"Chinese hackers"
Is this like Obama publicly accusing Bradley Manning of being The Leaker based on some foggy claims by recycled WiRed ex-hackers?
"Proof or GTFO"
Francis Maude kicked off his tenure as the UK's lead on Cyberspace Security by recalling the early days of motoring in the UK. On the day that Google unveiled another attempt by Chinese hackers to break into the email accounts of prominent individuals in the US, the Cabinet Secretary suggested that the UK could learn a lot by …
Not really the same thing, there is quite a lot of evidence that these sort of attacks are coming from China.
Check out the Night Dragon report on something similar small quote from http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf :
"Beyond the connection to the hosting services reseller operation, there is other evidence indicating that the attackers were of Chinese origin. Beyond the curious use of the “zw.china” password that unlocks the operation of the zwShell C&C Trojan, McAfee has determined that all of the identified data exfiltration activity occurred from Beijing-based IP addresses and operated inside the victim companies weekdays from 9:00 a.m. to 5:00 p.m. Beijing time, which also suggests that the involved individuals were “company men” working on a regular job, rather than freelance or unprofessional hackers. In addition, the attackers employed hacking tools of Chinese origin and that are prevalent on Chinese underground hacking forums. These included Hookmsgina and WinlogonHack, tools that intercept Windows logon requests and hijack usernames and passwords."
There is nothing conclusive but most people know what is what.
He means "pimp your data and lose it in the USA" - http://news.bbc.co.uk/1/hi/uk_politics/7147715.stm
or even "send your personal details to a random somebody else" - http://www.theregister.co.uk/2007/12/07/dvla_data_error/
and then charge you £60....
It does seems a really stupid analogy - nobody likes the DVLA. If he had found some parallel with, say, the NHS, which people mainly sort-of like I can see why he would use it
This is like trying to advertise hydroelectric power with "the tsunami has taught us the amazing power that water can provide"
Imagine if you did need a "license" to be allowed on the internet, might stop a few more of these fugging twats downloading MacDefender or sending 'I love you" all over the pigging shop and fugging up a the internet experience for the rest of us, who do have half a brain!!
What we need is a big pool and toddlers paddling pool. People with an IQ above their shoe-size are allowed in the big pool, everyone else who thinks computers can do anything aren't allowed out of the paddling pool or it's back to the changing rooms!
Go outside, take your car/bike/whatever down the road and back for a few miles, then come back and tell me that your experiences during the journey has reassured you that requiring a drivers license has kept the brain dead from ever driving a car on public roads.
Bonus points if you can manage to keep from swearing!
Stop sign icon, because so many @*#*% out there can't seem to see one.
If you need a "license" to be on the Internet, shouldn't the scamware makers, such as the MacDefender dudes, have their licenses revoked for a very long time? After all, that's what happens to drunk drivers in real life - their actual driver's licenses gets canned, and they often get jailed. In some of the Nordic countries, they drunk drivers their license for life.
But of course it doesn't work that way, because scammers post their shite from Russia or China or plenty of other jurisdictions out of the UK. They're unlikely to be extradited. That's where the analogy breaks down with real life. Anybody can be a tool on the Internet. There's no control on the network - or even sections of the network - that the British government have over the roads in the UK. So it makes a license worse than useless - limiting the actions of law abiding citizens, but not the criminals that prey on them.
Standard government gnome's response to anything new: it must be regulated and brought under government control. After that, the next stage is to apply restrictions "to stop abuse" and ensure <whatever> remains safe and legal. Stage 3 is to start taxing it, ostensibly to "cover the cost of regulation" and later to limit it's use (though really, just to raise revenues).
As for "assuring the public that we are not creating a Big Brother state." just who does this guy think he's fooling?
"in this respect I am very much indebted to the work of Martha Lane-Fox, founder of one of Britain's pioneering internet businesses, the discount bookings company Lastminute.com."
Is this the same one that was overhyped, took shit-loads of other peoples cash then promptly fell off a cliff? Is this the same Martha Lane-Fox stepping down as CEO as it shares were at rock bottom prices and profits were massivley below expectations?
Yup sounds like someone to use as a beacon of light.
.
The same MLF who envisages a future where everyone should all be subcutaneously chipped, and we have all our personal details stored in and synchronised with 'the cloud'..
I sat in a presentation gob smacked, wondering if she could possibly be serious. But apparently she was. She thought it was 'very exciting'.
If you want a government service, it is not unreasonable that the government knows that you are who you say you are, in much the same way a bank would.
And taking the motoring analogy, the government has set the rules of the road, and has implemented a number of fixed and random control points to ensure compliance, but it certainly doesn't control the traffic or it's content.
The key difference is that with the Internet, you are using a privately operated set of toll roads, rather than a set of publicly owned and maintained roads, your ISP will set the terms and conditions of your access, and charge you. Part of that cost is your on-line identity with them.
Anyway, as the National ID card is dead, there is no-longer a mechanism for a national on-line identity, which would need to be certificate based, good practice says your identity can only be verified by Something you know, against something you have.
To reintroduce such a scheme would cost more than Fluffy Francis has available, it's doubtful he's prepared to pay for it in government, let alone anywhere else, unless it's self funding like the ID card. Oh and big brother on the Internet is also far too expensive for .gov.uk for itself let alone the public.
You mean where the UK Government uses *taxpayers* money to buy a shed load of hardware and establish a cradle-to-grave log of every UK subject and then *charges* companies for access to prove you are who you say you are to meet identity confirmation laws *passed* by the same government?
I think the net would be a safer place if people had a certain skill level before being allowed on. For starters, spambots and viruses would not be so prevalent. But the only way to ensure that is to require people to have a licence to use the Net ... and then we would need some mechanism, presumably enforced by the ISPs, and dependent on them knowing exactly who you are, to implement it.
I'm not wild about the idea myself, but I think it will come ...
Francis Maude MP is the new Minister for Cyber Security.
He cites DVLA, but their web site has an 'issue' that the car tax renewal page refers to an out of date layout for the reminder notice that you get sent in the post, and a source tells me that DVLA has a freeze on updating the web site...
So he'd like to sack, demote and discipline a whole load of Public Sector workers for using their network to distribute porn?
http://news.bbc.co.uk/1/hi/5102306.stm
http://news.bbc.co.uk/1/hi/wales/south_west/6230996.stm
It's one way to cheaply reduce the number of public sector workers and/or cut their salaries, I suppose.
Paris, for blindingly ;) obvious reasons.
"identity assurance" is a straight-up continuation of, well, it's simply a computerisation of the old paper-based bureaucracy, only now with streamlined check-your-every-move baked into it. "For your own anti-terrist think-of-the-children safety, of course. Here, have a receipt."
He's right, or would be if he actually understood it but I see no sign of that, that this is a field that is in dire need of innovation and right-out invention of new concepts as well as new technology. But he'd not advocating that. I see attempts to pave the way to revive ID cards by way of the Bright American Example, NSTIC. So they did find a public figurehead to champion that, at least. We've seen that lead balloon floated before and shouldn't be surprised they'd try again. But it's not what the people need.
Such a pity. Bit of a missed chance there. Don't know what or that they missed it, and that's the problem right there.
Didn't take long for them to find an ear for them to start whispering their mantra into.
"Identifying *everyone* online and tracking their every move is the *only* way to keep them safe"
"you just don't understand how *many* pedophiles, terrorists and pedophile terrorist (the *worst* kind) there are *out* there"
"think of the children"
I'm going with p***ed off but boy does that Fanboi icon look tempting.
that government utterances such as Francis', kind of similar to some words from Sarkozy recently, are constructive in the sense that they encourage us to think sensibly how to really address the priorities;
For instance, some kind of OpenID addition that would allow more guaranteed identification, then individual sharing settings according to requester/intermediary website that have ICO-authorized data use/sharing policies, *could* work, providing the democratic nature of the internet prevents government from taking over.
Add that to a legal 'right to anonymity' = no tracking, no spying, no tracing of IP addresses, in the general case, when ID is not strictly necessary, then that could be the start of a working 'internet 3.0' :-)
A national policy for a global entity! What about all the other nations? There isn't an "English Channel" between the UK an the rest of the Internet; unless he's proposing to make one (a la "Great Firewall of China").
The one upside of the crap economy is that he'll find it hard to get funding for any stupid schemes (famous last words), but watch out for "Phorm II - This Time It's State Sponsored!".
There was a real, pressing need to regulate the highways, because the physical integrity if real people was endangered. People were killed and seriously injured by those using non-foot travel (don't believe anyone that tries to convince you that the roads were safe before cars - horses and other animal-drawn traffic accounted for many deaths and injuries every year). The internet does not pose that level of risk - any damage is in the realm of the immaterial.
Sure, bank accounts are vulnerable, but we don't have a monolithic governmental agency requiring that we have a licence to use a debit card, do we? The principle* of governing the road is a legitimate function of government, but that of governing the internet is not.
* Regular readers will know that I do not think that the current level of governance on the roads is legitimate, but that does not undermine the truth of the fact that road transport can only effectively be governed by legislation.