One of the most controversial innovations of DIT is the application “Social monitoring”, Designed to monitor the whereabouts of quarantined people (that is, infected or suspected to be infected with a coronavirus). This is a mobile application that determines the location by GPS, and so that a person does not go for a walk without a smartphone, periodically asks him to take a selfie. In case of non-installation of the application, if there is a prescription or not sending a selfie, the Main Control Department of Moscow will issue a fine in the amount of 4000 rubles.
(it’s not very clear what kind of “contacts” is mentioned in the application’s advertisement, and why is it necessary to advertise the application, for the failure of which they will be fined 4000 rubles per day)
The idea itself could have looked good if not for the quality of the implementation. The first version appeared on Google Play in the last days of March – and was removed from there by April 1, having received by this moment the lowest possible rating of 1 star. During the installation, the application required permission for almost everything that is possible to collect from the smartphone, after which it sent everything via the HTTP protocol (no, we did not forget the letter “S”, it is not here) to the city hall’s servers, and specifically, the user’s selfie through Estonian face recognition service on the Hetzner server in Germany.
Then the application was restarted, but it did not get much better: technical problems receded into the background, but organizational came first: the application was mistaken in determining the location, it required a selfie at 4 a.m., it required a selfie every minute, it just didn’t work … And for all this – fines, fines, fines.
Just in case, select the link separately: it’s worth reading.
A few days ago, the Moscow government even called the numerical “metric”: 54,000 fines totaling 216 million rubles were issued for 60,000 application users.
In general, you can imagine the scale of discontent among Muscovites. However, we will return to the legal aspects at the end, but for now we’ll try to start unwinding a ball of circumstances, ending with the construction of such a “service that the residents and guests of the capital love”.
The rating of the application on Google Play at the moment is 1.1 points based on the results of 3809 reviews.
Until last Saturday, the only indication of the origin of the application was a link to the Wokka Lokka application in its license. Wokka lokka – This is an application for tracking children, which is quite logical.
However, on Saturday, at our round table devoted to just a discussion of the work of the Moscow Institute of Information Technologies, Vitaly Ardelyan, who worked for the company “in 2017-2018,”Anik Lab“.
Next is a transcript of the corresponding piece of the round table, a little smoothed and shortened. Original can watch on Youtube (link directly to the beginning of Ardelyan’s speech).
TL; DR: in the “Social Monitoring” application, traces of the source codes of the prototype application for monitoring the collection of household waste, made 3 years ago in ten days, were found.
– Our guest today is Vitaly Ardelyan, technical director of AmberLabs, a company that deals with highly loaded systems. Moreover, personnel control systems at various industrial facilities and, as I understand it, Vitaly can say something about the internal and external history of the development of the Moscow Institute of Information Technology on the topic of social monitoring.
– Oleg, colleagues, hello. Of course, I will be telling exactly what I came across while working with DIT Moscow. In general, the history of relations is quite long, but the most active phase we had was about three or four years ago [прим. ред.: деятельность «Аник Лаб», работавшей по этому проекту, началась в конце 2017 года]. We were commissioned by DIT Moscow to develop a highly loaded platform for project management in the field of renovation. In short: the system had to monitor the state of objects through video streams, had to monitor the presence of personnel at the objects using individual trackers, and had to manage the project documentation with all the tasks that follow from this: tracking schedules, timelines, Gantt charts and other things.
We, having experience in high-loaded systems for eight to nine years, made large systems more often to the West than to Russia, developed the core of the system, offered them a deployment option, and we even got a pilot. But then it abruptly curtailed. It so happened that the budgets were probably very large, and another company stood up between us and DIT, which received the exclusive right to use the core of the platform, operating time – and we were quietly merged from this market.
What can I say … when working with a customer in the form of a DIT, we understood that all projects are done by IT officials. The IT official very vaguely represents the entire development factory process; that there are so many links, small but very important; what you need to understand, what is a development factory, what is a testing environment, what is an environment of loaded testing. We did not see this, we made this environment, this development environment, wrote cases, and scripts. They looked at us, said: “Are you crazy, are you crazy? Everything works differently for us. ” And they gave it to another contractor who understood this in his own way.
And when this whole story with Moscow passes began, we were surprised to find in the source codes pieces of codes of our platform, which should not have appeared sideways in applications of this kind. Firstly, what we did was done for another area of professional use of the platform, and secondly, it was, in fact, a copy-paste from the front-end application … I will now open such a secret … it was taken from monitoring the tracking of waste collection.
That is, on our platform was a pilot project for monitoring the export of household waste to landfills. And there the application was made just with QR codes, with geo-positioning and other things. And then we did it in ten days.
And when the shocking began, connected with the problems of the Social Monitoring application, our guys laughed, said: “Listen, but you won’t know anything?” I say, “Well, yes.” That is, of course, I had no more questions. I understood that an application written in ten days and the budget of Moscow cost over a hundred million is a cool business[[approx. Ed .: Gaskar Integration company received from Moscow City Hall 180 million contract rubles before the start of the development of “Social Monitoring”; on what conditions monitoring was added to it is not known for certain].
Regarding “could it be better?” I think so. I believe that if, in principle, the respected DIT of Moscow used at least elementary concepts about the devo factory and the development factory, as is customary in companies engaged in professional development, many problems could have been avoided. That is, in fact, the application was assembled from previously assembled projects that were close to the topic, and compiled into some packages and services. Of course, in no way were these services orchestrated among themselves, that is, they generally had different api and it was all about on their knees and quickly.
This started the problems, in fact, with the inflexibility of the application. Here colleagues said that it was necessary to make sure that the functions did not affect each other, so that the support, knocked out in one place, did not collapse the entire building. As a matter of fact, there was no talk of any service architecture. It was a stupid monolith, assembled from everything that was there and, naturally, the first woodpecker, flying into the birdhouse, brought down the whole tree. So I think that it could be done better.
It seems to me that the development was done by a court company that previously worked with our platform – and it very quickly, on its knees, on the first whistle in a month collected everything that it could collect from what it was.
– Vitaly, thank you. Here, it seems, the rest of the participants were thinking about what comment to give, because such a sudden autopsy, what DIT actually did it and how he did it, after a month and a half, everyone wondered where it all came from …
– Well, colleagues, I will repeat once again that I am only making conclusions based on the source codes that we saw. What was already there at the end … most likely – yes, colleagues from DIT understood that big problems started and code refactoring started, but the initial roots and how this was done are obvious to me. As for the rest – I can not comment.
– I’ll also note that it happened so that about a month and a half ago I participated in the development of functional requirements for applications just issuing and controlling electronic digital passes for one of the regions. It was not implemented, and this development was done in the hope that it would not have to be implemented, that the situation would not go that far, but in case it did go that way, the region, especially looking at the experience of Moscow, wanted to have some kind of then a minimally developed base on which it will be possible to start without technological, reputational and other problems.
And here I will notice that then, at the beginning of April, everything that is now in a hurry, in a panic, is being implemented and is being redone every three days in social monitoring and in nedoma.mos.ru, we had functional requirements – clearly by the points with flowcharts and everything else. All sorts of personal accounts of organizations, employee lists, notification mode, authorization mode … all this was spelled out, and if the situation in this region had reached the stage where it would have to be implemented, there would be at least some certainty that this is not it’s necessary to stitch it on a live thread, that all this is somehow thought out and discussed with experts in advance.
– Indeed, you are right in that from the point of view of the example you are talking about, the requirements were really collected, the requirements being the minimum necessary, and there was a very short connection between the development team and the people who managed the project. Speaking about a short connection, I repeat once again that this is the problem, because in fact, from the application customer to the implementer, in a respected DIT there is a very complicated chain, where many different interested people participate. That is, the gear ratio is so large that, in fact, the system worked with the efficiency of the engine. Speaking about your version – as far as I remember, the application was made in less than two and a half weeks.
– Yes, these were functional requirements and a prototype application. It was such a study of the worst option possible. We will be glad that he was not required.
Note: the work of Anik Lab began in December 2017. The company has confirmed direct contracts with DIT of Moscow, the editorial board also has reliable information about Vitaly Ardelyan’s work at Anik Lab during this period and about the development of software and hardware solutions for monitoring construction and related works at renovation facilities and other construction projects.
Why are we giving this conversation here, although obviously it does not reveal the details of how the application is structured now and how work is being done on it?
Because, unfortunately, only DIT of Moscow can disclose current information – which, although it promised to return to Habr, but so far in the public sphere it only gets off with statements that everything is fine with the application, some shortcomings are quickly eliminated.
Neither by the reaction of Muscovites, nor by the rating of the application, is it noticeable that the shortcomings were “separate” or that they “were quickly eliminated”.
This is an application that literally destroys the lives of tens of thousands of people, including patients with a serious illness.
Therefore, it seems to us that it is very important to know and not to forget with what “thoroughness” it was developed, what burden of responsibility the developers and their leadership felt on themselves – and the origin of the application made from a three-year-old pilot draft can say a lot about this. Because IT is not only about writing a “beautiful and understandable code”, it is also about responsibility to those whose life, work and health will depend on this code.
We still sincerely hope that the leadership of the Moscow Information and Communication Institute will tell its version of events.
P.S. The legality of fines imposed by the “Social Monitoring” – separate issue, and a brief answer to it: they are illegal. At least three provisions have been violated: firstly, the Federal Administrative Code allows automatic instrument fixation of only violations in the field of transport and improvement; secondly, such fixation can only be carried out by metrologically verified equipment, which is not a smartphone (and, moreover, it certainly does not provide sufficient positioning accuracy for this use); thirdly, the Main Control Directorate of Moscow, which writes these fines, does not have the authority to fine individuals.
In light of this, if you come under the fines of Social Monitoring, we recommend Do not appeal them through the electronic reception of the Moscow Government, as recommended by the head of the Main Control, Mr. Danchikov, but do so only through a court. Otherwise, most of the rubbish will succeed in sweeping under the rug – illegally issued fines will be quietly canceled unofficially.