Lee has a great post on kilts which ends: "there's nothing gay about it". Absolutely not, good sir. But it's a useful myth to keep about to taunt our friends over the Wall with. 
John Tropea has a review of a "micro blogging" platform called Tumblr which promises to make blogging less of a long-post-driven thing. Which, of course, gets my approval. 
StrawberryFrog has an excellent guide on how to post upcoming.org entries. Number nine on the list is the most important, btw. I'm thinking of automatically removing events that break that rule and banning their posters from the upcoming groups I control.
Teach the operating system 
Jakob Nielsen keeps up his long tradition of being wrong in the details but right in the principle. Nielsen is arguing that teaching the specifics of a piece of software is pointless, but the underlying conceptual stuff is far more important.
And I totally agree. Teaching children how to operate, say, Office 2003 - the vintage of Office on offer when I was finishing school - is pointless. Teaching them Office 2007 is pointless. Teaching them how to use a computer, and what all the concepts mean is more important. For about the fiftieth time, this is why I think that it's so sad that A-level Computing courses are being driven out of the 16-18 market and being replaced with dull, lifeless and utterly trite courses like VCE ICT.
The number of times I see people struggle with the most basic of things like files and folders is ridiculous. Many, many of these people have had some kind of formal training.
If we are going to go anywhere, we really need to figure out technical education in this country. Because it really isn't very good.
Banks, security theatre and the Personal Identity Database
Is it just me or is online banking the ultimate case of security theatre? To log in to my bank's website, I need to firstly not use Firefox (if you are on the Mac, you will use Safari). Then I need to provide a login number which is different from my account number, and then provide selected digits from my PIN and selected letters from my password. My password also has to be alphanumeric rather than just alphabetic.
What a nuisance. This doesn't actually help security because banking isn't actually that secure. It's still possible for you to fake a lot of things to get to my bank account's contents (I wouldn't bother - it's looking rather dismal). That's because we still use a ridiculously weak system for person-to-person money transfers called cheques which not only contain your name, bank account number and sort code but also your signature! So cheques are perfectly secure, but we have to have about five different passwords to go online to pay credit card bills.
What the "oversecurity" of online banks means for ordinary users is that they then put all the details down on a piece of paper - or, as I did for a while, stored in a text file in my home directory. Perhaps if online banks would allow people to login using just their bank account number and PIN then we wouldn't have these problems. Most people remember their PINs easily enough, so just run with that.
But we are still forced in to this charade that online banking and shopping is 'insecure'. People still have irrational fears, and so businesses have to counteract those irrational fears with irrational security measures to satisfy the fear but not actually solve the security problem.
The same people who get "concerned" about online banking are perfectly happy to buy in to ID cards or pay by credit card in a dodgy restaurant while travelling. Security theatre, as Schnier, can actually make us less secure - because for our own sanity, we attempt to hack a bad system when a simpler system needn't be hacked and so is in fact more secure.
Still, this comes down to a solution that could be so easily implemented. A personal identity server - a bit like OpenID, but a bit more heavyweight. It'd be a SQL database with strict access controls sitting on a SSL server. Each business, government agency, individual and institution would be able to access the server using an API using a key you provide them. If you no longer like your bank, you set up a new account, give your new bank access to your identity server, move the money from one to t'other and then revoke the old bank's key.
The new NHS computer system fills me with dread, not only because of the inherent incompetence in almost all government IT projects undertaken in this country in the last... well, since about the time the abacus was introduced... but also because it's the hugest pot of honey that one could put out there. Everybody's private health records stored on one not-particularly-well-run computer system. Someone in government is being real smart. It's almost as if they want people to crack in to it. Perhaps to shame us fatties, booze-hounds and smokers in to changing our evil ways.
If you took everyone's health data and decentralised it, this problem would not exist. We haven't seen systemic hacking of web servers. There's an ecosystem of different HTTP servers available - Apache, IIS, lighttpd, Frontier, Tomcat, Zeus, WebObjects etc. Competition between web hosting companies and web server manufacturers (including free and open source) has given us a choice of many good alternatives. We choose between web servers on the basis of scalability and/or features, not so much security.
What do we need with all the health data for a nation aggregated any how? There'd be practical problems to sort out - how would one deal with accidents? What would happen if the computer broke down? But the people solving these problems would solve them quicker, more efficiently and better than any of the big institutions - government or corporate.
A network of personal identity servers would solve the problem that we have with civil liberties infringements, because we would actually have to give our consent, rather than have politicians telling us that because a minority of people went and voted for them rather than the other scumbags that we have given our implied consent to whatever evildoings they are engaging in. If you don't like the way that the NHS is run, you are only one command line away from opting-out. If you are fed up with surveillance, click, and the packets start bouncing off the server.
What would have to change for this to happen? Simple. The data-heavy bureaucracies would have to shut up shop. No more "Total Information Awareness", no more CCTV cameras on every corner. No more gigantic great big databases. Just lots of little, lean efficient databases talking to each other intelligently. The end to the bureaucratic state is citizens opting out, taking their data streams with them and guarding the permissions on them very carefully. The twenty-first century version of a soul will be a personal identity database, and all of the incompetent bureacrats can suck data from it only if we allow it to be so.
For that lot to hapen, we need governments that are less intrusive on our bank balances, less intrusive on our bank records, less intrusive on our lives in general, actually. It's only taken them a decade to build the database of UK gun owners. This is not Texas, for chrissakes. These people are utterly incompetent. I wouldn't trust them with scissors, let alone an army of trained killers or the determining of interest and inflation rates.
Will it happen? Of course not. It's a pipe dream. There are too many people who have a vested interest for the mental disorder that passes for modern-day society for it to change. To get our data back, we need to opt out. Hold up newspapers at CCTV cameras, give fake names for everything. Lie on every application form, landing card, driving licence, everything. Pay by cash for everything you can. Every three months find someone with the same supermarket discount as yourself and swap. While the bureaucrats control the database, there will be no possibility of it working. Our only hope is to chuck things at it to make it break down quicker so that the people who don't pay attention do.
