Posts by Doctor Syntax

Re: Ye Olde English Proverb

The bad workman might have chosen the tools.

Re: What should I use instead

"Ok we should not use Excel. What should a non programmer use instead?"

Email or the telephone. To ask a programmer to put together a real application.

For a lot of purposes the spreadsheet is good enough but at the very least you need a sanity check on the results and sometimes "good enough" isn't really good enough and you have to require better. Dealing with people's health and lives is one of those times.

Re: Relax...

In real life this will have gone through all sorts of very important people an NHSX who then said "use Excel because that's what we know.".

Re: The Waste Makers

"So having phones responsibly recycled by a Canadian company would, on paper, appear to be the much better approach."

Unless there are environmental reasons for taking the product out of use re-use is the most environmentally friendly form of recycling.

On that basis this unauthorised repair business must be losing money so how can it survive? Either that or Apple should employ them to turn round its own repair business. Or does the chance of a tax loss trump everything?

Re: Old Excel version

I blame the whole lot, from Cummings, via his underling BoJo, downwards.

Re: When the only tool at your disposal is Microsoft Excel

And you end up nailed to the wall.

Re: If the last record is OK, proceed.

More haste, less speed.

The time taken to do the job right is usually the shortest in the end.

Re: Familiar kind of scenario.

Time taken to sort out the consequences - too long if you happen to have been one of the vulnerable contacts of the unknowing contacts.

Re: VBA implicated yet?

The problem is trying to do things without getting techies involved. I doubt there's anyone in the techie side of IT - and even a good proportion of management who wouldn't look at what they were using and say "disaster in the making". In this case, of course, the management concerned did not come from that good proportion.

Re: CSV?

"The problem with CSV is that when you open it in Excel"

You don't bother opening it with Excel. You open it with an application which has been designed to check for integrity with such things as a declared number of data rows and a proper end of file marker. It fails? Then none of it gets imported and the sender is to to do it again, this time properly, and whatever management processes in place round it are left showing that data from that source is still pending.

It needs a proper process in place of which the file format are parts S/W and only parts. That needs proper management overseen by someone more capable than a two-time loser of PII.

Re: 'spreadsheet software as "human middleware" in the sector'

Is it too much to hope that fiascos like this lead to the recognition that it has its limits?

Yes, it almost certainly is.

If this biologist was in a testing lab with that job the first thing he would do to record results would be to fire up an RDBMS as he has been doing since about 1984.

However the problem here is to bring batches of results into a single system. In that case the first thing he would do would be to devise a file format with sufficient metadata (i.e. a row count) to check that the received file contained the intended complement of rows so that incomplete files could be instantly noticed. Very likely the format would be CSV. Only after doing that would the S/W be considered.

Taking time to do a little planning and design up-front pays dividends later.

Re: 'spreadsheet software as "human middleware" in the sector'

Good enough for politicians but real work needs something better.

Re: Hmm...

Of course. Experts charge more so that those who know the price of everything and the value of nothing pay more attention to them.

Re: Hmm...

"too high to ignore"

You have to wonder just how high that might be for some people.

Re: Security investment

Unfortunately the costs of failure are still insufficiently high. Some of the breaches we've seen ought to have brought down the companies. It's not hard to think of a few who ought to be remembered only in MBA courses as case studies in failure. I can only think that C-suite members simply think "There, but for the grace of God, go I" and continue doing business with them.

Re: Hmm...

"Don't confuse correlation and causation"

But don't ignore it; ask how it comes about.

Re: soo...

"there was also additional challenges from businesses and people pouring random chemicals down drains"

We had a problem with the Belfast sink* (in Belfast) leaking. I had a few goes at tightening up the fixings with no success. Eventually the penny dropped. It was the sink we used to dispose of reagents used to prepare samples for pollen analysis. For soil samples this involved boiling with hydrofluoric acid.** It was an old building so the sewer pipes would also have been glazed; I wonder what it did to them.

* For those who don't know, glazed earthenware.

** Sporopollenin is amazingly resistant to all sorts of things.

Re: Closest I've had to that ....

"The Mrs came with a hotmail account, for much the same reasons."

You realised she wasn't going to be a long term solution?

Re: The mythological wire stretcher

What, no striped paint?

Re: soo...

"But one of those occupational hazards, hence why it's good practice to check a pit with a gas detector, not a lit roll-up ciggie"

It happened before my time but the scars were still there to be seen....

Gas leak in a tunnel, not sure what gas. Someone from the forensic lab went out to investigate with a detector. Only tested at one level and pronounced it clear. "Look I can strike a match." I've met the RUC sergeant who had the wit to say "Not until I get out".

Detached garage in the first house we bought in NI. Wiring in garage but with no direct connection to supply. The previous owners had managed this by taking a supply from the kitchen as and when needed with a long flex with a 13 Amp plug on each end. One end plugged into a socket in the kitchen and the other into a socket in the garage.

Re: Closest I've had to that ....

I've been past the place a few times in recent years. A monstrous place. My old outfit ended up in that complex, fortunately a while after I left.

Re: Never work with children or animals?

Aren't a polecats just for overhead cabling?

Re: Closest I've had to that ....

Fortunately the water main isn't quite as far over the road as the electric main.

Excavation revealed a second, more recent water main that isn't on the contractors' plans and which they suspect Yorkshire Water don't even know about. It must have been at least 30 years old, however, as I don't remember it being laid.

This is no surprise as a previous electric fault revealed our connection wasn't where the plans showed it to be and some years ago it was discovered that what the gas engineers thought was the gas main was abandoned and ful of water whilst the real gas supply came across adjacent property from different road. What the GIS says and what the ground says seldom seems to coincide.

Re: Closest I've had to that ....

etymonline.com says soudure is derived from Latin solidus or solidare and the modern form is a re-Latinisation of the C15th.

Re: FFS!

"perhaps the NHS provides a bulk email facility to which GPs can provide a mailing list"

It does indeed appear to come from a bulk email facility: notifications.service.gov.uk

It doesn't come from the GP. It doesn't have anything like "Envelope from" my GP. The actual ID there from which it comes is nhs.test.and.trace.covid19.app. A bit opaque, maybe, but possibly from the Serco business contracted to do the test and trace.

That service, in its short history, has form for email security: https://www.theguardian.com/business/2020/may/20/serco-accidentally-shares-contact-tracers-email-addresses-covid-19 and didn't see the need to refer themselves to the ICO over that incident. And in any event it's all under the control, for want of a better word, of Dido Harding who also has form with overseeing PII in her previous job.

Plenty of us commented here, right at the start, that trust was absolutely essential for us to have confidence in this operation and that HMGs of all colours have a long history of being untrustworthy in this regard. We also said that appointing Harding was a poor start to building that trust and this just confirms existing suspicions.

Re: You lot...

I don't suppose TT was trying to defraud their users. They just managed to lose control of the users' data twice to those who were trying. With Dido Harding presiding.

It now appears that T&T have acquired a large database of PII. With Dido Harding presiding.

T&T operation is subcontracted to Serco. One of their first actions was to lose control of their tracers' email addresses by email

I repeat again, the problem isn't the unexpected email, it's where the data has got to.

Re: COPI notice

Use a serious situation as a pretext for getting rid of public protections. Absolutely classic.

Re: You lot...

"The message was not addressed to you personally"

So how did it get to me email address. Just one of my email addresses. The email address given to my GP.

Can you explain how somebody other than said GP emails me without a breach of the DPA?

Re: FFS!

Tip: If your e-mail address actually contains the word "spam"

Sigh.

Some people just don't get it. Read this as many times as it takes to understand it: it is contrary to the DPA - based on GDPR - to pass on PII without specific, informed consent.

That is the problem here. Not the message on behalf of the NHS. The passing on of PII without consent. Who knows where it's got to once it's gone?

Re: Idiocy

The deeper problem is that IT is seen as an unwelcome cost of doing something whilst not recognising that it's part of the core of what you do. (Hi, there, banks.)