Dan Q

Tag: news

NHS England rushes to hide software over AI hacking fears

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

NHS England has issued new guidance to staff, which has been shared with New Scientist, that demands existing and future software be pulled from public view and kept behind closed doors. “All source code repositories must be private by default. Repositories must not be public unless there is an explicit and exceptional need, and public access has been formally approved,” says the new guidance. The deadline for making code private is 11 May.

Last month, an AI created by Anthropic called Mythos was widely reported to be capable of discovering flaws in virtually any software, potentially allowing hackers to break into systems running it.

NHS England’s guidance specifically points to Mythos as the cause for the new measures.

Yet again, “AI” is the reason why we can’t have nice things on an open and transparent Web.

This is bad, of course. But the worst part is the illusion it helps feed that closed-source software is necessarily more-secure than open-source software. Obviously it’s all much more-complex than that. Indeed, the article goes on to quote Terence Eden thoroughly debunking the entire line of thought:

“Is it possible that Mythos will scan a repository and find a bug? Yes, 100 per cent likely. Is that going to be a bug that causes a security issue in a live NHS service somewhere? Almost certainly not,” says Eden. “I think it’s someone in NHS England buying into the hype that Mythos is going to cause the end of security as we know it and getting a bit panicked.”

He’s right. This policy change is unlikely to improve the security of any of the affected pieces of NHS software (for much of which, the code is already out-there and archived, and so removing it from the Internet now is pretty pointless). If it’s going to be attacked, it’ll be attacked, and the resources that the bad guys have for probing a whole database worth of CVEs or fuzz-testing the extremities makes the availability of vulnerability-scanning AI pretty-close to irrelevant.

At least if it were open source then the good guys would have a chance of helping out… as well as we, the taxpayers who made the software possible, being able to see where our money was going!

Altogether a bad move by the NHS, here.

Repost posted at UTC on .

No comments

BBC News RSS… with full-size thumbnails!

I love that my tool for making BBC News RSS feeds “better” continues to help people1. But I also enjoy that as a platform, it’s still got room to grow.

For instance, at the start of the weekend I received an email from somebody called Phil, who asked:

Could you possibly have an alternative ‘HQ’ version of your feeds which replaces standard/240 with standard/1200 in the URL for each article in the XML?

I am obviously pretty desperate for this feature, hence me reaching out.

Phil’s right. The BBC News RSS feeds contain thumbnail images that look like this: 

<media:thumbnail width="240"
                height="135"
                   url="https://ichef.bbci.co.uk/ace/standard/240/cpsprodpb/623a/live/5f8c30c0-3d7f-11f1-ac78-2112837ce2aa.jpg"
/>

You see the /240/ in that URL? If you change it to /1200/ then, as Phil observes, you get a much-higher resolution thumbnail. Naturally you ought to correct the width and height attributes accordingly, too.

The difference is pretty significant. See:

Image of an F1 car, half in a low, blocky resolution; half in full resolution.
You’d be forgiven for thinking the left-hand-side of this image was the Lego model of this car.

So I raised Phil’s request as a GitHub issue, like a good maintainer, before realising that – hang on – this would be a really easy improvement and I should just… do it.

My BBC feeds “improver” leverages one of my very favourite RubyGems, Nokogiri, to perform XML parsing and modification. The code you need to tweak these URLs is super simple: 

# Iterate through each <media:thumbnail> element in the RSS feed:
rss.xpath('//media:thumbnail').each do |thumb|
  # Skip any that don't start the way we expect:
  next unless thumb['url'] =~ /^https:\/\/ichef.bbci.co.uk\/ace\/(standard|ws)\/240\//
  # Swap the 240 for 1200 in the url="..." attribute:
  thumb['url'] = thumb['url'].gsub(/\/ace\/(standard|ws)\/240\//, "/ace/\\1/1200/")
  # Set width="1200":
  thumb['width'] = "1200"
  # Set the height="..." proportionally (they're not always the same!):
  thumb['height'] = (thumb['height'].to_f / 240 * 1200).round.to_s
end
In the actual code I wrote the magic numbers 240 and 1200 are constants, of course.

That really is all there is to it, but look at what a difference it makes in an RSS reader:

Before and after screenshots of an RSS reader showing BBC news stories. The thumbnails in the "after" side are visibly higher-resolution.

I got that merged and the GitHub action that makes the magic happen got started on its usual 20-minute schedule soon afterwards. I didn’t even have to finish waiting for my lunchtime ramen to cool down before the change was out there and, hopefully, helping people. Phil emailed me again soon afterwards:

You managed to fix something in your lunch break that has been bugging me for well over a decade. The difference in quality is night and day.

Anyway: it pleased me to discover that my software is out there, helping people.

As with most of my open source work, I put little to no effort into tracking any kind of metrics of usage, which means I only get to find out if I’ve done good in the world when people reach out and tell me. So I was delighted to hear from Phil (as well as to take his suggestion and improve the tool for everybody!).

Footnotes

1 Specifically, the code I’ve written makes a few improvements to the BBC News RSS feeds: (1) removing duplicate news, (2) removing non-news content such as “nudges” towards the app or to iPlayer content, and (3) optionally removing sports news. If that sounds like a better version of the BBC News RSS feeds, you should take a look!

× ×

Article posted at UTC on .

No comments

Daily Mail RSS that doesn’t suck

Off the back of my project to un-suckify BBC News’ RSS feeds (https://bbc-feeds.danq.dev) by removing non-news content and duplicate items, I received an email this week (addressing me by the wrong name, I might add) from somebody who asked if I could do the same… for the Daily Mail.

I’m so very tempted to provide an empty RSS feed and say “there you go; that’s an RSS feed of the Daily Mail but with the crap bits removed”.

Turns out my distaste for the Daily Mail is greater than my love of clean RSS.

Email from Simon G to Dan Q, subject "Dail Mail RSS that doesn't suck", with message: Hey Darren, I’ve come across your BBC RSS feeds and find them really useful over the last few days. Thank you so much for this!! I’m not sure how easy it is but could you do something similar with the Daily Mail as that has thousands of reposts a week? Happy to contribute/donate.

×

Note posted at UTC on .

2 comments

BBC Sports News (without the crap)

For the last few years I’ve been running a proxy of the BBC News RSS feeds (https://bbc-feeds.danq.dev) that strips out duplicate content, non-news content, and (optionally) sports news.

This weekend, for the first time, somebody asked if it could produce an edition that included only the sports content. Which turned out to be slightly more difficult, because it’s the kind of scope-creep that my “uninterested-in-sports-news” brain couldn’t conceive that anybody would want! But I got there in the end.

If anybody’s looking for their fill of “BBC News Feeds… But Better!”, give it a look.

Note posted at UTC on .

13 comments

Woodcraft Folk statement on the exclusion of trans children from Girlguiding

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Woodcraft Folk stands in solidarity with every trans child, young person and volunteer who faces exclusion from Girlguiding UK following the announcement on Trans inclusion.

We recognise that Girlguiding UK have taken this decision in the context of intense political pressure and legal uncertainty. However, this does not make the outcome acceptable. Young people should never bear the consequences of political disputes. All children and young people deserve respect, safety and inclusion in their youth organisations.

Excellent statement from Woodcraft Folk.

I was saddened to hear the news that Girlguiding will no longer accept trans girls as members. It seems to me that it would have been perfectly reasonable for them to change their articles in response to the Supreme Court silliness: instead of declaring themselves as being for the benefit of “girls and women” they could have become for the benefit of “girls, women, trans girls, and trans women”.

Yes, obviously it’s horrible that the Supreme Court’s othering decision means that people have to spell out that “by women, we mean all women, including trans women”. But that’s a thing that a charity can do. It’s perfectly reasonable for a charity to be for the benefit of multiple groups.

But no, they took the easy option.

So it’s great to see youth-supporting organisations like Woodcraft Folk make a statement like this that trans kids continue to be welcome with them. Okay, this was easier for them than for Girlguiding because Woodcraft’s articles didn’t contain any gendered language in the first place. And it’s fine that Girlguiding’s does use gendered language – it’s okay for charities to be gender-specific! – but it’s a shame that they didn’t… pardon the pun… have the balls to stand up for what’s right for all women and girls, in spite of the UK’s growing transphobia. Ugh.

Anyway: nice work, Woodcraft Folk.

Repost posted at UTC on .

No comments

AI assistants misrepresent news content 45% of the time

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

New research coordinated by the European Broadcasting Union (EBU) and led by the BBC has found that AI assistants – already a daily information gateway for millions of people – routinely misrepresent news content no matter which language, territory, or AI platform is tested.

Key findings: 

  • 45% of all AI answers had at least one significant issue.
  • 31% of responses showed serious sourcing problems – missing, misleading, or incorrect attributions.
  • 20% contained major accuracy issues, including hallucinated details and outdated information.

In what should be as a surprise to nobody, but probably still is (and is probably already resulting in AI fanboys coming up with counterpoints and explanations): AI is not an accurate way for you to get your news.

(I mean: anybody who saw Apple Intelligence’s AI summaries of news probably knew this already, but it turns out that it gets worse.)

There are problems almost half the time and “major accuracy issues” a fifth of the time.

I guess this is the Universe’s way of proving that people getting all of their news from Facebook wasn’t actually the worst timeline to live in, after all. There’s always a worse one, it turns out.

Separately, the BBC has today published research into audience use and perceptions of AI assistants for News. This shows that many people trust AI assistants to be accurate – with just over a third of UK adults saying that they trust AI to produce accurate summaries, rising to almost half for people under-35.

Personally, I can’t imagine both caring enough about a news item to want to read it and not caring about it enough that I feed it into an algorithm that, 45% of the time, will mess it up. It’s fine to skip the news stories you don’t want to read. It’s fine to skim the ones you only care about a little. It’s even fine to just read the headline, so long as you remember that media biases are even easier to hide from noncritical eyes if you don’t even get the key points of the article.

But taking an AI summary and assuming it’s accurate seems like a really wild risk, whether before or after this research was published!

Repost posted at UTC on .

No comments

Trans former judge plans to challenge gender ruling at European court

“Trans former judge plans to challenge gender ruling at European court”: https://www.bbc.co.uk/news/articles/c9qw2149yelo

Representation matters. That we have a trans former-judge, somebody both well-equipped and motivated to escalate this important challenge to the ECHR, is hugely fortunate.

We need more representation (of trans people specifically, but many other groups too, and perhaps particularly in the intersections) in positions of power, expertise, and authority. To defend the human rights of all of us.

Wishing you luck, Victoria McCloud.

Note posted at UTC on .

No comments

Scots Fire Brigade Union demand new legal protections for people with more than one romantic partner

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

In the fight for equal representation for polyamorous relationships, polyamorists may have a strange and unlikely ally in… the Scottish Fire Brigade Union:

Scotland’s Fire Brigade Union (FBU) has been blasted after calling for more legal protections for Scots who have more than one romantic partner. Members of the group, which is meant to campaign to protect firefighters, want to boost the legal rights of polyamorous people.

I love that a relatively mainstream union is taking seriously this issue that affects only a tiny minority of the population, but I have to wonder… why? What motivates such interest? Are Scottish fire bridades all secretly in a big happy polycule together? (That’d be super cute.)

Anyway: good for them, good for us, good all round at a time with a bit of a shortage of good news.

Repost posted at UTC on .

No comments

Feed Readers Beat Doomscrolling

The news has, in general, been pretty terrible lately.

Like many folks, I’ve worked to narrow the focus of the things that I’m willing to care deeply about, because caring about many things is just too difficult when, y’know, nazis are trying to destroy them all.

I’ve got friends who’ve stopped consuming news media entirely. I’ve not felt the need to go so far, and I think the reason is that I already have a moderately-disciplined relationship with news. It’s relatively easy for me to regulate how much I’m exposed to all the crap news in the world and stay focussed and forward-looking.

The secret is that I get virtually all of my news… through my feed reader (some of it pre-filtered, e.g. my de-crappified BBC News feeds).

FreshRSS screenshot showing a variety of feeds categorised as Communities, Distractions, Geeky, YouTube, News, Strangers, etc. Posts from yesterday and today are visible.
I use FreshRSS and I love it. But really: any feed reader can improve your relationship with the Web.

Without a feed reader, I can see how I might feel the need to “check the news” several times a day. Pick up my phone to check the time… glance at the news while I’m there… you know how to play that game, right?

But with a feed reader, I can treat my different groups of feeds like… periodicals. The news media I subscribe to get collated in my feed reader and I can read them once, maybe twice per day, just like a daily newspaper. If an article remains unread for several days then, unless I say otherwise, it’s configured to be quietly archived.

My current events are less like a firehose (or sewage pipe), and more like a bottle of (filtered) water.

Categorising my feeds means that I can see what my friends are doing almost-immediately, but I don’t have to be disturbed by anything else unless I want to be. Try getting that from a siloed social network!

Maybe sometimes I see a new breaking news story… perhaps 12 hours after you do. Is that such a big deal? In exchange, I get to apply filters of any kind I like to the news I read, and I get to read it as a “bundle”, missing (or not missing) as much or as little as I like.

On a scale from “healthy media consumption” to “endless doomscrolling”, proper use of a feed reader is way towards the healthy end.

If you stopped using feeds when Google tried to kill them, maybe it’s time to think again. The ecosystem’s alive and well, and having a one-stop place where you can enjoy the parts of the Web that are most-important to you, personally, in an ad-free, tracker-free, algorithmic-filtering-free space that you can make your very own… brings a special kind of peace that I can highly recommend.

×

Article posted at UTC on .

No comments

Note #25737

“I’m only asking for basic respect.” – Dr. Beth Upton, in the face of a hostile courtroom, media, and world.

Her fucking bravery is amazing. 💖

Note posted at UTC on .

No comments

Note #25736

After “fixing” BBC News’ RSS feeds I noticed that I was seeing less news (and, somehow, stressing less over everything happening in the USA). Turns out that in switching myself to my new system I’d subscribed to the UK edition, whereas previously I’d been on the Full edition. I’ve corrected it now in my RSS reader, but it was an interesting couple of days.

tl;dr: I accidentally stopped reading international news and I was less stressed

Anyway: if you’re not already using my improved BBC News RSS feeds, they’re at: https://bbc-feeds.danq.dev

Note posted at UTC on .

2 comments

UK’s secret Apple iCloud backdoor order is a global emergency, say critics

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

In its latest attempt to erode the protections of strong encryption, the U.K. government has reportedly secretly ordered Apple to build a backdoor that would allow British security officials to access the encrypted cloud storage data of Apple customers anywhere in the world.

The secret order — issued under the U.K.’s Investigatory Powers Act 2016 (known as the Snoopers’ Charter) — aims to undermine an opt-in Apple feature that provides end-to-end encryption (E2EE) for iCloud backups, called Advanced Data Protection. The encrypted backup feature only allows Apple customers to access their device’s information stored on iCloud — not even Apple can access it.

Sigh. A continuation of a long-running saga of folks here in the UK attempting to make it easier for police to catch a handful of (stupid) criminals1… at the expense of making millions of people more-vulnerable to malicious hackers2.

If we continue on this path, it’ll only be a short number of years before you see a headline about a national secret, stored by a government minister (in the kind of ill-advised manner we know happens) on iCloud or similar and then stolen by a hostile foreign power who merely needed to bribe, infiltrate, or in the worst-case hack their way into Apple’s datacentres. And it’ll be entirely our own fault.

Meanwhile the serious terrorist groups will continue to use encryption that isn’t affected by whatever “ban” the UK can put into place (Al Qaeda were known to have developed their own wrapper around PGP, for example, decades ago), the child pornography rings will continue to tunnel traffic around whatever dark web platform they’ve made for themselves (I’m curious whether they’re actually being smart or not, but that’s not something I even remotely want to research), and either will still only be caught when they get sloppy and/or as the result of good old-fashioned police investigations.

Weakened and backdoored encryption in mainstream products doesn’t help you catch smart criminals. But it does help smart criminals to catch regular folks.

Footnotes

1 The smart criminals will start – or more-likely will already be using – forms of encryption that aren’t, and can’t, be prevented by legislation. Because fundamentally, cryptography is just maths. Incidentally, I assume you know that you can send me encrypted email that nobody else can read?

2 Or, y’know, abuse of power by police.

Repost posted at UTC on .

No comments

BBC News RSS… your way!

It turns out my series of efforts to improve the BBC News RSS feeds are more-popular than I thought. People keep asking for variants of them, and it’s probably time I stopped hosting the resulting feeds on my NAS (which does a good job, but it’s in a highly-kickable place right under my desk).

Screenshot of BBC News RSS Feeds (that don't suck!).
The new site isn’t pretty. But it works.

So I’ve launched BBC-Feeds.DanQ.dev. On a 20-minute schedule, it generates both UK and World editions of the BBC News feeds, filtered to remove iPlayer, Sounds, app “nudges”, duplicates, and other junk, and optionally with the sports news filtered out too.

The entire thing is open source under an ultra-permissive license, so you can run your own copy if you don’t want to use mine.

Enjoy!