On Mon, 23 May 2005 10:52:29 +0100, "Mary Fisher"
wrote:

You underestimate me. Ever heard of on-line banking? Ever heard of being
able to check your account at any time? We don't rely on paper statements.

Whereas I, as a 'computer bod', would not touch on-line banking of any
kind with a bargepole! I have my trusty shredder and I have a PIN in
my head. I use my CC as rarely as possible, prefering to pay cash
wherever possible. The banks and building societies are always trying
to persuade me to join their hotlines to fraud, which is how I view
on-line banking. Sooner or later there is going to be a case that
suddenly hits the headlines as huge numbers of people have all their
savings stolen in a split second. It is bound to happen, either
through cock-up or criminal act. Of course, the Microsofts of this
world who keep pressing their flaky software on to us, software that
barely goes a week without needing a patch of somekind - even Firefox
now finds its own flakiness - will say, nowt to do with us, mate!
Total loss is a USER problem.

MM

On Mon, 23 May 2005 03:34:56 +0100, John Rumm
wrote:

[1] I only ever worked a total of three years for GEC anyway before a
friend and I got so hacked off with them we quit and started Internode
Ltd.

I just had a look at your site. Any quick suggestions for an
alternative to broadband as we cannot get BB here? BT says our
exchange is 'unviable'. Enquiries have shown that we are not likely to
get BB *ever*.

Satellite, I believe, is a possibility? Anything else? BTW NTL Cable
isn't available either.

MM

Mary Fisher wrote:

Your reply was far too long for me to answer in detail at a time when I'm
getting on with my little life - Monday is washing day you know. But since
everyone needs a hobby and although you say that you're short of time you've
spent a lot of it on just this one post I did what seems to be common on
Usenet and picked out a couple of things to answer.

Fairy nuff... (a good amount of the post was a cut'n'paste from a gov
web site though which did not take me long ;-). Forgive me if I do the
same (not answer everything that is, not do the washing!).

Well look at it this way. Would a criminal be able to impersonate you to a

No. We shred and compost non shiny paper, you should have expected that :-)

Aha, the plot thickens...

I have obviously been reading some of your statements about having
"nothing to hide" and not caring who knows your personal information a
little too literally.

You demonstrate here that you do care, and you do take (very sensible
IMHO) steps to "hide" personal data that could be of value to criminals.

Are you aware of the implications of hiding nothing?

There haven't been any problems so far. In that historical context I'm
happy to continue.

This is what threw me... sounds like we have conflicting understanding
of "hiding" stuff. Responsible management of waste paper containing
personal data I would count as "hiding" something.

(same goes for wiping / destroying old hard drives prior to disposal)

I would agree with you, money is not that important. I rate it about level
with oxygen. If you have enough it ceases to matter.


Trite. I might as well say that if you don't have money you have no money
worries.

You may find the local butcher has a different viewpoint as you exit
with next weeks roast in exchange for nothing but gratitude ;-)

Perhaps because over the last six month period your[1] spending pattern
had changed and you started to run up large debts that you did not repay.

Of course you did not notice this because it was not you doing it.


You underestimate me. Ever heard of on-line banking? Ever heard of being
able to check your account at any time? We don't rely on paper statements.

Yup I know online banking. Again I was illustrating just one way people
can be vulnerable to the work of ID thieves.

You will pardon me if I don't expand on the technicalities, but there
are ways the exact same technique could be deployed against on online
banking service as well.

There is a principle in computer security and cryptography you can
summarise as "know your enemy" - in otherwise you have to make an
assessment of how much effort an attacker is willing to place into
compromising a system, and what resources they have at their disposal.
The rules change depending on whether your attacker is a bored teenager,
or a foreign nation's security service!

I'm beginning to wonder if you've done this yourself, it's so carefully
thought out.

Did not take much effort to think up... not sure what you can read into
that. Engineers have devious minds perhaps!

Perhaps you have but we haven't. We don't overdraw. Credit accounts are paid
by DD, in full. As are all utility bills. We have no debts, none.

That doesn't mean, by the way, that we are wealthy, it means that we don't
spend more than we can afford. Ever. If we can't afford something we do
without - but as I've said ad nauseam we don't want anything we don't need
and we have everything we need.

Very wise I might say... (no fan of debt myself). I like CC cards for
the security they bring to some classes of purchase however. I am a
little less trusting on the DD front since I like to have a little input
into the settling up phase to catch any mistakes sooner.

If you're replying directly to my post and my words what other
interpretation is there?

Tis the thing about usenet, if its not a new thread then it must be a
reply to a post...

I don't want 'flexibility'. I don't know how basic transactions can cost
more.

You may be aware of the rating systems that banks use to score the
desirability of their customers (some seem to use a fruit scale (i.e.
apples, pears etc) for some reason). Depending on which fruit you have
associated with your account will dictate how hard they will work to keep
you as a customer. This can range from not at all (i.e will actually seek
to upset you in the hope you take your business elsewhere - bills for
anything and everything - take it or leave it), to bending over backwards
to retain your custom (i.e. everything being negotiable).


They seem to do that with us, for what reason I don't know, our income is
very low, our activity fairly high, they can't make much profit on us! They
could exist without us and we without them.

Perhaps you are a "safe" customer from their point of view. Perhaps
their data mining exercises have shown you have a good correlation to
customers who are likely to make use of some of their more profitable
services at some point in your life... will writing, releasing equity in
property for long term care arrangements etc (not saying you (as in the
actual "you" in this case) will, but such is the non precise nature of
data mining). Might just be good ole, customer service and loyalty. (one
holds out hope it still exists)

Usenet is compromised, you use that.

True, but not for transacting online payments ;-)

One of the ID register's supporters claims is that it will make this type
of activity harder. One of the things that is clear to those who
understand the engineering and the social interactions of what is being
proposed, can see it that in fact the reverse is true - it will make these
things not only more common, but also far harder to detect.


You're saying that you know better than anyone else...

I am saying I know more about software and engineering than many
politicians, although I don't think many people would find that
statement too hard to accept, or even consider it just an ego thing ;-)

Do a web search on the Regulation of Investigatory Powers Act for a good

You said, "Your" civil liberties. Is this the variable value of 'your'
again?

Given we all live under the same laws then it could be either...

Collect enough seeming innocent bits of low grade information and before
long you have the foundations of a very strong attack - right round the
defences that the designers implemented to keep it secure.


Then you and your highly able colleagues must make sure that the defences
you design and implement must be secure.

Nice idea, but alas it does not work like that.

That was partly why I thought you may find the Mitnick book I
recommended a few posts back interesting. It very ably demonstrates how
the week points in any system are infrequently a result of the
engineering or software, but typically down to the human element. So the
system may well be designed to be secure, but that hardly matters since
attackers won't need to crack the system.

A survey shows that 70% or more people would give up the security to
their employers computer systems in exchange for an Easter egg or a cup
of coffee!

http://www.theregister.co.uk/2004/04...sword_surveys/
http://www.theregister.co.uk/2005/05...ssword_survey/

To start to compromise a system one only needs access to one account,
not 70%+

and we progress away from the "innocent until proven guilty" tenet our
legal system was based on,


Why should we?

Too late, see above.


Non sequitur.

How? I gave an example of an English law that is on the statue books
that does just that. Hence my statement "too late".

This thread has listed so many reasons for objecting to ID cards that I
suspect no-one's really sure why they are nervous about them.

To an extent that it true. The proposals would appear to make a whole
new class of criminal activity and state interference in peoples lives
more likely and easier to carry out. This is however by its very nature
a nebulous threat. Until that potential is turned into reality we do not
know which of the multitude of possibilities to be most concerned about.

I have no particular need to "convert" you one way or the other. I do
however find your position interesting (strange and incongruous, but
interesting nether the less).


I'm not unique. Argumentative, arrogant and opinionated but not unique.

Not sure I have an answer to that ;-)

I guess many people are actually quite attached to their meaningless
little lives


Yes sigh It shows.


and the fate and well-being of their families. Hence they have very real
fears that these will be threatened by being railroaded into ill conceived
systems that may result in their being exposed to new ways for their
status quo being upset.


You really think that most people in this country are trembling at the
thought of ID cards?

No, I expect most have not given the issue any serious consideration and
are more interested in what happens next on Eastenders....

I think they have more things to worry about, such as whether to get a new
i-Pod or wait until there's one with a striped strap ...

I expect you are right... And there is a whole debate to be had there on
the digital rights management built into the thing - but we can save
that for a later thread! ;-)

--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

MM wrote:

I just had a look at your site. Any quick suggestions for an
alternative to broadband as we cannot get BB here? BT says our
exchange is 'unviable'. Enquiries have shown that we are not likely to
get BB *ever*.

Satellite, I believe, is a possibility? Anything else? BTW NTL Cable
isn't available either.

Satellite is possible but expensive, it can also be a bit of a
dissapointment for some activities like web browsing...

Wi-fi is probably your best bet. You may find there is already coverage
from a "mesh" or net in your locality.

How far are you from somewhere that can get BB? Have you got line of
sight to it?

IIRC there are others on this NG that have solved the same problem with
long range WiFi (over several hops if needs be) back to BB civilisation ;-)

--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

MM wrote:

Any quick suggestions for an
alternative to broadband as we cannot get BB here? BT says our
exchange is 'unviable'. Enquiries have shown that we are not likely to
get BB *ever*.

Where are you?

I've been told (by a team of BT engineers) that ALL the outlying/remote
exchanges in Scotland are to have broadband by the end of 2006.

Sheila

"John Rumm" wrote in message
...
Mary Fisher wrote:

Your reply was far too long for me to answer in detail at a time when I'm
getting on with my little life - Monday is washing day you know. But
since everyone needs a hobby and although you say that you're short of
time you've spent a lot of it on just this one post I did what seems to
be common on Usenet and picked out a couple of things to answer.

Fairy nuff... (a good amount of the post was a cut'n'paste from a gov web
site though which did not take me long ;-). Forgive me if I do the same
(not answer everything that is, not do the washing!).

Well look at it this way. Would a criminal be able to impersonate you to
a

No. We shred and compost non shiny paper, you should have expected that
:-)

Aha, the plot thickens...

I have obviously been reading some of your statements about having
"nothing to hide" and not caring who knows your personal information a
little too literally.

I think you misunderstand.We shred paper for the sake of the garden, not to
protect it. We shred everything we can.

We don't shred bank statements though because we want a permanent record of
our activities - it's a matter of habit. They're kept in one of the four
filing cabinets we have with the rest of the record of our lives.

You demonstrate here that you do care, and you do take (very sensible
IMHO) steps to "hide" personal data that could be of value to criminals.

Hide in our filing cabinets? Even I can't always put my hand on something,
God help a burglar!

Are you aware of the implications of hiding nothing?

There haven't been any problems so far. In that historical context I'm
happy to continue.

This is what threw me... sounds like we have conflicting understanding of
"hiding" stuff. Responsible management of waste paper containing personal
data I would count as "hiding" something.

(same goes for wiping / destroying old hard drives prior to disposal)

We haven't disposed of any.

Which reminds me - what adhesive will stick CDs to an outside wall painted
with masonry paint? There, that's d-i-y.

I would agree with you, money is not that important. I rate it about
level with oxygen. If you have enough it ceases to matter.


Trite. I might as well say that if you don't have money you have no money
worries.

You may find the local butcher has a different viewpoint as you exit with
next weeks roast in exchange for nothing but gratitude ;-)

We don't buy meat from the butcher, as I've said before. But I have found -
although we don't need it - that a barter system works very well between
those who have things to offer which others want.

Perhaps because over the last six month period your[1] spending pattern
had changed and you started to run up large debts that you did not repay.

Of course you did not notice this because it was not you doing it.


You underestimate me. Ever heard of on-line banking? Ever heard of being
able to check your account at any time? We don't rely on paper
statements.

Yup I know online banking. Again I was illustrating just one way people
can be vulnerable to the work of ID thieves.

You will pardon me if I don't expand on the technicalities, but there are
ways the exact same technique could be deployed against on online banking
service as well.

Ah! I suspected that you wouldn't resist that bait :-)

If you shred all paper evidence of your life and won't commit anything to
the pc (except your website, curiously) how can you check on past
transactions, if you need to? If you have a business surely you have to have
evidence if only for your accountant?


I'm beginning to wonder if you've done this yourself, it's so carefully
thought out.

Did not take much effort to think up... not sure what you can read into
that. Engineers have devious minds perhaps!

Some people in all disciplines have devious minds. It's not peculiar to
engineers, in my experience.

Perhaps you have but we haven't. We don't overdraw. Credit accounts are
paid by DD, in full. As are all utility bills. We have no debts, none.

That doesn't mean, by the way, that we are wealthy, it means that we
don't spend more than we can afford. Ever. If we can't afford something
we do without - but as I've said ad nauseam we don't want anything we
don't need and we have everything we need.

Very wise I might say... (no fan of debt myself). I like CC cards for the
security they bring to some classes of purchase however.

Not for much longer, I understand.

I am a little less trusting on the DD front since I like to have a little
input into the settling up phase to catch any mistakes sooner.

To date there have been no mistakes- and before you start talking about
toddlers running into roads I'll say that I'm no toddler and ask how long a
history do you need to have trust in a process? We've used it for decades.
The DD process seems to my tiny mind to be ideal. We're responsible for
setting it up, we're informed if anything changes - well in advance. It
saves the problems involved in forgetting to pay bills and associated
worries. I have too many important and enjoyable things in my life to have
to remember to pay bills.

If you're replying directly to my post and my words what other
interpretation is there?

Tis the thing about usenet, if its not a new thread then it must be a
reply to a post...

So you ARE being personal.

I don't want 'flexibility'. I don't know how basic transactions can cost
more.

You may be aware of the rating systems that banks use to score the
desirability of their customers (some seem to use a fruit scale (i.e.
apples, pears etc) for some reason). Depending on which fruit you have
associated with your account will dictate how hard they will work to keep
you as a customer. This can range from not at all (i.e will actually seek
to upset you in the hope you take your business elsewhere - bills for
anything and everything - take it or leave it), to bending over backwards
to retain your custom (i.e. everything being negotiable).


They seem to do that with us, for what reason I don't know, our income is
very low, our activity fairly high, they can't make much profit on us!
They could exist without us and we without them.

Perhaps you are a "safe" customer from their point of view.

I'm sure we are safe, almost ideal.

Perhaps their data mining exercises have shown you have a good correlation
to customers who are likely to make use of some of their more profitable
services at some point in your life... will writing, releasing equity in
property for long term care arrangements etc (not saying you (as in the
actual "you" in this case) will, but such is the non precise nature of
data mining). Might just be good ole, customer service and loyalty. (one
holds out hope it still exists)

They do know that three of our progeny have begun accounts with them because
of our recommendation, that's the sort of thing banks like I imagine.
Although that was back in the days when it was an English bank :-( Still,
things haven't changed in any significant way in the interface between the
bank and the customer.

Usenet is compromised, you use that.

True, but not for transacting online payments ;-)

But data mining can tell someone who's interested an awful lot about you
just from Usenet ...

One of the ID register's supporters claims is that it will make this type
of activity harder. One of the things that is clear to those who
understand the engineering and the social interactions of what is being
proposed, can see it that in fact the reverse is true - it will make
these things not only more common, but also far harder to detect.


You're saying that you know better than anyone else...

I am saying I know more about software and engineering than many
politicians, although I don't think many people would find that statement
too hard to accept, or even consider it just an ego thing ;-)

No. Most people think they know better than politicians. But you seemed to
be saying that you knew better than the IT systems which would be used.I
don't know how you know who or what WILL be used but I don't know much after
all.

Collect enough seeming innocent bits of low grade information and before
long you have the foundations of a very strong attack - right round the
defences that the designers implemented to keep it secure.


Then you and your highly able colleagues must make sure that the defences
you design and implement must be secure.

Nice idea, but alas it does not work like that.

Why not?

Are you saying that you're incapable of designing a secure system?


A survey shows that 70% or more people would give up the security to their
employers computer systems in exchange for an Easter egg or a cup of
coffee!

That doesn't surprise me. If people think that something's free they'll do
almost anything, it seems to me.

I have advertising sent to me daily offering me 'free gifts' - some seem to
be very tempting if they're directed at the right person. I'm told what a
wonderful customer I am (even though I haven't bought anything), that I have
a prize-winning record...all for things which I've been able to live without
for many decades. Yes, I realise that they've got my name and address
through some kind of low grade data mining and it bothers me - but only
because of all the waste paper. Of course it's shredded and turned into food
but I suspect that many people are tempted. That's business, it keeps people
in employment, money going round ... I've said before that if the economy
depended on the Fishers there wouldn't be an economy but that's another
story.



This thread has listed so many reasons for objecting to ID cards that I
suspect no-one's really sure why they are nervous about them.

To an extent that it true. The proposals would appear to make a whole new
class of criminal activity and state interference in peoples lives more
likely and easier to carry out. This is however by its very nature a
nebulous threat. Until that potential is turned into reality we do not
know which of the multitude of possibilities to be most concerned about.

The criminal implication has not been the only one people have cited.

If it weren't open (as some think) to criminal activity would you agree to
having an ID system?


I'm not unique. Argumentative, arrogant and opinionated but not unique.

Not sure I have an answer to that ;-)

You don't need to, it's an example of my openness. No-one can say anything
true about me which I'm not prepared to say about myself.

I guess many people are actually quite attached to their meaningless
little lives


Yes sigh It shows.


and the fate and well-being of their families. Hence they have very real
fears that these will be threatened by being railroaded into ill
conceived systems that may result in their being exposed to new ways for
their status quo being upset.


You really think that most people in this country are trembling at the
thought of ID cards?

No, I expect most have not given the issue any serious consideration and
are more interested in what happens next on Eastenders....

Yes. But so what?

I think they have more things to worry about, such as whether to get a
new i-Pod or wait until there's one with a striped strap ...

I expect you are right... And there is a whole debate to be had there on
the digital rights management built into the thing - but we can save that
for a later thread! ;-)

Better, perhaps ...

Mary

On Mon, 23 May 2005 21:37:06 +0100, John Rumm
wrote:

MM wrote:

I just had a look at your site. Any quick suggestions for an
alternative to broadband as we cannot get BB here? BT says our
exchange is 'unviable'. Enquiries have shown that we are not likely to
get BB *ever*.

Satellite, I believe, is a possibility? Anything else? BTW NTL Cable
isn't available either.

Satellite is possible but expensive, it can also be a bit of a
dissapointment for some activities like web browsing...

Wi-fi is probably your best bet. You may find there is already coverage
from a "mesh" or net in your locality.

How far are you from somewhere that can get BB? Have you got line of
sight to it?

Don't know about a line of sight (I'll check tomorrow - actually, on
thinking about the route to that location, I don't think there can
be), but I punched in some postcodes from neighbouring hamlets and
*they* do have BB! One is about 1 mile as the crow files, but 2 miles
by road, and the other - I don't know yet, as I have so much to
explore and I haven't got around to it yet.

What grates is the BT BB web site which puffs their coverage as if
there is practically nowhere in the UK that can't get BB, yet we are
just 2.5 hours from London by road.

I did read somewhere on the BT BB site something about Exchange
Activate.... Okay, I've just been to the page in question and this is
what it says:

"With ADSL Exchange Activate, Service Providers buy block capacity - a
minimum of 30 customer broadband connections for three years at an
exchange. BT then enables the exchange for broadband. Service
Providers can buy further 'blocks' of 30 lines as they need them."

Now that suggests that 30 accounts/connections would suffice, although
one would have to commit to three years.

Is ADSL very expensive for BT to put into a local exchange? Why, I
wonder, don't they just fit it everywhere as standard - they make
enough profit overall and then they could just say - Britain is 100%
covered!

MM

"John Rumm" wrote in message
news:42923ee5$0$26089$ed2619ec@ptn-nntp-

Wi-fi is probably your best bet. You may find there is already coverage
from a "mesh" or net in your locality.

I understood from someone round here that wi-fi compromised security ...

Mary

Mary Fisher wrote:

I think you misunderstand.We shred paper for the sake of the garden, not to
protect it. We shred everything we can.

We don't shred bank statements though because we want a permanent record of
our activities - it's a matter of habit. They're kept in one of the four
filing cabinets we have with the rest of the record of our lives.

I was suggesting that the shredding and mulching was a good way of
ditching unwanted paper with sensitive information on it, I was not sure
if you were doing that from a standpoint of just wanting shredded
mulched paper, or whether the security advantage was also part of your
motivation.

but I accept what you say about losing stuff in filing cabinets,
BTDTGTTS ;-)

(same goes for wiping / destroying old hard drives prior to disposal)


We haven't disposed of any.

What have you done with them then? (or have you not been playing with
computers long enough to have outgrown your first 20MB drive?)

Which reminds me - what adhesive will stick CDs to an outside wall painted
with masonry paint? There, that's d-i-y.

How permanent do you want it? Impact adhesive will do it pretty
securely, as would epoxy. Mirror tape may be better if you want
something less permanent and the wall is not too rough. Also don't
underestimate blue-tak for a temporary fixing.

Ah! I suspected that you wouldn't resist that bait :-)

I can resist anything except temptation ;-)

If you shred all paper evidence of your life and won't commit anything to

I don't, did I give that impression?

the pc (except your website, curiously) how can you check on past

The website has some sales stuff plus a fair amount of the information I
use to answer customer questions... I don't rate much of it as
particularly sensitive. Having said that a bit of detective work could
get you more information no doubt.

transactions, if you need to? If you have a business surely you have to have
evidence if only for your accountant?

Personally I keep a fair amount of information, but there comes a point
where a twelve year old bank statement has little value. So when the
filing cabinet will accept no more I get all ruthless on it and shred
the old stuff ;-)

I also keep plenty of computerised information - but it is simpler to
keep adding storage to deal with that one ;-)

For business and tax purposes then one obviously needs to keep
everything for at least six years anyway.

Stuff that still falls through the letter box (Mailing preference
service stops most of it) such as the partially completed credit card or
loan application forms some companies seem to love sending out, gets
dumped straight into the shredder though.

Very wise I might say... (no fan of debt myself). I like CC cards for the
security they bring to some classes of purchase however.


Not for much longer, I understand.

Why is that?

I am a little less trusting on the DD front since I like to have a little
input into the settling up phase to catch any mistakes sooner.


To date there have been no mistakes- and before you start talking about
toddlers running into roads I'll say that I'm no toddler and ask how long a
history do you need to have trust in a process? We've used it for decades.

To be fair I only recall handful of billing mistakes in the last ten
years or so. I do like the freedom to choose which account things are
paid out from though. So things like credit card bills get the minimum
monthly payment met by DD (in case I forget to pay on time - that way
there is no late payment fee), but then the balance I will pay manually.

Tis the thing about usenet, if its not a new thread then it must be a
reply to a post...


So you ARE being personal.

Sometimes, mostly not. As I said the post must be a reply to another
even if its is intended as a general comment.

Perhaps their data mining exercises have shown you have a good correlation
to customers who are likely to make use of some of their more profitable
services at some point in your life... will writing, releasing equity in
property for long term care arrangements etc (not saying you (as in the
actual "you" in this case) will, but such is the non precise nature of
data mining). Might just be good ole, customer service and loyalty. (one
holds out hope it still exists)


They do know that three of our progeny have begun accounts with them because
of our recommendation, that's the sort of thing banks like I imagine.

Yup very much so. Few people change from the bank they first select, so
they like to get em young ;-)

True, but not for transacting online payments ;-)


But data mining can tell someone who's interested an awful lot about you
just from Usenet ...

Very true - especially after ten years of posting to it. All those
little bits of information added together probably divulge a fair amount.

Then you and your highly able colleagues must make sure that the defences
you design and implement must be secure.

Nice idea, but alas it does not work like that.


Why not?

Are you saying that you're incapable of designing a secure system?

Yes! (blunt enough?)

The criminal implication has not been the only one people have cited.

If it weren't open (as some think) to criminal activity would you agree to
having an ID system?

Depends on what you mean by an ID system. If there was a way of buying
an ID card that had a reasonable level of trustworthiness, but was not
linked to a central register (or at least one of the scale proposed),
and it was available to those that wanted it, then I would say fine so
long as it is not going to cost 10's of billions of tax payers money. It
could then become an acceptable way of providing ID in some cases,
however it would remain only one of several ways, and would not be
"written in" to procedures. That ought to help control feature creep.

With the current proposals I object on several levels however, not just
the prospect for criminal misuse of the data.

No, I expect most have not given the issue any serious consideration and
are more interested in what happens next on Eastenders....


Yes. But so what?

Don't you think it is a great shame that in the past people have fought
and died to win the freedoms and the choices we have now, and yet a good
majority seem prepared to let some of them slip away simply due to apathy?


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

MM wrote:

Don't know about a line of sight (I'll check tomorrow - actually, on
thinking about the route to that location, I don't think there can
be), but I punched in some postcodes from neighbouring hamlets and
*they* do have BB! One is about 1 mile as the crow files, but 2 miles
by road, and the other - I don't know yet, as I have so much to
explore and I haven't got around to it yet.

Might be worth actually applying for it anyway since you may find the BT
checker is not always right. That would also log your interest that may
figure in decisions to upgrade the exchange.

Failing that then trying to find a local property you can see that can
get BB might solve your problems if you can talk the owner into
accepting a free BB account on the understanding you can wifi into it!

Is ADSL very expensive for BT to put into a local exchange? Why, I

Depends a bit on what type of exchange it is and whether it has capacity
to add the DSLAM equipment required.

wonder, don't they just fit it everywhere as standard - they make
enough profit overall and then they could just say - Britain is 100%
covered!

Bean counters to satisfy no doubt....


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

Mary Fisher wrote:

"John Rumm" wrote in message
news:42923ee5$0$26089$ed2619ec@ptn-nntp-

Wi-fi is probably your best bet. You may find there is already coverage
from a "mesh" or net in your locality.


I understood from someone round here that wi-fi compromised security ...

It does if you don't set it up correctly...

--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

"John Rumm" wrote in message
...
Mary Fisher wrote:


snip

transactions, if you need to? If you have a business surely you have to
have evidence if only for your accountant?

Personally I keep a fair amount of information, but there comes a point
where a twelve year old bank statement has little value. So when the
filing cabinet will accept no more I get all ruthless on it and shred the
old stuff ;-)

I also keep plenty of computerised information - but it is simpler to keep
adding storage to deal with that one ;-)

For business and tax purposes then one obviously needs to keep everything
for at least six years anyway.


With the exception of records that legally have to be retained for longer
than 6 years, there is an argument that it is wise to destroy retained
financial records on the 6 year anniversary, especially if you are in the IT
business at the moment. The IR can investigate you going back 6 years.
However, if you have older records and any anomolies are found in the
initial investigation (and the IR, along with HMC&E, don't have a concept of
"materiality" - ie records should be exact, not "true and fair") then they
can go back a further 6 years if the records exist, and so on.


But data mining can tell someone who's interested an awful lot about you
just from Usenet ...

Very true - especially after ten years of posting to it. All those little
bits of information added together probably divulge a fair amount.


There is, however, a world of difference from mining structured data from
relational systems and mining it from unstructured Usenet text.


Then you and your highly able colleagues must make sure that the
defences you design and implement must be secure.

Nice idea, but alas it does not work like that.


Why not?

Are you saying that you're incapable of designing a secure system?

Yes! (blunt enough?)


Godel would tend to prove you right on this.

snip

No, I expect most have not given the issue any serious consideration and
are more interested in what happens next on Eastenders....


Yes. But so what?

Don't you think it is a great shame that in the past people have fought
and died to win the freedoms and the choices we have now, and yet a good
majority seem prepared to let some of them slip away simply due to apathy?



Quite. I have enough difficulty persuading those around me to vote - they
don't abstain from any convictions (ie wanting a "none of the above" option)
but rather that they just don't see that it has any relevance to them or
effect on their lives. Worrying.

--
Richard Sampson

mail me at
richard at olifant d-ot co do-t uk

"John Rumm" wrote in message
news:42926bbb$0$26105$ed2619ec@ptn-nntp-

(same goes for wiping / destroying old hard drives prior to disposal)


We haven't disposed of any.

What have you done with them then? (or have you not been playing with
computers long enough to have outgrown your first 20MB drive?)

Well, we haven't had all that many, only been using computers since 1989 and
we rarely change them unless they die. Spouse won't throw anything out, he
keeps things 'against the day' and has a drawer full of such things. It
would take a very determined person to a) find the drawer (we're untidy
folk), b) find the hds among all the other stuff and c) have equipment which
could read them. Same with all the 51/4" floppies we have. He has an ancient
Compaq (sp?) so that he can read old correspondence if he needs to. He never
does ...one day the machine could be useful, say for knocking down a house
....

Which reminds me - what adhesive will stick CDs to an outside wall
painted with masonry paint? There, that's d-i-y.

How permanent do you want it? Impact adhesive will do it pretty securely,
as would epoxy. Mirror tape may be better if you want something less
permanent and the wall is not too rough. Also don't underestimate blue-tak
for a temporary fixing.

I'll use impact, thanks.

Ah! I suspected that you wouldn't resist that bait :-)

I can resist anything except temptation ;-)

Unoriginal.

If you shred all paper evidence of your life and won't commit anything to

I don't, did I give that impression?

Well, you did give the impression that you don't keep records you consider
to be sensitive or vulnerable. At least, that's what you seem to be urging
me to do.

the pc (except your website, curiously) how can you check on past

The website has some sales stuff plus a fair amount of the information I
use to answer customer questions... I don't rate much of it as
particularly sensitive. Having said that a bit of detective work could get
you more information no doubt.

I rest my case.

transactions, if you need to? If you have a business surely you have to
have evidence if only for your accountant?

Personally I keep a fair amount of information, but there comes a point
where a twelve year old bank statement has little value.

Except for historical interest. In five hundred years time, if there's
anyone left, historians would love them.

So when the filing cabinet will accept no more I get all ruthless on it
and shred the old stuff ;-)

No, get another filing cabinet. That's been our solution :-) Not, of course,
just for bank statements ...

I also keep plenty of computerised information - but it is simpler to keep
adding storage to deal with that one ;-)

Filing cabinets are cheap. Second hand.

For business and tax purposes then one obviously needs to keep everything
for at least six years anyway.

Stuff that still falls through the letter box (Mailing preference service
stops most of it) such as the partially completed credit card or loan
application forms some companies seem to love sending out, gets dumped
straight into the shredder though.

Yes.

Very wise I might say... (no fan of debt myself). I like CC cards for the
security they bring to some classes of purchase however.


Not for much longer, I understand.

Why is that?

I haven't taken much notice but I understand that some people have expressed
doubt about the security.

I am a little less trusting on the DD front since I like to have a little
input into the settling up phase to catch any mistakes sooner.


To date there have been no mistakes- and before you start talking about
toddlers running into roads I'll say that I'm no toddler and ask how long
a history do you need to have trust in a process? We've used it for
decades.

To be fair I only recall handful of billing mistakes in the last ten years
or so. I do like the freedom to choose which account things are paid out
from though. So things like credit card bills get the minimum monthly
payment met by DD (in case I forget to pay on time - that way there is no
late payment fee), but then the balance I will pay manually.

Our credit cards are dedicated to certain types of purchases and matched
with different bank accounts. It's not difficult to set up. But having two
methods of paying is a bore, we pay the whole lot by DD every month. No
worries, no effort.

Tis the thing about usenet, if its not a new thread then it must be a
reply to a post...


So you ARE being personal.

Sometimes, mostly not.

But how does the reader differentiate?



True, but not for transacting online payments ;-)


But data mining can tell someone who's interested an awful lot about you
just from Usenet ...

Very true - especially after ten years of posting to it. All those little
bits of information added together probably divulge a fair amount.

And you still do it.

Then you and your highly able colleagues must make sure that the
defences you design and implement must be secure.

Nice idea, but alas it does not work like that.


Why not?

Are you saying that you're incapable of designing a secure system?

Yes! (blunt enough?)

Honest. Why not?

The criminal implication has not been the only one people have cited.

If it weren't open (as some think) to criminal activity would you agree
to having an ID system?

Depends on what you mean by an ID system.

Oh come on! The one this thread is about.

If there was a way of buying an ID card that had a reasonable level of
trustworthiness, but was not linked to a central register (or at least one
of the scale proposed), and it was available to those that wanted it, then
I would say fine so long as it is not going to cost 10's of billions of
tax payers money.

So if it were secure and cheap it would be OK?

Tell you what, if it were secure and people were PAID to have it, they'd all
be in favour, would they?

Hmm.


With the current proposals I object on several levels however, not just
the prospect for criminal misuse of the data.

When this thread began people objected for different reasons. I suspect that
many people would object whatever was proposed because they simply don't
want to be traceable by anyone for any reason. My argument was that if you
have nothing to hid you have nothing to fear.

No, I expect most have not given the issue any serious consideration and
are more interested in what happens next on Eastenders....


Yes. But so what?

Don't you think it is a great shame that in the past people have fought
and died to win the freedoms and the choices we have now, and yet a good
majority seem prepared to let some of them slip away simply due to apathy?

Ah that argument!

The one I answer by saying that people have and still do fight and die for
religious freedoms and choices and yet a good majority ... etc.

Mary

MM wrote:
Any quick suggestions for an
alternative to broadband as we cannot get BB here?

"onspeed" might help.

On Mon, 23 May 2005 15:38:01 +0100, MM wrote:

Any quick suggestions for an
alternative to broadband as we cannot get BB here?

ISDN with a no time limit account (Surf time or something as was). I
used this for some years with Demon prior to Broadband and its
performance was very good. Effectively it is an always on service as
dial on demand connects in about 1-2 seconds. Data transfer rates
were, in practice, far better than modem speeds as ISDN only ever
runs at one rate unlike modems which do whatever they like.

--
Peter Parry.
http://www.wpp.ltd.uk/

RichardS wrote:

There is, however, a world of difference from mining structured data from
relational systems and mining it from unstructured Usenet text.

True.

I do recall one case however when Janes magazine did some sort of
comparative review of various missile systems. The pulled together lots
of different bits of information already in the public domain for the
article. IIRC HMG (or might have been US DoD) got all upset and claimed
disclosure of secret information. It was one of those cases where each
little bit on its own was considered ok to release, but pulled together
was more than the sum of the parts.

Are you saying that you're incapable of designing a secure system?

Yes! (blunt enough?)



Godel would tend to prove you right on this.

Well its a fairly safe assumption, I can't write bug free code, and I
have yet to see error free requirements. So you are onto a loser before
you even start worrying about not controlling most of the variables!




--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

On Mon, 23 May 2005 16:53:51 -0400, S Viemeister
wrote:

MM wrote:

Any quick suggestions for an
alternative to broadband as we cannot get BB here? BT says our
exchange is 'unviable'. Enquiries have shown that we are not likely to
get BB *ever*.

Where are you?

Near Spalding. But far enough away for the BT postcode/number checker
to say, sod off, mate! Yer 'avin' a laff!

MM

"John Rumm" wrote in message
news:42932a4e$0$39081$ed2e19e4@ptn-nntp-

Well its a fairly safe assumption, I can't write bug free code, and I have
yet to see error free requirements. So you are onto a loser before you
even start worrying about not controlling most of the variables!

Hmm. So Microsoft isn't unique ...

Mary

"Mary Fisher" wrote in message
. net...

"John Rumm" wrote in message
news:42932a4e$0$39081$ed2e19e4@ptn-nntp-

Well its a fairly safe assumption, I can't write bug free code, and I
have yet to see error free requirements. So you are onto a loser before
you even start worrying about not controlling most of the variables!

Hmm. So Microsoft isn't unique ...



Of course not. IME all software has bugs.

However, if you then extrapolate that and use if for the basis of an
argument that M$ bashing is unfounded because all other software
manufacturers have errors in their code then you are sorely missing the
point - there are some very good architectural reasons why M$ software has
been severely hit by security flaws.

--
Richard Sampson

mail me at
richard at olifant d-ot co do-t uk

MM wrote:

On Mon, 23 May 2005 16:53:51 -0400, S Viemeister
wrote:

MM wrote:

Any quick suggestions for an
alternative to broadband as we cannot get BB here? BT says our
exchange is 'unviable'. Enquiries have shown that we are not likely to
get BB *ever*.

Where are you?

Near Spalding. But far enough away for the BT postcode/number checker
to say, sod off, mate! Yer 'avin' a laff!

Sounds familiar!
I waiting to see if this new 'broadband for everyone' thing actually
happens.
It _sounds_ convincing.

Sheila

"RichardS" wrote in message
...
"Mary Fisher" wrote in message
. net...

"John Rumm" wrote in message
news:42932a4e$0$39081$ed2e19e4@ptn-nntp-

Well its a fairly safe assumption, I can't write bug free code, and I
have yet to see error free requirements. So you are onto a loser before
you even start worrying about not controlling most of the variables!

Hmm. So Microsoft isn't unique ...



Of course not. IME all software has bugs.

However, if you then extrapolate that and use if for the basis of an
argument that M$ bashing is unfounded because all other software
manufacturers have errors in their code then you are sorely missing the
point - there are some very good architectural reasons why M$ software has
been severely hit by security flaws.

I wish I was as successful at angling in rivers as I am here :-)

Mary

"S Viemeister" wrote in message
...

I waiting to see if this new 'broadband for everyone' thing actually
happens.
It _sounds_ convincing.

Perhaps by the time you have it the rest of the country will have something
even better!

And so it goes ... :-(

Mary

Sheila

"Mary Fisher" wrote in message
. net...

"RichardS" wrote in message
...
"Mary Fisher" wrote in message
. net...

"John Rumm" wrote in message
news:42932a4e$0$39081$ed2e19e4@ptn-nntp-

Well its a fairly safe assumption, I can't write bug free code, and I
have yet to see error free requirements. So you are onto a loser before
you even start worrying about not controlling most of the variables!

Hmm. So Microsoft isn't unique ...



Of course not. IME all software has bugs.

However, if you then extrapolate that and use if for the basis of an
argument that M$ bashing is unfounded because all other software
manufacturers have errors in their code then you are sorely missing the
point - there are some very good architectural reasons why M$ software
has been severely hit by security flaws.

I wish I was as successful at angling in rivers as I am here :-)



:-)

I guess that if the fish were as bored and desperately trying to avoid work
as I am currently then they'd bite at anything!!!


--
Richard Sampson

mail me at
richard at olifant d-ot co do-t uk

Mary Fisher wrote:

Compaq (sp?) so that he can read old correspondence if he needs to. He never
does ...one day the machine could be useful, say for knocking down a house
...

Sounds like the array of systems I have sat on shelves that are kept
because they offer a particular facility (like being able to recover
data from an Osborne or Kaypro formatted CP/M disk) that "might come in
handy".

If you shred all paper evidence of your life and won't commit anything to

I don't, did I give that impression?


Well, you did give the impression that you don't keep records you consider
to be sensitive or vulnerable. At least, that's what you seem to be urging
me to do.

Not my intention, I was urging safe disposal of ones that you no longer
need - quite a different thing.

the pc (except your website, curiously) how can you check on past

The website has some sales stuff plus a fair amount of the information I
use to answer customer questions... I don't rate much of it as
particularly sensitive. Having said that a bit of detective work could get
you more information no doubt.


I rest my case.

Same applies to most of us, IP addresses can be traced to accounts
thence people etc. In my case having a unique name (in the UK) makes it
somewhat easier!

Personally I keep a fair amount of information, but there comes a point
where a twelve year old bank statement has little value.


Except for historical interest. In five hundred years time, if there's
anyone left, historians would love them.

Yup, I keep the odd old copy of Personal Computer World and Byte
magazine just for them. (The adverts make for the most interesting
reading - you forget just how much you were once prepared to pay for
computer stuff!)


So when the filing cabinet will accept no more I get all ruthless on it
and shred the old stuff ;-)


No, get another filing cabinet. That's been our solution :-) Not, of course,
just for bank statements ...

I also keep plenty of computerised information - but it is simpler to keep
adding storage to deal with that one ;-)


Filing cabinets are cheap. Second hand.

Alas space to store them is not... ;-)

I like CC cards for the
security they bring to some classes of purchase however.


Not for much longer, I understand.

Why is that?


I haven't taken much notice but I understand that some people have expressed
doubt about the security.

With my original comment I was thinking more about the "joint and
several" liability aspect of security... i.e. if a transaction goes
wrong and the original vendor either refuses to provide satisfaction (or
has gone bankrupt) then you still have a claim against the card provider.

So you ARE being personal.

Sometimes, mostly not.


But how does the reader differentiate?

I suppose to need to ask if you are unsure...

Very true - especially after ten years of posting to it. All those little
bits of information added together probably divulge a fair amount.


And you still do it.

I would not want you to miss me ;-)

Are you saying that you're incapable of designing a secure system?

Yes! (blunt enough?)


Honest. Why not?

Hmm good question. I suppose the simplest answer is that to have a
secure system you have to have thought of all the possible lines of
attack (i.e. got the requirements exactly right). You need to have
proposed a solution that perfectly addresses those requirements, and you
need to have implemented the proposed solution faultlessly.

In reality none of those things ever happen. There (usually) is no way
of even knowing if you have thought of all the attacks, and the
remaining steps are subject to a (quantifiable) error rate.

If you could do all of the above, you still only have a part of a
system. You would need to be fully in control of all the other
variables. Those variables include people - and they are very difficult
to "program" to do exactly what is needed in every situation.

It is like trying to design a burglar proof house - you may get all of
the locks and alarms just right, but ignore the possibility that someone
might bribe the cleaning lady to let them in.

If there was a way of buying an ID card that had a reasonable level of
trustworthiness, but was not linked to a central register (or at least one
of the scale proposed), and it was available to those that wanted it, then
I would say fine so long as it is not going to cost 10's of billions of
tax payers money.


So if it were secure and cheap it would be OK?

Secure, cheap, optional, and non invading, then it would be ok...

Tell you what, if it were secure and people were PAID to have it, they'd all
be in favour, would they?

I would not have thought so...

With the current proposals I object on several levels however, not just
the prospect for criminal misuse of the data.


When this thread began people objected for different reasons. I suspect that
many people would object whatever was proposed because they simply don't
want to be traceable by anyone for any reason. My argument was that if you
have nothing to hid you have nothing to fear.

That may be true, but it makes two assumptions. Firstly that the holders
of the information are benign, and secondly that having something to
hide is always indicative of wrongdoing.


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

Peter Parry wrote:

ISDN with a no time limit account (Surf time or something as was). I
used this for some years with Demon prior to Broadband and its
performance was very good. Effectively it is an always on service as

It can be OK - I used this setup for a year or two. There are a few
gottchas though: If you run windows XP you find it is very "net happy"
and will tend to trigger a dialup at any provocation. It gets quite
expensive by the time you have bought ISDN, Demon Premier Connect Plus,
and Surf Anytime - you are in for 60/month. Not sure if they have a
better setup now, but it was not possible to channel bond (i.e. get the
128K connection) and have both calls placed to the surf anytime number.
The Bandwidth Allocation on Demand facility only worked on the non surf
time POPs as well. To get 128K you lose your phone for the duration
(unless you have another POTS line as well). Lastly, 128K is still dog
slow in this day and age!

However it it is all you can get - then it is way better than plain dialup.

dial on demand connects in about 1-2 seconds. Data transfer rates
were, in practice, far better than modem speeds as ISDN only ever
runs at one rate unlike modems which do whatever they like.

Yup and if you run router with NAT you get your whole network online.


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

"John Rumm" wrote in message
news:42936274$0$39053$ed2e19e4@ptn-nntp-
Compaq (sp?) so that he can read old correspondence if he needs to. He
never does ...one day the machine could be useful, say for knocking down
a house ...

Sounds like the array of systems I have sat on shelves that are kept
because they offer a particular facility (like being able to recover data
from an Osborne or Kaypro formatted CP/M disk) that "might come in handy".

Yes sigh

If you shred all paper evidence of your life and won't commit anything
to

I don't, did I give that impression?


Well, you did give the impression that you don't keep records you
consider to be sensitive or vulnerable. At least, that's what you seem to
be urging me to do.

Not my intention, I was urging safe disposal of ones that you no longer
need - quite a different thing.

So you only store data which could be useful to a miner for six years.

I see. Right. Safe as houses, really ...

:-)

the pc (except your website, curiously) how can you check on past

The website has some sales stuff plus a fair amount of the information I
use to answer customer questions... I don't rate much of it as
particularly sensitive. Having said that a bit of detective work could
get you more information no doubt.


I rest my case.

Same applies to most of us, IP addresses can be traced to accounts thence
people etc.

That's what I've been saying all along.


Personally I keep a fair amount of information, but there comes a point
where a twelve year old bank statement has little value.


Except for historical interest. In five hundred years time, if there's
anyone left, historians would love them.

Yup, I keep the odd old copy of Personal Computer World and Byte magazine
just for them. (The adverts make for the most interesting reading - you
forget just how much you were once prepared to pay for computer stuff!)

I was thinking of personal material. Ancient accounts give a wealth of
information to the social historian.


So when the filing cabinet will accept no more I get all ruthless on it
and shred the old stuff ;-)


No, get another filing cabinet. That's been our solution :-) Not, of
course, just for bank statements ...

I also keep plenty of computerised information - but it is simpler to
keep adding storage to deal with that one ;-)


Filing cabinets are cheap. Second hand.

Alas space to store them is not... ;-)

Build a shed. A concrete one with steel doors and properly alarmed.

I like CC cards for the security they bring to some classes of purchase
however.


Not for much longer, I understand.

Why is that?


I haven't taken much notice but I understand that some people have
expressed doubt about the security.

With my original comment I was thinking more about the "joint and several"
liability aspect of security... i.e. if a transaction goes wrong and the
original vendor either refuses to provide satisfaction (or has gone
bankrupt) then you still have a claim against the card provider.

Even with chip and pin? There seems to be a lot of confusion and perhaps
misunderstanding about the new system. I'm not using it but for a different
reason.

So you ARE being personal.

Sometimes, mostly not.


But how does the reader differentiate?

I suppose to need to ask if you are unsure...

Which I did and was told that you were talking to a wider audience.You, said
that, not someone else.The use of one to indicate the general could be
useful in avoiding misunderstandings.

Very true - especially after ten years of posting to it. All those little
bits of information added together probably divulge a fair amount.

And you still do it.

I would not want you to miss me ;-)

And I would.

If I remembered ...

Are you saying that you're incapable of designing a secure system?

Yes! (blunt enough?)


Honest. Why not?

Hmm good question. I suppose the simplest answer is that to have a secure
system you have to have thought of all the possible lines of attack (i.e.
got the requirements exactly right). You need to have proposed a solution
that perfectly addresses those requirements, and you need to have
implemented the proposed solution faultlessly.

In reality none of those things ever happen. There (usually) is no way of
even knowing if you have thought of all the attacks, and the remaining
steps are subject to a (quantifiable) error rate.

If you could do all of the above, you still only have a part of a system.
You would need to be fully in control of all the other variables. Those
variables include people - and they are very difficult to "program" to do
exactly what is needed in every situation.

So NO system is foolproof so the criticism of the ID one being prone to
faults because of government tenders and carelessness and cheapness has lost
value.

It is like trying to design a burglar proof house - you may get all of the
locks and alarms just right, but ignore the possibility that someone might
bribe the cleaning lady to let them in.

Yes. Quite.

If there was a way of buying an ID card that had a reasonable level of
trustworthiness, but was not linked to a central register (or at least
one of the scale proposed), and it was available to those that wanted it,
then I would say fine so long as it is not going to cost 10's of billions
of tax payers money.


So if it were secure and cheap it would be OK?

Secure, cheap, optional, and non invading, then it would be ok...

Which of those would you be prepared to compromise?

Tell you what, if it were secure and people were PAID to have it, they'd
all be in favour, would they?

I would not have thought so...

What about other people? Even the earlier objectors in this thread?

With the current proposals I object on several levels however, not just
the prospect for criminal misuse of the data.


When this thread began people objected for different reasons. I suspect
that many people would object whatever was proposed because they simply
don't want to be traceable by anyone for any reason. My argument was that
if you have nothing to hide you have nothing to fear.

That may be true, but it makes two assumptions. Firstly that the holders
of the information are benign,

There is no proof that they are not.

and secondly that having something to hide is always indicative of
wrongdoing.

Why else hide something?

Mary

Mary Fisher wrote:

So you only store data which could be useful to a miner for six years.

I see. Right. Safe as houses, really ...

While I have it stored, no one is going to mine it... ;-)

(on a more practical note, data mining only works well on really large
collections of data - 1000's of people and more....)

I was thinking of personal material. Ancient accounts give a wealth of
information to the social historian.

One of the oddities of our modern day ability to store so much is the
likelihood that there will be far less preserved for future historians.
A paper ledger can last 100 years or more, a file on a disk is likely to
find itself erased to make space for new stuff, or simply left to
languish on a format no one has the equipment to read any more.

Alas space to store them is not... ;-)


Build a shed. A concrete one with steel doors and properly alarmed.

Got one of them ;-) guess what....

Even with chip and pin? There seems to be a lot of confusion and perhaps

Yup even with chip and pin. The thing that changes with chip and pin is
the retailers liability for fraud. It used to be the case they were to
an extent protected from fraud carried out by the customers. If they
offer C&P then this is still the case (even if the customer elects not
to use it), however if the do not offer it and the customer commits
fraud then the retailer would be liable not the merchant account company.

I suppose to need to ask if you are unsure...


Which I did and was told that you were talking to a wider audience.You, said
that, not someone else.The use of one to indicate the general could be
useful in avoiding misunderstandings.

Indeed, one will take more care...

I would not want you to miss me ;-)


And I would.

Thanks...

If I remembered ...

I think .... ;-)

So NO system is foolproof so the criticism of the ID one being prone to
faults because of government tenders and carelessness and cheapness has lost
value.

There are degrees here - from good but not perfect to very very bad. To
know that perfect is not achievable is no justification for accepting
the latter.

Don't think anyone has accused the current proposals of "cheapness",
quite the reverse.

The tender process brings its own problems, but as I highlighted the
alternatives that can be/have been used have their own problems. What
it needs is astute procurement with a little more technical nous
employed at that stage, and less involvement from parties with vested
interests.

Many of the main weaknesses of the current proposed system (from an
engineering point of view) are that it has fundamental conflicts of
interest built into it. To give an example, for good security of access
to database it is better to centralise access to it, but for any
practical use in an ID system it needs to be vastly distributed.

For counter terrorism activities you need a complex database integrated
into many facets of day to day life so as to capture the transactions
that you can later mine to work out connections and relationships.
However a tightly integrated system like this becomes a very attractive
terrorist target itself because of the potential disruption you can
cause to those very same day to day activities.

Secure, cheap, optional, and non invading, then it would be ok...


Which of those would you be prepared to compromise?

If you^h^h^h one could convince me there was a tangible benefit to be
had, then "cheap"

Tell you what, if it were secure and people were PAID to have it, they'd
all be in favour, would they?

I would not have thought so...


What about other people? Even the earlier objectors in this thread?

Ask'em ;-)

That may be true, but it makes two assumptions. Firstly that the holders
of the information are benign,


There is no proof that they are not.

Can you substantiate that statement?

and secondly that having something to hide is always indicative of
wrongdoing.


Why else hide something?

A multitude of reasons....

Embarrassment, personal safety, privacy, employment prospects, even
national security. I am sure even you can think of things relating to
peoples identity and movements that would be damaging in the wrong hands
(especially when combined with their occupations).

--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

"John Rumm" wrote in message
...
Mary Fisher wrote:

So you only store data which could be useful to a miner for six years.

I see. Right. Safe as houses, really ...

While I have it stored, no one is going to mine it... ;-)

Are you absolutely 100% copper-bottomed certain of that?

Where on Earth have you put it?

:-)

I was thinking of personal material. Ancient accounts give a wealth of
information to the social historian.

One of the oddities of our modern day ability to store so much is the
likelihood that there will be far less preserved for future historians. A
paper ledger can last 100 years or more, a file on a disk is likely to
find itself erased to make space for new stuff, or simply left to languish
on a format no one has the equipment to read any more.

That's why I keep paper records -and in a condition which will mean that
they last longer than a century.

Alas space to store them is not... ;-)


Build a shed. A concrete one with steel doors and properly alarmed.

Got one of them ;-) guess what....

er - no?

Even with chip and pin? There seems to be a lot of confusion and perhaps

Yup even with chip and pin. The thing that changes with chip and pin is
the retailers liability for fraud. It used to be the case they were to an
extent protected from fraud carried out by the customers. If they offer
C&P then this is still the case (even if the customer elects not to use
it), however if the do not offer it and the customer commits fraud then
the retailer would be liable not the merchant account company.

Friends of mine seem concerned that if fraud is carried out on their cards
they (the friends) won't have the protection they used to have. I'm not an
expert on this, I had changes to conditions this morning and am still wading
through them. We seem to get changes with every statement, it's not easy to
keep up with them.


I suppose to need to ask if you are unsure...


Which I did and was told that you were talking to a wider audience.You,
said that, not someone else.The use of one to indicate the general could
be useful in avoiding misunderstandings.

Indeed, one will take more care...

I would not want you to miss me ;-)


And I would.

Thanks...

If I remembered ...

I think .... ;-)

LOL!

So NO system is foolproof so the criticism of the ID one being prone to
faults because of government tenders and carelessness and cheapness has
lost value.

There are degrees here - from good but not perfect to very very bad. To
know that perfect is not achievable is no justification for accepting the
latter.

Who's accepting it? Who's saying that it WILL happen?

Don't think anyone has accused the current proposals of "cheapness", quite
the reverse.

er - I don't think said quite that.

The tender process brings its own problems ... less involvement from
parties with vested interests.

Such as?

Many of the main weaknesses of the current proposed system (from an
engineering point of view) are that it has fundamental conflicts of
interest built into it. To give an example, for good security of access to
database it is better to centralise access to it, but for any practical
use in an ID system it needs to be vastly distributed.

Yes. are you saying that security can be compromised by that?

For counter terrorism activities you need a complex database integrated
into many facets of day to day life so as to capture the transactions that
you can later mine to work out connections and relationships. However a
tightly integrated system like this becomes a very attractive terrorist
target itself because of the potential disruption you can cause to those
very same day to day activities.

Oh, you are.

Secure, cheap, optional, and non invading, then it would be ok...


Which of those would you be prepared to compromise?

If you^h^h^h one could convince me there was a tangible benefit to be had,
then "cheap"

How I miss DOS sometimes ... :-)

Tell you what, if it were secure and people were PAID to have it, they'd
all be in favour, would they?

I would not have thought so...


What about other people? Even the earlier objectors in this thread?

Ask'em ;-)

I think they've gone to bed. Which I am or I'll be in trouble.

That may be true, but it makes two assumptions. Firstly that the holders
of the information are benign,


There is no proof that they are not.

Can you substantiate that statement?

Of course not.

You can't prove that anyone is benign either.

and secondly that having something to hide is always indicative of
wrongdoing.


Why else hide something?

A multitude of reasons....

Embarrassment, personal safety, privacy, employment prospects, even
national security. I am sure even you can think of things relating to
peoples identity and movements that would be damaging in the wrong hands
(especially when combined with their occupations).

No.

I live under a stone, obviously. It's very nice though, a happy stone with
lots of other happy people. The only sad thing is that so many others
aren't, presumably for the reasons in your last paragraph.

It's sad.

Night night,

Mary

--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

Mary Fisher wrote:

While I have it stored, no one is going to mine it... ;-)


Are you absolutely 100% copper-bottomed certain of that?

Depends on the resources and determination of the attacker! ;-)

Where on Earth have you put it?

Nice try ;-)

(do I get my Easter egg now?)

Build a shed. A concrete one with steel doors and properly alarmed.

Got one of them ;-) guess what....


er - no?

Its full....!

Friends of mine seem concerned that if fraud is carried out on their cards
they (the friends) won't have the protection they used to have. I'm not an

I think the basic foundation of joint and several liability remains the
same.

expert on this, I had changes to conditions this morning and am still wading
through them. We seem to get changes with every statement, it's not easy to
keep up with them.

They will update them to include extra information on not writing your
PIN is "plain text" and keeping it with your card, and on not disclosing
your pin etc. As you say, paying attention to the detail is the only way
to be sure).

Probably a good move to practice typing your pin in such a way as to
avoid people "shoulder surfing" it though if you are going to use it.

The tender process brings its own problems ... less involvement from
parties with vested interests.


Such as?

There are a surprising number of ex Anderson's/Accenture, and EDS staff
in key places in government... (the PMG for starters) Also (as with all
governments) there is a high level of lobbying and inducements from key
IT suppliers.

Many of the main weaknesses of the current proposed system (from an
engineering point of view) are that it has fundamental conflicts of
interest built into it. To give an example, for good security of access to
database it is better to centralise access to it, but for any practical
use in an ID system it needs to be vastly distributed.


Yes. are you saying that security can be compromised by that?

Yup...

That may be true, but it makes two assumptions. Firstly that the holders
of the information are benign,


There is no proof that they are not.

Can you substantiate that statement?


Of course not.

You can't prove that anyone is benign either.

No but I can find you plenty of examples of situation where peoples
personal data have been given up by those who should have been taking
better care of it.

Nice recent example for you:

http://www.theregister.co.uk/2005/05...security_flap/

I live under a stone, obviously. It's very nice though, a happy stone with
lots of other happy people. The only sad thing is that so many others
aren't, presumably for the reasons in your last paragraph.

Put yourself in the position of a former special ops soldier returning
from a tour of Northern Ireland on anti terrorism duty. How do you
suppose he would feel knowing that there is a database that tracks his
address (and all former addresses), plus all the day to day habits,
movements, transactions and patterns of his life. Extreme example I
know, but there are many reasons that someone law abiding with "nothing
to hide" may in fact have very good reasons to hide some things.

It's sad.

Indeed....

Night night,

Sleep tight!


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

"John Rumm" wrote in message
...
Mary Fisher wrote:

While I have it stored, no one is going to mine it... ;-)


Are you absolutely 100% copper-bottomed certain of that?

Depends on the resources and determination of the attacker! ;-)

Where on Earth have you put it?

Nice try ;-)

(do I get my Easter egg now?)

Yes, darling. Of course.

I've devised an Easter Egg Hunt specially for you :-)

Off you go ...

Build a shed. A concrete one with steel doors and properly alarmed.

Got one of them ;-) guess what....


er - no?

Its full....!

Build another. Then another. Our bloomin' garden is littered with the
things. Apparently it's vital to have somewhere to store sheets of glass.
They're never used, just stored.

Friends of mine seem concerned that if fraud is carried out on their
cards they (the friends) won't have the protection they used to have. I'm
not an

I think the basic foundation of joint and several liability remains the
same.

expert on this, I had changes to conditions this morning and am still
wading through them. We seem to get changes with every statement, it's
not easy to keep up with them.

They will update them to include extra information on not writing your PIN
is "plain text" and keeping it with your card, and on not disclosing your
pin etc. As you say, paying attention to the detail is the only way to be
sure).

Did I say that??? Mmmmmmmmm. I didn't know I had it in me.

Probably a good move to practice typing your pin in such a way as to avoid
people "shoulder surfing" it though if you are going to use it.

The problem is that I can't remember it. I have a difficulty with numbers as
a legacy of brain surgery. I thought i was unique but in that, as with
everything else, I'm not sigh

Please don't go through all the possibilities of remembering one, it's been
done ad nauseam.

The tender process brings its own problems ... less involvement from
parties with vested interests.


Such as?

There are a surprising number of ex Anderson's/Accenture,

oh in small voice

and EDS staff in key places in government... (the PMG for starters) Also
(as with all governments) there is a high level of lobbying and
inducements from key IT suppliers.

....





That may be true, but it makes two assumptions. Firstly that the
holders of the information are benign,


There is no proof that they are not.

Can you substantiate that statement?


Of course not.

You can't prove that anyone is benign either.

No but I can find you plenty of examples of situation where peoples
personal data have been given up by those who should have been taking
better care of it.

I believe that but since it can and does already happenand avenues for doing
it are increasing all the time the thing you're worried about will be just
one more.


I live under a stone, obviously. It's very nice though, a happy stone
with lots of other happy people. The only sad thing is that so many
others aren't, presumably for the reasons in your last paragraph.

Put yourself in the position of a former special ops soldier returning
from a tour of Northern Ireland on anti terrorism duty. How do you suppose
he would feel knowing that there is a database that tracks his address
(and all former addresses), plus all the day to day habits, movements,
transactions and patterns of his life. Extreme example I know, but there
are many reasons that someone law abiding with "nothing to hide" may in
fact have very good reasons to hide some things.

It's not an extreme example, I know several such people, one is a Colonel
and he HATES all the security imposed on him. If it were up to him he
wouldn't have any of it. He doesn't want to hide anything.

Our RAF son worked hard for his rank, he's proud of it and hates being told
that it mustn't be used on addresses. He resents only being allowed to wear
his uniform in public on certain occasions.

Not everyone thinks the same way as others. We're all individuals with
different characters and priorities, nothing can change that. Historically,
under the most rigid and controlled regimes, that has never changed and it
won't under any ID system - especially the one which is being considered at
the moment.

My sadness is that people still think it can - and cite fantasy fiction to
uphold their beliefs.

Mary

On Tue, 24 May 2005 19:47:23 +0100, "Mary Fisher"
wrote:

and secondly that having something to hide is always indicative of
wrongdoing.

Why else hide something?

There are many legitimate reasons why people may not wish to disclose
personal information. I resist attempts to capture my address and
telephone number to try to keep the amount of junk mail and cold calls
to a minimum (yes I use the TPS/MPS but that doesn't always work).
I also know someone who has a scar on their face and is very sensitive
about it. They resist attempts to take their photo. Again this is
not a sign or wrongdoing.

I seem to remember from an earier thread (correct me if I am wrong)
that you declined to specify your ethnic origin on a census form. I'm
sure this is not a sign of wrongdoing, so why assume that anyone else
doing the same does have something criminal to hide?

Mark

John Rumm wrote:
Yup even with chip and pin. The thing that changes with chip and pin is
the retailers liability for fraud. It used to be the case they were to
an extent protected from fraud carried out by the customers. If they
offer C&P then this is still the case (even if the customer elects not
to use it), however if the do not offer it and the customer commits
fraud then the retailer would be liable not the merchant account company.

What also changes is the *customer's* (i.e. you the cardholder)
liability for fraud.

If a transaction is made with your PIN then you are deemed to have
authorised the transaction unless *you* can prove otherwise. And even if
you and your card were in a different country at the time how do you
prove you did not permit someone to clone your card and use your PIN?

I have one chip-and-pin card and so far have refused to use the PIN. If
the retailer won't accept the signature (hasn't happened yet) they lose
the sale.

Owain

"Owain" wrote in message
. ..
John Rumm wrote:
Yup even with chip and pin. The thing that changes with chip and pin is
the retailers liability for fraud. It used to be the case they were to an
extent protected from fraud carried out by the customers. If they offer
C&P then this is still the case (even if the customer elects not to use
it), however if the do not offer it and the customer commits fraud then
the retailer would be liable not the merchant account company.

What also changes is the *customer's* (i.e. you the cardholder) liability
for fraud.

That's what I've understood too.

If a transaction is made with your PIN then you are deemed to have
authorised the transaction unless *you* can prove otherwise. And even if
you and your card were in a different country at the time how do you prove
you did not permit someone to clone your card and use your PIN?

Are you allowed topermit someone to do that?

I have one chip-and-pin card and so far have refused to use the PIN. If
the retailer won't accept the signature (hasn't happened yet) they lose
the sale.

It isn't compulsory yet. Some people believe that it won't be enforceable.

Mary

Owain

"Mark" wrote in message
...

I seem to remember from an earier thread (correct me if I am wrong)
that you declined to specify your ethnic origin on a census form. I'm
sure this is not a sign of wrongdoing, so why assume that anyone else
doing the same does have something criminal to hide?

I'm not worried about disclosing that I'm a white Caucasian but on most
forms that information is irrelevant (i.e. I'm making a political objection)
and what's more the options given are not ethnic origins. I don't hide the
information, I clearly state that the information is irrelevant. It's never
been followed up so presumably it IS irrelevant. If I didn't fill in the
'gender' box they'd be back.

In my opinion, for what it's worth, there's far too much concentration on
race and skin colour. A councillor tried to explain, not convincingly, that
they asked the question on their forms so that they could target services.
My immediate neighbours are Lithuanian/Italian, Caribbean-origin but
England-born, and African-born Indian-origin (never seen India) neighbours
need different dustbins? They've all been in Leeds for many years (the first
since the end of the war) and haven't complained about not having
appropriate services.

Sorry for that rant :-)

Mary

"Mary Fisher" wrote in message
. net...

"Owain" wrote in message
. ..
John Rumm wrote:
Yup even with chip and pin. The thing that changes with chip and pin is
the retailers liability for fraud. It used to be the case they were to
an extent protected from fraud carried out by the customers. If they
offer C&P then this is still the case (even if the customer elects not
to use it), however if the do not offer it and the customer commits
fraud then the retailer would be liable not the merchant account
company.

What also changes is the *customer's* (i.e. you the cardholder) liability
for fraud.

That's what I've understood too.

If a transaction is made with your PIN then you are deemed to have
authorised the transaction unless *you* can prove otherwise. And even if
you and your card were in a different country at the time how do you
prove you did not permit someone to clone your card and use your PIN?

Are you allowed topermit someone to do that?

I have one chip-and-pin card and so far have refused to use the PIN. If
the retailer won't accept the signature (hasn't happened yet) they lose
the sale.

It isn't compulsory yet. Some people believe that it won't be enforceable.



I gather that it will be possible to get Chip'n'Signature cards (as opposed
to Chip'n'Pin), though the CC providers are not particularly forthcoming
with this information.

Reason I was trying to find out about this is that I never, ever, ever
withdraw cash on my credit cards, but with several cards the only possible
way I will be able to remember PINs is to set them all to be the same, or an
easily identifiable variant - for instance on PIN on my switch/debit card,
and perhaps the reverse on all CCs.

Now (and I appreciate you probably find yourself in this situation, Mary) my
nightmare scenario is out on a bit of a bender in town, run out of cash,
need to use cash machine. Pick up card from wallet, but accidentally insert
the wrong card - a credit card - and tap in number. Withdraw cash, get
charged the earth.

So, I rang round all my CC providers and asked them if I could set the cash
withdrawal limit to zero. No, absolutely not, can't be done comes back the
answer - they all say "it's written into your terms and conditions".

Asked about this on the Motley Fool discussion boards, and answer comes back
"why not get chip'n'signature card? Solves the whole problem.".

What I can't find out is whether this type of card will actually be any use
on a day to day basis.

What will happen if you forget your pin or incorrectly type it three times
is that the merchant can accept your signature instead. However, in this
scenario they will be then liable for any fraudulant use of the card, so it
is highly likely that the majority of merchants will refuse to accept a
signature. I can forsee all kinds of problems with petrol stations - you
have cards, you fill up, mistype or forget PIN, they refuse signature on a
card transaction - what do you do then?

I haven't found out yet whether Chip'n'Signature cards will automatically
transfer risk of fraud onto the merchants, in which case they may be pretty
useless as a means of day to day payment.


Of course, Mary, you could remember your PIN by scratching it onto the
cards... ;-)

--
Richard Sampson

mail me at
richard at olifant d-ot co do-t uk

"RichardS" wrote in message
...


I gather that it will be possible to get Chip'n'Signature cards (as
opposed to Chip'n'Pin), though the CC providers are not particularly
forthcoming with this information.

You only need to ask, I did and there was no problem, no questions, no
argument ... instant new card.

Reason I was trying to find out about this is that I never, ever, ever
withdraw cash on my credit cards, but with several cards the only possible
way I will be able to remember PINs is to set them all to be the same, or
an easily identifiable variant - for instance on PIN on my switch/debit
card, and perhaps the reverse on all CCs.

Now (and I appreciate you probably find yourself in this situation, Mary)
my nightmare scenario is out on a bit of a bender in town, run out of
cash, need to use cash machine. Pick up card from wallet, but
accidentally insert the wrong card - a credit card - and tap in number.
Withdraw cash, get charged the earth.

LOL! That's unlikely to happen to me. Spouse does all that. Twice, perhaps
three times, in goodness knows how many years. We rarely use cash.

So, I rang round all my CC providers and asked them if I could set the
cash withdrawal limit to zero. No, absolutely not, can't be done comes
back the answer - they all say "it's written into your terms and
conditions".

Asked about this on the Motley Fool discussion boards, and answer comes
back "why not get chip'n'signature card? Solves the whole problem.".

What I can't find out is whether this type of card will actually be any
use on a day to day basis.

Why shouldn't it be?

What will happen if you forget your pin or incorrectly type it three times
is that the merchant can accept your signature instead. However, in this
scenario they will be then liable for any fraudulant use of the card, so
it is highly likely that the majority of merchants will refuse to accept a
signature. I can forsee all kinds of problems with petrol stations - you
have cards, you fill up, mistype or forget PIN, they refuse signature on a
card transaction - what do you do then?

I doubt that they'll hold you hostage!


Of course, Mary, you could remember your PIN by scratching it onto the
cards... ;-)

Oh, yes, so I could! Never thought of that, thanks :-)

Mary

On Wed, 25 May 2005 12:52:12 +0100, "Mary Fisher"
wrote:

"Mark" wrote in message
.. .

I seem to remember from an earier thread (correct me if I am wrong)
that you declined to specify your ethnic origin on a census form. I'm
sure this is not a sign of wrongdoing, so why assume that anyone else
doing the same does have something criminal to hide?

I'm not worried about disclosing that I'm a white Caucasian but on most
forms that information is irrelevant (i.e. I'm making a political objection)
and what's more the options given are not ethnic origins. I don't hide the
information, I clearly state that the information is irrelevant. It's never
been followed up so presumably it IS irrelevant. If I didn't fill in the
'gender' box they'd be back.

I would argue that much of the information that we will be forced to
give for our ID Card will also be irrelevant - but we will _have_ to
give it all the same or face fines or imprisonment. I'm very
uncomfortable about that situation which is one (of many) reasons that
I oppose ID cards.

As an IT consultant myself I can see the whole project going massively
over budget and probably be abandoned eventually because it never
works.

In my opinion, for what it's worth, there's far too much concentration on
race and skin colour. A councillor tried to explain, not convincingly, that
they asked the question on their forms so that they could target services.
My immediate neighbours are Lithuanian/Italian, Caribbean-origin but
England-born, and African-born Indian-origin (never seen India) neighbours
need different dustbins? They've all been in Leeds for many years (the first
since the end of the war) and haven't complained about not having
appropriate services.

Sorry for that rant :-)

No problem ;-)

Mark

"Mark" wrote in message
...
On Wed, 25 May 2005 12:52:12 +0100, "Mary Fisher"
wrote:

"Mark" wrote in message
. ..

I seem to remember from an earier thread (correct me if I am wrong)
that you declined to specify your ethnic origin on a census form. I'm
sure this is not a sign of wrongdoing, so why assume that anyone else
doing the same does have something criminal to hide?

I'm not worried about disclosing that I'm a white Caucasian but on most
forms that information is irrelevant (i.e. I'm making a political
objection)
and what's more the options given are not ethnic origins. I don't hide the
information, I clearly state that the information is irrelevant. It's
never
been followed up so presumably it IS irrelevant. If I didn't fill in the
'gender' box they'd be back.

I would argue that much of the information that we will be forced to
give for our ID Card will also be irrelevant

Such as?

Mary

In article ,
Mark writes:
As an IT consultant myself I can see the whole project going massively
over budget and probably be abandoned eventually because it never
works.

It's rather rare for the government to abandon a project which
doesn't work. That requires both:
a) An admission it didn't work, and
b) A realisation that it's best abandoned.
It's rare to see either one of these in practice, leave alone both.

--
Andrew Gabriel

"Andrew Gabriel" wrote in message
.. .
In article ,
Mark writes:
As an IT consultant myself I can see the whole project going massively
over budget and probably be abandoned eventually because it never
works.

It's rather rare for the government to abandon a project which
doesn't work. That requires both:
a) An admission it didn't work, and
b) A realisation that it's best abandoned.
It's rare to see either one of these in practice, leave alone both.

Yes, I hear today that they're sending (I think) 4,000 British soldiers to
Iraq, in addition to those already there. Not to fight of course, to train
the Iraqi security forces.

"And the band played 'Believe it if you like'"

Mary

--
Andrew Gabriel