Wednesday, November 28, 2007

UK ID card: it gets worse

Not only are the UK government pressing ahead with their identity card project, despite the recent blunders in which personal identity information for millions of people were lost, but they seem to be planning to share the identity information around:

Tories: Europeans could get access to UK ID database | The Register

A centralised identity card system is a bad idea because:
  • Hugely valuable data (in monetary terms) would be concentrated in one place.
  • Technical failure is inevitable. Such a system will be cracked and/or spoofed.
  • Social failure is inevitable. People granted access to the data as part of their job will either "lose" the data (as happened recently with the HMRC losing 25 million records) or will take the data for personal gain. The Stork system described in the above article makes this risk many times higher.
The only winners in this mess will be those selling the components of the proposed system to the government. They stand to make billions.

Tuesday, November 20, 2007

UK ID card data just as safe?

The UK government have "lost in the post" sensitive information about tens of millions of people:

BBC NEWS | UK | UK Politics | Tories tell Darling 'get a grip'

A national ID card system would be worse than useless even if the people safeguarding the data could be trusted, but this most recent cock up is a clear indication that having sensitive personal details for everyone in the UK in the ID card system would be far too risky.

Oh, and now we have an attempt to secure the stable door after the horse has bolted:

BBC NEWS | UK | UK Politics | UK's families put on fraud alert


Monday, November 19, 2007

Slaps talk in Sydney tomorrow

If you are interested in LDAP or in Smalltalk or want to see both in action together with a walk through of ASN.1 and how to monitor TCP/IP traffic using a Smalltalk bridge ...

I will be giving a talk about Slaps for the Australian Computer Society (ACS) tomorrow evening. Details are on the ACS website.

Should be fun :-)

Tuesday, November 13, 2007

May I have a patent on top of that copyright please?

Here is an example of why EU legislators need to clearly restate that software ideas may not be patented:

Court date for challenge to 'new' patent rules | The Register

The EU legislators said that software ideas may not be patented, but the EPO blundered and let through (granted a patent on) some firmware a few years ago. This has opened the flood gates to companies like those in the article that want to have patent protection for their software ideas as well as copyright protection for the implementation of those ideas. The EPO blunder is touted as "patent law" (case law) by those who want to be able to patent software ideas, as we see from the lawyer in the article:
"A lot of people think there is no problem here because disks and downloads are protected by copyright," noted Nicholas Fox of Beresford & Co, the lawyer working for the four firms. "That is just not true. Copyright protection only protects code against copying. In contrast, patent protection enables a company to monopolise an invention even if competitors independently come up with the same idea."
Right. "A lot of people" here includes the people who wrote the statute law to exclude software from being patented.

For now I hope that the UK courts are able to stick with the original intent of the legislation and that this challenge is thrown out.

Smalltalk ANSI gets rolling - join in!

Work is now well under way to get the Smalltalk ANSI standardization process restarted. We have a mail list up and running and Paolo Bonzini has set up a wiki for the project.

We already have the Smalltalk vendor companies involved, and that is very important. What we also need are people who use Smalltalk as an application programming language. If you are on a project that uses Smalltalk then I suggest that you have a member of that project sign up to the ANSI Smalltalk list. If you want Smalltalk to do what *you* need in the future then you need to get involved now.

One of the valuable things that ANSI provides is a structured way of forming a consensus. While we can (and do!) have very illuminating discussions on our mailing lists and on comp.lang.smalltalk, it is hard to turn the resulting ideas into something that everyone can use. The ANSI process lets us do that.

It will be free to participate in the debates and in informal voting. Formal voting will require formal membership of the ANSI INCITS project and that is not free. Perhaps your company could support a member of your team on the formal committee?

Tuesday, November 06, 2007

Australian Elections: Who's who?

I will be voting in the upcoming federal elections in Australia and I would like to know something about the candidates in my Sydney area, but I'm living in London so what can I do?

The Australian Electoral Commission (AEC) have a website showing the name, occupation and party allegiance of each candidate, but nothing there helps me to find out what the individual is actually standing for. Not even any contact details.

I wrote to the AEC asking how I could get contact details for the candidates in my division and got the following:
The information you require is available on the AEC website. All contact details of the candidates has been posted on the website.
Really? I wrote back including a link to the page listing the candidates in my state and also cut and pasted the section for my division. Where, I asked, is this contact information? The AEC responded:
Contact details for candidates are not available to the Australian Electoral Office. You will need to contact the party concerned for contact details. sorry for any inconvenience.

But apart from giving me bad information in the first place, just how am I supposed to make an informed choice in this election if the electoral officials can not, or will not, allow voters to know more than the name, job and party of the candidates? What about independent candidates?

I certainly hope it is not true that the "Contact details for candidates are not available to the Australian Electoral Office". I mean, how would they tell a candidate if they happened to win?

This nonsense does rather seem to favour the position that as a voter you are not really voting for an individual representative, rather you are voting for a party. After all, why would you care which party minion gets the seat in your division?

Well I do care, and I think that the AEC are letting the electorate down very badly in this regard.

Thursday, November 01, 2007

More Microsoft "interoperability". Beware.

Having demonstrated over the years their disdain for standards and the standards process, Microsoft are embarking on another "helpful" exercise. This time they want to make ECMAScript (aka JavaScript) work consistently on all browsers:

Microsoft to search browsers for JavaScript compatibility | Reg Developer

And rather than move their product to fit the standard, they want to extend the standard to meet their product.

It's like Deja Vu all over again.