Openness and transparency
I think Mr Ainsworth should be praised for his full disclosure - it doesn't happen often!
Plenty of work to get the accreditation status of the remainder up-to-speed; pity that there are insufficient MoD Accreditors...
189 publicly visible posts • joined 4 Jul 2007
LP wrote: "It would seem that one large customer at least ..."
erm...
In the overal scope of M$'s customer base the total of all UK computing doesn't really amount to very much
of which UK official computing is a small fraction
of which UK MoD computing is a small fraction
of which RN warship computing is a small fraction
so, not much to see here, then, move along
Which happens first, the commit to build the new carriers or Jock Stirrup standing down as CDS?
I get the feeling that MoD is always a a more wary beast and more openly at odds with itself when the top crab is in the top-of-top jobs. Isn't 1SL Jonathon Band in line as the next Chief of Defence Staff on the Buggins Turn principle? Then it will all sort itself out.
This story has zero IT content & I - for one - am happy with that.
The USS Vincennes episode was indeed as Matt describes. One of the reasons *why* the T45 is the way it is.
@AC (Linux? 12:59) who would "be very interested in knowing that the risk assessment for the implementation took in a few more areas and looked at the critical performace parameters affected by this dinky idea" - yes, there is extensive risk analysis in the design / configuration of COTS products for military applications.
@Cameron Colley: "Let's just hope that a group of security experts were allowed to code-review the version of Windows being used. One assumes that the MoD also get a different license agreement ". Sadly, 'no' and 'no'. Windoze is as grey a lump of sludge to MoD as it is to any other end user; the assurance derives mostly from the extensive testing alluded to by the AC worried about helicopters.
Not quite sure what you are getting at with your statment:
"The logistics for rocket in a box is likely to be quite a lot as well"
Please re-read the article. The robo-rocket-box is an autonmous node in a network centric warfare (NCW) arrangement. Lob it out of the back of a transport plane on a parahute, in field logistics manpower footprint = 0.
If you have read Lewis's book you will find find a comprehensive survey of the structure and doctrine of the UK armed forces. LP analyses this & concludes that the composition and general operational plans of every branch of the UK armed forces is completely and utterly mis-matched to the current global situation and the types of conflicts where the UK needs to be involved for protection of its interests. The Army is composed of units that are too heavy and slow, or too light and under-protected. The RAF is only interested in permanently re-arranging the enemy's hard landscaping from very very high up in the air. living in hotels at least 500 km from the front and is unable to provide enduring strategic airlift to support the Army on the ground. The RN is only interested in gleamy, pointy, fast ships and the officer career progression in that service (LP's major, personal gripe) predicates against career progression without a stint of 'command' on a fast, pointy ship. The RN is unable to provide the intital or enduring sealift to support the Army on the ground. So we are f***ed.
LP then proposes a composition of the UK armed forces that would deliver the types of effect that current conflicts demand (incorporating a comedy battalion of infantry manned exclusively by half-colonels!). The use of at least 6 HMS-Ocean-alikes is proposed.
LP has not identified the development of semi-autonomous hunter-killer UAV droids, which I propose are the optimal solution to low density, high impact events such as piracy at sea. The UK ones would need to beam a telly picture back to a man in uniform with a 'yes' button to push to command the killer droid into the 'end game' (rules of engagement and generally gentlemanly conduct, dontcha know); the US ones (natch!) would not be so constrained. There's the IT angle!
"This means that three Project Chloe patrollers at 65,000 feet would be needed to cover each airport, not one as the DHS had thought."
erm, why? this conclusion must be based on some assesssment of sensor coverage & resolution traded against response time per Chloe-kite that the article does not include. Of course, if the NorGrumm original report didn't include such analysis, then they merely didn't want to make the thing 'cos DHS pay out less than DoD (probably)
Can't help thinking that fitting commercial airliners with chaff and flares (proven technology & so much cheaper) is a sensible option (given, of course that the MANPADS threat on <bold> mainland US of A </bold> is actually credible)
Prof Vermorel writes: "And even more sinisterly: to your brain and my brain."
I do not understand why the author perceives the ridiculous attempt to revive this misbegotten piece of legislation is now more targetted to brain function than it was in 1960, in re Lady Chatterley. Indeed, as the author reminds us, the legislation specifically invites the courts to define what material is likely to deprave and corrupt (brain function / perception / morality).
This minor cavil aside, I agree wholeheartedly with the conclusion: "It's the absence of a written constitution that creates a sense that in the UK we have liberties on sufferance – as "subjects" rather than citizens. "
"The late defence-purchasing minister, Lord Drayson, planned to "... shome mishtake, shurely; I think "The former defence-purchasing minister, Lord Drayson, planned to " might be more accurate
@ Dick Lovewell: 'shot' is a noun (in the context used in the article), 'long' is an adjective, 'really' is an adverb; adverbs qualify verbs, so 'real' - being another adjective - is correct in this usage. The vernacular, spoken British English is grammatically incorrect.
In information theory, entropy is a measure of the uncertainty associated with a random variable. The term by itself in this context usually refers to the Shannon entropy, which quantifies, in the sense of an expected value, the information contained in a message, usually in units such as bits. Equivalently, the Shannon entropy is a measure of the average information content one is missing when one does not know the value of the random variable.
We can safely presume that the Gleisians have absolutely no preconception about the actual information content of this drivel (no expected value); it will appear only as a pseudo random sequence and will be computationally infeasible to decode. indeed, it may be so plausibly random as to be ignored upon receipt as noise.
Perhaps, we can use bebo-space-face-drool here as initialisation vectors for block ciphers and digital signatures... hmmmm
No, there are only three 116xxx proposals mooted thus far. There are 1000 potential 116xxx phone numbers; one thousand advisory commitees are necessary.
I hereby apply for membership of the 116762 advisory ctte; this will consider the best routing for calls from people who are vexed about having to read a Princess Diana story every day because they lack the imagination to buy other than the Daily Express.
Room for 996 more comments!
If ING really sat down in a quiet corner for thirteen milliseconds they should surely understand just how poor their implementation must be: "because it was requested by the browser, it was invoked by the user"
A security philosophy that seems to be based on the notion that all client software is flawless!
OK, M$ being seen to 'take a responsible stance' by trying to drag a scareware peddler into court. Such a pity, then, that it is due to the egregious performance of their product - built and peddled on the gullible public without security aforethought - the poor reputation of which such chancers and dodgers are now hitching a ride.
Palin's hubris seems to be that she appears to disguise official business on a personal email account. The case is not exactly proven at this stage.
The hubris of some commenters here is that they are prepared to overturn the principle of 'innocent until proven guilty' seemingly merely because Palin is a senior public figure with a robust presentation of views that do not garner universal approval. Grow up. I am not a Palin supporter.
The real issue here is one of fitness to govern, openness and transparency and the ability of the wider public to reliably measure the fitness to govern of candidates for official positions. No official, at any level, in a position of civic service in any democracy should use personal email for administrative matters. Yet think, how does a person who receives a personal email on a personal account that then includes some 'business' or 'business-related' matters respond? What would YOU do?
The pure-form answer is: reply in a personal email: "you have raised matters of business that I will address by official means, not here". Yeah right! like that is going to happen 100% of the time. How to control what ALL the friends and associated of ALL officials might include in a personal email? Impossible.
There is no 100% workable solution that I can think of; there can only be policy guidelines and some means of monitor and audit. Some might say all 'personal' email accounts of officials should not be 'personal', rather 'public' - open to all to read and monitor. Overbearingly intrusive; everybody has a right to privacy. Perhaps all public officials should be subject to some legislation that requires them to self-audit periodically; trawl their personal email records for those instances where official matters reared their unwelcome head and so report publically? Unworkable.
it seems to me far too trite and trivial that the Grand Theory Of Life The Universe And Everything is all tied up and a done-dusted deal by discovering but 1 particle. What would we do with the hordes of redundant beardie-weirdie particle physicists?? We need two more desktop PC maintenance techs here, but that's about it...
There are a quantity of positions in the orbit of a planet around a starcalled Lagrange points (http://en.wikipedia.org/wiki/Lagrange_points); datacenters located here (theoretically) need no energy to stay on-station. Google would have to sucessfully patent gravity to patent the G'plexes there, that should cost Sergei & Larry a few bucks!
Read The F**** Report! before ignorantly commenting.
I have read (skimmed) the AAIB report. The report identifies that there is a fuel additive that has been used by the RAF, USAF & other militaries for the last 40 or so years (or was it 50 or so?) and is approved by Boeing for use on the 777. The use of this additive would have *completely* mitigated this accident. Yet no civilian operators use this additive on large transport aircraft; some use it on smaller types.
Sadly, the report does not bite the bullet to recommend to the certification authorities to mandate the use of this additive on the commercial operators. Shame on the AAIB (although this is an interim report, not final)
As I recall, Sargeant York was a brave US soldier in WW1 who received the Congressional Medal of Honor. The Merkins thought it would be a kinda honor to the man to name the Divisional Air Defence (DIVAD) weapon system after him. The system was a pathetic attempt at rapid development throwing together an AFV hull from a Bradley, the radar from an F-16 and a pop-bang from some 3rd donor system. The entire project was such a misbegotten mess that I think I recall the descendents of Sgt York sued the Pentagon for defamation of the family name.
Appallingly, there is no policy for public bodies to use a sub-domain of .gov.uk
This is, of course how SOCA can now wriggle out of ponying up to Herr Matt and his delicious use of English.
The administrative backlog (probably not 100% redeemable) is to contact *as many as possible* sites who are still linking to
nhtcu-is-now-pwned-by-a-German.org
and ask them to update the link to show: soca.gov.uk
The laser burst duration and duty cycle are clearly important factors driving the size of the overall installation; to such an extent that I am not sure that integrating to a warship anything less than summink nuclear powered would be viable. Fixed, ground installations, then. Not sure you need a PC to control the power supplly or the laser elements of the system...
NorGrumm have produced a little marketing brochure here:
http://www.st.northropgrumman.com/media/SiteFiles/mediagallery/
factsheet/JHPSSL.pdf
that includes a picture of a C-130 Hercules and picture of a humungous cuboid that looks like about 10 standard IT equipment racks in volume, which I take to be the PSU. Don't doubt that the kit will fit in a Fat Albert, but I do wonder about pulse length / duty cycle as previously...
Somebody (probably NorGrumm) has slipped a viral video here:
http://www.youtube.com/watch?v=s9JZSjsgWm0
(unable to preview it, YT site is blocked from where I am sitting)
== misguided thoughts derived from believing Guardian op-ed pieces. Whereas we all know that current thinking in society in general is mostly: "how little can I pay for 24 cans of Stella? what's on 'Stenders tonight?"
OBTW WTF is the IT content in this ridiculous piece? Did Chichester BC use Google translate to render these guidelines into the 21 requisite languages?
We recently got canvassed by our local council about a residents' parking scheme. 1 page of questionnaire about the scheme, consisting of four questions. 3 pages of 'community & personal information' consisting of 21 questions including seemingly needing to understand if I originate from one of twenty seven possible ethnic backgrounds including "Irish (traveller)"
erm...
How in the name of all that is sane can anybody imagine that someone who is "Irish (traveller)" would
a) have become a settled resident?
b) want to park a vehicle?
c) at least by paying for the privilege??????
from a combination of:
i) laziness
i) venality
iii) contempt
i) it is cheaper to employ a tech droog to use a web-based management console than it is to put him in a van on the road and have him drive all over the place
ii) this is good for PROFIT, especially when combined with not bothering [see i)] to spend money on secure configuration(s)
iii) especially, contempt for the risks arising from external threats bearing on the vulnerabilities of the selected technology so these are not properly understood, correctly mitigated [see ii)] and accounted for
No security breach is ever an accident - not a single one
May I check if I have this correct?
A web site publisher who exercises no editorial control over the content of the site not written by him is likely to be less burdened by litigation than a (I posit) more responsible publisher who employs people to moderate contributions such as this one.
So Vulture Central will now be in a more sound position by not moderating this comment?
Bonkers
latitude of Kabul = 34.5 North
latitude of Yuma test ground = 32.65 North
Looking up the month-by-month maps of annual 'sunshine' (actually solar radiation in Watts-per-metre-squared averaged over 24 hours) in Def-Stan 00-35 "Environmental Handbook for Defence Materiel" (Issue 3), I find the following:
January: SW USA and Iraq / Afghanistan bounded by the 100 value line to the N and the 150 line to the S
June: both SW USA and relevant parts of Middle East enclosed in a line labelled with the 350 value
July: SW USA now in a 300 zone, Middle East remaining in a 350 zone
I conclude that Qq have - far from choosing an almost uniquely favourable location - modelled current anticipated operational theatre conditions in summertime very well indeed by selecting the Yuma proving ground.
Of course the Opposition will make the kinds of pronouncements to appeal to the wild-eyed, drooling Daily Mail readers. There is unfortunately, a real differences between corporate responsibility of directors (of limited liability corporations) to their shareholders for proper governance and some sort of analogue being drawn with Governement Ministers and their senior civil servant executives. The Ministers and senior execs FEEL NOTHING when these breaches arise.
Now, if Ms Smith (or Blears, or Mr Browne, or...) were poked in the eye with a sharp stick each time they, or any employee in their department, caused a breach, then some performance improvement might follow. There is no point pursuing prosecution for these acts of omission and commission - we have to make it HURT those responsible.
Better, each time a Minister makes a fatuous & ignorant statement, at the despatch box or in an interview, press conference - whatever - i.e. "in a secure form, but was downloaded " or "but a department official emailed it to me, I didn't take it out of the department" then they should be poked in both eyes with 2 sharp sticks.
Depending on the efficacy of their remaining vision, I am convinced beyond all doubt that Ministers would soon be poking senior execs in their eyes. Then the message that security breaches hurt would be real for thee people and Departmental enforcement of EXISTING POLICY would be stepped up, pretty swiftish.
Bleedin boffins researching the already known - pah!
Is LP a tad too young to have watched how Buccaneers got back on deck? The Blackburn Buccaneer used compressor bleed air fed over the leading edge of the wing (years before NASA thought of it) to keep the wing flying at low airspeed; consequently, despite the pilots' best efforts, it did not really want to land at all. So they pretty much had to crash land the things every time. Even funnier watching the Buccs that were transferred into RAF service doing exactly the same routine on terra firma.
"The filter can also be disabled for specific zones, based on an administrator's preferences"
==
its YOUR fault, for being so trusting!
Many may regard M$ as (perm any 'm' from 'n'): venal, stupid, arrogant, avaricious, lazy, flawed, vulnerable, mighty, sh**heads, proud, cowardly, insane, profiteering, gruesome...
but, ultimately, if an 'admin' (aka 'home user' for the most part) puts "braclays_bank_pwn_me_now.kg" (or whatever) on their list of trusted sites...
Clearly asymmetric crypto offers both non-repudiation of origin and non-repudiation of receipt
However, the number of and range of size of external stakeholders who legitimately have business need to communicate with HO are both enormous; so, some balanced decision between 'secure enough' and 'scales out to the small people' had to be taken.
A fully-fledged PKI for all HO external transactions would take a long time to develop (first write the Certificate Policy - take caffeine pills...) and imposes unreasonable technological, governance and expertise constraints on the smaller stakeholders; some of whose communication needs are small and infrequent.
The alignment of multiple CPs would take ages.
The arrangements for cross-connected Certificate Authorities - or 'bridge CAs' - would take ages.
The management of Certificate Revocation would take ages.
So, for once, well done that gumment department.
We in the Cult of the Sanctity of the Ringpieces wholeheartedly and warmly embrace the entirely democratic Inturnashnul Ooopslympics Commisariat and their robust defence of their rings
What an arse-clenchingly ridculous reason for suppression of expression