It's hard not to demand that people need to go to prison for this. It's absolutely outrageous how all the bad actors have got away with this horror show.
Not just "got away". Paula Vennell was chief executive officer of Post Office Limited from 2012 to 2019. She routinely denied there were problems with its Horizon IT system including to a Parliamentary Select Committee.
> I am truly sorry we were unable to find both a solution and a resolution outside of litigation and for the distress this caused.
She was awarded a CBE in 2019 "for services to the Post Office and to charity"
One way would be to place responsibility and retribution where it is due. We can happily send someone to prison for 12 years for driving dangerously, but allow people who caused multiple deaths, mental breakdowns and more to get away scott free. It's disgusting.
Sadly, this is British Justice in action again. Alleged perpetrators circulating in certain levels of British society are apparently exempt from punishment, no matter what the crime. I doubt that Paula Vennell in her exalted position will ever receive any meaningful punishment, and likewise, I assume that Fujitsu will still somehow manage to retain attract clients. Would you buy/licence a system from them?
This is a good article for HN because it features quotes from one of the senior developers
To my knowledge, no one on the team had a computer science degree or any degree-level qualifications in the right field. They might have had lower-level qualifications or certifications, but none of them had any experience in big development projects, or knew how to do any of this stuff properly. They didn’t know how to do it.
Our source said the big flaw in Horizon was the way data was being written to Riposte.“Riposte wasn’t really a database, it was a messaging system based on an XML structure where you write messages down into the message store, and then Riposte took care of replicating them,” he said.
“The first thing that you should always do with a system like that is design and agree a data dictionary and a message library repository, basically to say: these are the messages that are allowed to be written to the message store and they all provide the following function.
“It’s almost like an API [application programming interface] so that you have a list of allowed messages that can all be written to the correct format with the correct content.
“You should also have a layer of software that lies on top of the message store that checks that any application above it which is trying to write a message, conforms to the agreed data dictionary. Otherwise, you can just write freestyle to the message store, which is what they were doing. There was no application interface in there, no agreed data catalogue or anything.”
...
He concluded: “It was a prototype that had been bloated and hacked together afterwards for several years, and then pushed screaming and kicking out of the door. It should never have seen the light of day. Never.”
9 comments
[ 4.8 ms ] story [ 35.0 ms ] thread> I am truly sorry we were unable to find both a solution and a resolution outside of litigation and for the distress this caused.
She was awarded a CBE in 2019 "for services to the Post Office and to charity"
To my knowledge, no one on the team had a computer science degree or any degree-level qualifications in the right field. They might have had lower-level qualifications or certifications, but none of them had any experience in big development projects, or knew how to do any of this stuff properly. They didn’t know how to do it.
Our source said the big flaw in Horizon was the way data was being written to Riposte.“Riposte wasn’t really a database, it was a messaging system based on an XML structure where you write messages down into the message store, and then Riposte took care of replicating them,” he said.
“The first thing that you should always do with a system like that is design and agree a data dictionary and a message library repository, basically to say: these are the messages that are allowed to be written to the message store and they all provide the following function.
“It’s almost like an API [application programming interface] so that you have a list of allowed messages that can all be written to the correct format with the correct content.
“You should also have a layer of software that lies on top of the message store that checks that any application above it which is trying to write a message, conforms to the agreed data dictionary. Otherwise, you can just write freestyle to the message store, which is what they were doing. There was no application interface in there, no agreed data catalogue or anything.”
...
He concluded: “It was a prototype that had been bloated and hacked together afterwards for several years, and then pushed screaming and kicking out of the door. It should never have seen the light of day. Never.”