Blog posts
Collected posts from the various blogs I’ve contributed to over since 2002.
Collected posts from the various blogs I’ve contributed to over since 2002.
This was originally posted on the GDS Technology blog. I spoke recently at the Business Reporter’s Data Security in the Cloud event about how security has changed to face the reality of the modern internet era. The old world of assurance and compliance and ‘ security says no’ won’t cut it anymore. Security thinking has to be holistic and take into account users, culture, context and behaviour not just technology. ...
This was originally posted on the Government Technology blog. With the number of visitors we have coming through GDS we’re often asked to present various areas of our work, particularly architecture. We’ve usually kept the presentation pretty informal. People mean so many different things by architecture that it’s important to take some time to understand our audience before we dive into explaining our approach. Recently though, we’ve noticed some common patterns emerging and have begun pulling our thoughts together as an introductory slide deck. ...
Last week I delivered the opening keynote at Salford University’s Future of Government ICT conference. Sadly I was only able to be there for an hour or so and didn’t get a chance to hear any of the other speakers, but it was fun to get a little time there and to talk with a few participants. The talk was trying to jam together an update on what GDS is working with and some thoughts on what’s going on in the tech world more generally. That was a lot to cover in half an hour! ...
Originally posted on the Technology at GDS blog. Over the course of the past few years many teams across government have begun publishing their code under open source licenses. That’s a change that’s been pushed by the Digital by Default Service Standard but it’s just as much a result of the change in development culture that’s permeating the civil service, with teams eager to share their work. Despite that, releasing code is still a challenge for many teams and it can be one of the trickier areas of service assessments for many. Recently, Alex wrote about the work that the GOV.UK team did to open up their infrastructure code. Another project GDS has been deeply involved in that has been looking at opening up its code is the Register to Vote service. ...
Over Christmas I spoke with a team in the US government who are pulling together some work on open source policy on that side of the Atlantic. To help them I tried to document recent UK government history on the topic. Having done that it seemed helpful to publish it somewhere in case I ever need to referene it, but the GDS blogs didn’t feel quite right. This is definitely incomplete and I know a lot of other people were doing a lot of work. There’s a clear GDS-centric slant here because that’s what I know first hand. If you spot any particular egregious missing pieces, feel free to use the comments to add them. ...
There’s lots of really good work going on at the moment to make the browser environment more secure. Github wrote up their experience of implementing one of them. These changes don’t just make the users’ experiences more secure, they can have very real direct financial benefits too. Github claim: “Widespread adoption of Subresource Integrity could have largely prevented the Great Cannon attack earlier this year.”
Wired’s piece on how WhatsApp serves 900 million users with only 50 engineers is getting a lot of attention. It’s an incredibly impressive feat, but it’s a shame the article focuses on their use of Erlang rather than looking into what effect the tight focus of the product has. The language is a factor, but it seems like the main reason they’d be able to work with a relatively small team is that they stick to a very small set of features? ...
I’m really excited about the work Adam and team are doing at Department of Health and NHS. It’s great to see them beginning to unveil what they’re up to.
Write up from a departing SoundCloud engineer of that company’s architectural journey. “I am sorry to disappoint my fellow techies, but the reason we migrated to microservices had to do much more with productivity than pure technical matters. I’ll explain.”
One of our junior devs, Tatiana, wrote about her experience speaking at a recent Cambridge University summer school. “Learning to code is not about remembering facts, but about building things. And it’s perfectly acceptable to look up all the knowledge you need online. In fact, part of becoming a developer is becoming efficient at finding things out for yourself. It’s also about asking the right questions, like when there is a bug: could it come from the code I wrote? Which line? What things should I check to find out? What do I need to research to fix it?” ...