I'd love to watch a "Disaster Class" instead of a "Master Class" on a variety of topics. The learnings about what went wrong are often more valuable than about what went right.
There are a few. There's one called 'crash' but I can't find it now, a bunch of case studies of IT failuers. It wax pretty much the same underlying story repeated over and over and over...
BBC's Panorama[1] may qualify. One recent episode includes the IT bungle[2] at the retail company connected to the recently privatised Royal Mail which lead to dozens of false fraud convictions and hundreds of jobs falsely lost by firing with supposed cause or stress over accusations. The show goes back to 1953.
Finally an article that doesn't just say "Centralised bad, decentralised good, because Apple / Google say so", but actually explains the advantages of the centralised model.
I agree that it's probably not worth the privacy trade offs, but I don't think it's as absolutely clear cut as most of my filter bubble seems to think.
I completely agree - I came into it against the centralised model on principle but after reading their whitepaper I actually think the benefits may slightly outweigh the negatives.
The app has to actually work for a high enough proportion fo cases, though.
True, and I would not trust it if I had a phone that could run it. It's not trust in the app but in the government.
I recall some dickhead politician being asked about security of a centralised app, his response was "GDPR would take care of that". Because hackers care about that kind of thing.
Honestly this uk government is so bloody inept. When you want theresa may back, that tells you something.
Centralized models would be more palatable if the keys to the kingdom were stored with an NGO.
There's too much temptation for governments with poor privacy track records (and that's where they're even trying) to stick their hands in the cookie jar for other purposes.
The explanation of the trade offs by Ian Levy (Technical Director of the UK National Cyber Security Centre, not the UK MP with the same name) was actually very well put, but few newspapers over here in the UK even seem to have read it or deliberately ignored it.
Apparently the particular decentralized API exposed by Google and Apple might have some limitations in terms of being able to accurately estimate things like the distance between people compared to using Bluetooth directly too, which is a bit of an issue: https://www.bbc.co.uk/news/technology-53095336
That was the excuse given by Matt Hancock but it's almost certainly bollocks.
Google has 7,000 people working on maps, Apple has 4,000 people working on maps, is it really possible that a few app developers assembled by the tories (who have a track record of failure and lies) have stumbled upon a more accurate way to calculate the distance between devices than the 11,000 people that work on these problems full-time have ever managed?
From the article:
> The centralized approach would allow much more data analysis
If this was really a benefit, I'd expect the journalist would have been briefed on the beneficial outcome of the data analysis, rather than just "more data analysis".
There have been quite a few articles on the benefits. For example the central model would allow the NHS to quickly spot a spike in cases in Town X - a pretty important benefit.
The independent Covid Symptom Study app from Kings College, already on 3 million UK phones since March, took three days to write and largely would do that if it was more publicised by the government.
The NHSX app tried to do too much — trying to collect centralised data when one key function didn't need to be centralised was always going to be an issue when trying to get people to install it in large numbers.
Smaller samples are enough for population surveys, while high percentages are needed for the track and trace function. Mixing up the two into one app has doomed this project.
Doesn't it mean: there just aren't enough tests for this to be worthwhile?
[Edited to add: I re-read the article and - yes, it means there is not enough testing capacity. Limiting case detection to the number of tests you have available is absolutely not a benefit, unless you are a government trying to obscure the truth, perhaps]
No, you have still misunderstood. The NHS model collects more data than the google/apple one. The idea was that that additional data would allow limited testing capacity to be used more efficiently. For example, false positives for outbreaks would easier to detect, as well as wider trends.
Also, it's not just tests that are short, but contact tracing resources. Basically, when you shut down a business or location due to an outbreak, you want to be as precise and accurate as possible - to do otherwise will cost the affected too much, and they'll start to ignore the contact tracing system entirely.
We'll probably never know now if there was an actual benefit to the NHS's proposal, but it seemed at least plausible.
There's already a "COVID-19 Exposure Notification" in the Settings>Google menu on my Android. AFAIK the same exists on Apple. I'm at a loss as to why they don't just say in the daily briefing "turn it on please". Develop what you want in the meantime, but it'd go a long way towards something.
EDIT: missed it had to be turned on... Thanks for the replies. Fingers crossed we get something that uses it ASAP.
The NHS could take and rebrand the open-source German-developed app. Unfortunately solutions like this are presumably quite politically unpalatable to the present government.
I think that's just the UI to enable the bare API, you still need an app that uses that API?
Kind of like enabling location won't give you a map, you still need a map app to use that location. (For example).
That said, the efforts of other countries shows had they gone with that API in the first place they would perhaps have something running by now, rather than insisting on going their own way because they wanted the data centralised.
I did not know this. As a matter of fact, I still do not know why Google isn't making this more known. I have not received any push notification or anything of the sort !
They haven't publicized it because it doesn't actually do anything until you have an app that makes use of the API. If it's not turned on, the app will prompt you to turn it on when you install it.
I live in germany, where the app is already released -- the settings panel shows a list of installed apps that use the API, but the app is responsible for the synchronization of the randomIDs with the server, notifications, etc.
Rightfully so, there's a reason why the IOS and Android developers disallow user-installed apps (non rooted) from doing things like bluetooth proximity contact tracing, beaconing and similar features.
The exact same functionality could be highly misused by a popular flappy-bird type app that tricks people into installing it.
The word "mismanagement" assumes it was meant to work. It wasn't. It was a bung to one of Cummings' mates to make an app to gather information on us, which didn't work, because people knew who it was from and didn't trust it. It was never meant to work. Just like the track and trace call handlers they "employed" to do nothing with no training, not meant to work. It's all about syphoning money off to their mates and the Russians.
I think you're getting downvoted by people who don't have the contextual information
Boris has been sitting on a report into Russian influence and he is refusing to release it because apparently there's nothing in there.
Dido Harding has links to the Tory party and was in charge of the Talk Talk data leak scandal, and has been put in charge of the track-and-trace programme in the UK.
They have given all of our NHS data to Palantir for no observable gain to UK citizens.
New corruption stories about the Tories are appearing almost daily in UK media.
Not sure why you would think that. I've worked in government before and seen contracts awarded to companies that had no chance of completing them. The intention was invariably to line a friend's pockets and book lots of consulting hours.
> Dido Harding has links to the Tory party and was in charge of the Talk Talk data leak scandal, and has been put in charge of the track-and-trace programme in the UK.
Some more context to this: England already has an excellent system for track and trace. Not for covid-19, we fucked that up. But for sexual health we have excellent work being done across the country by public health departments. These were split off from the NHS some time ago, and now they're funded by local authorities so they're struggling to cope with over a decade of austerity. But it's still a weird decision to not make use of that expertise and pull Harding in. Her work at NHS Improvement[1] is good, but she's had very little contact with public health work.
No, I downvoted (and flagged) the comment because unsubstantiated conspiracy theories have no place on HN. The Russians? Seriously?? Haven’t we had enough of that with 3 years of Russiagate in the US? Haven’t Russian spies attempted to assassinate someone in the UK just recently? But no, obviously the UK PM is a Russian agent.
The parent poster is not claiming that "the UK PM is a Russian agent", please assume good faith. If the report contains something that makes Johnson or someone in his government look bad, holding it back makes him corrupt, not a Russian agent.
They’re claiming PM is siphoning off money to the Russians, implying common interest which is against the interest of the UK. “Russian agent” is the correct summary of that.
I didn't make any claims, I informed that the PM has a report into Russian influence and is refusing to release it. I didn't make any implications at all.
Maybe "it didn't matter if it didn't work" is a better was of putting it. The UK's COVID-19 repsonse has been PR driven - a constant stream of headlines to fight public opinion fires, with a sprinkle of corruption thrown in where possible (there will be plenty more of this to find when the dust settles).
None of this sounds like public health driven leadership to me:
- Hancock's test target was miraculously hit - bending his own rules to boost the figures (and wasting thousands of testing kits in the process)
- Dido Harding trumpeted as a tech heavyweight brought in to deliver a futuristic solution - despite famously claiming after her company's massive data breach "It wasn't encrypted, nor are you legally required to encrypt it. We have complied with all of our legal obligations in terms of storing of financial information.", and sitting on the board of the Cheltenham Festival which opened it's doors to 260,000 people just days before lockdown.
- Dominic Cummings publicly supported by all senior government politicians for breaking the public health guidelines they created
- Rebranding the coronavirus messaging without consulting the behaviourhal psychologists on the governement's own SAGE committee - resulting in unaccessible unactionable nonsense
Except none of that is actually true - they're just made up smears and conspiracies. Be careful what news sources you consume.
The NHS "centralised" app would have worked and worked fine IF they could have made the Bluetooth feature it relied on work properly. But this was always going to be impossible given what every mobile app developer already knows about the platforms. Whilst the NHSX app did have some ingenious ideas in it - it was not enough to get around the platform limitations enough to provide a working solution.
People were talking about the platform limitations right at the beginning, it was foolhardy to go forward with it.
The only reason I can think they were pressing ahead was to collect all the extra data that this approach would have yielded (if it was actually going to work - which it wasn't).
It's a good article but it's a bit confused in its use of terms.
They talk about an "NHS app", but this wasn't developed by "the" NHS nor under the control of the NHS, it was developed by private companies for the Department of Health and Social Care.
This is important (for people who live and vote in England) because the NHS was saying all along that this wouldn't work and that we should just use the Google and Apple method. It was government, not NHS, who decided against that and chose to outsource development to private companies.
Where is the source code repo, the other was public?
It would be nice to know how many actual developers are working on it, what the money is actually paying for.
Note this may not include other services involved in the supply of the app, eg. pen testing etc has been granted in a separate £200k single-bidder contract.
Though it's not clear if that is for the new app, the old one, or both.
Just the contact tracing app? All of UK politics over the last decade or so is the context within which this is just a very small line item. One own goal after the other.
> "Meanwhile, officials were looking for glory (and even knighthoods), and ministers were focused on rolling out a “world-beating” app, rather than just a successful one, so that they could claim victory on the world stage."
This is the lede. Technology issues aside, the problems started here. It's a false narrative that the idea the technology and the makers that use it are to blame.
Too many inflated egos and too much ambition have undermined more efforts than any other factor.
"How do you conquer the world? One country at a time."
They’re insane. At the time they started using the phrase “world beating”, we were already “behind” other countries in containment, PPE, infection rate, death rate.
58 comments
[ 3.7 ms ] story [ 125 ms ] threadhttps://www.bbc.co.uk/programmes/b006t14n
https://en.wikipedia.org/wiki/Horizon_(IT_system)
I agree that it's probably not worth the privacy trade offs, but I don't think it's as absolutely clear cut as most of my filter bubble seems to think.
The app has to actually work for a high enough proportion fo cases, though.
I recall some dickhead politician being asked about security of a centralised app, his response was "GDPR would take care of that". Because hackers care about that kind of thing.
Honestly this uk government is so bloody inept. When you want theresa may back, that tells you something.
There's too much temptation for governments with poor privacy track records (and that's where they're even trying) to stick their hands in the cookie jar for other purposes.
Whether that is enough protection is a fair debate.
https://www.ncsc.gov.uk/blog-post/security-behind-nhs-contac...
I think part of the problem with it is that the beginning is a bit of a long winded intro, but the technical details later are really good.
Google has 7,000 people working on maps, Apple has 4,000 people working on maps, is it really possible that a few app developers assembled by the tories (who have a track record of failure and lies) have stumbled upon a more accurate way to calculate the distance between devices than the 11,000 people that work on these problems full-time have ever managed?
If this was really a benefit, I'd expect the journalist would have been briefed on the beneficial outcome of the data analysis, rather than just "more data analysis".
The NHSX app tried to do too much — trying to collect centralised data when one key function didn't need to be centralised was always going to be an issue when trying to get people to install it in large numbers.
Smaller samples are enough for population surveys, while high percentages are needed for the track and trace function. Mixing up the two into one app has doomed this project.
Seems a pretty clearly spelt out to me.
Doesn't it mean: there just aren't enough tests for this to be worthwhile?
[Edited to add: I re-read the article and - yes, it means there is not enough testing capacity. Limiting case detection to the number of tests you have available is absolutely not a benefit, unless you are a government trying to obscure the truth, perhaps]
Also, it's not just tests that are short, but contact tracing resources. Basically, when you shut down a business or location due to an outbreak, you want to be as precise and accurate as possible - to do otherwise will cost the affected too much, and they'll start to ignore the contact tracing system entirely.
We'll probably never know now if there was an actual benefit to the NHS's proposal, but it seemed at least plausible.
EDIT: missed it had to be turned on... Thanks for the replies. Fingers crossed we get something that uses it ASAP.
Kind of like enabling location won't give you a map, you still need a map app to use that location. (For example).
That said, the efforts of other countries shows had they gone with that API in the first place they would perhaps have something running by now, rather than insisting on going their own way because they wanted the data centralised.
I live in germany, where the app is already released -- the settings panel shows a list of installed apps that use the API, but the app is responsible for the synchronization of the randomIDs with the server, notifications, etc.
The exact same functionality could be highly misused by a popular flappy-bird type app that tricks people into installing it.
Boris has been sitting on a report into Russian influence and he is refusing to release it because apparently there's nothing in there.
Dido Harding has links to the Tory party and was in charge of the Talk Talk data leak scandal, and has been put in charge of the track-and-trace programme in the UK.
They have given all of our NHS data to Palantir for no observable gain to UK citizens.
New corruption stories about the Tories are appearing almost daily in UK media.
https://www.theguardian.com/politics/2020/may/27/richard-des...
https://www.dailymail.co.uk/news/article-8416475/Boris-Johns...
https://www.businessinsider.com/boris-johnson-russia-report-...
https://www.independent.co.uk/news/uk/politics/dominic-cummi...
the above is just a selection. I don't believe Hanlon's razor applies to the Tories.
Even if the contract was awarded unfairly through the old boy’s network, the intention was still for it to work.
Not sure why you would think that. I've worked in government before and seen contracts awarded to companies that had no chance of completing them. The intention was invariably to line a friend's pockets and book lots of consulting hours.
Some more context to this: England already has an excellent system for track and trace. Not for covid-19, we fucked that up. But for sexual health we have excellent work being done across the country by public health departments. These were split off from the NHS some time ago, and now they're funded by local authorities so they're struggling to cope with over a decade of austerity. But it's still a weird decision to not make use of that expertise and pull Harding in. Her work at NHS Improvement[1] is good, but she's had very little contact with public health work.
[1] Now NHS England + Improvement
None of this sounds like public health driven leadership to me:
- Hancock's test target was miraculously hit - bending his own rules to boost the figures (and wasting thousands of testing kits in the process)
- Dido Harding trumpeted as a tech heavyweight brought in to deliver a futuristic solution - despite famously claiming after her company's massive data breach "It wasn't encrypted, nor are you legally required to encrypt it. We have complied with all of our legal obligations in terms of storing of financial information.", and sitting on the board of the Cheltenham Festival which opened it's doors to 260,000 people just days before lockdown.
- Dominic Cummings publicly supported by all senior government politicians for breaking the public health guidelines they created
- Rebranding the coronavirus messaging without consulting the behaviourhal psychologists on the governement's own SAGE committee - resulting in unaccessible unactionable nonsense
etc. etc.
The NHS "centralised" app would have worked and worked fine IF they could have made the Bluetooth feature it relied on work properly. But this was always going to be impossible given what every mobile app developer already knows about the platforms. Whilst the NHSX app did have some ingenious ideas in it - it was not enough to get around the platform limitations enough to provide a working solution.
The only reason I can think they were pressing ahead was to collect all the extra data that this approach would have yielded (if it was actually going to work - which it wasn't).
How about 10 - 12 billion GBP (depending on who you ask) for a National Health Service computer system that never worked and was never delivered.
https://www.theguardian.com/society/2013/sep/18/nhs-records-...
https://www.independent.co.uk/life-style/health-and-families...
https://www.henricodolfing.com/2019/01/case-study-10-billion...
They talk about an "NHS app", but this wasn't developed by "the" NHS nor under the control of the NHS, it was developed by private companies for the Department of Health and Social Care.
This is important (for people who live and vote in England) because the NHS was saying all along that this wouldn't work and that we should just use the Google and Apple method. It was government, not NHS, who decided against that and chose to outsource development to private companies.
Nice work if you can get it.
Where is the source code repo, the other was public?
It would be nice to know how many actual developers are working on it, what the money is actually paying for.
Note this may not include other services involved in the supply of the app, eg. pen testing etc has been granted in a separate £200k single-bidder contract.
Though it's not clear if that is for the new app, the old one, or both.
https://ted.europa.eu/udl?uri=TED:NOTICE:280701-2020:TEXT:EN...
This is the lede. Technology issues aside, the problems started here. It's a false narrative that the idea the technology and the makers that use it are to blame.
Too many inflated egos and too much ambition have undermined more efforts than any other factor.
"How do you conquer the world? One country at a time."