Linked by Thom Holwerda on Mon 5th Sep 2011 22:26 UTC
Privacy, Security, Encryption So, people from within Iran have hacked the Dutch company DigiNotar, allowing them to issue fake certificates so they could listen in on Iranian dissidents and other organisation within Iran. This is a very simplified version of the story, since it's all quite complicated and I honestly don't even understand all of it. In any case, DigiNotar detected the intrusion July 19, but didn't really do anything with it until it all blew up in their face this past week. Now, the Dutch government has taken over operational management of DigiNotar... But as a Dutch citizen, that doesn't really fill me with confidence, because, well - whenever the Dutch government does anything even remotely related to IT technology, they mess it up. And mess it up bad.
Thread beginning with comment 488595
To read all comments associated with this story, please click here.
It's not incompetence in IT ...
by MacTO on Tue 6th Sep 2011 01:25 UTC
MacTO
Member since:
2006-09-21

It sounds like the Dutch government's problem doesn't have anything to do with IT. It sounds like they have a problem with how they contract projects out.

Now I don't know how things work in the Netherlands, but there are two problems with how it works in Canada. A huge problem is that bidders underestimate costs, because it is the only way to make a competitive bid. The mentality of outsourcing also means that the government has relatively little technical expertise to evaluate bids, meaning that they are almost dependent upon accepting the bids at face value.

Oh, and thank-you for the transit anecdote. My city is planning to move to a similar system. Ironically, many people can barely figure out how to use the existing system!

Reply Score: 2

_txf_ Member since:
2008-03-17

A huge problem is that bidders underestimate costs, because it is the only way to make a competitive bid.


That is a problem not just in IT, but everywhere. Particularly in public projects those in charge favour cheap projects over slightly more expensive (but significantly better projects). Invariably this usually means that the cheaper project is either cutting corners or underestimating the costs which either they raise once granted the project, or, produce shoddy work.

Reply Parent Score: 2

cfgr Member since:
2009-07-18

That is a problem not just in IT, but everywhere. Particularly in public projects those in charge favour cheap projects over slightly more expensive (but significantly better projects).


Unfortunately this is required by law (at least in Belgium, but probably in most countries). Government projects must always choose the cheapest solution that fulfils the requirements. Which makes sense in a way: why waste taxpayer's money on more expensive contracts?

However, in practice, companies abuse this the same way Ryanair cheats on you: hiding costs everywhere or just plain lying about it. It requires a lot of expertise to write a perfect contract and make the right decision in so far the law allows you. Most government workers do not have this expertise, especially not local ones). This results in very poor solutions, often never finished.

There have been a few big cases like this here. The government has now sued several of those companies but meanwhile they don't have the money for an alternative solution (with the same risks) and lawyers aren't exactly cheap either.

Edited 2011-09-06 12:22 UTC

Reply Parent Score: 1