I'm doing some work for a client at the moment who's industry is particularly technophobic. The absolute cutting edge is a bit of YouTube video thrown willy nilly into a page. I'd also point out that design is something that rarely makes an appearance in this particular industry.
So it was pretty refreshing when we went to them with a series of ideas from the more commercial sectors of New Media and one of the things they latched onto was SMS. Queue annoyance though when we had already got everything ready to go other than to push the big green "launch" button and another company got involved and started talking about location aware services and high end data capture etc.
At this point the client dissolved into a mess of indecision - "Why weren't we doing all of this?" was the question, to which the answer was "Because you don't need to - primarily because your text messaging service is built around raising revenue through donations!"
I've had this happen in the past, notably with SEO companies. I do pity the poor clients who get stuck in these situations where they've finally decided to push their technology base along but then get waylaid by all the glittery, flashing and hypnotic LEDs.
At the end of the day it is important to remember why you are doing something and not get sidetracked (and not get ripped off). Once a strong foundation of technology is laid there is always something new you can build - you don't have to have every shiny present under the tree to have a great christmas.
Showing posts with label government. Show all posts
Showing posts with label government. Show all posts
Wednesday, 19 December 2007
Wednesday, 21 November 2007
Why was data being passed on a disc and what was EDS advice?
Readers in the UK will be aware of a Data Protection train crash that we have been watching unfold in front of us over the last few days. It turns out that 25 million records of a database managed by HMRC have been lost in the post because they were sent on a couple of disks using unrecorded mail.
There has been much speculation about which minister to blame and who in the cabinet (including the Prime Minister) should lose their job but one thing that is mostly missing is the notion of data security.
In the UK we have the Data Protection Act - policies enshrined in law to which I am constantly referring when talking to my clients. A typical day for me usually includes quoting something from the DPA at least once. Not least because a client wants to harvest user data and use it for something else that is outside the bounds of what is technically legal.
I've done a lot of work for government and I have to say in my experience they have terrible technical practices. Gone are the days of locked down machines with no floppy drives and only CD-Rs. In are mass market units from Dell with the latest in CD/DVD-RW (because they are cheap and mass produced) along with USB connectors that people can hot plug a pen drive into and download whatever they like. The current government has a woeful record on technology projects mostly because they don't understand it and they contract suppliers who talk a good presentation rather than deliver an effective solution.
According to the DPA
Indeed, why wasn't there a secure online facility for user data to be interrogated without recourse to physical copies to begin with?
In addition the data was supposed to have been "desensitised" before sending - a quaint term meaning removal of things like bank details, exact personal date and full address information. To do this EDS wanted to charge money for it. The department didn't want to pay so they took the lot.
EDS are complicit in this as much as the people from HMRC are. How hard is it to type into the database "Select name, age, postcode from person where...." instead of "Select * from person where..." Or else just remove the columns that were sensitive on output. It would have taken me a few minutes so it can't have taken an experienced EDS engineer that long.
EDS shouldn't have been charging for that sort of difference - but it sounds more complex so it was an opportunity to get some more cash in - probably.
Further EDS should have been saying "We advise you that the data you are requesting is excessive for the purposes of what you are going to use it for so we'll give you a more secure subset". That would have rammed home the implications of what the staff at HMRC were asking for.
In my history of working with government I have come across this sort of situation many times before. It is well known that government contractors over charge, shaking the fruit out of the infinitely laden money tree whenever they can. Our E-Minister is supposed to deal with this sort of thing but in practice he's a politician who knows as much about IT as my mum. The only way to resolve this problem is for wholesale changes to occur within government (locking down machines) and to make stiffer penalties the punishment for breaches of the DPA.
We now have a situation where 25 million adults in the UK are worried that their personal details are going to be used in some sort of mass identity fraud.
My view is pragmatic in that the CDs are propably laying in the corner of a sorting office at TNT somewhere - but they could well be in some gangster's tech lab being processed and that is the point of all this security.
There has been much speculation about which minister to blame and who in the cabinet (including the Prime Minister) should lose their job but one thing that is mostly missing is the notion of data security.
In the UK we have the Data Protection Act - policies enshrined in law to which I am constantly referring when talking to my clients. A typical day for me usually includes quoting something from the DPA at least once. Not least because a client wants to harvest user data and use it for something else that is outside the bounds of what is technically legal.
I've done a lot of work for government and I have to say in my experience they have terrible technical practices. Gone are the days of locked down machines with no floppy drives and only CD-Rs. In are mass market units from Dell with the latest in CD/DVD-RW (because they are cheap and mass produced) along with USB connectors that people can hot plug a pen drive into and download whatever they like. The current government has a woeful record on technology projects mostly because they don't understand it and they contract suppliers who talk a good presentation rather than deliver an effective solution.
According to the DPA
"Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data."This is why our PM said procedures weren't followed and he is bang on the money there. This relaxed attitude to data, particularly sensitive data, has been demonstrated in this debacle. If the data was going to be put on disc why wasn't it fully encrypted?
Indeed, why wasn't there a secure online facility for user data to be interrogated without recourse to physical copies to begin with?
In addition the data was supposed to have been "desensitised" before sending - a quaint term meaning removal of things like bank details, exact personal date and full address information. To do this EDS wanted to charge money for it. The department didn't want to pay so they took the lot.
EDS are complicit in this as much as the people from HMRC are. How hard is it to type into the database "Select name, age, postcode from person where...." instead of "Select * from person where..." Or else just remove the columns that were sensitive on output. It would have taken me a few minutes so it can't have taken an experienced EDS engineer that long.
EDS shouldn't have been charging for that sort of difference - but it sounds more complex so it was an opportunity to get some more cash in - probably.
Further EDS should have been saying "We advise you that the data you are requesting is excessive for the purposes of what you are going to use it for so we'll give you a more secure subset". That would have rammed home the implications of what the staff at HMRC were asking for.
In my history of working with government I have come across this sort of situation many times before. It is well known that government contractors over charge, shaking the fruit out of the infinitely laden money tree whenever they can. Our E-Minister is supposed to deal with this sort of thing but in practice he's a politician who knows as much about IT as my mum. The only way to resolve this problem is for wholesale changes to occur within government (locking down machines) and to make stiffer penalties the punishment for breaches of the DPA.
We now have a situation where 25 million adults in the UK are worried that their personal details are going to be used in some sort of mass identity fraud.
My view is pragmatic in that the CDs are propably laying in the corner of a sorting office at TNT somewhere - but they could well be in some gangster's tech lab being processed and that is the point of all this security.
Thursday, 8 November 2007
Why can't I have $100 laptop
Don't you hate it when you can't get something you'd really like?
I've been following the OLPC project more or less since its inception. When I first heard about it I was mostly interested in how they were going to pull off building a laptop for only $100 per unit.
After realising they were going to do it I was interested in how useful the machine would actually be (it has no hard drive so it can't be that great right?).
After seeing it was running Linux and was designed to be wireless from the start, run on mains or able to wind it up to power the laptop and it was designed to be durable in harsh environments I was mostly interested in how I could lay my hands on one (or two even).
My disappointment was immense when the OLPC guys decided not to offer them for sale, and then when they u-turned and started the G1G1 initiative (Give One Get One) I had a momentary blip of joy until they said it would only be available in North America.
Why they've not rolled this out to Europe is beyond my comprehesion - I don't even care if I don't have a £ key - I can always map it to a key stroke anyway. And I'd even be happy to Give 2 Get 1 if shipping was the issue.
The other thing that amazes me is that given the connectivity of these laptops Western nations aren't falling over themselves to get them for schools - even if they had to pay a higher rate along the lines of the G1G1 programme it would still be cheaper than buying Dell machines into all the schools.
I've been following the OLPC project more or less since its inception. When I first heard about it I was mostly interested in how they were going to pull off building a laptop for only $100 per unit.
After realising they were going to do it I was interested in how useful the machine would actually be (it has no hard drive so it can't be that great right?).
After seeing it was running Linux and was designed to be wireless from the start, run on mains or able to wind it up to power the laptop and it was designed to be durable in harsh environments I was mostly interested in how I could lay my hands on one (or two even).
My disappointment was immense when the OLPC guys decided not to offer them for sale, and then when they u-turned and started the G1G1 initiative (Give One Get One) I had a momentary blip of joy until they said it would only be available in North America.
Why they've not rolled this out to Europe is beyond my comprehesion - I don't even care if I don't have a £ key - I can always map it to a key stroke anyway. And I'd even be happy to Give 2 Get 1 if shipping was the issue.
The other thing that amazes me is that given the connectivity of these laptops Western nations aren't falling over themselves to get them for schools - even if they had to pay a higher rate along the lines of the G1G1 programme it would still be cheaper than buying Dell machines into all the schools.
Monday, 15 October 2007
Let the new gaming witch hunt begin
I'm in my thirties now and I've been playing computer games from the age of about four when my dad first brought home the venerable Vic 20 - partly because he was doing a computer science degree at University but mostly because he wanted to tinker.
Through my life I've borne witness to the rise of computer gaming as a media format to rival and now surpass film and I've seen countless witch hunts focus on computer games as being the root of many of society's teenage evils - everything from being the cause of the obesity epidemic to turning children into cold blooded murderers and violent criminals.
I'd like to think that I'm pretty normal - whilst I have my own individual quirks as everyone does, psychological assessments that I've taken for a couple of employers have branded me pretty average on the whole "serial killer" metric. And even though I'm now suffering from the onset of a bit of "middle-agd-spread", as a teenager and child I was pretty skinny.
In thirty years of gaming I'd say I'm "above average" in terms of the amount of time I spent gaming. I wouldn't have hit "compulsive" but as a kid I'd spend a good hour or two a day playing on the computer. Conversely though I'd spend an hour or two playing outside per day though the key factor was that I watched virtually no TV.
You see my parents had a rule in our house - TV or Computer but not both. When my mum thought we had been spending a bit too much time in front of either she'd pull the plug out of the wall and summarily kick us out the door with the instructions that "it was a nice day - go enjoy it" - this held true even if it was raining or the middle of winter!
So, in what seems like a biennial event another review of gaming has been started - the Byron Review this time is being headed up by the very smart Dr Tanya Byron - an expert in Child Behaviour (and TV personality to add some celebrity to the proceedings). Whilst the review is supposed to cover the full range of technology, Gaming and the Internet are always the first things to crop up as being responsible for the decline of morality amongst our youth.
What won't be taken into account properly though in my opinion is how the role of the parent has changed in relation to these technologies. My parents looking back on it were pretty good (though I know I didn't think it at the time) in policing our internet and gaming activities (our family had access to the internet through a BBS at my dad's Uni).
The modern parent has completely divested themselves of any responsibility for policing their childs' activities. This isn't just limited to gaming and the internet but is a wider social epidemic we are starting to see the symptoms of - everything from anti-social behaviour to academic performance.
I know of adults who have bought games for their children aged under 10 that are clearly marked as being 18 certified. All because of pester power and the guilt that they have over not seeing their child because they have to go off and work all day. What scares me is the "oh well" attitude of these parents - and the fact that because the console is in their kid's bedroom they don't see the actual content themselves. For me games were played in the living room in full view of the rest of the house.
In the face of this blatant irresponsibilty from parents, what can the games industry do? They've created a product they have submitted to the classification board, risking censorship and potentially loss through narrowing their market but then the parents ignore it and go buy the game for their child anyway.
After the fact, parents are the ones calling for tougher regulation and a realignment of the game makers moral compass when it comes to producing the content but it is their failure and own moral ambiguity that has caused the problem in the first place.
For all the public outcries about video game related violence and exposure to sexual content, there is deafening silence regarding the lack of parenting skills to avoid exactly this situation. My parents could do it as could those of my friends - how have we lost that skill in a single generation?
Through my life I've borne witness to the rise of computer gaming as a media format to rival and now surpass film and I've seen countless witch hunts focus on computer games as being the root of many of society's teenage evils - everything from being the cause of the obesity epidemic to turning children into cold blooded murderers and violent criminals.
I'd like to think that I'm pretty normal - whilst I have my own individual quirks as everyone does, psychological assessments that I've taken for a couple of employers have branded me pretty average on the whole "serial killer" metric. And even though I'm now suffering from the onset of a bit of "middle-agd-spread", as a teenager and child I was pretty skinny.
In thirty years of gaming I'd say I'm "above average" in terms of the amount of time I spent gaming. I wouldn't have hit "compulsive" but as a kid I'd spend a good hour or two a day playing on the computer. Conversely though I'd spend an hour or two playing outside per day though the key factor was that I watched virtually no TV.
You see my parents had a rule in our house - TV or Computer but not both. When my mum thought we had been spending a bit too much time in front of either she'd pull the plug out of the wall and summarily kick us out the door with the instructions that "it was a nice day - go enjoy it" - this held true even if it was raining or the middle of winter!
So, in what seems like a biennial event another review of gaming has been started - the Byron Review this time is being headed up by the very smart Dr Tanya Byron - an expert in Child Behaviour (and TV personality to add some celebrity to the proceedings). Whilst the review is supposed to cover the full range of technology, Gaming and the Internet are always the first things to crop up as being responsible for the decline of morality amongst our youth.
What won't be taken into account properly though in my opinion is how the role of the parent has changed in relation to these technologies. My parents looking back on it were pretty good (though I know I didn't think it at the time) in policing our internet and gaming activities (our family had access to the internet through a BBS at my dad's Uni).
The modern parent has completely divested themselves of any responsibility for policing their childs' activities. This isn't just limited to gaming and the internet but is a wider social epidemic we are starting to see the symptoms of - everything from anti-social behaviour to academic performance.
I know of adults who have bought games for their children aged under 10 that are clearly marked as being 18 certified. All because of pester power and the guilt that they have over not seeing their child because they have to go off and work all day. What scares me is the "oh well" attitude of these parents - and the fact that because the console is in their kid's bedroom they don't see the actual content themselves. For me games were played in the living room in full view of the rest of the house.
In the face of this blatant irresponsibilty from parents, what can the games industry do? They've created a product they have submitted to the classification board, risking censorship and potentially loss through narrowing their market but then the parents ignore it and go buy the game for their child anyway.
After the fact, parents are the ones calling for tougher regulation and a realignment of the game makers moral compass when it comes to producing the content but it is their failure and own moral ambiguity that has caused the problem in the first place.
For all the public outcries about video game related violence and exposure to sexual content, there is deafening silence regarding the lack of parenting skills to avoid exactly this situation. My parents could do it as could those of my friends - how have we lost that skill in a single generation?
Subscribe to:
Posts (Atom)
