* Posts by D Moss Esq

152 posts • joined 19 Jun 2009

Page:

Must diarise: UK.gov Verify ID system will 'definitely' work by 2016

D Moss Esq

Digidentitywise, GDS are breaking their own rules

What were previously known in the science fiction/fantasy world of GDS as "identity providers" are now known as "certified companies".

All certified companies are certified by tScheme.

That's the rule.

Without that, they're not certified.

tScheme maintains a list of approved services, http://www.tscheme.org/directory/appserv.html

Digidentity are not on the list.

tScheme also maintains a list of registered applicants, http://www.tscheme.org/directory/appserv.html

That's the list with Digidentity on it.

They've applied for tScheme's seal of trust but they haven't been granted it yet.

1
0

What should America turn to for web advice? That's right: GOV.UK – says ex-Obama IT guru

D Moss Esq

This is the example an "ex-Obama IT guru" recommends for the US?

1. The UK Constitutional Law Association certainly weren't too impressed at the advent of GOV.UK.

2. There was some internal dissent on the GOV.UK development project, please see this blog post by the brilliant Jeni Tennison. (Brilliant? She produced this – a genuine example to follow.) How was that internal dissent handled? She became external. She left and is now at the Open Data Institute.

3. Who doesn't wish they'd been a fly on the wall at the offices of Her Majesty's Revenue and Customs when the crack team of experts from GOV.UK arrived with the future in their hands and told the taxmen they couldn't ask people to "submit" VAT returns any more (Value Added Tax/Sales Tax). "Submit" is too long and formal apparently and in future people will simply "send" their VAT returns.

4. And now there are hints that GOV.UK will be the model for all local government websites in the UK as well. Consolidate. Centralise. Standardise. States' rights? There's a model to follow.

0
0
D Moss Esq

Re: Where should America turn for advice? Not GDS. Not if it's the truth you're after

Thank you very much for your fast response tweaking. Very impressive.

2
0
D Moss Esq

Re: Where should America turn for advice? Not GDS. Not if it's the truth you're after

Yes, I thought her picture looked funny when I tweeted her just now. Then it occurred to me that maybe ...

1
0
D Moss Esq

Where should America turn for advice? Not GDS. Not if it's the truth you're after

She show the audience a table showing the cost and reach of the new GOV.UK website which replaced the old Direct.gov.uk (as well as numerous other services run by different government departments).

That seems like as good a place to start as any.

Miss McCarthy has been misled. So has Miss Pahlka. Certainly it says on https://www.gov.uk that "this website replaces Directgov and Business Link". But that's not true. It didn't replace these two websites two years ago when GOV.UK was launched and it still hasn't today.

It's safe to try this at home.

Start at GOV.UK, search for "jobseekers allowance", click on "claim Jobseeker’s Allowance (JSA) online" and you're taken straight to Directgov. Ditto if you try to log in to "universal jobmatch". Or try applying for a provisional driving licence.

Directgov is still there and so is Business Link. Search for "contracts finder" on GOV.UK, click on "start now" and you'll find yourself on https://online.contractsfinder.businesslink.gov.uk/.

GOV.UK "replaces Directgov and Business Link"? That is just one claim made by GDS, the UK's Government Digital Service, which is not to be trusted.

The same goes for GDS's claim that digital transformation has saved £10 billion or 4% of the UK gross domestic product. £10 billion is only 0.6% of UK GDP. Most money has been saved by laying off staff or negotiating better prices from suppliers. The saving attributed to GDS is only 0.0138% of UK GDP.

That 4% claim was made by GDS at Ms Pahlka's Code for America Summit 2013. She was misled. And now she has misled Ms McCarthy, no doubt inadvertently. And now Ms McCarthy is misleading her readers.

But before this falsehood is passed on into folklore as an unquestioned truth, let's nip it in the bud, shall we.

And let's try to correct the impression anyone at the CfA Summit might have got that GDS was already operating an identity assurance scheme (IDA) for 45 million Brits. It wasn't then and it still isn't.

IDA has already taken longer to develop than the much-maligned US Healthcare system and, despite all the fashionable agile development methodologies being used, it still doesn't exist.

4
0

You think the CLOUD's insecure? It's BETTER than UK.GOV's DATA CENTRES

D Moss Esq

Spooky

Some time back, ElReg carried an important medical report, Wacky 'baccy making a hash of FBI infosec recruitment efforts. The science is hard to follow but you don't think, do you, that the same problem now affects our own dear Cabinet Office?

0
0
D Moss Esq

It's beyond the power of FTSE-100 companies ...

Who can forget that 5 September 2012 press release issued jointly by BIS and the Cabinet Office (prop. F. Maude) Business leaders urged to step up response to cyber threats? That's when they wheeled in Sir Iain Lobban, the Director of GCHQ at the time, to tell the assembled chairmen of the UK's top 100 companies that they were no good at cybersecurity.

Every day, all around the world, thousands of IT systems are compromised. Some are attacked purely for the kudos of doing so, others for political motives, but most commonly they are attacked to steal money or commercial secrets. My experience suggests that in practice, few companies have got this right.

You'd better forget it now because otherwise Mr Maude's comments don't make sense. Security – particularly in the cloud – is a unicorn. A lovely idea, but it doesn't exist.

If you can't forget it, then the question is what are those dreadful bullies at GDS going to make poor Mr Maude say next? Whitehall can't afford not to use consultants?

0
0
D Moss Esq

Be under no illusions ...

Central and local government departments need have no fear about the security of the cloud computing services they buy from CloudStore/the Digital Marketplace.

These are underpinned by HMG's stringent Cloud Security Principles.

And suppliers demonstrate their adherence to these security principles by saying that they do:

QUOTE

Assure

Suppliers will complete a number of pre-defined security statements asserting how their services meet the Cloud Security Principles.

UNQUOTE

It's called "self-certification" and it worked very well in the run-up to the credit crunch when borrowers self-certified their own mortgage applications.

2
0
D Moss Esq

Re: First draft of this speech read...

Funny you should mention that.

"When it comes to cyber security QinetiQ couldn’t grab their ass with both hands"

1
0

US Marshals commit DIRTBOX INTRUSION on Americans, says report

D Moss Esq

PKI

Once upon a time, in a land far far away, the theory was that all the equipment on the mobile phone networks used public key encryption for authentication. As a result, spoof radio masts, whether operated by the police or anyone else, could not be inserted into the networks. If they can be, then someone's letting them in through the back door.

3
1

Pitchforks at dawn! UK gov's Verify ID service FAILS to verify ID

D Moss Esq

Re: Experian are dreadful

And then there's Experian in the US, where an ID fraudster carried on his trade via Experian for nearly a year until the Secret Service told them what was going on. You may think you're angry but wait till you hear Senator Rockefeller.

1
0
D Moss Esq

Apart from his 2 July 2014 post on IDA, RIP IDA – "we're building trust by being open" with its 16 subsequent updates DMossEsq has nothing to add to Ms Fiveash's excellent and comprehensive coverage.

We already know that Mike Bracken was guilty of a number of terminological inexactitudes when he spoke to the Code for America Summit a year ago.

It is evident to all that DEFRA have no control over what's happening to them, while GDS and Experian are keeping shtum, leaving farmers with a vague notion that they're never going to be paid any CAP money ever again thanks to the popular transformation of public services.

As promised by FMaudeEsq, identity assurance is turning into a massive data-sharing bonanza in the midst of which you can have privacy or public services, one or the other but not both.

IDA is dead. We just have to drum our fingers while we wait for it to be buried. It has richly deserved its right to be forgotten.

We know all that.

No need to repeat it.

0
0

Australia mandates* cloud use by government agencies

D Moss Esq

Re: The Cloud vs Inhouse IT

What do you think happens to a company trying to negotiate a cloud services contract when they know nothing about the subject? They pay top dollar. That's what. And when the cloud service goes down, they're last in the queue for attention.

As the percentage of in-house IT departments closed down tends towards 100, the cost of cloud computing will tend towards or go through the roof. Bang goes the cost advantage.

Long before that happens, it will be cheaper to replace the shop and hospital IT staff you say are so hopeless with competent personnel.

It will also avoid the disappointment of discovering that the cloud suppliers' staff are just the same.

1
0
D Moss Esq

Re: Thank goodness we've got the cloud sorted out here in the UK

Glad you enjoyed it.

I compare cloud now with timesharing in the 70s, Comshare and GEISCO, not holiday apartments in Spain. Timesharing died. So will cloud.

1
0
D Moss Esq

"Maybe I'm an idiot"

– Was it Larry Ellison himself who said: "The interesting thing about cloud computing is that we've redefined cloud computing to include everything that we already do, The computer industry is the only industry that is more fashion-driven than women's fashion. Maybe I'm an idiot, but I have no idea what anyone is talking about. What is it? It's complete gibberish. It's insane. When is this idiocy going to stop?"

– D'you know, I think it was.

4
0
D Moss Esq

Thank goodness we've got the cloud sorted out here in the UK

They do seem to be in a bit of a pickle cloudwise in Australia.

They should take a lesson from the UK, where "Cloud First" is the rule for central and local government.

And where we have the CloudStore, an on-line supermarket for cloudy products and services.

Admittedly no-one knows what "Cloud First" means and very few people have heard of it. Also, the CloudStore was meant to close down on 30 September but it's still limping along because someone can't get the replacement Digital Marketplace to work.

"Someone" is the Government Digital Service (GDS) and their advice to central and local government is "Don't procure. Commission". No-one knows what that means either.

The Government cloud programme (G-Cloud) has its own Twitter account, @G_Cloud_UK, and that's where we Brits go to find out what's happening. The Australians could usefully pay a visit.

Cloud computing depends on trust frameworks. Everyone knows that. Then a few months ago Chris Chant started Tweeting on @G_Cloud_UK about how trust can never be achieved, what you really need is truth. "24hrs to go" he said on 30 July 2014, "until @RainmakerCXO totally disrupts UK Cloud security capability. Truth better than trust. truth.rainmaker.solutions @G_Cloud_UK".

It wouldn't matter what he says if it wasn't for the fact that he's the principal architect and advocate of G-Cloud. And what he's saying is that you're wasting your time holding out for trust. What you need is GuardTime, an Estonian product marketed by Rainmaker Solutions. Let the Australians take note.

Some of us Luddites are a bit anti-cloud.

It's something to do with the OECD saying "cloud computing creates security problems in the form of loss of confidentiality if authentication is not robust and loss of service if internet connectivity is unavailable or the supplier is in financial difficulties ...". And ENISA saying about cloud that "its adoption should be limited to non-sensitive or non-critical applications and in the context of a defined strategy for cloud adoption which should include a clear exit strategy ...". (ENISA is the EU's Network and Information Security Agency).

What with that and Kim Dotcom and Edward Snowden and Bruce Schneier, it's a relief to see that local goverment in the UK is generally forswearing the cloud.

The other day, a journalist tried to snap these fuddy-duddies out of the 18th century and wrote "Council IT teams overstating cloud security concerns". But he didn't really mean it and was last seen on @G_Cloud_UK asking "why is cloud any less secure than a server sitting under a desk?".

Then yesterday, when Bruce Schneier's #IPExpoEurope comments on the cloud were reported – "We’re losing control of our data because of the cloud" – the CEO of Omnis Systems leapt to the cloud's defence on @G_Cloud_UK: "Actually it's because of public #cloud hosted in other countries. Host them in UK/EU & you'll have no issues" before adding 17 minutes later "#Cloud is not safer or cheaper for many use cases but it sounds good so who cares, they say".

That shared understanding of the cloud that we have in the UK, the confidence in its security, that's what Australia needs. Just ask that lady whose pictures were leaked the other day. She'll tell you.

3
0

DVLA website GOES TITSUP on day paper car tax discs retire

D Moss Esq

Re: Worked for me....

Renew-a-tax-disc always has worked really well, ever since the web facility was introduced in 2006, eight years ago, five years before GDS sprang into existence.

5
0
D Moss Esq

Re: Worked for me....

Are you trying to suggest that because the site worked for you yesterday it isn't really down today?

0
0
D Moss Esq

"Transparency is the bedrock of change"

... that's what Oliver Morley said the other day. He's the Chief Executive of DVLA and he should know. What users are experiencing now is not an outage. It's a bedrock.

Further, as you know, the great virtue of using the cloud is that capacity expands instantly to meet demand. As demonstrated in this case.

Who runs taxdisc.service.gov.uk? NSLookup says the IP address is 62.25.101.198. And RIPE says that belongs to Energis UK in Watford.

0
0

Labour outsources digital policy, Tories turn up to finish it

D Moss Esq

BOGOF

There are at least two Labour Party digital manifestos.

The one Andrew Orlowski cites is by Jon Cruddas.

Then there's the one by Chi Onwurah which hasn't been published yet.

While we wait for Ms Onwurah's, let's remind ourselves of some of Mr Cruddas's obiter dicta. These are taken from a speech he gave at the Royal Society of Arts, Radical Hope, where he was channelling the thoughts of a consultant he approached, Plenty Coups, great chief of the Crow Indians (Native Americans). He says:

• Our welfare state is ill-equipped to deal with modern social evils like loneliness and the loss of community.

• Our health service is struggling to cope with the rise of chronic illnesses like depression, obesity and diabetes, and we literally lack a proper system of care for our growing elder population ...

• Our present model of education rewards conformity in pursuit of a narrow, logical and mathematical form of intelligence. It fails far too many children and it reproduces the power of the already privileged. It is wasteful of our most important economic resource which is human ingenuity ...

• The future represents a powerful challenge to my party. Historically, our instincts have too often been to centralize, conform and control. To shape the future of our country we in Labour know that we have to do things differently.

That's the problem.

And the solution Mr Cruddas proposes, him and the old Crow, is digital government.

Deploy digital government, and the buffalo will come back.

"I've always been ready to admit I'm on the romantic and conservative side of socialism" says Mr Cruddas, "one that values the local, the parochial and the magical as sources of political agency and power".

Ms Onwurah's manifesto, we may radically hope, will rely less on magic.

1
0
D Moss Esq

On-line voting

Armed with our free 1Gbps broadband I see that we are to have on-line voting in local and general elections, please see paragraphs 80 and 81.

This will ensure that the result of elections is not determined by the voters but by the body with the greatest hacking ability.

Not all that democratic but achingly fashionable.

2
0

Give us a digi-Czar and more bureaucrats, begs UK tech-services biz

D Moss Esq

Re: Is it just me or do Tech UK come across as ...

On reflection, sad and desperate seems about right.

0
0
D Moss Esq

Re: I'm confused

Can't help you there, sorry, Spine 2 will have to remain the object of confusion.

What is certain is that GDS released their application-to-register-to-vote system with no identity assurance worthy of the name. They've been promising identity assurance for years. If democracy is your bent, then further assistance with authentication of the electoral roll is quite an attractive prospect. But no, it was too much for them. No identity assurance.

0
0
D Moss Esq

Re: Trust the UK?

A. Several senior members of the industry have declared that IT trust can't be achieved. Acknowledge that fact, they say, take it on board, digest it and give up the hunt. You won't find a world-leading trusted domain and you can't become one. Because they don't exist.

Stop wasting your time bashing your head against the wall and try something else – truth.

B. "Truth, not trust". That's their motto. The truth is revealed, according to them, by using products/services from Rainmaker Solutions.

They could well be right about A. Which would leave the Czar with the same clothes as the emperor. As to B, you tell me.

0
0

Pedals and wheel in that Google robo-car or it's off the road – Cali DMV

D Moss Esq

Re: From the archives, 1999

No, a Sony Xperia. Restarting it involves taking the back cover off and jamming a 2" No.8 into the reset hole.

0
0
D Moss Esq

From the archives, 1999

http://www.snopes.com/humor/jokes/autos.asp

QUOTE

At a computer expo (COMDEX), Bill Gates reportedly compared the computer industry with the auto industry and stated: "If GM had kept up with the technology like the computer industry has, we would all be driving $25.00 cars that got 1,000 miles to the gallon."

In response to Bill's comments, General Motors issued a press release (by Mr. Welch himself) stating:

If GM had developed technology like Microsoft, we would all be driving cars with the following characteristics:

1. For no reason at all, your car would crash twice a day. [Rather like my Android smartphone]

2. Every time they repainted the lines on the road, you would have to buy a new car.

3. Occasionally, executing a manoeuver such as a left-turn would cause your car to shut down and refuse to restart, and you would have to reinstall the engine. [Rather like my Android smartphone]

4. When your car died on the freeway for no reason, you would just accept this, restart and drive on. [Rather like my Android smartphone]

5. Only one person at a time could use the car, unless you bought 'Car95' or 'CarNT', and then added more seats.

6. Apple would make a car powered by the sun, reliable, five times as fast, and twice as easy to drive, but would run on only five per cent of the roads.

7. Oil, water temperature and alternator warning lights would be replaced by a single 'general car default' warning light.

8. New seats would force every-one to have the same size butt.

9. The airbag would say 'Are you sure?' before going off.

10. Occasionally, for no reason, your car would lock you out and refuse to let you in until you simultaneously lifted the door handle, turned the key, and grabbed the radio antenna. [Rather like my Android smartphone]

11. GM would require all car buyers to also purchase a deluxe set of road maps from Rand-McNally (a subsidiary of GM), even though they neither need them nor want them. Trying to delete this option would immediately cause the car's performance to diminish by 50 per cent or more. Moreover, GM would become a target for investigation by the Justice Department.

12. Every time GM introduced a new model, car buyers would have to learn how to drive all over again because none of the controls would operate in the same manner as the old car.

13. You would press the 'start' button to shut off the engine.

UNQUOTE

3
6

Go on, inhale our G-Cloud via 'Digital Marketplace' – UK.gov

D Moss Esq

Truth, not trust

"Truth, not trust" is a slogan that Chris Chant and Tim Hanley have been spraying around @G_Cloud_UK for the past two months or so.

What they mean is that it is impossible ever to achieve trust in the cloud.

Far better, they say, to go for truth, by which they mean some incontrovertible way of knowing that your data in the cloud has been changed or stolen.

How do you achieve that? By hiring Rainmaker, a consultancy promoted by Chant and Hanley.

And how will Rainmaker help? By deploying Guardtime, an Estonian product that uses some keyless authentication product.

Having these two point out that you can't trust the cloud doesn't seem to worry Tony Singleton, the head of G-Cloud. He's never bothered to deny their allegations.

But it may worry G-Cloud's prospective customers, whether they're buying from CloudStore or the Digital Marketplace.

----------

Cloud computing goes up in smoke

http://www.dmossesq.com/2014/08/cloud-computing-goes-up-in-smoke.html

0
0

FTC calls for Congress to crack down on consumer data harvesting

D Moss Esq

Re: Strange that they missed some big harvesters.

And Experian.

See Brian Krebs:

(a) Experian Sold Consumer Data to ID Theft Service, http://krebsonsecurity.com/2013/10/experian-sold-consumer-data-to-id-theft-service/

(b) Experian Lapse Allowed ID Theft Service Access to 200 Million Consumer Records, http://krebsonsecurity.com/2014/03/experian-lapse-allowed-id-theft-service-to-access-200-million-consumer-records/

And it's not just the FTC taking an interest but the Congressional Committee on Commerce, Science, & Transportation, too, http://www.commerce.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=a5c3a62c-68a6-4735-9d18-916bdbbadf01&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=b06c39af-e033-4cba-9221-de668ca1978a

On 16 June 2014, 19 days time, Mr Hieu Minh Ngo will be sentenced in a court in New Hampshire, having already been found guilty of 15 charges related to identity fraud, http://krebsonsecurity.com/wp-content/uploads/2013/10/NgoIndictment.pdf

He conned personal data out of Experian for months and his scheme only came to an end when the US Secret Service told Experian it was happening. The new Hampshire judge may have a few choice words for Experian, as well as Mr Ngo.

Which has nothing to do with us over here in the UK, of course, we don't have "data brokers", we have "credit referencing agencies", that's quite different.

Experian is one of the Government Digital Service's five remaining "identity providers" on whom their invisible identity assurance scheme depends. Nothing to see here, http://www.dmossesq.com/2014/03/rip-ida-16-june-2014.html

0
0

PAF! MPs go postal over postal location data sell-off by Coalition.gov

D Moss Esq

Re: Barriers to entry – 3

Barriers to entry deprive society of the fruits of innovation.

What fruits of innovation?

Mr Shakespeare doesn't tell us in his report.

He appeared in front of the Public Administration Select Committee with Professor Sir Nigel Shadbolt on 22 October 2013. You can watch them performing here. But you still won't find out what it is we're missing.

Professor Sir Nigel is chairman and co-founder of the Open Data Institute, of course. The ODI think that open data will lead to all sorts of valuable innovative apps. Although they haven't said which apps those will be yet, nor how valuable.

He's also chairman of the midata programme. That's an initiative of the Department for Business Innovation and Skills. They want us all to have personal data stores (PDSs). PDSs will empower us, apparently, and they will help us stupid people to make rational lifestyle decisions and, what's more, they'll make the economy grow. How? By creating an enormously valuable industry of innovative apps, obvs.

What innovative apps?

Glad you asked.

Professor Sir Nigel set up the midata Innovation Lab (mIL). mIL were let loose, like innovation tigers, and they produced five prototype apps. The Prof was so pleased with these prototype apps that he said they would allow us to "get to the future more quickly".

"Prototype", here, by the way, means "not really apps, you can't buy them". Take a look at them. They're just like all the other apps you can already buy on Google Play and the iTunes App Store and the Windows Phone store. There's nothing innovative about them at all. They are not Professor Sir Nigel's HS2 to the future.

So what are we missing? What innovation is society being deprived of by barriers to entry? Answer, stuff you can already buy in the market for once-off prices like 69p.

Therefore there was nothing wrong with selling the PAF along with Royal Mail.

0
1
D Moss Esq

Re: http://www.royalmail.com/postcode-finder

Sure Don, let's see.

If and when they start charging let's see if we can guess whether charges would have been imposed if the company had still been owned by the Secretary of State for Business Innovation and Skills. The way they are for accessing Companies House data, for example.

0
1
D Moss Esq

Re: Typical Govt b0llox

Crimea.

Now there's a country that understands barriers to entry.

1
0
D Moss Esq

Barriers to entry – 2

Mr Shakespeare is a very generous man. He thinks the PDG data should be given away for free. Charging for it is a barrier to entry.

A lot of data is managed by Companies House, the Land Registry, the Met Office and Ordnance Survey. These four together are apparently known as the "Public Data Group" or "PDG" for short.

Admittedly, Mr Shakespeare's generosity would cost us a bit. Currently the Exchequer earns millions of pounds a year by charging for PDG data. That hole would have to be plugged somehow but, according to Mr Shakespeare: "As government would no longer need to purchase the [PDG data] itself, the direct loss to the Exchequer on an annual basis is in the order of £143 million ... It seems a straightforward decision to invest £143m to make Trading Fund data widely available is a relatively small price to pay to leverage wider economic benefits far exceeding this by orders of magnitude".

It seems ... straightforward ... relatively small price to pay ... leverage wider economic benefits ... orders of magnitude ...

It may seem that way but just how straightforward is this investment decision really? Is that a relatively small price or a relatively big one? How many orders of magnitude?

He must know the answer, mustn't he, otherwise he wouldn't have written that on p.30 of his report.

The strange thing is that he also writes on p.30 that: "Forecasting future benefits is also hard to predict. How businesses and individuals might use datasets in the future to generate new products and services and by implication impact economic growth, is equally unknown".

What we seem to have here is a straightforward guess leveraging several orders of magnitude of hope.

Once again.

Those barriers to entry.

Set them higher.

Meanwhile, you can kind of see a certain hard-headed logic in selling Royal Mail with its PAF intacta.

0
1
D Moss Esq

Barriers to entry – 1

One of the arguments against charging for large-scale access to PAF is that the cost represents a barrier to entry.

That's supposed to be a bad thing. What do we know about barriers to entry? We don't like them.

What's wrong with barriers to entry? They deprive society of the fruits of innovation.

That's the line taken by Stephan Shakespeare in his report, An Independent Review of Public Sector Information.

Mr Shakespeare is the founder and global CEO of YouGov, the polling organisation. As you might imagine, he thinks you can find out the truth by polling people. Looking at health care data, for example, he says: "70% ... of total respondents think that we should make public all that we can about our health care system ...".

Convinced? Are you happy that giving away health care data is the right thing to do because 70% of respondents to a YouGov poll said it is?

Before you make your mind up, consider this.

Mr Shakespeare conducted not one but two polls and 18% of respondents in one poll said they were "highly informed" on data issues and in the other poll that figure was 4%. A fuller conclusion might therefore be this: "Between 82% and 96% of people asked said they didn't know what they were talking about but nevertheless 70% of them think that we should make public all that we can about our health care system so we should".

Sometimes you can't help thinking the barriers to entry should be set a bit higher.

1
1
D Moss Esq

http://www.royalmail.com/postcode-finder

Those rapacious private sector companies, they really know how to exploit us poor innocent consumers. I just took a look at Royal Mail's find-a-postcode site and you know what they told me? "You can still do 50 more [free] searches today." Heartless.

0
0

Nudge Unit flies into Nesta's arms: Is the hype justified?

D Moss Esq

Whaddya mean you've never heard of midata?

We should remember the Behavioural Insights Team's magnificent contribution to the soaraway success of midata, the Department for Business Innovation and Skills initiative to empower the consumer and make the economy grow.

Back in 2012 BIT and BIS jointly published a review of midata and a consultation document. Based on the results of which Whitehall legislated to make compliance statutory.

It is that crucial insight that if you want people to behave in a certain way then passing a law is probably the best way to proceed that NESTA are buying, with money that would otherwise finance mere innovation.

I am often asked about the genealogy of behavioural psychology. There is no doubt that the discipline owes everything to King Canute and his understanding of the behaviour of the sea.

0
0

GOV.UK's criminal record check IT job blow: Home Office snubs new design

D Moss Esq

Re: GDS

"... Also the humility to realise that incumbent civil servants might know something about how complex the requirements really are ... Sadly their default starting position in any conversation I've had with them has always been, "We know how to do this better than you. So, what is it that you do?"

See also:

Frankee Llonnygog @ Thursday 12th December 2013 09:26 GMT: GDS consistently alienate the people they're supposed to be working with. People who know how to build and maintain big systems that cannot be replaced with Rails. GDS walk in with the attitude of "we know how to do your job better than you" and "we know what your requirements are".

and

Anonymous Coward @ Thursday 12th December 2013 17:27 GMT: They are keen to tell their client what to do and pay scant regard to business requirements or needs.

----------

See for example GDS's blog post Submitting to the language of users:

Plain English is mandatory for all of GOV.UK. This means we don’t use formal or long words when easy or short ones will do.

For example, we normally talk about sending something (whether online or in the post), rather than ‘submitting’ it. This is short, clear and unambiguous. It’s also listed in the Plain English Campaign’s A to Z of alternative words.

We’ve recently been working with HMRC on moving VAT content to the ‘mainstream‘ (services and information for citizens and small businesses) part of GOV.UK. In the first draft, we used the plain English ‘sending your VAT return’ across all of this content.

However, our HMRC colleagues felt very strongly that we should change this back to ‘submit’ to match the terminology used on the HMRC website, as this is ‘used frequently and known by VAT businesses’.

GDS were trying to tell HMRC that they shouldn't talk about "submitting a VAT return". In their informed opinion the correct locution is "sending a VAT return".

This must be the very exemplar of prattish inanity.

In what sense can GDS be said to be "helping" HMRC?

The word "submit" is too long and formal, is it? Then how come it occurs several hundred times on GOV.UK? (Enter "submit" in the Search box and start counting.)

0
0
D Moss Esq

Re: GDS (@Julian)

... it ain't GDS's fault that they've got no data ... Their end of the work has met expectations and has been forced to sit there waiting for useful data to be fed into it ...

Your case would be stronger if you gave some examples.

Here is a counter-example.

GDS took part in a so-called "data-mining" exercise to identify eligible voters in GB elections who haven't registered. The exercise was reported on in the Electoral Commission's Data mining pilot – evaluation report July 2013.

GDS were given data by the Student Loans Company (SLC) among others to match against local electoral rolls. According to the Commission: "There seemed to be issues with the addresses on this data being incomplete. Only one pilot area reported usable results for this database and they found that nearly a third of the addresses were quite clearly incomplete. SLC informed us that the addresses they provided to GDS were complete, so it seems that these issues may have arisen in the matching process, although we are unable to say for certain" (p.7).

The Commission's report is a 134-page catalogue of problems like that with GDS being repeatedly criticised for their end of the work not meeting expectations and the exercise was declared a failure: "The findings from this pilot do not justify the national roll out of data mining".

0
0
D Moss Esq

Paging DMossEsq

J Arthur's bellhop couldn't find me on 12 December 2013.

Not surprising. I've been following a punishing schedule of Christmas celebrations.

Was that the day I went for a bicycle ride with Tom Loosemore, Tony Singleton and William Heath? Was it the day Nigel Shadbolt picked me up in his Maserati and, together with Stephan Shakespeare and Craig Belsham, we went for a spin round Cowes in his boat? Or was it the day ex-Guardian man Mike Bracken invited me and a couple of satisfied customers from DWP, HMRC and the Electoral Commission round to Aviation House for a glass of paraquat?

I can't remember.

0
0

UK public auditor, scourge of tax-dodging big biz, hosts its site on ... Amazon

D Moss Esq

I'm no tax expert, so don't ask me how that applies to subsidiaries of Amazon that don't have a presence in the UK

See CFCs, permanent establishment, tax residence, thin capitalisation, every combination of double tax treaty and, as you mention, transfer pricing.

0
0
D Moss Esq

Cloud computing = losing control of your data

The NAO must of course abide by the procurement rules.

Equally, as auditors, they have a duty of care. They must keep their clients' data confidential. Handing that data over to a third party and storing it beyond the jurisdiction of English law makes it hard to guarantee confidentiality.

Next time the NAO want to investigate DWP, or whoever, there might be an objection that the NAO can't guarantee to keep the data revealed to them confidential. DWP, or whoever, might refuse to co-operate with the investigation on that basis, and so contracting with AWS, however indirectly, might mean the NAO can't do its job.

Incidentally, it's not just the NAO of course. Consider, for example, Halarose Ltd, who have contracts with 80 local authorities in the UK to maintain their electoral rolls. Where is the data stored? With AWS, in Ireland. Under who's control?

Search me.

Given that AWS have no – that's no – servers in the UK, how come they're allowed on G-Cloud's CloudStore, where all the customers owe a duty of care to keep our data safe, confidential and under their control?

It's an old saying, a bit of a cliché, but worth repeating – the the only time you're really safe is when CloudStore's down which, recently, has been quite a lot.

2
0
D Moss Esq

... I know you ain't Spartacus

... you is more like an Amazonian astrosurfer, whereas Spartacus was Kirk Douglas (né Issur Danielovitch Demsky) from nowhere near the Amazon.

1
0

IBM thrusts mighty cloud erection at US gov after Amazon beds CIA spies

D Moss Esq

IBM need help ...

... from Stephen Fry, http://www.dmossesq.com/2013/10/cloud-computing-and-sizzling-stephen-fry.html

Only he can provide the historical perspective and the technical grasp of evocon (evolutionary economics) which Amazon so obviously possess and which has eluded IBM in the first 100 years of its existence.

0
0

'I don't trust Microsoft' after NSA disclosures says former privacy chief

D Moss Esq

1. Chapeau bas to Caspar Bowden.

2. Given that most people can't read the Guardian, how can UK awareness be raised?

"As for the secret surveillance agenda, most people in the UK do not seem to care about it, because they lack accurate information in the media about what exactly is happening."

One idea: -

Communications Data Bill

For years, the Home Office have been advocating the Communications Data Bill and the Interception Modernisation Plan before it on the basis that the security services must have the interception tools needed to defend us against terrorism.

The implication was that the security services didn't have these tools.

It now transpires that they do have them.

Which means that the Home Office were deceiving parliament, the media and the public.

That ought to be a story the media would consider running.

Even if they believe that interception is justified the media might at least ask why the Home office been wasting parliamentary time?

http://www.dmossesq.com/2013/07/communications-data-bill-unnecessary.html

1
0

Now we know why UK spooks simply shrugged at SSL encryption

D Moss Esq

Communications Data Bill – why bother?

"In July 2012, Britain's top spook Charles Farr made a rare public appearance: sat across a table from MPs in Parliament, he was quizzed by backbenchers scrutinising Home Secretary Theresa May's widely criticised plan to snoop on Brits' internet connections."

"Theresa May's widely criticised plan to snoop on Brits' internet connections" is the Communications Data Bill. It is widely criticised. The Home Office has put in a lot of hard work trying to get it, and its predecessors, passed into law.

Why bother?

After all, per Edward Snowden, GCHQ already have the technology needed. And William Hague, the Foreign Secretary and political boss of GCHQ, says that their work is perfectly legal. So does Sir Malcolm Rifkind, the Chairman of the Intelligence and Security Committee.

Surely the Bill is redundant.

Why does the Home Office waste all that energy trying to push through an unpopular bill that is unnecessary?

One would genuinely be interested in an answer.

http://www.dmossesq.com/2013/07/communications-data-bill-unnecessary.html

1
0

Tory think tank: Hey, civil servants! Work with startups to save £70bn

D Moss Esq

Sell the sizzle, not the sausage

ElReg readers already know that the Government Digital Service (GDS) is all sizzle, no sausage.

Never mind the lack of sausage, GDS are hard at work selling.

GOV.UK has its awards from the Design Museum and D&AD. That helps. They have the imprimatur of Tim 'Government As A Platform' O'Reilly and Martha Lane Fox, no mean salesman herself. The BBC and the Guardian think GDS are exciting and are providing free PR (http://www.dmossesq.com/2013/06/gds-pr-blitz.html). Well done ex-Guardian man Mike Bracken and ex-BBC man Tom Loosemore.

And now the Times have joined in (http://www.dmossesq.com/2013/08/toe-curling-gds-pr-blitz.html). And Policy Exchange. How did that happen?

It is inconceivable that GDS could have gained the support of Policy Exchange while Charles Moore ran it. But he handed over the reins years ago to Danny-now-Lord Finkelstein, a different kettle of fish altogether, whose gib is cut the other way and who luckily is very senior at the Times.

This is soap opera, of course, but then who buys the sizzle? Individuals. Individuals with personal preferences. Individuals not necessarily endowed with the skills or the will to examine the effectiveness of an IT department.

It's all a bit depressing but there is the occasional laugh. Like the Tweet from ex-Conservative Home editor Tim Montgomerie, hired by Danny-now-Lord Finkelstein to write SDP opinion pieces. Mr Montgomerie is a bit of a sizzle aficionado and in his opinion (https://twitter.com/TimMontgomerie/statuses/309258485252636673): "One of the outstanding successes of this Coalition is likely to be its digital strategy http://twitter.com/Policy_Exchange/status/309257138381938688".

0
0

Verizon, Experian and pals bag £25m to inspect Brits' identities for UK gov

D Moss Esq

Re: Before you slag them all off..

"MyDex are all about helping people to own and be gatekeepers to their personal data. Most Reg readers would like Mydex."

Why do you say that?

(Background, http://www.dmossesq.com/2012/11/identity-assurance-only-future-is.html)

2
0

Ha ha, Osborne, these Gov 2.0 web wranglers have wiped out UK debt

D Moss Esq

How journalism works – Re: That Times article ...

If you enter "rachel sylvester" and "i am told" into the Times search box and hit enter you get 39 hits. That's 39 separate articles in which she has used the phrase.

I suggested to Private Eye once that they start a new column, "Eye am told". No dice.

0
0
D Moss Esq

GOV.UK is not Government on the Internet, but of the Internet

Not my words. The words of ex-Guardian man Mike Bracken, executive director of the Government Digital Service and senior responsible owner of the pan-government but non-existent identity assurance programme. And he's right. You commentards just have to be more agile, http://www.dmossesq.com/2012/10/govuk-is-not-government-on-internet-but.html

As for worrying about statistics being accurate, how old-fashioned can you get? Just ask Stephan Shakespeare, the founder of YouGov who has been inexplicably asked to devise a national data strategy, https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/198752/13-744-shakespeare-review-of-public-sector-information.pdf – search on "publish early even if imperfect" and you will see the way.

1
0

Mobile location data identifies individuals

D Moss Esq

Re: location markers

"... unless people actually, y'know, do the science, you never know which bits of obviousness are actually true ..."

Quite right.

What's a phone? An IMEI? A phone no.? Sometimes you use someone else's phone. Sometimes someone else uses your phone.

A discipline will develop stitching the patchy record together over the years, over the IMEIs, over the phone no.s, excluding the other people's use of one phone, including the use of other phones, into one person.

It will have to.

Because there will still be a job to do, creating new identities, e.g. for ambassadors travelling under a false identity or people in witness protection programmes. The location identity created for them will have to look realistically patchy.

From my misspent youth, Dematerialised ID, May 2003, http://dematerialisedid.com/BCSL/29%20May%202003.pdf pp.31-3, §4.9.

1
0

Stop excluding vulnerable Brits from digital agenda - MPs

D Moss Esq

DWP using same PR agency as HMV?

"... the [Universal Credit] project has been repeatedly hampered by a perceived IT management crisis that the DWP has strongly denied."

Not so long ago, HMV strongly denied that they faced any trading problems.

http://www.dmossesq.com/2013/03/universal-credit-tricky-confinement.html

1
0

Page:

Forums