Monday 23 April 2012

Cloud computing – told you so

It's happened to Iran. Twice now. If Francis Maude and others have their way, it will happen to the UK.

The Guardian:-


Iranian oil ministry hit by cyber-attack



Iran's main oil export terminal is cut off from internet after apparent attack on website and communications systems


Saeed Kamali Dehghan
guardian.co.uk, Monday 23 April 2012 17.10 BST


Iran's oil ministry has called a crisis meeting after its main website and internal communications system were hit by an apparent cyber-attack that forced authorities to cut off the country's oil export terminal from the internet.

Local news agencies reported on Monday that a virus had struck the computer and communication systems of Iran's main oil export facilities on Kharg Island as well as the internal network and the websites of its oil ministry and subsidiary organisations.

The semi-official Mehr news agency quoted ministry officials as saying an investigation was under way. "We are making plans to neutralise this cyber-attack," said the deputy oil minister in charge of civil defence, Hamdollah Mohammadnejad ...


• Reuters: Suspected cyber attack hits Iran oil industry
• Wall Street Journal: Cyber-Attack Targets Iran Oil, But Exports Normal
• DMossEsq: Cloud computing is bonkers or, as HMG put it, a "no-brainer"


Iran can't protect its main oil refinery from cyber attack. Even Iran. Even its main oil refinery. Dependence on the web seems ill-advised.

Meanwhile HM Government is planning to move all its data into the "cloud", G-Cloud, the government cloud, i.e. the web. That seems equally ill-advised.

Shall we ask HMG please to explain themselves? Can they tell us what Francis Maude, Ian Watmore, Andy Nelson, Chris Chant and Denise McDonagh know that  Iran's top scientists operating on a permanent war footing don't know?

Maybe there's a good answer.

If not, would they please stop this imprudent waste of public money, cancel G-Cloud, cancel IdA, stop playing with techie toys and get on with the job they're paid to do, viz. competent public administration?

Cloud computing – told you so

It's happened to Iran. Twice now. If Francis Maude and others have their way, it will happen to the UK.

The Guardian:-


Iranian oil ministry hit by cyber-attack



Iran's main oil export terminal is cut off from internet after apparent attack on website and communications systems


Saeed Kamali Dehghan
guardian.co.uk, Monday 23 April 2012 17.10 BST


Iran's oil ministry has called a crisis meeting after its main website and internal communications system were hit by an apparent cyber-attack that forced authorities to cut off the country's oil export terminal from the internet.

Local news agencies reported on Monday that a virus had struck the computer and communication systems of Iran's main oil export facilities on Kharg Island as well as the internal network and the websites of its oil ministry and subsidiary organisations.

The semi-official Mehr news agency quoted ministry officials as saying an investigation was under way. "We are making plans to neutralise this cyber-attack," said the deputy oil minister in charge of civil defence, Hamdollah Mohammadnejad ...


• Reuters: Suspected cyber attack hits Iran oil industry
• Wall Street Journal: Cyber-Attack Targets Iran Oil, But Exports Normal
• DMossEsq: Cloud computing is bonkers or, as HMG put it, a "no-brainer"


Iran can't protect its main oil refinery from cyber attack. Even Iran. Even its main oil refinery. Dependence on the web seems ill-advised.

Meanwhile HM Government is planning to move all its data into the "cloud", G-Cloud, the government cloud, i.e. the web. That seems equally ill-advised.

Shall we ask HMG please to explain themselves? Can they tell us what Francis Maude, Ian Watmore, Andy Nelson, Chris Chant and Denise McDonagh know that  Iran's top scientists operating on a permanent war footing don't know?

Maybe there's a good answer.

If not, would they please stop this imprudent waste of public money, cancel G-Cloud, cancel IdA, stop playing with techie toys and get on with the job they're paid to do, viz. competent public administration?

Sunday 22 April 2012

Amazon, Google, Facebook et al – the latter-day pied pipers of Hamelin

The earliest mention of the story seems to have been on a stained glass window placed in the Church of Hamelin c. 1300. The window was described in several accounts between the 14th century and the 17th century ... This window is generally considered to have been created in memory of a tragic historical event for the town. Also, Hamelin town records start with this event. The earliest written record is from the town chronicles in an entry from 1384 which states: "It is 100 years since our children left". (Wikipedia)

---------- o O o ----------
The children
In December 2011, Facebook had 845 million monthly active users, of which 483 million were daily active users. That's a lot of children.

While children follow the music, grown-ups follow the money.

As Martin Sorrell says, influencing social networks is an extremely powerful way of building brands and trust in brands. That's why the hidden persuaders pay for Facebook, Google and other platforms. That's why the people who think they are the users don't pay. We're not the users, we people who do scores of Google searches every day and who meticulously update our Facebook pages and who tweet our every passing thought. Users pay. We're the product.

Mr Zuckerberg doesn't work hard every day developing Facebook because he loves organising parties. And Mr Schmidt doesn't spend a fortune every day improving search algorithms, giving away Google AdWords coupons and suggesting the optimal route between A and B on Google Maps because he hates people to get lost. Only a child would believe that.

Mr Sorrell (WPP) gives money to Messrs Zuckerberg (Facebook) and Schmidt (Google). And Messrs Zuckerberg and Schmidt give us to Mr Sorrell. Willing buyer, willing seller, we're neither – in this exchange we're the product.

The burgomasters
Meanwhile in the Whitehall district of Hamelin, a confused burgomaster is trying to think how to kickstart the economy. If only my townspeople would maintain a personal data store ... I could launch a midata initiative ... hey wait a minute, 30 million of them already have Facebook pages and a growing number have Google+ accounts ... maiden's prayer ... answer ...

Meanwhile in the Whitehall district of Hamelin, another confused burgomaster is trying to think how to modernise public administration. If only my townspeople had electronic identities ... I could launch an Identity Assurance service (IdA) ... public services could become digital by default ... the Government Digital Service (GDS) ... hey wait a minute ...

Meanwhile in the Whitehall district of Hamelin, all the confused burgomasters are justifiably sorry for themselvesAs if we haven't got enough problems ... kickstarting the economy ... communicating with the townspeople ... the bloody townspeople – excuse my French – and their damned residents' associations ... always moaning ... the Public Administration Select Committee ... the Public Accounts Committee ... the Home Affairs Committee ... it's never-ending ... and the wretched impertinent National Audit Office ... ILA ... CSA ... Tax credits ... NPfIT ... FiReControl ... ID cards ... Libra ... NOMS ... Aspire ... IABS ... UC ... RTI ...

... which brings us to ...

The rats
Infested with management consultants with scaly tails and bloated bewhiskered contractors, the Hamelin government IT systems are "unacceptable", says the Schweinhund Chris Chant – pardon my Switzerdeutsch – and it's about time the burgomasters who aren't up to the job got out.

So who will rid us of the rats?

The piper(s)
Tim Berners-Lee?
... individual users were not yet being allowed to exploit all the information relating to them to make their lives easier. Armed with the information that social networks and other web giants hold about us, he said, computers will be able to "help me run my life, to guess what I need next, to guess what I should read in the morning, because it will know not only what's happening out there but also what I've read already, and also what my mood is, and who I'm meeting later on".
Maybe not.

Martha Lane Fox?
Asked by a local authority official whether older channels needed to be "shut off" for savings to be realised, she replied: "Yes, absolutely. That's fundamental to digital by default.

"It's not an option to keep sending people paper when they are perfectly able to use a digital service. It's not an option to keep a call centre going when you see volume go dramatically down. So of course, you have to turn channels off."
Maybe not.

Werner Vogels? (Who? You know. Werner. Werner Vogels. The Chief Technology Officer of Amazon Web Services, AWS. That's who.)
"We are trying to break through the traditional model of enterprise software development," Vogels said, reiterating the AWS mantra for those who have not heard it before. "Core to the old style of doing business was that enterprises were being held hostage with very long-term contracts because that was the only way that you were able to drive your costs down. What is important is that you should keep your providers on their toes every day.

"If we are not delivering the right quality of services, you should be able to walk away. You, the consumer of these services, should be in full control. That is core to our philosophy. And with that also comes the belief that if you help us gain economies of scale, and if we together operate to get increased efficiencies out of our platform, you should benefit from that."

This is why, Vogels said, AWS has cut its prices 19 times on various services – it now offers more than 30 services, ranging from compute and storage clouds to various database, load balancing, and application frame work services. The most recent price cuts, announced in early March, have resulted in some S3 customers seeing their bills drop by 40 per cent and some EC2 users seeing a 32 per cent drop.

"Why would we do this?" asked Vogels rhetorically. "Because we believe that we should help you be more successful. If you are more successful, in the long run, we will have benefit from that as well. This is a pure win-win situation for all of us."
Now you're talking my language, said each burgomaster, assuming that the other burgomasters knew what the Double Dutch Mr Vogels was talking about. A 32% cut for the EC2s? Sounds good. And the S3s are doing even better, with 40%! Maybe Chris Chant was right. Maybe we should modernise ourselves ... and get rid of those rats once and for all.

And it's not just AWS. There are more pipers where they came from. Google cloud services. Microsoft Windows Azure. IBM SmartCloud. Apple iCloud. To name but a few.

Music to my ears, said each burgomaster, as though they'd never heard of predatory pricing and antitrust, and they all went off for a free lunch.


---------- o O o ----------


In some accounts it is hard to tell the burgomasters from the children. Or the rats from the pipers, come to that. Harder still when you see how many burgomasters were recruited by rats after their early and well-funded retirement, or joined pipers.

The earliest mention of the story seems to have been in a doodle on the home page of Google c. 2028. The doodle was described in several tweets between the 21st century and the 24th century ... This doodle is generally considered to have been created in memory of a tragic historical event for the town when all central and local government records went up in a puff of smoke or, more poetically, a "cloud".

Also, the Whitehall town log now starts with this event. The earliest text record is from the town Facebook page in an entry from 2112 which states simply:


----------

Updated: 3.3.14
NHS England patient data 'uploaded to Google servers', Tory MP says

A prominent Tory MP on the powerful health select committee has questioned how the entire NHS hospital patient database for England was handed over to management consultants who uploaded it to Google servers based outside the UK ...

The patient information had been obtained by PA Consulting, which claimed to have secured the "entire start-to-finish HES dataset across all three areas of collection – inpatient, outpatient and A&E".
Update 2.6.14

A rueful article by Hugh Muir in the Guardian, Internet giants wooed us, but the honeymoon is over, nails the point, "we have been seduced. We have been lured by soft music and friendly adverts into a relationship that is anything but equal, and threatens to turn abusive".

Updated 26.8.14
We wanted the web for free – but the price is deep surveillance
Advertising has become the online business model but by its very nature it involves corporations spying on users to produce more targeted results

Updated 27.8.14
Data guardian Sir Nigel Shadbolt on privacy versus freedom
... today we’re paying more attention to the big corporates and internet giants that sit on huge deposits of our data and stare back at us from the other side of the screen. Google, for example, has become a monopoly more powerful than many states.

Updated 26.4.15
Amazon Web Services is showing traditional IT players how they need to change

Amazon Web Services (AWS) is clearly doing something right. The e-commerce giant has split out AWS revenues for the first time in its latest financial results, revealing a $5bn business growing at nearly 50% year on year.

AWS has shown the big, traditional IT players the way to do public cloud - defining the market for infrastructure (IaaS) and platform as a service (PaaS) along the way, forcing the likes of IBM, HP, Oracle and Microsoft to respond. Amazon is by far and away the dominant public cloud player ...
Always worth reading, that is from Bryan Glick's latest editorial in Computer Weekly magazine. He's right about that. The Pied Piper is surging.

Mr Glick adds:
Amazon has achieved $5bn of cloud revenue at a time when there are still widespread fears about cloud - related particularly to security and data protection - that prevent many large organisations, especially in heavily regulated sectors like financial services, from moving to public cloud. But those fears will be overcome; the sceptics will be convinced; the laggards will be forced to catch up. A tipping point is approaching.
Is that right?

Are the sceptics laggards? Or are they the responsible custodians of our "security and data protection"? Ours and our children's.


Amazon, Google, Facebook et al – the latter-day pied pipers of Hamelin

The earliest mention of the story seems to have been on a stained glass window placed in the Church of Hamelin c. 1300. The window was described in several accounts between the 14th century and the 17th century ... This window is generally considered to have been created in memory of a tragic historical event for the town. Also, Hamelin town records start with this event. The earliest written record is from the town chronicles in an entry from 1384 which states: "It is 100 years since our children left". (Wikipedia)

---------- o O o ----------
The children
In December 2011, Facebook had 845 million monthly active users, of which 483 million were daily active users. That's a lot of children.

Saturday 21 April 2012

A contribution to the Guardian's "Battle for the internet" debate


The Guardian have been running a series of articles on whither the web? all week. Here is one contribution to the debate.
Every time somebody puts a magazine on a phone now and doesn't put it on to a web app ... we lose a whole lot of information to the general public discourse – I can't link to it, so I can't tweet it, I can't discuss it, I can't like it, I can't hate it.
That is recognisably the voice of a petulant teenager. So what if the petulant [teenager] can't link to it or tweet/discuss/like/hate it? Who cares? What difference does it make to anyone? None.

Except that actually it's the voice of Tim Berners-Lee in the Guardian.

There are serious issues raised by the Guardian's week-long seminar on the web. And there are childish ones. They seem to be linked.

The instant gratification of curiosity provided all but free by the web comes at a price. Our direct broadband connection costs are heavily subsidised by private sector interests. The problem with low/free costs is near-infinite demand. The huge energy resources required to keep our current incontinent use of the web on the road raise a green issue which perhaps should be added to the other issues being discussed. Energy consumption is regulated by price in every other sphere of our lives. Why not in the web? The price of web usage should increase.

The effectively free access to the Guardian over the web means that I haven't paid for a copy for years. How long can the Guardian or any other newspaper keep on providing a professional service under those circumstances? Not long. The Guardian seem to want to take this problem on the chin. They haven't moaned about it. But they've got to do something or we'll lose plurality in our news media and that's dangerous in a country, it undermines democracy. Should the Guardian go behind a pay wall? If they don't, out of some childish worry about what it will look like to the other kids, they'll die in the process. Cui bono?

It's not just newspapers who face this web quandary. The book industry, music and films are famously in the same boat. So are the commercial banks. They do all the heavy-lifting, know-your-customer, account maintenance, deposit guarantees, etc ..., and then up pops PayPal – very businesslike, very professional – and skims off a whole lot of commission between the customers and their banks. All these industries are having their modus operandi materially changed and even mortally threatened by a bad pun, "free" meaning liberal v. "free" meaning no cost. Paying the "proper" price for goods and services keeps everyone's noses clean and protects their survival. Giving things away for free is childish and self-destructive.

And then there's the UK government. Besotted by the success and the popularity of Amazon, PayPal, Google, Facebook et al, the children in the Cabinet Office, in particular, and the Department [for] Business Innovation and Skills (BIS) can't wait to stick all our data in the cloud and to hand over identity management to the likes of Google and Facebook. They want to be popular. They want to be like their heroes. The difficulties of keeping our data secure and of keeping control of it don't matter to the Cabinet Office and BIS, they just want to be allowed to play, I want to be able to link to it, I want to be able to tweet it, I want to discuss it and like it or hate it and I want it now.

Another issue the Guardian might consider, is that Amazon and Google pay no tax in the UK despite making a lot of money here. Amazon and Google are two of the most likely cloud computing suppliers to whom the Whitehall children may turn to take over the job of government which defeats them. Surely the Guardian doesn't wish to reward tax avoidance?

A contribution to the Guardian's "Battle for the internet" debate


The Guardian have been running a series of articles on whither the web? all week. Here is one contribution to the debate.
Every time somebody puts a magazine on a phone now and doesn't put it on to a web app ... we lose a whole lot of information to the general public discourse – I can't link to it, so I can't tweet it, I can't discuss it, I can't like it, I can't hate it.
That is recognisably the voice of a petulant teenager. So what if the petulant [teenager] can't link to it or tweet/discuss/like/hate it? Who cares? What difference does it make to anyone? None.

Except that actually it's the voice of Tim Berners-Lee in the Guardian.

Friday 20 April 2012

Will the ridge of high pressure over Whitehall blow away the G-Cloud?

For the moment Chris Chant is an Executive Director in the Cabinet Office, he is Director of the G-Cloud Programme and he is uniquely emphatic in denouncing the failures of government IT. Take for example his talk to the Institute for Government last October. The litany of unacceptable practices which he enumerates there makes uncomfortable listening for his fellow senior Whitehall officials and for the contractors supplying IT services to HMG.

That discomfort may soon be relieved. Mr Chant's retirement was announced on 13 April and at the end of the month he will be replaced, part-time, by Denise McDonagh who remains simultaneously Director of IT at the Home Office.

A passing acquaintance with the work of the Public Administration Select Committee, the Public Accounts Committee and the National Audit Office will confirm that the problems identified by the G-Cloud team exist. The NAO give you the horrifying details. PAC remind you in their admirably trenchant style how much public money is wasted on government IT. And, with Whitehall and its favoured contractors comfortably and expensively under-performing, PASC keep asking how the quality of public administration in the UK can be raised.

The problems are known. The question is whether G-Cloud – the government cloud – is the solution.

Ms McDonagh divides the world into those in favour of G-Cloud, those against it and those who don’t know but insist on discussing it anyway. Before deciding whether we’re for G-Cloud or agin’ it, we proud members of the third group have a number of questions which remain currently unanswered. Here are just two of them:
  • Firstly, as Tony “forces of reaction” Blair and David “enemies of enterprise” Cameron will tell you, parliament lost control of Whitehall a long time ago. The departments of state are impregnable satrapies where the permanent secretary, his or her chief executives and the aforementioned favoured suppliers nurse a pile of eight-, nine- and even ten-figure contracts that G-Cloud would upset mightily. How is Denise McDonagh going to succeed where parliament has failed?
  • Second, even with a £1 trillion national debt and a flatlining economy the coalition government set aside £650 million for cybersecurity. Someone recognises the threat. The web is a dangerous place to be. The media treat us to stories of denial of service and the cybertheft of data every week. No-one is immune, including Whitehall. And yet that’s where G-Cloud would see all our data stored, in the cloud, on the web. How will Ms McDonagh keep control of it there?
When Chris Chant gave his “unacceptable” speech last October, was that the start of a latter-day Reformation?

Or was it the foreword to a 2015 NAO report on how G-Cloud is yet another government IT project that saw £x hundred million incinerated by Whitehall, and a PAC report asking what the point is of paying taxes if this is what happens to public money, and a PASC report on the uncomfortable question – are Whitehall capable of doing their job of public administration?

A version of this post is carried in today's PublicTechnology.net.

Will the ridge of high pressure over Whitehall blow away the G-Cloud?

For the moment Chris Chant is an Executive Director in the Cabinet Office, he is Director of the G-Cloud Programme and he is uniquely emphatic in denouncing the failures of government IT. Take for example his talk to the Institute for Government last October. The litany of unacceptable practices which he enumerates there makes uncomfortable listening for his fellow senior Whitehall officials and for the contractors supplying IT services to HMG.

That discomfort may soon be relieved. Mr Chant's retirement was announced on 13 April and at the end of the month he will be replaced, part-time, by Denise McDonagh who remains simultaneously Director of IT at the Home Office.

Tuesday 17 April 2012

UKBA – what do the Board do for £1 million p.a.?


They're a busy lot on the Home Affairs Committee. On 11 April 2012, they published their 21st report since September 2010, Work of the UK Border Agency (August - December 2011).

No advance on their 17th report back in January, Inquiry into the provision of UK Border Controls, the Committee draw attention to the UK Border Agency's contemptuous lack of co-operation with parliament (para.79-81). Parliament is meant to be supreme. The Executive, in the form of UKBA, continues to behave as though it is supreme.

As with the 17th report, the Committee make the obvious point that the UK Border Agency is not an agency of the Home office at all, it is an integral part of the Home Office. The word "Agency" appears accordingly in inverted commas throughout the report.

The failings of UKBA do not stop at the Board of UKBA, they go to the top of the Home Office, to Dame Helen Ghosh, the permanent secretary. And they did not start with her, they go back to the incumbency of her predecessor, Sir David Normington.

The Committee expect not only the chief executive of UKBA to co-operate with them but also the permanent secretary (para.12, 37, 73). UKBA's failings are her failings as much as Rob Whiteman's.

And what are those failings?

The Committee list them under 23 headings in this report.

They start by listing the salaries of eight executive members of the UKBA Board, roughly £1 million per annum. £1 million should buy any organisation a lot of management and direction. Especially when, as in this case, it doesn't stop there, there is further input from the top levels of the Home Office.

In the event, with failings in 23 areas reported here, and more being signalled for upcoming Committee enquiries, the expected management and direction are not being delivered.

John Vine, the Independent Chief Inspector of UKBA, made the point in his report on the Brodie Clark affair that (p.6):
There is nothing I have discovered which could not have been identified and addressed by senior managers exercising proper oversight.
The question arises, if they're not exercising proper oversight, what are Dame Helen and Rob Whiteman and the other senior civil servants doing?

UKBA – what do the Board do for £1 million p.a.?


They're a busy lot on the Home Affairs Committee. On 11 April 2012, they published their 21st report since September 2010, Work of the UK Border Agency (August - December 2011).

No advance on their 17th report back in January, Inquiry into the provision of UK Border Controls, the Committee draw attention to the UK Border Agency's contemptuous lack of co-operation with parliament (para.79-81). Parliament is meant to be supreme. The Executive, in the form of UKBA, continues to behave as though it is supreme.

Sunday 15 April 2012

Even the founder of Google is warning Whitehall against cloud computing

In a series of articles recently DMossEsq has warned against Whitehall's plans to adopt cloud computing, please see for example Cloud computing is bonkers or, as HMG put it, a "no-brainer". One of the risks of storing UK citizens' data on servers operated by Google, say, or any of the other suppliers of cloud computing services, is that the data will then come under the jurisdiction of other governments.

Is that true?

Yes it is. The Guardian today carry an article about Sergey Brin, one of the genius founders of Google, Web freedom faces greatest threat ever, warns Google's Sergey Brin, in which they say:
Brin acknowledged that some people were anxious about the amount of their data that was now in the reach of US authorities because it sits on Google's servers. He said the company was periodically forced to hand over data and sometimes prevented by legal restrictions from even notifying users that it had done so.
It is mystifying how Whitehall can even consider storing our personal data in the cloud, as though that might be acceptable to their parishioners. The question is indeed a "no-brainer", as Whitehall put it – no-one with a mental age over 12 would have the least trouble seeing that the answer is no.

Actually, some of these articles aren't so recent. The decision facing Francis Maude was published in January 2011 and With their head in the clouds was published 18 months ago in October 2010. Francis Maude is the man in charge. Him and Ian Watmore, permanent secretary at the Cabinet Office. Mr Maude. Mr Watmore. Please. Get a grip. Tell the children it's time to grow up.

Even the founder of Google is warning Whitehall against cloud computing

In a series of articles recently DMossEsq has warned against Whitehall's plans to adopt cloud computing, please see for example Cloud computing is bonkers or, as HMG put it, a "no-brainer". One of the risks of storing UK citizens' data on servers operated by Google, say, or any of the other suppliers of cloud computing services, is that the data will then come under the jurisdiction of other governments.

Is that true?

Yes it is. The Guardian today carry an article about Sergey Brin, one of the genius founders of Google, Web freedom faces greatest threat ever, warns Google's Sergey Brin, in which they say:
Brin acknowledged that some people were anxious about the amount of their data that was now in the reach of US authorities because it sits on Google's servers. He said the company was periodically forced to hand over data and sometimes prevented by legal restrictions from even notifying users that it had done so.
It is mystifying how Whitehall can even consider storing our personal data in the cloud, as though that might be acceptable to their parishioners. The question is indeed a "no-brainer", as Whitehall put it – no-one with a mental age over 12 would have the least trouble seeing that the answer is no.

Actually, some of these articles aren't so recent. The decision facing Francis Maude was published in January 2011 and With their head in the clouds was published 18 months ago in October 2010. Francis Maude is the man in charge. Him and Ian Watmore, permanent secretary at the Cabinet Office. Mr Maude. Mr Watmore. Please. Get a grip. Tell the children it's time to grow up.

Friday 13 April 2012

Friday 13th unlucky for Chris Chant and the UK

Two days ago, DMossEsq published an article asking Chris Chant several questions about the government's plans for cloud computing. No answer has been received, it's early days, but now it appears that Mr Chant is retiring – Chris Chant to retire in two weeks (see alsoand also, and also, ...).

The first article published on this blog, 3 October 2011, asked if Sir Gus now Lord O'Donnell is responsible for the mismanagement of the UK economy over the past 15 years or so. No answer has been received, it's early days, but now it appears that Lord O'Donnell is a strong candidate to succeed Mervyn King as Governor of the Bank of England – O'Donnell for Bank of England governor? (see also, and also, and also, ...).

Friday 13th unlucky for Chris Chant and the UK

Two days ago, DMossEsq published an article asking Chris Chant several questions about the government's plans for cloud computing. No answer has been received, it's early days, but now it appears that Mr Chant is retiring – Chris Chant to retire in two weeks (see alsoand also, and also, ...).

The first article published on this blog, 3 October 2011, asked if Sir Gus now Lord O'Donnell is responsible for the mismanagement of the UK economy over the past 15 years or so. No answer has been received, it's early days, but now it appears that Lord O'Donnell is a strong candidate to succeed Mervyn King as Governor of the Bank of England – O'Donnell for Bank of England governor? (see also, and also, and also, ...).

Wednesday 11 April 2012

The government's plans for cloud computing – hot air?

HMG have come up with another one of their questionable posts about cloud computing. And once again, the questions have been duly submitted as a comment on the HMG blog. Will they publish the comment this time? They didn't last time. And will they answer the questions?

It's all getting very butch. Under the picture of a leopard with its impressive mouth open Chris Chant, the Programme Director for G-Cloud, says:
There is still plenty more to do and, if I look back on the last dozen years and honestly reflect on those I’ve worked with and interacted with, this is still a pretty difficult list of stuff to do and some of those people just don’t have the capability to do it.  They will have to look hard at themselves and decide how they are going to resolve that because it will turn out to be the toughest thing that they have done in their career so far.
The leopard's got plenty but does the G-Cloud Programme have any teeth?

Dear Mr Chant

Few would disagree with your analysis of the current problems with a lot of UK government IT. The search is on for a better way. The question is, have you found a better way?

The better way you propose is digital by default and customer-centric. But the two don't mix. 10 million of your customers have never used the web. To concentrate on digital by default is to ignore 10 million of your customers and – I say this more hesitantly than it sounds – you are fooling yourself if you think otherwise. Is digital by default, for 10 million people, the very opposite of customer-centric? Your answer to that? So far, a phrase – "assisted digital". An empty phrase.

The media is knee-deep in cyber (in)security stories. Every time you re-announce your plans there's always just been another one of these stories. Apart from Anonymous taking down the Home Office website for Easter, the latest serious insecurity story is the update on RSA themselves being hacked by the Chinese. If RSA can't operate securely, how can Whitehall? They can't. Is G-Cloud a strategic mistake, securitywise? Your answer to that? So far, silence.

Judging by Mr Scaife's "no-brainer" post, the Cloud means no capital expenditure. Which means Whitehall would be using Amazon's servers. Or Google's or whoever's. And where will these servers be? Wherever Amazon or Google or Microsoft or whoever put them. Which could be anywhere. Which could be beyond British jurisdiction. And access could anyway be subject to Anonymous's permission. Will Whitehall literally lose control of its applications and its data? Our data, rather. Your answer to that? So far, silence.

Last time the world used timesharing – the 1970s – costs went through the roof. Why wouldn't the same happen this time? Your answer to that? So far, silence.

What we do get from you is assertions about the agility and affordability of cloud computing. But no examples. How about taking a big government contract, an existing one, as a worked example, and telling us in detail how we can avoid the saga-length contracts and the King Midas costs while at the same time delivering customised services instantly? ("Instantly" is probably going a bit far but a lot of your sales talk sounds as though that's what you're offering.) Without a worked example, it's all just talk.

At least that's the danger. It was great the first time. 20 October 2011. And it's great listening to you every few weeks telling the dinosaurs to show themselves out of Whitehall. But meantime the dinosaurs are still in situ, still signing contracts, sagas just like the old contracts, they're still denominated in years and in billions of pounds and the counterparties are still the same old suppliers. Where's the agility? Where's the affordability? Your answer to that? So far, silence.

I shan't ask you to defend your claim that Whitehall is now "open". There's quite enough else there for you to get your leopard's teeth into.

Yours sincerely
David Moss

The government's plans for cloud computing – hot air?

HMG have come up with another one of their questionable posts about cloud computing. And once again, the questions have been duly submitted as a comment on the HMG blog. Will they publish the comment this time? They didn't last time. And will they answer the questions?

It's all getting very butch. Under the picture of a leopard with its impressive mouth open Chris Chant, the Programme Director for G-Cloud, says:
There is still plenty more to do and, if I look back on the last dozen years and honestly reflect on those I’ve worked with and interacted with, this is still a pretty difficult list of stuff to do and some of those people just don’t have the capability to do it.  They will have to look hard at themselves and decide how they are going to resolve that because it will turn out to be the toughest thing that they have done in their career so far.
The leopard's got plenty but does the G-Cloud Programme have any teeth?

Saturday 7 April 2012

Anonymous demonstration of foolproof Cabinet Office plans

Don't worry – this can't happen
The BBC are reporting that the hacking group Anonymous have caused the Home Office website to be taken out of service.

Under no circumstances should this be taken as an example of what could happen if the Cabinet Office have their way and all public services are delivered over the web.

The public can safely remain entirely confident that this could never happen to the G-Cloud, for example, the "government cloud" on the web in which Her Majesty's Government plan to store all our data. All our tax records and pension records and benefits records and health records and housing records and travel records (eBorders) and Companies House records and Charity Commission records and criminal records and military records and energy infrastructure records and  driving licences and passports and the Government Gateway and ... all tucked up in the G-Cloud and all as safe as houses.

The Chinese would be quite incapable of pulling off the same trick as Anonymous, a small group of gifted amateurs. Nor could the Russians. Or an undergraduate class at the University of Michigan.

Admittedly, the OECD recommend that "cloud computing creates security problems in the form of loss of confidentiality if authentication is not robust and loss of service if internet connectivity is unavailable or ...".

And ENISA, the EU's information security agency, say that cloud computing "should be limited to non-sensitive or non-critical applications and in the context of a defined strategy ... which should include a clear exit strategy".

But here in the UK, cyber security is masterminded by the arch-moderniser Francis Maude – and what could be more modern than to use the web for all government business?
Not that there's any need to address any enquiries to them or to anyone else. Francis Maude, Martha Lane Fox, St Augustine, Tony Blair, Ian Watmore, Andy Nelson, Chris Chant, Denise McDonagh and ex-Guardian man Mike Bracken know what they're doing. They are to be trusted implicitly.

As the BBC report says, the Home Office "have put all potential measures in place and will be monitoring the situation very closely". There really is nothing to see here. "Potential measures" are in place. Not just some of them. All of them. It is simply impossible that access to the G-Cloud should ever be cut off:

Don't worry – this can't happen

Anonymous demonstration of foolproof Cabinet Office plans

Don't worry – this can't happen
The BBC are reporting that the hacking group Anonymous have caused the Home Office website to be taken out of service.

Under no circumstances should this be taken as an example of what could happen if the Cabinet Office have their way and all public services are delivered over the web.

The public can safely remain entirely confident that this could never happen to the G-Cloud, for example, the "government cloud" on the web in which Her Majesty's Government plan to store all our data. All our tax records and pension records and benefits records and health records and housing records and travel records (eBorders) and Companies House records and Charity Commission records and criminal records and military records and energy infrastructure records and  driving licences and passports and the Government Gateway and ... all tucked up in the G-Cloud and all as safe as houses.

Friday 6 April 2012

GreenInk 6 – Whitehall’s idea of efficiency and reform seems to be to hand over our personal data to third parties in overseas jurisdictions where it will be impossible for Whitehall to keep control of it

The following letter was kindly published by the Guardian today under the heading Security policies under a cloud:
From: David Moss
Sent: 05 April 2012 12:50
To: 'letters@guardian.co.uk'
Subject: Rajeev Syal, 3 April 2012, 'Lib Dem MPs issue warning over web surveillance proposals'

http://www.guardian.co.uk/world/2012/apr/03/web-surveillance-legislation-dangers-letter

Sir

Whitehall’s strange attitude to the confidentiality of our personal data is revealed not only by its recent attempt to resurrect the snoopers’ web-surveillance charter but also by two other initiatives, IdA and G-Cloud.

IdA, Whitehall's identity assurance initiative, is part of their plan to make all public services accessible over the web and only over the web. When you submit your tax return, for example, under IdA you will require an electronic ID issued and managed by the likes of Google and Facebook. G-Cloud is Whitehall's Government Cloud plan to put all government data on the web, where it will be stored on computers operated by Google and other cloud computing service providers like Amazon.


These initiatives are being promoted in the name of efficiency and reform and are the responsibility of Rt Hon Francis Maude MP, the Cabinet Office Minister. Whitehall’s idea of efficiency and reform seems to be to hand over our personal data to third parties in overseas jurisdictions where it will be impossible for Whitehall to keep control of it. Will Mr Maude ask us if we all agree to this plan?

Yours
David Moss

GreenInk 6 – Whitehall’s idea of efficiency and reform seems to be to hand over our personal data to third parties in overseas jurisdictions where it will be impossible for Whitehall to keep control of it

The following letter was kindly published by the Guardian today under the heading Security policies under a cloud:
From: David Moss
Sent: 05 April 2012 12:50
To: 'letters@guardian.co.uk'
Subject: Rajeev Syal, 3 April 2012, 'Lib Dem MPs issue warning over web surveillance proposals'

http://www.guardian.co.uk/world/2012/apr/03/web-surveillance-legislation-dangers-letter

Sir

Whitehall’s strange attitude to the confidentiality of our personal data is revealed not only by its recent attempt to resurrect the snoopers’ web-surveillance charter but also by two other initiatives, IdA and G-Cloud.

IdA, Whitehall's identity assurance initiative, is part of their plan to make all public services accessible over the web and only over the web. When you submit your tax return, for example, under IdA you will require an electronic ID issued and managed by the likes of Google and Facebook. G-Cloud is Whitehall's Government Cloud plan to put all government data on the web, where it will be stored on computers operated by Google and other cloud computing service providers like Amazon.


These initiatives are being promoted in the name of efficiency and reform and are the responsibility of Rt Hon Francis Maude MP, the Cabinet Office Minister. Whitehall’s idea of efficiency and reform seems to be to hand over our personal data to third parties in overseas jurisdictions where it will be impossible for Whitehall to keep control of it. Will Mr Maude ask us if we all agree to this plan?

Yours
David Moss

What's the matter with our leaders, that they can imagine we welcome mass surveillance? A blogger suggests the answer


To the Cabinet Office, it is quite unremarkable to suggest that we should all apply to private sector companies for an electronic ID so that we can transact with the government, see for example this post by ex-Guardian man Mike Bracken – Establishing trust in digital services. Given that there are 60 million of us here in the UK, those private sector companies would have to be pretty big to manage the volumes. As big as Facebook, for example, who already have 30 million active users in the UK. Or Google, the company that "walked Francis Maude through the identity ecosystem". At least that's what ex-Guardian man Mike Bracken says in Thoughts on my recent trip to the West Coast with Francis Maude, Minister for the Cabinet Office.

To ordinary human beings, the idea is utterly inept.

To the Department of Business, Innovation and Skills, it is quite unremarkable to suggest that we should all collect together our personal data in a file and give it to suppliers so that they know what we want to buy from them, please see for example Ed Davey, problem-solver – midata. Only a mooncalf could possibly agree (The case for midata – the answer is a mooncalf).

To ordinary human beings, the idea is utterly inept.

To the civil service all across Whitehall, it is quite unremarkable to suggest that all the personal data about us held by the government should be stored on computers operated by the likes of Google and Amazon. Whereas the suggestion is of course actually bonkers – Cloud computing is bonkers or, as HMG put it, a "no-brainer".

To ordinary human beings, the idea is utterly inept.

To the Home Office, it is quite unremarkable to suggest that all our phone calls, emails, web browsing etc ... should be monitored by GCHQ.

To ordinary human beings, the idea is utterly inept.

Whitehall and the senior politicians put in to bat for Whitehall clearly have a very odd idea of human nature. It's worth trying to work out what's odd about it. It doesn't help simply to keep saying that it's odd. We need to make a bit of progress. And in that endeavour the blogger Scott Grønmark has taken the first important step.

Mr Grønmark says that in 2005 it occurred to him that the government has many of the symptoms of autism – Talk to the hand! - why all organisations turn autistic – and that he is thinking of writing a book about it. He has returned to the subject about 10 times over the years (according to Google). Let's hope that he does finally write that book.

What's the matter with our leaders, that they can imagine we welcome mass surveillance? A blogger suggests the answer


To the Cabinet Office, it is quite unremarkable to suggest that we should all apply to private sector companies for an electronic ID so that we can transact with the government, see for example this post by ex-Guardian man Mike Bracken – Establishing trust in digital services. Given that there are 60 million of us here in the UK, those private sector companies would have to be pretty big to manage the volumes. As big as Facebook, for example, who already have 30 million active users in the UK. Or Google, the company that "walked Francis Maude through the identity ecosystem". At least that's what ex-Guardian man Mike Bracken says in Thoughts on my recent trip to the West Coast with Francis Maude, Minister for the Cabinet Office.

To ordinary human beings, the idea is utterly inept.