Defence of the Union: Britain is better together

January 5th, 2013

In 2014 there will be a referendum in Scotland on whether Scotland should be an independent state and leave the Union. Frankly I find it ridiculous that the question is even being asked as the answer is so clearly no. Essentially nothing is gained that could not be gained by internal reorganisation within the UK and much is lost.

Personally I was born in Scotland and have lived slightly less than half my life there, the rest being spent in England and some of my great grandparents were Scottish. However I have always lived in Britain and always been British. I am one of the significant number of people who would need dual nationality if Scotland were to become independent because we simply do not fit into the ‘English’, ‘Welsh’ or ‘Scottish’ categories, only in ‘British’.

All the arguments I have heard in favour of independence which are valid such as those which have convinced a slim majority of Scottish Green Party members are not in fact relevant to the question of independence. Rather they relate to the debate on the localisation of different powers at different scales from national to local. Obviously the positioning of park benches should not be done by act of the UK parliament and NHS policy should not be determined individually on a ward level – there is an appropriate scale for different decisions to be made at. There is a very interesting debate on what should be decided at what scale and I think a great deal of room for improvement on this. However none of that is relevant to the question of Scottish independence – or if it is it is just as relevant to the question of independence for the Highlands.

The only issues relevant to the decision on whether Scotland should break the Union are ones which must be decided at the national level and could not be devolved to Scotland. Fundamentally the only issues which then apply are international ones, all domestic issues can be reorganised as we like and the rest of the world does not need to know or care but the interface we provide to the world is that of the nation.

So only international issues matter to the debate on independence, and an independent Scotland would leave both Scotland and the rest of the UK worse off in many different ways and not make things better in any way. Currently the UK punches above its weight in international affairs, Scotland would not gain that and the rest of the UK would lose it. For example the UK has a permanent seat on the UN Security Council. This is justifiable for more than just historical reasons (Sierra Leone, Kosovo, Lybia) but only tenuously and without Scotland it would be hard to justify it continuing to have a seat. Currently the UK is big enough that when it is necessary for something to be done on the world stage (take action on climate change, stop genocide etc.) then the UK can go ‘Well we are going to do this, who is with us?’ we don’t have to persuade a whole bunch of countries to act in lockstep with us, we can lead[0]. Obviously we then need to persuade other countries to follow us but it is possible to try to lead. I think it is easier to persuade people to follow if they can see that you mean it by your actions than when it can only be words because action is impossible without their help.

Similarly within the EU the UK has a fair bit of influence (for all that David Cameron tries to throw that away). We will not gain any more by being two countries rather than one, Scotland will probably need to reapply for membership post-independence and that might take a few years of sitting out in the cold. Currently when a country needs to take a lead on an issue the UK can do that. It would be hard to see Scotland doing so to the same extent and the rest of the UK’s hand would also be weakened.

A Union was made and formed Great Britain, whatever the perceived legitimacy by current standards of the people involved in making that Union the fact remains that it was made. That was not a temporary treaty or a fair weather thing. That was and is a permanent covenant thing. A sickness and in health, in good economic times and in bad, in peace and war for all time and without end thing. As such it should not be lightly broken. I fail to see what the pressing issue is as to why Britain cannot continue as it is. Some bad things happened in the past long before I was born, why does that even matter? The future is ours to decide and the past remains unchanging whatever revenge is taken for past evil actions they are not undone.

The breaking of a Union would also be a permanent and unalterable thing, not a decision to revisit in 10, 50 or 100 years if it does not work out but one made with finality for all time. While right now the world is a fairly safe place to be as a rich nation [1] that might not always be the case, it certainly has not always been the case. There are many reasons to be uncertain of where the world as a whole will be in 50, 100 or 300 years, let alone thousands of years. This is a decision which needs to be made considering such time-scales rather than just temporary political circumstances.

There have been times when we have stood together when we would not have been able to stand alone. There was a time, still just in living memory when the UK stood alone in Europe, a light against the darkness. Stood and lasted until others came to our aid but only by a very thin margin. Perhaps as allies we could have stood together and lasted, but perhaps disagreements and infighting would have weakened us and a darkness might have fallen across the world. For 300 years we have stood together, one nation against all adversities. Our soldiers have fought together against various foes, bled and died for us, for Britain as much for the mountains of Scotland and Wales as for the hills of England. Should we betray them?

This Union has been sealed with blood in more than one way, in those years people have moved freely between the two and married in each place, there is no real division by race any more. Not that divisions by race really have any meaning any more. What does the colour of the skin matter or where your great great grandparents came from. You are still human.

What then divides us? Not race for there has been much movement between the two. Nor language for British English is spoken in both and variation is greater within each than between them. Nor of geography for the border has been drawn at various places at different times. While different parts of the landscape of each are beautiful in different ways there are places in both where it is hard to tell a Scottish hill for an English or Welsh one and more difference between the Highlands and the Central Belt than between the Central Belt and other parts of England. Nor economics for while the statistics might be different for Scotland as a whole from England as a whole, parts of Scotland match closely with parts of England. You will find places where manufacturing died in both, where tourism is the main industry, where there are high-tech companies or a strong service industry. Is then all that divides us old grudges, memories of past wrongs? Then know this: this is a fallen broken world and the mistakes made by countries and people are many and varied and the depth of the evil that is committed knows few bounds. For life it is necessary to forgive, and to ask for forgiveness: To strive once again to build a better future out of the broken fragments of the past. Fundamentally we are better together and long may we be so.

[0]: Iraq was a terrible illegal mistake but that was not our idea, we were following rather than leading. We also lack the courage to lead as we should on issues like Climate Change.

[1]: To a first approximation no one dies from terrorism in rich nations, our security services do a rather good job at stopping that sort of thing. We should try fixing our road collisions problem that kills many more people.

NHS IT policies that waste NHS money (and could easily be fixed)

January 3rd, 2013

Computer systems built for national scales are expensive – especially given the perverse incentives for previous and current government IT projects which practically guarantee that they will go over budget. However it is also important to remember that a computer system should make it easy and quick for a user to do what they need to do – it should not get in their way and slow them down – fundamentally the user’s time is paid for by the NHS (some of them at quite a high rate) and if they spend hours dealing with irrelevant trivialities of the computer systems they are using then that money is wasted.

Much nhs email goes via nhsmail. This imposes a 200MB quota for all users. That is tiny. Disk space is cheap, really cheap at the 2GB level and really it should be possible to offer 20GB per user without too much difficulty. So every user of nhsmail must periodically spend their valuable time deleting emails that are no longer vital. Occasionally they will make mistakes and delete emails that are actually important potentially directly impacting patient care. This is just silly. I am guessing the order of magnitude of the cost of fixing this (by buying more servers) is X00,000 and that this would easily pay for itself in terms of increased efficiency across the NHS within a year.

The NHS systems also have a ridiculous system of requiring users to change their passwords periodically. This is well know[0] to actually make security worse and to provide no benefit as users pick worse passwords to make them easier to remember (and to break) and then increment numbers on the end or similar (which unfortunately makes it harder to remember due to within list effects – people can’t remember which password they are on). So this is a policy that wastes staff time, makes security worse and should be fixable by someone unticking a few boxes marked ‘force users to change their passwords’ or similar. Unfortunately various incompetent IT auditing agencies always tell organisations without periodic password changing policies that they need to institute one – this is good grounds for firing the agency as they clearly have no idea what they are doing.

[0]: ‘Although change regimes are employed to reduce the impact of an undetected security breach, our findings suggest they reduce the overall password security in an organization. Users required to change their passwords frequently produce less secure password content (because they have to be more memorable) and disclose their passwords more frequently. Many of the users felt forced into these circumventing procedures, which subsequently decreased their own security motivation. Ultimately, this produces a spiraling decline in users’ password behavior (“I cannot remember my password, I have to write it down, everyone knows it’s on a post-it in my drawer, so I might as well stick it on the screen and tell everyone who wants to know.”)’

Christmas Newsletter

December 26th, 2012

The following is the contents of my section of the family newsletter with added links:

This year I continued as a Research Assistant at the University of Cambridge before starting a PhD in
encrypted cloud storage with the same supervisor in October. By the grace of God I have I think
grown up quite a bit this year which serves to demonstrate the distance still to go. I have done quite a
bit of teaching over the year ranging from Sunday School for 5-7 year olds in the summer to
undergraduate supervising in the department and student team at church during term time. All in all a wonderful year.

HTC android phones – the prefect spying platform?

October 24th, 2012

I am reading “Systematic detection of capability leaks in stock Android smartphones” for the CL’s Mobile Security reading group.

I read “all the tested HTC phones export the RECORD AUDIO permission, which allows any untrusted app to specify which file to write recorded audio to without asking for the RECORD AUDIO permission.” and then went back and looked again at Table 3 and saw the other permissions that stock HTC android images export to all other applications: these include access location and camera permissions. The authors report that HTC was rather slow at responding to their telling HTC that they had a problem. Hence stock HTC Legend, EVO 4G and Wildfire S phones are a really nice target for installing spy software because it doesn’t have to ask for any permissions at all (can pretend to be a harmless game) and yet can record where you go[0] what you say and at least if your phone is not in your pocket also what you see.

This is probably more likely to be incompetence than a deliberate conspiracy but if they were trying to be evil it would look just like this.

On the plus side Google’s Nexus range with stock images are much safer and Google is rather better at responding promptly to security issues. Since my android phone is one that Google has given our research group for doing research I am fortunately safe.

I also particularly liked HTC’s addition of the FREEZE capability which locks you out of the phone until you remove the battery, just perfect for when the attacker realises you are on to them to allow them to do the last bit of being malicious without your being able to stop them.

End of being provocative. ;-)

[0] Ok so on Wildfire S location information is implicitly rather than explicitly exported so probably harder to get hold of.

Raspberry Pie

August 25th, 2012

In honour of the Raspberry Pi I wanted to make a Raspberry Pie, I tried to do this by looking up a recipe on the rPi plugged into the TV but page loads were too slow (still running debian squeeze rather than raspbian so not taking advantage of the speed increases associated with that).
So I decided to just experiment and throw things together until they looked about right (the temporary absence of scales meant that being accurate was difficult). When you are making something yummy out of components which are all yummy there is only so far you can go wrong.
This produced the following:
A raspberry pie in a pyrex dish lead

There was a little less pastry than would have been optimal made using flour, unsalted butter and a little bit of water (cribbing from Delia’s instructions but without any accuracy). I left it in the fridge for well over the half an hour I had originally intended before rolling it out. This was cooked for ~10minutes at 180℃ (might have been better to leave it longer). I used two punnets of raspberries most of which went in raw on top of the cooked pastry but ~1/3 of a punnet went in with some sugar (mainly castor sugar but a little bit of soft brown which deepened the colour) and two heaped tablespoons of corn flour and a little big of water this was stirred vigorously on a hob such that it did a lot of bubbling until it turned into a rather nice thick goo with all the bits of raspberry broken up (looked very jam like). That then got poured on top. I left it in the fridge over night as it was quite late by this point and we ate most of it for lunch.

The only good pie chart - fraction of pie which is pacman, fraction which is pie

The only good pie chart, fraction of pie dish which looks like pacman, fraction which is pie.

Raspberry Pi Entropy server

August 23rd, 2012

The Raspberry Pi project is one of the more popular projects the Computer Lab is involved with at the moment and all the incoming freshers are getting one.

One of the things I have been working on as a Research Assistant in the Digital Technology Group is on improving the infrastructure we use for research and my current efforts include using puppet to automate the configuration of our servers.

We have a number of servers which are VMs and hence can be a little short of entropy. One solution to having a shortage of entropy is an ‘entropy key‘ which is a little USB device which uses reverse biased diodes to generate randomness and has a little ARM chip (ARM is something the CL is rather proud of) which does a pile of crypto and analysis to ensure that it is good randomness. As has been done before (with pretty graphs) this can then be fed to VMs providing them with the randomness they want.

My solution to the need for some physical hardware to host the entropy key was a Raspberry Pi because I don’t need very much compute power and dedicated hardware means that it is less likely to get randomly reinstalled. A rPi can be thought of as the hardware equivalent of a small VM.

Unboxed Raspberry Pi with entropy key

I got the rPi from Rob Mullins by taking a short walk down the corridor on the condition that there be photos. One of the interesting things about using rPis for servers is that the cost of the hardware is negligible in comparison with the cost of connecting that hardware to the network and configuring it.

The Raspberry Pi with entropy key temporarily installed in a wiring closet

The rPi is now happily serving entropy to various VMs from the back of a shelf in one of the racks in a server room (not the one shown, we had to move it elsewhere).

Initially it was serving entropy in the clear via the EGD protocol over TCP. Clearly this is rather bad as observable entropy doesn’t really gain you anything (and might lose you everything). Hence it was necessary to use crypto to protect the transport from the rPi to the VMs.
This is managed by the dtg::entropy, dtg::entropy::host and dtg::entropy::client classes which generate the relevant config for egd-linux and stunnel.

This generates an egd-client.conf which looks like this:

; This stunnel config is managed by Puppet.

sslVersion = TLSv1
client = yes

setuid = egd-client
setgid = egd-client
pid = /egd-client.pid
chroot = /var/lib/stunnel4/egd-client

socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
TIMEOUTclose = 0

debug = 0
output = /egd-client.log

verify = 3

CAfile = /usr/local/share/ssl/cafile

[egd-client]
accept = 7777
connect = entropy.dtg.cl.cam.ac.uk:7776

And a host config like:

; This stunnel config is managed by Puppet.

sslVersion = TLSv1

setuid = egd-host
setgid = egd-host
pid = /egd-host.pid
chroot = /var/lib/stunnel4/egd-host

socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
TIMEOUTclose = 0

debug = 0
output = /egd-host.log

cert = /root/puppet/ssl/stunnel.pem
key = /root/puppet/ssl/stunnel.pem
CAfile = /usr/local/share/ssl/cafile

[egd-host]
accept = 7776
connect = 777
cert = /root/puppet/ssl/stunnel.pem
key = /root/puppet/ssl/stunnel.pem
CAfile = /usr/local/share/ssl/cafile

Getting that right was somewhat tedious due to defaults not working well together.
openssl s_client -connect entropy.dtg.cl.cam.ac.uk:7776
and a python egd client were useful for debugging. In the version of debian in rasperian the stunnel binary points to an stunnel3 compatibility script around the actual stunnel4 binary which resulted in much confusion when trying to run stunnel manually.

Alps

August 3rd, 2012

I am presently coming to the end of a holiday in and around Chamonix in the Alps (first time I have been outside the UK for several years) and this consists of some notes on interesting things I have noticed.

They drive on the wrong side of the road fairly consistently, this takes a while to get used to.

Many toilets consist of holes in the ground, many lack soap and some even sinks. The romans had better toilets well over 2000 years ago, toilet technology has made significant advances in the last couple of millennia why not consistently take advantage of this? They have special ceramic things to go around the holes in the ground, why not use one with a more useful shape?
This is not to say that they don’t also have perfectly good working toilets or even that the good ones are not in the majority.

There is much greater biodiversity on the Alps than on mountains in the Lake District or the Cairngorms (my more regular haunts) many of the flowers are familiar from their use in gardens but I don’t think there is a garden centre in the world large enough to fit all the varieties of beautiful plants that there are in the Alps. There are also many insects I have never seen before a few of which are a little vicious including the very large number of ants which one must take great care to avoid sitting near.
Some of this greater biodiversity might be due to the mountains being younger and so more fertile or due to warmer summers but I don’t think that completely explains it. I suspect the fact that the landscape of the Lake District and Cairngorms being an artificial one created by our destruction of the forests which would naturally cover them has some significant effect as will the grazing by lots of sheep. The beautiful mountain meadows in the Alps are I think more naturally occurring with the trees not covering them because of the ground being above the tree line rather than felling.

I am on holiday with my parents who were last here some 27 years ago which allows them to notice some of the more obvious changes that have occurred in that time. Chamonix is about 3 times larger than it was then. The glaciers have clearly retreated a long way in that time and there is much less snow on the tops of the mountains than there was at the same time of year. Here climate change is an obvious “I can see it just by looking” thing (though obviously this could be a localised thing but for that we know it is a global one). We climbed up to a glacier and touched it, in a “do the things your children might not get a chance to do” and a “pictures or it didn’t happen” frame of mind.

The public transport up and down the valley is free, regular, punctual and really rather nice rendering cars completely unnecessary for the tourist. (Apparently funded by a 1€ a night per tourist tax)

Bread and (real) milk won’t last more than a day necessitating regular shopping, bread purchased in the evening may already be stale :-(. Restaurants may not open until 19:00 which is tedious when you need an early dinner.

The Alps are much more work than British mountains, so much more up, so much more down.
The Alps can get far too hot and it seems for the end of July and early August they do so regularly so perhaps June/early July would be a better time to come. Fortunately they are covered in trees which provide welcome shade and relief from the oppressive sunshine. A few hundred meters above the tree-line it generally gets more reasonable as the temperature drop due to height gain combines with stronger winds.

Gorges la Diosaz is wonderfully cool and reasonably priced at ~6€ and a lovely train journey from Chamonix.
L’Arguille du Midi is extortionately priced ~50€ but you would be hard pressed to find a better view.
Mount Chiref in Italy is much less well signposted than the several mountains we climbed in France/Switzerland which were wonderfully well signposted, still worth the climb.

Chocolate Marshmallow Cake

June 30th, 2012

It has been rather a long time since I last made cake, but on Wednesday I made one and people seemed to like it. My cooking is frequently somewhat experimental and this was one of those occasions so I will record the interesting bits.

None of the recipes I looked at put marshmallows in the cake mix before baking the cake. The reason for this is that they float to the top and explode. However I put a ring of mini marshmallows around the bottom edge of the cake tin before pouring in the cake mixture (A mixture using 200g dark chocolate as its main ingredient and very little flour) this make the the edge of the cake more chewy and resulted in an entertaining crown of exploded marshmallows around the edge.

I put most of the marshmallows into the ‘icing’ which was ~150g of very dark chocolate with a couple of bags of marshmallows melted in (glass bowl in boiling water). It takes a long time to melt the marshmallows in with the chocolate and requires a lot of stirring. You want enough chocolate in that it can transfer the heat to the marshmallows properly. I kept mixing until the consistency was a completely even sticky brown. It might be better to stop slightly earlier leaving lumps of partially melted in marshmallows in the mixture to add some more variety to the texture. Decorating with dark chocolate drops might also increase the nom factor.
With a cake containing 350g of chocolate what can go wrong anyway? ;-)
(remember the greaseproof paper on the bottom of the cake tin)

I should fix my camera.

Review: “Stop dating the church – fall in love with the family of God” (Joshua Harris, 2004)

June 30th, 2012

This is another classic Josh Harris book, easy to read, challenging and engaging with serious issues. It is also great to see the way the author has grown further in wisdom since his first book “I kissed dating goodbye”. It shares a similar theme – dating is silly, it is all about commitment.
I picked it up at Departure (the Eden Baptist Church student weekend away) where 10 of those were doing some good offers. We had some great teaching from 1 Corinthians 12-14 on the Church there and I thought I would read a little more about it.
It is quite short with only 129 pages using a large print so can be read in a couple of hours.

The first few chapters are most applicable for people who are ‘dating’ the church which essentially means not totally committed to your local church. It has been a while since that was me – the church is the best thing God ever made. However it is good to be reminded again of the things that we know to be true and to think again of how we can apply that.
Chapter 5 “Choosing Your Church” is a good review of the fundamental things that a church has to have and of the attitudes etc. that are important to have while choosing.
However my favourite chapters were 6 and 7 “Rescuing Sunday” and “The Dearest Place on Earth”. Sunday has been the best day of the week by far for me for at least 3 years now but “Rescuing Sunday” contains lots of practical steps for making it even better. “The Dearest Place on Earth” is a great conclusion by exposition from the end of John and really calls us to go out and live this.

In summary, a good book well worth reading on the heart theology and application end of the spectrum – “you know this is true, now go live like that, you know you want to”.

Houses in Multiple Occupation (HMOs) should be encouraged, not restricted

June 2nd, 2012

One of the key differentiating policies between the Liberal Democrats and Labour at the recent local elections was that Labour were considering restricting the proportion of Houses in Multiple Occupation (HMOs) that could occur in a section of road of a certain length. Labour won (at least in my ward) and I think that imposing such a restriction would be a particularly bad idea. Hence it is my democratic duty to try and explain why this is the case and so help prevent this happening. Essentially this proposal is equivalent to a proposal to throw me or people like me out of our houses so I should probably take this reasonably personally.
A House in Multiple Occupation is one in which 3 or more people who are not of the same household are living where household is defined by blood or by marriage or similar.

As I understand it the main reasoning behind restricting HMOs is that they are bad for the community due to lack of involvement by the residents (and perhaps bad behaviour on the part of the residents) and that they tend to be poorly maintained and so be bad for the area (house prices etc.).
Now those things might be true, or at least there might be a statistically significant increase in poor maintenance of HMOs and of lower community involvement by the residents of HMOs or even a higher incidence of reports of antisocial behaviour against people living in HMOs.
While it seems perfectly possible that those things might be the case I have not seen studies that have shown that to be the case I have not seem them (to be fair I have not looked). If there are no such studies then clearly no restriction should be imposed because before you start throwing people out of their houses (or at least saying “no you cannot live there”) you should at least be sure that the reason you are doing that is valid. It would be rather embarrassing to find out that this sort of thing had been done on the basis of a lie.

However even if it is true that residents of HMOs are more likely to be antisocial/anticommunity and take poor care of their property that is still no reason to restrict where residents of HMOs can live. It boils down to a “We don’t want your type around here.” attitude. Sorry I thought we were living in a free society in the 21st century where anyone could come and live next door as long as they are not currently in prison and can afford it. Perhaps if there was some sort of causation between being a bad person and living in HMOs there might be some more justification but even then – really is that the kind of society we want to live in?
So who lives in a HMO, well clearly people who don’t have a big enough household to fill a house or enough money to have a house to themselves and have done so. So mainly single people, probably also mainly young people. So after high levels of unemployment and debt young people are put at a further disadvantage by being discriminated against when trying to find houses to rent not only by the letting agents and landlords who would already much prefer families (and make this clear) but also by their local government. That does not strike me as a good move and seems likely to further alienate a group of people who might legitimately feel let down by society and so rather apathetic about supporting it. There are already quite enough problems to deal with this century without further unnecessary building of inter-generational tensions.

Now I think marriage is important so I would not get married just to be able to get a house but if people start getting told “Well if two of you got married then you could all live here.” some people might decide otherwise. This renders the whole thing unenforcable.

Monitoring which houses are HMOs in order to prevent the concentrations of HMOs exceeding defined thresholds involves some significant bureaucratic overhead which will have its own cost, it also means that the information on which houses are HMOs must be publicly available in order for letting agencies etc. to be able to work this out and hence know who they can rent the houses to. This would be a violation of the privacy of those living in these houses and would be likely to allow targeted advertising (and perhaps political campaigning) based on this information.

So if people are not allowed to live in HMOs what is the alternative? Well they could live in a family house instead. So they could go back and live with their parents (and leave their job, sounds like a great idea) or they could get married but that is not something someone can necessarily do. Or they could live in a house of single occupancy. However that would be a really silly idea.

It is significantly more efficient for a house to have more than one person living in it because then the constant costs of a house (such as kitchen space etc.) can be shared out between multiple people this also reduces the rent, utility bills etc. per person. Leaving more money for other things like saving up for a house or paying off student loans. This also reduces CO2 emissions and so HMOs help save the planet. There is currently a significant housing shortage in the country and to a significant extent that is due to a reduction in the number of people living in each house rather than to a increase in the number of people. So our current housing shortage could partly be addressed by encouraging people into houses of multiple occupancy or at least to fill spare bedrooms with people.

In summary restricting the number of HMOs is discriminatory, unenforcable, bureaucratic, privacy invading and precisely the opposite of the kind of housing policy we should be encouraging.

So having rejected that policy as a thoroughly bad idea what kind of policies might actually address the problem?
People are more likely to invest in their local community if they feel they have a vested interest in its success and if they do not feel like they are outcasts from it.
If people are not sure how long they are going to be living in a location then it will not feel as worth while for them to get to know their neighbours when they might be moving in a few months or a year. Hence policies which increase peoples assurance that they will be able to stay in their present house long term are likely to encourage community involvement. Policies that make people think they might be forced to move by their local government because of who their neighbours are on the other hand…
Encouraging community is a very important thing to do and a very hard thing to legislate for because fundamentally it is a thing that people need to do collectively. Government can encourage it though and I am sure that there are many things that can be done by government to improve the situation. Society as a whole needs to decide it wants community and then to go out and do that. All of this is hard so we better get started.
Anyone for tea? coffee?