Step onto Soap box,

Gentlemen and ladies please excuse me I may meander, however my intentions are honest and my ethos is Respect of us all serving and in the community, holding dear the Integrity of the RAF, with Service before Self and ensuring my post stays within the Ethos of the RAF spirit. Therefore the AP1 (RISE);

What gets me is the phrase, 'leader' in everything EDS do or advertise, leader in what?

Governmental overspend/insecurity in introducing a new ATC software program?

Governmental overspend/insecurity in introducing a new Passport control system?

Governmental overspend in introducing/insecurity a new DWP program?

Governmental overspend in introducing/insecurity a new CSA system?

Now forgive me if I have missed anything here but what have EDS done for us but, cost the Gov shed loads of money for pants applications. There must be some monetary claw back facility? Or did they write the contracts on good faith?

I hope not as I'll get Cherie BLair (£250 per hair-do) as my Human Rights lawyer once I rotate back to civilian life. as they must have abused me at sometime within my life in the forces!! (some bleeding heart will tell me I am sure)

Wow EDS so good we said it at least 4 times in the BLair Administration, we can't still be brought down the path of its was the previous administrations fault! If so it was BLair and his party as a country we have managed to ensure his place in the annuls of British political history as the longest serving (I use that word with care i.e. who are they serving?) Labour Government.


Normally I don't get angry/upset about politics, but I am now reaching the end of my tether. we are now being left in the possible position of having to go on Det/OPs and pay for it out of our own pocket, only to claim it back, 'if we have all the receipts'. Now someone mentioned on the RAF forums that Admin will not impact on the trades. Oh yes 'Former IT Bloke' party stooge if there was ever one. If you wish to fly in an A/C where the Tech's are worrying about pay etc or the flight crew are as well.

Tell me the functionality of the system outweighs the security/operational benefits/time saving/admin burden.

The persons who commissioned JPA probably had the BEST intentions, however they were so far removed from the coal face they had no real idea of the impact upon the RAF of its introduction. We are now wasting at least 40min per call to JPAC (I have records of this) to find out if a SAC is now Q-OPS, this is untenable, as I need my SAC Q-OPS to complete the servicing of the A/C, they have been paid and given back pay for the Q-OPS rank, but this month it has been taken away as the system does not recognise the legacy F252. FFS what am I meant to do I need these guys to be able to operate as Q-OPS to carry out the A/C servicing, now they are worried as are they Q-OPS or not, are they going to get a pay deduction next month or not? I have phoned the HR section (PSF) the guys there were very stressed but tried to help the best they can, JPAC won't answer the phone.

What option is left to us the ‘customer’ of the AFPAA since the introduction of SAMA we the ‘customer’ have never been so left out of the loop, at least with SAMA PSF still had the KARDEX system to work from. We should not raise our voices against PSF/HR Flt but the personnel who arranged for this system to be brought on blind. Sorry you cannot trial a system with 230 pers on one unit over 3weeks and then say that’s it is good to go for a whole fighting Force, let alone Tri Service.

Looking back at the RAF forums, those with intranet can see it. Former IT Bloke is so far into the company pockets he’s in the hems of the CAS’s trousers, yes he does put up a good fight and I am sure he is able in his field, but his arrogance in dealing with us is untenable with his position.

We now are aware that the system is insecure; this is not tenable, versus, ‘functionality’ as he puts it. How would it be if, we as engineers said we’ll its functional, one trip only’ we’ll worry about security if you come back? Not to worry it’s just your life on the line? Compare that to not to worry it’s just all your personal details available any Hacker with an above average IQ to find? By the way they tend not to join regimented, hierarchical systems as they do not enjoy the structure of the aforementioned systems, therefore they think well outside the box to get into it. Leaving us trailing far behind catching them up, as Former IT Bloke said we are beta testers, however we are not protected by the Data Protection Act as he thinks, as the RLI is not a secure INTRANET as it has direct and uncontrollable links with the INTERNET, especially the JPA home page, if you have an IGS account and click on the Oracle Privacy link on the bottom R/H side of the main page you go straight onto the INTERNET, and packet share there, no mac address, no secure sockets, plain old clear text.

As I said on my original post I am not trying to stir, scare monger or do anything of any other sort I just want to ensure my data is secure according to the Data Protection Act, as if I was to hold a database about persons on my unit and it was unsecured and leaked out onto the public domain I’d be held accountable. I am just wanting parity amongst organisations, and to ensure we are not left as Second Class Citizens.

Step off soap box

If you want to argue for the security side please do and I'll be happy to research alongside you for a feaseable outcome.

P.S. If anyone wants to take my written words from a public forum and use them as the wish as long as they keep them in the context in which they are written please feel free to do so.

A_d

Well done...That is a brilliant piece. Have you read any of the comments in Private Eye about EDS? They have been railing against the company for some time now, and in particular their government contracts.

(I can't help myself from wondering who is paying for the extra staff that must have been brought in to sort out the software, and answer the helpdesk 'phones. I wonder if it comes with the package we bought, or whether we (the Mod/RAF) are paying? I mean any decent company would have to offer that kind of back-up for free as part of the contract...(As I said any decent company...))

I'm pleased you mentioned about Q OPS guys, I had a phone call yesterday from a lad who's NVQ was processed a while ago. Everything else has gone according to plan, he has his certificates and hoops of power, the only problem is his pay. During the phone call he told me that since he has become Q OPS JPA considers this a change of trade and has been put on marking time pay for two years, as opposed to getting his 2 level pay increase and any back pay he is due (his 6000 is fine he got a high rec so thats not the problem).

Before I got the phone call he had already been passed from pillar to post by PSF and JPAC, unfortunately the only advice I could give was to get his SNCO or boss on the case to sort it out for him and get on the blower to Cosford to see if they could help. I haven't heard of any results from this yet but I fear I can predict the outcome is going to be a guy out of pocket for quiet a while to come.

Now for the next thing, if the system is not secure and vunerable to hackers, no one should be entering any next of kin details and such on to the system. Remember that robbery down in Kent not to long ago, where the robbers targeted the bosses family to get him to give them access to the building or the animal rights group accessing the names and addresses of small share holders in a drugs company and making threats of one sort or another. What would be stopping terrorists employing the same tactics on us. Lets face it AL Quiada (or however you spell it) have shown themselves to be pretty techno savvy. Money I can go with out for a while if some decides to get in and play with the system, my family and loved ones are for more important to me than forcing an unproven system through to save losing face.

Just my views on the whole system at the moment.

I asked the question about security via the JPAC who closed the thread without a response apart from 'you need to speak to your unit about it'.

I have now asked the question via email to the implementation team at the unit and will not be logging onto JPA to process any of my details until a satisfactory answer is given.

It's going to need a lot of people to ask the same question at their unit level.

I'll let you know what sort of response I get.

As pointed out in the previous thread here, the implications could be disastrous.

Perhaps our IT gurus who are presumably testing the system to determine it's security could dig out the NI and At Work Address details for the Air Member for Personnel and post them back to him on a compliments slip. Perhaps then he might start to take JPA security seriously.

Perhaps our IT gurus who are presumably testing the system to determine it's security could dig out the NI and At Work Address details for the Air Member for Personnel and post them back to him on a compliments slip. Perhaps then he might start to take JPA security seriously.

Now that would be funny!

Do you think that someone, somewhere could then issue a big pot of 'I told you so'?

that would be classic!

Dear sir,

You don't know who I am, however due to the lack of security on JPA I now know every last detail i need to completely f*ck you over.

I know your wifes name, where she lives, her contact numbers, I know how old your kids are and where they are at. I know your NI number, NHS number, Passport number, bank account number. I know where you go on leave, and where to phone whilst your there. I know what jobs you have had, what postings you have been on, and where you'd like to go.

congratulations on a bug ridden unsecure admin system. I'm sure no terrorists have done the same, and I'm sure your wife and kids will sleep safe tonight.

A disgruntled airman

that would be the ultimate kodak moment!!! Watch heads roll if someone did that!!!

Let's just hope it does not come true eh!

I certainly hope not, but it'd only be if it happened to someone like CAS or AoC or something like that that heads would roll. and i mean instantly!

For those of you who haven't seen the latest issue of Private Eye might be interested in this which is a quote from their article on page six of issue No.1158 -

"No sooner have lawyers for EDS and the government shaken hands on a compensation deal for the computer firm's tax credits foul-ups than they might have to return to the negotiating table over another public sector fiasco.

The Eye first reported that EDS had won the Joint Personnel Administration (JPA) contract to run the armed forces payroll 18 months ago, with the warning that "squaddies might want to start checking their payslips a bit more carefully". Since then the army and navy have shrewdly stepped back, leaving the RAF as the "lead customer" on a deal that went "live" last month, with the first pay packets hitting the bank accounts two weeks ago.

Immediately the range of cock-ups is immpressive even by EDS's standards. Many pilots haven't received their "flying pay" - a large proportion of their wage - while ground staff whose feet have never left terra firma have. Meanwhile the system repeatedly crashes so confused servicemen and women can't work out what's going on" - quote ends.

As the Eye says from time to time "So...that's alright then!"

An interesting article in the Torygraphy (http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2006/05/16/nid16.xml&sSheet=/news/2006/05/16/ixuknews.html) today, say that there are alleged cases of Identity Fraud being carried out, by Civil Servants. Now that makes me feel happy knowing that all my pay and NI details are passed in the clear on an unsecured system that is open to many Civil Servants.

No need to panic, there is only potentially 44000 people sending bank details and all personal information through JPA, I can't wait until they ask why i'm refusing to use it!

They have you both ways...don't use JPA to put your bank details on and hey presto no pay, do it and any IT gimp can find out everything about me and my family, when so many of us are on operations it is reasuring to know that should the worst happen ITN or BBC news crews could with very litttle effort, beat the notification team to my family for a interview.

Thanks JPA