Cunning Linguist
The old ones are the good ones!
457 publicly visible posts • joined 25 Oct 2007
Once again I have to say that this really just isn't the case. Why should a data centre be any less trust worthy than a company employee. There are countless examples of pissed off sysadmins destroying data and backups held on internal company machines.
If you want stuff in house recruit your sysadmins very very carefully. If you're going to outsource, pick you outsourcing suppliers very very carefully. It's as simple as that. There is nothing inherently more risk about outsourcing.
The UK attitude is that your money is inherently less safe in a bank than under your bed. It probably is these days, but we still use banks.
It simply is not the case that using a top notch third party to run infrastructure on your behalf is inherently less secure. I would argue that for the majority of businesses, their local physical and digital security is substantially weaker than the best service providers.
Businesses who embrace the cloud and manage it properly stand to gain a huge competitive edge. This is what will drive the transition in the end, and the job of the IT Director will be to make sure it is delivered securely and reliably.
The alarm bells really started ringing when I got to the bit about PricewaterhouseCoopers having published a report. The big consultancies are short of public sector work at the moment. What better time to lobby ministers into launching another round of NHS madness.
If the consultancies are involved you can bet your a*se that any solutions will be even more complex, more centralised and more prone to juicy and lucrative cost overruns than the last attempt at this.
There are some (relatively) simple decentralised solutions to solving this problem, but there is little money to be made from them by the management and IT consultancies, hence they never see the light of day.
The fathers of the internet did not set up a single, central DNS server and require everyone to subscribe to it. Instead, they defined a standard for the operation and interaction of domain name servers. Anyone could set up a server as long as it complied with the standard, resulting in a gloriously simple and scalable distributed database. OK, it's time for some updates now, but it has served us with distinction and performed way beyond its original design goals.
The NHS needs to define a standard by which any two patient administration systems (PAS) can share records. After that, we can have many competing PAS systems which will increase choice and quality and drive down costs. Trouble is, you can't charge 12 billion quid for setting a standard.
I think AC has been the victim of a XAP exploit (aka cross article posting). Clearly the comment was made on a completely different article. I suggest El Reg check their servers for evidence of this dreadful XAP attack. The root cause no doubt is Bill Gates himself if AC is to be believed.
This is an unbelievably poor article. At every level.
What's a Lamp stack? A big pile of lights? Now a LAMP stack on the other hand is something quite different.
The author strains to distinguish between two types of MSP namely those who manage the email service and those who get others to manage the service and merely resell it. When is an MSP not an MSP? When he's a reseller. All that this article does is to describe the difference between a service provider and a reseller.
There was absolutely no point in writing or publishing the article. It's awful.
And yes I did get out of bed the wrong side this morning and have indeed been looking for a good target for spleen venting.
You have three options :
A) Give me a fifty quid royalty on each sale.
B) The Earth gets it. I've had enough of saving the poxy thing anyway.
C) I'll take one free unit in full and final settlement. Email thedoctor@gallifrey.plnt for delivery details. It's not much to ask and it'll save you a lot of trouble. You know it makes sense.
I too have had a look at the site, and it is indeed a bit thin on detail. If NuoDB delivers on its claims though, then it's a seriously interesting proposition.
A couple of questions for Wiqar Chaudry.
If I run multiple Brokers, how does the application decide which one to use and how does the application know which Broker to move to if the Broker it's using fails? Are we basically talking DNS round robin?
You say that the storage manager implements a distributed database. By distributing/replicating the data each node will maintain a full copy of the database. Won't this cause scaling problems with data volumes compared to federating the database. As the volume of data grows, we can't just add more nodes, we need to upgrade each and every node in the domain so that it maintains enough storage capacity.
I made it up down the pub and told a mate. He tweeted it. His mates retweeted it and before I knew it, it was trending wildly. A freelance journo desperate for a story was scanning his sources (checking twitter) and saw my theory trending. He convinced Newsnight to run a special report. The Guardian interviews me and I admit I made it up. The entire senior management of the BBC gets sacked, but I don't feel bad cos they get massive pay offs.
The open source model should always have been the way forward for the development of clinical systems within the NHS. The NHS as a whole has a huge amount of technical expertise including clinicians (obviously) but also information technologists. The problem is that it's locally based and spread across hundreds of institutions. Pooling those resources via a well organised open source development project has enormous power. At the very least it has to be a vast improvement on the alternative, which is to establish a central body to dictate and deliver the systems for the whole NHS as has been catastrophically demonstrated by the National Programme for IT.
This is not a song of praise for open source in general and has nothing to do with Linux on the desktop or other such pseudo-religious issues. What I am saying is that if ever there was a perfect context for the development of an open source application, then the NHS is it.
Sounds like Neill and BigYin need to speak to Browsium!
I have no connection with Browsium, it just seemed to me that you'd completely missed the point of the article/advertorial. Your clients now have a solution that will slash their application migration costs by 96 percent if the article is to be believed.
do not use : Wi-Fi or other radio connections, ATM machines.
shield : RFID-equipped cards and passports
When the world's "largest collection of hardcore security experts" is given warnings like that, what chance have the great unwashed got? The proverbial man on the street can't function without these things any more, but as the Black Hat organisers say, even if you're an expert at defending yourself, these technolgies we all depend on are flaky in the extreme.
Consumers, be they organisations or individuals, pay for convenient, expedient and fashionable solutions. They do not pay for security. It has no value for them until after they've paid, by which time the vendor is no longer bothered.
In my experience, Virgin Media have almost continuous issues on their backbone network. Routing problems are common place, but so too are other signs of degradation such as packet loss and sudden large increases in round trip times. If you're with them, switch to a proper service provider (the clue lies in the words "provider" and "service") as soon as you can.
Exactly! How is this an article? If I can get your username and password I can get at your stuff. In other news, the Pope has been outed as a Catholic and scientists have discovered that bears sh*t in the woods.
Somebody suggested having encryption, with a separate password, as a solution. Trouble is that this is open to the same ingenious attack vector. If I have your encryption pass phrase I can unencrypt your data - we're all doomed.
It seems to me that Tech City is trying to jump on the extraordinarily successful FOSS bandwagon. Trouble is, although they're getting there with the hippy communal cooperative side of things (sort of), they haven't got the awesome intellects and outstanding engineering skills that drive open source development. Lots of beards but no brains as it were.
It's a bit like having a bag of chips with no salt or vinegar. All you end up with is a cold, greasy pile of stodge (is that analogy stretched just a tad too far?).
You want good service levels. You deserve them. You are the customer.
Every minute this stuff is down will cost your business money. Your own customers will drift away and find another supplier.
Thinking about it, your hosting provider is serioulsy important. Your business could easily fail with downtime of this magnitude.
So why did you go and buy the cheapest pile of shite hosting service which for years has had a truly awful reputation for reliability, tech support and customer service? Eh ... answer me that one?
From the Economist on the Groupon IPO :
"Groupon will lose $280m on revenues of $1.69 billion in 2011"
"Its business model is unpatentable and simple to replicate, so there are already more than 20 copycats."
"Its marketing costs are expected to be a painful $958m this year."
958 MILLION dollars on marketing in order to lose 280 million dollars.
This all smacks too much of the late 90s. Remember boo.com, a company which "spent $135 million of venture capital in just 18 months, and it was placed into receivership on 18 May 2000 and liquidated" (wikipedia)? But boy did they have some fun.
If a VIP goes on a trip to a dangerous place do you :
1) Publish detailed information about precisely when she will be where alongside details of your precise security strategy for each location, transit routes in between and security details during transit. Have all of this information scrutinised by an ad hoc network of independent security experts from around the world to see if they can find a vulnerability. At the same time of course, your adversaries get to scrutinise your plan too.
or do you :
2) Not announce the visit until it's already underway. Withold details of the trip from all but those who absolutely need to know, and even then tell them only those details that they need in order to do their job.
There is certainly a debate to be had. Option 2 could allow the security detail to get sloppy. However, I think when looked at this way, the answer isn't quite as obvious as it first seems.
Why would I want mains electricity when I can run my own generator?
Why would I want mains water when I can dig my own well?
Why would I want main drains when I can muck out my own cess pit?
Why would I want to set up VPN over the public Internet when I can lease my own line between London and New York for just £50000 a year?
The utility model is the future of computing. There is no conceivable argument to the contrary. The operational and economic cases are simply too strong. Ways are and will continue to be found to make the model as secure and robust as people need it to be. The technology will mature as all technologies do, with possibly a few minor and a couple of major catastrophes along the way. It has always been thus.
Luddites please go home - you are unbelievably boring.
That's patent bollox and you know it.
In the computing world at least, outsourcing is the oldest profession. In many circumstances it provides systems that are more reliable, more secure, and better performing than in house systems. Sometimes it can even save money, but that is not always the primary goal.
How it is implemented, both technologically and in terms of commercial agreements, is what makes the difference between successful and failed outsourcing. But that is equally true of in house systems.
The thing is that the mult-million pound retailers use ten quid a month broadband connections to connect their POS systems to the world.
The way the broadband network is built it does not and cannot provide any kind of decent SLA. Anyone who thinks they can spend 10 quid a month, or even fifty quid a month and get rock solid connectivity is seriously deluded.
Until now, the IT pioneers have tended to be large enterprises with big budgets. Eventually, some crumbs from their table would fall to small and medium sized businesses. The typical SME still thinks it's pretty good if they've got Sage Line 50 and an email server that's not down most of the time.
What the likes of Google, SalesForce, and the many more niche providers of multi-tenanted software are doing is turning the current situation on its head.
SMEs start with little or nothing. Moving to web based IT services provides them with things they've never had, and could never afford to provide in house. In using such services they can often end up with something superior to that which enterprise IT teams can offer with their in house services. Small business can end up with the latest and the greatest, whilst large enterprises risk falling behind.
In terms of line of business systems, the promise of the web was never to large enterprises. It has always been a promise to smaller businesses that they will finally have access to the kind of IT that only giants could previously afford.
For big business it is quite possible that moving their stuff to a third party service provider would not even save any money. Much in the same way as large companies run their own fleet of company cars, it will probably be cheaper for them to keep running their own IT services, albeit moving them to new and more efficient infrastructure.
What should scare big business is that for the first time many smaller companies are able to get access to cutting edge IT, enabling them to punch well above their weight. Up until now David has had a pea shooter. Now that he's been given a sling and some stones, he's much better equipped to go after Goliath.
The really big idea behind Wave was federation of the platform. Increasingly we rely on monolithic platforms such as Google Apps and Facebook. With Wave, we could all run our own Wave servers but still communicate with each other, much as we do with email.
Sooner or later email must die. Something will need to replace it. Much as we don't want to rely on a single company to provide all of the world's email or DNS services, we won't want to rely on a single company to provide our messaging/collaboration services. Wave may not be the answer, but we will need something along similar lines.