Back in the day...
... we called this ``social engineering''.
A devious mother posed as another parent in an attempt to remove a rival child's name from a school waiting list. The woman created a fraudulent Gmail account to fool school authorities at the "outstanding" Coleridge primary school in Crouch End, London. Using this fake account and quoting the name and correct date of birth …
"Britain needs a Public Key Infrastructure to enable email to be useful for trusted communications."
Sounds a good idea.
"If Estonia can do it, why can't we?"
IIRC Estonia has a population of about 2million with very limited original infrastructure to either make compatible or replace with new stuff.
A more critical question would be weather it *depends* on having an ID card system.Given how much trouble has been gone to *dump* the attempt to install the massively invasive UK ID card system, and its highly intrusive NIR database.
If this is correct, then Estonia shouldn't be a net recipient of EU funds and should be paying back some of the money they have already had. Maybe the UK could have some to improve some of the dire schools from which parents are desperate for their children to avoid.
Agreed. We don't need a government ID card or PKI system. I advocate PGP. Create your PGP key and then hand it in to the school when you register your child.
Social engineering will always be there so whatever used will be bypassed at some point, which negates the point of signed certs anyway. Maybe a degree of checking by everyone would be of use, but I fear that this will detract from seeking the lowest common denominator we prefer to use. (I wonder why I advocate PGP?)
"A more critical question would be weather it..." Did you mean whether, or has the sun affected you. In case anyone is confused about spelling the weather or whether, then simply remember that, like most wh words in English, [who being on of those exceptions] ]we are actually meant to pronounce the h. Its not silent.
"Britain needs a Public Key Infrastructure to enable email to be useful for trusted communications."
No, nobody needs an overarching specific (and broken) technology rolled out to "prevent" people from being stupid. Think about it.
Suppose there is a PKI rolled out with signing key chains right up to the Queen. And rules mandating They Must Be Used. And the inevitable enrolling stations and ID rules and steep fees and whatnot else. Just look at verisign's price list to see what that would run to. Then what?
Then the enterprising social engineering mum would have setup a free email account and emailed just the same, perhaps with a fake signature, followed by an apologetic phone call that the signature would be coming through Real Soon Now and please expedite anyway, please? Most desk jockeys would easily cave in for a bit of whimpering or bullying or what-have-you.
The problem you're trying to solve is one of trust, and seeing the state of PKI, or PGP, or whatever else there is, technology alone can't do it. In fact we don't even know how to express "trust" meaningfully in these applications. Same with various "trusted by" and "certified" logos. It's all mostly snake oil and where it isn't snake oil it's easily circumvented. If not technologically circumvented, then by simple social engineering expedient. Guess what happened in the first place? Oh that's right, social engineering.
Don't believe me? Here's an academic paper that explains how pgp doesn't work:
Once you're read that, consider that PKI is something like an order of magnitude harder to use. Just the documentation for openssl is notorious for absence and incoherency. More reading material:
Once you've read that, do you still think that *PKI* is a good idea? Well, go ahead and enter politics. You'll be a good fit.
Not to say that all crypto or all certification is useless. Certainly not. But the attitude to "just slap a certificate on" isn't doing any good, in fact it's doing exactly the reverse. Much like, oh, blizzard just tried with their RealID, how mcse usually means "minesweeper consultant and solitaire expert", how gov.uk tried with their ID cards and databases, or how Puerto Rico now finds itself forced to replace all birth certificates due to rampant theft and abuse, because you need it for *everything* and *everybody* keeps a copy, often badly secured.
Let's face it, trust is hard. Knowing who to trust, but more importantly who and when not to trust, is hard. We don't even fully understand how it works, so all attempts to codify that into software, with or without crypto, have failed miserably. This proposal would be yet another blind slap-on, making it snake oil, and ultimately doing more harm than good.
It would be much, much better for the desk jockey that received the email to recognize that the email was from a free account and probably from an address they hadn't seen before. Recognizing that, the same person would find the associated phone number *in their files* and ring the impersonated mum back. "You sure you want us to drop your kid off our list? Just checking ma'am."
There, problem solved. And instead of the multimegabillions the government would need to roll out PKI with the help of some outsized big corporation, incurring lots of hassle to distribute the certificates, teaching people how to sign emails, and ultimately coming down to some email client generating warnings in pop-up messages that people will just click trough, all this solution cost was a single phone call.
In my experience you cannot expect a subordinate office person to perform anything more than routine tasks, so each institution must design routines simple enough for the personnel to follow. Crypto routines will easily become more complex than common sense based routines. That would be reason enough to avoid them.
"The problem you're trying to solve is one of trust, and seeing the state of PKI, or PGP, or whatever else there is, technology alone can't do it. In fact we don't even know how to express "trust" meaningfully in these applications."
What? This shows that you don't know anything about PKI.
A central authority is not strictly necessary as proved by the many people who have been holding key exchange parties for years. And if done properly, is very secure.
"Not to say that all crypto or all certification is useless. Certainly not. But the attitude to "just slap a certificate on" isn't doing any good, in fact it's doing exactly the reverse."
On the contrary, had authentication been in use when the parent first contacted the school, then the impostor would have been revealed. This is a perfect example of why cryptographic authentication is a good thing.
"And instead of the multimegabillions the government would need to roll out PKI with the help of some outsized big corporation, incurring lots of hassle to distribute the certificates, teaching people how to sign emails, and ultimately coming down to some email client generating warnings in pop-up messages that people will just click trough, all this solution cost was a single phone call."
True, there is a cost for upgrading stuff, however it need not be government subsidized or controlled, in fact I know of no certificate authority which is. The main benefit the government could provide is an incentive to speed up the glacial pace of adoption. And nobody's talking about forcing people to use it for every email.
Additionally, people's data need not be centrally stored or administered for this system to work. We could, for instance, have generic security smart cards on sale at the convenience store and these would be accepted at various places such as one's bank, the school, library, ecommerce site, etc. Software could be used to manage the certs on these. Ideally these would be integrated into phones, email, www, possibly even the ATM, etc. This would all come together to prove you are the same person as yesterday. These technologies could largely be transparent to the user, they'd only get bothered when a signature fails, which means something's wrong anyways.
Note, a certificate authority is completely optional. This is still useful because it still proves that someone is the same person on the phone as they were at the school, or when they opened an customer account.
One last note, it wouldn't be necessary to use the same signature for each interaction. One could use as many signatures as needed.
Cryptography needs to be embraced to solve today's real problems. The technology is proven and already works, the biggest two hurdles are getting it adopted universally, and doing so in a way which people manage their own signatures rather than their governments.
I'm saying technology alone isn't enough, and then you say "you don't know anything", and "all hail technology". Uhm, you're still presuming technology can do I just asserted it can not, or at least not alone. Please show how technology is a sine qua non for trust and perhaps you'd care to explain how we possibly got by without digital signatures in aeons past? So is (yes, not you) asserting that the quoted studies are "out of date" because, well, nothing much has changed in the meantime not a good counter either. It does show that we haven't figured out how to improve on this sad state of affairs. Just "embracing" the technology because, well, if we all really believe it works then magic happens is similar in not being a compelling argument. That's astroturfing your pet technology.
You're so busy doing that, that you gloss over a bit of a conundrum that lies behind your assertion that "had authentication been in use when the parent first contacted the school, then the impostor would have been revealed", and then you continue to assert that central repositories and chains of trust and all that are optional. Yes, they are, and it's one reason why PKI is not a silver bullet: It is married to a hierarchical notion of where trust originates. But saying that doesn't explain how to establish authentication in the first place. How do you start? It's called "trusting trust" and our technology has no good answer to that, in fact not even a theory that puts the thing in perspective. To many a techie will conveniently gloss over this gaping black hole in our thinking and move on to write some more code... to do what, exactly?
The point, ultimately, is that you need to "trust" the communication as coming from whoever it says it's coming from. Cryptographic signatures could help establish that, but having a phone number on record and calling that for a double-check works pretty well too. However, signatures can be faked --I've repeatedly had to explain habitual email-pgp-signers that if a signature gives a signer but doesn't check out they can not afford to gloss over that fact--, and then what? Does the average clerk know what to do?
And that's the crux: It's ultimately the human that calls the shots. It must be this way, for a gazillion reasons and if you stop and think about it you should be able to think of a couple, seeing how you presume you know better than I do how PKI works. Do you know what "trust" is, and can you explain how to apply this in an office setting without resorting to jargon or even referring to information technology?
"Crypto routines will easily become more complex than common sense based routines. That would be reason enough to avoid them."
Today, people have to go out of their way to support crypto, and as long as that's the case then I agree with you, people won't do it. The benefits of converting individually are rather weak without wide scale adoption (a catch 22). However it doesn't have to be this way. In a parallel universe, everyone uses safe crypto, not because they installed the right software or had the know how, but because security is just built into the systems they already use.
"I've been tried to get invited to a key exchange party for years :("
Haha, if you're serious, try to find a local Linux Users Group, they'll often schedule things like this.
"Haha, if you're serious, try to find a local Linux Users Group, they'll often schedule things like this."
Will they, now? Funny, I've been to Linux user group meetings and key exchange parties, but every key exchange party I've been to wasn't a Linux user group meeting, and every Linux user group meeting I've been to most CERTAINLY wasn't a key exchange party (thank God!).
"the biggest two hurdles are getting it adopted universally, and doing so in a way which people manage their own signatures"
And there you have it, although I agree broadly with your arguments anyone that has had to work with your average user in a support role will tell you that the vast majority of the population are incapable or uninterested in using crypto properly,
"On the contrary, had authentication been in use when the parent first contacted the school, then the impostor would have been revealed. This is a perfect example of why cryptographic authentication is a good thing."
That's utter rubbish. If the woman could create a fake gmail account, and the person at the office didnt care / want to check if it was a legitimate, then how is any amount of PKI or even quantum cryptography going to make the tiniest bit of difference? If the administrator couldnt be bothered to check the validity of an email address, then why would they bother to check the validity of any key?
It's social engineering, pure and simple. forever unavoidable through technology alone...
...unless you're suggesting that *all* communication be compulsively locked down. which will never happen even in north korea.
Kinda like PKI/PGP but instead: we should bar-code everyone's foreheads, then we should implant a chip in the back of everyone's neck, force retina scans for every email, and a camera watching everyone all the time...
of course that will do nothing against simple "social engineering" but that's just the start, then we remove people's frontal lobes (or what ever part of the brain) so that they are incapable of independent thought, implant a GPS on every person, so that the school will get the physical address of the sender, then we fragment society into loads of different groups, call them "classes", or whatever, and then we should arbitrarily decide that one group deserves a place in a particular school, then if there aren't enough places, we just define some criteria like, i don't know blueness of eyes and then it's clear who's more deserving a place in that school. we can then force people into their respective schools as opposed to having waiting lists.
or we can just chill out and not worry too much about these things, and not let the tabloids get us into a frenzy because of one (or a few) crazy people.
AC: "It does show that we haven't figured out how to improve on this sad state of affairs. Just 'embracing' the technology because, well, if we all really believe it works then magic happens is similar in not being a compelling argument."
All the compelling arguments in the world will not necessarily sell crypto to the public, this much we can agree on. Yet this is an entirely different argument than saying that the crypto doesn't work, which I get the impression is also what you're claiming.
AC: "The point, ultimately, is that you need to 'trust' the communication as coming from whoever it says it's coming from"
Two people who meet each other (in a business context, client/contractors, at a bank, even on the street) can cryptographically ensure that future communications between them are secure without a third party certificate authority.
Let's take the bank example. When you open an account you could submit your e-signature, which you generated yourself. Now you can communicate with your bank securely. Note that there is no need to trust a central third party CA since the bank has already identified you to their satisfaction when you opened the account.
"That's utter rubbish. If the woman could create a fake gmail account, and the person at the office didnt care / want to check if it was a legitimate, then how is any amount of PKI or even quantum cryptography going to make the tiniest bit of difference?"
It's utter rubbish today because secure communications is not the norm, and neither the school nor the woman could expect the other to use secure protocols. My point was that cryptography does solve this problem, but only if it is widely used across all mediums of communication.
There is no intrinsic technical problem with the cryptography. The biggest impediment is the social mindset that it can't work, or it doesn't matter; the first is wrong, the later may end up being true.
... could indeed agree to exchange public keys. And if they know what to do with it, more power to them. That's quite different from a national PKI rollout.
I understand that you're saying that the technology works... as technology. I could quibble with that, especially with PKI, but on the face of it, yes, it does seem to, well, do something. Whether it does what it must do and doesn't what it shouldn't is more than I can assess, nevermind joe random luser, which doesn't contribute to establishing the trust needed to use the system. But I digress.
What I was getting at is this: If technology does not manage to be useful to people, especially non-technical people (_Why Johhny can't encrypt_), then that's a very different but equally valid definition of "doesn't work". And there, PKI, PGP, and various other authentication systems clearly "do not work", even though some are being rolled out regardless. You don't even need crypto to create an unusable system, but I've so far seen precious few _usable_ systems that had crypto as a core premise. OTR comes close, maybe.
The social mindsets are part of it, yes. And that's indeed plural, because it's the social mindset of the people who create their fancy convoluted complex crypto-using systems that's creating a needlessly high barrier for the "users", people with a "don't bother me, it should Just Work" mindset. Though I'll grant that some user education will be necessairy, but to do that we first need something that's teachable, and what we have is not.
And that, in turn, points to a glaring deficit in not understanding how "trust" works and how to sensibly map it onto technology so that "users" can "use" it. As long as that's the case, it's much better to just expect people to pick up the phone and dial a number than to get them to try and use a cryptographic signature system, quite regardless of whatever technology sits behind it.
Different side, same coin. Could still be another strip in there. The point is that something like PKI requires (unwilling) user co-operation, the observation is that it's very easy to subvert with the same techniques that made the original attack feasible, and the complaint is that even with willing users you won't get co-operation because they're not able to fit the software that does it. So, it'd be serving technology all over again, instead of technology serving us. For no gain, at great cost. Boy, do our techfanbois have good ideas.
"Whether it does what it must do and doesn't what it shouldn't is more than I can assess, nevermind joe random luser, which doesn't contribute to establishing the trust needed to use the system"
So you're saying that because you don't understand it, you cannot trust it?
I guess I follow the logic. But it's certainly not fair to go on implying that the crypto algorithms are untrustworthy. Person A may be entirely trustworthy, yet person B doesn't trust him. B's non-trust for A, despite being true, is no factual basis for claiming A's non-trustworthiness.
The best I argument I can offer someone to convince them that it's safe is: banks use it to protect their own transactions, and governments use it for protecting their own secret material. These institutions have security experts who do understand crypto working for them. Since they trust the crypto, so can you.
"And that, in turn, points to a glaring deficit in not understanding how 'trust' works and how to sensibly map it onto technology so that 'users' can 'use' it"
We're full circle again, you claim normal people cannot use crypto, and that it's inherently too complex for normal people. Let me counter that by example...
People use HTTPS for online shopping, is it a problem? No it's transparent.
People use crypto security cards in their cable boxes, is it a problem? No it just works.
People can use Skype crypto with no problem, why not their other phones?
Businesses use NT authentication for websites, fileshares, internet access, etc. Does this prevent users from doing their work? No, because it's built in.
What if gmail upgraded it's back end to a more secure SMTP protocol? It wouldn't affect how people use gmail.
I assert that during normal use cases, crypto does not impact the complexity of a service. The only additional complexity would be during setup, in which case people will seek help as they always do to setup the service.
Sure, there can be potential problems with any of these, but in normal use people can use crypto technology absolutely transparently. When there is a problem, they can, and should contact someone who knows something about fixing it.
"it's much better to just expect people to pick up the phone and dial a number than to get them to try and use a cryptographic signature system"
In my scenario (obviously not possible today), the school would be capable of verifying the woman's crypto signature over the phone, regardless of who placed the call. This might even occur automatically without user action so that both parties can verify the other before speaking - signature based caller id.
I stand behind my claims that technology 1) does solve these problems, and 2) is usable by normal people, assuming it's built-in and well integrated into regular use cases.
"I guess I follow the logic. But it's certainly not fair to go on implying that the crypto algorithms are untrustworthy."
I have two issues with that second sentence. First, I claimed that "rolling out PKI" as if it was a silver bullet would be a spectacularly bad idea. Second, it's not about the algorithms themselves, it's how we use them.
You're looking at it from a technological PoV. Don't. Look at it from the user's PoV. Do you know in detail how a lock works? Do you know what locks are safe? Well, most people have little idea about the former but can spot the reverse of the latter, which are unsafe, if it's obvious enough. Back to crypto tech: How would you explain to someone with no crypto background how good this particular algorithm is?
You really have to shake yourself loose from the tech outlook, at least for a little while, and look at the whole forest baffled like a luser. *Then* ask yourself, how can we improve this for our confused fellow?
"We're full circle again, you claim normal people cannot use crypto, and that it's inherently too complex for normal people."
No, I'm claiming we haven't figured out how to make it casually usable, that it's too much the techies domain and works on techie-centric premises, and unless and until we fix that, then yes it stays inherently too complex for non-cryptonerds. And since plenty techies can't seem to shake the techie-centric worldview...
People use HTTPS, but they have to rely on whether their browser bar turns yellow or green, and even if they'd religiously check it (who does?), it can be faked and subverted. Want a techie complaint? Most ssl certificates in use are misconfigured.
That doesn't even begin to touch on the problem that the trust anchors we're using for HTTPS aren't really trustable; the corporations selling the certificates only protect your custmers from the people they're not taking money from. That's an inherent, economically driven, non-techie, structural problem in the infrastructure we built to "make things safe".
Then there's practical problems like getting your CA distributed. The process to add them on any single computer seems designed to baffle mere users the most. Getting your CA submitted to central stores gets you a flood of requirements, all different. That's what makes CAs valuable, and ensures that bandits like verisign continue to make good money. Then there's little things like the fact that you can't readily remove CA certs from the windows CA store, it'll silently add them back in. Who do you trust? Whoever some corporation tells you to trust, that's what.
SMTP can be setup to use SSL to protect the content from eavesdroppers provided nobody stages a Man in the Middle attack, but to prevent MitM attacks you come back to the above CA problems.
So it seems to work, but are you sure? I'm not. And that is the crux with securing anything: Just the mere appearance of function doesn't make it correct or even safe.
Your other examples don't illustrate what you seem to think they do:
Cable crypto isn't there to protect the content, but to protect the revenue. That sets entirely different requirements.
Skype similarly protects the content but doesn't ensure that you're talking to whom you think you're talking to, which is what the problem was with the woman impersonating someone else. Normal phones, at least mobile phones, come with a similar crypto setup that's similarly broken, both in content protection and in clonability of SIM cards.
Authentication and authorisation can be done with crypto but they're different problems than preventing eavesdroppers to listen in.
Banks, well, they use a lot of crypto and crap and even through their legendary secrecy you can still see the signs on the wall that their systems are horribly broken. Nobody dares to blow the lid sky-high on that.
My technological complaint is not that shoving layers of crypto between what we do is impossible, but that it's hard to use properly, as in meaningfully, and actually doing what we expect it does. The tip of the iceberg is that the user interfaces are so bad no mere user know what to do or even gets what certainly not to do, which is what the _Why Johnny can't encrypt_ paper made painfully clear.
I'm also saying that you can't fix that purely through technology. You first have to understand what "trust" is, and if I look at the ideas the PGP people have about it and what the PKI people have about it, I think they're on crack. They're convenient to implement, somewhat, but clearly not engineered to be understandable and useful to end users.
I don't disagree that technology can help, but the current technology is clearly unhelpful. Eventually we can make "trust" technology usable to normal people, but to do that we have to stop thinking solely in terms of technology, and it'd help if we understood "trust" too.
"So it seems to work, but are you sure? I'm not. And that is the crux with securing anything"
I am experienced with the implementation of RSA, AES, DH, PKCS standards, rabin miller tests, etc. I could spell out in excruciating detail how the school could trust the mother, but I doubt you'd believe me anyways, so you'll just have to study the technology to convince yourself.
"but the current technology is clearly unhelpful"
I'd be more inclined to agree with "the current implementations are clearly unhelpful". The technology itself is already very mature. We just need to roll out implementations which are based upon concepts which people are already accustomed to, like my previous example of cryptographically secure caller-id. Even a child could use it without any training whatsoever.
Provisioning secure devices could be as simple as inserting one's security card like on cable boxes. Nothing "Johnny" can't figure out.
"[...] so you'll just have to study the technology to convince yourself."
Not the most compelling salespitch I ever heard. Yes, it's the standard techie answer, and it's also the one I just argued was absolutely the wrong one. In fact I explicitly asked earlier on for a non-techie explanation. I'm not surprised it's not forthcoming, because coming up with a good one is *hard*.
"The technology itself is already very mature."
As in, the cryptographic algorithms and so on. Yes, that part is reasonably well understood. But that's not the only thing you can call technology. To most "users" of cars the motor isn't the only bit of "technology", the entire thing is. It's nitpicking details but it turns out the narrow view (only the motor) isn't sufficient to sell the entire thing (the car).
"We just need to roll out implementations which are based upon concepts which people are already accustomed to, like my previous example of cryptographically secure caller-id. Even a child could use it without any training whatsoever."
Well, yes and no. People not only need the tools to assess trust, they also need to know how to use them. And to provide the right tools and to teach their use, we need to understand how this "trust" thing works so that we can map it meaningfully on our technology, that's underlying algorithms, implementations, but also front-ends, propagation models, and all the folderol that makes up an infrastructure.
There's nothing "just" about that. In fact, "just" is an IT techie's buzzword as sure as "lightweight" (LDAP, anyone?), "framework" (any widget set, for starters), "XML" (the embodiment of data bloat writ twooh), and so on are. "Buzzword" is said to make people feel all abuzz, but what really should happen is that your bullshit detector should start buzzing.
And that, that it's *not* simple, and much more than just the algorithms and their implementations, and that the most important part of the whole argument is that it's not even about the technology but about not even understanding how to use what we have, that the models they're built around are poor fits for what they're proposed to do, and that there's no way in heaven or hell, nevermind on earth, that we're going to convince our fellow "normal" human beings that we just terminally confused, to use these "solutions" nevermind use them safely, that is the core of the argument.
But to understand that, you have to get down from orbit and learn how to look like a perpetually confused luser. Since techies became that to get away from that, they don't like it. But if we're to make technology *useful* to those beyond the in-crowd, we have no choice.
"Provisioning secure devices could be as simple as inserting one's security card like on cable boxes. Nothing "Johnny" can't figure out."
more years than I want to count but well over 20.
I have on various occasions tried to play with encryption and each time got so pissed off with it gave up.
There is a lot of pressure now to encrypt disk drives, files sent by email, laptops amd memory sticks.
Big fail, do you know how many times a user can loose the peiece of paper they have written their passwords and keys on. Shouldn't do it but they do, they share them too, although it is a missconduct offence that can cost them their job.
Our insurance company insists on accessible files for 70+ years, so everything also has to be stored unencrypted as well, if we can get them to, so that they can be accessed in the future when everyone who knows the keys/passwords is dead and buried.
The PKI infra in the Baltics is a result of a BIG cash injection there from Scandinavia in the 90-es. Britain does not happen to have a rich uncle with spare money (or the uncle does not seem to care).
In addition to that Estonia did not have some British institutions which will do anything to prevent anything new that may interfere with a supposedly secure communication which they claim to deliver. To be more specific - Royal mail and to a lesser extent BT.
And thirdly - the PKI in the Baltics is tied up to the national ID. Oops, did I just say a dirty word? Guess I did. Having a working national identity register and working physical IDs is a prereq for a digital ID I am afraid. C'est la vie.
Not THAT serious a set of issues. I mean looking after her kids and wanting them to have the best schooling available is just natural.
Just doesn't have quite the hypersensitive sense of right-and-wrong that you need to not piss anyone off anymore.
Saying that, if it was my kid I'd congratulate them for such a simple, elegant fraud then beat them senseless for risking _my_ kid's future.
I'd then sue the idiot set of school authorities that needed a short email from a free email address to remove kids from a school waiting list. A phone call from their previously noted home phone number would be a bare minimum- and an interview c/w proof of identity is more the level I'd expect. That way the crime to fake it goes waay up (faking a passport or driving license is serious, right?) and makes it that bit less likely that this would happen. Even better, it'd work without any Big Brother-ish surveillance needed- at most a confirmation of the passport number would sort it out.
Fool me once; shame on you
Fool me twice; shame on me
By my maths we're still at "once". It is very easy to be wise AFTER the event. I think mostly schools have focused on "do they really live that close?" and scams to do with renting rooms with close addresses. The "gmail" scam is new. I'm intrigued as to how the mother in question was caught - Google didn't "rat her out" - did they? Or did the authorities pretend to be China?
If their policies are anything like the ones Microsoft and Yahoo didn't want us to read, they will hand over the information in response to a valid court order, which they would be able to get fairly easily. That would give them the IP address, and they would need to do some further searching at the relevant ISP to find out who that belongs to.
This sounds just like the "American way" which has caused so much trouble recently - "I'll do what's best for me and sod everyone else."
Yes, looking after her kid's interests are important, but no more so than the other's kid's interests.
There are reasons fraud and other activities like this are illegal: they are against a civilised society. Lying and cheating should not be the way to get "ahead" - some of us still believe in "fairness". Seems like we're a dying breed...
You are thinking of the other half of America, that is to say the political half who figures people are too stupid to do things for themselves and need guidance on how to do it "right". Mind you there is a small fee for this guidance that consists of pretty much everything one owns. Of course this political half doesn't know they are just as stupid as everyone else if not more so.
Yes, yes, I know there are some who group themselves by either a red elephant shirt or blue donkey jeans and they are thinking I'm talking about the "other guy". Know if full confidence that both groups are right.
"A phone call from their previously noted home phone number would be a bare minimum"
Wrong way round. A phone TO the previously noted home phone number would be a bare minimum.
And even if they didn't know anything about gmail (quite likely if they aren't highly IT literate), they should still have asked for written confirmation which would have included a signature. No need for passports or driving licenses, unless they were shown at the initial application.
"Not THAT serious a set of issues. I mean looking after her kids and wanting them to have the best schooling available is just natural.
Just doesn't have quite the hypersensitive sense of right-and-wrong that you need to not piss anyone off anymore."
Correction: doesn't have any sense of right-and-wrong
This is taking the stupidness over school admissions to a new level. I hope she gets hauled into the Magistrates court and they make an proper example out of her.
Yes, I ment to say the school ought to call the mum (dad, legal guardian) of the kid on the list, and it must not take that number from the email (obviously) -- that's where the "from their files" reference comes in. Well spotted. And yes, not needing all sorts of ID or technology was pretty much the point.
Did this mother do something wrong? Yes. No doubt - illegal too, depending on the law (most western countries have a problem with identity theft, no matter how brain-dead the checks are).
But what's the "real crime" here? It's this "waiting list" for schools that needs to wake up and smell the cordite. Seriously, I mean at FOUR FRICKIN YEARS OLD you need a waiting list to get into a school?
This touches me directly in my own country. My son currently can go to one of two schools - the one across the road, where our daughter goes too. Or another one about 15km away, requiring us to run two cars. Guess what we got told across the road? "Oh we're a bit full. We can't turn you away but.." That's all well and good - school too full, no attention for my kid. But then you ask, "well what about next year - the school 15km away doesn't do secondary levels?"
"Oh, um, whatever".
This is a public school. There are 15 kids my son's age in the district - 15 kids who should be getting first place. Yet the class is brimming over with 35 kids.
Mines the one with a dozen application forms for schools.
For a good school with a waiting list I would think removing just one child ahead in the queue is not sufficient -- that does no good unless your child would then be in line for a place. There might have been more kids so affected but their paren't hadn't called to check on their progress...
We were lucky in that our nearest school just started a nursery, which would, of course, be "independent" from the main school. Yeah - it worked out well that we joined.
To me it looks like a seriously corrupt mess, managed by people who may have educational qualification but who have never been anywhere close to reality.
The moment a private company starts buying up schools one by one you should start paying attention (I saw it happen in North London). Money paid to shareholders equals money not used for education. You can work that out with *any* sort of education..
Yup, chipped and barcoded at birth. Only way to avoid it would be to keep the pregnancy secret, not register the child, and not make any use of Doctors, hospitals, child allowance, tax credits, etc, thus saving the Government even more money.
It would also remove the need to renew passports every ten years - they would last for life :)
And RFID takes ANPR to a whole new level.
Big Brother IS watching (and before those without a sense of humour shoot me, I'm not being serious).
Abolish parental choice; let them send their kids to the school they're told to, or go private.
It worked fine in the past. If there was a problem, it was chronic underinvestment in schools -- and neither mixed-ability education (i.e., secondary-modern for all) nor parental choice have addressed that.
In fact, parental choice ends up making things* worse*, because not everybody is technically able to choose a school for their child. Those who can afford the extra costs of uniforms, transport &c. move their kids out en masse from schools which acquire a bad reputation, leaving only the children of parents who can't afford anything else and those of parents who don't care (by definition, the most likely to be ineducable). The worst-performers drag things down for everyone else and the cycle continues.
Choice is often used as a smokescreen: offer people a choice between shit or shite, then point out it was their own fault when they aren't happy with what they ended up with. Any government with the balls to bring back the tripartite system and "get-what-you're-given" will preside over the biggest improvement in standards since compulsory education.
"A devious mother posed as another parent in an attempt to remove a rival child's name from a school waiting list."
Read: "A chav found a chink in the system and tried to exploit it."
"The woman created a fraudulent Gmail account"
Not fraudulent. Gmail isn't exactly what I'd call trustworthy at the best of times.
"to fool school authorities at the "outstanding" Coleridge primary school in Crouch End, London."
Outstanding! Way to go, "authorities"! I want my kid educated at Coleridge Primary! These people are really on the ball ... Seriously, where do I sign up?
"Using this fake account and quoting the name and correct date of birth of the child, she wrote to education officials at Haringey council and told them to remove the four year-old girl from the list. Which they did."
One wonders what said officials would do if one created a gmail account and asked^Wtold them to transfer funds to an off-shore account ...
"The ruse unravelled when the victim's mother phoned to inquire about the progress of her child's application."
Another symptom of the same problem ... "Are we there yet? How about now?"
"Police have launched an investigation"
That should prove amusing ... Please keep us posted, ElReg :-)
"and the council is to improve admission procedures."
Going back to paper & pencil would be a good start ... at least until they hire someone with even half a clue about modern communications.
"The subject of the identity fraud, a mother of two in her late thirties, told the London Evening Standard: "Everyone is desperate to get their kids into a good school but this is extreme behaviour."
This isn't what I'd consider identity fraud ... and mayhap the mother of two should consider that a school system which doesn't realize that email isn't exactly a secure way to transact business is *probably* not really all that good a school system.
"This person clearly has issues to think doing this is acceptable.""
The perp, on the other hand ... What the hell was she thinking? "I can put one over, get my kid(s) in, and they will get a good education from the morons I just fooled! Yeah, that's it! ::rubs hands::"
Sometimes I just despair ...
| "Using this fake account and quoting the name and correct date of birth of the child, she wrote to
| education officials at Haringey council and told them to remove the four year-old girl from the list.
| Which they did."
| One wonders what said officials would do if one created a gmail account and asked^Wtold them
| to transfer funds to an off-shore account ...
Shall we try it and see if it works?
When my T-Mobile @home (voip) router failed, the customer service rep ordered a warrantee replacement and told me I should receive it in five working days.
Ten days later, when I called to inquire where it was, the rep told me the order had been cancelled "at the customers request."
Yeah, sending a 4 year old to school IS unacceptable. FYI about 10% of everything I know came from my "education" while the other 90% comes from my parents or is self-taught.
Certainly in my early years having educated parents who were prepared to spend time with me was infinitely preferable to the cloth-brained automatons posing as my teachers. At one point they told me that the sun "burns", so I asked them how this is possible given the lack of oxygen in space and was told "durrrr, ask your dad" So I did, and he knew the answer.
Seems to me that my teachers knew shit loads of things that you're not allowed to say, and not very much else. I was held back a year in infant school for being an idiot. Yeah I was 4, I scarcely knew how to locate my dick. To expect me to excel at formal education at that time was nothing short of perverse and an experience that I am thankful for the most part not to have remembered.
that at the least the devious wenches kid has been expelled from the waiting list. If she's willing to commit fraud this early, i for one would want to keep her as far away as possible.
@mego, the situation of waiting lists is screwed up but to some parents this is important, and interfering fraudulently with someone's position on this list shows deep dishonesty.
The really enterprising parent gets close to the "competing" children and frames them for petty crimes, or encourages them to chant "I WANT MORE PORN!" at induction meetings and other offences that'll thin out the field nicely.
For more, see Chris Morris's JAM - prescient stuff.
I'm reading people here poo-pooing the concept of using PKI for these communications under the proviso that (a) it's too hard; and (b) it's akin to an ID card.
I'd like to address them in reverse order please:
(b): No, it's only an ID card if you use it to identify yourself as John Smith (for example). If you generated a PKI for each institution (or each reason for contacting an institution), you would simply identify yourself as "the person who originally started these proceedings" (whether they be opening a bank account or getting your child to a good school). Sounds onerous to have a PKI key for each one, but not really more than having a password for every website you register with. And these days, you can get USB tumb-drives with PKI keyrings (we use them at work to sign digital paperwork).
(a) Because you aren't trying to assert you are "John Smith", you do *not* need to get a central repository to "verify" your PKI signature. Frankly, if all I want to do is make sure that the body talking to me is the same as (for example) the one who opened the bank account in question, I don't care *where* the PKI was issued from - only that it is *the same*. I don't care who you really are, only that you are the same person.
As for me, I admit that creating new PKIs is easy enough - I run a home-brew web and email server and a PKI-generator was installed automatically. I know nothing about setting up the generators, but the mail/web servers want them to authenticate HTTPS communications. Hoopy. The point is, such automatic PKI generators exist and can be set up relatively easily by people who know nothing about the internal of PKIs - I'm a pure "luser" in that area.
So, yes - I personally think that PKIs are a good idea *so long as properly used*. At considering the size of USB PKI thumbkeys, one more item on a physical keyring should be no problem.
If you send your child to a good school but your child is a brat, how will it help? At worst, child ruins school's name, at best, child gets expelled within days.
Yes, you get fucking bragging rights, but bragging will only make people hate you more.
Darwin Award for evil social engineer.
Important stuff like that should be done by letter, preferably delivered in person. End of.
While authenticating data sources is fairly competent (PGP etc), it is no foolproof and it greatly relies upon both parties knowing how to use it *correctly*. I'd be surprised if many people in real-world situations like this have a clue; I don't know anybody who isn't a fellow geek that knows about signing emails. Which is why something like this should be done the old-fashioned way.
Mailing lists have been dealing with this sort of thing since forever. The registered email address gets sent a notification of unsubscription. As said above, a confirmation phonecall does the trick.
No wonder computers are taking over. Most PEOPLE aren't turning-complete these days!
"The issue here is more than is reported"
I agree absolutely.
"But what's the "real crime" here? It's this "waiting list" for schools that needs to wake up and smell the cordite. Seriously, I mean at FOUR FRICKIN YEARS OLD you need a waiting list to get into a school?"
No the real crime here is that we have "good" and "bad" schools to the extent that people have to get on waiting lists, move house and lie/cheat in order to either get the "best" education for their children or avoid sending the offspring to a shite school.
There should be no such thing as bad schools - that is the real issue here.
Firstly this scam didn't work (and never would have). Secondly, the same scam could have been carried out by phone, letter or in person. Ironocally if she had turned up in person claiming to be the other mother, well it still wouldn't have worked but she probably wouldn't have been caught so easily.
Problem here is that most schools use distance as the admission criteria, even for kids within the catchment area. This means that parents can wait till the last minute and move in next door to a school with a good OFSTED report, stealing places from kids who have lived in the catchment area their whole lives.
In other words, the admission criteria create the oversubscription.
Worse still, the children who miss out on their local school can't get places in any other nearby schools (the distance criteria again) so they and up getting placed in a school miles away that is so crap nobody else wants to go there.
Almost any other system would be better. Why not base it on the length of time the child has lived in the catchment area? That would create stability and predictability, and it wouldn't be worth moving close to an oversubscribed school at the last minute. This type of oversubscription would than stop.
"Why not base it on the length of time the child has lived in the catchment area? That would create stability and predictability, and it wouldn't be worth moving close to an oversubscribed school at the last minute. This type of oversubscription would than stop."
I actually thought this is how the system works! The idea is so simple, one wonders why it isn't.
The education system in this country is faulty. I have 3 boys, going through the school-system here. Unless you have some SERIOUS wonga, the choice is between a crap school, and a couple of even worse ones. The best teachers teach in private schools, and get paid well. The few good teachers left in the crowded, underfunded state schools soon become overwhelmed or ground down under the weight of the problem, and the idiocy issuing out of policymakers and Ofsted. In my home country (That's right, I'm FORRIN'), we didn't have private schools. They weren't allowed. All children were worth the same, and therefore it was seen as unacceptable that some children should have a better education than others. So schools that were falling behind, got funding, and had teachers from other schools transfered over, to bring that school back in line. You did not choose schools, you got told where your school was (It was the one nearest to your house). Children walked to school, or took the school-bus.
The winters were colder, and the summers warmer.
Children respected thir elders.
Food tasted better, and football was played by REAL men, not prancing overpaid primadonnas that dive to the floor, writhing in agony, then bounce back up the moment the free-kick is given don't even get me started arrrgghh.
Did I mention TV? That was better too.
And so on.
With DNSSEC derived certification of identity, the value of an electronic address based on domain reputation may well start to change. I have to communicate with students in a very guarded fashion when they use Hotmail email addresses, in comparison with being able to be more open with them when they use the email addresses my university provides. This makes sense because I obviously can't trust the identity of a Hotmail address, but to receive a reply to a university address a student has to have access to the password and account issued by the university to the student.
Big brother centralised control through government PKI doesn't need to be such a great problem using DNSSEC as the PKI, given each domain has a chance to create it's own security policies and people have choice between domains or can register and run their own. With DNSSEC you get the certificate as part of the process of domain registration. Those wanting to trust an ID will have to check the reputation of the ID provider (based on a certification chain), and people wanting to be believed are then likely to drift away from the cheaper and less reputable domain names and will prefer to use domains which identify their users a bit more carefully before creating an address.
So only after long investigation this mob decided something fishy was going on? Sounds like these are the educational behemoths I want educating my kids!
SHE USED A FRICKING GMAIL ACCOUNT FOR IMPORTANT BUSINESS FFS! BIG CLUE RIGHT THERE!
Phone call to mother, "Sorry we can't accept from insecure public services like hotmail and gmail, what do you need? Please down to the school and we will sort this out for you."
I bin anything from gmail and hotmail, usually used by spammers and cretins on the make. Get a real service. FFS, sign up for a domain name for a fiver a year and the authority will usually chuck in 20-50MB of email space and secure POP3 services!
Lou, whilst you might know more about PGP, PKI than AC, and there again, perhaps you don't, (and perhaps your kn*b is bigger than his, but on that point, I don't think any of us really care) one salient point AC was made which I also support is that the the council could have simply telephoned the parent back to verify they made the request to remove the child from the list.
In the UK, this would have been the most efficient solution. We in the UK, when it comes to national IT infrastructure we are backwards and we always will be, when compared to Asian countries in particular.
Our governments are always made up of laywers and accountants who have very little understanding of information technology.
The idea that a national PKI infrastructure could be put in place here for use by national and local governments is completely laughable. The local council employees can barely operate a PC, let alone get their head around the concept of digital signatures and certificates.
Not to mention that the people that would need to use it would be the single parent mothers on benefits, the elderly, the long term unemployed, all of these categories are going to have an extremely hard job understanding digital signing, and it'd probably take them a month of sundays to learn how to spell "Encryption".
Have you ever been into a Job Centre Plus and seen the kind of people that work there? These are the people that will need to get their heads around the concepts and use the technology.
I don't think such PKI technology would be adopted on a national scale for at least 15 years, if ever.
Sub-prime security anyone? - the wider you roll-out PKI the less reliable it will be - it will never be a useful widespread domestic tool. Click through mentality pervades the web - "I want it now" trumps "I want it secure"
Use the same system as for Royal Mail redirects - confirm with a letter to the physical address or the phone number from the original application.
Not true, really. In fact, you'll find the best teachers in the worst schools, typically. Most decent people would rather send their children to a school with incompetent teachers, properly brought-up children and educated parents than to a school with brilliant teachers, criminal yob children and chav parents. When people say "good school" what they mean is "school with a good quality of pupils". People pay for private schools not to get better tuition but to get away from the chav scum.
Incidentally, a good way to dodge the whole admissions procedure is to move into the area in the middle of a school year.
'It would be much, much better for the desk jockey that received the email to recognize that the email was from a free account and probably from an address they hadn't seen before. Recognizing that, the same person would find the associated phone number *in their files* and ring the impersonated mum back. "You sure you want us to drop your kid off our list? Just checking ma'am."'
That's all fine. But what ever gave you the idea that it's cheap to make all desk jockeys this competent with regard to authentication? It's actually about as hard as teaching them about PKI. It's the same problem.
How stupid are the council officials. Didn't they even make any attempt to validate the request? Surely they are bright enough to actually try to verify the identity of an email's sender? Obviously not.
They could have called the child's partents to check the request, but surely it would be standard practice to send out a letter confirming the changes?
And while we're at it, did they breach the data protection act in doing this?
Biting the hand that feeds IT © 1998–2019