Thursday, May 27, 2004

Angela Vivian Memorial Service

Tomorrow I'll be in Wells - where a large part of my family come from - for Angela Vivian's Memorial Service. If you're not busy at 2.30pm or so, cast your eyes skywards for me. Be sure that, if there is a God, right now Angela is hassling him to spare her 1800 seconds so that she can talk about improving social inclusion up there. Maybe she'll realise that she now has all the time she'll ever need and there's no need to rush - 1800 seconds will last a very long time. I'm sure that there will be a lot of people there but just spare the time for a little thought in her direction for me.

I spy anti-spy with Yahoo

I've just installed Yahoo's new toolbar, complete with anti-spy software capability. It scanned the PC I'm using - my sexy new toshiba m200 tablet - and found it clean. I like the new toolbar a lot. I've customised the buttons just the way I want them. Next task is to read the privacy policy properly and find out exactly which rights I've signed away.

Oqo finally shipping

At last it looks like the Oqo device that I saw nearly 2 years ago in San Francisco is getting ready to ship. Plainly they are going to be short of supplies for a while once people see these things. Once they sort supply out, I would expect them to quickly move to doing them in colour versions - gold, lilac etc - taking a leaf out of the ipod book to further drive up demand ;)

Tuesday, May 25, 2004

The CIO ....

The announcement the head of the e-government unit in the UK was made today, aka the UK's CIO. Ian Watmore, presently the top bod in Accenture UK, will take over in September.

Monday, May 24, 2004

Not enough oil?

I don't get it. Oil futures vault over $40. America plays nice with Venezuela so as not to disrupt supplies there, despite the madness that seems to be going on. The Saudis say that they can pump another 2 million barrels a day (taking their output up from 9 million odd to 11 million odd), even though the last time they did that was nearly 15 years ago. The oil stocks are moving higher preparing for an era when oil costs are going to be far higher than previously for far longer. But somewhere, someone must be adding up end to end process capacity - the pipelines, the tankers, the ports, the refinerys - and coming up short. I don't know that you can just pump oil and have it shipped and taken care of just like that. This stuff must be planned like the Queen's diary - months or years in advance. The shippers presumably don't have idle boats. And then there's the question of whether the extra oil is "the right oil"? Will it help reduce the price of gasoline (petrol for us Brits) at the pump? I'm not sure that it will. I think it's too complex for that. The only chance is if the "promise" of more suppliers psychologically boosts the market, driving down the futures price and so making things more affordable. Until the Chinese buy another 90 million cars on top of the 10 million they have now and really hit supplies hard!

Sunday, May 23, 2004

Better news

The latest news from Bangladesh is that Anwar is out of trouble and recovering nicely. That's great news. Meanwhile, rumour has it that the police have arrested anywhere from 3 to 9 people in connection with this terrorist act.

Saturday, May 22, 2004

VOIP, Webcams and Voyeurs?

One of the elite technical folks that I work with mentioned, almost casually, to me the other day that he thought someone had found out how to turn on cameras attached to PCs without the user being aware. It doesn't take more than 1/2 a second to think of the damage that such a hack could cause if it's true. I guess there's some vulnerability in instant messenger software or similar that lets you remotely activate the camera - and spy in on whoever is doing whatever they're doing. I don't have a webcam on my PC. I guess I won't be getting one. That got me wondering about the new trend for Voice over IP telephony, or VOIP. This is becoming a big deal in the USA now with major carriers offering it. When I first used it, the software was available from a little company called Camelot (I think there were 2 or 3 others) with a Nasdaq ticker that I remember flying through the roof regularly (just checking now, it's trading at $0.006). The sound quality was crap, but it felt weird to talk to someone in Seattle through your PC microphone. That was 1993 or 1994 - when my Compuserve ID was a couple of numbers in square brackets and my email address was the same and, I think, 28.8k modems were as fast as they got. Later, maybe 1999 I tried it with a camera and spoke to the same person in Seattle with a 1 frame per second update rate over a 56k modem. Today, the technology actually works. The flaw in broadband for me so far has been that I need to pay for a phone line in the first place - so the real cost of broadband is not the £30-50 a month that the telcos quote, but that plus the phone line rental. Since about 1995 I have been totally reliant on mobile phones and haven't needed a land line - just like I haven't needed a television. But, with VOIP you need, technically, never see another phone bill beyond the line rental ever again, depending on how the carrier bills you. If BT get their bluephone off the ground, then you'll have a mobile phone that goes Wifi/VOIP in the house and GSM out of the house or, for that matter, Wifi/VOIP whenever it can connect to a Wifi network even if it isn't yours (which makes me wonder about SSIDs, WPA, WEP and all that and how it will work on a phone, let alone how they'll make battery life long enough - after all, 3g phones still seem to run out of batteries just after you turn them on). With emerging VOIP, I wonder how long it will be before hackers are exploiting weaknesses in "phone security" to tap into calls people are making - maybe even re-routing them in flight and crossing over calls from one person to another so that, say, they hear their own voice or their call is passed to someone else. The security services are going to want to do that so that they can continue to use Echelon or whatever to tap calls, so the hackers will certainly find ways. If they can suck data off your mobile using bluetooth without you even knowing, how hard will it be to hack the VOIP network? Or to use backdoors in VOIP to get at your PC? Ugh.

Friday, May 21, 2004

WAD files in Government

I've spent a lot of time coming up with analogies for what I think we're trying to do: Ways to make it easier for people to comprehend where we are and where we're trying to get to. If you've followed my postings here (the new version of blogger says that this is number 590) then you'll have seen many - the recent ones about fruit machines in Las Vegas and the older ones where I've probably talked about Kennedy's "go to the moon" speech in the sixties or the Microsoft Office hook. Last night, I came up with another one; one that I think makes it a lot clearer for me. It stemmed from me wandering around the subject of sim games as I was writing about the Copenhagen Consensus. I remembered that I'd bought a book the other day, Masters of Doom, that I hadn't started. Doom. You remember that - the world's greatest first person shooter at the time. The one where if we hadn't had it, we wouldn't have Halo or Half Life or any other related title. When Doom first came out, it wasn't long before "mod files" appeared - files that allowed you to change the shape of the game, the graphics, the sounds, the locations, pretty much whatever you wanted. To use a car analogy, you had a chassis and an engine, but everything else (if you were smart enough) was up to you: you could add different doors, change the seats, put a sun roof in, whatever. I want the central infrastructure in government to be the equivalent of the Doom engine. You get the core pieces that drive things, and you get to make up the scenery - you get to install the WAD files, using some helpful tool sets that we've designed for you, or some others that different people have designed. I think we're quite some distance from this, but I think it's a useful analogy - for those who are video-game literate anyway (I've got another analogy coming about Burgundy wine, but I'll leave that for another time). The thing that I think is the blocker - the thing that is different - is that Doom knew what it was up to; it knew that it just had to worry about the graphics files and the sound files; it knew where they were and it knew their format. Noone tried to change the rendering engine in Doom so that it had to use one piece of code for walls and another for doors. Everything was data driven. In the world of government IT, we haven't abstracted the data from the engine and we have several engines. There's something here that I believe would be useful to explore. How many engines do you need? One to make payments, one to receive payments? One to print content to the screen and another to print content to paper? One to process eligibility and one to grant entitlement? How many really? Do you need two to make payments or three? Or 12? or 120? Doom has sold however many million copes (and I expect I'll find that when I read the book, but I'm guessing all the versions together have probably hit 100 million or so). We need our Doom engine equivalents. Things that are so obviously good at what they do that other people strive to copy them (e.g. Half Life) but adding their own features and capability - but that not too many people copy them (i.e. enough for healthy competition, enough so that everyone makes a margin but not so many that your decision process takes longer than it took to create the engines). But, most importantly, people can take their data (in the correct format) and add it to the engine and get what they need. They can't change the engine (they can't make it put doors where walls are supposed to be or vice versa), but they can capitalise on everything the engine does simply by customising the wad file. If we could take website design forward this way I think we could all solve the accessibility, download speed, metadata standards and other issues that we have. And focus on what the gamers really show up for - the content.

My kingdom for a ...

Gmail account? Really. People want to swap stuff for gmail invitations or so says Wired. What stunned me is how many people want to make a trade - I was three pages in and still on offers made today. Everything from mini-ipods to 20 minute netmeeting slots (anything goes apparently)! If you're buying or selling, go to gmail swap. Why do it? I guess you want to play with a new toy, or you want to get your name reserved before anyone else does. All seem reasonable to me.

Things get grimmer

My good friend and former colleague at this office, Anwar Choudhury, recently moved to be the High Commissioner of Bangladesh. This was an amazing move for all sorts of good reasons. He's been out there just a couple of weeks. I learnt a couple of hours ago that he was the target of a bomb attack - reports are scarce but he looks to have sustained some injuries, but not too serious. Other people surrounding him were apparently killed. Anwar's a tough guy and I hope that he recovers speedily. My thoughts are with him and the families of the people killed and injured.

Thursday, May 20, 2004

Training to be the PM

How do you train to be the Prime Minister? Where does the skill set come from? How do you practice? And, if you believe the Tom Peters school of training, how do you get the chance to make mistakes and learn from them? Perhaps one of the top 5 hardest jobs in the world, requiring mastery of a multitude of subjects, the deepest understanding of Politics and politics, people and populations. A new initiative, the Copenhagen Consensus (from those Danes again!), strikes me as an intriguing way for the average bod to see how difficult it might be.
Copenhagen Consensus is based on the aim to improve prioritization of limited means. The world is faced with a countless number of challenges such as diseases, environmental degradation, armed conflicts and financial instability. Copenhagen Consensus takes a new and critical-analytical approach to assessing the effects of international opportunities for solving the challenges.
Ten challenges faced by the world, and a bunch of very smart people trying to prioritise them. They're not day to day issues but they do encompass things that have a day to day impact on millions/hundreds of millions of people. This is a sort of God game without the graphics, and without the ability to call up a solution with a quick mouseclick. This has a lot of potential. There are just 10 challenges, but they're important ones: education, governance and corruption, sanitation and water, communicable diseases. And nine experts - all econmoists. The thinking is that economists can be independent of their emotions, they can just analyse the facts and, here, the return on investment. Would a billion into one of these have demonstrably greater results than a billion in one of the others. That's truly God territory. Millions of pounds of funding may be moved from one to another of these challenges based on the outcome - some things (those at the bottom) will lose funding until they become more of a crisis when perhaps they get another chance. These 9 folks are going to be big influencers if this is successful, and it could enormously inform public debate - and take out the "positional statements" that individual supporters of any one of the 10 challenges will always be forced to revert to: the "pick me", "pick me" approach. What's missing from the site, as far as I can see anyway, is an "ask the audience". I think it would be interesting to test crowd psychology and see if the masses come to the same conclusions as the experts and for the same reasons. A league table of 10 challenges confronting us all sounds flip, but it's a way to concentrate the mind and understand at least these 10 issues - if not the 100s of others that impact us too. Next step, surely is a "god game" where you get to be the Prime Minister and run a country - where the issues hit from left and right, some sign posted and some not. Your decisions affect your population and what they think about you. Stories hit the newspapers and influence opinion. There's a lot of history in these games - the Sims, Populous, Black and White, even running football teams. But not running a country? What better way of training for the top job would there be?

John Gotze on Tour

If you're reading this then you probably also read John Gotze's blog. But just in case, he's doing a tour and will be in London next week and again in mid-June. I will be bringing some groupies along to see him in June and will certainly be having dinner in a good restaurant with him. You can find details on his blog in this post.

Google's Green Cross Code

The Google team are worried by the increasing trend in spyware and other dodgy software. They've published some principles that they believe the software industry should stand by. Difficult to argue with any of them I think, unless (of course) you are a publisher of said dodgy software when doubtless you will be shrieking "restraint of trade", e.g.
When an application is installed or enabled, it should inform you of its principal and significant functions. And if the application makes money by showing you advertising, it should clearly and conspicuously explain this. Applications that affect or change your user experience should make clear they are the reason for those changes. For example, if an application opens a window, that window should identify the application responsible for it. It should be easy for you to figure out how to disable or delete an application.
I'm all for this (and more in fact). But the rogue elements will continue to flout these and any other guidelines as long as the consequence of flouting leaves them unexposed. I use Zonealarm to make sure that anything that is connecting to the 'net is doing so only when I say it can - and you'd be amazed what does try and reach out. Zonealarm by itself isn't enough, but the google folks helpfully list some other apps that are worth trying, see the end of their guiding principles.

Wednesday, May 19, 2004

Doing a Cassani

I'll be intrigued if "doing a Cassani" becomes a popular turn of phrase after this very smart lady's decision to turn over London's Olympic bid leadership to Seb Coe. I don't mean "very smart" in a derogatory way - her track record at Go and her willingness to stand up and be counted in venting her frustrations at what happened there show that she is a contender. What I think is both difficult to understand and, at the same time, laudatory is that she seems to know that London can't win with her in the chair. Maybe because she's from the good old US of A (indeed, from California), maybe because Seb Coe is a better leader at this stage (knowing the whole process top to bottom - a Ramsay type of experience) or maybe (in the worst case) because the Olympic Association is a relic of the early part of the last century and is a men-only club. Maybe because the only real win was getting to the last five and she thinks it won't go further - although that would be counter to her track record. Whatever the reason, it's brave to step down now and hand over the top job, whilst maintaining a role in the bid from here on in. Doing a Cassani should be a compliment - for those who truly deserve it only.

Browser Standards - the n**2 problem of old

Someone's let me know (via this natty comments functionality that blogger now has) that my blog doesn't display well on mozilla (and therefore, I imagine, a whole bunch of other browsers). That will be one of those "browser standards" problems that I have talked about before I guess - that despite everyone saying that they adhere to the standards, they do it in different ways. I'll mail blogger and see if they have plans to take care of a wider range of browsers - I would have thought that they would do that (most of the folks I've mailed there before seem to be firebird users). And if that doesn't work I'll have to find a simpler template! Thanks for the feedback, I appreciate you taking the time.

Tuesday, May 18, 2004

Democracy offline and awol

The world's biggest democracy is in a state of chaos. India recently elected another of the Gandhi dynasty to run the country, in the position of Prime Minister. But she doesn't want the job because her (soundly) defeated opponents have run a campaign since the election declaring that, because of her Italian birth, she should step down. Exciting and crazy things are happening over there:
Her withdrawal, and the prospect of Singh leading Asia's third-largest economy, spurred markets, helping stocks on the Bombay exchange post their second-biggest daily rally just a day after the worst plunge in the exchange's 129-year history.
Bizarre protests are occurring:
Scattered protests were reported across the country. One Congress worker in the northern city of Kanpur doused himself with kerosene and tried to burn himself alive, but was stopped. Another tried to jump from a building.
The person who might take the job instead?
Angry and upset, Congress lawmakers mobbed Gandhi and begged her to change her decision, which paves the way for the architect of India's modern economic reforms, Manmohan Singh, to possibly take over the world's largest democracy.
Until it's decided though, noone is in charge. Millions upon millions of people voted for Mrs Gandhi and yet now, the democractically defeated can lobby sufficiently loudly that she be forced to turn down the job - despite that she comes from a long line of leaders (I believe that she'd be the fourth from the same family). And all because she was born in Italy? That's hardly an unknown piece of data - it was central to her opponents' campaigns in the runup to the election. But they lost. In the USA she would never have been able to stand just as Arnold Schwarzenegger (now the Governator) could not stand for election as President because he is Austrian born. 1.1 billion people in a country; a democratic election that, as far as I can tell, was untainted by scandal/vote-rigging/allegations of fraud; it even included technology to speed the process (and noone seems to be saying that this was compromised) - nearly 1 million electronic voting machines were deployed; turnover was 56% (which, in a huge country with enormously varying levels of infrastructure and education is no mean feat - one voting station is 26km from the nearest road and sits at an altitude of over 5000m) - 56% of the electorate is 360 million odd people (from a registered base of about 675 million). It's an incredible turn of events that sees a democratically-elected leader opt not to take on the role because of vociferous allegations about her credibility as a leader as a result of place of birth. I was in India during the run up to the elections in February. I watched the national fervour build over a period of a few days. Mass rallys were held along the highways in Delhi. Thousands of people turned out every few kilometres along the road, with flags, banners, music and podiums for speeches. The candidates dashed along the roads in their SUVs, stopped briefly to give a rousing speech and then moved to the next spot. Mrs Gandhi, it's said, covered 60,000km in her election campaign. Was she right for the job? I have no idea. But I do know that she won a full scale election that few other countries could credibly have pulled off. And following this news? The stock market has a big rally. They'd better be careful what they wish for. India has a long way to go - I will write more about this in the context of off-shoring of jobs soon.

Monday, May 17, 2004

DIS and dat, but mostly DIS

Software AG (and SUN Microsystems) put live their site on their Government Gateway DIS offering today. It even tells you what a DIS is (for those who, like many, have no idea)- although if you don't know what a Government Gateway is then you'll be hard pressed to figure the DIS bit out.

Thursday, May 13, 2004

You heard it here first - The smart money votes

The new CIO for the UK, advertised just a few weeks ago, needs the following key capabilities - A passion for seeing things from the customer view - A solid understanding of the issus of dealing with multiple stovepipes - A grasp of the metrics of cost versus benefit - A real belief in the ability of a team to work together - A capability to be blunt and to the point in providing feedback Who is the candidate? Gordon Ramsay as seen on Channel 4 - Kitchen Nightmares. Stovepipes/stoves ... pretty close. Who wants to take bets?

Monday, May 10, 2004

New blogger version

Blogger looks really different today - there's a whole new version with lots of new features. It looks like it's been redesigned completely. I guess that's what you can do when Google owns you. Just because I thought I could, I've changed the template used today - it's not quite what I wanted but it will do for a bit. You'll also see that Blogger now supports comments, and I've enabled those for "anyone" (as opposed to registered users only). If they turn out to be useful, I'll leave them on, otherwise I'll go back to unidirectional posting. It will be an interesting experiment.

Sunday, May 09, 2004

Stats To Compare With

Stats on website availability, apparently from (where I couldn't find them), but eventually found on Site Availability - The mean availability of all sites was only 98.72%, equating to over 111.13 hours or nearly five days of downtime per website, per year - Only a third of the organisations monitored achieved 99.9% availability or above, which equates to one full working day of downtime per year - City councils had the lowest availability over the monitoring period at 97.80%, or over eight days of downtime per year - Services were available for 99.1% of the monitoring period, or over three days of downtime per year - Political parties had the highest availability at an average of 99.24%, being down for just over two and a half days per year Download Times - For customers connecting to the Internet via a modem (56kbps), download times would exceed eight seconds for 95.7% of the websites in the study - The average download time for public sector websites when accessing via a modem (56kbps) was 21.8 seconds - All but one of the websites monitored downloaded in under eight seconds with a broadband connection (512kbps) Go figure! Political parties with the highest web availability!

The 24hour web myth

It's time to research car insurance again. This time I'm trying the AA which, overall, I think has a great website. One foible and one very strange feature though. The foible is that, early on, it says "type your email address in if you DO wish" to hear from AA and related companies about products and services. So - easy decision - type your email if you want spam, don't if you don't. A bit later, under data protection it says "the AA may want to contact you blah blah", tick this box if you "DO NOT" want to be contacted by the AA or related companies. Trying to catch me out? Poor design? Inconsistent use? Or legislative wording in the latter and customer friendly in the former? I'm not sure. But the very strange feature really got me. I spent a good 20 mins going through their online form, answering all kinds of questions, e.g. what do you do? (Interestingly, the first possible response is an abbatoir worker - the joys of an alphabetic sort!). At the end, it gives me a long and complicated reference number which I wrote down and then advanced a page. I then realised I wanted to check something, so I used the back button, but the page had cleared. no problem, I'll just retrieve the quote using my quote number. Uhoh: "The Retrieve My Quote service is available between the following hours:- Monday 07:30 am - 09:30 pm Tuesday 07:30 am - 09:30 pm Wednesday 07:30 am - 09:30 pm Thursday 07:30 am - 09:30 pm Friday 07:30 am - 09:30 pm Saturday 08:00 am - 06:30 pm Sunday 08:00 am - 05:30 pm During these hours you can retrieve your saved Car Insurance Quote on-line, amend the details and when you are completely satisfied pay for your policy on-line." Why on earth would it not be possible to check a quote on a Sunday evening? Do the disk drives allow write-only after 5.30? The 24hour web is a myth for many businesses.

The Central Infrastructure Dilemma

I've been off the conference trail for a while but this week will be presenting a couple of times. I've left the slides until it's too late, as usual, and I've spent some of the weekend thinking about the right topic. I've opted for "The Central Infrastructure Dilemma", prompted a little by a slide Tim from Software AG put up this week at an inhouse show we ran at OeE on the Sun/Software AG DIS box. Tim put up a slide from Fred Brooks - author of Mythical Man Month, essential reading for all those in project management, much less software project management (and a book I first read, I think, in 1992). Amazon has only 4 copies left. The slide - which I roughly cribbed as he talked - went something like this: The essence of the point is that writing a program is not that hard, but making it into something that is distributable (in the commercial sense, not the architectural one), i.e. can be reused by others, and that is supportable for the long term is, roughly, 3x harder on each axis. So it takes 3x the effort to take a programme and make it integratable and 3x the original effort again to make sure that it is documented, tested and maintainable. That means to do both of those things it is at least 9x harder. For every day of effort you put in to writing a neat bit of code that solves *your* problem, it's going to take 9 to make it solve other people's problems the same way (if you are planning to do that at arm's length, i.e. in a scalable fashion). I guess we all know that intuitively this is true and whether we though it was 5x harder or 10x harder the point is that it's a significant bit of extra work. Brooks is the guy that project managed the System/360 project at IBM - the first mainframe operating system. It's a project that consumed more resources than anything that you care to think of. I've heard that Windows 2000 (or was it Longhorn) consumes more resources than NASA spent putting man on the moon and I suspect the origin of that quote was from the IBM of the early 1960s. And, of course, the project was late; just like pretty much every (or, more likely, every IT project since then). The cause of this lateness was perhaps what Brooks called the "second system effect" - i.e. if you do something small and sexy pretty well first time, you have a tendency to include (in your next version) wildly grandiose ideas that are beyond your capability. And that will be your downfall. "As he designs the first work, frill after frill and embellishment after embellishment occur to him. These get stored away to be used "next time". Sooner or later the first system is finished, and the architect, with firm confidence and a demonstrated mastery of that class of systems, is ready to build a second system. This second is the most dangerous system a man ever designs." So, how does that get me to central infrastructure (CI)? My thinking runs like this: When we first built a CI component in the UK, the government gateway, the challenge was to design something that worked well for the three early adopter departments and that would continue to work well for later departments. We knew what we were working on - a discreet set of functionality in a "black box" with well-documented APIs to the outside world of the Internet and also to the inside world of government. We built something that extended from the world of "program" - the top left of Brooks' square - to the world of a documented, integratable, repeatable programming system product, i.e. the bottom right. As new departments came to join the CI party though, their expectations were different. They wanted it to be "All things to all people", i.e. to cater for their every need - because each and every one of them was a little different in the way that they looked at things. So previously simple requirements, e.g. "match this postcode" became more involved and had to cater for people, say, who owned 5 properties and therefore would need to match all of them. Requirements, naturally, increase - but the job of CI is to focus on the core, not to be all things to all people. If anything, CI's job is to be "a few things for most people". A few weeks ago I posted here some graphs like this one: The aim was to show that CI is facing a dilemma - does it go for scale and cater for the largest customers in the most robust and resilient way or does it try and remain at the leading edge with innovative new requirements well catered for? Go big and heavy or light and smart? Doing either risks alienating those at each end of the wave so the dilemma inevitably resolves itself by jostling around the middle - trying to grab some innovation at the bottom of the wave and seeking to provide scale and capability at the top end. There is nothing about this that is only 9x harder ... if anything it's the cube of 3 and is 27 times harder. But the thesis of CI is, and always has been, that as long as the right "few things" are concentrated on for the right "many", then it is cheaper to do those few things in one place than it would be for government as a whole to do it separately and individually, provided a consistent level of standard is applied. That's where comparisons get difficult. Those who would build a "program" whilst claiming it is a "system" or a "product" will be expending Z amount of effort when, for maximum reuse and supportability, they'll need to spend at least 3Z or, more likely 9Z. If the comparisons are done with the figures from the Z camp, then the economics don't stack up until you have at least 28 users (i.e. one more than 3 cubed). The dilemma then is really "how to take IT in government forward" - and I mean *any* government here; I think it's safe to say that all are under pressure to deliver more for less with the ever greater need for accountability and demonstration of success. Those working in the top left hand box include most government entities. They build code for themselves and only for themselves. All for one and everyone for themselves. Why would they do otherwise? They get control, they get rapid response to changes in requirements and they get what they need. Or, at least, they should. It doesn't work that way though - because, actually, unless you are working in the bottom right hand box, then every change you make layers more complexity on each bit of code; every change needs more documentation; and so, unless all of the processes and procedures are in place, you're in the 9x box pretty quickly but, because you didn't do it right in the first place, you might actually be in an 18x, 27x, 54x or 81x box - you'll never know: the cost of all that will be hidden in the cost of the changes and the cost of running your organisation. There's more from Brooks on this very point: All repairs tend to destroy the structure, to increase the entropy and disorder of the system. Less and less effort is spent on fixing orginal design flaws, more and more is spent on fixing flaws introduced by earlier fixes. As time passes, the system becomes less and less well ordered. Sooner or later the fixing ceases to gain any ground. Each forward step is matched by a backward one. All this doesn't mean that I'm an avowed centrist - in architectural terms. It does mean that there is an urgent need to decide up front which bits are going to be reused, which are going to be thrown away after a single iteration and which bits are going to be shared across entities. Then you have a chance to apply the right disciplines up front. I also posted this slide a while ago: It shows my thinking on the way forward for IT. A few, well thought through, components must reside at the top of the pyramid. These will be "a few things for most people" - they will never maintain the speed of innovation that some want nor will they have the scale that some others want because it's too big a span to cross. They will, however, be stable, resilient, robust, well documented, well tested and easy to integrate. This will be the true central infrastructure. One copy and only one copy, in one place (one logical place, two physical places). In the middle of the pyramid there is room for people who truly can build the 9x systems. These are systems that will be shared by many entities - they will be products within government for government's use. They may be off the shelf, "known" names, but they will be setup in a such a way that government need only configure them, not customise them. They will work rapidly and with minimal overhead, because they have been designed in a 9x way. To make use of these though, government entities will have to align their business processes. They will be able to make some changes to the technology, but to speed the process of upgrades and the realisation of benefits from the technology, they won't want to be too far from the base version. Otherwise, they are in a space where entropy reigns. This space will become known as "collaborative infrastructure" - systems that are built by entities that link up and co-operate. There are already examples of this in some local authorities and there will be in the NHS. I'm conscious that I now have two CIs but the only good synonyms for collaborative all appear to have "C" as the first letter too. Finally, at the bottom, we have the "isolated infrastructure" - the bits that truly are required by entities for their day to day business and that have no input or output to the outside world. This is an endangered species. Someone told me the other day that the average bank has 15 processes. The average local authority? Perhaps 700. You get from 700 to 15 by upping the ante on collaborative infrastructure - first internally and then externally. And the sooner you start the latter, the sooner you can make the most of the real opportunity.

Thursday, May 06, 2004

Sassy viruses doesn't up the ante

Sasser, the new blaster but not as tough apparently, seems to me to be causing pain. When you hear that the coastguard went back to pencil and paper, that banks in taiwan shutdown and the post office in germany shut for the day (and it wasn't a weekend), you have to wonder. Simon Moores ended up on the wrong end of it too, without even getting infected by it - simply because he needed to talk to people who were whilst he was moving house. Pricing the economic impact of that is pretty tough. In this post, which is also in Computer Weekly, he asks whether it's time Microsoft added anti-virus into the operating system. The easy answer to that is yes - but only if it's really anti-virus. That is, it's not a signature based engine but something that is *really* anti-virus, something that stops all known and unknown germs in their tracks. After all, Domestos doesn't have to be told which germs to kill when you pour it in the toilet bowl. It just gets on with it. I think a local solution is doomed. The folks at Microsoft let the world know about this flaw 2 weeks ago, 150 million people downloaded a fix, perhaps another 100 million or more had a firewall, another few million haven't switched on yet and the rest? Well, they probably got infected. So even if there was anti-virus software in Windows, who's to say that people would update it? I have friends who, when I visit their place, I see that little update icon in the bottom right of their system tray, winking away at them and they never seem to download and install the necessary updates. They certainly don't visit Windows update to see if there's anything else that they should install. Nope, the answer is not virus software of the traditional type in Windows. The answer is virus checking, both inbound and outbound, in every ISP. ISPs can move quickly to update their rules - they can even use multi-level detection, like Messagelabs does, to make sure that unknown viruses are checked. As far as I know, since we enabled Messagelabs on all inbound mail on the government networks, we have not seen one single virus - and that was done in response to Melissa (1999?) shutting down some departments for several days. ISPs are the ones that let you download viruses onto your PCs and so it's logical that they should stop it right there in their systems. Likewise, if you try and send some out, they should stop that - and prevent you from accessing their network until you have sorted your system out. That way, peer to peer message traffic will fall away and the 'net can get back on with its life. Of course, virus checkers such as those won't stop a Sasser - that's about firewalls, even the simple one that comes with Windows XP, or Zonealarm (which can be downloaded free - it's the one I use). Connecting to a network without a firewall (read this as having sex with someone in country X without a condom) increases the odds dramatically of you getting infected. If you were in country X and the lady was smart, she'd say no. Likewise, if you're smart, you'd say no. Surely it's the same for ISPs? Or for Windows - it pops up with enough messages about whether you really want to do something (like, do you really, really want to delete this email?). So how about "do you really, really, want to connect to the Internet with your firewall switched off? Click Yes to have Microsoft disclaim all liability for the health of your PC and leave you to be infected by a gazillion viruses that are circulated through the 'net right at this nanosecond". Would you say no?

Not google but gobbldegook

The EU have commissioned some work into an authentication backbone. Apparently: Lia Borthwick, project director of the GUIDE consortium, said: "A multidisciplinary and multicultural structure such as ours is ideal to achieve the aim of developing a citizen centric, user driven and technology enabled open architecture that best suits the needs of administrations, businesses and citizens." They're not actually going to build anything as far as I can make out, but figure out the standards, protocols, data formats and whatnot. Sounds like a big project - it got 10 countries bigger just a few days ago. I don't yet quite understand the point of it although I did see a copy of the proposal a few months ago. I ought, I suppose, to dig it out otherwise I may well miss out on something that uses every e-gov buzz word available, securely.

CSI and Governments on the Web

I've become a bit of a fan of CSI recently. I don't have a TV so I have to wait for the DVDs to come out and then catch up. I've just started series 3, sourced earlier than available in the UK from Amazon in the USA. One of the episodes had the team walking through a casino in Las Vegas. That reminded me of a recent trip there at the end of last year. It was probably 10 years or so since I'd even touched a fruit machine but they didn't look like they'd changed and I was able to go up to several and play them without even having to think. The usual result happened of course which is that they took all my money. But isn't it fascinating that even after all this time, they still work the same way. There's an obvious reason for that: fruit machines need to make money, if they're not being played, they're not making money. A good reason not to play any given one is that, if you look at it and can't understand it you're likely to move on. So it's in the interests of every casino to have very, very similar machines - not identical, but very consistent. Bells and whistles are allowed, but if you move where the "go" button is or change where you put the money in, you can forget it working out. It struck me that this is a great analogy for government on the web. Not that I want to put coin slots on every government website (although it's an idea for some), but that consistency thing is a big deal - it's not the first time I've written about that of course, but I thought that this was a new and thought-provoking analogy. Government is not an every day part of most people's lives, so some lengthy time - weeks or even as long as 12 months - might elapse between uses. If you have to stare at the site and figure out how it works, you may give up. Usability tests we've done recently have shown that people will try for a certain length of time and then give up and phone the helpline, send in a paper form or maybe even just give up all together and not do it. So our websites need to be more consistent to improve usage, improve throughput, reduce the time people spend on them and therefore improve productivity. If online is faster than offline, people will use it. The other thing about Vegas of course is that despite all fruit machines working consistently, there are still hundreds or maybe even thousands of types. It doesn't matter how many different ones there are - all flashing and beeping and whatever - because they all work the same way. Government(s) already have hundreds or thousands of websites, and they all flash and beep, but they all work differently. Net result is that people have to scratch their heads too hard to figure out how they work.

Goggling at Google

I'm fascinated by the upcoming Google IPO. For a few reasons 1) It's been a long time since there was a potentially explosive IPO to watch. The first that I remember was Netscape in, I think, August 1995 or so - followed soon after by Amazon. Those two ignited the Nasdaq for 5 years or so. This one, Google I mean, seems to have had the opposite effect - so far, since it was announced at the end of April, the Nasdaq is down about 100 points (which my poor maths says is close to 5%). Is this leading us into a new downturn in the market or will it, once it arrives, reignite the market? 2) Google makes 95% of its money (today) from advertising. The ads are posted next to the search results as everyone knows - which is better than merging them with the main results as some other sites do. But Google only gets paid when people click on the ads. Gaming that system when only google gets money isn't much fun. But now that a lot of people are about to become share holders, how long will it be before a few clever script writers do their thing and write something that searches for dictionary words and clicks on a link (and maybe even follows a couple of pages deep)? Google gets more money, the stock price goes up. The shareholders are happy. The only people who aren't smiling are the advertisers who pay more money for nothing. Who wants to bet that a future generation of viruses will take over your PC with a view to running scripts to drive up traffic on google? 3) The auction thing is novel and interesting. We've seen auctions before with the 3G spectrum. HM Treasury and some of their European neighbours think it was great, the phone companies have mostly taken some write-offs and the phone buying public have largely ignored it since it happened. This is different - this is eBay for stocks. I don't know whether such an auction will work on this scale. It seems to me though that more people will try and buy more stock than is actually available and so the price will be to the top end of the selected range. Others are then going to come in once the stock is trading and buy their share and push the stock up. That means there's a pop on the open. Maybe not a pop like the old days - who remembers Geocities and it's 500 or 600% one day gain? But a pop nonetheless. I'd bet on 50% maybe a bit more.

Monday, May 03, 2004

Angela Vivian

Just over a year ago, I wrote here "I had the good fortune this week to spend some time with Angela Vivian down in Somerset. Angela styles herself TOL, or "The Old Lunatic", although I'd see the world a much saner place if we all had half of her wisdom, energy and passion" I am deeply saddened to say that today Angela passed away after a very short battle against cancer. I spoke to Angela last only 10 days ago when she had heard, for the first time, that she was unwell and some urgent tests were required. At the time she was a little despondent - the news had come from nowhere - but she was a fighter. It seems though that no matter how strong you are, there are some things that you cannot fight. Cancer is a brutal illness that we are not doing enough to counter. I will miss Angela enormously. Once or twice a week she sent me a collection of press cuttings, always being careful not to send items from magazines or papers that she knew I read. She supplemented my inbox with enormous piles of information, always annotated with comments about the individuals concerned or the projects mentioned. Her words were often biting, but she spoke from the heart - it was her passion and ideals that she was defending. She sent so much that I could never keep up, so every couple of weeks I opened the envelopes and worked my way through them, knowing that inside each there would often be a card containing some pithy words. Where she found the time to do this - for I know that she sent such missives to many - I have no idea. I spoke to Angela once a week or so and had lunch with her at least once a month if I could, although recent events prevented me from seeing her for perhaps two months. I will forever regret the fact that I allowed business issues to get in the way of me spending time with someone who had the ability to fire me up and enthuse me with a desire to make a difference. I knew her too short a time. Angela made a difference. Wherever she went, she inspired people, she challenged them and she made us all wonder how she managed to posess the energy and commitment she did. After 40 years in the Inland Revenue, Angela started a second career as an evangelist; she wired up wedmore and, recently, unwired it. Angela used to write me a note after each meeting thanking me for the 1800 seconds or so that I had spent with her. She was so busy, seeing so many people, that it was she who carved up her day into 30 minute chunks. To most of us 30 minutes is an appropriate block of time but, for Angela, it was the seconds that mattered. How many of us can say that we manage our lives to make the most of every second? When I first met Angela she told me that her tag was "TOL", or the "the old lunatic". I told her that I wished I could be like her and so, she named me "TAL" or "the aspiring lunatic". I will continue to aspire, but everything in me tells me that I will never achieve the heights that she did. Would that I could contribute half as much to the world as she did.