* Posts by Dave

189 publicly visible posts • joined 4 Jul 2007


MoD: 27 per cent of our computers are secure

Thumb Up

Openness and transparency

I think Mr Ainsworth should be praised for his full disclosure - it doesn't happen often!

Plenty of work to get the accreditation status of the remainder up-to-speed; pity that there are insufficient MoD Accreditors...

Windows for Warships™ reaches Royal Navy frigates


a question of size

LP wrote: "It would seem that one large customer at least ..."


In the overal scope of M$'s customer base the total of all UK computing doesn't really amount to very much

of which UK official computing is a small fraction

of which UK MoD computing is a small fraction

of which RN warship computing is a small fraction

so, not much to see here, then, move along

Blighty's jumpjets under threat in MoD budget wrangle?

IT Angle

Buggins Turn

Which happens first, the commit to build the new carriers or Jock Stirrup standing down as CDS?

I get the feeling that MoD is always a a more wary beast and more openly at odds with itself when the top crab is in the top-of-top jobs. Isn't 1SL Jonathon Band in line as the next Chief of Defence Staff on the Buggins Turn principle? Then it will all sort itself out.

This story has zero IT content & I - for one - am happy with that.

Royal Navy completes Windows for Submarines™ rollout


@ Matt Bryant @AC (12:59) @Cam Colley

The USS Vincennes episode was indeed as Matt describes. One of the reasons *why* the T45 is the way it is.

@AC (Linux? 12:59) who would "be very interested in knowing that the risk assessment for the implementation took in a few more areas and looked at the critical performace parameters affected by this dinky idea" - yes, there is extensive risk analysis in the design / configuration of COTS products for military applications.

@Cameron Colley: "Let's just hope that a group of security experts were allowed to code-review the version of Windows being used. One assumes that the MoD also get a different license agreement ". Sadly, 'no' and 'no'. Windoze is as grey a lump of sludge to MoD as it is to any other end user; the assurance derives mostly from the extensive testing alluded to by the AC worried about helicopters.


Just not true, Lewis!

"collection of Windows boxes the ability to loose off a sheaf of Aster missiles without human authorisation. "

not so

the system does not operate in that way

Lego terrorist threatens democracy



Startling similarity to Heathrow

Web page states: "Sorry, item is not available in this country: United Kingdom."

Thereby PROVING that is IS Heathrow ! ! ! ! !

Networked multipack cruise missiles in successful test


@Dave Handley

Not quite sure what you are getting at with your statment:

"The logistics for rocket in a box is likely to be quite a lot as well"

Please re-read the article. The robo-rocket-box is an autonmous node in a network centric warfare (NCW) arrangement. Lob it out of the back of a transport plane on a parahute, in field logistics manpower footprint = 0.

Retro piracy - Should the Royal Navy kick arse?

IT Angle

re-hash of the Lewis Page 'doctrine'

If you have read Lewis's book you will find find a comprehensive survey of the structure and doctrine of the UK armed forces. LP analyses this & concludes that the composition and general operational plans of every branch of the UK armed forces is completely and utterly mis-matched to the current global situation and the types of conflicts where the UK needs to be involved for protection of its interests. The Army is composed of units that are too heavy and slow, or too light and under-protected. The RAF is only interested in permanently re-arranging the enemy's hard landscaping from very very high up in the air. living in hotels at least 500 km from the front and is unable to provide enduring strategic airlift to support the Army on the ground. The RN is only interested in gleamy, pointy, fast ships and the officer career progression in that service (LP's major, personal gripe) predicates against career progression without a stint of 'command' on a fast, pointy ship. The RN is unable to provide the intital or enduring sealift to support the Army on the ground. So we are f***ed.

LP then proposes a composition of the UK armed forces that would deliver the types of effect that current conflicts demand (incorporating a comedy battalion of infantry manned exclusively by half-colonels!). The use of at least 6 HMS-Ocean-alikes is proposed.

LP has not identified the development of semi-autonomous hunter-killer UAV droids, which I propose are the optimal solution to low density, high impact events such as piracy at sea. The UK ones would need to beam a telly picture back to a man in uniform with a 'yes' button to push to command the killer droid into the 'end game' (rules of engagement and generally gentlemanly conduct, dontcha know); the US ones (natch!) would not be so constrained. There's the IT angle!

ISP boss pledges to undermine Great Aussie Firewall


the ONLY firewall ruleset UK citizens will ever need

0. Block all

1. Allow

All the truth of the World available there, no need to look anywhere else

DHS robotic airport missile-patrol plan to be shelved


interesting (unexplained) calculation

"This means that three Project Chloe patrollers at 65,000 feet would be needed to cover each airport, not one as the DHS had thought."

erm, why? this conclusion must be based on some assesssment of sensor coverage & resolution traded against response time per Chloe-kite that the article does not include. Of course, if the NorGrumm original report didn't include such analysis, then they merely didn't want to make the thing 'cos DHS pay out less than DoD (probably)

Can't help thinking that fitting commercial airliners with chaff and flares (proven technology & so much cheaper) is a sensible option (given, of course that the MANPADS threat on <bold> mainland US of A </bold> is actually credible)

Starlust: love, hate and celebrity fantasies


somewhat hyperbolic

Prof Vermorel writes: "And even more sinisterly: to your brain and my brain."

I do not understand why the author perceives the ridiculous attempt to revive this misbegotten piece of legislation is now more targetted to brain function than it was in 1960, in re Lady Chatterley. Indeed, as the author reminds us, the legislation specifically invites the courts to define what material is likely to deprave and corrupt (brain function / perception / morality).

This minor cavil aside, I agree wholeheartedly with the conclusion: "It's the absence of a written constitution that creates a sense that in the UK we have liberties on sufferance – as "subjects" rather than citizens. "

MoD miracle-armoured-vehicle scheme still struggling


Is M'Lud Drayson deceased?

"The late defence-purchasing minister, Lord Drayson, planned to "... shome mishtake, shurely; I think "The former defence-purchasing minister, Lord Drayson, planned to " might be more accurate

@ Dick Lovewell: 'shot' is a noun (in the context used in the article), 'long' is an adjective, 'really' is an adverb; adverbs qualify verbs, so 'real' - being another adjective - is correct in this usage. The vernacular, spoken British English is grammatically incorrect.


FRES is misbegotten and hopelessly wrong

I hope against hope that MoD have finally seen the light on this one and have the 'nads to kill it outright.

New Scientist goes innumerate in 'save the planet' special


ducks in a row

It might be the case that NS is pursuing a policy of plunging into some second Dark Ages of small economies and general ignorance & are recognising an approach of getting the ignorance bit done first

Hoon: Not building überdatabase would be terrorist licence to kill




Ofcom confirms three Freeview HD channels 'by end of next year'


what a waste of technology

"ITV will simulcast evening ITV1 on its Freeview HD service "

== Arse & Lard (or whatever those two Geordie muppets are called) in HD


NASA's nuclear Mars tank is go


single cable?


NASA marketing not lined up with NASA engineering? There is a picture on the NASA web site that shows a single cable


Bebo users release interstellar spamgasm at Gliese 581


Shannon's Law - or thank F*** for entropy

In information theory, entropy is a measure of the uncertainty associated with a random variable. The term by itself in this context usually refers to the Shannon entropy, which quantifies, in the sense of an expected value, the information contained in a message, usually in units such as bits. Equivalently, the Shannon entropy is a measure of the average information content one is missing when one does not know the value of the random variable.

We can safely presume that the Gleisians have absolutely no preconception about the actual information content of this drivel (no expected value); it will appear only as a pseudo random sequence and will be computationally infeasible to decode. indeed, it may be so plausibly random as to be ignored upon receipt as noise.

Perhaps, we can use bebo-space-face-drool here as initialisation vectors for block ciphers and digital signatures... hmmmm

Darling launches £50bn relube of bunged-up UK banks

Thumb Up

I for one...

welcome myself as the new controlling shareholder in the High Street retail banks. Now, where are those executive's Ts&Cs, time for a re-write!

Ofcom to create 116 bureaucracies

Thumb Up

only 3 advisory commitees?

No, there are only three 116xxx proposals mooted thus far. There are 1000 potential 116xxx phone numbers; one thousand advisory commitees are necessary.

I hereby apply for membership of the 116762 advisory ctte; this will consider the best routing for calls from people who are vexed about having to read a Princess Diana story every day because they lack the imagination to buy other than the Daily Express.

Room for 996 more comments!

Nasty web bug descends on world's most popular sites


false security based on dim presumption

If ING really sat down in a quiet corner for thirteen milliseconds they should surely understand just how poor their implementation must be: "because it was requested by the browser, it was invoked by the user"

A security philosophy that seems to be based on the notion that all client software is flawless!

Washington and Microsoft declare war on scareware


as they sow, so shall they reap

OK, M$ being seen to 'take a responsible stance' by trying to drag a scareware peddler into court. Such a pity, then, that it is due to the egregious performance of their product - built and peddled on the gullible public without security aforethought - the poor reputation of which such chancers and dodgers are now hitching a ride.

FCO owns up to energy waste


they are left ON - not logged IN

Nothing to do with users being too dim to remember their passwords. More to do with inadequately configured desktops being able to cope with remote installs and updates (like AV) out of (normal) office hours.

Anonymous hacks Sarah Palin's Yahoo! account


hubris: Palin's and commenters

Palin's hubris seems to be that she appears to disguise official business on a personal email account. The case is not exactly proven at this stage.

The hubris of some commenters here is that they are prepared to overturn the principle of 'innocent until proven guilty' seemingly merely because Palin is a senior public figure with a robust presentation of views that do not garner universal approval. Grow up. I am not a Palin supporter.

The real issue here is one of fitness to govern, openness and transparency and the ability of the wider public to reliably measure the fitness to govern of candidates for official positions. No official, at any level, in a position of civic service in any democracy should use personal email for administrative matters. Yet think, how does a person who receives a personal email on a personal account that then includes some 'business' or 'business-related' matters respond? What would YOU do?

The pure-form answer is: reply in a personal email: "you have raised matters of business that I will address by official means, not here". Yeah right! like that is going to happen 100% of the time. How to control what ALL the friends and associated of ALL officials might include in a personal email? Impossible.

There is no 100% workable solution that I can think of; there can only be policy guidelines and some means of monitor and audit. Some might say all 'personal' email accounts of officials should not be 'personal', rather 'public' - open to all to read and monitor. Overbearingly intrusive; everybody has a right to privacy. Perhaps all public officials should be subject to some legislation that requires them to self-audit periodically; trawl their personal email records for those instances where official matters reared their unwelcome head and so report publically? Unworkable.

Adobe yanks speech exposing critical 'clickjacking' vulns


8 years

have I not trusted the text in the status bar to tell me where I am going next

DARPA seeks sticky-goldenballs Casimir forcefields



the Merkins have been misleveraging language in many areas of human enterprise, viz. finance, politicks, &c &c

Boffinry bitchslap brouhaha: Higgs and Hawking head to head


I vote for no Higgso boso

it seems to me far too trite and trivial that the Grand Theory Of Life The Universe And Everything is all tied up and a done-dusted deal by discovering but 1 particle. What would we do with the hordes of redundant beardie-weirdie particle physicists?? We need two more desktop PC maintenance techs here, but that's about it...

Today is not Hadron Collider Day



the collisions will occur close[r] to the speed of light

Google launching its own navy?


Googlespaceplexes @ L1 - 5

There are a quantity of positions in the orbit of a planet around a starcalled Lagrange points (http://en.wikipedia.org/wiki/Lagrange_points); datacenters located here (theoretically) need no energy to stay on-station. Google would have to sucessfully patent gravity to patent the G'plexes there, that should cost Sergei & Larry a few bucks!

Nuke-nobbling US laser jumbo fires test beams


wrong threat, stupid response

Boeing pork-barrel scoffing - ooh! just as all their workers have gone on strike at the pathetic 34 000 bucks per year on which they are forced to scrape through (serious comment: 34 000 bucks is not that great)

Ice in fuel caused Heathrow 777 crash



Read The F**** Report! before ignorantly commenting.

I have read (skimmed) the AAIB report. The report identifies that there is a fuel additive that has been used by the RAF, USAF & other militaries for the last 40 or so years (or was it 50 or so?) and is approved by Boeing for use on the 777. The use of this additive would have *completely* mitigated this accident. Yet no civilian operators use this additive on large transport aircraft; some use it on smaller types.

Sadly, the report does not bite the bullet to recommend to the certification authorities to mandate the use of this additive on the commercial operators. Shame on the AAIB (although this is an interim report, not final)

Lockheed demos AI-based roboforce command tech


@ Michael Wilkinson

As I recall, Sargeant York was a brave US soldier in WW1 who received the Congressional Medal of Honor. The Merkins thought it would be a kinda honor to the man to name the Divisional Air Defence (DIVAD) weapon system after him. The system was a pathetic attempt at rapid development throwing together an AFV hull from a Bradley, the radar from an F-16 and a pop-bang from some 3rd donor system. The entire project was such a misbegotten mess that I think I recall the descendents of Sgt York sued the Pentagon for defamation of the family name.

Hi-tech cops lose their website


@ Roy Stilling

Appallingly, there is no policy for public bodies to use a sub-domain of .gov.uk

This is, of course how SOCA can now wriggle out of ponying up to Herr Matt and his delicious use of English.

The administrative backlog (probably not 100% redeemable) is to contact *as many as possible* sites who are still linking to


and ask them to update the link to show: soca.gov.uk


Dozy, but compared to the other stuff

isn't really in the running for HMG BallsUp of the Week Awared (BUWA).

Some kudos, please, to Herr Matt for the deliciously careful wording (in English) on this page:


Northrop in electric blaster cannon milestone

IT Angle

probably peak pulse power

The laser burst duration and duty cycle are clearly important factors driving the size of the overall installation; to such an extent that I am not sure that integrating to a warship anything less than summink nuclear powered would be viable. Fixed, ground installations, then. Not sure you need a PC to control the power supplly or the laser elements of the system...


further to 'peak pulse power'

NorGrumm have produced a little marketing brochure here:



that includes a picture of a C-130 Hercules and picture of a humungous cuboid that looks like about 10 standard IT equipment racks in volume, which I take to be the PSU. Don't doubt that the kit will fit in a Fat Albert, but I do wonder about pulse length / duty cycle as previously...

Somebody (probably NorGrumm) has slipped a viral video here:


(unable to preview it, YT site is blocked from where I am sitting)

Council clamps down on 'man on the street'


"current thinking in society in general"

== misguided thoughts derived from believing Guardian op-ed pieces. Whereas we all know that current thinking in society in general is mostly: "how little can I pay for 24 cans of Stella? what's on 'Stenders tonight?"

OBTW WTF is the IT content in this ridiculous piece? Did Chichester BC use Google translate to render these guidelines into the 21 requisite languages?

We recently got canvassed by our local council about a residents' parking scheme. 1 page of questionnaire about the scheme, consisting of four questions. 3 pages of 'community & personal information' consisting of 21 questions including seemingly needing to understand if I originate from one of twenty seven possible ethnic backgrounds including "Irish (traveller)"


How in the name of all that is sane can anybody imagine that someone who is "Irish (traveller)" would

a) have become a settled resident?

b) want to park a vehicle?

c) at least by paying for the privilege??????

Minister warns of national grid hack threat


why is anything important connected to the internet anyway?

from a combination of:

i) laziness

i) venality

iii) contempt

i) it is cheaper to employ a tech droog to use a web-based management console than it is to put him in a van on the road and have him drive all over the place

ii) this is good for PROFIT, especially when combined with not bothering [see i)] to spend money on secure configuration(s)

iii) especially, contempt for the risks arising from external threats bearing on the vulnerabilities of the selected technology so these are not properly understood, correctly mitigated [see ii)] and accounted for

No security breach is ever an accident - not a single one

Reader comments bigger legal risk than forums


surely the point is (@ Christoph) @ Skinny

all Moderatrices will now be summarily sacked as any miniscule drop-off in their performance will be too great a risk for the site owner to mitigate?


This seems counter intuitive

May I check if I have this correct?

A web site publisher who exercises no editorial control over the content of the site not written by him is likely to be less burdened by litigation than a (I posit) more responsible publisher who employs people to moderate contributions such as this one.

So Vulture Central will now be in a more sound position by not moderating this comment?


Wind turbines put bats under (low) pressure




Performing a well-known internet search for your mis-spelled word gave only 3 results, including your article

v poor, pull socks up after the hols!

Qinetiq trumpets midsummer robo solar-plane 'record'


unmitigated twaddle Page, see me after school

latitude of Kabul = 34.5 North

latitude of Yuma test ground = 32.65 North

Looking up the month-by-month maps of annual 'sunshine' (actually solar radiation in Watts-per-metre-squared averaged over 24 hours) in Def-Stan 00-35 "Environmental Handbook for Defence Materiel" (Issue 3), I find the following:

January: SW USA and Iraq / Afghanistan bounded by the 100 value line to the N and the 150 line to the S

June: both SW USA and relevant parts of Middle East enclosed in a line labelled with the 350 value

July: SW USA now in a 300 zone, Middle East remaining in a 350 zone

I conclude that Qq have - far from choosing an almost uniquely favourable location - modelled current anticipated operational theatre conditions in summertime very well indeed by selecting the Yuma proving ground.

Tories want data loss prosecutions


Criminal prosecutions seem initially attractive

Of course the Opposition will make the kinds of pronouncements to appeal to the wild-eyed, drooling Daily Mail readers. There is unfortunately, a real differences between corporate responsibility of directors (of limited liability corporations) to their shareholders for proper governance and some sort of analogue being drawn with Governement Ministers and their senior civil servant executives. The Ministers and senior execs FEEL NOTHING when these breaches arise.

Now, if Ms Smith (or Blears, or Mr Browne, or...) were poked in the eye with a sharp stick each time they, or any employee in their department, caused a breach, then some performance improvement might follow. There is no point pursuing prosecution for these acts of omission and commission - we have to make it HURT those responsible.

Better, each time a Minister makes a fatuous & ignorant statement, at the despatch box or in an interview, press conference - whatever - i.e. "in a secure form, but was downloaded " or "but a department official emailed it to me, I didn't take it out of the department" then they should be poked in both eyes with 2 sharp sticks.

Depending on the efficacy of their remaining vision, I am convinced beyond all doubt that Ministers would soon be poking senior execs in their eyes. Then the message that security breaches hurt would be real for thee people and Departmental enforcement of EXISTING POLICY would be stepped up, pretty swiftish.

Royal Navy plans world's first running-jump jet


what a waste of money

Bleedin boffins researching the already known - pah!

Is LP a tad too young to have watched how Buccaneers got back on deck? The Blackburn Buccaneer used compressor bleed air fed over the leading edge of the wing (years before NASA thought of it) to keep the wing flying at low airspeed; consequently, despite the pilots' best efforts, it did not really want to land at all. So they pretty much had to crash land the things every time. Even funnier watching the Buccs that were transferred into RAF service doing exactly the same routine on terra firma.

Microsoft's IE 8 puts giant web hole on notice


wherein liability lies, people

"The filter can also be disabled for specific zones, based on an administrator's preferences"


its YOUR fault, for being so trusting!

Many may regard M$ as (perm any 'm' from 'n'): venal, stupid, arrogant, avaricious, lazy, flawed, vulnerable, mighty, sh**heads, proud, cowardly, insane, profiteering, gruesome...

but, ultimately, if an 'admin' (aka 'home user' for the most part) puts "braclays_bank_pwn_me_now.kg" (or whatever) on their list of trusted sites...

Mobile devices hit the stage, execs at IDF

Dead Vulture

I agree with Jasmine

2 chips equates to neither of them being a 'system on chip' - SOC.

A decent degree of integration, granted, but not-a-SOC.

Home Office reaches half-way hash in secure data handling


on not opting for asymmetric crypto

Clearly asymmetric crypto offers both non-repudiation of origin and non-repudiation of receipt

However, the number of and range of size of external stakeholders who legitimately have business need to communicate with HO are both enormous; so, some balanced decision between 'secure enough' and 'scales out to the small people' had to be taken.

A fully-fledged PKI for all HO external transactions would take a long time to develop (first write the Certificate Policy - take caffeine pills...) and imposes unreasonable technological, governance and expertise constraints on the smaller stakeholders; some of whose communication needs are small and infrequent.

The alignment of multiple CPs would take ages.

The arrangements for cross-connected Certificate Authorities - or 'bridge CAs' - would take ages.

The management of Certificate Revocation would take ages.

So, for once, well done that gumment department.

Olympic Committee wins gold for foot shooting


everybody needs to look after their rings

We in the Cult of the Sanctity of the Ringpieces wholeheartedly and warmly embrace the entirely democratic Inturnashnul Ooopslympics Commisariat and their robust defence of their rings

What an arse-clenchingly ridculous reason for suppression of expression

Ofcom: 'Well done Ofcom!'


disengenuous J Arthur Rankers

what a cunch of bunts

lickspittle, useless, incompetent, venal, meaningless pushers of the handcart in which this once good country is being sent to hell

what a complete waste of skin, blood, bone and oxygen

EDS hits TfL with restraining order

Paris Hilton

awww - ickle diddums EDS

a mere sideshow; the apalling tech angle is that regardless of who gets the contract to invade Londoners' privacy (aka run the transport payment system), the user card will still be based on the known-bad MiFare 'Classic'

PH is known bad but more entertaining