General Medical Services, Primary Medical Services, APMS and the “Undifferentiated GP” Problem

The starting point is probably not the performers list, nor appraisal, but the statutory idea of general medical services.

Under the National Health Service Act 2006, a general medical services contract is a contract under section 84 for the provision of primary medical services. Section 85 then requires a GMS contract to include prescribed primary medical services. Those prescribed services are found principally in the NHS (General Medical Services Contracts) Regulations 2015, especially regulation 17, dealing with “essential services”. Regulation 17 describes essential services in broad patient-facing terms. A contractor must provide services for the management of registered patients and temporary residents who are, or believe themselves to be, ill, terminally ill, or suffering from chronic disease. “Management” includes consultation, examination where appropriate, identifying the need for treatment or investigation, providing treatment or investigation where necessary and appropriate, referral, and liaison with other healthcare professionals.

This is the closest statutory foundation for the idea that NHS general practice is broad, first-contact, generalist work. It is not narrow specialist practice. It is concerned with patients who may present with almost anything, including early, unclear, or non-specific illness. That is where NHSE can plausibly find the conceptual root of “undifferentiated” general practice. But the statute does not itself use the term undifferentiated GP, and it does not define a GP by an obligation to maintain active competence in every possible domain of community general practice. The duty in regulation 17 is framed primarily on the contractor or practice, not on each individual doctor personally. A practice must provide the service. The individual doctor must work safely within competence and within the contractual and governance arrangements of the service.


The performers list legislation then sits on top of this. The NHS (Performers Lists) (England) Regulations 2013 define a “general medical practitioner” as a registered medical practitioner who is either a GP registrar or whose name is included in the GP Register. Regulation 24 says, broadly, that a doctor may not perform primary medical services unless they are a general medical practitioner included in the medical performers list, subject to exceptions. So the performers list does not define a GP by “undifferentiated” scope. It defines eligibility by GP Register status, licence, registration, and inclusion on the list. The work protected by the list is primary medical services.

That matters because primary medical services are wider than GMS. They may be delivered under GMS, PMS, APMS, section 92 arrangements, and other arrangements under Part 4 of the 2006 Act. The performers list regulations expressly recognise this. They define an APMS contract as an arrangement under section 83(2) of the 2006 Act for the provision of primary medical services. They also require the medical performers list to record whether a doctor provides primary medical services under, or pursuant to, an APMS contract.


That is fatal to any simplistic argument that APMS work is somehow not GP work or not primary medical services. A doctor working under an APMS contract may not be providing “general medical services” in the strict contractual sense, because GMS means a section 84 GMS contract. But they may very much be providing NHS primary medical services and, in ordinary clinical language, GP-type work.
This is important for prison doctors. A prison GP working under an APMS contract may have a restricted patient population. For example, they may not treat children, pregnant women, or the full demographic range seen in community general practice. NHSE may label that “differentiated” because the scope is narrower than full community general practice. That label is not wholly irrational. Prison practice is a specialised setting. It has a defined population, particular clinical risks, and areas of GP work that may be absent.

But the legal conclusion does not automatically follow. A prison APMS GP is still capable of providing primary medical services. The question is not whether the doctor is identical to a community GMS GP. The question is whether the doctor is safe, current, and fit to practise within their actual scope, and whether they are performing services of the kind relevant to inclusion on the performers list.
The RCGP and GMC material helps explain the professional background. The RCGP curriculum describes the GP as a generalist, dealing with complexity, uncertainty and risk, and addressing early undifferentiated presentations (which in any case prison GPs have to do). That could be seen to support the idea that undifferentiated work is part of the core identity of general practice at qualification. But it remains curriculum and professional language. It does not by itself create a statutory condition that every doctor on the performers list must personally maintain full undifferentiated community GP scope.


The NHSE low-volume guidance is the most relevant document I found. It concerns doctors on the NHS England Medical Performers List undertaking a low volume of NHS GP clinical work, defined as fewer than 40 sessions per year. It says that fewer than 40 sessions should trigger structured reflection and discussion at appraisal. It asks whether the doctor’s work is general undifferentiated GP work or a more differentiated role. It treats restricted scope as a possible risk factor, especially because loss of a skill set through restricted practice may affect future decisions about scope.

However, the same guidance is careful. It says the 40-session figure is a benchmark, not a pass/fail test. It is a trigger for reflection and discussion. It says doctors doing 40 sessions or more do not need extra reflection purely because of volume, but it does not say doctors doing fewer than 40 must be removed or must complete 40 ordinary community sessions.


The structured reflective template is even more useful. Its stated aim is to allow doctors to demonstrate that they are safe, up to date and fit to practise at what they do, particularly if they have an unusual or restricted scope of practice, or do a low volume of a particular scope of work. That phrase, “at what you do”, is central. It supports reflection on actual scope. It does not support forced reflection on imaginary or unwanted work outside scope.

NHSE can say that full-scope community general practice is broad, generalist and often undifferentiated. It can say that a doctor whose work is restricted, such as a prison APMS GP who does not see children, should reflect on the risks of deskilling and the implications for any future return to unrestricted community GP work. It can require annual appraisal, supporting information, and reflection across the doctor’s whole actual scope of practice.

NHSE does ask for reflection where a doctor’s work is low-volume or restricted in scope, but any such request must be grounded in the doctor’s actual scope of practice and cannot convert full-time specialised/APMS primary medical work into ‘low-volume’ work merely by excluding it from NHSE’s preferred concept of undifferentiated community GP.”

I have not found authority for the proposition that such a doctor must perform 40 sessions of ordinary non-specialised NHSE community general practice. Nor have I found authority for a requirement that the doctor must keep up skills in areas outside their declared and actual scope, such as paediatrics, if they do not treat children. Nor have we found authority for requiring a doctor to create a personal development plan to become “undifferentiated” where their actual work is safely and lawfully differentiated.

The proper distinction is between current scope and future scope.
For current prison APMS work, the doctor should demonstrate fitness, CPD, governance, feedback, significant events, complaints, peer benchmarking, and safe practice within prison primary care. If they do not treat children, they should not pretend to maintain paediatric competence as though they do. They can instead state that paediatrics is outside their current scope.

For future unrestricted community GP work, it is reasonable to acknowledge that a return would require appropriate updating, supervision, induction, refresher work, or staged re-entry. That is a safety position, not a concession of current inadequacy. This is the same for any doctor wishing to change his scope of practice and we would reflect that in our CPD

A GP must:

• engage with annual appraisal
• provide supporting information across their actual scope
• demonstrate they are safe, up to date and fit to practise in what they do
• reflect honestly on significant changes or limits in scope
• not misrepresent competence in areas they do not practise

But they do not to have to:

• accept NHSE’s “undifferentiated” label as a legal category
• treat full-time prison GP work as low-volume GP work
• complete a “low volume” template if the factual premise is wrong
• make a PDP to maintain or regain skills outside their intended scope
• perform 40 sessions of ordinary community general practice if they do not intend to practise ordinary community general practice

The relection can be this

“I have reflected on my actual scope. My current scope is full-time prison/APMS primary medical care. I do not practise unrestricted community general practice and do not currently intend to do so. I therefore maintain competence, CPD, governance and appraisal evidence for my actual scope. If I later wished to move into unrestricted community GP work, I accept that I would need appropriate updating and reflect this in my CPD. I do not accept that I am required to maintain competence in areas outside my current and intended scope.”


Summary

Primary medical services are broad enough to explain how NHSE values undifferentiated generalist capability. But neither GMS law, APMS law, performers list law, nor the low-volume appraisal guidance can impose a freestanding duty on every GP to maintain full undifferentiated community GP practice regardless of actual scope. A prison APMS GP may be differentiated in the descriptive sense, but the lawful appraisal question is whether they are safe, up to date and fit to practise at what they do, and what safeguards would be needed before moving into a broader or unrestricted role.

See more at https://bulger.co.uk/blogs/?p=266

NHS England: undifferentiated GPs, and revalidation. When policy starts masquerading as regulation

The Problem

GPs are being split into differentiated and undifferentiated camps by NHSE.

NHS England (NHSE) is using its funding of English GP appraisals to lever the GMC appraisal and revalidation process for its own ends. There is no legal framework for the NHSE policy of insiting that GPs remain “undifferentiated”

Many GPs are now going to be labelled low volume workers even when they are working full time, simply because their work is deemed differentiated. Not as NHSE wants, which is for GPs to remain as newly qualified undifferentiated general practictioner, as found working in English street practice.

According to NHSE, GPs can only remain undifferentiated if they do at least 40 sessions in an English general practice as a generalist every year. I wondered if this policy is designed to ease GP shortage should 1000’s of specialising doctors be forced to work back in street practice for their 40 sessions.

NHSE and GMC functions are being mixed up by NHSE, and then is presenting that muddle as if mandated by law or by the GMC.  Policy and guidance is masquerading as regulation.

Also see https://bulger.co.uk/blogs/?p=262

The terms at the heart of the problem

NHSE has introduced (or at least put in operation) the term undifferentiated GP in a way that carries consequences inside appraisal conversations and splits the profession. A differentiated is no longer a proper GP. My GMC R.O. says this has been mandated for many years but I met it for the first time this year (2026). I see that NHS guidance is of 2018 vintage.

In correspondence and discussions, the working definition presented to me is broadly:

  • Undifferentiated: an English general practice generalist doing at least 40 sessions/year of normal non-specialised GP work.
  • Differentiated: a GP working in defined-scope settings (for example, prison GP work, GPwSI/portfolio work, or British Territory work) where NHSE says the work does not count as undifferentiated.
  • Low volume: now used by NHSE in a way that can apply even to full-time doctors if their work is deemed differentiated.

That is an extraordinary shift. Low volume meant low volume. Now it can mean high volume, wrong type.

NHSE argues that all GPs should remain as trained, as generalists in case they return to normal practice. Once on the performers’ list a GP can do anything, including return to street practice without much ado. NHSE considers that a risk. But the same risk applies to specialists changing their scope of work. If we plan to, or change our scope of work we change our CPD accordingly. Nobody need keep up skills they were never need to use. But NHSE insists on it for GPs, and only GPs.

My situation: the new-to-us policy that does not fit with reality

My working pattern has not changed in 15 years. Yet for the first time I have been labelled a low-volume worker. I work part time as an APMS GP in prisons and I also do remote location work. The latter is deliberate as it is one of the few ways left to retain genuinely generalist skills that modern English practice rarely uses (e.g. minor surgery and maternity exposure). In this appraisal year I worked around 135 sessions in prisons and another 45 sessions as undifferentiated-plus GP work in the Falklands, where GMC registration is mandatory, plus a few sessions at my old NHSE practice grouping.   

GMC accepts overseas evidence when a small part of appraisal and 100% where GMC registration is mandatory (Gibraltar and beyond).   NHSE does not accept it, only accepting English time as evidence.

Under the NHSE thinking my work was to be treated as low volume because most of the work was considered differentiated prison work.  The rest was not undertaken in England so would not be counted (despite GMC accepting that evidence).

NHSE seeks that we demonstrate maintenance of skills that are outside our real scope of practice, or else do remedial work listed in our appraisal documentation to become undifferentiated.

Using appraisal and revalidation to enforce local objectives

In communications about this issue, the message was that if a GP does not comply with NHSE undifferentiated expectations the Responsible Officer may find it difficult to recommend revalidation. I cannot see how that can be the case as thr GMC’s core revalidation principle is scope-based: you must be up to date and fit to practise within your scope of practice. It is not a requirement to demonstrate competence in skills you do not do, cannot do, and will not do.  Ii is not a GMC requirement to be undifferentiated. The GMC R.O. could not ‘find it difficult’ when the GP is fulfilling all GMC requirements.

Appraisal is not the place to force doctors to remain undifferentiated. If a commissioner or employer wants a particular service profile, that is a contractual and workforce-planning issue, not something to be smuggled into revalidation.

What the law actually says (England)

1) The performers List law gives NHSE some leverage, but not for this

My R.O. stated that as NHSE is paying for my appraisal it is entitled to make adjustments in line with its policies.

In England, the performers list framework is statutory. The enabling power is in the National Health Service Act 2006, section 91. The current implementing instrument is The National Health Service (Performers Lists) (England) Regulations 2013 (SI 2013/335).

Those regulations require that performers list practitioners participate in an appraisal system established by the Board (NHSE):

That is the legitimate place where NHSE can set process expectations for performers list governance.

2) The Responsible Officer framework

The where you do most work rule sits in the Responsible Officer Regulations, not in GMC registration rules and not in performers list entry rules. See The Medical Profession (Responsible Officers) Regulations 2010, regulation 10 (prescribed connection).

3) Revalidation is anchored in the Medical Act, and the GMC can set guidance, not NHSE

Revalidation is a statutory process under the Medical Act 1983. The GMC may publish guidance on information/evidence required for revalidation under section 29G. The GMC’s 2012 regulations that implement the licence/revalidation machinery are The General Medical Council (Licence to Practise and Revalidation) Regulations 2012 (SI 2012/2685).

In other words: NHSE can create policies for its governance systems. The GMC sets revalidation requirements through its statutory framework and its guidance.

What the GMC itself says about local requirements vs revalidation

This is where the clearest support comes from. Two GMC publications provided to me contain explicit statements that should stop local objectives being imported into revalidation decisions.

GMC, 2017: Update on implementation of Taking Revalidation Forward recommendations

Source: Strategy and Policy Board meeting, 9 February 2017, Agenda item 7. Original GMC link:

https://www.gmc-uk.org/cdn/documents/07—update-on-implementation-of-taking-revalidation-forward-recommendations_pdf-69414753.pdf

‘We are also concerned that there can be confusion between revalidation criteria and local job-related requirements, particularly around mandatory training. We do not consider it acceptable for employers to add management objectives to the evidence required for revalidation. Everyone needs to be clear on what is required for revalidation and what is not’ (page 7).

‘distinguish local initiatives and employment obligations from revalidation requirements in the appraisal process so it is clear to doctors what is necessary for the purposes of revalidation and what is not;’ (page 9)

GMC, 2018: Taking revalidation forward, Working with others to improve revalidation

Source: November 2018. Original GMC link:

https://www.gmc-uk.org/cdn/documents/rev—-taking-revalidation-forward—working-with-others-to-improve-revalidation—dc11687_-76860097.pdf

‘We have made the distinction between GMC requirements and local requirements clearer and emphasised that failure to meet local requirements eg completion of health and safety training shouldn’t influence the revalidation recommendation made about a doctor. (page 7)

These are not my blog opinions. They are explicit statements about the boundary between revalidation requirements and employer or local requirements.

The NHSE reply 

In an NHSE reply to my questions (with my annotations), NHSE accepts some principles in words but then applies a different test in practice. For example:

  • Appraisal should cover the full scope of practice, yes, but NHSE implies that to remain on the performers list the Responsible Officer must be assured the doctor is up to date ‘to work in general practice’, regardless of the doctor’s actual scope.
  • NHSE indicates that if supporting information is primarily overseas, the RO is unlikely to consider it satisfactory, while simultaneously acknowledging exceptions where a UK licence is legally required (which is relevant to various British Overseas Territories)
  • NHSE asserts that the old low volume guidance has been replaced by PLAN 32, If Plan 32 is now the basis, it should be cited clearly and explained.

The most concerning line is the recurring warning that ROs ‘may find it challenging’ to recommend revalidation based on minimal NHS GP work. That looks like using revalidation as an enforcement mechanism for NHSE workforce objectives, even though the GMC’s own published statements warn against precisely that.

Why would we expect a GP to prove competence in unused skills, remain undifferentiated. A breast surgeon is on the GMC register as a general surgeon,, but nobody expects them to demonstrate in their appraisal that they can perform procedures outside their scope pr practice, for example, inserting a renal stent or forming a colostomy when  those are not part of their actual work. The requirement is to be up to date and safe within scope.

NHSE’s undifferentiated status targets GPs, and only GPs  towards a different standard, retain broad skills irrespective of scope, or be treated as low-volume even when working full time.

Summary

  • Appraisal cannot be used or modified to ensure a GP stays on the performer’s list.  NHSE can run a performers list governance system as it does for major complaints.  But otherwise unless a GP fails to work in an area or is not having appraisals, there is no easy mechanism to remove a GP from the performers’ list.  G.P.s cannot be removed for failure to be undifferentiated.
  • The GMC sets revalidation requirements not the NHSE.
  • Appraisal evidence should reflect actual scope of practice.
  • Local requirements must be separated from revalidation requirements, and failure to meet local requirements cannnot, by itself, drive revalidation recommendations. The GMC has said this explicitly.

If NHSE believes it can require undifferentiated work as a condition of remaining on the performers list, then it should cite the precise statutory basis and define the term in a way that is coherent, fair, and challengeable. If it cannot cite the statutory basis, it should stop presenting policy as if it is law or GMC mandate.

 NHSE does have powers as funds and sets the appraisal format. The critical distinction is that GMC revalidation and NHS England Performers List inclusion are not the same legal test. Revalidation concerns fitness to practise and maintenance of the GMC licence. Performers List inclusion concerns suitability and fitness for purpose to provide NHS primary care services in England. NHSE powers are limited in that regard.

Short answer: NHSE cannot simply turn appraisal into a pass/fail exam on whether a GP accepts being undifferentiated.

They can require participation in an appraisal system. They can also expect the appraisal to cover the doctor’s full scope of practice. But the sanctionable issue is not whether the doctor agrees with NHSE’s terminology. The real legal questions would be:

1. Has the doctor engaged with appraisal/revalidation?
2. Has he provided adequate supporting information across his actual scope of work?
3. Is there evidence that his continued inclusion on the performers list is unsafe, unsuitable, fraudulent, or prejudicial to service efficiency?
4. Has he failed to perform relevant performers-list services for 12 months?

If the doctor says:

I dispute the term ‘differentiated’. My scope is prison GP/remote GP/defined-scope generalist work. I maintain competence, CPD, QI, SEA review, feedback and reflection within that actual scope. I do not accept that revalidation requires me to plan to practise outside my current scope.

That is not, by itself, a disciplinary failure.

The possible NHSE levers are these:

Appraisal outcome: the appraiser may record concerns or unresolved issues, but appraisal itself should not be a pass/fail process.
Responsible Officer recommendation: the RO might try and claim, or be trold by NHSE there is insufficient information and seek deferral. That is the practical pressure point that NHSE is attempting to use.
Performers list conditions: NHSE could try to impose conditions, but only on proper statutory grounds, mainly efficiency/fraud prevention, with notice, reasons, representations and appeal rights.
Removal from performers list: possible only under statutory grounds, such as unsuitability, efficiency case, fraud, loss of registration/licence/GP register status, or failure to demonstrate relevant services in the previous 12 months. It is not lawful simply because the doctor refuses to adopt NHSE’s preferred workforce ideology.
Suspension: only where necessary for patient/public protection or public interest, usually pending investigation/removal/conditions. A mere disagreement about “differentiated” status would be a weak basis.

So the key distinction is:

NHSE may ask the doctor to reflect on scope.
NHSE may not lawfully require false reflection or compel a plan to practise outside actual scope as a condition of revalidation, unless it can identify a clear legal basis.

The safest wording for the doctor is not “I refuse to engage”, but:

I have engaged fully. I have reflected on the issue. I dispute the label ‘differentiated’ as being imprecise and potentially misleading. My professional duty is to remain competent, up to date and safe within my actual scope of practice. I do not consider it appropriate, safe, or consistent with GMC scope-based revalidation principles to create a development plan aimed at practising beyond my current scope unless and until I intend to undertake such work.

That preserves engagement while refusing the trap.

All I got the RCGP team so far is ‘The RCGP supports GPs to continue to work as GPs, whether that is providing core general practice services, or GPs with extended roles or other portfolios, and we shall continue to do so’

 

Here is the NHSE reply to my Qs in black NHSE response in blue and my secondary comment in green.  “SRT” is the RCGP designed form low-volume worker 40 sessions or less in total form. “NPL”: National Performers List.
 
1. GPs working in prisons are providing primary care. These sessions should be counted as such; they are APMS performers’ list work – We request completion of the SRT to assess how you keep your skills up to date, as prison work is not considered undifferentiated GP work. (They ignore Shetland or Falklands, but GMC does not)  
2.      For revalidation, GPs must demonstrate they are safe and up to date within their scope of work. There is no GMC requirement to maintain all undifferentiated skills. As you are on the NPL, the RO must be assured that you remain up to date to work in the general practice. (What is NPL got to do with GMC appraisal?  Once appraised you cannot be removed from the performers list)
3.      The GMC does not require NHS-only work; a GP may work entirely in private practice and still revalidate. – To maintain your position on the NPL, you must continue to work in General Practice. (That is a bit vague, the RO told me it has to be English street NHS general practice)
4.  Non-NHS work is not excluded from appraisal. – Your appraisal should cover the full scope of your practice. (Quite: appraisal is about SCOPE of practice, not more)
5.      Overseas work is not excluded from appraisal evidence, provided it does not form the substantive part of that evidence. –  Overseas work may be included in your appraisal evidence, provided it does not constitute the substantive portion of that evidence. If your supporting information is primarily from overseas practice, the RO is unlikely to consider it satisfactory appraisal. Supporting information should be from UK practice, except in exceptional circumstances, such as a legislative requirement to hold a UK licence in another country (e.g., Gibraltar). that means all British Overseas territories, Isle of Man, to Falklands.  But yet NHSE won’t accept these hours worked calling them “undifferentiated”)

6.       Low-volume worker guidance applies when a GP undertakes 40 sessions or fewer within their scope of work. – This has now been replaced with PLAN 32. Anyone undertaking only one session cannot be removed from the NPL administratively. However, ROs may find it challenging to make a revalidation recommendation based on minimal NHS GP work. Hence, our appraisers continue to request completion of the SRT if fewer than 40 sessions have been undertaken, and we will advise doctors accordingly based on the provided information. (I could not find any reference to all this in Plan 32)
7.The definition of low volume is not based on the scope of primary care practice undertaken. please see above.
 
You see in (6) “Anyone undertaking only one session cannot be removed from the NPL administratively”   So there is no mechanism for NHSE to remove someone if they do one day’s work in England (and have an appraisal anywhere; appraisal is UK wide).  I could work in England one day, have an appraisal privately or in Scotland (I am on the list there as well) and NHS could not remove me from the performer’s list, so the stipulation that a doctor must remain undifferentiated cannot be enforced.
  
PS.  As it happens, I am not keen on GPs specialising.  I think it frustrates patients and it creates the need for multiple appointments.  Appraisal is NOT the place to attempt to force GPs to remain “undifferentiated”.  That is a contractual issue.  Yet we all drift into a defined scope of practice. We differentiate ourselves.  
    
Pps: NHSE dissolution will not help on jot.  NHS reorganisations are a game of musical chairs and names changes; functions do not change, and we get to see a nice new logo.
 
 
 
 

 

 

References (key links)

Why still run a VPS ?

and VPN Connections speeds using a VPS server

Why do I bother run my own Virtual Private Server (VPS)?

I do ask myself why I still bother with running a VPS on IONOS. I no longer have a business to run, so the old web pages are an archive now. I thought old URLs should never die (*).

I am often tempted to shut the VPS down and use email only service providers. They seem to be as expensive, even more than running as VPS that can run the email. I need 50Gb for each email box. Emails are a useful personal archive; ours goes back to 1992.

Running an email server on a VPS can be problematic. Both Google and Microsoft impose their email server monopoly on security grounds. Rarely they have blocked whole swathes of Internet Service Provider’s addresses, with no notice or explanation. I assume just one of the ISP’s customers has been naughty by sending out spam. It can take a day of two to get unblocked from these secret blacklists. I hope I have not jinxed it but the last such episode blocking email was over a year ago. This big-boys IP blocking was never reported by blacklisting sites such as MX toolbox. One needs to avoid getting on any blacklist lists so chose ISP carefully. Set up SPF DMARC DKIM and even DNSEC. All would be quite fiddly if it was not for the likes of PLESK to set up and control your VPS.

Plesk is very expensive when sold as a stand-alone, personal purchase, but cheap when it is part of the ISP VPS package. Always buy with a VPS server with cPanel or Plesk.

What do I still use VPS for?

1. EMAIL The advantage of running an email is you are your own man in the middle, your data is not being mined. You are in control and back up. I spoil the lack of data mining by having my google Gmail account pop read all the incoming emails. Searching of email is so much faster and intelligent with Gmail than directly searching on the server or Outlook. Gmail then is one of the backups. I also backup the entire server and settings to Dropbox. Tight fail2ban rules are essential for email servers and PLESK sets that up easily.

2. A Virtual Private Network VPN when abroad keeping a UK IP address is very useful. To use a VPS as a VPN is a cost saving, as a commercail VPN service can cost as much as a VPS, but you can do more with a VPS. The VPS’s IP is not recognised as a likely VPN address and has never been blocked as being from abroad; the IP address does not belong to any of the major VPN providers. Again, you are not being mined, logged or surveyed with your own. I use Softethervpn on the servers and Raspberry Pis as it is so much easier to set up and can use OpenVPN. Softethervpn even makes a client OpenVPN script to do so. Beware VPNs do not route IPv6 well, so to ensure that seen to be a UK address turn off IPv6 on your PC when abroad.

3. SSH tunnels and reverse tunnels. Some of my projects have no inbound route (say they are on 4g). Using autossh on the remote site will open a port on the server to connect to the remote site to use for anything, including VPN connections. SSH needs care: I change the default port number of SSH, run fail2ban and of certificate only, no password logins are allowed.

4. SOCAT. This is a useful programme if you want to reach the fixed IPv6 address from IPv4. One of my places has no fixed IPv4, no route from the internet (CGNAT) but has IPv6 allocation. Opening IPv6 pinholes on that router I can can access multiple devices from the internet, even using the same port number, at the remote site. Alas, some business networks, hotels and phones are still not routing IPv6. So I need to direct the request to a VPS server port, and the configured SOCAT will read IPv4 and forward on to the remote reachable IPv6 address.

5. Web Server. Setting up web pages. Social media has reduced the need to have a vanity domain and web pages as I set up long ago. For email alone one needs to get a proper a wildcard SSL certificate. You can then use that certificate on any machine (some are RaspberryPis) once using by the same domain or subdomain. Plesk makes setting all this up easier.

6. Frame forwarding. One can set up a subdomain and the point to a port to the server which is connected to a website elsewhere (such as a raspberry Pi) eg https://yell.bulger.co.uk is frame forwarded to a port on the VPS which has been autossh connected by the raspberry Pi in Shetland.

7. Never run TOR on a personal VPS server!

G3WIP

*Old URLs should never die, expect in Australia.  If a business stops trading or reduces to itself such that it no longer has an business number (ABN), then the domains .com.au have to be deleted by the registrar, along with email and contacts.   This is quite nuts.

VPN Connection Speeds

I use my own servers to double up as Virtual Private Network VPS servers. I also use RaspberryPis.   Seems safer and reliable to me than the commercial VPN offerings.  Nowadays it is quite cheap to set up the most basic internet based Virtual Server  (https://www.ionos.co.uk/servers/vps) .

I have used Softethervpn  https://www.softether.org/  as was the easiest to set up on the Linux servers and has many features and offers different protocols.

Then there was a claim that WireGuard was a faster protocol, so I thought I would check it out.  Thanks to a nice script is now also a doddle to set up: https://github.com/angristan/wireguard-install on my servers.  Beware a “feature” is that the Wireguard client looks as if it has connected, creates a default route to nowhere, when there is no connection.  I thought it was not routing, it was much simpler than that; it had not connected at all. I had a firewall problem.   Wiregaurd should change the route until there is a connection.

I put WireGuard   https://github.com/angristan/wireguard-install server on Ubuntu VPS and a domestic RaspberryPi  using the same script. 

I am using my Windows 11 as the client at home

I turned off IPv6 (not all VPNs route or block IPv6). I tested various protocols to my VPS server (UK to UK).  The server is said to have a 3GB connection

Speedtest to the same end point averaged as follows:

Straight connection with no VPN on my fibre line gives 980Mbps.  Upload and download speeds were always similar.

SocksProxy using SSH (secured; key-only authentication) connecting to my VPS server came out best to my surprise.  I thought there were limitations to using a Socks proxy. Normally I used Seamonkey Browser to use this proxy tunnel, not all of windows.  It averaged 600Mbps.  When I set windows itself to use this proxy tunnel the speed was 680Mbps.

SoftetherVPN with its own protocol and client 460Mbps

WireGuard 280Mbps

Open VPN 150Mbps

L2PP/IPSEC    140Mbps

IPv6 and VPNs is a whole new ball game, and I do not know the rules.  At least WireGuard using this script prevented IPv6 direct routing to the internet (stopping a leak bypassing the VPN) when Windows has IPV6 on as does Socksproxy.  This is useful.   Better if ALL traffic, IPv4 and IPv6 is be routed via a VPN, I am not sure how to achieve that as yet (see such discussions https://www.reddit.com/r/WireGuard/comments/mg9mlp/ipv6_routing_subnet_through_wireguard/ ).  Currently with my setup with WireGuard VPN and other VPN protocols do not find sites by IPv6 address.

My conclusion is that I will use the Socks Proxy via SSH proxy more often. This little script below simplifies switching the proxy on and off.  https://github.com/zubir2k/WindowsProxySwitch.git  although  it offers no choice as which proxy to use if you have more than one set up.

Thoughts on crypto currencies

St Helena, on the South Atlantic, where I was working last year (2021) has vague notions that it can become a crypto centre.  It will have fast internet connections working within a year. Here are my ramblings:

It’s remote

I suppose St Helena could offer is a legislative framework to support some innovation.  It might be able to offer safe haven for storage of data.  

St Helena seems to be wondering about solutions for Africans without bank accounts. This is being tried elsewhere; I have a tiny amount invested in a crypto company that is trying to develop a modern version of M-Pesa in Indonesia, where 90% of its huge population did not have bank accounts.  M-Pesa and similar African schemes transfer money between people and their mobile phone accounts.  They are successful because simple and intuitive. Any new solution must be better, ergonomic, simples.  These African based phone companies must be trusted and in effect become on-line banks, so need to be licensed and regulated as such.  A crypto, distributed ledger is in theory safer and no need to find a “safe” trusted third party.   A Government could steal or nationalise M-Pesa,  or even its system could be hacked.  That’s still impossible with a distributed ledger.

The distributed ledger is an exciting solution said to be seeking a problem.  The one cited problem has been cost of financial transactions between people, the cost of selling a house, all because the current systems have been built of over centuries to create trust.    The distributed encrypted ledger should be able to cut out all middlemen, lawyers, brokers and even banks.   The ledger machines throughout the world have to agree that a transaction is genuine and correct.  It is a public record.  Anyone can look up a Bitcoin address for example and see the transactions on that address.   The land registry could be such a ledger, same for car ownership.

The distributed ledger is not instantaneous as it is limited by the speed of light, or rather by the latency of internet cables, and the speed of the computers holding the distributed ledgers.  It could not be easily used for high speed trading. St Helena, even with the new cable connection will suffer from a little longer ping time, longer latency, than servers within Europe, USA and Asia so this may limit St Helena’s use on the crypto scene.

There is an idea that perhaps the world should put precious data on the moon to keep out it of harm’s way.  St Helena could offer that safety on earth, but it would need power sources other than diesel to run any kind of servers, including any “mining” or distributed ledgers

People worry this is all crypto is all speculation, a ponzi scheme. Bitcoin has no intrinsic value.  The value is only a perception of what it is worth, as others agree.  But paper fiat money is the exactly the same; the paper is worth nothing, yet we all intuitively agreed on value of a £20 note (until inflation hits).  Governments have been printing fiat money, banks creating it (they lend more than their deposits) for decades, and it got worse with Covid, so its no wonder we now have inflation, principally of capital (houses) making the rich richer, but now inflation is at risk of running away.  The advantage of Bitcoin is the number of coins is limited to 21 million of them, the hard cap.  We would have expected Bitcoin to gain in strength as inflation hits. But it collapsed as too many were speculating using borrowed money and too fancy schemes linked to other asset classes.  This will wash out.   

Attempts to create stable coins are fraught, as to peg say a tether $ would mean Tether would have to hold a fiat $ to every tether $ electronic coin.  But it never did, so acted like a bank creating more Tethers than it held. Bringing back the principle of the need to trust someone, and thus acting like a bank.  There are many mathematical attempts to resolve this dilemma to establish more stable coins, but recently those algorithms failed spectacularly (Terra USD)

Governments flirt with the idea of creating their own crypto coins. They would be stable, hard linked to their fiat. Coins and paper would cease to exist.  They could mint more coins, have total control over money supply. This would seemingly abolish banks being involved in transactions, people would no longer need bank accounts.  All money electronic.  This of course is a communist idea of absolute control over the population.  Tax impossible to avoid, all spending monitored by Government.  Since Banks would no longer hold deposits where would any lending come from?   The Government.  

I am not sure I can see how St Helena can fit into this revolution as yet.

https://www.theregister.com/2022/09/08/doj_rongelap_atoll_crypto_charges/?utm_source=daily&utm_medium=newsletter&utm_content=article

Dr Gerry Bulger   ex SMO St Helena

Abuse of NHS Doctor’s Appraisal System

There are individuals within the NHS who view GP appraisals as a reference system, using them to assess a doctor’s suitability for particular roles by requesting GPs to submit their appraisal output data or a “copy of their appraisal.” Additionally, some administrators aim to utilise doctors’ appraisals as a management tool for audit and performance, aligning with appraisal systems in other work sectors.

Doctors should firmly refuse any requests to share a copy of their appraisal or appraisal summary with employers. Many doctors are already cautious about including reflections in their appraisals, especially after the Dr Hadiza Bawa-Garba case. Using appraisals as a reference tool would exacerbate these concerns significantly.

In March 2021, I discovered that the GMC appeared to support this new stance from employers. A statement on the GMC website read: “Appraisal documentation is confidential. When requested, doctors should share summary appraisal outcomes with the organisations where they work (in addition to their designated body) but should not be expected to share their full appraisal portfolios on a routine basis.” However, the GMC later acknowledged that this wording was incorrect and replaced it with a fuller document, available here: GMC Information Sharing.

After representation to the GMC by the RCGP Revalidation team, I have been reassured that doctors are only required to provide evidence that they have had an appraisal. This can be done through the appraisal statement, which consists of a few tick-box lines with no detailed data. It merely confirms that an appraisal has taken place. This statement is entirely different from the appraisal summary, which contains the detailed content of the appraisal. The appraisal summary should not be shared, nor should any other part of the appraisal documentation.

If appraisals are used as references by NHS Trusts, other employers, or GP practices, this will undermine the appraisal process and potentially jeopardise revalidation. Doctors will avoid addressing challenges and will be unable to reflect in confidence. A salaried GP, for instance, would be highly reluctant to share their appraisal with their workplace or practice manager if workplace issues were involved. Appraisers may also begin tailoring their appraisal outputs to fit this new role as a reference for third parties, rather than as they are currently designed: confidential, reflective learning documents and private professional development plans.

Below is the letter that initially raised my concerns. It followed several months of working via an agency. I had worked in the area since 1993 and appraised locally. I was both licensed and revalidated:

 

Hertfordshire Community NHS Trust   1st  August 2018                                                  Dear Dr Bulger   Re: Appraisal Output request for Gerard Bulger  As you will be aware the Responsible Officer regulations came into force in 2012. As the Deputy Responsible Officer for the Designated Body Hertfordshire Community NHS Trust (HCT), I am accountable for seeking regular assurance that Doctors who work for HCT in any capacity are up to date and fit to practice across their whole scope of work.  As such and in accordance with the HCT process Non Designated Body Doctors’ Governance Process’ approved in January 2017 by the Workforce and OD Committee, I kindly ask that you provide your last appraisal output form no later than 8th August 2018.As you will be aware the Responsible Officer regulations came into force in 2012. As the Deputy Responsible Officer for the Designated Body Hertfordshire Community NHS Trust (HCT), I am accountable for seeking regular assurance that Doctors who work for HCT in any capacity are up to date and fit to practice across their whole scope of work.”  

In March 2021 I got another request, a CQC inspired compliance list from another employer which included a demand for “copy of my appraisal”, as if standard and matter of fact.  My reply to both reply was no.  The employers can check references, my place on performers’ list (so therefore appraised) and can check I am licensed and revalidated on line.  The Trust or any other employer have no right to demand to see my appraisal output and data (which, as it happens is suitably glowing, so I should show it off); the  principle is that that appraisals are also private reflections.

West Herts Trust, frustrated by my refusal then tried to apply to NHS England for the appraisal data as if I was changing my GMC Responsible Officer (R.O), that is moving area using the  RO to RO form (MPIT). NHS England’s response was robust and the request refused.  The data cannot be used by anyone other than the doctor’s one and ONLY responsible officer.  NHS England’s Programme Manager replied to me in 2018:” We would not consider sharing your appraisal documentation with any employer and it should not be used in the manner in which your organisation is suggesting. I am happy to write to them on behalf of your RO to confirm your fitness to practice and that you are fully engaged with the appraisal programme.  That is all..”

These requests are a nasty extension of the use of the appraisal system output as a reference and a management tool.  This is not appraisal’s purpose, which is about probity, reflection, developing a personal development plan for licensing and revalidation.  No doctor should volunteer to send their appraisal output to anyone outside their own Responsible Officer’s team.

West Herts implied in the letter that in effect a doctors could have more than one GMC responsible officer, so each Trust could view appraisals outputs. 

BMA: Responsible Officers (ROs) are the individuals within designated bodies who have overall responsibility for helping you with revalidation. A designated body is the organisation (likely to be your main employer) that will support you with your appraisal and revalidation.  You only have one designated body and one Responsible Officer irrespective of how many organisations you are contracted with or employed by. Only UK organisations can be designated bodies, because the legal rules that determine this – the Responsible Officer regulations – only cover the UK.

GMC: Taking Revalidation Forward  the GMC has the following statement in Sir Kieth Pearsons recommendations (Appendix B)
9 Responsible officers should make sure that the revalidation process for individual doctors is not used to achieve local objectives that are not part of the requirements specified by the GMC. 

LMC: “believes this is a gross misuse of the appraisal process and that there are no such requirements for outputs to go to new employers”

GPC: An employee should not be requesting this information and you do not need (nor should you) share it. All they need to know is that you are on the performers list (which you can only do it you are keeping up with appraisals and revalidation. 

During my time as an appraiser I assured my doctors that the appraisal process was confidential, and that the only person who may see it would be their one and only responsible officer and their appraiser.  A doctor has one, and only one GMC Responsible Officer, no matter how many employers he or she has.

We have understood that appraisal remains a formative and reflective process. The output has no pass or fail unless there are clinical risks found or the doctor is not engaging.  The purpose of appraisal is to demonstrate continued probity, learning and reflection to keep a license.  The doctor’s one R.O. can approve for revalidation after five years.

A Trust can check that a GP had had a recent appraisal, that he is licensed, revalidated and on the GP performer’s list.  Should a Trust need to know that a doctor is suitable for a particular job this is achieved by references and interview.  The appraisal data would be a poor way to do this.  To provide appraisal data to third parties is an extension of the appraisal and revalidation system beyond its scope and purpose.

GPs must refuse to send appraisal output demanded by employers. They have no right nor reason to see it. 

Gerry  Bulger

https//bulger.co.uk/message.htm

Covid: Bureaucracy blocked Clinicians working

Time to rage against most of the NHS? 10/01/2021

At the height of the second wave I was waiting for the call up to help in the overwhelmed hospitals or for the vaccination campaigns.    Not a word, not a single email.

Meanwhile my inbox was full of requests from Australian agencies offering up to $2,700 a day for Covid related work, in a country where, so far, Covid is pretty much under control.  I also remain on the Australian register, but I cannot get there unless I self-isolate at my expense in special hotels, and I would need a new visa.

Here in UK I did the in-house training for NHS Nightingale and its on-line modules, got the lanyard, ID card, staff number and T-shirt, but thankfully never needed.  I also other modules and the NHS “credentiality” checks for 111 primary care work. All that extra training is imposed on doctors as if they are not already in practice. It was designed for those coming out of retirement, and the rigid rules set place could not be changed for those already working and appraised.   A list of some of the stuff is here:  https://www.bbc.co.uk/news/uk-55516277

Most of so-called mandatory training modules such as anti-radicalisation are not even mandatory at all. Apart from some internal health and safety rules, there is no legislative or GMC requirement for the training modules. The “mandatory” aspect is an NHS urban myth that keeps many in employment.  Doctors must be professional and keep up to date.  We undergo annual appraisal and then revalidation to prove it. That alone is our training duty.  The NHS as invented the rest.  It may seem sensible that module to recognise allergic reactions.  But if any doctor does not know how to recognise or deal with that then we need to look seriously at the 10 years+ of medical training.  I very much doubt the Health Secretary’s vow to reduce this will have a lasting effect, as the culture to require this nonsense it too imbedded. https://www.bmj.com/content/372/bmj.n13

Did anybody in NHS other than Casualty and ITU staff in the NHS know there was a war on?   Could they not slash these requirements and call up trained doctors to help?

I was shocked and aghast attending “Pinnacle” and Covid Vaccine roll out on-line NHS Team Meeting seminar at the start of the vaccination programme.  Even the GPs leading it have got wrapped up in the bureaucracy of it and believed in it.  They should be in a rage.  Instead, their energy seemed to be directed to worrying about £10.00 fee for nursing home jabs.  Vaccinations centres as in GP hubs are being loaded with computers, printers and scanners and specialised software.  We all have computers in our pockets which can scan bar codes of all sorts, surely there is app for that would make that pile of kit redundant.   Less is more.

During that Team meeting it was clear that the hoops expected by the software and NHS minions were no longer necessary.  Previous anaphylaxis is not a contraindication, and no need to watch the patients for 15 minutes.

Sir John Bell has it bang on. “NHS could vaccinate UK against Covid in five days, says Oxford professor: Bureaucrats are blocking a rollout that could prevent many more deaths, according to Sir John Bell  https://www.theguardian.com/world/2021/jan/09/nhs-vaccinate-uk-covid-five-days-oxford-professor

Those working in Casualty and in ITU manage despite of the system. They pull in levers in Government and nothing happens, as the NHS system blocks and delays.  Time to rage against most of the NHS, not clap it. 

I carried on working elsewhere in the NHS part-time.

Dr Gerard Bulger BSc MBBS DCH FRCGP FRACGP CCFP

https://bulger.co.uk/message.htm

Junk is stuff in the wrong place

I was back down working in the Falklands in 2020. Behind the house was a yard with local TV tower with assorted radio junk scattered about. I was sure cared for and some is in locked containers, perhaps to be shipped back one day. It belongs to KTV Falklands Digital Channel https://en.wikipedia.org/wiki/KTV_Ltd. Later of course once out of Covid isolation, I met its owner Mario, VP8EME. In such Isolation, with no RS store or Amazon to deliver the next day, he needs to keep stuff.

To any amateur radio operator this would have seemed mouth watering stuff. Rows of parabolic dishes, some with various transponders still attached. Then power supplies, heat sinks, cables.

I suspect the reason for apparent discarding is that there now decent internet here via satellite, 4g mobile phones, a few free TV stations and more if you pay a fee to KTV. So individual dishes are no longer needed. There are issues with the local telecoms monopoly…even bringing down your out Satellite Phone with data is illegal, let alone setting up your own satellite data dish. All about those problems and more is on https://openfalklands.com

Upgrades to the telephone system filled the yard with even more stuff. BAS seems to have left a container here once used for HF coms.

Enough here to build a few antenna towers. Then there coils of fat low loss coax piled up. I assume too expensive to ship any of it back to the UK so it sits here waiting to be used, but I imagine the next project here would bring in new materials. This stuff is the wrong place. I assumed parts would be used and appreciated by many back home.

In memoriam: Looking at some of the old kit I appreciated the work and engineering involved in creating it within the last 30 years. Unless you build a cathedral everything we do is ephemeral. Much of this was so beautifully made with professional screening of parts, solid aluminium casing. A lot of thought and brain power, time and care went into each part, now not used. A graveyard of effort. Some of the boards have rows for Z80 chips which were used until quite recently, even a 555s.

Then I realised that even for hams and electronic enthusiasts little of all this is of use to us nowadays. It’s frankly simpler to write line of code into a computer than it is to make stuff. So we use the internal complexity of millions of transistors in a PC chip to achieve something that could be achieved in “simpler” manner by old school working.

Waveform Old school with op amps and 555 chips

Waveform Generator using Raspberry Pi

But the old school in inflexible. Once made with wires and components it does its one thing. A Raspberry pi is cheap and light. Make an error reformat and start again. Reliable too. I had one doing its thing as router/VPN for over year without a reboot.

Some of this stuff here could be used for interfacing, a PC’s output need to attach to something in the end.

VP8DPD G3WIP

Fibre and Phone Broadband Routing IPv4 & IPv6 to home machines & servers: Hyperoptic Router Fixes

Our central London apartments have 1GB fibre connections with Hyperoptic which are reliable and fast. We get the speeds advertised, and at one our flats it is even a little faster. Ping is time 1ms. With such fast speeds, upload as fast as download, it is tempting to run servers at home and run a private cloud. The snag is the devices at home are not reachable from the internet using IPv4; the home routers are behind CGNAT, just as phone companies do in order to share the rationed IPv4 addresses and protect their network. You can pay Hyperoptic and other fibre companies extra each month for a fixed IPv4 address that is then reachable from the outside using IPv4. You may not need to. Better to use IPv6 anyway.

Home devices can be reached by IPv6 addresses from the internet which when calling from an IPv6 enabled network. IPv6 is fixed and we are given a whole reachable subnet. Then we can set the home router’s IPv6 filter; that is open pinholes or IPV6 filter rules to local devices’ IPV6 address and ports we want. We can now have multiple reachable devices from the internet and even using the same port, say port 443, as there is no address sharing (NAT).

There has been a snag using Hyperoptic routers, even their latest H3600 router when it comes to IPv6 routing. Many customers give up and buy their own routers. The Hyperoptic router manual has incorrect instructions for IPv6 filters. The first thing to note that the “LOW” firewall setting does not seem to affect IP4 blocks and port forwarding rules, but low does open all IPv6 devices on the LAN, so an open port of any device is reachable on the internet in IPv6 addresses. Not a good idea. But middle and high settings are fine, I set mine to high so all ports are closed unless defined by the filter rules.

Now adding filter rules was a pain, and it took me a day to realise why some rules worked and others did not. The IPv6 filter rule secret is NOT to declare the incoming port. It you put a number in there the rule is ignored.

So all fixed and I do not need to buy a new router.

By the way if you port-forward 443 it stops Hyperoptic from accessing the device. Not that their support is of any use when it comes to anything technical.

Connection works from IPv6 enabled networks away from home. It does not always work from some workplaces or from many phones because still some ISPs still use IPv4 only routing. To solve this I use another server (my VPS) that has fixed IPv4 and IPv6 connections I use the VPS as a middle man to “cat” the connection from IPv4 to an IPv6 address. I can access home systems anywhere and can give my home machines domain names IPv4 and IPv6 with DNS entry. On this middle machine, a Linux site (a VPS) I use SOCAT command with the IP and ports I want like this:socat TCP4-LISTEN:9831,fork,su=nobody TCP6:[2a01:4b02:a40a:4b10:af9b:c59c:b1b8:2e7x]:2529. Connecting to MyVPSserver:9831 using IPv4, connects to my a home device on IPv6:2529. I run a VPN though it (SoftetherVPN). It’s magical (don’t forget to open the port on the middle server if needed). It is very fast, I do not notice any degradation. When using Myvpserver domain I set DNS A (IPv4) to the VPS server and DNS AAA (IPv6) direct to the home device IPv6 address.

As it happens I found that if you have two places with Hyperoptic fibre connections you can access the other by using the internal Hyperoptic IPv4 addresses that are given to their routers (in 10.0.0.0 range). These internal Hyperoptic IPv4 addresses seem fixed. These IPs have not changed over multiple reboots.

The other approach to reach your server is to use a reverse SSH tunnel from home server to one with a fixed IP such as a VPS. Using a Softether VPN ( the easiest of VPNs to set up) we can have full access to the network. To automate this I use autossh, set up in /etc/rc.local rc.local is now depreciated but I find it easier.

autossh -M 0 -N -f -o “ServerAliveInterval 30” -o “ServerAliveCountMax 3” -o “PubkeyAuthentication=yes” -o “PasswordAuthentication=no” -i /root/.ssh/id_mykey -R 50020:localhost:5555 user@mydomain -p 2526 & This connects the remote, behind the firewall machine (usually a Raspberry) Pi to my VPS SSH port 2526 using the key id_mykey. The VPS now has the the 50020 as a tunnel back to the remote machine’s Softether default port 5555. A Profile on Softether client on any device can be set to connect to mydomain port 50020 (if port open or localhost:50020 to tunnel the port via SSH)

I was also using the reverse tunnel to connect to a 4g router. This is a 4g dongle attached to Raspberry PI as part of a remote ham radio project. I have no space in London for antenna. I was to run Remote Rig though the tunnel but 4g latency was the problem.

https://bulger.co.uk/message.htm

Three Broadband 5G. Atrocious upload

Update on 5g Three Broadband (as was Relish broadband)

See 2015 blog on the 4g Three Boadband product

I get on the phone to dump Relish (Three Broadband), giving up the £30 a month contract after some years with them.  I was getting better connection and upload speeds on my phone.  My phone uses the same Three’s Network 4g or Vodafones’ 4g (it’s dual sim).  Setting my phone as a hotspot was better than using the Three home broadband hub. Time to give up on the 4g Relish (Three) home broadband hub.

Three Broadband then said 5g was now in my area, so I was sent the new Huawei 5g hub/router (over £350 to buy).  My testing went ahead using wired ethernet from hub to PC.

5g is only JUST available in my flat in only one spot, at an impossible to mount area within one bedroom.   Then it seemed that if I made any adjustments to the router firmware, such as change the LAN IP range, the router lost its ability to find the local 5G signal.  It would only find 5G tower after a hard reset.  That is all support would suggest.

Huawei H112-370.

The best 5g I got was with the hub router propped up on books in one precise spot was 100MB/s.   What was most disturbing was the fractional upload speed, best at 2.8Mbs.   Everywhere else in the flat is it the hub dropped down to 4g but at least that gave better upload speeds of 4-6Mb/s

Best with 5g:

Best 5g in area and 5g Area in our flat near window, pointing at local tower.

Three Broadband will not tell you what upload speeds to expect, talking rubbish that it depends on various factors, but those factors would also affect download speed, although I accept transmission power is lower from the hub. One the other hand power is needed for reception’s download handshaking so I would have thought factors affecting download would affect upload to the same extent. Perhaps 5g is more complex.

Three Broadband refuse to give any indication of an upload guide number, and simply state “it is not guaranteed”. That is all they will say.   Three Broadband’s refusal to give any technical details to users is something Ofcom should look into.  We should know what we are buying.  Upload speed and with latency are crucial factors for a useful broadband connection; download speed is just on factor and is a bigger number.  It is the only one they like to headline.  Funny that.

They probably refuse to quote any number because upload is deliberately throttled.   This was the case with their original Relish 4g hub (again this was never mentioned anywhere on their web site).  The best upload speed I got on 4g on Relish hub was 8MB/s despite downloads of up to 72Mb/s .   Most 4g SIMS in phones are pretty much synchronous, you get similar upload and download speeds unless the network is busy.   I gather some “5G” systems split upload and put upload back onto 4g.  Perhaps this is what Three does, but seems slower than when the hub is using 4g. All very odd.

The hub is not locked, so I was able to put my 4g Vodaphone SIM in the Huawei H112-370 hub this afternoon, a busy period in central London (things here speed up evenings and weekends).  This afternoon it gave 72Mb/s download and 20Mb/s upload.

Vodaphone 4g sim in the 5G hub. Note upload speed

Using 4g Vodaphone sim in the Huawei hub this busy afternoon in central London.

In the evenings on 4g phone sim I often get 98Mb/S with 70Mb/s upload, or uploads can even faster than download.

So I am sending back the Three Broadband 5g hub.   5G is hardly here at all, and upload speeds are atrocious.

5g here is giving 100Mb/s download with upload throttled to 2.8Mb/s, that upload speed is a fraction of what normal 4g offers.   There is no question that the better option is still 4g and is cheaper.  I plugged in a 4g USB modem into my Draytek router with a Smarty sim, which gives unlimited data, decent upload speeds at £20 a month no contract. Done deal while waiting for the block to get fibre installed.  Hyperoptic fibre cable is synchronous and we get at our other flat 700Mb/s up and down with low pings.  5G can wait because there are some nasty marketing practices bordering in fakery here. Deception of customers by deliberate omission, made worse an outright REFUSAL by support team to state the facts.

Gerry Bulger

https://bulger.co.uk/message.htm

Working from Work: Access your home PC as a Web page from anywhere.

Screen shot of my PC logged into my apartment’s PC as a web page. I can do this from work

Thininfinty Web login

Working from areas with tight security and behind firewalls which you cannot control can be very problematic.  Some places the blocks are simply too clumsy, making internet connection almost useless. Even medical sites such as dermnet.nz can get blocked (skin tones=too much skin). Or using medical terms such as “Oral” too much. So safely log into your home computer.

The simplest and secure solution, that does not imply any hack, download or compromises the security of the work site, is to connect to your outside home computer using a web page, port 80 or better port 443 (https, encrypted).  Those ports are never blocked.  This method does not require ANY software installation at the work end.   You are simply viewing a web page on any browser. You are not downloading or introducing anything of risk to the work system.  No malware can pass.  

The setup is to uses Thinfinity.   This offer a fast VNC like connection to your home computer using a web page alone.  Once installed on the home computer, at work just type in the URL or IP address of your home machine on the work PC’s web browser, eg   https://10.20.30.40/ or something like https://myhome.mydomain.com   

On your home router you will have to port forward port 80 or 443 to your home computer that is running the Thinifinfity workstation server, and that machine needs to be left on!  Give it a strong long password.

The non-commercial single use workstation license is free.

That’s it.

You can then look at all emails, all files, one drive, dropbox, edit stuff and post to NHS email address, and even use WhatsApp messaging that is connected to the phone left in the car.

I set it is as a subdomain of my own domain, so it can share the site’s lets encrypt SSL certificate.  You can use http, port 80, but it is not encrypted. Thinfinity have their own certificate system for https, but that requires connecting to their servers, which could get blocked, and the certificate did not work when I tried.  Domains can be created for any home router using dyndns or similar products, but I feared such domains may be blocked, so I used my own.  You could use the home IP address if it is fixed.

To untrained it could imply a security worry. From work, via this system, you can see on your home computer thus any site or file, such as time-wasting Facebook. But we are responsible professionals and just need access to all our clinical stuff.   

There is no record on the work computer or knowledge what sites your home computer has been looking at.   The work computer just sees the connection to a single domain or the IP address of the home machine as a single encrypted web page. All its doing is sending a screen image.

When logged to your home PC via Thinfinity in there is a hidden menu at the top middle: clicking on it you can scale the screen to fit the browser window. You may also need to hit refresh there if not seeing a window.

Gerry Bulger

Contact https://bulger.co.uk/message.htm

Older links on similar subjects

http://bulger.co.uk/satellitecost2.htm

http://bulger.co.uk/softethervpn.htm