Category Archives: Uncategorized

A new normal?

There is no denying that the current COVID-19 situation has caused a rapid, seismic shift in how we live our daily lives. For some this has been a huge challenge, for others less so. Now, over one month into the lock-down, people are starting to talk about a return to “normal”, whatever that is. But, do we want to return to the way things were? You see, it hasn’t been all bad. When I walk down the road for my daily exercise, I can’t help but think, I wish it were like this all the time. There’s less traffic on the roads. I can hear the birds and the wind in the trees rather than the constant hum of traffic. I can smell the spring blossom on the air instead pollution. I see couples and families, happily enjoying time together, walking or cycling. Everything seems slower, less hectic and somehow happier. The shops are no longer open late but nobody seems to mind. We patiently wait in line because we’re all on this together, we’re not in a rush, we have all the time in the world.

Now, before I go further, I know some elements of the COVID-19 response are hard, particularly on those in inner cities and for those who live in flats and tower blocks. However, many of the changes we have seen are positive. People are less obsessed with the material. Local businesses are thriving with many people choosing to shop local. Businesses, restaurants and takeaways have stepped up, offering products and services they never thought of and delivering them to your door. The big fast food restaurants are closed and nobody seems sad to see them go. People are working from home and realising that you don’t need to be in the same place to work effectively.

I have been a long-term advocate of home-working. In fact, some might class me an expert in it and the technology that makes it possible. You see, I have a complex family. I have children affected by disability and I’m currently unable to go to work in an office. Back when I did work in an office, I worked closely with diverse global teams that I never met in person. Most of the desire to be in the same office is centred around old fashioned views that you need to be in a room together to work together, or that people won’t actually work at home. However, nothing is farther from the truth.

Homeworking means a better work-life balance. It means we can better respond to the needs of our families and employers. We can be flexible on hours, which is of huge benefit to businesses, particularly those who do business across time zones. Because we don’t have to commute, we get more time with our family. Quite often people who work at home work more hours than the equivalent employee in the office and still get more quality time with their family and lower stress levels. Employers’ insistence on people being present in an office is discriminatory. It means that many skilled people, who have a disability or care for somebody who has or who have young children, cannot work. Home working levels the playing field. Commuting and being out of the house for long hours has an impact on relationships, our physical and our mental health. All of this puts a burden on the NHS and the benefits and social care systems which could be avoided. Home working is better for the environment. If we take all of those commuters off the roads, off the trains and have them at home for at least a percentage of the time, our environment, locally and globally benefits. When we add COVID-19 or other pathogens into the mix, we see that the simple act of commuting and being in an office greatly increases our risk of exposure, not just during this pandemic but any future events too. This risk is bad for business. Right now, people planning for business continuity should be thinking about how we ensure that the workforce isn’t taken out of action en-masse by a pandemic. Home working is the obvious answer. This comes with the bonus of decreased office space requirements and overheads for premises etc.

Talking of businesses, what about corporate responsibility. If your employer insists you come to an office to do a job you could do at home and you become ill as a result they could be (and probably should be) held liable for this in the same way as with any other workplace injury. Employers have a duty of care to their staff and homeworking is an obvious mitigating action.

On realising all of this, the government has a responsibility too. Government should take actions to incentivise companies to support home working. COVID-19 has begun the culture shift, somebody needs to help drive it forward.

Of course, not everyone can work from home. However, if you can’t do your job from home, employers should have robust plans around managing exposure to pathogens in the same way as other health and safety risks are mitigated. The basic premise that individuals should be able to choose to take a a risk, not be required to should be upheld. If you choose to go out and socialise, that’s your prerogative. If your employer tells you to go somewhere, they should take responsibility for you and your family’s well-being from the second you leave your home. People in jobs where they are considered at risk should be able to resign at any point to avoid this risk without being penalised by the employer or the benefits system. If you do become unwell, you should be entitled to full pay for the duration of the illness, including any time spent self-isolating or caring for other family members.

The simple act of limiting potential exposure to just things we choose to do, like shopping or seeing friends, removes most of our weekly exposure. It takes many hours of contact with potentially hundreds of other people out of the equation. This is the most important part of social distancing. It’s not staying 2 metres apart, it’s not wearing a mask, it’s simply not commuting, not working in an office every day, making less visits to the supermarket. This is the uncomfortable truth the government is skirting around. The only measures that really makes a difference are the number of people you share an enclosed environment with and the number of hours you are exposed to this risk. The biggest risk of catching COVID-19 are touch-points, like door handles, pin machines and train doors and furniture, not how close you stand to somebody. Conversely, somebody cycling past your drive or a family sitting on the beach together don’t pose a significant risk to anybody. We, as a society have chosen to focus on the least important pieces of guidance and to treat them as the most important and the government has done little to correct this. It is a dangerous practice and it gives the public a misplaced sense of security coupled with an over-developed sense of self-righteousness that doesn’t follow the science. The media has been complicit in this, giving a voice to untrained opinion and hearsay.

So, do we want things to go back to normal? I say no, we want a new, better normal. Better for our physical and mental health, better for our families, better for our community, better for our employers, better for our country and better for our planet. Don’t accept the old normal, lets do better.

The recent “cyber attack” and the implications on the healthcare industry.

As you all now know, a recent “cyber attack” has affected many computers around the world, including, most prominently, the NHS. In this article I will ask the question, “what implications does this have on future IT services for the healthcare industry?”

Firstly, this incident was not a “cyber attack”. No targeted attack against the NHS took place. In fact, whether it is an attack at all is open to debate. The incident was in fact caused by a piece of “ransomware” which takes the form of an Internet worm. Worms are self-replicating pieces of code which spread from computer to computer using networks. They usually exploit a vulnerability in target software or operating system code to gain access and/or elevated privileges on the target system. Once infected, the real purpose of the worm, termed the payload, activates. The payload can range from something benign to something more sinister. In the case of ransomware, the usual modus operandi is to encrypt data on the target computer’s hard-drive and then offer to decrypt it  in return for the payment of a ransom.

So, having established what happened, how did it happen and why was the impact so significant? The answer to this lies in the exploit used. This particular exploit  leveraged a vulnerability which, according to Microsoft, was not known to them. In fact, it was developed by the NSA, who kept quiet about the vulnerability so they could use it against their targets. Recently a group leaked a set of NSA exploits, including one which used this vulnerability. Because the exploit was not discovered, disclosed to the vendor and patched, as is the normal way these issues are dealt with, Microsoft did not have an immediate fix. This type of exploit is termed a “zero-day exploit” in the industry. In fact, this is the worst kind of vulnerability. It was not just a theoretical vulnerability but a tried and tested working exploit.  Because Microsoft was now on the back foot, coders managed to release a worm that used this exploit before a security fix could be released. In fact, they had little hope of stopping a determined coder in time. So, this worm is more a direct result of the cracking activity of the NSA and by extension GCHQ as they are very closely linked. Is this something we should be concerned about? Absolutely! Could it have been handled better, most definitely!

Having established what happened and why, what lessons can we learn from this? Well, firstly, the standard response to this type of threat is to ensure your software patching schedule and methodology ensures your operating systems and software are kept up to date. However, in this circumstance, this would have done nothing to mitigate the risk. There are things that could have helped to protect important data, however. I will deal with these below.

The first question that springs to my mind is why is raw data is accessible from a terminal in the first place? If files are not directly accessible, they cannot be encrypted. This means that, even if a terminal is affected, a simple re-image will get you up and running again. If we take this a step further and look at network boot, thin client environments, the risk can be greatly mitigated and the recovery time greatly reduced.

Coupled with this we must look at how our data is accessed and presented. Placing our data in the cloud would help to mitigate against this type of attack. If our data is hosted on a highly secure system and accessed, for example, using HTTPS or XMLRPC  then our data would be safe even if the terminal was compromised. Data could continue to be accessed and it could not be held to ransom. We must also be mindful of correct backup procedure and cold storage, so that any data that is compromised could be restored intact. Placing data in the cloud provides a unique opportunity to protect ourselves from local network attack, so the only element at direct risk from attack vectors such as the one used by this worm is the access layer to our data. Cloud computing allows us to treat our local and wide-area networks as we should treat them; hostile, untrusted environments. It is obvious from the impact on the NHS that both the NHS National Network (N3) and local NHS Trust networks were heavily involved in the propagation of this worm and should not be treated as trusted networks. Perhaps the existing paradigm, where N3 is widely considered safe to pass patient data should be under heavy scrutiny and more controls should be applied to data transiting this network.

When we consider N3 as an untrusted network, we realise that our second line of defence, beyond our firewalls and security procedures is very simple. Isolate, contain, eliminate. We must be prepared to pull the plug on our links to the outside world when threats such as this take place in order to protect the integrity of our local networks and our data. Commonly, a loss of connectivity is considered an undesirable event. However, IT managers must consider a controlled disconnection as one of the tools in their arsenal to protect their network. This approach, however, presents unique challenges to business continuity, particularly around the access to services and data. These challenges are more apparent when we move towards a cloud-enabled data model. It is this specific area that my company, iCoriolis, is working on innovative solutions to ensure data is still accessible even when disconnected from the WAN and by extension the cloud, whether this event is controlled or an incident.

Lastly and possibly most important in my mind are the choices made by IT managers about the software and operating systems they choose for terminals and servers. This incident has shown us that Microsoft, despite considerable effort, cannot predict the future. They simply cannot fix an unknown vulnerability fast enough in these circumstances. This is not inherently their fault as they rely on the security community to identify and report vulnerabilities; no one company can discover everything. This is where Open Source software really shows its advantage. It’s not that Open Source developers are better (although some are). It’s not an ideological issue. It’s simply that because the code of Open Source software is made freely available and the community constantly peer reviews and improves it. Vulnerabilities are discovered, shared, discussed  and fixed. Rather than this time-bomb hanging around for years, it could have been fixed in a short amount of time. With these facts in mind, putting my personal preference for Open Source software and my dislike of Windows for a moment, I find it difficult to understand how anyone can now trust a closed-source operating system for critical data. Indeed, governments seem to agree, with the NSA and GCHQ widely using and recommending Open Source software. Whilst Open Source software is not a magic bullet, in my mind, this is certainly a case of “better the devil you know”.

From EHE to Mainstream, a circular journey.

When my daughter went to secondary school, it just didn’t fit. To be fair, it was not just the schools fault. You see, she suffered Meningitis when she was seven and she was left with brain damage. When she came around from three weeks on a ventilator in a medically-induced coma she was lucky to be alive. She’d lost her speech, her movement on her right side and her ability to walk.

What followed was little short of a miracle. With minimal help from the medical community, she started the slow process of learning to walk and talk again. She went back to school and there began the struggle with the system which eventually led to the decision that the system could not provide for her very individual needs. Primary school was okay. It was certainly not perfect, but she managed. Secondary school, on the other hand, was much more of a challenge. She managed one year at secondary school until eventually, with much negativity from the school and Local Authority, we sent our de-registration letter.

What followed was similar to many EHE familes. A period of de-schooling led to that all too familiar “what next” feeling. She did some on-line courses. She saw a private tutor, primarily focusing on English and Maths. During this period, she also sustained a serious injury to her ankle, which, over the course of the next year, put her in a wheelchair when outdoors and on crutches indoors. She now had coming to terms with a new disability and all of the associated pain and upset this brings.

Our EHE provision adapted. We focused on independence, resilience and coping strategies for a disabled teenager to be independent in life. Whilst she continued some academic work, of primary importance was her ability to interact with the world and to cope with her disability. We felt, and still do feel, that this is the biggest enabler for a young person coping with disability. Academic study can come at any time in life, but coping strategies can last a lifetime.

This year, in what would have been her year-11 year if she was in mainstream school, she has gone to college, on a pre-vocational course. It’s been a struggle at times but she’s done really well and we’re proud of her. Next year, she hopes to study Media. She’s come full-circle, from mainstream schooling, following a parabola through EHE and back to main-stream again next year. Her time as EHE has allowed her to step back and re-assess what she wants to achieve from education. It has allowed her to see education as a very personal, positive experience which she can be excited about. She is motivated and engaged. (most of the time, she is a teenager!)

Last week, it felt like all of our hard work had been justified, when the local authority EHE advisory teacher, who has always been very supportive, praised our daughters achievement and said her story was a “model” for other EHE parents in similar situations.

I would imagine many EHE parents and young people, particularly those with some element of special needs, will identify with this path. EHE is a great enabler, but many still want to be able to engage with mainstream higher and further education as a conclusion to their EHE journey. It’s great to be able to look forward to a life where a young person can fully integrate into society, taking their new-found confidence and skills that have been fostered by EHE. The next couple of years for our daughter could see a complete transformation. From young person to adult and due to some hopefully life-changing surgery, from wheelchair user to able-bodied young woman. We’re excited to see what the future holds.

Hytera MD65X DMR Mobile Radio – Review

Last week I received my new Hytera MD650 from my helpful Chinese supplier.

I am very impressed with the radio indeed. It is:

  • Well-built with a nice solid feel
  • Easy to use
  • Small

The radio came pre-programmed with the latest European version of the firmware; from the version 7 series and I was also supplied with the correct version of CPS.

You may have noticed that I have the MD650 – this is the Chinese, Zone 0 version. This is nothing to worry about, however. The supplier had pre-programmed the radio with the Zone 5 (Europe) firmware and provided the appropriate CPS to go with it. The hardware for all versions is the same. Buying the Chinese version direct from China was far cheaper than buying here in the UK.

Programming the radio with CPS was simple enough and will be no great challenge for anyone used to programming radios. I bought the PC-47 programming cable with the radio. Having pre-installed the driver and CPS software in a Windows Virtual Machine on my laptop (I use Linux) before receiving the radio, it worked first time.

I am very impressed with the simple, solid-feeling speaker-mic, which has the LCD display and all of the buttons required to operate the radio on it. Operation is intuitive and the transmit and receive audio is great, as confirmed by on-air comments. Dare I say it, but in subjective tests, it seems to consistently outperform many Motorola radios for audio quality. The AGC seems to work well too.

I have asked the supplier to get me a Roaming Licence, as this is separately licensed for Hytera radios, which he has promised to do.

All-in-all, I’m very satisfied, especially for the price – a little over 200 UKP; around 300 USD.

Shipping by DHL was reasonably priced and reliable.

I would definitely recommend the radio. I bought it from here.

Please note, I’m not affiliated with this seller but based on my experience with their service, I would thoroughly recommend them.


Thai Green Curry

Here is the simple recipe for Thai Green Curry I use. It’s easy and quick and tastes great:


  • 100g (real)Thai Green curry paste – Mae Ploy is what I use.
  • 2 x White pak choi
  • half a packet baby corn
  • a bunch of spring onions
  • green chilli to taste
  • a tin of good quality coconut milk (cheap, watery stuff makes a bad curry – try and get Thai coconut milk like Mae Ploy or Chaokoh)
  • Palm sugar (no, normal sugar is not the same!)
  • Thai Sweet Basil (optional but really adds to it!)

Note: vegetables can be switched up to you liking.

I tend to cook this in pretty big batches. You can halve the ingredients list if you like.

NEVER let this boil or it separates the coconut milk and ruins the curry!

  1. Fry the curry paste in a couple of tablespoons of oil for a few minutes
  2. Add the tin of coconut milk, heat on a low heat and stir in the curry paste. Heat for a few minutes.
  3. Add chicken and cook for a few minutes without boiling
  4. when the chicken looks sealed, add the chopped vegetables and sweet basil
  5. Add palm sugar to taste (approx 3-4 tsp)
  6. continue to cook for a few minutes whilst you cook some rice (Jasmine or Glutinous (sticky)rice is good).
  7. Serve on rice.
  8. Garnish with a little Thai Sweet Basil and / or fresh green chilli to taste.

Shoreham Air Crash and the European “refugee crisis”

I’m struggling to reconcile the response to the Shoreham air crash with the current crisis involving refugees that is happening globally.

Don’t get me wrong, the Shoreham air crash was terrible and the families deserve help and support. However, in the last few days, I’ve seen shops collecting for the families, café’s donating their tips to the Shoreham air crash families. I have heard supposed stories of distant family members who barely knew the victims starting go fund me campaigns to cash in on the disaster and make £20-30k tax free profit from this tragic accident, effectively conning the public and exploiting someone’s death.

The families of the unfortunate victims will receive help, not least from the Public Liability Insurance for the event, as they rightly should without all of this public fund-raising. Is the offer of money not in some way insulting; it can’t bring someone back.

In sharp contrast, I have not seen any fund-raising for refugees locally. Just a modest contribution to this cause could greatly change the lives of these vulnerable people.

So, Great Britain, are eleven British lives really more important than thousands of others, just because they are British and died on British soil? In my mind, no they are not. These refugees (I refuse to call them migrants) deserve our help and support. If we have any humanity left in us, let’s remember the dead from the Shoreham air crash, let’s help the families, but let’s also offer the same compassion to those fleeing violence, oppression and death too.

Banks and other organisations are irresponsible to ask for personal details over the ‘phone.

We’ve all had a call from the bank, this is nothing new. However, in today’s day-and-age, why do banks and other organisations we have accounts with think it’s okay to ask for our personal details on the ‘phone?

Several times this week I’ve had a call from my  bank. Upon answering, I’ve been told that they want to speak to me about “personal banking matter” and then asked for my personal details. This could be your date of birth, postcode, address, account number or one of many more pieces of personal information. I politely declined, telling the call-centre droid that it was a personal security risk to give this information out on a incoming call. They then proceeded to give me a number to call back on, which I also declined for the same reason. When I called my bank to ask about the call, they told me I did the right thing by not giving my personal information, even though it appears that it was them who called me!

We all know about about identity theft. Many of us have heard of social engineering, so why do supposedly reputable organisations insist on using such poor practice to try and contact us? Surely, we all know that someone can easily ‘phone you and pretend to be someone they’re not? Caller-Line ID is easy to fake if you know how so even the ‘phone number isn’t much use to you.

The FSA should produce guidance on this and banks and other organisations should agree never to ask for information in this way, to help stamp out unintentional information disclosure to nefarious third parties.

But why don’t these organisations seem to care? The answer is simple, all they care about is profit. They are not actually concerned about safeguarding you as long as they turn a profit and as long as it does not harm their reputation. The only way this behaviour is going to stop is if we all refuse to give out this information and make their calling not worthwhile.

So, next time someone calls you like this, I urge you to politely decline to give information. It’s safer for you and if enough of us do it, these organsations will stop trying their luck.

Slow-cooked lamb and butternut squash curry.

This is our favourite slow-cooked curry. It’s super easy, feeds loads and tastes really good. Ingredients

  • 2 – 2.5 lb diced lamb
  • one to one and a half butternut squash, depending on size, diced.
  • four large onions, chopped
  • 1 large jar of  quality curry paste. I use Pataks paste, we like the madras.
  • A few birds eye chillies, if you like extra spice
  • 4 – 7 teaspoons of brown sugar, to taste
  • two tins of chopped tomatoes
  • two tbsp of oil


  1. Gently fry the onions on the oil until the begin to go translucent.
  2. Meanwhile, add the butternut squash, tomatoes and sugar to a large slow cooker and set to medium heat.
  3. Add the curry paste and fry for a few more mins.
  4. Add the chillies (if required) and the lamb and fry on a high heat for a few minutes to seal the meat.
  5. Add the meat / onion / curry paste mix to slow cooker and mix it up.
  6. Fill the curry paste jar half full with water, replace lid and shake.
  7. Poor the water into the pan and bring to the boil whilst stirring to deglaze the pan.
  8. Empty the water from the pan into the slow cooker and stir.
  9. Cover and cook until the butternut squash and meat falls apart easily when pushed against the side of the pot with a spoon. This will take approximately six hours. Do not open the slow cooker to test until at least five hours has passed as every time you open the slow cooker, you lose heat and it can extend the cooking time significantly.
  10. When cooked turn off slow cooker and allow to rest, preferably for at least an hour.
  11. Serve on basmati rice.

This dish works great with just about any good curry paste, just adjust the ingredients and seasoning to suit. It tastes even better if refrigerated overnight prior to serving. It keeps for ages in the ‘fridge and also freezes well.

Are online petition and lobbying groups just political parties in disguise? (Why I won’t share online petitions).

We’ve all done it; you receive a request to sign a petition from an organisation like 38 Degrees via email or Facebook and you sign and select the options to share with friends via twitter, Facebook, Google+ etc. It’s easy, quick and it doesn’t require much thought or effort.

These organisations claim to be non-political; to represent the masses without involving themselves in party politics but is this true? Humans have a tendency to form social groups, to follow, to succumb to peer pressure. Every time you share a petition on-line you’re using peer pressure to help these organsations coerce your friends into supporting their point of view. Organisations like 38 Degrees use inclusive language to make the reader feel a rapport, a belonging to the group at large. There is a strong psychological and sociological basis for this. Humans want, even need, to feel part of a group. The more of your friends who openly support these causes, the more likely you are to support them. A social network creates an implied trust and by extension, when an idea is shared in a social network it creates the same implied trust of the idea and it’s source in your network. Are you really so confident in the source and intention of a petition that you’re willing to personally vouch for it’s integrity? The same theory is used in sales and marketing and yes, also by political parties. Many of these petitions carry the equivalent of a tabloid headline. Emotive language is used to invoke an emotional response without proper consideration of the subject matter. This reaction makes it very easy to manipulate the masses in to showing support for an idea with very little understanding of the issues. Once you’ve shown support for the idea, you’re encouraged to use your social influence to convince your friends to do the same. This process could easily be manipulated. Petitions could be crafted to suggest successively more extreme ideas and many would not notice the resultant gradual erosion of their freedoms and extremism creeping in post by post. History has shown us that governments often go through the transition to extremism slowly, one seemingly reasonable change at a time.

Organisations like 38 degrees are, to me, overtly political even though they claim not to be. It could be argued that they are not party-political in the traditional sense as they seek to influence existing MPs regardless of party. Another argument is that they are a party themselves and should therefore “come out” and register their intention as such.

These sort of organisations, often with good intentions, seek to influence and change the current climate. I’m not saying this is a bad thing. However, I feel that this process should not be pressured. To force your ideas on someone is not freedom. People should be encouraged to understand issues and respond to them, not to react emotionally to tabloid headlines. To illustrate this point, imagine if every Daily Mail headline had a petition attached which readers were asked to sign immediately. I think we’d see some dangerous ideas seeing support when in reality many readers, with proper analysis of the issues, would not agree.

We have to accept that tabloid journalism and sensationalism is part of the political climate in the UK. I wonder if it’s safe, however, for this type of comment and political lobbying to be so closely linked.

So what can you do about it? Personally, I’ve made a decision to not share petitions on Facebook or Twitter any more. If you chose to sign a petition, do so after you’ve read the full text and understand the issues. If you don’t understand, you can always save signing for when you have enough information. Perhaps, abstinence from this debate is more appropriate? Sometimes it’s best to leave it to those who do understand. It used to be considered impolite to impose your political views on your friends and I feel it still should be. Remember, your Facebook friends don’t ask your opinion before every petition post. In this sense they are unsolicited, like spam, and have a real potential to cause annoyance and division between friends.

If you do choose to sign a petition or support a cause, that’s your decision, but don’t help the lobbying organisations pressure everyone else into thinking the same by exploiting your social networks to do so. If you need to share an idea you feel is important, do it personally, write something yourself and let your readers decide.