade of private information

D Moss Esq

Nothing to do with the UK. No, wait ...

One company that will be following the progress of the DATA Act with interest is Experian, the credit referencing agency and data broker which unwittingly sold personal data to a crook for nine months until the US Secret Service told them about it, please see KrebsOnSecurity.

Experian were hauled over the coals by Senator Rockefeller's Committee on Commerce, Science, & Transportation on 18 December 2013. He put them on notice then. And now, good as his word, here's the DATA Act.

So what? Nothing to do with us here in the UK, surely.

But Experian are an "identity provider" to the UK Government Digital Service's Identity Assurance scheme, now officially known as GOV.UK Verify (RIP): "GOV.UK Verify is the new way for you to prove who you are online, so you can use services on GOV.UK safely". It wasn't very safe in the US. How safe is it in the UK?

Collecting personal data and then selling it is the business of all sorts of organisations. Take Verizon, for example.

You probably think of Verizon as a telco. That's not how they think of themselves: "Ultimately, we don’t see ourselves as a data provider; we see ourselves as an ad platform that helps brands and consumers connect".

Verizon, like Experian, are "identity providers" to GOV.UK Verify (RIP). If you use that system via Verizon, are you safely proving on-line that you are who you say you are? Or are you helping Verizon to connect you with brands?

4
0

EU governments are CRAP at cloud, moans Brussels' infosec watchdog

D Moss Esq

ENISA's consistent message

This latest report of ENISA's refers to their earlier one, January 2011, Security & Resilience in Governmental clouds, on p.8 of which they say about cloud compting: "its adoption should be limited to non-sensitive or non critical applications and in the context of a defined strategy for cloud adoption which should include a clear exit strategy".

They can hardly be surprised that many EU governments have, very sensibly, on ENISA's own recommendation, proceeded slowly.

The surprise, as noted by earlier commenters, is that so many EU governments, the UK included, have put sensitive and critical applications in the cloud with no known exit strategy – HMRC, the Home Office, the Ministry of Defence and the Government Digital Service, to name but a few – often with one-man companies like Skyscape.

0
0

UK.gov shuns IT support tower model. Now what the hell do we do?

D Moss Esq
2
0

EU ministers hold Big Meeting on Big Data. But how will they get you to hand it over?

D Moss Esq

"... how will they get you to hand it over?"

The standard answers include:

1. National security. You want to be safe? Give us your data. Ref. Communications Data Bill and Edward Snowden.

2. Money. You want to be rich? Give us your data? Ref. Stephan Shakespeare and Nigel Shadbolt, who appear to believe that open data causes innovation.

3. Health. You want to be well? Give us your data. Ref. Tim Kelsey and care.data.

4. Social responsibility. You want to pay your debt to society that provides you with public services? Give us your data. Tim Kelsey and care.data again.

5. Tax justice. You want everyone to pay the tax they owe? Give us your data. Ref. David Gauke and the G8 initiative on tax-dodging, see HSBC passim.

6. Paedophiles. You want to eradicate paedophilia? Give us your data. Ref. David Cameron and Anonymous.

After a while you get the idea that all good things come from open data.

There might be a lingering question whether the government could have access to all data and yet still somehow fail to maintain security, expand the economy, etc ... The Child Support Agency, for example, had unrestricted access to all data on its parishioners and yet still succeeded in multiplying their misery.

0
0

Inside GOV.UK: 'CHAOS' and 'NIGHTMARE' as trendy Cabinet Office wrecked govt websites

D Moss Esq

GDS's response to criticism

"... in the information technology age, a government website really matters" – so said Liz Fisher of the UK Constitutional Law Association on 9 May 2013 at the end of a blog post about GOV.UK, which she found to be flippant.

There was no response to her criticisms from GDS. The party line, laid down on 19 July 2012 was: "Not feeding trolls is the biggest sign of the strength of our culture".

That hasn't changed, 18 February 2015: "Colleagues, not feeding trolls continues to be sound advice".

So much for understanding just how much the government website really matters.

1
1

Blighty quietly signs deal to read giant EU border control database

D Moss Esq

It seems like only six years ago ...

... that we read in the Observer:

Britain's police forces are still unable to use a pan-European database of criminals, prompting warnings that this could hinder their ability to track terror suspects entering Europe ahead of the Olympics.

The UK was given access to sensitive information on criminal and policing matters held on the Schengen Information System, an EU-wide directory, in 2000, but there have been repeated technical problems ...

Experts say the database could form a powerful weapon in the fight against crime and terrorism. In the past, Home Office officials have said that connecting British forces to the system had proved impossible due to technical difficulties and "acts of God", such as a fire that destroyed vital IT equipment.

How time flies.

Faster and faster.

The Guardian reported in July 2007 that:

Interpol said last night that the UK makes just 50 checks a month of the database; France by comparison makes 700,000 checks and Switzerland makes 300,000 ...

Mr Noble [the head of Interpol] said that Gordon Brown's promise last week to share a list of potential terrorists with other countries had yet to materialize. "British citizens might be surprised to find that this watch list announced by your prime minister last week has not been sent to Interpol," he said. "Why is it that some countries make sure passengers do not carry a bottle of spring water on to a plane, yet aren't careful to ensure convicted felons aren't entering their borders with stolen passports?"

And it was just over 10 years ago in December 2004 when the BBC told us that Interpol had complained that passport numbers aren't checked on entry to the UK – Interpol has a database of 5 million stolen passports, the EU has a database of 10 million lost and stolen passports and the UK doesn't check people on entry against either of them.

Border security has been away from the UK on a long eOdyssey. Will it really come home on 13.4.15?

1
0

Breaking news: BBC FINALLY spots millions of mugshots on cop database

D Moss Esq

Double whammy black eye for the police

QUOTE

MacGregor told the Beeb last night that there were "grounds for doubts" about the reliability of facial recognition tech.

UNQUOTE

Quite right.

There's lots of evidence that the technology doesn't work, – http://www.theregister.co.uk/2009/08/14/biometric_id_delusion/ – and no evidence that it does.

Not just an invasion of privacy but also a waste of money. The police may want to be seen to be "doing something" but this is a double whammy black eye and not a feather in the cap at all (Catch-22).

13
1

'Success'? Verify FAILED for 40% in self-assess tax trial

D Moss Esq

Here's one you can try at home

Of the five identity providers that have signed a contract with the GDS, only Experian and Dutch identity management firm Digidentity have so far won accreditation.

That's what GDS keep saying but it's not true.

Accreditation is awarded by tScheme.

tScheme's list of approved services for GOV.UK Verify lists Experian only. That's one "identity provider" that has so far won accreditation, and not two.

Digidentity still appear on tScheme's list of registered applicants, along with Mydex, the Post Office and Verizon. They're all in the same boat. The unaccredited boat, not yet certified trustworthy.

These five "identity providers" applied under the old framework for GOV.UK Verify. When the new framework comes in, they'll all have to start again – the new service will start with no certified "identity providers". Or two of them, as GDS will probably say.

1
0

Peers warn against rushing 'enhanced' DATA SLURP powers through Parliament

D Moss Esq

Wake up and smell the camphor

ElReg says: "The Tories have steadfastly stuck to its plans to reboot its mothballed Communications Data Bill, colloquially dubbed a Snoopers' Charter, if it returns to government after the General Election in May".

The Daily Telegraph says: "The Prime Minister said that the Security Services would be given the powers to read all messages sent over the internet, if the Conservatives win May’s general election".

Funnily enough, the Communications Data Bill said: "Nothing in these proposals will authorise the interception of the content of a communication. Nor will it require the collection of all internet data, which would be neither feasible, necessary nor proportionate" (please see Introduction, p.2).

Not proportionate. Not necessary. And not even feasible.

0
0

Must diarise: UK.gov Verify ID system will 'definitely' work by 2016

D Moss Esq

Digidentitywise, GDS are breaking their own rules

What were previously known in the science fiction/fantasy world of GDS as "identity providers" are now known as "certified companies".

All certified companies are certified by tScheme.

That's the rule.

Without that, they're not certified.

tScheme maintains a list of approved services, http://www.tscheme.org/directory/appserv.html

Digidentity are not on the list.

tScheme also maintains a list of registered applicants, http://www.tscheme.org/directory/appserv.html

That's the list with Digidentity on it.

They've applied for tScheme's seal of trust but they haven't been granted it yet.

1
0

What should America turn to for web advice? That's right: GOV.UK – says ex-Obama IT guru

D Moss Esq

This is the example an "ex-Obama IT guru" recommends for the US?

1. The UK Constitutional Law Association certainly weren't too impressed at the advent of GOV.UK.

2. There was some internal dissent on the GOV.UK development project, please see this blog post by the brilliant Jeni Tennison. (Brilliant? She produced this – a genuine example to follow.) How was that internal dissent handled? She became external. She left and is now at the Open Data Institute.

3. Who doesn't wish they'd been a fly on the wall at the offices of Her Majesty's Revenue and Customs when the crack team of experts from GOV.UK arrived with the future in their hands and told the taxmen they couldn't ask people to "submit" VAT returns any more (Value Added Tax/Sales Tax). "Submit" is too long and formal apparently and in future people will simply "send" their VAT returns.

4. And now there are hints that GOV.UK will be the model for all local government websites in the UK as well. Consolidate. Centralise. Standardise. States' rights? There's a model to follow.

0
0
D Moss Esq

Re: Where should America turn for advice? Not GDS. Not if it's the truth you're after

Thank you very much for your fast response tweaking. Very impressive.

2
0
D Moss Esq

Re: Where should America turn for advice? Not GDS. Not if it's the truth you're after

Yes, I thought her picture looked funny when I tweeted her just now. Then it occurred to me that maybe ...

1
0
D Moss Esq

Where should America turn for advice? Not GDS. Not if it's the truth you're after

She show the audience a table showing the cost and reach of the new GOV.UK website which replaced the old Direct.gov.uk (as well as numerous other services run by different government departments).

That seems like as good a place to start as any.

Miss McCarthy has been misled. So has Miss Pahlka. Certainly it says on https://www.gov.uk that "this website replaces Directgov and Business Link". But that's not true. It didn't replace these two websites two years ago when GOV.UK was launched and it still hasn't today.

It's safe to try this at home.

Start at GOV.UK, search for "jobseekers allowance", click on "claim Jobseeker’s Allowance (JSA) online" and you're taken straight to Directgov. Ditto if you try to log in to "universal jobmatch". Or try applying for a provisional driving licence.

Directgov is still there and so is Business Link. Search for "contracts finder" on GOV.UK, click on "start now" and you'll find yourself on https://online.contractsfinder.businesslink.gov.uk/.

GOV.UK "replaces Directgov and Business Link"? That is just one claim made by GDS, the UK's Government Digital Service, which is not to be trusted.

The same goes for GDS's claim that digital transformation has saved £10 billion or 4% of the UK gross domestic product. £10 billion is only 0.6% of UK GDP. Most money has been saved by laying off staff or negotiating better prices from suppliers. The saving attributed to GDS is only 0.0138% of UK GDP.

That 4% claim was made by GDS at Ms Pahlka's Code for America Summit 2013. She was misled. And now she has misled Ms McCarthy, no doubt inadvertently. And now Ms McCarthy is misleading her readers.

But before this falsehood is passed on into folklore as an unquestioned truth, let's nip it in the bud, shall we.

And let's try to correct the impression anyone at the CfA Summit might have got that GDS was already operating an identity assurance scheme (IDA) for 45 million Brits. It wasn't then and it still isn't.

IDA has already taken longer to develop than the much-maligned US Healthcare system and, despite all the fashionable agile development methodologies being used, it still doesn't exist.

4
0

You think the CLOUD's insecure? It's BETTER than UK.GOV's DATA CENTRES

D Moss Esq

Spooky

Some time back, ElReg carried an important medical report, Wacky 'baccy making a hash of FBI infosec recruitment efforts. The science is hard to follow but you don't think, do you, that the same problem now affects our own dear Cabinet Office?

0
0
D Moss Esq

It's beyond the power of FTSE-100 companies ...

Who can forget that 5 September 2012 press release issued jointly by BIS and the Cabinet Office (prop. F. Maude) Business leaders urged to step up response to cyber threats? That's when they wheeled in Sir Iain Lobban, the Director of GCHQ at the time, to tell the assembled chairmen of the UK's top 100 companies that they were no good at cybersecurity.

Every day, all around the world, thousands of IT systems are compromised. Some are attacked purely for the kudos of doing so, others for political motives, but most commonly they are attacked to steal money or commercial secrets. My experience suggests that in practice, few companies have got this right.

You'd better forget it now because otherwise Mr Maude's comments don't make sense. Security – particularly in the cloud – is a unicorn. A lovely idea, but it doesn't exist.

If you can't forget it, then the question is what are those dreadful bullies at GDS going to make poor Mr Maude say next? Whitehall can't afford not to use consultants?

0
0
D Moss Esq

Be under no illusions ...

Central and local government departments need have no fear about the security of the cloud computing services they buy from CloudStore/the Digital Marketplace.

These are underpinned by HMG's stringent Cloud Security Principles.

And suppliers demonstrate their adherence to these security principles by saying that they do:

QUOTE

Assure

Suppliers will complete a number of pre-defined security statements asserting how their services meet the Cloud Security Principles.

UNQUOTE

It's called "self-certification" and it worked very well in the run-up to the credit crunch when borrowers self-certified their own mortgage applications.

2
0
D Moss Esq

Re: First draft of this speech read...

Funny you should mention that.

"When it comes to cyber security QinetiQ couldn’t grab their ass with both hands"

1
0

US Marshals commit DIRTBOX INTRUSION on Americans, says report

D Moss Esq

PKI

Once upon a time, in a land far far away, the theory was that all the equipment on the mobile phone networks used public key encryption for authentication. As a result, spoof radio masts, whether operated by the police or anyone else, could not be inserted into the networks. If they can be, then someone's letting them in through the back door.

3
1

Pitchforks at dawn! UK gov's Verify ID service FAILS to verify ID

D Moss Esq

Re: Experian are dreadful

And then there's Experian in the US, where an ID fraudster carried on his trade via Experian for nearly a year until the Secret Service told them what was going on. You may think you're angry but wait till you hear Senator Rockefeller.

1
0
D Moss Esq

Apart from his 2 July 2014 post on IDA, RIP IDA – "we're building trust by being open" with its 16 subsequent updates DMossEsq has nothing to add to Ms Fiveash's excellent and comprehensive coverage.

We already know that Mike Bracken was guilty of a number of terminological inexactitudes when he spoke to the Code for America Summit a year ago.

It is evident to all that DEFRA have no control over what's happening to them, while GDS and Experian are keeping shtum, leaving farmers with a vague notion that they're never going to be paid any CAP money ever again thanks to the popular transformation of public services.

As promised by FMaudeEsq, identity assurance is turning into a massive data-sharing bonanza in the midst of which you can have privacy or public services, one or the other but not both.

IDA is dead. We just have to drum our fingers while we wait for it to be buried. It has richly deserved its right to be forgotten.

We know all that.

No need to repeat it.

0
0

Australia mandates* cloud use by government agencies

D Moss Esq

Re: The Cloud vs Inhouse IT

What do you think happens to a company trying to negotiate a cloud services contract when they know nothing about the subject? They pay top dollar. That's what. And when the cloud service goes down, they're last in the queue for attention.

As the percentage of in-house IT departments closed down tends towards 100, the cost of cloud computing will tend towards or go through the roof. Bang goes the cost advantage.

Long before that happens, it will be cheaper to replace the shop and hospital IT staff you say are so hopeless with competent personnel.

It will also avoid the disappointment of discovering that the cloud suppliers' staff are just the same.

1
0
D Moss Esq

Re: Thank goodness we've got the cloud sorted out here in the UK

Glad you enjoyed it.

I compare cloud now with timesharing in the 70s, Comshare and GEISCO, not holiday apartments in Spain. Timesharing died. So will cloud.

1
0
D Moss Esq

"Maybe I'm an idiot"

– Was it Larry Ellison himself who said: "The interesting thing about cloud computing is that we've redefined cloud computing to include everything that we already do, The computer industry is the only industry that is more fashion-driven than women's fashion. Maybe I'm an idiot, but I have no idea what anyone is talking about. What is it? It's complete gibberish. It's insane. When is this idiocy going to stop?"

– D'you know, I think it was.

4
0
D Moss Esq

Thank goodness we've got the cloud sorted out here in the UK

They do seem to be in a bit of a pickle cloudwise in Australia.

They should take a lesson from the UK, where "Cloud First" is the rule for central and local government.

And where we have the CloudStore, an on-line supermarket for cloudy products and services.

Admittedly no-one knows what "Cloud First" means and very few people have heard of it. Also, the CloudStore was meant to close down on 30 September but it's still limping along because someone can't get the replacement Digital Marketplace to work.

"Someone" is the Government Digital Service (GDS) and their advice to central and local government is "Don't procure. Commission". No-one knows what that means either.

The Government cloud programme (G-Cloud) has its own Twitter account, @G_Cloud_UK, and that's where we Brits go to find out what's happening. The Australians could usefully pay a visit.

Cloud computing depends on trust frameworks. Everyone knows that. Then a few months ago Chris Chant started Tweeting on @G_Cloud_UK about how trust can never be achieved, what you really need is truth. "24hrs to go" he said on 30 July 2014, "until @RainmakerCXO totally disrupts UK Cloud security capability. Truth better than trust. truth.rainmaker.solutions @G_Cloud_UK".

It wouldn't matter what he says if it wasn't for the fact that he's the principal architect and advocate of G-Cloud. And what he's saying is that you're wasting your time holding out for trust. What you need is GuardTime, an Estonian product marketed by Rainmaker Solutions. Let the Australians take note.

Some of us Luddites are a bit anti-cloud.

It's something to do with the OECD saying "cloud computing creates security problems in the form of loss of confidentiality if authentication is not robust and loss of service if internet connectivity is unavailable or the supplier is in financial difficulties ...". And ENISA saying about cloud that "its adoption should be limited to non-sensitive or non-critical applications and in the context of a defined strategy for cloud adoption which should include a clear exit strategy ...". (ENISA is the EU's Network and Information Security Agency).

What with that and Kim Dotcom and Edward Snowden and Bruce Schneier, it's a relief to see that local goverment in the UK is generally forswearing the cloud.

The other day, a journalist tried to snap these fuddy-duddies out of the 18th century and wrote "Council IT teams overstating cloud security concerns". But he didn't really mean it and was last seen on @G_Cloud_UK asking "why is cloud any less secure than a server sitting under a desk?".

Then yesterday, when Bruce Schneier's #IPExpoEurope comments on the cloud were reported – "We’re losing control of our data because of the cloud" – the CEO of Omnis Systems leapt to the cloud's defence on @G_Cloud_UK: "Actually it's because of public #cloud hosted in other countries. Host them in UK/EU & you'll have no issues" before adding 17 minutes later "#Cloud is not safer or cheaper for many use cases but it sounds good so who cares, they say".

That shared understanding of the cloud that we have in the UK, the confidence in its security, that's what Australia needs. Just ask that lady whose pictures were leaked the other day. She'll tell you.

3
0

DVLA website GOES TITSUP on day paper car tax discs retire

D Moss Esq

Re: Worked for me....

Renew-a-tax-disc always has worked really well, ever since the web facility was introduced in 2006, eight years ago, five years before GDS sprang into existence.

5
0
D Moss Esq

Re: Worked for me....

Are you trying to suggest that because the site worked for you yesterday it isn't really down today?

0
0
D Moss Esq

"Transparency is the bedrock of change"

... that's what Oliver Morley said the other day. He's the Chief Executive of DVLA and he should know. What users are experiencing now is not an outage. It's a bedrock.

Further, as you know, the great virtue of using the cloud is that capacity expands instantly to meet demand. As demonstrated in this case.

Who runs taxdisc.service.gov.uk? NSLookup says the IP address is 62.25.101.198. And RIPE says that belongs to Energis UK in Watford.

0
0

Labour outsources digital policy, Tories turn up to finish it

D Moss Esq

BOGOF

There are at least two Labour Party digital manifestos.

The one Andrew Orlowski cites is by Jon Cruddas.

Then there's the one by Chi Onwurah which hasn't been published yet.

While we wait for Ms Onwurah's, let's remind ourselves of some of Mr Cruddas's obiter dicta. These are taken from a speech he gave at the Royal Society of Arts, Radical Hope, where he was channelling the thoughts of a consultant he approached, Plenty Coups, great chief of the Crow Indians (Native Americans). He says:

• Our welfare state is ill-equipped to deal with modern social evils like loneliness and the loss of community.

• Our health service is struggling to cope with the rise of chronic illnesses like depression, obesity and diabetes, and we literally lack a proper system of care for our growing elder population ...

• Our present model of education rewards conformity in pursuit of a narrow, logical and mathematical form of intelligence. It fails far too many children and it reproduces the power of the already privileged. It is wasteful of our most important economic resource which is human ingenuity ...

• The future represents a powerful challenge to my party. Historically, our instincts have too often been to centralize, conform and control. To shape the future of our country we in Labour know that we have to do things differently.

That's the problem.

And the solution Mr Cruddas proposes, him and the old Crow, is digital government.

Deploy digital government, and the buffalo will come back.

"I've always been ready to admit I'm on the romantic and conservative side of socialism" says Mr Cruddas, "one that values the local, the parochial and the magical as sources of political agency and power".

Ms Onwurah's manifesto, we may radically hope, will rely less on magic.

1
0
D Moss Esq

On-line voting

Armed with our free 1Gbps broadband I see that we are to have on-line voting in local and general elections, please see paragraphs 80 and 81.

This will ensure that the result of elections is not determined by the voters but by the body with the greatest hacking ability.

Not all that democratic but achingly fashionable.

2
0

Page:

Forums