Saturday, December 29, 2007

Virtualisation (take 2)

Well, hope everyone had a nice christmas and are looking forward to a great new year. I certainly am.

Anyway, just thought i'd blog about a development in my quest for the perfect virtualisation approach. People who know me know that I am passionate about the use of Virtual Machines (VMs) for practically everything I do. I just love the idea of having my main OS (currently Ubuntu 7.04), but being able to run Ubuntu / OpenSUSE / Damn Small Linux (DSL), or, indeed, any other OS that has the feature that I require (such as my 11g instance on Oracle Enterprise Linux, or my Ubuntu 10g XE database, again all running as RDP'able VMs).

In the past, I've always used VMWare Player, and got my head around the creation of VMDK and VMX files by the use of QEMU. However, recently, I've started to get my head around VirtualBox, an open-source project for managing your VM server, and, I must say, how impressed am I? The software is an absolute breeze to install / run, and the creation of the VMs through the use of wizards is a bit funny to start off with, but once you understand it, it's by far the easiest way to create all the fiddly configuration settings for a given VM, such as hard disk size, memory usage etc.

One problem with simply using VMWare player, as opposed to VMWare Workstation (or similar), is that you have to basically manage your VM server like you're managing file(s) and window(s), i.e. through a file manager. However, what I like about VirtualBox is that the software is
full enterprise-class software, having a VM manager, the full works! And, the fact that it's one of the only software which fully supports Remote Desktop Protocol (RDP) (although, you can do this with other VM products, they don't fully support it... not yet anyway). For a little bit more information on this, see here.

Of course, it's OSS as well, and extremely light-weight.

So, as I'm writing this, Ubuntu 7.10 is being installed. I'll let you know how I get on with my future VM projects in future blog posts.

Have a happy new year!

Monday, December 24, 2007

Can you adam and eve it?

I just DO NOT believe this... maybe it's just that things are getting put in to the public domain more because of recent events, and granted that this is the Royal Mail, and not, strictly speaking, some inept government department, but how long do we have to live in a country with such a woefully and grotesquely inept attitude towards data security awareness? How can things just go so badly wrong all the time (as seems to be the case)?

Mr Brown is probably thinking "why did I ever take this job?". The rest of us are thinking exactly the same thing.....

Sunday, December 23, 2007

Here we go again

Almost as a response to my previous blog, here we go again. Now, nine NHS trusts have "lost" data (one, according to the Sunday Mirror, involved the details of 160,000 children). Utterly unbelievable. The stupidity, ignorance and ineptitude staggers belief!

Tuesday, December 18, 2007

Data security (or lack thereof)

My previous post sparked a minor flurry of comments (cheers Tim) about top-n lists, but I was shocked tonight (literally about half an hour ago) to find ANOTHER piece on the newswire about a government department / local authority misplacing yet another set of valuable documents and information in some form of internal postal system. Granted, with this one there was not any way that innocent individuals information could be gleaned, however, this is another example of this systemic ineptitude and total ignorance of basic data security principles when dealing with the important issue of personal data.

As somebody who has made a career in the data management industry, with experience in large scale data warehousing and business intelligence projects (even presenting a series of talks of data security principles), this is something I feel I can comment on with some authority. In a sense, Gordon Brown has been unlucky. He took over just as two major data security violations took place in government departments, namely the HM Revenues and Customs (HMRC) and the Driver and Vehicle Licensing Agency (DVLA), and it would be naive to think that government departments and local authorities all work in some kind of revolutionary way such that the Prime Minister knows EVERYTHING that goes on, of course not, he relies on his junior ministers / secretaries of whatever stupid government department's turn it happens to be this time, nor would it have been any different under any other government party, since it's still the same employees who work in the HRMC or DVLA, but just as the managing director of a company is liable for corporate mistakes by employees (generally), I'm afraid the buck stops with Mr. Brown. This has certainly not been a good few months for the Labour party, especially with the other things such as questions over funding rear their ugly head.

I'm afraid, though, as much as I understand about the way that this country is structured, I have no sympathy for any of them. It, quite simply, staggers belief the sheer scale of some of the data security violations (most of which definitely contravene the Data Protection Act 1998).

So, here's the top 10 list of government ineptitude, in ascending order of total inept ignorance and each showing a total lack of respect for the important of security of personal information :

10. Hundreds of HMRC documents (including VAT returns and personal details) found by a BBC reporter on a Nottingham street

9. An ex-employee for the Department for Work and Pensions (DWP) having thousands of benefit claimant details (fortunately, non-financial) on 2 CDs for over a year after leaving

8. The DVLA sending 1,215 questionnaires with personal details out and 100 going to the wrong addresses.

7. The Scottish Government losing pension statements for 200 people (fortunately, found again a day later)

6. HMRC (again) involved in a postal mix-up regarding the personal details of 50 people being accidentally sent to a training company in Dundee.

5. Domestic violence victim details (names and addresses) faxed by mistake to local shops in Glasgow by Strathclyde Police

4. 15,000 Standard Life customer details "lost" in transit from HMRC (again)

3. Ruth Kelly admitting that the details of three million learner drivers were "lost" by a contracted company based in Iowa, contracted to the DVLA.

2. The Department of Work and Pensions (DWP) sending the pension details of 26,000 pensioners to the wrong addresses

and, of course.....

1. By far the most staggering, 25 million child benefit records from HMRC (yes, again!) to the National Audit Office (NAO) on 2 CDs being lost in internal mail.

As somebody who has personally been affected by number 1, and also aware that their financial and personal details on a (get this!) "password-protected" set of 2 CDs generated by a junior official and sent by UNREGISTERED courier, seemingly with the full knowledge of much more senior managers (even though the chanceller, Alistair Darling, blamed the fiasco solely on this "junior official"), this shows another absolutely astounding lapse of data security by a government. In any other context, senior heads would roll for this, certainly if this country was a private company, no one would touch us with a ten-metre cattle prod. To add insult to injury, the Information Commissioner, Richard Thomas, has stated that the government did break the Data Protection Act 1998 by not safeguarding sensitive data. However, the Information Commissioner's Office (ICO) lacks any kind of teeth, since the maximum fine that a Data Protection Act 1998 violation can incur is, wait for it...., £5,000. Yeah, that's right, only five grand, although, to be fair, Mr. Darling has promised that the ICO will get more powers of prosecution for future data protection violations. What this will mean for us citizens / consumers, we'll have to wait and see.

Saturday, December 08, 2007

Rectification and early 80s animation

I haven't blogged for a while (that's an usual line for me.. not), so thought best had.

Firstly, I'd like to answer a little bit of criticism about one of my previous posts on top 10s. Basically, my mate Tim Hall decided to have a little pop at me about it being quite sad that I posted my top-10 software apps, which is rich really considering some of his posts have been about his top 30 lyrics from songs that noone (apart from 23 people in Crewe Limelight) have ever heard of! ;-)

However, I think it's fair to say that he is probably right, as much as it pains me to say it, and, as penance, will obviously be posting an updated top-10 list of apps, but this time concentrating on linux, again in descending order to importance. Can't wait for the next post on Tim's blog, i.e. the top-10 signal buffers on class-5 rolling steam engines... ;-)

So, to continue, and since my decisions have changed dramatically over the last few months, not least of which is because of my continuing involvement in virtualisation products

  • 10. Skype - Now that video is part of the linux client

  • 9. Google Earth

  • 8. Second Life - This has fallen somewhat, since I go on this far less than I used to, and I wish Linden would get around to sorting out the performance problems that the linux client has

  • 7. Envy - A Python / PyGTK app for automating the installation of NVidia drivers for Debian-based distros

  • 6. Evolution mail

  • 5. Ubuntu Terminal (where would we be without the command line?)

  • 4. LifeRea

  • 3. VMWare

  • 2. Qemu

  • 1. Firefox


So, what else have we been up to? Well... of course, it's coming up to Christmas, and the kids are so excited it's unreal. In fact, just watched The Snowman, one of the most beautifully animated short films of all time. The amazing thing about this film is that it never looks or feels dated (despite being made in 1982), and it's a testament to both the author, Raymond Briggs, and the animators that, even now, kids such as mine will watch it and still be enthralled (as I was at their age).