News BlogBreaking news at it happens

Ah, another great day for Her Majesty's Revenue and Customs.

On the day of the deadline for people to file their self assesment tax returns, the HMRC website experienced severe technical difficulties, for six hours.

When I rang up HMRC, they insisted that 104,000 people had actually managed to file their tax returns online today, but admitted that "some" customers had had difficulties.

"The problem affected a minority of our customers," said an HMRC spokesperson. When pressed, the spokesperson couldn't say how many people had not been able to file their assessments. Surely it's difficult to say whether a 'minority' were affected, then?

"I haven't got a figure for that number," said the spokesperson.

Luckily for those people who didn't manage to get their assessments in on time, HMRC has extended the deadline until tomorrow night - midnight of February 1 - so they can avoid the penalty of £100 for late submissions.

"HMRC takes any disruption of service very seriously and to reflect this no-one who files electronically or by paper by midnight Friday 1 February 2008 will face a penalty," said an HMRC statement.

However, what I was really interested in was why the site had gone down in the first place. The spokesperson was unforthcoming, but assured me the site had not gone down due to the number of people trying to file.

"There was no volume problem," said the spokesperson. "We are currently investigating [what caused the outage]."

When I asked to speak to a member of technical staff to talk about the problems, I was told the technical staff were far too busy keeping the site up and running at the moment to talk to the press. O--K. Situation all under control then.

Meanwhile, HMRC put out another statement admitting that some MPs were also unable to file their tax returns, because their taxpayer reference numbers were not recognised on the authentication system. Whoops!

From the statement:

"Some newspapers and broadcast media have claimed that HMRC's online filing systems are not secure because Members of Parliament and a small number of other taxpayers cannot use the Self Assessment service.

This is completely untrue," said the statement. "A small minority of taxpayers, including MPs, cannot currently use online services because the additional internal safeguards on their records mean that their taxpayer reference numbers are not recognised on the authentication system.

This therefore has nothing to do with the security of our online services. HMRC online services use the highest levels of encryption generally available and authentication processes similar to online banks."

Hmmm, these would be the same banks which lost £7.2m to online banking fraud from January to June 2007, according to APACS? And how come HMRC didn't use the "highest levels of encryption generally available" when sending 25 million personal details to the NAO, which were subsequently lost in the post?

I'll leave the last word to Rob Steggles, the UK marketing director for NTT Europe Online, a managed hosting company:

"In both the public and private sectors, if an organisation’s online presence goes down at a critical time, its reputation and revenues will suffer," said Steggles in an email statement. "In the private sector, the commercial damage can be significant, but for a government website, it is those tax payers attempting to abide by the law that are suffering."

A conversation from the back of a cab in West London, yesterday evening;

"It's not the end of the world", I said

"Shame." said the radio news producer. "It's always good when the world ends during my show".

I had been on the phone earlier to a Very Large Chip Company, talking to the CTO about a big raft of announcements that'll be out of non-disclosure shortly - tasty stuff across the board that'll keep me busy for a while - when my mobile rang. Two minutes later, it rang again. And again. Uh-oh.

When I got off the blower, I went through the voice mail - three different news types, all asking the same questions: "What's happening with Egypt and India falling off the Internet? Will this affect UK businesses? Could it happen here?".

Good questions. And as you'll know by now, Egypt and India didn't 'fall off the Internet' -- although connectivity went way down with the rest of the world, the Internet within the affected areas was fine -- but one or two undersea fibre optic cables were cut. Most reports say two, the FLAG cable and SeaMeWe4, but the most recent reports say that SeaMeWe4 is apparently unaffected. It's taking a bit of time to piece together exactly what happened, and it'll take longer to work out the consequences.

The conversation I had with the news producer was typical. He was wondering whether all the companies who'd outsourced IT and services to India would lose tons of money, and I was saying that it's unlikely.

While I didn't have the exact figures of how much bandwidth had been lost, how many UK companies had got data centres in India, nor how the Internet was rerouting, I was having the conversation on my mobile in the back of a cab while simultaneously reading about the event on the Calcutta Telegraph's website on a 3G laptop. That, I thought, was a clue.

And, today, it looks as if it wasn't a huge disaster - at least not for the well-connected Westerner. We await news from Egypt and points east.

It is a sober reminder, though, that we take too much for granted; that the Internet is inherently robust, that there's always backup somewhere, that there are no implications beyond the immediate financials of relying on operations across the globe.

These things we need to know: what is the total physical Internet infrastructure? Is there really a choke point on the seabed off Alexandria, and do companies co-ordinate in laying their cables? Is anyone simulating the effects of multiple simultaneous failures? And what would we do if we woke up one morning and Google had gone?

Looks like a to-do list to me.

There's a very interesting thread on the SANS Handler's Diary about photo frames that have been infected with malware.

Apparently, US store Best Buy pulled thousands of photo frames manufactured by Insignia after it was discovered the frames were infected with a virus.

Insignia has put up an apology on its site, but doesn't seem to have provided many technical details.

SANS says that this is a possible new attack vector: infection through the supply chain.

A linked idea has been around for a while - as devices become 'smarter' and are hooked up to the internet, they also become a means to subvert computer systems. Your smart fridge could eventually be a conduit to your data...

It seems that, thanks to an undersea cable in the Med being cut, there's massive internet disruption across the Middle East and South-East Asia.

According to the Beeb, who have helpfully collated reports from Reuters and the AP, Egypt has lost 70 percent of its national network and the UAE, Kuwait and Saudi Arabia are also reporting problems. India is also reportedly 60 percent down.

Somehow I anticipate we'll be providing further coverage as the story progresses...

UPDATE (10am, Thursday):

OK, so - for what it's worth - the cable was running between Alexandria in Egypt and Palermo on Sicily. It is run by FLAG Telecom and SEA-ME-WE 4. It is possible that this was all caused by a ship's anchor (anchors oy vey - I'll get my coat)...

Insofar as this affects the UK, the biggest hit companies will be those who've outsourced to the affected regions. Of course, this is bad for those companies - but (in a silver lining kinda way) it's great news for those who're sick of getting unsolicited telephone calls from Indian call centres.

That said, for those customers who actually do want to access the call centres - where they are is up to the outsource-happy company they use for flights or gas or whatever, and not the customer's fault - this is a bad thing. Hmm - this is definitely a story of flipsides.

Either way, not great for the outsourcing industry.

Bill Gates has often courted controversy in the past but these days he avoids it whenever possible. But, wherever he goes in the world, it is likely that relics of his misspent youth, making as much money for his company as he reasonably or unreasonably can, will continue to haunt him.
So on Wednesday as Bill said goodbye to Britain and British business at the Institute of Directors (IoD) in London, it was noticeable that it was he himself who brought up an old sore. When asked by his IoD host what advice he had for those who were starting off in business now he said it was this first: “Try not to get sued by the Government, especially not your own Government.” That was point number one.
As a joke we had heard it before, but any good comedian knows that just because a joke is old, that does not mean you can’s use it again.
The joke reflected the mood of the occasion, Bill Gates was on his farewell tour and of course no-one who had been invited was too willing to miss it.
For the most part, he stuck to the familiar themes. The brilliance of technology and what you can do with it. Does that mean you can make a difference in the third world? Bill thinks so. He has a multi-billion dollar fortune to dispose of and, he made clear, that is where the money is going – to innovations that can make a difference.
Someone asked how much of his fortune that he and his wife had committed to their foundation, with an implication that they would be holding something back somehow. Far form berating the questioner for not understanding how the fund worked (as Bill most certainly would have done a few years ago) he just quietly pointed out that there was a large amount in the fund and he and his wife would close it down when it was all spent in about 20 years.
By then, Bill believes, it would have done its job and made a difference to the poor and, especially, sick of the world.
The IoD is a hard-edged forum, but as I looked around you could see that they were sharing his belief. After all, if you cannot make a difference with money what is it for?
Bill also demo-ed Microsoft’s latest plaything, Microsoft Surface. He believe that can make a difference too but it is difficult to know how a £2,000 device can do that.
But I must say that thanks to Bill, I am starting to think about it.
Did a rare trip to see Bill Gates in action change my view of the great man. Not really. After 20 years of Microsoft IT that was unlikely to work for me. The nice thing about Bill is that with a few more years in the business than I could claim, he still so obviously likes this stuff.
So goodbye Bill and yes, we will miss you.
(What’s that? My computer has crashed, again! Argggh! BILL!)

I was invited to the cinema yesterday. Unfortunately, (or fortunately for the benefit of my girlfriend) the invite wasn’t romantically motivated, actually it was about as far as you can get from popcorn and cuddling on the back row. Fortify, an enterprise security company has backed a documentary called: The New Face of Cybercrime - and it was being screened in London yesterday.

I couldn’t make it along in the end but apparently the film was produced by Academy Award®-nominated filmmaker Frederic Golding (a quick search on Google fails to reveal what he was nominated for?).

Some of the talking heads interviewed for the film include:

Matthew Devost, CEO, The Terrorism Research Center
James Routh, CISO, The Depository Trust & Clearing Corporation
Lt. Col. Jeff Salyards, USAF, Director, Defense Computer Forensics Laboratory
Mike Ullman, Chairman and CEO, JC Penney Company, Inc.

They’ve hosted a clip on YouTube for anyone who’s looking for a more accurate depiction of the threat of cybercrime than Hollywood’s recent efforts such as Die Hard 4.0 and Harrison Ford’s Firewall - which shouldn't be hard.

I really can't believe - can barely understand, given its dense legalities - this latest ruling, which seems to want to reinstate software patents in the UK. I had thought that the reasons software should not be patented, but given instead other sorts of intellectual property protection, were by now widely understood.

Perhaps Justice Kitchin has been talking to a friend of mine with whom, years ago, I had a knock-down argument that neither of us won.

My friend's engineering nous is exemplary, his creativity is off-planet, his logical prowess would shame a Vulcan, and his commercial instinct is so minuscule I doubt CERN could detect it with its finest machinery set to maximum magnification.

In his work for an organisation you will encounter every day, my friend built an impressive portfolio of patents in some very technical fields. (I think one particular set is about to lapse, just at the moment that the ideas behind them are about to become very important. If it were anyone else I'd find that immensely sad, but with him it's as natural as apples falling from trees.)

He was of the opinion that of course, software should be patented: he had created hardware-based inventions and software-based inventions, and couldn't see why one set was protected and the other not.

I completely understand that, from his point of view. He had created complex things that had never been seen before, doing things that nothing else did.

But pure software is so rarely like that - there are immense commonalities between techniques, because at heart everything is based on the same tiny set of mechanisms, and the problems solved boil down in a remarkable fashion to different ways of expressing the same problem and applying similar solutions.

I remember when I was involved in the initial design of an Office-like suite of software about twenty years ago, when the field was a lot newer than it is now and there was more scope for philosophical discussions of what it was that such a task actually involved (for those with extreme nerdular tendencies, there are tenuous connections between those discussions and what ended up as PipeDream on the Z88).

We decided that everything - word processor, graphics, spreadsheet - could be considered as special cases of a database which stored just two things: information contained in a small variety of data types, and interrelationships. The word processor would work with type 'character', building up into relationships called words, sentences, paragraphs and so on, with those relationships stored as their own types with relationships covering formatting, document intent, and so on. Spreadsheets would know about type 'number' interrelated by formulae and formatting, and so on and so forth. The freedom for mixing up what these days are considered very different sorts of things was startling, and had such a thing worked well we'd probably have a very different online world now.

As you might expect, philosophically satisfying schema like those soon hit some ugly realities about performance, storage and other dull old practicalities. (Whether it's worth revisiting these ideas now we have stupidly capable machines is in itself a fascinating idea). But I think it would have been possible, had software patents been in existence back then, to have written a single patent that would have knobbled enormous areas of application software for years, without any recourse to actually producing an invention that had much practical application.

My friend refused to believe that such worries had any place in real invention, because he really believed that patents existed purely to encourage innovation and would be used as such by anyone who was a real inventor.

I so wish he had been right. I was unable to convince him otherwise. But he wasn't, as the existence of patent trolls demonstrates, and until we can legislate against bad faith we'll have to content ourselves with legislating against software patents.

It’s a good job that the majority of our press releases arrive by email these days as if we were still back in the times when snail mail predominated then the sheer volume of missives detailing the latest green innovations by tech companies would suck up trees faster than a rotten branch through a well-greased wood-chipper.

The latest example of financial frugality dressed in the green robes of energy efficiency comes courtesy of managed network provide Easynet. The company claims to be salving the consciences of its customer base with the purchase of some new HP virtualisation kit which will make it a dramatically more efficient operation.

Easynet boasts that the new hardware will “increase IT utilisation to 85% whilst boosting energy efficiency by up to 30% and reducing the load on servers by between 30 and 60%”. The company also claims to be ‘carbon neutral’ which is an interesting assertion but one that seems unfathomably difficult to calculate. I wonder if that includes the company’s involvement with a motor-sport event – Easynet is the official networking and hosting company of the FIA World Rally Championship, as the last sentence of the press release announcing its green credentials states. Exactly how much do you have to improve your server utilisation rates by to off-set a Subaru Impreza going 90mph around a Welsh forest for a week?

I jest of course but there is a real shortage of green metrics available with which to really scrutinise the claims of tech companies hoping to be cash-in on energy efficiency. We looked into the issue recently and you can find the article here:

Crunching the numbers on data-centre efficiency

Meanwhile, Easynet’s strategy does make sense. At a time when businesses are under pressure to cut costs and be seen to be green, outsourcing the whole problem to a company which claims to be able to save you money, and save some planet, could work. (Actually the whole saving the planet thing is a bit of a misnomer. Life on earth managed to spring up despite a toxic atmosphere and not much else to go on, so it’s not the planet we should be worrying about, it can look after itself.)

It’s too late to sign-up unfortunately, but I am sure IT charity Computer Aid would bite hands off for more donations for its annual charity cycle ride which kicks off next month. Last year’s event was in Kenya (it's shocking to see that much of the violence in that country at the moment is in the areas around Kisumu where our cycle challenge finished) but the venue for this years challenge is Cuba.



I was lucky enough to take part in the Kenya challenge and have to say that it was one of the most rewarding trips I have ever made despite the heat, hills and saddle sores. The chance to visit some of the remote schools who have benefited from the donation of unwanted PCs from UK organisations was truly rewarding – a machine at the end of its life here, still has a lot to give in Africa.

You can find more information about Computer Aid and the Cuba cycle challenge here .

Nokia is buying Trolltech, probably the most important mobile Linux company out there in terms of current deployment. I'm listening to the audiocast right now, so expect a story soon... this is big. It's not just mobile Linux either - Trolltech's Qt platform is at the core of Skype, Google Earth etc...