Archive for the ‘Uncategorized’ Category

NHS IT policies that waste NHS money (and could easily be fixed)

Thursday, January 3rd, 2013

Computer systems built for national scales are expensive – especially given the perverse incentives for previous and current government IT projects which practically guarantee that they will go over budget. However it is also important to remember that a computer system should make it easy and quick for a user to do what they need to do – it should not get in their way and slow them down – fundamentally the user’s time is paid for by the NHS (some of them at quite a high rate) and if they spend hours dealing with irrelevant trivialities of the computer systems they are using then that money is wasted.

Much nhs email goes via nhsmail. This imposes a 200MB quota for all users. That is tiny. Disk space is cheap, really cheap at the 2GB level and really it should be possible to offer 20GB per user without too much difficulty. So every user of nhsmail must periodically spend their valuable time deleting emails that are no longer vital. Occasionally they will make mistakes and delete emails that are actually important potentially directly impacting patient care. This is just silly. I am guessing the order of magnitude of the cost of fixing this (by buying more servers) is X00,000 and that this would easily pay for itself in terms of increased efficiency across the NHS within a year.

The NHS systems also have a ridiculous system of requiring users to change their passwords periodically. This is well know[0] to actually make security worse and to provide no benefit as users pick worse passwords to make them easier to remember (and to break) and then increment numbers on the end or similar (which unfortunately makes it harder to remember due to within list effects – people can’t remember which password they are on). So this is a policy that wastes staff time, makes security worse and should be fixable by someone unticking a few boxes marked ‘force users to change their passwords’ or similar. Unfortunately various incompetent IT auditing agencies always tell organisations without periodic password changing policies that they need to institute one – this is good grounds for firing the agency as they clearly have no idea what they are doing.

[0]: ‘Although change regimes are employed to reduce the impact of an undetected security breach, our findings suggest they reduce the overall password security in an organization. Users required to change their passwords frequently produce less secure password content (because they have to be more memorable) and disclose their passwords more frequently. Many of the users felt forced into these circumventing procedures, which subsequently decreased their own security motivation. Ultimately, this produces a spiraling decline in users’ password behavior (“I cannot remember my password, I have to write it down, everyone knows it’s on a post-it in my drawer, so I might as well stick it on the screen and tell everyone who wants to know.”)’

Christmas Newsletter

Wednesday, December 26th, 2012

The following is the contents of my section of the family newsletter with added links:

This year I continued as a Research Assistant at the University of Cambridge before starting a PhD in
encrypted cloud storage with the same supervisor in October. By the grace of God I have I think
grown up quite a bit this year which serves to demonstrate the distance still to go. I have done quite a
bit of teaching over the year ranging from Sunday School for 5-7 year olds in the summer to
undergraduate supervising in the department and student team at church during term time. All in all a wonderful year.

LaTeX user search path

Monday, November 1st, 2010

Because this took far too long to find out:
If you have .sty files you have written want to be able to easily reuse in multiple documents then put them in ~/texmf/tex
Then you should be able to use them with \usepackage{foo} as normal.