Category: Main

Anomaly UK blog posts

Defence Information Infrastructure

Tim Worstall asked for help evaluating the performance, reported by The Sun, of the Ministry of Defence’s bit IT project, the Defence Information Infrastructure.   He thought the cost, in terms of total spend divided by number of terminals, was too high by at least an order of magnitude.

The Sun was reporting on the publication of the House of Commons’ Public Accounts Committee’s report into the project.  I always try to avoid drawing conclusions from newspaper articles when primary sources are available. (Also including the NAO report from last July)

The short answer is that the project is expensive, but Tim is mistaken in looking at it as fundamentally a big pile of desktop PCs.

The project is intended to put all of the Ministry of Defence on a “terminal” type  IT architecture, where  applications run on central servers, and data is stored only on central servers,  and desktop PCs are used to remotely access the servers.

This architecture has two huge advantages:  First, it allows data to be controlled.  If it never escapes the servers, but is only presented on the PC, the chances of data leaking out is much reduced, and the chance of large bulk data escaping is almost eliminated.  This is a great advantage in a commercial environment, and much more obviously so in the case of the MOD.

The second advantage is robustness – since every desktop terminal is effectively identical, alternative working areas can be prepared with a high degree of confidence that users will actually be able to use them when necessary.  There remains the necessity of replicated server facilities and data, but that, while not easy, is less hard than duplicating desktop configurations in an alternative locations.

These are valuable advantages, but there are drawbacks.  The demands on network infrastructure are much heavier than when applications run locally and communicate with central resources only when necessary to share or archive data.   The project involved installing new cabling in every MOD building, right down to shabby old TA  headquarters, and the unexpected difficulties of doing that were blamed for the long delays the project has experienced so far.

The other drawback is that, while software can be written to work perfectly well from a remote terminal, most common software isn’t.  The user experience is made marginally better by making software more responsive to the user’s incomplete action – things like highlighting buttons as the mouse moves over them, suggesting completions of words as they are typed.   These features tend to become obstructive over high-latency links, as by the time the user gets the “response” to a part-completed action he has already gone past that.   Also some of the graphical optimisations in the latest desktop systems (Windows Vista’s flashy effects and Linux’s X compositing extensions) work by communicating more directly with the graphics hardware – communication which is not generally possible over the protocols used for remote desktops.  The project included provision of customised general-purpose office software for word processing, messaging etc.  This also turned out more difficult than anticipated and resulted in delays.

Those points aside, the state of the project is not outrageous.  Despite the delays, it is not vastly over budget .

The increase in announced cost, from just under 6 billion pounds to just over 7, is not an overrun, it is caused by the department not announcing the full cost of the project until all of it is contracted – the last billion is for extra work that was always intended, but which was not included in what they said they were going to spend prior to the contracts being signed to spend it.  Not incompetence, just dishonesty “in accordance with normal practice” (p.Ev14 of the PAC report).

The relationship with suppliers seems to have been managed better than in the normal public-private car crash.  Of course the MOD has longer experience with large private contracts than other government departments.  The contractor is paid for delivery, so the 18-month delay has not increased the budget significantly.

Not that everything is rosy.  The system, according to Wikipedia, is built on Windows XP.  Now much as I hate Windows, I have to admit that it has one large advantage, that everybody is familiar with it.  But, in using it as a terminal, and running applications remotely, that advantage is lost.  Even if the server applications are running on Windows servers, using a Linux-based terminal is cheaper, more reliable, easier to manage, and more efficient.

Secondly, the system is installed for some users and running, but further work is needed to make it usable for information classified as Top Secret.  Security is not usually something that can easily be added onto IT systems – you can add capability to a system, but making it secure is not adding capability but taking away capability – the capability of doing the things you don’t want it to do.  It really needs to be designed in from the start.

Having said that, I must admit I don’t really know anything about the “I could tell you but then I’d have to kill you” stuff.  There might be some subtle point that makes me wrong about it.

The most significant question was the one asked by Austin Mitchell:  given the difficulty of these very large IT projects, are they really worth doing?    Sir Bill Jeffery’s reply was “Because there is business benefit in having a single infrastructure and in particular single points of access.”   This is undoubtedly true.  But is there seven billion pounds worth of benefit?  Given the proven risk of these projects going vastly over budget, it would need to be much more.  Large private-sector organisations tend to struggle on with a multiplicity of systems.  They complain about it, and make powerpoint after powerpoint of rationalisation plans, but in revealed preference the flexibility and safety of multiple systems seems to survive against the genuine benefits of single infrastructure.

Sovereign Debt

Rad Geek is overjoyed to see Ecuador default on its bonds.

He argues, entirely correctly, that there’s no moral case for a government to pay debts – it has no moral right to contract debts on behalf of the people.  Lenders who lend to governments are in the same boat as the contractors I was talking about the other day.  They’re doing business with a government, the name for which is “politics”.  They are therefore exposed to political risk.

He also points out the absurdity of the “debt forgiveness” movement.  Governments don’t have to pay any debts they don’t feel like paying, as Ecuador demonstrates.  Therefore if they pay, they want to pay.

Why would they want to pay?  Because they want to continue to participate in the system.  Bluntly, they want to be able to borrow more.

Felix Salmon has a somewhat different take on the situation.  By his account, we are not seeing a principled attempt to detach from the global financial system, rather an almost-random blundering by a corrupt government that doesn’t know what it’s doing.

Meanwhile, Greg Ip asks in the Washington Post whether the US is likely to default on its debt.  Would that be a victory for the people?  I’m not convinced that the Ecuadorean default will be any better for the people of Ecuador.

Statutory Instruments

Henry Porter writes about the vast powers that the government has taken onto itself via statutory instruments.

Fundamentally he is right,  and right to be concerned, but there are a few points:

This is absolutely not new, it has been going on for decades.  Like most of these things, it is getting worse.

Calling for laws to actually be passed as bills, getting parliamentary scrutiny, rather than being statutory instruments, is all very well, but falls a bit flat when you see that even laws that are passed as bills by Parliament still aren’t actually read or debated.

See also

Legislative Productivity

EconTalk

I prefer reading to listening, but the latest EconTalk is really good.  Russ Roberts and Steve Fazzari, with their very different views on macroeconomics, get right to the nub of the difficult questions about recessions and stimulus.

AGW and Libertarians

Via DK, a good post at safeism.com :

It’s a source of considerable frustration to me that so many otherwise clear thinking, charming and eriduite chaps, like DK, seem to have it as an article of faith that climate change is all a big con.

I too tend to cringe when I’m with a group of libertarians and anthropogenic global warming is dismissed by the group with a sneer or a chuckle.  Don’t they realize how that makes us look?  Getting over our ideas on economics is difficult enough, particularly in the current environment, without making ourselves look like freaks by standing against such a widely-accepted fact as Global Warming.
As La Bete says, libertarianism doesn’t need to rely on Global Warming being false.  It is perfectly possible to argue in the normal way that state intervention will be ineffective or counterproductive, to argue for mitigation rather than prevention, even.
So in strategic terms — and as Giles Bowkett said, strategy matters — leaving AGW theory alone would be the best bet.  Concentrate our fire elsewhere: on the economy, on civil liberties.
The problem with that is that, even if I want to believe in Global Warming, I still can’t.  The temperature records are made up, the computer models are a joke, the political motivation behind it all is blatant.   I could pretend to go along with it if there was a real chance of advancing the wider movement, but I’d still have my fingers crossed behind my back.
And of course there isn’t a real chance of advancing the wider movement.  We’re fringe and getting more so by the year.  Libertarian activism to me is about keeping the ideas and the lines of communication alive, so if opportunities arise in the unpredictable future, there will at least be something to build on.  Whether it’s a bunch of us reading each others blogs, or LPUK putting up a few candidates, or the ASI proposing limited and arguably counterproductive policies to the mainstream, at least it’s the skeleton of a movement.
Putting it that way sheds a different light on the Global Warming issue.  There’s at least a decent chance that in two or three decades, the warmists will be discredited, and people will be asking “how did we ever get fooled by that stuff?”.   And old man Anomaly will push himself up on his walking stick and say “here’s how, and I knew it all along, and I tried to tell you.  Incidentally, here are quite a few other things that everybody knows which aren’t true.”
Maybe it’s a long shot, but compared to what?  Compared to the LPUK forming a government?  Compared to growing an economically viable society with a high standard of living on offshore platforms?  Compared to an organisation that controls a third of the population deciding by itself that it’s too big and powerful?  Long shots are all we’ve got.

State Education

Having unleashed some nasty bouncers on the libertarian movement, Giles Bowkett follows up with a gentle long hop.

Libertarianism assumes the presence of many cultural conditions that cannot exist without pervasive free education. A Libertarian society would therefore lack the necessary pre-conditions of a Libertarian society.

Let’s accept for the sake of argument that we need people to be educated. That no more requires “pervasive free education” provided by the state, than we need “pervasive free food” to prevent us starving, or “pervasive free petrol” to move around. If something is that important, people will pay for it.

Ah, but private education is expensive – thousands of pounds a year. Yes and no. Because state education is free, private education is mostly aimed at those who aren’t too worried about price. But there are a lot of exceptions. Tens of thousands of children in the UK get private tutoring in addition to their schooling, and I’m aware of a number of cases where one hour a week of tutoring (at a cost of £25 or so) is enough to move a pupil from bottom of class to top of class in one or two subjects.

James Bartholemew claims that in the mid 19th century, before state education was introduced in Britain, “over 95%” of children got 5-7 years of education, mostly at charitable free or low-cost schools. I’d like to see his source for that, but I’ll probably have to buy his book, which I’ve never got round to doing.

(5-7 years isn’t a lot by modern standards, but it’s as much as was needed at that time. We’re a lot richer now, and could pay for more education if it were efficient and beneficial).

Modern education, as I’ve mentioned before, is expensive because it’s based around the idea of looking after the children, all day, every day. That’s for good reason, but not any reason to do with education. If you were trying to make most efficient use of teaching resources, rather than just allowing parents to go to work, six or seven hours a week would be sufficient for children to keep up the same standard as they currently do at school.

Of course, if we were to move to a cheap, efficient market-based education system, we would be left with the problem of what our children were to do all day. I would favour them working, at least from the age of 12 or so, but there are in fact many possibilities. We have a nasty coordination problem at the moment. Because everyone who cares about their children’s safety sends them to school, if they are not there, they are on their own, and at some risk. As long as children are together, doing something with some kind of adults involved, they are at least as safe as they are at today’s state schools.

Parliament Bound by Contract?

If I really cared about whether our democratic government was truly representative, I think I would be outraged by this story about the government locking in payments to suppliers for ID card contracts against a possible cancellation by the next government.

Ultimately, the next government could, I presume, pass a law saying that payments promised for ID card work were cancelled, and even that payments previously made could be reclaimed. Traditionally, parliamentary sovereignty meant that was possible.

Would that be a good thing? While I suspect that the contracts in question are being written as a kind of “poison pill” to sabotage Tory policy, it is legitimate that a business could seek up-front payments or guarantees to cover the setup costs of the work they are undertaking to do. A company that was faced with the loss of payment for work it had already done because an election had changed the government’s policy would have a very legitimate cause of complaint.

The opposition could mitigate the injustice by giving good notice – now – of what they intended. That is made more difficult by the claim of “commercial confidentiality” made regarding the terms of the contract.

My line on this is that when a government signs a significant contract with a business, then it is not a matter of commerce, it is a matter of politics. It is, if not nationalisation, then at least something which is of the same kind as a nationalisation, but of different degree.

Therefore the ongoing dealings between the government and the supplier are a matter of politics not of commerce. If nullifying the contract is good politics but bad commerce, then it is what should happen. If the supplier doesn’t like it, they shouldn’t have got involved in politics. Furthermore, hiding the details of the contract on grounds of “commercial confidentiality” makes a mockery of democracy even by my loose standards.

I would also add that this sort of thing: Public Private Partnership and use of contractors in general, is a prime example, probably the best example on this side of the pond, of what Giles Bowkett was talking about. It’s the kind of policy which looks, if not exactly libertarian, at least sort of halfway libertarian. It was supported, at least at the beginning, by the likes of the ASI and the IEA. And because it’s a compromise, and because the nature of the political landscape means inevitably that what it was a compromise with was corporate interests – in this case the corporate interests of the consultancies that get paid for work like the ID card project – then as a result it’s the sort of policy where half-way is much worse than nowhere.

If we were back in the 1970s when the only way to do this sort of system was to hire thousands of civil servants to develop it, we would be better off. Outsourcing gives us none of the benefits of the private sector, but a whole lot of extra cost in corruption and obscuring of the truth.

Finally, I suspect that the Tories, even if they had the balls, could not void the contracts as I have described. The suppliers would be straight off to the EU to cry foul. The brief alliance of Thatcherites and Eurocrats in the 1980s that gave us the single market have stripped the voters and their representatives in parliament of the power to do that.

Obama's Honeymoon

When I started here, my first point was that the tension between the US and Europe was not about Islam, and not about George W Bush, but was a deeper conflict of vision that was surfacing after being hidden by the cold war.

As Bush Derangement Syndrome took hold, it became even easier to misunderestimate the nature of the disagreement.  The new president has a style very much more to the taste of European elites, and so the concrete basis of the divergence in outlook is going to become more obvious.

I think Barack Obama’s honeymoon in the European media is going to last for weeks, not months.  What I didn’t expect, however, is that Bush would be rehabilitated.  But see this piece in the BBC, explaining (quite reasonably) that the financial crisis cannot be blamed on Bush.

The falling-out with Obama will be quite different from any disillusionment that Obama’s supporters in the US may suffer as expectation meets reality.  The European media are enamoured by Obama’s personality, and had a particular antipathy to Bush, but they have no concrete policy expectations for the new administration to be disappointed by.  The material disagreement between the US and Europe will carry on exactly unchanged.

Email Security

Apparently as of March the government will be requiring ISP’s  to keep email traffic for a year for use by police and security services.

Yes, it’s another of those cases where we have to work out whether we’re more appalled by the government’s viciousness or by its stupidity.

Here’s a little primer in email for novices and government ministers:

The Internet, the Web, and email are three different things.  The internet is a network that can carry data.  The Web is a lot of servers which provide hypertext and media over the internet in response to requests.  Email is an addressing system and message format by which messages can be sent between users over the internet.

ISPs provide internet service.  Sometimes they also provide web or email services over the internet as an add-on, and sometimes they don’t.

It is quite possible to send and receive email messages without one’s ISP even being aware of the fact.  Indeed, most people do.  If you have a large site, you probably run your own email servers.  You emails go over your ISP’s internet service, but do not use your ISP’s email service, even if it has one.

Conversely, if you use webmail, your email does not reach your network in the form of messages – only web pages.  Your messages originate or terminate with your webmail provider, who may well not even be in this country.

Only if you use the old-fashioned POP3+SMTP setup, or  your ISP’s  webmail service, will your ISP see your email as email.  In some cases it might be possible for them, by searching your entire network traffic, to identify and extract  email from your network flow.  That involves a whole lot of processing that they would otherwise not need to do.

If you use an offshore webmail provider, they can’t even do that, because the traffic between you and the webmail provider is encrypted.

I don’t actually know whether Google, Yahoo and Microsoft, the biggest webmail providers, have mail servers in this country.  I suspect not.

Note that if you use email encryption, as I recently recommended, you are still leaving a trail of who you sent mail to and when.

Attempts to get email out around inspection (without using webmail) are handicapped by measures taken to prevent spam.  It is quite possible to send mail in the same way a large site does – your mail software uses DNS to locate the recipients’ mail servers, and then sends them the mail directly.  However, many ISPs for residential users filter out direct email of this sort, and many recipients spam filters refuse it if it has come from a residential ISP network.  This compromise of the end-to-end principle came in some years ago, and did little harm at the time, but as governments become more nosy, the requirement to pass all emails to your ISP’s SMTP server is more of a problem.  It just goes to show how compromising important principles usually has a cost in the long run.

I don’t know how well-provided the world is these days with anonymous remailers – they were all the rage fifteen years ago.  It might be possible to use TOR to get email out of the local ISP network securely – I will be investigating both these avenues over the next few days.

None of this is because I have anything to hide in my email traffic.  As I explained previously, the problem is that if in a year or ten years I do, it will be too late.  These channels are awkward to set up, and they have to be done ahead of time.

GPG key is linked to from the sidebar.  Ideally you should get me to confirm the fingerprint in person.  I carry it around with me, so if you meet me it’s easy to do.