Mr Bates and the post office

The remote access facility is rather strange. That sort of feature does not go into software unless it's wanted. If it does it is often for remote support. Mentioned in the enquiry but no idea of what it is supposed to allow, Clearly the system would be able to download transaction data to some central point from every post office that used it. No point having it without that feature,

Party politics - only involved in the descission to go ahead with the update to a completely new system. I assume there were reasons. Past that it's down to the people involved in producing a specification and the people who produce the software and kit.
If the juries weren't told the software was faulty and could be remotely accessed, they couldn't have considered two potential "reasonable doubts". Conviction unsafe. Anyone who withheld that from the jury is guilty of sending innocent people to jail and should be prosecuted.
 
The remote access facility is rather strange. That sort of feature does not go into software unless it's wanted. If it does it is often for remote support. Mentioned in the enquiry but no idea of what it is supposed to allow, Clearly the system would be able to download transaction data to some central point from every post office that used it. No point having it without that feature,

Party politics - only involved in the descission to go ahead with the update to a completely new system. I assume there were reasons. Past that it's down to the people involved in producing a specification and the people who produce the software and kit.
The architecture is well documented. Any centralised database would be accessible by the DBAs. Separation of duty for administrators with secure audits didn't really get designed in until a few years later. DSS PCI was really the first industry standard to get adopted that required controls and separation. They came in 2004.
 
remotely accessed, they couldn't have considered two potential "reasonable doubts". Conviction unsafe.
It's not as simple as that as remote access is part of what the system needs to cater for. What it does should be in a specification.

Not much mention of the nature of the bugs. I found 2 comments in what is a blog really by a software auditor

The Dalmellington Bug [PDF, opens in new tab – see see para 163+] entailed a user repeatedly hitting a key when the system froze as she was trying to record the transfer of £8,000 in cash from her main branch to a sub-branch. Unknown to her each time she struck the key she was confirming dispatch of a further £8,000 to the other office. The bug created a discrepancy of £24,000 for which she was held responsible.
A general software problem. Software does what it is told to do. One key press to achieve something aught to lock out any other until it's completes. However if a system is overloaded it may have to buffer instructions until they can be implemented so this has to be tied down to a particular transaction to avoid repeating it. This sort of thing can be a complicated area. Sounds like crap code is the main problem here.

Similarly, the Callendar Square Bug generated spurious, duplicate financial transactions for which the user was considered to be responsible, even though this was clearly a technical problem related to the database, the messaging software, the communications link, or some combination.
The Horizon system processed millions of transactions a day and did so with near 100% accuracy. The Post Office’s IT expert therefore tried to persuade the judge that the odds were 2 in a million that any particular error could be attributable to the system.

The PO had a valid argument due to how can they know that it isn't a fraudulent operation. Also it sounds like the reasons for this aren't really known. Following the link brings up this

Mr Green described the Callendar Square bug, which affected legacy Horizon users, and was a problem with Riposte (the database Horizon was built on, owned and operated by an American firm called Escher). It could cause discrepancies in branches and it was known internally as the "Riposte lock or unlock" problem. So far, so uncontroversial
That suggests some limitations in it needed to be accounted for and were not.
 
It's not as simple as that as remote access is part of what the system needs to cater for. What it does should be in a specification.
Then why were was the post office and , it seems fukitsu, so keen to conceal that fact from the trials?
Not much mention of the nature of the bugs. I found 2 comments in what is a blog really by a software auditor

The Dalmellington Bug [PDF, opens in new tab – see see para 163+] entailed a user repeatedly hitting a key when the system froze as she was trying to record the transfer of £8,000 in cash from her main branch to a sub-branch. Unknown to her each time she struck the key she was confirming dispatch of a further £8,000 to the other office. The bug created a discrepancy of £24,000 for which she was held responsible.
A general software problem. Software does what it is told to do. One key press to achieve something aught to lock out any other until it's completes. However if a system is overloaded it may have to buffer instructions until they can be implemented so this has to be tied down to a particular transaction to avoid repeating it. This sort of thing can be a complicated area. Sounds like crap code is the main problem here.

Similarly, the Callendar Square Bug generated spurious, duplicate financial transactions for which the user was considered to be responsible, even though this was clearly a technical problem related to the database, the messaging software, the communications link, or some combination.
The Horizon system processed millions of transactions a day and did so with near 100% accuracy. The Post Office’s IT expert therefore tried to persuade the judge that the odds were 2 in a million that any particular error could be attributable to the system.

The PO had a valid argument due to how can they know that it isn't a fraudulent operation. Also it sounds like the reasons for this aren't really known. Following the link brings up this

Mr Green described the Callendar Square bug, which affected legacy Horizon users, and was a problem with Riposte (the database Horizon was built on, owned and operated by an American firm called Escher). It could cause discrepancies in branches and it was known internally as the "Riposte lock or unlock" problem. So far, so uncontroversial
That suggests some limitations in it needed to be accounted for and were not.
The existence of bugs which could cause a duplicate entry, or record a credit as a debit. That combined with remote access, creates a big doubt in any criminal proceedings especially as the PO denied it being possible. That denial, in full knowledge of the actual position, is criminal, morally and presumably legally.
 
The remote access feature allowed a software person to change a line of code. It seems that this caused an error in the accounts, Nothing wrong with this if done correctly.

Same problem as the others - crap code.
 
The remote access feature allowed a software person to change a line of code. It seems that this caused an error in the accounts, Nothing wrong with this if done correctly.

Same problem as the others - crap code.
Different problem to others.

The lieing and cover ups
 
The remote access feature allowed a software person to change a line of code. It seems that this caused an error in the accounts, Nothing wrong with this if done correctly

Perhaps, but the bit where remote (fujitsu) operators invented or amended transactions has nothing to do with good practice.

And the bit where these actions were hidden from the judicial process was criminal.
 
An interesting bit within the bill to clear sub-postmasters...

"Mr Hollinrake said the new legislation would overturn all convictions that met certain criteria. It includes:
  • Convictions from the Post Office and CPS, but will not include any convictions from the DWP"
The DWP used Horizon and the software was "originally designed to save money and reduce fraud in connection with benefits and pension payments", thus the link with the PO

But the DWP dumped it...

What did they know?

Of course this legislation conveniently gives a government department a 'get out of jail free card'...

Quelle surprise :rolleyes:
 
I don’t know if it’s been posted already but Paula venables has been striped of her honour for bringing the system in to disrepute
 
There was an excellent law in action on radio 4 last night (repeat) covering the implications for the lawyers who were involved in the prosecutions.

It’s become increasingly evident that many broke the code of conduct and some broke the law.
 
There was an excellent law in action on radio 4 last night (repeat) covering the implications for the lawyers who were involved in the prosecutions.

It’s become increasingly evident that many broke the code of conduct and some broke the law.

I'll bet the shredders have been going ten-to-the-dozen, and the bumholes twitching like rabbits' noses (y)
 
What can be done to speed up the process for compensating victims after finding the PO is incompetent to do so?
 
They have been removed from the process. Government announced all convictions quashed but it emerged recently that wrongful prosecutions go back to pre-horizon days.

Some of the so called prosecutors were not even qualified so they cannot be reprimanded by the industry body. I’d like to see all the law firms involved reprimanded even if that is symbolic. It will force them in to introducing processes in the future and remind them of the obligation as prosecutors.

Prosecutors must always be cautious about “case building”.
 
Last edited:
Back
Top