The JPA Cocktail Party - I Sh!t you not
Join Date: Apr 2005
Location: Temporarily missing from the Joe Louis Arena
Posts: 2,131
Received 27 Likes
on
16 Posts
Originally Posted by Roguedent
'....Broadsword requesting JPA password.....over'
Join Date: Jul 2001
Location: Lancashire
Posts: 137
Likes: 0
Received 0 Likes
on
0 Posts
As far as I can see this is a legitimate concern, shared by most people who've ever had any dealings with previous MoD IT projects.
Let's face it, if Barclays can cock it up with the amount of money they pour into things, what makes anyone think the MoD won't given our shoe-string budget.
JPA has enough trouble getting my pay correct without someone else deliberately trying to get it wrong!!
Let's face it, if Barclays can cock it up with the amount of money they pour into things, what makes anyone think the MoD won't given our shoe-string budget.
JPA has enough trouble getting my pay correct without someone else deliberately trying to get it wrong!!
Join Date: Apr 2005
Location: Temporarily missing from the Joe Louis Arena
Posts: 2,131
Received 27 Likes
on
16 Posts
Even leaving personnel security issues aside this security oversight could damage the RAF in other ways.
If someone were to mess about with JPA in such a way as to stop wage payments one month to a large amount of personnel you have the potential for at least a massive hit on morale and at worst a chance of mutiny/work to rule.
If someone were to mess about with JPA in such a way as to stop wage payments one month to a large amount of personnel you have the potential for at least a massive hit on morale and at worst a chance of mutiny/work to rule.
Join Date: Sep 2005
Location: NZ
Posts: 87
Likes: 0
Received 0 Likes
on
0 Posts
And yet at the same time as the fundamental security of JPA is being ignored by the grown ups, were having new ID card holders thrust on us. These ones now need to be colour coded - to improve security. Obvious really...
Join Date: May 2000
Location: All over the place
Posts: 34
Likes: 0
Received 0 Likes
on
0 Posts
Personally, the security of my personal details are far more important than being paid on time. I expected there to be teething troubles with the new IT system, but I also expected security to be the prime consideration for a Military IT system.
However, as no IT system is fully secure, why was this not a consideration before the issue was decided?
However, as no IT system is fully secure, why was this not a consideration before the issue was decided?
Join Date: Dec 2005
Location: In My Own Little World
Age: 44
Posts: 37
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by Bluntend
And yet at the same time as the fundamental security of JPA is being ignored by the grown ups, were having new ID card holders thrust on us. These ones now need to be colour coded - to improve security. Obvious really...
The Fishheads here are grumbling too, because they have to wear a light blue one
Join Date: Apr 2006
Location: England
Posts: 76
Likes: 0
Received 0 Likes
on
0 Posts
Money Wasting?
What is this talk of ID card holders? Are they being issued RAF wide? Can anyone elaborate?
Can we think of no better place to spend money? Like a computer system that can drive JPA and allow more than 80 people to log on at once?
What next...
Royal Air Force rucksack..................... no, done that.
Royal Air Force badge for cs95............. no, done that.
Tactical Badge for CS95...................... no, done that.
Can we think of no better place to spend money? Like a computer system that can drive JPA and allow more than 80 people to log on at once?
What next...
Royal Air Force rucksack..................... no, done that.
Royal Air Force badge for cs95............. no, done that.
Tactical Badge for CS95...................... no, done that.
Join Date: Jun 2003
Location: Soon to be somewhere else...
Posts: 48
Likes: 0
Received 0 Likes
on
0 Posts
Not wanting to get this thread chopped but what is the difference with a 'http' site and a 'https' site? Why would the civvy HRMS system be on a 'https' site and JPA on a 'http' site?
Apparently the money that should have been paid to me by JPA but didn't get to my account is in a 'computer black hole.' Well that makes it alright then...
A Scapegoat is Better Than a Solution...
Apparently the money that should have been paid to me by JPA but didn't get to my account is in a 'computer black hole.' Well that makes it alright then...
A Scapegoat is Better Than a Solution...
Join Date: Feb 2006
Location: A lot closer to the sea
Posts: 665
Likes: 0
Received 0 Likes
on
0 Posts
Greenwings:
If the fishheads over at the Beds are moaning you should hear the crabs at the Cambs place. All Service personnel to wear dark blue badge holders! At least they're not purple!
If the fishheads over at the Beds are moaning you should hear the crabs at the Cambs place. All Service personnel to wear dark blue badge holders! At least they're not purple!
Join Date: May 2000
Location: door or ramp, don't mind.
Posts: 961
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by formertonkaplum
What next...
Royal Air Force rucksack..................... no, done that.
Royal Air Force badge for cs95............. no, done that.
Tactical Badge for CS95...................... no, done that.
Royal Air Force rucksack..................... no, done that.
Royal Air Force badge for cs95............. no, done that.
Tactical Badge for CS95...................... no, done that.
Join Date: Dec 1997
Location: Suffolk UK
Posts: 4,927
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by Autorev
BOAC,
I'm not stirring, just interested....
So you had the thread removed - you didn't simply report it to those that run this site? Am I to assume that you are the new moderator of this forum?
Also, what is an apparently official request? Surely it either comes through official channels or not.
I'm not stirring, just interested....
So you had the thread removed - you didn't simply report it to those that run this site? Am I to assume that you are the new moderator of this forum?
Also, what is an apparently official request? Surely it either comes through official channels or not.
Scroggs
Per Ardua ad Astraeus
Join Date: Mar 2000
Location: UK
Posts: 18,579
Likes: 0
Received 0 Likes
on
0 Posts
Just to add: as you can see the thread is now 'back' - all 'joined up' for ease of viewing. Please feel free to use PPRune to air your concerns - the press DO read these forums.
However -
I understand the motive behind the thread is to ensure that the details of serving personnel remain secure. With that in mind, when you post here:-
1) This forum is fully open to everyone. Do not post information which you know to be 'sensitive'. That will result in moderation again and probably denial of access for you.
2) Do not degrade the security of your colleagues' information by giving those with a less noble motive any hints.
As Scroggs has pointed out, an eye is kept on the forum and advice sought when necessary.
Do not waste the opportunity you have here.
Edit:
A note (for the paranoid ) regarding the 'secure padlock' referred to in an earlier post - #53. A while back I read on a computer security site that these 'padlocks' can be 'forged'. I do not know if other OS's will do this, but with WinXp if you double click on the padlock it will tell you to whom the certificate is issued, as a double check
However -
I understand the motive behind the thread is to ensure that the details of serving personnel remain secure. With that in mind, when you post here:-
1) This forum is fully open to everyone. Do not post information which you know to be 'sensitive'. That will result in moderation again and probably denial of access for you.
2) Do not degrade the security of your colleagues' information by giving those with a less noble motive any hints.
As Scroggs has pointed out, an eye is kept on the forum and advice sought when necessary.
Do not waste the opportunity you have here.
Edit:
A note (for the paranoid ) regarding the 'secure padlock' referred to in an earlier post - #53. A while back I read on a computer security site that these 'padlocks' can be 'forged'. I do not know if other OS's will do this, but with WinXp if you double click on the padlock it will tell you to whom the certificate is issued, as a double check
Join Date: May 2006
Location: London
Age: 53
Posts: 18
Likes: 0
Received 0 Likes
on
0 Posts
Mike,
Forgive my naivety, but JPA can only be accessed by someone on the DII or RLI; ie closed netwoks so there is a measure of security already - added to the fact that even authorised users can not gain access so we have total security!!
On a different note, the system is so effective Innsworth can post someone and both the individual and post can disappear in a matter of seconds. Really makes you feel safe doesn't it!!!
By the way, what's this about pass holders? Sorry to seem dense but I've only just found this site and haven't worked my way through all of the articles posted.
Forgive my naivety, but JPA can only be accessed by someone on the DII or RLI; ie closed netwoks so there is a measure of security already - added to the fact that even authorised users can not gain access so we have total security!!
On a different note, the system is so effective Innsworth can post someone and both the individual and post can disappear in a matter of seconds. Really makes you feel safe doesn't it!!!
By the way, what's this about pass holders? Sorry to seem dense but I've only just found this site and haven't worked my way through all of the articles posted.
Join Date: Oct 2005
Location: Far from the madding crowd
Posts: 250
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by BleepBleep
Mike,
Forgive my naivety, but JPA can only be accessed by someone on the DII or RLI; ie closed netwoks so there is a measure of security already - added to the fact that even authorised users can not gain access so we have total security!!
Forgive my naivety, but JPA can only be accessed by someone on the DII or RLI; ie closed netwoks so there is a measure of security already - added to the fact that even authorised users can not gain access so we have total security!!
Such that the packets that you send out and recieve are passed through a series of Firewalls, but our system does not use SSL, however; there are far more intelligent persons outside of the RAF playing in hacking clubs etc... just for the thrill of getting into the Government/Military domains, for nothing than mere kicks. They brag about their achivements to each other and other Hackers via secure e-mail systems (more secure than we use in some cases) and share the information. At present the most secure way of operating a web based environment is using SSL or S-HTTP.
Now do we as a military work in a web based environment?
Now a geek explanation;
Secure Sockets Layer, a protocol developed by Netscape for transmitting private documents via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers.By convention, URLs that require an SSL connection start with https: instead of http:.
Another protocol for transmitting data securely over the World Wide Web is Secure HTTP (S-HTTP). Whereas SSL creates a secure connection between a client and a server, over which any amount of data can be sent securely, S-HTTP is designed to transmit individual messages securely. SSL and S-HTTP, therefore, can be seen as complementary rather than competing technologies. Both protocols have been approved by the Internet Engineering Task Force (IETF) as a standard.
Where as HTTP code is written and encoded and decoded in plain text as it were (look at is as transmitting in clear if you will), this is what the backbone of all our systems operate on. Yes this still requires someone to get into the RLI but as 591 have proved it is not hard to do. They are constantly attacking our own systems to prove our own defences (and sterling job they are doing too).
Again however; the Pentagon, NASA and our dear old UK Gov have proved to be vulnerable to attack and have hackers knocking at their doors all the time normally to show up and embariss said Company/Gov etc..., eventually one will get in and if he/she wishes can wreak havoc in our systems and we will be none the wiser, now if they get in and are intent on doing harm to us or our systems, ??????????????
Join Date: Nov 2000
Location: Puken
Posts: 358
Likes: 0
Received 0 Likes
on
0 Posts
JPA. Well, well, well.
The chinless wonders that are 'running' our cr@ppy little militia are harping on about ETHOS, FTDS, Expeditionary Air Force and all sorts of other pointless tosh-like buzzwords, whilst the real 'Ethos' is: Civilianisation, HSAW, Redundancies, LEAN, Base closures, fleet cuts, joke procurement, adoption of inappropriate business practices in the MoD, cost slashing in vital areas whilst wasting 00000s of £s on projects like Icarus that's useless and JPA that fails to pay you on time and is not secure. Brilliant!!
I do hope that at the cocktail party, whenever that may be, the 'work strand' are all presented with their P45s for such an appalling failiure. Hold on, how are they going to get those? Nooooooo.......JPA?!*@
The bottom line is no-one will be accountable. It won't get sorted and we'll all suffer as a resullt. The X-Factor needs a serious boost to keep people away from professionally run organisations.
We're on Bingo Goodwill.
The chinless wonders that are 'running' our cr@ppy little militia are harping on about ETHOS, FTDS, Expeditionary Air Force and all sorts of other pointless tosh-like buzzwords, whilst the real 'Ethos' is: Civilianisation, HSAW, Redundancies, LEAN, Base closures, fleet cuts, joke procurement, adoption of inappropriate business practices in the MoD, cost slashing in vital areas whilst wasting 00000s of £s on projects like Icarus that's useless and JPA that fails to pay you on time and is not secure. Brilliant!!
I do hope that at the cocktail party, whenever that may be, the 'work strand' are all presented with their P45s for such an appalling failiure. Hold on, how are they going to get those? Nooooooo.......JPA?!*@
The bottom line is no-one will be accountable. It won't get sorted and we'll all suffer as a resullt. The X-Factor needs a serious boost to keep people away from professionally run organisations.
We're on Bingo Goodwill.
Join Date: Mar 2005
Location: notts
Posts: 33
Likes: 0
Received 0 Likes
on
0 Posts
Lets face facts. If the government can get away witrh ruining the NHS, slashing the armed forces, sh@@ing who they, why should some high ranking official be held accountable for a little problem like JPA. When will our so called "leadership" wise up and see what's happening on the shop floor.
I for one am growing a little tired off being sent around rhe world, to protect people who bomb me, then coming home to find i haven't even been paid for the pleasure.
End rant.,...
I for one am growing a little tired off being sent around rhe world, to protect people who bomb me, then coming home to find i haven't even been paid for the pleasure.
End rant.,...
Join Date: Mar 2006
Location: UK
Posts: 107
Likes: 0
Received 0 Likes
on
0 Posts
Farfrompuken, you're spot on.
But don't forget, we got a whole 3% pay rise.
Why-oh-why did I take the FRI.
Does anybody at the top know or care about any of this - people unpaid; security questions; capped expenses; admin burden - no sorry - nightmare... and a cocktail party indeed..!!! For f sake.
But don't forget, we got a whole 3% pay rise.
Why-oh-why did I take the FRI.
Does anybody at the top know or care about any of this - people unpaid; security questions; capped expenses; admin burden - no sorry - nightmare... and a cocktail party indeed..!!! For f sake.