Catching The Cat


On the subject of encryption that’s getting so much press, one of my friends asked me what the PM was thinking. While we don’t actually call each other up and thus I have no idea what’s she’s thinking at any given moment, I may have an idea of how she’s thinking:

Simply put I suspect it’s a call for options. When you come up against an intractable problem you begin with an impossible answer. It’s an old methodology.  One that most of us were taught in school because we grew up before we could Google for everything. To get people out of their comfort zone you have to push them in unreasonable directions. I expected various technology groups to come up with options but so far all we have is people screaming and making a lot of noise.

One of the best ways to stop insurgents operating in this or any country is to disrupt communications – that’s hard to do because of encryption.

Encryption is the mainstay of much of geopolitics, commerce and humanity from the dawn of the common era. It’s is a boon and a curse. Over the last fifty years we have become extremely dependent on it and its usefulness. However, all these technologies of today were invented in isolation from reality in a past sure of the goodness of all men.

The problem is that those charged with developing these protocols have become used to the constraints of the technology and we need to think beyond them. At one time these technologies were the privilege of the developed world. However as ubiquitous technology opens the doors to more and more people our enemies use these techniques against us. The answer so far from the technology community is “it can’t be done”, where “it” refers to back doors in encryption. That’s not an acceptable answer because it’s not addressing the question.

When the government drafts an outrageous bills it’s looking for constructive responses. It’s asking for more effort from the subject matter experts to evaluate the real objectives.

The very idea of encryption is because we don’t trust anyone. Thus it’s impossible to accept that we should allow those who work against us to use our own technology against us.

While the ultimate decryption key is a sharp knife to a nerve cluster, that kind of behavior applied wholesale leads to a dark and dismal future and isn’t always a viable option. We’re still waiting for our technology experts to come up with an answer but many seem so enamored with their toys they can’t see past them.

Encryption is a tool.

A tool is used to execute an answer to a question.

The question is Security.

Isn’t it?

There’s an interesting blog post by Mythic Beasts on why encryption is vital. They seem to be missing the point. Everyone knows encryption is vital to the continued economic deliverable of the Internet as well as basic technology security.  While this blog post is an obvious political statement, we were rather hoping for options. Turning around and telling the wider society that the cat is out of the bag and that’s just tough is a stupid and arrogant thing to do. We’ve unleashed this double edged sword and we can’t put it back in the sheath but we must have more of an answer if we’re not to look like complete idiots to the rest of society. Like a child that spills their milk but just pouts and won’t clean it up.

When we look for an unreasonable answer this kind of response isn’t wan’t we’re expecting from people who should know better how to handle intractable problems.

So far there’s been little option provided which seems to suggest everyone is happy with the knife and nerves option.

Which is dumb.

So here, in clear and plain terms, is the question:

Given that encryption is easy to acquire and utilize, given our enemies have the access to same technologies as us, what are the options available to our society to ensure we are able to disrupt encrypted command and communication channels our enemies use whilst maintaining our freedoms to use it?

We all know we can’t put the cat back in the bag. I refuse to believe that a trillion dollar discipline such as ours can’t come up with some feasible answers that don’t involve the road to perdition.

If this is too tough a question for us, perhaps we’re not really worth the fuss.

Personal Responsibility, Privatization and the NHS


We can’t keep expecting any public service to absorb any and all demands made of it. We can’t keep expecting the public purse to keep pouring money into services at whim. That’s just not how a country works or grows. We can’t keep raising taxes to pay for run-away demand. We’ve been treating public service as if they’re in the same world as they were created in. They aren’t.

To my mind there are three things at play here:

Firstly, many of the NHS staff are outstanding. I have yet to run into clinical staff that are bad.  Even the junior doctor who managed to prod my abscess like it was a lift button wasn’t bad. You just can’t do that job effectively year after year if you don’t care about what you’re doing. Nurses in particular do an amazing job on the whole.  There are bad apples in the medical profession just like there are in any profession but being a public service it’s harder to get rid of bad staff when you’re already short staffed. Some effort being better than no effort.

Secondly, the NHS infrastructure is, for the most part, outdated. Sure, many hospitals build extensions, patch problem areas, build shiny facades but actually underneath its old and failing. Rectifying this will cost a great deal of money.  I’ve had to spend some time with a relative recently in a hospital which has a nice shiny new centre but where the main building needs attention. Most hospitals and care centres need to be relocated and rebuilt. They’re now in the wrong place and can’t grow. There isn’t the money for that in the public purse.

Thirdly, there is not accounting in any of the published reports for personal responsibility. It seems that we are suggesting that no matter how we behave, what risks we choose to take – the NHS should “just be there” like mommy and daddy to make it all better. It’s time to ask why we think that’s ok.

To the question of why I support privatisation:

  • We need to be able to manage, rate and reward staff better. Bottom line, shit performing staff should be canned. Excellence should be rewarded. Mediocrity nurtured to grow. This is hard to do in the NHS because of various issues. By the way, this goes for all jobs, just turning up doesn’t count. Business knows how to find, train, invest in and exit staff.
  • We need to rebuild our health service infrastructure. Hospitals built in the 1970’s are in the wrong place now and/or too old. There’s no parking or the charges are likely to induce cardiac issues. We need new centres of care to replace these old places which can be sold on to bring billions in to the pot.
  • We need to modernise the tools and treatments we use. In some areas we’re leading the world. In others we’re a notch above using leeches and calling the shaman. Ok, I exaggerate – I’ve never actually seen a shaman being called.
  • We need to fund research in a more transparent way – it’s bloody Ponzi scheme in disguise at the moment. With all the millions raised by donations to various charities why do all these new drugs cost us so much? If you’re interested go learn how all this money ends up in the same group of companies we end up paying for the drugs.
  • The NHS isn’t a fluffy thing. It’s a vast organisation and we need better management of its resources by people who do management well. The NHS don’t do management well. There’s a conflict of interest. Management is a skill just like anything else. Get in organisations who know how to do this. This isn’t a place you want to “promote out of harm’s way”.
  • We need to be able to hold that management to account better and reward/penalise without affecting services. Penalising a trust effects the pot available to care. Penalising a company makes for an interesting shareholder meeting.
  • We need the slogan “Your health, your choices” mean more than where you get treated. It should mean we accept the responsibility for our health and should pay toward treatment when it’s the result of poor personal choices. Getting pissed and ending up in A&E shouldn’t cost the rest of the country. Smoking and getting cancer treatment shouldn’t cost the rest of the country. Causing an accident and needing treatment shouldn’t cost the rest of the country. Palliative care should be means tested for contributions against your estate.
  • If you’re not a UK citizen you should be paying for your care. When we leave the EU you definitely should be paying for your care or your insurance should be. We are not a freebie. If you’re a UK citizen abroad you should be paying for your care – that’s what travel insurance is for.
  • Being retired shouldn’t mean a delegation of the responsibility for your healthcare costs to the rest of the country. Yes you paid in and yes you also got lots for it during your working life. If you have the means you should pay something towards the cost of your treatment and care. If you don’t we’ll take care of you. You shouldn’t be able to hide your assets by transferring them to your children so it looks like you haven’t the means either. Your direct family should be taken into account at a different rate.
  • Medical insurance is a cost. We value what costs us money. You drive carefully partly because you know the impact on your bottom line if you drive like a dick and cause an accident. The same should apply to your health. If you’re unemployed or within the non-taxable bracket your healthcare should be free.

 

When everyone takes more responsibility for their choices there’s more money in the pot to help those who don’t have the means. When everyone sees a tangible cost each month for their lifestyle choices they get to make those choices better informed of the consequences. We don’t have to pay for everyone’s choices. Just ours and those who didn’t have any other choice.  By the way, I’m still at a loss as to how anyone in the history of the world ever thought inhaling smoke wasn’t going to cause problems.

When we use private investment to upgrade and manage infrastructure and services we have better accountability and more leverage. If you want better health care then you’re going to have to take some responsibility for it and not just assume government will take care of you. It’s not actually your parents.

As always none of this exists in isolation to everything else that we have to take care of and consider.

We have to reach for it all, for everyone.

#VoreTory or #VoteKhushForGlobalOverlord but whatever you do #GoVote

Engineering Small


Stay focused on the engineering reality defined by your capabilities and requirements. Line up the engineering tasks with the business value. A shift in the engineering tasks should be a conscious decision as a result of conversations between the technical and business leaders in order to better deliver on the business value. Technical debt can be discarded when the engineering objectives change. Remember all technology is transient and that pride cometh before a fall.

you


Given all that has passed and is pressing,
Shown beneath this velvet veil of night;
Shallow do these words now feel from this breath,
Small these thoughts held against your might.

Deep the wellspring of these flighty thoughts,
Ardent arrows of dreams their flight do aid;
If only one should land upon your fiery brow,
This task would stand completed.

This day that dawns a thousand sighs unbounded,
Should leave so barren a bosom as mine;
There across Hercules seas should flash,
Hermes’s wings could barely keep apace.

Glorious in splendour lift up your eyes,
The days of your future stand ready to unfurl;
Beneath what skies none may yet say;
To you alone time listens,
Waits.

it’s never happened here


its never happened

There are somethings that I dislike. The image above is a screen capture from a conversation I was part of recently and said by someone who I respect deeply. On this point, we disagree deeply however.

Modern DevOps culture demands a great deal of pragmatism. In particular it demands that you don’t solve problems before they become problems. It’s the benefit of working in a non-critical environment. We’re told that ‘just-in-time’ is the best fit for fast iteration and product development and who can argue with success?  I wonder however if we’re losing a key component of good Engineering, that of forethought.

The conversation was around GitHub protected branches and whether they were a good idea for some/all our repo’s. I think these are a good idea for all repo’s and selected branches, especially master, and doesn’t take long to setup nor much in the way of maintenance or documentation. I can also understand my colleague’s position that there’s no need to go enable this everywhere as nothing bad has happened yet that would suggest this would be a good protective measure.

To me that’s a bit like putting the safety on after pulling the trigger. The thought’s there but the execution is suspect. It’s too Dev and not enough Ops for me.

In operations/SRE or whatever you call it these days, the paramount responsibility is safety. Safety leads to uptime. Uptime leads to sales. Sales lead to money. Money leads to wages. Wages lead to whiskey. Operations engineers are there to make sure that the business is supported and protected at all times. Operations engineers are there to ensure that engineering is able to deliver but that the what’s delivered is supportable and operable on an on-going basis – even if the entire engineering team changes. There is I think a fine distinction here between enabling the business and enabling engineering teams. Those two enablements often require subtle differences in approach, tact and execution. It’s the fine line that sometimes trips you up.

On this occasion I left this well alone, no one needs this kind of debate on a Friday and it’s a small thing. But small things have undone great enterprises before so in the back of my head a warning bell will sound all weekend! I like to think I allow teams I manage a great deal of autonomy and the operations team haven’t expressed any concerns. Whether that’s because it’s easier not to is up for debate – but not today.

the mole in the hole



There’s a hole in the bole of the tree,

The leaves of the tree are green,

In the hole in the bole of the tree lives a very old mole that was lost you see!

He went to bed when he was a sleepy head,

Come rain or shine,

Summer and winter,

He would not budge,

He would not move!

So no one could ever see him – you see!

– Constance O’Connor