[News] Post Office Scandal -

[Tom Hark Preston Park]

Anyone working on the legal cases, telling the accused that they were the only one, knew they were doing wrong. And the same goes for those working at the help centre, trying postmasters that they were the only one. A lot of people knew they were doing something wrong, even if they didn't understand the full extent of it.

Yup, it's those who issued instructions to the help centre who need close scrutiny

 

[Tom Hark Preston Park]

The interrogation of the (sample?) Post Office investigator makes for uncomfortable viewing on multiple levels

 

[Talby]

The interrogation of the (sample?) Post Office investigator makes for uncomfortable viewing on multiple levels

There are other equally uncomfortable moments from ex PO employees. From investigators, legal etc etc.

 

[HalfaSeatOn]

Goodness help anyone who is found to have orchestrated activity across the helpline, investigations etc to cover this up, they’ll be off to Tower Green. The CEO is really the only one capable of having a view of ’the system’ - whether they have that capability is another thing or ’the system’ might have been an uncontrollable basket case. The public inquiry is going to be fascinating.

 

[raymondo]

This lawyer has written a long thread about the maze of complications around the compensation scheme, which he alleges is rigged.

That's good, thanks

 

[Shropshire Seagull]

The PO company accounts would not have had any automatic synchronisation with Horizon, which was purely for subpostmasters. Accounting figures would have been taken from Horizon and manually entered into the PO accounting system. The stock figures entered into the PO system would have been the Horizon figures. Any mismatches with the subpostmasters' stock figures would have been put into a suspense account in the PO system and then recovered by making the subpostmasters "repay the the stolen money".
Edit: writing off "wastage" is normal practise in retail where 5% of the inventory typically "disappears".

As I've said previously, I've not worked for PO or Fujitsu but I have worked on many, many projects that are big, both in terms of numbers of users and Petabytes of data.

Horizon was a networked system with one or more terminals in each post office. I very much doubt any data would have been held on each Post Office premises. That just isn't the way these types of systems are designed. In fact, they must have been networked because the secret Fujitsu support team were able to remote on. I would guess each Post Office had a site-ID to identify which actual branch to identify it's own branch transactions on the main database at the datacentre.

In the world of corporate big data NOTHING is entered manually from one system to another, nothing! Everything (possible) is ALWAYS synchronised electronically. To do so manually, would open a huge trap-door for data input errors and add significant cost [people-time] and time delays. Absolute no, no. It's all done electronically, either through batch processing or more recently APIs [Application Programming Interface]. This is the most reliable method to integrate data between different systems. Both systems may be co-located in the same datacentre or private networks between each data source would be used.

So, Horizon will have been feeding data into the PO central accounting system - here the old GIGO comes into force, if the data produced by Horizon was garbage, then the data it then transferred over to central accounting would also have been garbage.

I'm familiar with API - my last project before I retired was to replace all the existing batch and API methods at HMRC into a single new solution. I can tell you that the number of connections [systems sharing data] ran into the thousands ....

Manual? Not a chance ....

 

[METALMICKY]

Just wow! Watching the questioning of the investigator now. The post office only accepted a particular plea bargain if it contained specific wording whereby the defendant accepts there was no problem with the Horizon system. When questioned by the enquiry as to whether that was appropriate to have such a conditional plea he's wriggled a lot before finally admitting no it wasn't

 

[Tom Hark Preston Park]

Just wow! Watching the questioning of the investigator now. The post office only accepted a particular plea bargain if it contained specific wording whereby the defendant accepts there was no problem with the Horizon system. When questioned by the enquiry as to whether that was appropriate to have such a conditional plea he's wriggled a lot before finally admitting no it wasn't

Investigator's getting a bit punchy now. Which seems like he's being put under unfair pressure. Until you remember he was complicit in destroying people's lives on the strength of not much more than confirmation bias. He'd already decided (or had been told) that the poor bastids were guilty and was just looking to tie up the loose ends

 

[Talby]

Investigator's getting a bit punchy now. Which seems like he's being put under unfair pressure. Until you remember he was complicit in destroying people's lives

Agreed. They’ve got to ask the hard question and push for responses, otherwise the Inquiry will fail to deliver. If you haven’t watched the human impact statement from those prosecuted, bankrupted etc I’d recommend it - if only to show why the hard questions need to be put to PO works involved in the prosecutions.

 

[Deportivo Seagull]

Bradshaw comes across as a rather unpleasant individual.

 

[FamilyGuy]

As I've said previously, I've not worked for PO or Fujitsu but I have worked on many, many projects that are big, both in terms of numbers of users and Petabytes of data.

Horizon was a networked system with one or more terminals in each post office. I very much doubt any data would have been held on each Post Office premises. That just isn't the way these types of systems are designed. In fact, they must have been networked because the secret Fujitsu support team were able to remote on. I would guess each Post Office had a site-ID to identify which actual branch to identify it's own branch transactions on the main database at the datacentre.

In the world of corporate big data NOTHING is entered manually from one system to another, nothing! Everything (possible) is ALWAYS synchronised electronically. To do so manually, would open a huge trap-door for data input errors and add significant cost [people-time] and time delays. Absolute no, no. It's all done electronically, either through batch processing or more recently APIs [Application Programming Interface]. This is the most reliable method to integrate data between different systems. Both systems may be co-located in the same datacentre or private networks between each data source would be used.

So, Horizon will have been feeding data into the PO central accounting system - here the old GIGO comes into force, if the data produced by Horizon was garbage, then the data it then transferred over to central accounting would also have been garbage.

I'm familiar with API - my last project before I retired was to replace all the existing batch and API methods at HMRC into a single new solution. I can tell you that the number of connections [systems sharing data] ran into the thousands ....

Manual? Not a chance ....

What he said

and ... In my experience of selling and delivering key IT systems; its relatively easy for suppliers and/or "informed users" to test a system prior to implementation and find that it doesn't work to the extent that Horizon seems to have failed
and ... a basic principle of system testing is that you never, never, never enable the live system to be updated by "outsiders" and without an audit trail. It may even be illegal to do so. "No back doors".
and ... (in my opinion) the government and its associated organisations (like the PO) have a long held practice of accepting the lowest bid and then wasting money and time on "making it work" (and after spending huge amounts of money on inefficient, laborious tender practices), and (in my opinion) suppliers have a long held practice of making huge monies on the back of this ridiculous behaviour - pay peanuts, get monkeys.

Horizon seems/is/was obviously a key system, at the heart of the PO business.
Would you buy the cheapest heart pacemaker you could find?

 

[Springal]

$15Bn in UK Govt contracts Fujitsu have had since 2012

 

[Beach Hut]

Each time the big brand telco I worked for trialled a new system in one small operational area it was always hailed as an astounding success and would be implemented across the country. However when thrust into the big wide world we would then spend 6 to 18 months just trying to get back to the operational level b4 its release. Meanwhile the developer's and management who dealt with it moved onto bigger things washing their hands of any glitches
Only once in my 36yrs employment did they take to task the project team involved and get them to rectify the complete shambles they had forced upon us

Anyone working on the legal cases, telling the accused that they were the only one, knew they were doing wrong. And the same goes for those working at the help centre, telling postmasters that they were the only one. A lot of people knew they were doing something wrong, even if they didn't understand the full extent

 

[Bozza]

Horizon was a networked system with one or more terminals in each post office. I very much doubt any data would have been held on each Post Office premises. That just isn't the way these types of systems are designed. In fact, they must have been networked because the secret Fujitsu support team were able to remote on. I would guess each Post Office had a site-ID to identify which actual branch to identify it's own branch transactions on the main database at the datacentre.

Having listened to all of the Inquiry today, I think you're wrong on the bit in bold.

One of the exchanges this afternoon, sometime between 2:30 and 3:00pm whilst I was out and about, covered the ISDN connectivity between post office branches and a data centre, but it was clear from the discussions that it wasn't a real-time connection as discussion focused on connectivity problems over a number of days and, I'm paraphrasing here, "data would generally catch up again when connection was restored".

So, it sounds like post office terminals were fully capable of supporting the business in isolation and then, maybe as an overnight activity, would batch upload/sync to a main data centre.

EDIT: So, yes, they were networked, but it wasn't a typical client/server system.

 

[Nobby]

Somebody authorised the remote access operation to correct data errors. Somebody told the lawyers remote access was not possible. Somebody instructed the call centre operators to tell callers that each was the only one having problems. Those people should be identifiable and they are guilty, as are their bosses who signed off on those actions. There are also people who have personally committed perjury in court. The Met is on the case, which may not inspire confidence but will, hopefully, lead to criminal convictions.

Let's hope so.
But most of these will be different individuals and will rely on - "that's my bosses level".
That happened today

 

[Sirnormangall]

Just wow! Watching the questioning of the investigator now. The post office only accepted a particular plea bargain if it contained specific wording whereby the defendant accepts there was no problem with the Horizon system. When questioned by the enquiry as to whether that was appropriate to have such a conditional plea he's wriggled a lot before finally admitting no it wasn't

Wonder why the plea bargain needed the conditional clause re Horizon? Possibly a further attempt to prevent any perception of systemic system problems - which PO would only have been worried about if they knew that to be the case.

 

[WATFORD zero]

Having listened to all of the Inquiry today, I think you're wrong on the bit in bold.

One of the exchanges this afternoon, sometime between 2:30 and 3:00pm whilst I was out and about, covered the ISDN connectivity between post office branches and a data centre, but it was clear from the discussions that it wasn't a real-time connection as discussion focused on connectivity problems over a number of days and, I'm paraphrasing here, "data would generally catch up again when connection was restored".

So, it sounds like post office terminals were fully capable of supporting the business in isolation and then, maybe as an overnight activity, would batch upload/sync to a main data centre.

EDIT: So, yes, they were networked, but it wasn't a typical client/server system.

I have no idea what the architecture of the system was, but I can't see that it is relevant. Whether the unaudited access to the individual post offices data was remote/local/real time/batch makes no difference, the very fact that it was authorised is the problem. If this is being done, it also undermines the tracing of any issue with the actual software

For systems that I was involved in where data security was critical, data was always encrypted and could only be accessed via auditable encryption interfaces. This was always the case whether it was software, technical staff or anything else accessing the data.

Sorry @Triggaaar, just thought that may be down to incompetence from the system architect, but equally it may be User Requirement, cost prohibitive or any number of other reasons. But I can't imagine it was designed and done for the criminal purposes for which it was eventually used.

The only incentive to change the culture would have been at Board level.

There were a number of CEO's, Finance Directors, IT Directors who would all have been in the know to some extent, throughout this whole scandal.
But everyone at that level is driven by bonuses and share options - again why rock the boat?

What the hell were the Non Exec's doing through all this?
Just earning a bit on the side from their main incomes rather than question what the hell was going on.

That's where I would start the investigations personally

 

[Bozza]

I have no idea what the architecture of the system was, but I can't see that it is relevant. Whether the unaudited access to the individual post offices data was remote/local/real time/batch makes no difference, the fact is was authorised is the problem. If this is being done, it also undermines the tracing of any issue with the actual software

For systems that I was involved in where data security was critical, data was always encrypted and could only be accessed via auditable encryption interfaces. This was always the case whether it was software or technical staff or anything else accessing the data.

Sorry @Triggaaar, just thought that may be down to incompetence from the system architect, but equally it may be User Requirement, cost prohibitive or any number of other reasons and I can't imagine it was done for the criminal purposes it was eventually used for.

I wasn't suggesting any relevance or otherwise, merely responding to the point made - "no data locally - all central" - having heard today that clearly wasn't the case.

Every system I've been involved in, which is a fair few, had simple command-line access which permitted all manner of manual data hacking - and these were systems controlling hundreds of billions of pounds of assets where, if stuff went particularly badly wrong, the Bank of England and/or the LSE would not be able to function.

On one overnight shift working on a large project "go live" I got my test and production windows the wrong way round and essentially deleted c3m new shareholders in a large demutualisation.

 

[WATFORD zero]

I wasn't suggesting any relevance or otherwise, merely responding to the point made - "no data locally - all central" - having heard today that clearly wasn't the case.

Every system I've been involved in, which is a fair few, had simple command-line access which permitted all manner of manual data hacking - and these were systems controlling hundreds of billions of pounds of assets where, if stuff went particularly badly wrong, the Bank of England and/or the LSE would not be able to function.

On one overnight shift working on a large project "go live" I got my test and production windows the wrong way round and essentially deleted c3m new shareholders in a large demutualisation.

Bloody carpet baggers probably deserved it. I'm not suggesting that IT has any less cowboys than any other industry and certainly not within Banking

 

[Weststander]

My main take from today was that law firms/their client the PO relying on their advice, withheld documents/key information from defence teams for sub-postmasters. Failing to disclose is a criminal offence.

I wonder if some solicitors are craftily working out if they can retire early, cut and running before there are any effects on lucrative pension plans.