back to article Home Secretary in ID card gaffe

Security experts have rubbished claims by the Home Secretary that databases for the controversial National ID Cards will be "unhackable" because they are being kept off the public internet. In an interview with BBC Radio 4's Today programme on Thursday, Jacqui Smith said "none of the [ID card] databases will be online, so it …

COMMENTS

This topic is closed for new posts.

Page:

No internet access means wide open

On previous form, no internet access means thousands of civil servants will download the whole blank thing on to their laptops. And then guess what?

Web access, properly secured (like most banks now) is the only way to go. Which will come with a log, of course, so we know who asked what and why.

0
0
Alien

secure cards

While I find the idea of a national database with "off-line" user authentication containing fingerprints, DNA genome info, and criminal records, about airport workers and juveniles a somewhat alien concept, there are a couple of solutions to the common place use I haven't seen mentioned here.

The most important being a PIN code on the card itself, allowing the card being used as a common bank card. With private forces invited in on this, a link between the card and your bank account is probably to likely. That would make the card an replacement for current banking cards, and with all in one place you would of course don't have to carry that many cards around.

(Being totally screwed the day your purse/wallet is stolen is of course not considered, nor the question of this being accepted by international banks, instead of their favorite noble metal coloured ones. )

This two-factor combination would also alleviate the " a card with a fingerprint being authenticated towards the base is only a card authenticating" argument.

If this is a novel thought to the powers that be, we can only hope and assume they don't read the reg.

The authentication scheme would then be dependent upon several factors, ranging from the card being in your possession, your picture being on the card, you having the PIN for the card, your signature being on the card, your finger print, iris scan, and DNA match being there.

Authorization would be a result of the level of authentication, communicated by pigeon (see RFC 1149, or 2249) as communication protocol to avoid buying expensive secure digital lines.

A digital hash of the DNA would even ensure uniqueness, and make it impossible to register several cards.

What can I say, sounds brilliant to me, after a few pints, let me hasten to add that..

The only thing that could mess up this would be someone untrustworthy, like the government being in charge of the database.

They could get around that by outsourcing to India or China of course.

:/B

0
0

@RW

"Are these people serious? Does this Jacqui Smith person even understand the words she reads off the papers handed to her by her spin doctors? I want some of what they're smoking!"

I expect that Jacqui was handing out the cannabis just like in the 80's!

0
0

Get a clue?

they couldn't, not if they were a clue, on planet clue, surrounded by clues of the opposite sex, in the middle of clue mating season, covered in clue pheremones.

0
0
Go

@Why can't the biometric data be kept on the card, encrypted...

"err because I could make my own card with my own fingerprints in it...."

No you could not, because you would not have the key to encrypt it and the reader would therefore not be able to read it ...

0
0
Coat

Unfair

People are posting very unfair comments about dedicated government. It is quite reasonable to assume that they have developed security protocols more advanced than that which we in the general population might be aware of, or could even possibly imagine.

It is likely that they would apply this hyper-advanced security rigorously to such a system, to ensure that no nefarious person(s) would be able to gain access. I couldn't even attempt to comment on exactly how they would do this, as they obviously keep their security systems secure and private; if I knew about them they wouldn't be secure - which is why none of us know about them and everybody is making jokes (wrongly) about the government's ineptitude in such projects.

And I don't understand why people assume that we (the people) will end up paying for the end use of any such system - e.g. having your identity checked in a bank. Banks are there to look after our money, and give us access to that money when we want it, and maybe let us have a little bit more besides. To think that they would want to charge us for rolling out new infrastructure show the general lack of understanding of what banks are about.

Even if its use was extended to such locations as confirming your age in a pub, it would be a simple matter for the government to add another couple of pence of tax on to the price of a drink, with that covering the cost of the end reader and the transactional cost of performing the validation lookup. I am sure that you aware that our taxation on alcohol is the lowest of the developed nations, and nobody would mind paying a little bit more to feel safe and secure in their local hostelry.

To address all of the humour aimed at airport staff. They have a very difficult job to perform under extreme stress all the time. Would you like to be the one that's responsible for making a judgement call as to whether a bottle contains plain drinking water or some volatile explosive mix? Introducing an intrinsically secure identification system would make their jobs so much easier - and if that was to happen then it goes without saying that the whole process of checking in, passing through security, and boarding the plane would be so much smoother for everybody. Like banks, the airports and airlines are there to service us, their paying customers. They reinvest the little profit that they make to ensure that our holidays and business trips start and end as best as they possibly can.

Finally, to address the issue of there being no security as soon as you turn a system on - well I find that whole idea ridiculous. That is essentially implying that our praiseworthy government's vetting procedures for staff in such positions are useless. The CRB check isn't just for cub-scout leaders and teaching assistants, it can be used for extensive background checking on an individual, that covers not just themselves but all living relatives and friends in a simple, cost-effective manner. That they are able to turn this check around in the few days that they do demonstrates just how good the government can be at deploying complex IT systems. And don't judge others by your own standards; just because you might take a million pounds to try and get a copy of a system (which won't be possible because of the new, secret security systems), doesn't mean other people might. In fact, you will find that most civil servants are committed to their jobs, and follow the fine examples set by their paymasters, the very MP's that we keep so overwhelmingly voting in (one simple mistake on an expense claim, that I'm sure we've all accidentally done ourselves, and we attack them for it - it's just not on).

Anyway, hopefully I've written enough to dispel your fears about this new system, I'll just go and get my coat. That's right, the white one with added 'fashion' straps and buckles.

0
0
Coat

re Civil Servants

I would just like to point out, as a lowly Civil Servant, that most of these ideas and most of the data losses have occurred as a result of "initiatives" brought in by so called whizz kids from private industry, you know the ones, the directors that are so bad they can't even be employed under the "old boy network" anymore.

The real Civil Service has constantly pointed out the flaws in their systems but has been constantly misrepresented as idle sickie taking reactionaries rather than honest hard working people who do the best they can in adverse conditions with poor leadership and even poorer equipement. Before blaming the workers, just look at who the bosses have been that created all these cockups in the 1st place.

Posted anonymously for obvious reasons. I'll get me pinstripe jacket,bowler & brolly now

0
0
Alien

Ah

Ah nuts ! , they are dreaming in La La land ! , or is it the thetans again ?

0
0
Boffin

@Why can't the biometric data be kept on the card, encrypted...

..er you've just turned all accepted cryptography wisdom on it's head.

It's the *decryption* key that's kept secret. The *en*cryption key is public. I know it's confusing, but if you listen very carefully to the phrase "public key encryption" you might just get a clue.

0
0
Gates Horns

RE: Unfair

[snip drivel]

> Anyway, hopefully I've written enough to dispel your fears about this new system,

> I'll just go and get my coat. That's right, the white one with added 'fashion' straps

> and buckles.

and now we know who votes these guys in! :D

0
0
Paris Hilton

re Civil Servants

>I would just like to point out, as a lowly Civil Servant, that most of these ideas

>and most of the data losses have occurred as a result of "initiatives" brought in

>by so called whizz kids from private industry, you know the ones, the directors

>that are so bad they can't even be employed under the "old boy network"

>anymore.

Clearly the civil servants fail to understand that the "whizz kids from private industry" are willing to spin anything to get the budgeted cash, and it's the civil servants' responsibility to ensure that the solution they buy actually meets some criteria... Has anyone in the Gov't ever thought of actually hiring someone "in-the-know" to audit all these solutions?.. Has anyone *actually* been held accountable for any of the recent cock-ups???

>The real Civil Service has constantly pointed out the flaws in their systems but >has been constantly misrepresented as idle sickie taking reactionaries rather

>than honest hard working people who do the best they can in adverse

>conditions with poor leadership and even poorer equipement. Before blaming

>the workers, just look at who the bosses have been that created all these

>cockups in the 1st place.

Yes, it's the evil bosses that leave laptops in various places, don't dispose of sensitive data properly or mail CDs with individuals' data around the country without a thought...

0
0
Anonymous Coward

She's a politician

Expecting honesty and technical competence is a tad optimistic.

Part of the problem is that most of them are short of experience outside politics.

I'm less bothered by the confusing misuse of jargon. She's not tech-competent. But somewhere along the information chain somebody is too dumb to realise what has gone missing in the simplified explanation the politician gets.

And so politicians see something too big to really understand, and assume others have worked out the details, while we see a bicycle shed with a cheap padlock on the door and an open window.

0
0
Alert

Sadly

Sadly , once the wankers get dumb ideas welded to their single functional brain cell no amount of logic or any argument will sway the course from just stumbling towards an absolute police state like Joe Stalin's former Soviet Union to recreate the illusion of safety at the high price of all freedom absolutely as is shown in the latest round of stupidity due to be installed and functional for all initially domestic public at Heathrow

link http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2008/03/07/nheathrow107.xml

0
0

Minister = Middle Management

I'm sure we've all sat in meetings with suppliers and cringed with embarassment as the middle manager with oversight over the IT dept makes some howling technical blunder. Also, I expect a fair few of us have watched with horror as our IT ignorant bosses have signed the company up to some clearly unworkable software system because they have swallowed the b*llsh*t of a smooth-talking company rep.

I imagine that this statement about security issues is just a repetition of the assurances provided by the sales rep of the company hoping to provide the ID system. The Minister thinks that the case made by the rep is compelling (she wouldn't be in the job if she thought ID cards were unworkable) and so thinks that she can win the technical argument by repeating them.

Unfortunately, this government has spent many years isolating itelf from technical experts (eg Iraq Dossier) as experts tend to disagree with idealistic professional politicians. The reality of the situation is irrelevent because the government doesn't live in the real world.

0
0
Flame

Suck it down Citizens!

Enjoy your ID-Card ride to hell.

0
0

string and tin can I presume?

If they aren't online via the internet, how do a hundred thousand identity checking terminals from all over the country, schools, banks, hospitals public and private, post offices, town halls, airports, (and the world in our Embassies abroad) interrogate the database for identity checking?

0
0
Anonymous Coward

Politics...

Democracy doesn't work. Apparently Plato worked this out some time ago.

0
0
Go

@Why can't the biometric data be kept on the card, encrypted...

..... It's the *decryption* key that's kept secret. The *en*cryption key is public. I know it's confusing, but if you listen very carefully to the phrase "public key encryption" you might just get a clue....

Bzzzt. wrong again. there is a private key you keep private, and a public key you make public. you can derive the public key from the private one but not vice versa.

you can encrypt with either key. anything encrypted with the private key can be decrypted only with that public key, so anyone can read it but only i could have created the message. anything encrypted with the public key can be decrypted only by the matching private key, so anyone could create the message but only i can read it. the key pairs get used both ways dependant on requirements,

in the case of id cards i would encrypt a copy of a hash of the data with the private key. anyone can decrypt the hash using the public key and check the data matches, but only i could have created the data that the public key decrypted. this is a digital signature.

this is already in use on the 'biometric' passports. the (weak and broken) encryption the passport rfid chip uses isnt its main security, thats just read access. so you can read a passport chip and write an exact duplicate for what its worth, but you cant modify or add any data to the passport because its all been digitally signed, using a private key you dont have. the public keys for each country are what a passport control officer would use to check that the passport data isnt forged. matching the data to whats physically printed and whats standing infront of him is a judgement call at present, one they hope biometrics would make more accurate.

so yes, id cards could be made entirely stand alone, no database required, and fullful most of the claimed purposes, but what they then dont give is the huge database on everyone which is what the government actually wants (but wont admit).

0
0

How is the data distributed ?

If the database is not on the web then presumably the only way interested parties can get at the data is by physically travelling to the databases location (Horray, lots of bad for the environment carbon emissions) or by putting a CD in the post, which means we will soon have partial copies of the data floating about in every single government office in the country, being accessed on insecure internet connected computers.

Or is the government proposing to build out an entirely separate physical network just for the ID database ? How long before someone accidentally connects a computer to both ?

0
0
Flame

learn your history or be doomed to repeat it...

have these fucktards learnt nothing? name a single secure system that has never been hacked? drm? iphone? even the pentagon? and these systems actually had some techs working on them.

the moment it goes live it'll be a race to see who breaks it first. not a question of if, just when.

0
0
MGJ
Go

FUD

Have any of you guys actually read anything about how the ID card is going to work before poking holes in it?

The biometrics are not on the card; they are used to control access to the digital certifcate stored on the card and signed with a key generated from the governments private key and the biometric, ie a replacement for a PIN, but a secure one you can't lose easily or break easily. At this registration stage the question is 'who is this person' so there are lots of checks to see that they are who they say they are, and that they are not already registered.

Use of the card then has a number of opportunites to check the identity of the holder; they are relatively tamper proof and will have a photo on them so that is one level of checking, or they can be scanned/swiped to check that the certificate has not been revoked, and most of all can provide authentication for eletronic transactions at a distance (ie secure over internet, GSI etc). Not much to do with beating terrorism or introducing the nanny state, but how else do you introduce modern convenient governemnt with security a bit better than eBay or Facebook, when the cost (maybe £100 a head) cannot be justified out of a single departments' budget.

At most of the points where they are needed, we already have to go and get our '2 bills and a photo'; the conveneince factor will ensure some take up, particularly for those with regular interactions with the state. What we have to ensure is that they don't get made into things to carry all the time with constant checks, and I suspect the Government has already lost that one by playing the terrorism card.

In our department, electronic transactions are better for us, customers and taxpayers. It would be nice to know they were more secure though.

If you meet Ken Munro for a drink, get him to tell you some of his White Hat testing stories, particularly physical penetration tests (ooer); they are quite funny, and he has good guys working for him.

0
0
Anonymous Coward

re: Why can't the biometric data be kept on the card, encrypted...

Because that would protect the privacy and security of the citizen, when the object of the exercise is to remove them and place them in the hands of the Home Office... to build One Big Reference File on everyone with all significant transactions logged: Total Information Awareness.

It doesn't matter that it can't work as they imagine. It's the bureaucratic Holy Grail of a paranoid governmentalist state. The more impossible it is, the more they want it.

....

@ George - You are Yogesh Raja and I claim the Westminster Gazette prize!

0
0
Black Helicopters

tehnically correct?

i am sure the core databases wont be direcly connected to the web.

check out most EAI designs and you will find the core data sat back offiice side and the data presneted to the front end via some operational data sotres and or a web facing portal

the databases wont be "online" but surely the data would?

otherwise how could any validation against the records take place?

0
0
Alien

Only 30% voted for them last time...

We are encouraging the democracy craze to various parts of the world and yet we have the worst example of democracy. Our beloved dictator wasnt voted in and it only takes 30% of total votes to get into power! So no wonder its all a bit of a disaster.

Note that if you do bump into Jacqui at a kebab place in Peckham, dont give her any grief over this. She'll have a couple of bodyguards next to the sauces and the bulges in their trousers wont be cos they are pleased to be with her.

Alien, cos i reckon they are all from another planet.

0
0

Page:

This topic is closed for new posts.

Forums

Biting the hand that feeds IT © 1998–2018