Security experts have rubbished claims by the Home Secretary that databases for the controversial National ID Cards will be "unhackable" because they are being kept off the public internet. In an interview with BBC Radio 4's Today programme on Thursday, Jacqui Smith said "none of the [ID card] databases will be online, so it won …
Castro is gone but ...
"The Home Secretary's interview with Today can be found here. Smith's interview starts about the 12:00 minute mark and her comment on database security for the National ID Cards project can be found after the 18:20 mark."
New Labour is obviously in serious contention with a 6 hour 20 minute plus interview.
"none of the databases will be online"
Bollocks! It's far too inconvenient to keep them offline. Or does their definition of offline mean 'independent network accessed by computers that also access the public internet'? Or even 'VPN'?
Actually, it's not hackers that scare me. It's the government misusing, mismailing, misentering, misupdating and generally fucking things up.
Why bother hacking in the first place ?
One could simply wait by the post for the CD's to be randomly delivered.
(OK, I'm leaving now ... )
I do not understand...
...how this can really be happening.
Surely somewhere behind the Home Secretary is a collection of techies who are able to brief her on what to and what not to say.
Surely somewhere they have employed someone with half a brain that could create a secure system that wouldn't be as susceptable to well-known issues (like corrupt employees, but don't worry, it's OK, they have an ID card..... *Sigh*).
And surely they can wander into another country, see how theirs is working and base the UK one off of that (although that would require the UK to send technically competent people rather than yet another politician that doesn't know their RJ-11 from their RJ-45 on a public funded jolly).
No? Bugger :(
Find a senior-ish IT person, give them £1m, get database.
That's how secure it is to pharmaceutical or insurance companies and the like.
Just a matter of time
So you setup an Agency to employ people in areas where they will come into contact with Children or Vulnerable Adults and hey presto, the Government kindly gives you direct access to the data so that you can check prospective employees are who they say they are (see comments about the ID card is a receipt). Who cares that it is not on the public internet when you have to give access to most of the world to verify data, is anyone going to keep track of how many requests people make?
So we have this massive database which, presumably, all the customs, passport guys, everyone, needs to have access to. If they don't have access to it, it defeats the point of the whole thing!
If it does have to be shared, how will they get the data - by post?! I thought they had already tried that.
... they really are in la-la land aren't they ?
... and the worrying thing is how sheeple follow them ... there are too many people in the UK that think just because someone is "in power" means they automatically know what they're talking about.
I wonder if it'd be possible to register as Jacqui Smith on the NIDB before she does ... bit of work with some gelatin and a retrieved shiny mug would be a start ....
I expect that the first 5 hours were taken up by James Naughtie's question.
You don't need to hack it!
You just send flowers/a bottle of champagne/iPod/iPhone/LCD HD TV/keys from a new car/a brown envelope to a civil servant who will deliver the data to you on a disc and in a nice gift wrapping. What exactly do you send would depend on the volume of data you need and the price of that particular civil servant in question.
These schmucks in the Downing Street are in denial.
Who advises HM.Gov on data security?
The only explanation for such techno-utopianisms is that someone has managed to distill the essence of Gene Roddenberry into a super-pure form.
I don't seem to remember a certain set of CD's being copied off an internet connected server.
[Darn, now I can't shake the image of Jacqui Smith in a Starfleet uniform]
Someone nail these idiots
As someone commented on a previous article.
What is the point of an ID card scheme that doesn't check the details of the card against a central database via a network?
You simply forge a card and no one can check it back against any real data.
What a waste of my money this really is. This also assumes that the excess of 1 million EU migrants in the UK will never be forced to have one becasue it's illegal to force them.
Seriously what is the point? Non-executive directorships in big firms for the government coming up anyone?
Identity provides no protection against Intent!
It really doesn't matter at all as Identity provides no protection against Intent!
The jumped up library card isn't a prophylactic; it doesn't magically turn the holder into a nice, fluffy person.
A card carrying terrorist can still walk into a crowded airport and blow himself up at the first queue he finds. It's not as if he'll have a criminal record indicating that he regularly blows himself up so nobody will know to stop him.
"Surely somewhere behind the Home Secretary is a collection of techies who are able to brief her on what to and what not to say."
There *may* be a collection of techies *may* be able to brief the Home Secretary, but do you really fancy their chances of being able to instruct a politician in the subtle art of data security?
Even if they succeed, how do you rate the chances of a politician explaining this on to a layman electorate that gets bored of politics if it isn't delivered in easily digestible sound-bites?
Easier to just make up some nonsense about it not being connected to the net.
Paris, coz her party lifestyle is far more news-worthy than a creeping police state.
I think she ment
I think she meant that the database would not be accessible over the internet.
Having a database that no-body can access, well it is the sort of thing this administration would come up with, ultimate security an off-line database.
Never mind it would be useless and still does not address the problem that it could be abused in the future.
Why don't they just scrap the database project and save us all a lot of money.
Reg NIR Security Seminar
I think The Reg should invite the Home Secretary to put forward a panel of techies who believe the thing can be made secure for a public seminar.
The Reg could assemble a panel of IT Security savvy peeps to debate the matter openly and publicly, and we could see how the whole shebang stands up to rigorous cross examination.
I bags the popcorn concession.
Hacked before it gets used
This database will be such a valuable target, and being run by such utter twonks, that it is an easy one to predict it will be cracked before it even gets off the starting blocks.
Remember you read it here first.
My forefathers laid down their lives so that their descendents could avoid being ruled by evil dictators, and here we are just over half a century later giving even more power to an unelected regime who wouldn't be able to order the words "foggiest" and "clue" into a meaningful presentation.
Come the day of the revolution brother, I'm in there with you.
She's been watching Mission Impossible...
... and reckons they should set this up like the NOC file...
So, how's it going to work?
I'm happy (uh, not unhappy) that the Database will be on a private network. That makes sense. It's different to "not online", which to me means "There is a database, but it's not attached to a server." If it's not online, it's offline, therefore it's not working.
But how do we get these "benefits" of a known, good set of ID data?
Students can use it as proof of ID for getting a flat, or opening a bank account. How can anyone check that the card-bearer is the same person as recorded by the card without comparing the biometrics?
Doesn't this mean that Banks will have to have all the fingerprint scanners / DNA Sequencers / Iris scanners required? Why can we trust the banks with our new, one size fits all data, when we can't trust them to shred confidential papers? [see News passim]
And what about Landlords and Estate Agents. Without going in to all the anecdotal "evidence" that All Estate Agents Are Scum, and The Single Biggest Waste Of Time & Money When Trying To Buy A House, I can just about envisage a situation whereby the big chains have ID card readers, but not the individual Landlords who let privately. Are we going to have to have a new set of laws criminalising Renting without ID checks, or is this a completely bogus claim?
And why would one card, which could be stolen, and can't be verified without a secure network connection, be more secure than a Driving Licence / Passport, 2 Utility Bills, or a signed letter from the college?
With regards to workers in Airports, Docks and the like. These guys already have ID. Are the current ID / Security standards that bad that all the current security precautions in our airports and docks can be bypassed by Osama Al-Qleaner simply putting on a blue pinny, and pushing a cart load of noxious chemicals and a toilet brush?
Just Asking, that's all.
Mines the blue one that wiffs vaguely of bleach.
so which is it?
option 1: a fantastic way to guarantee a person's identity from biometric and fingerprint data (in which case an instantaneous link to the database will be required); or...
option 2: a steamy pile of lies piled upon incidious lies to mask the introduction of a massively expensive white elephant full of sensitive personal information that is soooooo secure that the only way to get a copy of it is by 1st class posted CDRom?
...for an added laugh... see http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2008/01/20/nsmith220.xml
"But it was the Home Secretary’s use of statistics to claim the streets were safer while admitting she herself would not go out at night alone which was leapt upon by the opposition, who accused her of being “out of touch.” "
Icon - because she'd look a darned sight nicer than that gnome secretion (sorry, home secretary) in a starfleet uniform.
Security is a human problem.
You can have the best firewall ever devised by man but when the employees are losing CDs in the post it won't do you much good.
Employees can also be bribed, blackmailed, and do stuff out of sheer boredom (looking up famous people, etc.)
Any tech-centric discussion of security is utter stupidity, but you can bet that that's what the contractors are selling them.
A man walks into a bank...
.. to open a bank account, and proffers his ID card. Does he have his fingerprints taken? If not, then it could be any old fake ID smartcard knocked up in his kitchen using a £20 kit off ebay; if so, then is the bank storing his fingerprints for their own nefarious purposes? Does the bank go online and match the scanned prints with those on the central identity register? Does this mean the govt will track every time the card is shown (there appears to be space in the ID register to do so, according to the BBC website)? Does this mean that our fingerprints will need to be scanned a dozen times a day? and will the government sell the data stream to spyware scum to target us with personal services? (sorry, slipped into Phorm rant mode there!) Good job the ID register will be unhackable "just like the Police National Computer" - Jaqui Spliff. Not like this then
Sigh, what's a girl to do...
What really irks me about all this...
...is the contempt politicians, civil servants and their advisors have for the electorates intelligence. Individuals may, in the right circumstances of pressure, come to accept the Government line that ID Cards are both necessary (for what, why....) and can be made to work (secure, maintainable, robust,...) but when exposed to arguments such as are found in the Register and the rest of the real world, swiftly recognise the complete bollocks that is being expensively foisted upon us.
The more "they" persist with this nonsense the more they damage their credibility on the bigger issues. If they can get something as simple as this (to want to implement a National Computerised ID System) so badly wrong it bashes the other bits of some of their (potentially good) other ideas.
It's just politics
I am a bit surprised at the implicit assumption that JS cares (or the general population care) whether she's right or wrong about IT security issues. So few people will know any different about what they read in papers or hear on the radio, and politicians (and IT consultants) rely on a combination of ignorance and apathy. Anything vaguely plausible will do as a soundbite. Ms Smith could claim that the database will be protected by a swarm of anti-hack data-bees, and my mum (for example) would be none the wiser. And even if she didn't believe it, she'd just tut over her Daily Mail.
Get out the tin hats.
Someone must be reading my emails. I suggested this over a year ago to a friend. The Database truly isn't on the public internet, and ID card logging goes one way into the system. This is to fulfil parts of the NISCII criteria.
The holder of the card is never presented with a "This card isn't valid" no matter what he does. Then, as the information streams in, a whole load of data mining takes place offline. With reports such as ...
"Illegal card checked into Park lane hotel 3:45 today."
"Albus Dumbledore died three months ago, but is currently on the london underground, leaving fenchurch street."
"Gordon Blair, NI No: NR88 88 88 A Cannot possibly have been at both the regents park mosque, AND at the Edinburgh Fringe, only ten minutes apart."
She's an idiot
I thought her interview just demonstrated how idiotic the government's plans for id are... particularly the bit about students - as if tuition fees, top up fees, double the interest on loans isn't enough, now they will have to shell out £60 for an id card as well...
I don't get it...
How's it going to work then, if it's not 'online'?
To check someone's ID some sort of comparison needs to be made the reference (ie. the NIR), but if it's not 'online' how's that possible? Or is Ms Smith's definition of 'online' different to everyone else's?
Paris, as she's stupid enough to believe this tripe.
Maybe she should chat to Darling or Brown...
..they've just legalized stealing data, as long as it's sold on
"it won't be possible to hack into them"
I'm looking for the 'red rag to a bull' icon, but can't seem to find one. This was the most red icon available.
reasons why proposed biometric ID cards will fail
I believe that proposed ID cards should not be implemented at any cost for following obvious reasons.
1. These cards will not work where there is no reading equipment. This shows that rather than deterring these cards will only divert fraud to other sectors.
2. Fraudsters will have option to use fake of these cards as IDs where there is no equipment. This shows that these cards will help fraudsters to do more identity fraud.
3. We are encouraging identity fraud by relying on signatures on agreements, cheques, money withdrawal notes, receipts, delivery notes etc. despite of knowing that in the event of crime these signatures would not even expose person's gender. Current signature is like passports without photos and hence it is so difficult to deter and prosecute fraudsters and hence we should personalise signatures with ID stickers as described on website www.xwave.co.uk
4. Government's idea of making non-EU members have these ID cards will fail unless it is written on their foreheads that they have ID cards because otherwise criminals will fool us by claiming that they are not recent foreigners with ID cards.
Proposed ID KEY system can be treated as a reliable universal international ID card because it will personalise signature and PIN number to only the right individuals in any country.
She says it;s unhackable because...
...that's what she's been told to say, by the Cabinet spinmeisters, and by the same consultancy companies that stand to make a fortune out of yet another failing/failed Government IT contract.
She says it's unhackable and it goes unchalllenged at the time because being clueless about technology is OK in UK media and politics, whereas being clueless about Art or even about Accountancy is somehow less acceptable?
When's November 5th? Can we get it right this time please?
A card which isn;t checked against a database is pointless, because it depends solely on security measures in the card and they'll last, ooh, about, three days after roll-out.
So cards only make sense if they are checked, every time. In which case, what's the point of the sodding card in the first place?
Those that are talking about banks using ID cards: It's one of the benefits that the government have, at one time or another, been touting, totally secure (ahem) bank account opening. The trouble is, none of the banks want it, they all have systems that work fine at the moment, you produce a passport and a couple of official bills etc. etc. it's free and just works (tm). The government don't seem to understand that no bank will want to invest in a whole load of infrastructure, multiple ID card readers for each branch, reprogramming of existing sytems and then be charged for each transaction.
And you'd better hope that they stay that way, because who do you think will pay for that infrastructure? Yup, it'd be us. The government take taxes from us for this insane project, then force it on other companies, who have to charge us for the luxury of using the system that we have already paid for and didn't want in the first place.
As the data vaults of a Liechtenstein bank?
"Government's idea of making non-EU members have these ID cards will fail unless it is written on their foreheads that they have ID cards"......
.....Isn't that where they're going with the non-EU first idea anyway?
Is Britain going for the "even thicker than America" award, or something?
AN UNPRINCIPLED SCHEME
AN UNPRINCIPLED SCHEME
The Home Secretary has announced the government's 2008 'Delivery Plan' for the ID scheme, a plan that NO2ID showed - with leaked documents <http://wikileaks.cx/leak/nis-options-analysis-outcome.pdf>[PDF] - in January to be little more than a marketing exercise. Nothing has changed.
On the same day, almost a year late, the Treasury published the review that Gordon Brown commissioned from Sir James Crosby in 2006. No wonder it's been kept under wraps for so long. The government's own advisor lays out ten broad principles for the design of a "consumer-driven universal ID assurance system" scheme - and the Home Office ID scheme breaks them all.
1. Any scheme should be restricted to enabling citizens to assert their identity ... BROKEN
2. Governance should inspire trust. It should be independent of Government ... BROKEN
3. The amount of data stored should be minimised. Full biometric images (other than photographs) should not be kept ... BROKEN
4. Citizens should "own" their entry. It should not be possible, except for national security, for any data to be shared without informed consent ... BROKEN
5. Enrolment should minimise costs and give citizens a hassle-free experience ... BROKEN
6. To respond to consumers and give benefits, it should be capable of being rolled out quickly ... BROKEN
7. Citizens who lose cards or whose identity is compromised should be able to get it fixed quickly and efficiently ... BROKEN
8. The scheme's systems should work with existing, efficient, bank systems to reduce risks ... BROKEN
9. To engage consumers enrolment and cards should be provided free of charge ... BROKEN
10. The market should play a role in creating standards, to ensure ease of use and minimise costs ... BROKEN
And finally - unless we've overlooked something - the Home Office published the results of its latest survey <http://www.ips.gov.uk/identity/downloads/IPS-Omnibus-Report-Wave-3.pdf>[PDF]. The Home Secretary bluffs and blusters that the benefits of ID cards are "undoubted", but her own department's research shows that while three-quarters of people consider the claimed benefits to be "very important", only just over one quarter consider them to be "very believable".
Unprincipled. Unchanged. Unbelievable.
[For an explanation of how each principle has been broken, see NO2ID's press release on the Crosby Review <http://www.no2id.net/news/pressRelease/release.php?name=Crosby_10>.]
@ I Do Not Understand
You are quite right to imply the technical consensus - which is that we cannot protect large scale databases filled with sensitive data to which large numbers are permitted access.
However, as I explained here: http://stottle.blogspot.com/2007/11/datastrophe.html
"Only those with political or commercial interests claim that such protection is possible."
So the question is, where did the "collection of techies" who should have briefed her on that consensus actually come from?
Are these people serious? Does this Jacqui Smith person even understand the words she reads off the papers handed to her by her spin doctors? I want some of what they're smoking!
What we're seeing is due to several pernicious habits the NuLabour crowd have become addicted to. First, a near-absolute refusal to ever admit they're wrong about anything. Second, trying to micromanage technical matters they know nothing about. (The endless interference with schools and the NHS over the most minute details exemplifies this. Folks, leave the technical details to the technicians!) Third, they adhere to that corny saying "optics is everything" and think a good sizzle will do as well as a good steak. Thus the incessant spin doctoring. Fourth, the same problem that, to my mind, affects Microsoft, namely confusing a superficial familiarity with a body of knowledge with true understanding and expertise.
Of course these habits are not isolated. They're deeply intertwined. So much is obvious. In fact, one might summarize all these as a love of meddling based on urban legends.
But there remains an issue I have seen no explanation of: who is it that is pushing so hard for the national ID database? What individual demands it? Maybe I'm naive, but I can't understand how, in the face of repeated, trenchant, reasoned criticism, NuLabour continues to stick to their guns on this. Even given their inability to admit being wrong, something smells funny. I wonder just what powerful person cannot be denied in this matter, what gray eminence lurks within the Labour party.
It's rather like our Canadian laws against porn. They forbid the importation of porn that's completely legal to manufacture, possess, and sell within the country, and are selectively enforced against gay bookstores. One concludes that somewhere in the bowels of government there is a powerful homophobe who dictates policy based on personal prejudice. [This sounds a little like J. Edgar Hoover, but the fact he was a closet case is irrelevant to my argument.]
It would be very interesting if El Reg were to quietly investigate and see if they could identify the prime mover behind this insane scheme. If the results come complete with incriminating emails and memos, so much the better.
Or is it all nothing more than that the IT vendor for the national ID system has already been selected, and he/she/it is a big Labour supporter?
One has to wonder. Nothing would surprise me.
The penguin, because it's lovable and NuLabour isn't.
'Not on-line' means not accessible from the U.K.
Anyone needing a check will need to ring a call-centre in India where all the data will be kept.
This will have the added benefit of ensuring the data is distributed fairly to the highest bidders.
Data is kept on the card, encrypted - is there a problem ?
"You simply forge a card and no one can check it back against any real data"
Why can't the biometric data be kept on the card, encrypted (AES or something as secure) and using a Public-Private key system, the readers can access that data but not modify it.
So it's very hard to modify/forge and you don't need access to an online database.
Am I missing something here (I don't work in Security and I completed my degree a long time ago) ? If that'll work, aside from the fact that it's harder to update or you may need one more often I'm not too worried.... aside from the fact that I think parliament should vote on it.
Labour - you can trust us on ID cards - just like with the EU referendum!
Last night Labour’s Home Secretary Jaqui Smith, having stood for public office on her party’s manifesto promise of giving the British people a referendum on the EU, brazenly filed into the lobbies to deny the British people this very thing! This morning, we learn, she has unveiled the first details of the timetable for introducing the national identity card – thereby laying the foundations of the coming EU federalist police state here in Britain.
First of all, as one would expect, comes the “soft soap” – the non-controversial step of making all foreign nationals provide their biometric details. Then, from next year, we learn that the scheme is to be extended to British people working in high-risk areas such as airports. Then, in 2010, students and young people will be encouraged to provide their details voluntarily – why they should want to do so remains unclear. This thought must also be preying on Labour’s policestate minds as well, for we also learn – that from 2011 – everyone applying for a passport will be added to the national identity register! Clearly there can be no escape from Labour’s Gulag Britain!
Having established Jacqui Smith’s integrity we are somewhat bemused when she is reported as claiming: “Increasingly, we need to be able to prove our identity in a whole range of ways: when we’re travelling, when we’re opening a bank account or accessing government services. We’re all better protected if we can be confident that other people are who they say they are.”
Who’s “better protected” Jacqui – apart from Labour ministers?
Of course Britons can rest assured that absolutely no abuse of this potentially dangerous proposal will occur – indeed, we have the Government’s collective word on that – the very same corrupt government, of course, whose members gave their word that we would have a referendum on the EU!
Who voted for these turkeys?
Cause I bloody well didn't! If YOU did see here for WHO http://www.youtube.com/watch?v=b3mi-bKtDGA and heed the wisdom therein.
Our transatlantic cousins
Let's be under no illusion. Once the database is up and running, it will be available to every jobsworth bureaucrat in the country (look at RIPA: even the fire brigade and local councils can now intercept your calls), any company willing to pay/bribe the govenment to access it (DVLA the most obvious example), all EU police forces and even the FBI:
Given that half the globe and their dog will have access, what difference will a few (more) dodgy criminals make?
Why can't the biometric data be kept on the card, encrypted...
err because I could make my own card with my own fingerprints in it....
Re: I don't get it...
"How's it going to work then, if it's not 'online'?
To check someone's ID some sort of comparison needs to be made the reference (ie. the NIR), but if it's not 'online' how's that possible? Or is Ms Smith's definition of 'online' different to everyone else's?"
I've no idea how the real system will work, but how about ....
The card reader checks your biometrics against the details on the card. The card reader then ask the central system if the hash of the data on the card is correct.
You only need a database of hash values available online.
Wouldn't it just be cheaper to tattoo a unique number on the citizen's wrist ?
Has anyone tried that ?
Oh yes... I forgot, they tried that in the 1930's.
I got bored with all the comments about how stupid the government is. We know they are stupid/corrupt/ignorant.
But one thing I was told many year ago springs to mind. It doesn't QUITE work anymore, due to the advent of mainstream wireless communications, but assuming you rule that out...
* The only way to ensure true security is a 6-inch air gap *
ie. as soon as there is a connection to a network (and a human being could easily be considered a network connection) the machine is no longer secure. End of.
To me this boils down to a completely secure server being burried in concrete, not powered up, and generaly being useless. As soon as you use it it is possible for the thing to be hacked. Anyone who thinks otherwise is wrong.
So to have a useful database like the ID card one, it is impossible to make it 100% secure. Surely someone has told our politician friend this? Most likely they did, but she ignored it and decided to tell the sheeple what they wanted to hear. And the sheeple will bleet "YAY!", and rejoice in their shiney new ID-card database which is impossible to hack, and will stop evil imigrants from taking our jobs or blowing us up, and usher in a whole new age where the roads are paved with gold, it never rains, and we all live in a state of pure bliss....
... Until it gets hacked, or someone blows up one of the new hydrogen powered busses, or stubs their toe. Then everyone will be shocked that the sweet and innocent government lied to us.
- and it gets worse!
As if it weren't bad enough that data security is compromised by all those remote card readers - connected or not to the database - the point of entry for your most personal information is now deregulated. In an interview today with "info4security" http://www.info4security.com/story.asp?storycode=4117775§ioncode=10 , James Hall, chief executive of the Identity and Passport Service let slip this gem,
"As part of the proposed cost-cutting measures, the Home Office will be asking private companies to photograph and fingerprint ID card applicants directly."
“We had previously assumed that we would do that ourselves, but as we’ve been re-thinking about this with the home secretary over the last few months, I think we recognised there’s no need for us to do it ourselves – far better to allow the marketplace to do it,” Hall said.
“That allows you essentially to have competition between different providers, providing services to the public; probably allows you to have far more obedient points of presence out in the high street; and undoubtedly as a consequence will significantly drive down the cost.”
- And HOW much did we pay to commission all those 70-odd registration offices that were given the go-ahead (and finance) months before this sorry project ever came close to Government approval.. or was it..?
I have to go and lie down now. Blood pressure don't you know....