* Posts by bigbob

18 publicly visible posts • joined 23 May 2014

Royal Bank of Scotland IT contractor ban sparks murmurs of legal action

bigbob

Hello, big consultancies

Accenture, KPMG and the rest are rubbing their hands with the prospect of providing contractors to the private sector at far higher rates. It's very convenient to organize it between the execs at the golf club.

bigbob

Re: Life goes on.

> EVERYONE WINS

Um, in your example the client pays £60k more for that flexibility. And simply by allowing business expenses the overall tax rate is lower, which is simply unfair to other the 99% on PAYE.

> put many (usually Tory) contractors on the dole

All these contractors charging £100k are just going to be out of work are they? I can't take you seriously.

bigbob

Re: Heads they win, tails ...

It's a contract with a negligible notice period, so the client can simply end it and offer a new one with whatever terms they like.

Nest tosses £1.5bn pension admin service agreement out there for outsourcers to fight over

bigbob

Analysis

18 year contract:

A contract signed 18 years ago would proudly have included compatibility with the then brand-new Windows XP. That's probably aged better than most other software from 18 years ago, and yet it is practically radio-active these days - people are throwing away multi-million pound CAT scanners because they can't take the security risk of it running Windows XP.

18 years ago we interacted with customers via phone. Email support would be modern. Twitter, slack etc were at least a decade from being invented.

18 years ago software releases were annual events, involving coordination of multiple teams, locked-down months in advance to order the hardware, frequently went wrong, were hugely expensive, had no production-type testing and delivered a fraction of the value we expect today. Modern cloud and devops is not perfect, but is light-years ahead in every dimension.

Money:

£1.5bn is three-times what it costed to create the IT system to run the UK's whole prison system: https://www.theregister.co.uk/2009/03/12/nao_probation_report/ - a massive overspend in itself. All this money to administer a pension scheme?

AWS halved its (Lambda) compute price last year, and how much of this was passed on to customers by the outsourcing companies? None.

Strategy:

Anyone will tell you: Outsource stuff that is undifferentiated heavy lifting. In-source what is risky, or is your key differentiator.

Maybe NEST has unique needs for administering pensions, compared to the dozens of other UK pension providers - I'm no expert. BUT you'd think everyone had realized by now that IT is risky and executing it well is key to nearly every organization's success. It makes no sense to outsource.

Ministry of Justice abandons key plank of £280m IT project

bigbob

Re: IT, fostering delusions since 1977

No, waterfall is all but dead these days in software. Remember the software crisis? Massive failures like NHS National Programme for IT and BBC Digital Media Initiative. Hundreds of millions of pounds invested in IT projects without a single line of code making it to production - that's the hallmark of waterfall. Waterfall is a key element to how Sun Microsystems, IBM, Yahoo etc all worked, and they were simply outpaced by the FANG crowd doing agile. Read last year's 'Accelerate' book for plenty of research showing the agile/devops juggernaut delivering way way more than teams using waterfall.

Houses, bridges etc are mostly commodities. Built endlessly all over the world to the same well-worn architectures, same materials, same methods over many decades. Also very expensive to change anything once built. That's why waterfall and detailed specs up-front are best for building these sorts of things.

However, software is a very different beast. You're likely building something highly unique, and new for users, so you're simply going to get it wrong if you try to plan it in any detail. Tech changes quickly, so your raw materials and techniques are changing under your feet. However changing what you've built is cheap, enabling you to do prototyping and put stuff in front of users early on, to significantly de-risk big decisions. Being flexible like this often makes a huge difference to the success. Deliver an MVP to production within weeks and you'll find out very quickly if it is adding value and where to focus effort. YAGNI (You Aren't Going to Need It) is a big thing for cutting cost. You mention complexity, and in agile you should of course consider architecturally significant issues up front and review them as stuff comes up.

Sorry to the remaining waterfall brigade, but even by planning incredibly intelligently and thinking really hard at the start you're still onto a loser on average. Sorry that agile has been hyped up by arrogant kids in t-shirts and trainers, but all the evidence shows they are right.

10% of UK's top firms would be screwed in a cyber attack – survey

bigbob

Define cyberattack

90% are prepared for a "cyberattack" from a DDOS (eg betting company ransom demands)

10% are prepared for a "cyberattack" from an SQL injection steal of their customer database (eg Talk Talk)

1% are prepared for a "cyberattack" from an APT (eg Sony)

Gov digitisation plans happening too slowly, say IfG policy wonks. Hear that, GDS?

bigbob

> departments resent interference and resist new ways of working

Of course they do. And kids hate school and exams. But departments will never produce decent digital services if they aren't ushered in the right direction somehow. GDS has done more good for them than anything previously.

Damian Green now heads up UK Cabinet Office

bigbob

Re: Oh bugger!

Um...Oxford and Cambridge are world-class universities, the best people apply to them, and then the population votes them into parliament. I don't see much problem with it.

Got a chip on your shoulder perhaps?

GitHub CEO Wanstrath: 'Our goal is no outages'

bigbob

And it took only 24hrs from this article until the next MAJOR OUTAGE...

Would you believe it? The Museum of Failure contains quite a few pieces of technology

bigbob

Blackbird, Microsoft's laughable attempt to proprietize HTML & the WWW.

The UK's 'Universal Credit mega cockup was the coalition's NPfIT' - Margaret Hodge

bigbob

Erm no as big as it is, NPfIT was £11bn write-off for Labour, and Universal Credit, as awful as it is, is "only" set to be a £0.6bn write-off, so a different order of magnitude.

GOP delegates suckered into connecting to insecure Wi-Fi hotspots

bigbob

Re: Why? - Let's have some critical journalism

I suspect that your company will have installed into your browser a special company-only root certificate, to enable you to get an HTTPS connection to the proxy server. Because otherwise your browser will complain that it is not certified by Google.

But if you're at the Republican Convention on an iPhone (i.e. browser supports HSTS) then I think it would refuse to connect to a proxy for GMail (or other sites with HSTS).

Bracken assembles old GDS crew for Co-op

bigbob

Stealing staff

Did GDS not put in a clause in Bracken's contract to prevent him poaching all their best staff? Massive HR blunder...

The blessing and the curse of Big Data

bigbob

Re: "Data" versus "Big Data"

I disagree - the spirit of big data is not about really about scale, despite what the name implies, and the big-corporate-influenced bilge on the wikipedia page and boring-but-rebranded systems conferences. A huge organization's accounts over a century might take a few terabytes but it ain't Big Data. We've had enormous environmental and weather data for decades and that wasn't called "Big Data", and should not be part of this new category because it simply brings no innovation or anything interesting to discuss by anyone outside the Met Office.

For me, this the Big Data that has captured everyone's imagination:

* collecting pervasive data. It's not about the mission-critical data that has been traditionally collected for decades, such as stock, sales and employees. It's about collecting data on every customer click, every employee footstep, the temperature in every room in the country, etc.

* far-reaching linking of datasets, e.g. traffic accidents linked with personality data, or google search terms scanned to discover flu outbreaks

* the analysis is likely to involve recent strides made in machine learning, more than 3 dimensions, natural language processing, etc.

Cynically slapping the words 'Big Data' onto an article about 1980's SI is an insult to the really exciting work going on in Big Data in the past few years.

bigbob

Erm this is "data", not "big data". Yes I know fewer people will click on this article if you rename "whats the point of systems integration", but maybe the simple truth about El Reg hurts.

French privacy cops snarl at websites over crap EU cookie warnings

bigbob

Beef up "Do not track"

Most websites track every search, article read, linked with other sites you view, every geo-located IP etc.

Most phone apps track every click.

Most big shopping arcades track people using their wifi MAC.

This is all used not only so that they can 'optimise the experience' but to sell to advertisers.

And all this without our consent. There is virtually no push back to companies that track us.

How about some options in your browser, rather like iphone "this app wants to use your location"? It would say "this site wants to track you and sell it to advertisers". Of course you can say No, and sites have the same choice as with ad blocker - either let you continue anyhow (and lose a bit of revenue) or refuse to let you use the site.

Whilst a good chunk of the web & phone apps are funded by tracking & ads (google apps, media), all the rest (government, shops, wikipedia) we should have a choice to not have them track us too, because currently it is so god damned easy for companies to do it.

All hail Mad Frankie Maude, noble Lord of Cabinet Office Axemen

bigbob

Lords reform, you say? Lib Dems agreed that last time, but Tories reneged, and the Lib Dems were booted out by the public.

EBAY... You keep using that word 'ENCRYPTION' – it does not mean what you think it means

bigbob

Encrypt personal data?

Can someone explain why it's suggested to encrypt the other personal data? Surely the web application needs the key to access the encrypted data, so you'd store the key on the same system as the db. So any attacker that can get at the encrypted data can get the key too, making the encryption worthless?