* Posts by David Mery

26 publicly visible posts • joined 13 Sep 2007

Stuck in a dull conference? You need Verity's survival guide

David Mery

Ada is good, Object oriented is good...

> Long ago, the writer heard Bjarne Stroustrup himself complain that "object-oriented" had become a marketing synonym for "good"

At ECOOP 1987 (in what may have been a keynote - don't remember), Bjarne exemplified this issue with the following syllogism:

.

Ada is good

Object oriented is good

---------------------------------

Ada is object oriented

.

This talk has been scanned at http://www.ifs.uni-linz.ac.at/~ecoop/cd/papers/0276/02760051.pdf

The 1991 revised version is at http://www2.research.att.com/~bs/whatis.pdf

All the other papers from that very first ECOOP conference can be found at http://www.ifs.uni-linz.ac.at/~ecoop/cd/tocs/t0276.htm

Row over Korean election DDoS attack heats up

David Mery

Follow the money

http://english.hani.co.kr/arti/english_edition/e_editorial/510303.html

"The police have admitted that around the time the National Election Commission website was disabled by a distributed denial of service (DDoS) attack, a large amount of money changed hands among Grand National Party figures who were subsequently arrested in connection with it. [...]"

Word and Excel creator: How Gates, Jobs and HAL shaped Office

David Mery
Boffin

> the mouse, [...] - all ideas that emerged from PARC research

Not so.

Doug Engelbart was at SRI when he invented the mouse.

Happy 40th birthday, Intel 4004!

David Mery

Ada + GC + 32-bit ...

Remembering the iAPX432.

Man cracks open floppy disk, inserts USB Flash drive

David Mery

A portable with a really good keyboard

The P70 was a really nice portable^Wluggable computer. I bought a rucksack just the right size so I could carry it on my motorbike. Another advantage of the P70 (being an IBM machine), was that it was the first portable supported by OS/2 right back from version 1.0 (with none of this GUI nonsense) . Some versions of OS/2 eventually them came on as many as 20 or 30 floppies.

Welcome to the out-of-control decade

David Mery
Big Brother

Madrid Privacy Declaration

The deadline to sign the Madrid privacy declaration is January 28, 2010, which happened to be International Privacy Day:

The Madrid Privacy Declaration

Global Privacy Standards for a Global World

http://thepublicvoice.org/madrid-declaration/

Home Office jumps the gun on DNA research

David Mery
Boffin

Quality? What quality?

The HO is happy with the quality of the DNA consultation. Extract from

http://gizmonaut.net/blog/uk/2009/07/HO_approch_to_consultations.html

"Thank you for your email (below) which highlighted the concerns you had on the DNA consultation document. You believed the consultation had not followed Criterion 3 of the Government's Code of Practice on Consultation.

Under Criterion 3 of the Code consultation documents should be clear about the consultation process, what is being proposed, the scope to influence and the expected costs and benefits. In this respect we believe the consultation document meets that Criterion."

From my reading of the JDI report, its main analysis was based on 18 cases. Extract from

http://gizmonaut.net/blog/uk/2009/06/ndnad_six_months_later.html

"One annex is an independent report by Professor Ken Pease of the Jill Dando Institute titled DNA Retention after S and Marper. The data in the text and the tables don't match, but if you put that aside and try to figure out what was likely meant you soon realise that there's little to support the Home Office. First key data is about those re-arrested within three specified periods. Let's skip the fact that the "data underwent substantial and lengthy editing" to exclude irrelevant categories and "on the basis of lack of clarity as to the case outcome". After all this editing, the data appear to come from 532 cases from three samples in June over three consecutive years (either 1994-1996, according to the table, or 2004-2006, according to the text). However, an attentive reader will spot: "Given that data came only from the first of a month, and aware that errors of estimation will be magnified by multiplying the figures to give a monthly total...", so this data is in fact an estimation based on approximately 18 cases (532 divided by the number of days in June) taken over three days at one year interval, or 7, 8 and 3 samples for the respective days. And even among these few cases, one day may have to be discounted as a footnote explains: "The writer was concerned by the smaller number of cases in 2004. His best guess is that the date fell on the day following a Bank Holiday." (This is also a hint indicating that the text is right as May 31st was Spring bank holiday in 2004. This erroneous table is repeated in the main consultation document.)"

br -d

Mobile hack shows need for security upgrade

David Mery

> a criminal can set up a fake base station

Listening on the air side is not just of interest to criminals, the FBI has documented its use of this technique that it calls Triggerfish. It is also suspected that some foreign embassies may be using phantom cells in London.

RupertG speculated about this in

http://community.zdnet.co.uk/blog/0,1000000567,10011953o-2000331777b,00.htm

br -d

Home Office foot-dragging exposes ACPO to criticism

David Mery

Same old, same old

The ACPO/ACRO letter was really more of the same. It issued basically the same recommendation as in December just after the ruling:

http://gizmonaut.net/blog/uk/2009/08/acpo_ndnad_advice_no_change.html

ACPO is part of the "Implementation Group to consider the measures required to implement the judgment" as explained by the HO to the Council of Europe:

http://gizmonaut.net/blog/uk/2009/06/ndnad_review_of_general_measures.html

and seems to have taken the lead in this group which would explain them sending the letters to the chief constables.

Until there's change, concerned readers should check out http://reclaimyourdna.org/

br -d

DNA database swells despite human rights ruling

David Mery
Big Brother

Consultation closes Aug 7th

As well as commenting on El Reg, you may want to send your views to the Home Office. consultation by Aug 7th. Details at

http://tellthemwhatyouthink.org/view/con-2255-keeping-right-people-dna-database

> What does the DB actually store?

For an exhaustive list of all the fields in the NDNAD see:

http://gizmonaut.net/blog/uk/2009/06/NDNAD_full_dna_profile_record.html

br -d

Three months on, you still can't get off the DNA database

David Mery

> Are there now grounds for refusing to provide a DNA sample until you're convicted?

No. If, after arrest, you refuse to be DNA sampled, the police can use force to obtain the samples.

br -d

New terror guidelines on photography

David Mery

PCSO claim

The PCSO claim is interesting as they don't have power of arrest on their own and Section 44 of the TA 2000 is the section about 'Authorisations' to stop and search (1) cars and (2) pedestrians.

Section 5 of the byelaws also seem apparently does not permit the use of mobile phones -without headphones- in Trafalgar and Parliament square!

br -d

DNA convictions fall as database doubles in size

David Mery
Black Helicopters

Data for 10-17 does not fully compute

From the Parliamentary answer linked in this article there are as of 16 July 2008, 1,057,961 DNA profiles of individuals aged 10-17 (at the time of the report) that were added by the England & Wales forces (estimated to be for 917,252 individuals).

From the data obtained via FOIA and analysed in http://www.theregister.co.uk/2008/11/06/dna_database_special/page2.html, as of 10 April 2008 there were 349,934 DNA profile of individuals aged 10-17 (at the time of the report) that were added by England and Wales forces, and of 1 September 2008 that number was down to 343,745.

So the numbers are:

2008-04-10: 349,934

2008-07-16: 1,057,961

2008-09-01: 344,745

Some changes are to be expected due to people getting older but the effect tends to be to reduce this statistics. In a further comment by email from the NPIA when I queried the small discrepancy between the April and September figures, I received the following explanation: "The reason the figures have decreased is because peoples ages are continually changing i.e. some of the people counted in the original count of 10/04/08 are now aged over 17 so would no longer be counted in the report when it was ran on 1/09/08."

Apart from a missing decimal point in one of the cell in the table in the Parliamentary answer, the numbers seem to add up. It is difficult to grasp how this stat could jump up by 708,027 in a few months to then reduce by 714,216 in the second half of July and August. 700,000 is close to the number of DNA profiles added yearly, for all ages so it seems unlikely that the Police arrested just before July hundreds of thousands of individuals who had their 18th birthday in August.

br -d

The DNA database and you

David Mery
Boffin

Re: What else is in there, besides ID info?

Profiles do not include details of the reason for arrest, this is the reason why the police can't apparently easily analyse the NDNAD in relation to the circumstances of arrest.

You can see a DNA profile at http://gizmonaut.net/images/kr_dna.jpg

(I've obscured the DNA markers' information. It was provided to me by Kevin Reynolds. See http://gizmonaut.net/blog/uk/dna_retention_of_unconvicted_people.html for more context)

Also from http://www.acpo.police.uk/asp/policies/Data/NDNAD_AR_04_05.pdf:

All subject sample records on The National DNA Database are uniquely identified by a bar code number (supplied with the sampling kits). In addition to the DNA profile, they also contain information about the subject’s name, date of birth, ethnic appearance and gender; information relating to the sampling force and the supplier laboratory to which the sample was submitted and details of the sample type and the test type. Records relating to samples taken under PACE also contain the Arrest Summons Number (ASN), which facilitates reconciliation of data with the Police National Computer (PNC). The type of offence for which the subject sample was taken is not recorded.

br -d

David Mery
Boffin

@not unique

From http://www.nuffieldbioethics.org/fileLibrary/pdf/The_forensic_use_of_bioinformation_-_ethical_issues.pdf

A DNA profile is obtained by:

* extracting the DNA from a sample (blood, saliva, semen, sweat or other biological material);

* measuring the amount of DNA obtained;

* producing multiple copies of specific areas of DNA of interest (these correspond to the ‘markers’ referred to below); and

* cataloguing the size of each marker in the particular individual from whom the DNA came.

The technique currently used for DNA profiling in the United Kingdom is SGM Plus®(SGM+). It tests for ten ‘markers’, known as short tandem repeats (STRs), and a sex marker. STRs are short sequences of DNA that are repeated in tandem several times, and the number of repeats varies between individuals. The number of repeats is recorded and thus, a DNA profile consists of 20 two-digit numbers (each person has two copies of each marker, one inherited from each parent), and a sex indicator. The probability of a chance match between unrelated individuals using SGM+ is on average less than one in a billion (1,000,000,000). The discriminatory power of the analysis decreases for related individuals. SGM, a technique used before the introduction of SGM+, analysed six of the same markers plus the gender marker and had a lower discriminatory power. A proportion of the profiles on the NDNAD are based on SGM (22 per cent of criminal justice samples and 19 per cent of crime scene samples). When a current crime scene sample matches an SGM profile, the relevant biological sample is retrieved and the profile is upgraded to SGM+. A recent retrospective upgrade of 24,000 cases from SGM to SGM+ found that there were 3,600 cases where the profiles had originally matched using SGM, but no longer matched when using SGM+ profiling. To date, there have been no reports of chance matches between full SGM+ profiles. Chance matches are, however, more likely to arise:

* with partial profiles;

* between closely related individuals;

* as the size of the NDNAD expands; and

* between individuals within an isolated or inbred population.

...and from http://www.acpo.police.uk/asp/policies/Data/dna_good_practice_manual_2005.doc

6.2 Match probability

The probability of two DNA profiles matching depends on the nature of the DNA profile and the circumstances of the case. A full SGM+ to SGM+ match is the most powerful. The strength of the match decreases if the profile is SGM or partial and there is an increased risk of the match being by chance.

Although a person’s DNA is unique (except for identical twins, triplets etc.), some individuals who are closely related e.g. siblings may appear to have a similar profile. This occurs because they have inherited their DNA in different proportions from the same parents. The value of a match in a given case may therefore be weakened if there is a possibility that the offender could have been a close relative of the suspect.

Because the match probability depends on the fullness of the profile and the circumstances of the case, a match probability figure is not provided with a match report and the police and CPS should liaise with the scientist to assess the value of the evidence.

6.3 Chance matches

A match between two profiles on the NDNAD can occur simply by chance. This risk is very low when full SGM+ profiles are involved. However, the risk increases if partial or SGM profiles are involved and therefore, there is a significant chance that a match involving a partial profile or SGM profile may not match when the profile is upgraded to SGM+. Consequently, the laboratory should be asked to upgrade matches based on partial or SGM profiles. This is normally arranged via the force DNA Submissions Unit when the match report is received.

br -d

BT's Mayfair exchange downed by burglary

David Mery

Illegal pics?

Aren't these pics in breach of the OSA 1911 Section 3?

==

3.Definition of prohibited place.

For the purposes of this Act, the expression "prohibited place" means--

[F1 (a)

any work of defence, arsenal, naval or air force establishment or station, factory, dockyard, mine, minefield, camp, ship, or aircraft belonging to or occupied by or on behalf of His Majesty, or any telegraph, telephone, wireless or signal station, <snip>

==

More at http://spyblog.org.uk/2008/06/restrictions-on-photography-in-public-where-are-the-prohibited-places-designated.html

br -d

Malicious gossip could cost you your job

David Mery

Re: Liberty

This issue has been discussed at several AGMs of Liberty, and a resolution was eventually passed at the last AGM:

==

Enhanced Disclosures

Liberty’s A.G.M. notes that, despite the creation of the Independent

Safeguarding Authority (the ISA), designed to provide fair

protection to children and vulnerable adults and to professionals

working with them, and contrary to the recommendation of the

Bichard Inquiry, the system whereby enhanced disclosure forms

are circulated to employers still exists. Since these forms very

often contain mere accusations of minor matters, teachers and

carers without any convictions or cautions are condemned to

permanent unemployment in their profession.

This A.G.M. therefore resolves to seek change to law and policy so

that, within the jurisdiction of the ISA (covering not only teachers

and carers but everyone working with children and vulnerable

adults), no disclosure can be made of mere allegations other than

to the ISA itself.

==

A report on all the resolutions passed is at http://www.liberty-human-rights.org.uk/news-and-events/2-agm/report-on-the-2008-agm.pdf

br -d

Police told: Delete old criminal records

David Mery

Re A/C ACPO spawned ACRO in 2006

The certificate procedure for visas is effectively moving from a cheap legislated (and slow) process, the data subject access, to an opaque expensive process controlled by a private entity. This happened earlier this year. I also find this of concern.

More at http://gizmonaut.net/blog/travel/acpo_police_certificates.html

br -d

Malware infects Merriam-Webster

David Mery

mondegreens

Homophonic translations are mondegreens per excellence. My favourite is “A thing of beauty is a joy forever” becoming “Un singe de beauté est un jouet pour l’hiver!”. Oulipians have created many. There's also the excellent book: "Mots D'Heures: Gousses, Rames - The D'Antin Manuscripts".

br -d

Welsh couple cop Mosquito flak

David Mery
IT Angle

Buzz off campaign

Liberty is participating in a campaign against the discriminatory aspect of the Mosquito device. More at http://www.liberty-human-rights.org.uk/issues/young-peoples-rights/stamp-out-the-mosquito.shtml

br -d

Tory tackles Whitehall on Wiki-updating spooks

David Mery
Black Helicopters

> O’Brien has information

Easy to figure out: http://wikiscanner.virgil.gr/f.php?ip1=195.217.192.0-15

Shock horror, HMGCC also reads ElReg. Three visits from HMGCC I had to my website have ElReg articles as referers.

Now are these visits from staff during their lunch breaks? (HMGCC is not the only gov/intelligence/army domain browsing the web - this is just for my site: http://gizmonaut.net/gov_visitors.html)

br -d

The 'blem wit' error messages

David Mery

pgazonga

My favourite from Multics Emacs... http://gizmonaut.net/blog/software/multics_source_reveals_le_jetteur_des_gazongues.html

br -d

FBI preps $1bn biometric database

David Mery

@Christoph

It's "Computer don't argue" (1965) by Gordon R. Dickson. It's online at http://www.atariarchives.org/bcc2/showpage.php?page=133

br -d

Multics source code released into the wild

David Mery

Bernie Greenberg and his use of forign-language terms and expressions

@AC, "9600 bauds", you must be joking! Started using Multics Emacs at 300 bps and moved on to 1200 bps.

Back in 1996, I asked Bernie Greenberg about this. I just posted his reply at http://gizmonaut.net/blog/software/multics_source_reveals_le_jetteur_des_gazongues.html

br -d

Innocent 'terror techie' purges DNA records

David Mery

A few additional details on the comments above

Lucy, thanks for the write up. I wasn't expecting it!

@AC, I reposted the flow chart to determine when a case is exceptional at http://gizmonaut.net/blog/innocent/innoncents_are_exceptional.html

@Rob, that is not correct. The 115 are likely to come from profiles added in previous years (it took me just over two years of effort to get my DNA off). Also the removal is for cases the Police deem to be "exceptional". There's no admission that these cases may be "mistakes".

@AC, a good starting point is to follow the links in http://gizmonaut.net/blog/uk/dna_consultation.html In particular you can follow the links to the consultation document from the Nuffield Council, my response to the consultation and lots of very good info from GeneWatch, or just go to GeneWatch at http://www.genewatch.org/sub-539478 (or wait for the full report published tomorrow - http://www.nuffieldbioethics.org/go/ourwork/bioinformationuse/news_438.html). Also see http://www.theregister.co.uk/2007/09/12/dna_database_debate/ to read about what happened to David Atkinson. For a look at it from a human rights point of view, Justice made an interesting analysis I quoted/summarised in http://gizmonaut.net/blog/uk/dna_consultation_human_rights.html

@AC, the retention guidelines are defined by the Association of Chief Police Officers. "Chief Officers have the discretion to authorise the deletion of any specific data entry on the PNC 'owned' by them. They are also responsible for the authorisation of the destruction of DNA and fingerprints associated with that specific entry. It is suggested that this discretion should only be exercises in exceptional cases." (from http://www.homeoffice.gov.uk/documents/Bichard_Step_Model_Retention.pdf). So the Police are responsible. The Home Office is responsible for the laws enabling this situation.

As for not knowing the ground for arrest. I published them on the page linked by Lucy. The Police in the IPCC supervised enquiry mostly agree with my version of the events. So even if you don't trust me, you can have a good confidence in it.

@Tawakalna, it would seem that the Police didn't take DNA samples of Jean Charles de Menezes as the family has said that they had to exhume the body to take DNA samples to clear Jean of a false accusation of rape.

br -d

Matching genes for criminal injustice

David Mery

"DNA evidence proving to be of use in 0.8 per cent of all crimes recorded"

http://www.nuffieldbioethics.org/fileLibrary/pdf/Consultation_FINAL001.pdf has a recap of some of the info you were after:

<snip>

Confidence in the use of DNA profiling to assist in the detection of crime has stimulated government commitment and financial investment, leading in turn to a significant increase in the use of DNA in the criminal justice process.14 The evaluation of the DNA Expansion Programme demonstrates that the NDNAD provides the police with approximately 3,000 matches per month (over 40,000 matches were declared in 2004/05) (see Box 2).15 The chance of a new crime scene profile matching an individual’s profile already held on the NDNAD is 48 per cent.16 The detection rates for crimes where DNA evidence is available are significantly higher, at 40 per cent, than for those crime scenes where no DNA evidence is recovered, at 26 per cent.17 Detection rates are improved further for different crime types, for example, in domestic burglary the detection rate rises from 16 per cent to 41 per cent when DNA is recovered from the scene.18

Bioinformation is not always useful in detecting crimes, and not all matches lead to a conviction, or even an arrest. Initial DNA match reports provided to the police are often accompanied with a series of caveats, with just 49 per cent of matches on the NDNAD leading to a crime being detected (see Box 2).19 Moreover, in 42 per cent of cases where DNA evidence was available, the police already had the name of the suspect whose identity was suggested by the match report.20 In 2004–05, the Home Office reported 19,873 ‘DNA detections’ (see Box 2), with DNA evidence proving to be of use in 0.8 per cent of all crimes recorded, since in many recorded crimes, such as fraud, public order offences, etc., DNA will be of little relevance.21

<snip>

The NDNAD figure I don't understand is Jacqui Smith quote that it is "estimated that 13.7 per cent. of profiles held on the NDNAD are replicates". (http://gizmonaut.net/blog/uk/dna_ndnad_error_not_found.html) A naive interpretation of this figure raises serious questions as to the integrity of the NDNAD.

BTW, to attend the launch of the report, there's some info at http://www.nuffieldbioethics.org/go/ourwork/bioinformationuse/news_438.html

br -d