英國法院認為 GCHQ 偷黑別人機器是合法的

出自「Tribunal rules computer hacking by GCHQ is not illegal」這篇報導。在 Edward Snowden 爆料美國與英國政府都在幹黑的後,Privacy International 就提出訴訟控告 GCHQ,但前幾天法院認定這樣是合法的:

Campaigners Privacy International have lost a legal challenge claiming the spying post's hacking operations are too intrusive and break European law.

The case was launched after revelations by US whistleblower Edward Snowden about the extent of US and UK spying.

接下來的戰場會變成在 Investigatory Powers Bill 上面?還是會繼續有上訴?

英國計畫在 2018 年開始強制企業公佈男女的平均薪資及 Bonus

英國計畫從 2018 年開始,超過 250 人的公司必須公佈男女的平均薪資及 Bonus:「Companies will be forced to reveal their gender pay gap」:

The new rules, revealed on Friday, will apply to all companies with more than 250 employees.

除了平均薪資以及 bonus 外,還必須公開每個區間的人數:

In addition to publishing their average gender pay and bonus gap, around 8,000 employers across the country will also have to publish the number of men and women in each pay range.

目標是希望讓資訊更透明讓人力市場更健康:

The government is hoping that naming and shaming firms that pay women a lot less than men in the same jobs will push them to stop the practice, because it will make it harder for them to attract top talent.

可以看到目前估算出來的差異:

另外美國也在規劃類似的法案,不僅僅是性別,還包括了種族等其他資訊:

In the U.S., similar plans are also under discussions. President Obama announced a proposal earlier this month that would require companies with more than 100 employees to report how much they are paying their employees by race, ethnicity and gender.

英國將 10Mbps 上網訂為法定權利

在「UK govt to make 10 Mbps broadband a legal right」這邊看到英國政府打算更新法案,逐步將 10Mbps 上網速度訂為法定權利。

目前法定權利是 28.8Kbps 的撥接速度:

Currently, the minimum USO for data access in Britain is just 28.8 Kbps, or dial-up speeds.

打算在今年年底拉高為 2Mbps,並且在 2020 年拉高為 10Mbps:

Under the proposal, the minimum speed specified by the USO will be raised to 2 Mbps by the end of the year, before further increasing to 10 Mbps by 2020.

英國首相 David Cameron 公開說明,internet 應該被認定為基本權利:

"Access to the internet shouldn’t be a luxury; it should be a right – absolutely fundamental to life in 21st century Britain," Cameron said.

英國政府對電腦的資安管理機制:Ubuntu 14.04 LTS 的部份

Ubuntu Insights 上看到「UK Government issues Ubuntu 14.04 LTS Security Guidance」,英國政府發布了 Ubuntu 14.04 LTS 的資安規範:「End User Devices Security Guidance: Ubuntu 14.04 LTS」,在裡面甚至還包括了 script 幫你處理。

可以在「End User Devices Security and Configuration Guidance」的「Per-platform Guidance」看到其他作業系統的資安管理規範。

在企業規劃內部的資安規範時也可以拿來參考看看?

英國政府將優先考慮 Open Source 應用

Slashdot 上看到的文章:「UK Government Mandates 'Preference' For Open Source」,引用的新聞是「Government mandates 'preference' for open source」,英國政府的說明原文則是在「Open source — Government Service Design Manual」。

第一段就馬上說明無論是作業系統、網路軟體、網站伺服器、資料庫,甚至是程式語言,都應該優先考慮 open source 方案,再考慮 closed source 替代方案:

Use open source software in preference to proprietary or closed source alternatives, in particular for operating systems, networking software, Web servers, databases and programming languages.

只有在少數狀況下才應該使用 SaaS 或是安裝非 open source 軟體替代:

Problems which are rare, or specific to a domain may be best answered by using software as a service, or by installing proprietary software.

不過這份 manual 還未定案,還可以看看會有什麼更新...

英國政府所建議的「數位服務設計原則」

在 Hacker News 的摘要上看到的,對於政府提供數位服務,英國政府嘗試訂出設計原則 (雖然目前這份文件還是 alpha 版本):「Government Digital Service Design Principles」。

這份原則是延伸自原來的七大守則:

其中有幾點相當棒:

  • 第二條的「Do less」,如果有人已經做了類似的事情,就直接連出去,不要做重複的事情 (If someone else is doing it — link to it),政府只需要提供其他人無法提供的資訊 (We should concentrate on the irreducible core)。如果能夠提供 API 之類的介面幫助其他服務做的更好,就提供出去讓其他人再利用 (If we can provide resources (like APIs) that will help other people build things — do that.)。
  • 第四條的「Do the hard work to make it simple」直接提到,使用者會用政府的服務是因為沒有替代方案:如果不努力讓服務簡單易用,就是在浪費使用者的時間。(With great power comes great responsibility — very often people have no choice but to use our services. If we don’t work hard to make them simple and usable we’re abusing that power, and wasting people’s time.)
  • 第五條的「Iterate. Then iterate again.」,考慮風險,如果一次到位的風險太高,邊打邊跑推出服務:從 alpha 階段進入 beta 階段,再從 beta 階段趨近於成熟,每個階段去看實際的反應,而不是一開始就畫一張大餅猜測使用者需要什麼。
  • 第八條的「Build digital services, not websites」與第十條的「Make things open: it makes things better」,標題就說明得很清楚了。

即使是一般商業產品的設計也是通用的原則...