Ah, yes, Snippasoft arrives!

I am not saying for a moment that it should start from scratch. I suggest partnerships with the open source world. I suggest hardware relationships. I like the idea that a commercial training element of this could be linked to the BBC, which had its own computer once upon a time, of course.

What I believe is that the country that developed Raspberry can now develop a low risk, high security IT system dedicated solely to business use that could be of enormous value not just to the NHS and others but around the world. And it should be built for updating: obsolescence has to be designed out.

China tried that with Red Flag Linux.

Near no one, even in China, uses Red Flag Linux. Perhaps it was the wrong sort of Linux? Or they didn’t try it hard enough?

41 comments on “Ah, yes, Snippasoft arrives!

  1. There is nothing he hasn’t thought about, and nothing that, having thought about it, he hasn’t completely misunderstood. He’s genuinely amazing.

  2. The time to take him seriously will be when he starts risking his own money to make these obvious good ideas come true.

  3. Don’t know if anyone else has mentioned this anywhere, but the exploit was originally developed by the state.

  4. The BBC? No, that’s Acorn. And the BBC Micro only really worked for the same reason that ICL ever worked – government bought it. Businesses didn’t buy BBC micros, nor did most home users. They cost double what a Vic-20 cost. They had no commercial software worth talking about and only really had one great game – Elite.

    There are already hardcore, secure versions of Linux. That isn’t going to help when lots of medical software runs only on Windows, and (I’m guessing this is the NHS’ real stumbling block) they have a ton of early era web applications that require IE6.

    And everyone else managed this. Upgraded 5 years ago or more to Windows 7/10, patched their PCs a couple of months ago when Microsoft released a fix.

    Heads should roll at these trusts. They were warned 2 years ago by Jeremy Hunt that they had to get off XP and then failed to do anything to deal with this threat, after it was announced, like say, blocking SMB ports.

  5. This post of Murphy’s is beyond parody. Can he really be Serious? Does he actually think that business IT consists of a word processor, email and maybe a spreadsheet? Does he really think that a supply chain or accounting system for a large company could be handled by a phone? He truly is the ultra-moron

  6. He’s mad isn’t he? The company at which I work isn’t big, just 300 people and we have all sorts of bespoke software. When I visit adidas, Nike etc they have these huge systems linked to their factories all over the world. Spud the accountant is gonna build a system that serves everyone. What a hero.

  7. ‘What I believe is that the country that developed Raspberry’

    Inspirational!

    ‘a low risk, high security IT system dedicated solely to business use’

    All systems are. Until you let users in. Connecting it to the internet terminates security.

  8. For the next release in my “Unadulterated Spud” series, Richard has agreed to masturbate a donkey over Margaret Hodge’s face. Available at a special price to readers of this blog

  9. “a low risk, high security IT system”

    Good luck selling it. Software is sold on the basis of what it can do for you; how much it can improve your productivity. Security risk really is quite low on the average buyer’s shopping list. Every time I look at Android security (especially how it’s nigh impossible to upgrade most devices) I get the shivers; yet millions of people use it because it’s dirt cheap.

  10. “I thought the Raspberry Pi was British??” Of course it is. But it wasn’t the country that developed, was it? It wasn’t the government-ownded Jam Computing Authority. It wasn’t Her Majesty’s Corps of Aspergy Geeks in action.

  11. I like the idea that a commercial training element of this could be linked to the BBC, which had its own computer once upon a time, of course.

    I almost laughed myself into a hernia. Is this chump for real?

  12. It was a bright cold day in April, and the clocks were striking thirteen. Winston Smith swore under his breath as his government-issue BBC Micro Model C (for “Courageous”) attempted to log on to Prestel at a baud rate which would’ve embarrassed a geriatric slug…

  13. ” Does he actually think that business IT consists of a word processor, email and maybe a spreadsheet? ”

    I’m sure he does. Since that’s all his one-man-band uses in his stump. The fact that people outside the stump might have different IT needs is, well, outside the stump and invisible.

  14. @Bloke in Wiltshire

    “There are already hardcore, secure versions of Linux. That isn’t going to help when lots of medical software runs only on Windows”

    This is a very basic problem. Either you use XP or you don’t. There are alternatives, Virtual Machines and possibly even Wine (seriously – it runs some old Windows apps better …..). There is also fixing those apps ; there is no reason why they shouldn’t work ; the workround might be hardware.

    “and (I’m guessing this is the NHS’ real stumbling block) they have a ton of early era web applications that require IE6.”

    This really shouldn’t be too difficult to fix. They might look rubbish but they should work. You can, I’m pretty sure run IE6 on Linux 🙂 Or you could hack Firefox to behave like IE6 🙂

    “like say, blocking SMB ports.”

    Yes, just because you can’t fix the problem with a patch doesn’t mean you can’t do anything.

  15. Maybe he should look at why control
    systems for infrastructure are so expensive (and still have security flaws) and the incredibly slow process involved in certifying and upgrading them. As was once explained to me by someone in that field they work at the cutting edge of obsolescence,which is still in advance of spuds knowledge of IT

  16. How many billions were spent on an NHS program? Which didn’t work, anyway?

    And I’m a little puzzled how open source, which (though i may be wrong, of course) evolves by upgrades from users. Not exactly secure, I’d have thought…

  17. Rocco
    Release date?
    price / discount % to readers?
    Not that I’m especially interested myself but I do have some weird freinds. Can it be forwarded as the whole vid or just a link?

  18. Maybe he should look at why control
    systems for infrastructure are so expensive (and still have security flaws) and the incredibly slow process involved in certifying and upgrading them.

    Simple: governments have decided that it’s better to live with known bugs than risk pushing out new fixes that might break something.

    I work with some hardware that has to go through such an approval process. It’s so complex and expensive that you’re lucky if you get one new software release a year, and many users don’t install it because they understand the problems with the system they have, and don’t want to have to take expensive hardware out of production to spend days testing the new version before they can use that hardware again.

  19. “obsolescence has to be designed out.”

    The man’s a genius! But if we know what’s going to happen in the future why not just write Windows 345 now instead of bothering with all those versions that are going to be written inbetween?

  20. When I look for a reason why I shouldn’t consider using a product I am looking for metaphorical red flags. Did anyone bother to consider that we have to look no farther than the name of the Chinese version to find one already clearly labeled?

  21. re Nautical Nick
    “And I’m a little puzzled how open source, which (though i may be wrong, of course) evolves by upgrades from users. Not exactly secure, I’d have thought…”

    ‘users’ aren’t the average guy in the street. In the case of Linux the term applies to hard-core software guys who use Linux and pore over the source code looking for bugs and improvements. Any changes they suggest are analysed by their softie compatriots world-wide before the are considered for including in the OS.

  22. Paul,

    “This really shouldn’t be too difficult to fix. They might look rubbish but they should work. You can, I’m pretty sure run IE6 on Linux Or you could hack Firefox to behave like IE6 ”

    I would solve that problem with an HTTP module (assuming they’re running IIS). Take what’s returned from the software, and then manipulate it to work on modern browsers before it even leaves the web server.

    The problem is, to do that, you need people who give a shit. You need managers who when Accenture/Capita/Cap Gemini show them a ridiculous quote will call around a few friends who are nerds and ask “is there another way to do this?”. And their nerd friend will say “well, I wouldn’t recommend it, but you could build this Heath Robinson-like thing”. The public sector is full of people who won’t say that. They’ll just say “here’s Accenture’s price”. And everyone shrugs when they don’t get the budget. They did their job…

    I’ve experienced bits of the public sector, and the NHS is the worst. I think because they’re bulletproof. People see nurses and doctors as heroes, and generally, they do a good job. And there’s this quasi-religious aspect to it, as if, American or German midwives don’t give a shit. They protect these people from any sort of serious reform.

  23. When it comes to economics and banking, I assume that Murphy is talking shit because all the people on here with expertise in economics and banking say so, with extensive examples. Now it comes to his expatiating on IT and software engineering, he’s on my turf. And I can say, without equivocation, that he is talking utter, utter, 24 karat, ocean-going bullshit. The reasons why would be essay-length. But to pick one: we already have a low-risk, high-security business IT system (various incarnations of Linux). No need to reinvent the wheel (and given the history of government IT projects, end up with an extremely expensive square one). So here we see the usual Murphy in action: spouting off on a subject about which he does not even know what he does not know.

  24. “And I’m a little puzzled how open source, which (though i may be wrong, of course) evolves by upgrades from users. Not exactly secure, I’d have thought…”

    It does evolve from upgrades by users, but there’s still a team reviewing the upgrades. You submit your changes and they get reviewed and tested.

  25. — “a low risk, high security IT system dedicated solely to business use”

    So, VMS then.

    — “obsolescence has to be designed out.”

    It was never designed in. Vendors develop new versions to exploit and provide new technologies and capabilities.

    They simply cannot also continue to support, maintain and develop all previous versions beyond a certain time period: especially when their use drops to low single-figures.

    Businesses know this. They know they are on a maintenance and upgrade schedule.

    The NHS fiasco was about government incompetence, nothing else.

    “Abandoned NHS IT system has cost £10bn so far ”
    https://www.theguardian.com/society/2013/sep/18/nhs-records-system-10bn

  26. @Bloke in Wiltshire, May 14, 2017 at 11:16 am

    …and (I’m guessing this is the NHS’ real stumbling block) they have a ton of early era web applications that require IE6.

    …and years ago a solution was developed – buy software which runs IE6 apps in a later browser. iirc Aviva used it.

    As for BBC Micro, I never saw one outside public sector & education. Everyone I knew had eg Commodore, Dragon, Sinclair, Tandy etc micros.

  27. As for BBC Micro, I never saw one outside public sector & education.

    Yes. Only the fat-cats could afford Beebs.

    Still, though, without it we probably wouldn’t have ARM.

  28. VftS: “Any changes they suggest are analysed by their softie compatriots world-wide before the are considered for including in the OS.”

    And ultimately, decisions about what to take in and what not are done by a dictator, one person. His name is Linus.

    He’s also remarkably foul-mouthed at times, which provides for interesting reading even for those who are not completely in to Linux kernel development but who know the basic terminology.

    Google for “Linus Torvalds must read rants” for some of them.

    Also the non-rants are fun, in the style of “Software is like sex; it’s better when it’s free”.

    Unfortunately I believe even a Linus rant wouldn’t do any good to Murphy. He would be far too stupid to understand anything about one.

  29. Torvalds only has control over the Linux kernel. There is a lot more to OSS than the Linux kernel. If I submit a pull request to the maintainers of anything else, he doesn’t get a look-in. Also I can fork a repo and make my own changes, and if they’re good enough, people will start using my fork.

  30. Torvalds only has control over the Linux kernel.

    And only over his kernel.

    The kernel you get with your Red Hat Linux support contract is based on his, but has Red Hat’s engineers fixing bugs/adding features that haven’t yet made it into Torvalds’.

  31. Yes, kernel is just a small part of a Linux distro. But it is the core part that gave the name (Linus didn’t come up with the name, I worked with the guy who did it, at the time when we were playing around with Minix.)

  32. “And I’m a little puzzled how open source, which (though i may be wrong, of course) evolves by upgrades from users. Not exactly secure, I’d have thought…”

    But yet it is. It is partly because it’s designed with networking and security in mind ; Windows wasn’t and actually didn’t have any until NT, it’s a colossal bodge, apart from when Dave Cutler was in charge it’s arguable if “designed” is ever usable.

    It’s partly the concept that it’s all open so no hidden backdoors and changes are very carefully tracked in things like security and networking. It’s partly that Unix is atomic and Windows is monolithic (which is why Windows updates so often break things).

    It’s a mentality ; if someone decided to put in code that forced you to take kernel upgrades you didn’t want there would (a) be a riot and (b) be an instant fork without it.

    Also nobody, not even the commercial versions, is particularly interested in screwing over the other competitors a la Apple / Microsoft. Unix/Linux improvements are actually improvements. Windows, they want to put a new coat of paint on it and sell it again. (Except they’re probably going to try and rent it to you).

    I note MS are whinging about the NSA keeping holes to themselves which is a joke. Pot. Kettle. Black.

    The GUIs of which there are several do occasionally come and go, so do some applications, some are forked and the fork takes over (e.g. LibreOffice).

  33. @BlokeInWiltshire ; I did wonder about an adaptor ; I’ll be honest and say I don’t know how far out IE6 is (having avoided IE anything). I get the impression it’s one of things which has lots of horrible horrible kludges, because Microsoft’s were trying their usual takeover cr*p.

    I can have some sympathy with people still using IE6, but it wouldn’t surprise me if they’re using it to access the Internet; rather than purely as a local front end …. it’s that bad.

    My experience of the public sector fits yours perfectly.

  34. “And ultimately, decisions about what to take in and what not are done by a dictator, one person. His name is Linus.”

    Theoretically, yes. However, he doesn’t actually own it. If he started behaving like a mad dictator and took no notice of the kernel team, then he would find that position filled by someone else.

    I think almost all the distros have their own version of the Vanilla Kernel.

  35. Just one question, would the Linux community know if GCHQ or NSA were probing for vulnerabilities? Would it matter? It’s a genuine question. Given the bullshit around XP in the NHS recently and people with very limited knowledge saying “Linux is the answer” when they don’t know what the question was, I am genuinely interested. At one time people pointed to Mac but no one I knew could build a case for putting 200,000 people onto a mac world.

  36. would the Linux community know if GCHQ or NSA were probing for vulnerabilities?

    No more or less than would Microsoft or Apple.

    Just as an aside, the NSA contributed one of the ways to increase application security in Linux (it’s called selinux and gives a way to massively restrict what an application can see and do on the local system.)

  37. “Just one question, would the Linux community know if GCHQ or NSA were probing for vulnerabilities? Would it matter? It’s a genuine question.”

    There is an argument that because the Kernel is open source therefore the NSA et al could go through it with a fine toothcomb looking for exploits and so on. They wouldn’t know, any more than MS/Apple/Google or anyone else. You can harden Linux significantly if you want.

    The problem with MS particularly is it’s about making money not about producing a half decent operating system ; so they keep re-releasing the same code with a new paint scheme and pretending it’s a new OS, while making changes whose consequences for specialist software or hardware they either don’t know about or don’t care about. What they want at the moment, I suspect, is to get everyone on to 10 so they can rent it.

  38. Thanks, genuinely interesting answers. And I will resist upgrading from Windows 7 until it is no longer tenable for a mere user

Leave a Reply

Name and email are required. Your email address will not be published.