Ping Roedy Green

[Roedy Green]

Perhaps the whole concept of code signing, or even of personal identity,
needs rethinking too. Surely there's a mechanism by which someone could
get a cheap, for-life identity to use for such things, which would
resist attack? I don't notice many people having to pay over and over
again for their birth certificate, and most other kinds of ID tend to
have good reasons for needing renewal; for example, a driver's license
has a good reason in that a formerly good driver might go blind or
something. (Even then, there's a possible time lag between the condition
and the next renewal; renewal really isn't the best way to handle that
sort of thing IMO -- immediate conditional revocation is.)

I remember when SINs (Social Insurance Numbers) were introduced in
Canada. The number was to be use ONLY for tracking unemployment
insurance contributions and benefits. There was great concern the
number could be used to tie all ids together allowing compiling very
complete dossiers on people.

This of course has happened. Only a few people are concerned.

Is anonymity and false identity a fundamental human right? I think we
are gradually moving away from that idea. Technology including face
recognition, iris scanning, DNA analysys, finger marks, lip prints,
hard to forge digital ids, currency serial number tracking, etc make
it harder and harder to act anonymously.

I would certainly be a lot cheaper to have a single id card that
encoded your finger prints, face image, DNA profile, iris scan with a
smart chip with private key, digitally signed by the licensing
authorities, emergency medical information, name, address, phone etc.

The card would divulge only the information you asked it to.

You could use it to buy things, identify yourself, access your medical
records, travel internationally. You would be legally required to keep
the information up to date.

To people of a generation ago, this would be a complete nightmare,
1984 or Ira Levin's This Perfect Day.

We are being a bit squeamish. Corporations already use computers to
keep detailed (and often inaccurate) dossiers on us. Bringing it all
out in the open and formalising the procedures to access and update
information might actually decrease misuse of private information.

Having a multitude of IDs is no longer much of defence.

 

[Arved Sandstrom]

Roedy Green wrote:
[ SNIP ]

Is anonymity and false identity a fundamental human right? I think we
are gradually moving away from that idea. Technology including face
recognition, iris scanning, DNA analysys, finger marks, lip prints,
hard to forge digital ids, currency serial number tracking, etc make
it harder and harder to act anonymously.

I would certainly be a lot cheaper to have a single id card that
encoded your finger prints, face image, DNA profile, iris scan with a
smart chip with private key, digitally signed by the licensing
authorities, emergency medical information, name, address, phone etc.

The card would divulge only the information you asked it to.

You could use it to buy things, identify yourself, access your medical
records, travel internationally. You would be legally required to keep
the information up to date.

To people of a generation ago, this would be a complete nightmare,
1984 or Ira Levin's This Perfect Day.

We are being a bit squeamish. Corporations already use computers to
keep detailed (and often inaccurate) dossiers on us. Bringing it all
out in the open and formalising the procedures to access and update
information might actually decrease misuse of private information.

[ SNIP ]

You wouldn't be the first one to make this argument, and I for one think
it has some merit. In any case, the notion that anonymity and privacy
are fundamental human rights is a construct peculiar to specific
cultures and historical periods.

AHS

 

[Gerald Murdock]

At least for SSL certs, there are plenty of vendors. The Java code
signing market is too small to attract many vendors. see
http://mindprod.com/jgloss/certificatevendors.html

Then part of the problem is that instead of having a unified protocol
for signing things, there's one for web pages, a different incompatible
one for jars, and so forth. Standardization (I'd say, go with something
compatible with existing SSL certs) would be useful here. The basic
problem is generic: "prove the provenance of this sequence of bits",
whether that sequence of bits happens to be some HTML or some Java code.
The solution should be made equally generic.

I would expert Verisign/Thawte to lean on Sun to keep upstarts like me
out.

This, of course, is the other part of the problem: the tendency of
monopolies to abuse their positions to preserve their monopolies, by
leaning on third parties or the government. This is no better than
Disney pushing Congress for endless copyright extensions or Microsoft
leaning on PC vendors to not ship PCs with competing operating systems.

 

[Gerald Murdock]

You wouldn't be the first one to make this argument, and I for one think
it has some merit. In any case, the notion that anonymity and privacy
are fundamental human rights is a construct peculiar to specific
cultures and historical periods.

And if the government then turns evil? How is an effective resistance
supposed to arise, let alone prevail, in your brave new world then?

 

[Roedy Green]

And if the government then turns evil? How is an effective resistance
supposed to arise, let alone prevail, in your brave new world then?

The governmt DID turn evil during the Bush administration. They
snooped on everyone. They made people disappear and forbade anyone to
talk of it.

As the population grows, we need to shift the balance a little toward
protecting against anonymous acts rather than fostering them.

I think we need to clearly draw where the lines are and crucify those
that violate the guidelines. I am sickened the way the Bush admin
openly broke the law, yet almost no one was prosecuted or punished.

There is far to much acceptance of people in government being
considered above the law.

 

[Arved Sandstrom]

And if the government then turns evil? How is an effective resistance
supposed to arise, let alone prevail, in your brave new world then?

It's not _my_ brave new world. I don't think it's anyone's brave new
world. I think many people, at least in North America, have this
misconception that once upon a time we had all this privacy and
anonymity. Well, that probably would have been news to folks way back when.

In any case, resistance movements can adapt to changing conditions. It's
not like national comprehensive ID cards are a threat anyway. What
probably is, and what a lot fewer people scream about, is the increasing
influence of location technologies.

AHS

 

[Eric Sosman]

The governmt DID turn evil during the Bush administration. They
snooped on everyone. They made people disappear and forbade anyone to
talk of it.

Geez -- In Canada? Did you put W on your stamps?

(Roedy, I fear you're posting to the wrong forum. Again.)

 

[Lew]

Geez -- In Canada? Did you put W on your stamps?

(Roedy, I fear you're posting to the wrong forum. Again.)

What, this isn't the mindless rant against all things U.S. forum?

 

[Eric Sosman]

And if the government then turns evil? [...]

Geez -- In Canada? Did you put W on your stamps?

(Roedy, I fear you're posting to the wrong forum. Again.)

What, this isn't the mindless rant against all things U.S. forum?

It's not mindless -- but it's also not about Java, not in
any way at all.

 

[Gerald Murdock]

It's not _my_ brave new world.

Sure it is. You said "I for one think it has some merit", so it's yours.
Own it.

 

[Roedy Green]

(Roedy, I fear you're posting to the wrong forum. Again.)

It is still on topic of whether Java code signing certificates should
be used as a basis for a universal id. Some of the reasons for and
against are political, not technical.

 

[Martin Gregorie]

Roedy Green wrote:
[ SNIP ]

Is anonymity and false identity a fundamental human right? I think we
are gradually moving away from that idea. Technology including face
recognition, iris scanning, DNA analysys, finger marks, lip prints,
hard to forge digital ids, currency serial number tracking, etc make
it harder and harder to act anonymously.

I would certainly be a lot cheaper to have a single id card that
encoded your finger prints, face image, DNA profile, iris scan with a
smart chip with private key, digitally signed by the licensing
authorities, emergency medical information, name, address, phone etc.

.../snippage/...

You wouldn't be the first one to make this argument, and I for one think
it has some merit. In any case, the notion that anonymity and privacy
are fundamental human rights is a construct peculiar to specific
cultures and historical periods.

There's one major problem with a single ID system: if it gets stolen or
forged you're completely stuffed. If its based on biometrics then you're
doubly stuffed because nobody can issue you with a new set of
fingerprints or a new pair of iris patterns.

Nobody has yet come up with either infallible biometrics or an
unbreakable ID card, and as this seems unlikely in the near to medium
term, a single ID system is a real poison pill.

The new 'voluntary' UK ID card (which uses biometrics and a secret
encryption system and started to be issued a couple of months ago) has
already been broken and cloned by reverse engineering it. The UK Govt is
on record as saying that biometrics are infallible and the ID card is
unbreakable, unforgeable and unclonable. It currently has its fingers in
its ears and is going "la la la I can't hear you" because it won't admit
its wrong.

With idiots like these managing an ID card do you really want one?

 

[Arved Sandstrom]

Roedy Green wrote:
[ SNIP ]

Is anonymity and false identity a fundamental human right? I think we
are gradually moving away from that idea. Technology including face
recognition, iris scanning, DNA analysys, finger marks, lip prints,
hard to forge digital ids, currency serial number tracking, etc make
it harder and harder to act anonymously.

I would certainly be a lot cheaper to have a single id card that
encoded your finger prints, face image, DNA profile, iris scan with a
smart chip with private key, digitally signed by the licensing
authorities, emergency medical information, name, address, phone etc.

../snippage/...

You wouldn't be the first one to make this argument, and I for one think
it has some merit. In any case, the notion that anonymity and privacy
are fundamental human rights is a construct peculiar to specific
cultures and historical periods.

There's one major problem with a single ID system: if it gets stolen or
forged you're completely stuffed. If its based on biometrics then you're
doubly stuffed because nobody can issue you with a new set of
fingerprints or a new pair of iris patterns.

Nobody has yet come up with either infallible biometrics or an
unbreakable ID card, and as this seems unlikely in the near to medium
term, a single ID system is a real poison pill.

Not necessarily. The LSE study that criticized the UK design came up
with a much better proposal, that still uses a single card and
biometrics (see
http://www.spectrum.ieee.org/computing/software/loser-britains-identity-crisis/2,
about halfway down). No central database, and compartmented (specific
use) credentials, for starters.

The new 'voluntary' UK ID card (which uses biometrics and a secret
encryption system and started to be issued a couple of months ago) has
already been broken and cloned by reverse engineering it. The UK Govt is
on record as saying that biometrics are infallible and the ID card is
unbreakable, unforgeable and unclonable. It currently has its fingers in
its ears and is going "la la la I can't hear you" because it won't admit
its wrong.

With idiots like these managing an ID card do you really want one?

Well, no, not with idiots like these.

AHS

 

[Roedy Green]

What, this isn't the mindless rant against all things U.S. forum?

There is something unusual in American law that surprisingly makes
American corporations so powerful. Corporations have the same legal
rights as individual persons.

The story of how it happened, some might say by sleight of hand, in
1886 is one of those stranger than fiction stories. Hartmann spends 4
chapters telling it in Unequal Protection.

With that right, corporations could lobby politicians and give them
gifts. They no longer had to open their books to state authorities and
they could demand equal treatment by government with all other
corporations under the 14th amendment.

It is interesting to read about how restricted the first companies
were. They were more like special purpose projects with "royal"
blessing. Our ancestors were much more wary of corporate power than we
are.
--
Roedy Green Canadian Mind Products
http://mindprod.com

"There is an evil which ought to be guarded against, in the indefinite accumulation of property,
from the capacity of holding it in perpetuity by... corporations.
The power of all corporations aught to be limited in this respect.
The growing wealth acquired by them never fails to be a source of abuses."
~ James Madison (born: 1751-03-16 died: 1836-06-28 at age: 85)

 

[Martin Gregorie]

Not necessarily. The LSE study that criticized the UK design came up
with a much better proposal, that still uses a single card and
biometrics (see
http://www.spectrum.ieee.org/computing/software/loser-britains-identity- crisis/2,
about halfway down). No central database, and compartmented (specific
use) credentials, for starters.

The original LSE critique and replacement design was certainly much
better than the Government scheme because it got rid of the heavy handed
surveillance aspects and used decentralized, separately managed databases
whose functionality was limited to managing the security of card issuing
and allowing for some form of online verification.

It didn't need biometrics any more than a chip & pin credit card does.
That was another good feature of their design.

I don't remember any specific discussion of biometrics, but its been a
while since I read their first paper and alternative design. There was
certainly nothing about the FP and FN rates of biometrics or the problems
that arise with people who can't record them, such as getting usable
fingerprints from the elderly or bricklayers. That was because the pilot
studies either hadn't been done or were under secrecy orders. Likewise,
there was no discussion of the problems that arise if a biometric card is
forged or cloned: a chip & pin card can be replaced by one with a new
number and private key, but how do you replace the biometrics - graft on
new fingertips and replace your eyeballs?

 

[Bill McCleary]

It didn't need biometrics any more than a chip & pin credit card does.
That was another good feature of their design.

I don't remember any specific discussion of biometrics, but its been a
while since I read their first paper and alternative design. There was
certainly nothing about the FP and FN rates of biometrics or the problems
that arise with people who can't record them, such as getting usable
fingerprints from the elderly or bricklayers. That was because the pilot
studies either hadn't been done or were under secrecy orders. Likewise,
there was no discussion of the problems that arise if a biometric card is
forged or cloned: a chip & pin card can be replaced by one with a new
number and private key, but how do you replace the biometrics - graft on
new fingertips and replace your eyeballs?

In less than twenty years we'll be able to do that. Also meaning that
biometrics will then be easier to forge.

Really, though, biometrics are a technological cul-de-sac. By 2050 the
bulk of the population won't even have fingerprints or eyeballs.
"Something you know" will remain a universal thing, though, so passwords
and private keys will reign supreme over biometrics by that date.

 

[RedGrittyBrick]

By 2050 the bulk of the population won't even have fingerprints or eyeballs.

I, for one, welcome our zombie overlords.