back to article 'Unreliable, shambolic' ... a top CompSci prof slams Serco's UK crim tag tech

The electronic tags used to keep tabs on criminals and suspects in the UK are "unreliable" - and the systems monitoring them are "shambolic". That's according to a dynamite report by Ross Anderson, a leading computer scientist. The University of Cambridge professor said he compiled his findings after he was called in as an …


This topic is closed for new posts.
  1. Ralph B

    we have yet to hear back

    > we have yet to hear back

    And yet, no doubt, they will claim that they phoned you back promptly and helpfully.

  2. Piro Silver badge

    What's this? Big UK tech contractor in utterly useless shocker?

    Oh wait, it's no surprise at all.

  3. Anonymous Coward
    Anonymous Coward

    No need to worry...

    As Serco and G4S (the other incumbent supplier of this service) will not be given the new electronic monitoring contract, the next supplier will have no experience of this type of work and will be using equipment that has never been used before - no chance of an omnishambles there then!

    1. David Dawson

      Re: No need to worry...

      Better the Devil you know ? Thats what made this kind of mess in the first place.

      No thanks. Risk management shouldn't be about identifying risks, it should be about trying to reduce them, by trying new things in a controlled way.

      1. Anonymous Coward
        Anonymous Coward

        Re: No need to worry...

        I agree - try new things... but by people who actually understand that particular industry, not by giving the contracts to organisations who have no experience in offender management.

    2. Ralph B

      Re: No need to worry...

      I fully expect that the contracts taken away from Serco will be awarded to G4S and the contracts taken away from G4S will be awarded to Serco. Thus combining accountability with experience retention.

      1. Anonymous Coward
        Anonymous Coward

        Re: No need to worry...

        Sadly (for the people on the front line who now face job loses) that can't happen. The competition is/was for a single England and Wales contract, not as it was in 2006 version where the country was split into 5 lots (Serco got London/SE and Wales, G4S the rest).

        The rules of the competition also split out the supply of equipment into a separate lot and specified that no current suppliers were allowed to apply - the new contract tags are also to be GPS enabled (although not actually turned on unless needed), again the only ones of this design currently in use are excluded as they are made by a G4S division. It should be noted that the G4S monitoring tag is completely different to the ones used by Serco.

        1. Intractable Potsherd

          Re: No need to worry...

          Serco and G4S - both companies I'd trust as far as I could spit a full-grown African bull elephant ...

          Privatisation of policing and punishment is completely wrong.

  4. John Smith 19 Gold badge

    Oh look a self policing system where the con-tractor is motivated to drop it on the defendent

    What could possibly go wrong?

  5. Juan Inamillion

    No no they have systems in place.. ensure complete reliability and the strongest possible oversight of the whole process by their knowledgable and efficient employees.

  6. frank ly

    Lessons never learned

    The people who create/implement/operate a system or process are not the people you should trust to tell you if it is working properly.

  7. Z-Eden
    Thumb Up

    Just read his expert report on his blog (nice blog, and subscribed - some fascinating case studies and reports on there). All I can say is - nicely done. In effect "Let us do a proper peer review on the system to see if it is secure and reliable as you say". Serco shit bricks when they realised that this would cost them massively and decide to drop the case. Shocker. Expect to see future cases rely on this one to properly probe into the whole tagging system.

    1. Anonymous Coward
      Anonymous Coward

      I've always loved Ross' take on things. He's brutally direct and totally non-political, just as it should be in security that actually delivers.

      Personally, I like his style more than Bruce Schneier's. Both are pretty good at what they do, it just seems to me that Ross isn't that much into self-advertising - he simply lets the facts speak for themselves. Having said that, that's *my* preference - yours may differ, of course.

      Serco forgot to check if his message could be massaged - with Ross, no chance :)

  8. Crisp

    All of this makes me wonder

    How many people have been wrongly convicted of tampering?

    After all, who's going to take the word of a criminal over that of "expert evidence"?

  9. Anonymous Coward
    Anonymous Coward


    "About 18,000 people are electronically tagged at any one time"

    That's what the Serco invoices may have indicated - I suspect the real number may be somewhat lower

    1. Anonymous Coward
      Anonymous Coward

      Re: Numbers

      "That's what the Serco invoices may have indicated - I suspect the real number may be somewhat lower"

      It's not just a suspicion: 6 Aug 2013

      "Chris Grayling, the Justice Secretary, welcomed the [G4S]’s decision to step aside, nearly four weeks after the Serious Fraud Office (SFO) was asked to launch an inquiry into the firm’s conduct over the existing tagging contract.

      An initial review of G4S and its rival company Serco found both had potentially over-billed the government by tens of millions of pounds - including fees for tagging offenders who had died, left the country or been returned to jail.

      Serco pulled out of the race for the new tagging contract as soon as the full extent of the scandal began to emerge. G4S initially refused to follow suit but has now voluntarily withdrawn."

      (article continues)

      1. Allan George Dyer

        Re: Numbers

        Any statistics for the number of dead offenders Serco accused of tampering?

  10. Anonymous Coward
    Anonymous Coward

    Security by Obscurity

    Serco pulled out of the prosecution before the expert witness had a chance to investigate the system - are they trying to use obscurity as the security mechanism?

    Anon, because if I ever get the pleasure of wearing one of her maj's favorite prol monitors, Id like to investigate the device without prior suspicion that I may tinker. I've never seen a decent study of how they work, but I always wonder what would happen if you tagged some computer scientists.

    1. Anonymous Coward
      Anonymous Coward

      Re: Security by Obscurity

      I'm wondering if there is cause for the tagged person to countersue them for whatever reason - I presume tagging wasn't without reason, but to stitch up Serco would in my opinion be valid as a community service in itself..

  11. bfwebster

    Thoughts from another IT expert witness

    As someone who has been doing IT expert witness work for 14 years, I thoroughly enjoyed reading Anderson's report. He's clearly well-qualified, and his report was quiet, restrained, but quite devastating; one is left to decide whether those on the other side are dishonest, incompetent, or both. Furthermore, he's careful not to reach a factual conclusion (whether the accused actually did try to get the device off) but to suggest a means for doing an independent review to see if the cited evidence matches actual results. Thanks for posting this. ..bruce..

This topic is closed for new posts.