Slashdot Mirror
U.S. Considers Microsoft Passport as National ID
An anonymous submitter writes: "Ladies and gents, the endtimes have begun. The Seattle Times is reporting that Mark Forman, associate director of information technology at the White House (or 'America's CIO', as he bills himself) has said the feds are considering the use of Microsoft's Passport technology to ID every citizen and every business seeking access to government services online. This is about as scary as it gets." To be fair, it looks very preliminary. Read the article. So many companies have tried to assist the government in providing services over the Net... but I guess if your lobbyists are good enough, you can be heard at the top.
I'm moving to Canada. Who's with me?
sPh
Now I can't imagine being unable to reenter the country because the Passport servers were down again. Grrrreat.
What's your damage, Heather?
So they're going to trust the information of every single citizen to a corporation that has a known criminal track record? That's intelligent. What next, find a crack dealer to handle international trade?
Yes, I realize the offenses are different... but this is still stupid. It federally mandates giving Microsoft business. Well, not really... if an alternate ID is available, they should accept that.
- Free tabletop fantasy gaming! Grey Lotus
This should not be about using Passport to grant access to public services, it's about having a mechanism to access public services.
I'm a UK citizen, and we live under the shadow of the beast here with the UK government gateway being developed by/with Microsoft, so I have sympathy.
However we will need to access government services online, and we need to do it somehow.
I'm not suggesting we use Passport (christ no!), but we will need to use something!
Gotta agree. If the government has less access to my information, and finds it harder to interact with me becuase I refuse to get a Passport account, then what's the problem? I win both ways.
Welcome to the United State of Microsoft. (Or maybe President Bill prefers the Microsoft States of America).
You'll need to update Microsoft and have them reset your passport everytime you get a haircut..
Josh Woodward
Forman, who is overseeing the government's purchases of $100 billion worth of technology this year and next, was a featured speaker at the Microsoft Government Leaders Conference in Seattle this week.
So, how do we get this guy out of public office? This is sickening. The government pursues them for monopolistic practices, and then we still this this gross conflict of interest arising..
Shouldn't the fact that the US government is still suing Microsoft weigh in, at least a little bit, on the choice of Microsoft for handling the national IDs?
Canada?
New Zealand?
Iceland?
The Netherlands?
Microsoft: Where do you want to go^H^H flee today?
You see? You see? Your stupid minds! Stupid! Stupid!
You know, I've known lots of people who have said, "If so-and-so gets elected, I've moving to another country." Well, so-and-so *did* get elected, and they are still here. But if the government adopts a privately-owned system as a national ID, I *will* be moving elsewhere.
Nothing for 6-digit uids?
So how does this work now?
...
...
... click click ...
Does the passport == hotmail address? or msn email?
Does it become a legal address?
I can just see it now... one passport is assigned to each U.S. citizen, to provide a single email address through microsoft that not only will have possibly one's bills, and tax information, and any normal legal correspondance but also a single point of spam with very poor filtering options.
I'd love to see how they implement it... Hotmail?
"We're sorry your inbox is full (4,231 messages) Please upgrade to MS Premium E-Mail service"
... check check check
"1,242 messages filtered into 'Junk Mail' folder"
... click click
'Oh my, its still all spam!'
... click click click click
...
you get my point....
Is not life a hundred times too short for us to bore ourselves? -Friedrich Wilhelm Nietzsche
So, now I have to change my name to MyName234927545794_2002@hotmail.com :D ?
----- Whats wrong with this picture? http://www.revoh.org:1234/whatswrong
Let's get beyond the FUD here. Passport is being considered as a means to authenticate users of US government services online. Nothing more. This is a far cry from a "national ID," which implies that citizens are required to have it. When was the last time you used US government services online? If the government wants to select Microsoft as a vendor for a particular service, I may think it's a bad business decision, but I don't think I can claim my rights are being violated.
Robotiq.com is heavily tested on animals
Just wait until online voting happens and you can only vote if you register with their online services. And then taxes will only be paid online. Then passports will be requested online. Then you'll have to get your mandated federal ID online. Etc.
Sure, you're not worried now, but you always need to think about the next step.
--- witty signature
sPh
I vote that the government should mandate the use of our Slash IDs as our government mark of the beast!
The president could have the ID: CmndrTaco
Vice president ID: Hemos
Homeless people: Anonymous Coward
Blackout losers: -2 (can't be seen)
Karma Whores: Spackler
This will be great!
I swear to -god- my five year old has better reading comprension than some of you people.
The article mentions that is is for online services three times.
Quotes, with revelant words bolded for those of you who haven't finished 5th grade English yet.
"Microsoft's Passport is being considered as a way to authenticate users of the Web sites, said Mark Forman, associate director of information technology at the White House."
"The White House is instead pursuing an "e-identification" initiative, an effort to develop ways to authenticate people and businesses online who already have government identification numbers such as Social Security, business-registration and employer-identification numbers. "
"At the government-leaders conference, attended by representatives of 75 countries, Microsoft presented a blueprint for its "e-government" strategy that suggests they use Passport to verify the identity of visitors to their Web sites. It also suggested that its bCentral business Web site could be used to process business tax payments and that citizens could use its MSN Web site to handle address changes and voter registration"
---
Yes, its an amazingly laughable idea -- but its not the Big Brother in cahoots with Evil Bill Gates to steal all our privacy that the orignal poster makes it out to be.
http://quiz.ravenblack.net/blood.pl?3357354385
"All mankind is at the mercy of a handful of neurotics". - Norman Douglas
So I can't read the article - the Seattle site seems to be already slashdotted...
But what exactly is going on here? I already see people worrying and having heart palpitations. The story submission says "Microsoft Passport technology" not Microsoft Passport.
In priniciple this just means that Goverment is going to start tracking people as they access goverment online services... kinda like they already do using our Social Security numbers in meat-space - and/or cookies set by goverment servers in cyber-space. (I think it would be foolishly naive to imagine that people aren't already being tracked.)
This is just a logical extension of what is already going on.
Good questions to ask: "Can a user opt out?" "What about users from other countries and locales?" "What is going to be done with the info?".
Who was it who said "Privacy is dead already - all we have anymore is obscurity." (Or something like that.) Obviously this is the direction we've been heading for quite sometime. Now we see clearly - before we saw through a glass darkly...
In illa quae ultra sunt
While Microsoft is not the answer, the open-source community should seriously think of another solution to a national e-ID problem. It's easy to bitch about Microsoft if you don't have a better idea.
The community would be well served to either design and endorse an open-source passport system, or alternatively design another means of identification in our hyper-paranoid electronic universe. Once we have done that, then we can seriously fight to keep our internet passport free!
So microsoft has flogged the hated UK passport/gateway system to the USA, well
The Register has a far better
Write up then I could ever do.
thank God the internet isn't a human right.
Is this the same government that is suing them for being manipulative, controlling and illegially imposing restrictions on their customers? The irony never ends.
Where should we let you go today?
The speed of time is one second per second.
...suggest something truely undesirable and then fall back to what was desired by some in government in the first place but wouldn't have normally been accepted by the public -- a national ID
So, what are they supposed to use, a really big passwd file? OpenLDAP? Novell NDS? A big Oracle database? Why should we even care what the technology is, as long as it works?
But, the idea that you'll need to register in order to read government documents, now THAT is interesting, and somewhat troubling. But I couldn't care less what technology they use.
Unfortunately, all the Microsoft-hating government pawns around here seem to have missed the real point of the article.
How about some balance here guys? This is a preliminary study. Granted, none of us real people (i.e. citizens) want the gov't in bed with MS, want MS to be in control of gov't data, or want the gov't to have any more info on us than absolutely necessary, but this is just an avenue they are exploring.... and why is this putz "America's CIO" anyway? How did this happen??? About the same time Gore 'invented' the internet??? Speak out on this NOW and maybe it will die a quick death....
...we are from the government - we are here to help...
It then became clear to me, that come the apocalypse, the mark of the beast would be Alice 32367@hotmail.com and Bob8217@msn.com.
Wax-Museum Fire Results In Hundreds Of New Danny DeVito Statues
If you're going to write, you should write Mr. Forman and his boss, in addition to your Congresscritters. Be sure to mention that by requiring Passport, the government is effectively forcing its citizens to use Microsoft's technology in order to access the public information. What happens if MS decides to start charging for Passport use? Will citizens then have to pay Microsoft to access public information? This is especially disturbing considering that the government is currently in ligitation against MS. I think part of the problem is that some government departments think it doesn't matter if some OTHER government department is in ligitation with MS. Make sure the people you write understand that you don't make that distinction. Try to equate MS with Enron, by asking if they would be so quick to adopt any of Enron products. After all, both companies used donations to affect policy, both companies have broken the law, and both companies are under investigation by the DOJ.
And the men who hold high places must be the ones who start
To mold a new reality... closer to the heart
Article
After the Sept. 11 attacks, some politicians and business leaders have called for a national identification card, but Forman said that's not in the works. "We don't have any plans for a national ID card," he said.
translate:
If we would have used MS software the world would have been a safe place
I should have put some witty comment here but this whole story is just too stupid. Aren't I glad I'm not an american. (although, according to Passport I am, and 108 years old. Living in Beverly Hills. Brilliant)
If an experiment works, something has gone wrong.
"Only exception is filing income taxes "
Oh, BTW, Microsoft recently imposed changes to the Passport user agreement. They now own your tax return and all the information contained in it.
I be a believer when Bill Gates declares himself ruler of the United States of the World and starts a campaign to embed flash-chip#666 in everyone's hand with their MS Passport information
heh =)
A year spent in artificial intelligence is enough to make one believe in God.
The problem is that our government system was based on the idea of an educated people. You can't have a government by the people if all the people are just plain stupid.
These days you don't even have to be able to read or have an I.Q. above that of a coffee table to vote.
So basically, there is no hope.
Even when you try to have a simple reading test implemented in order to grant a license to vote it gets shot down by the Supreme Court (aww, the poor people can't vote because they can't read).
In my opinion, the only way to change the system is to force people to pass three simple one-page tests in order to get a voter registration card. First would be a simple history test. Second would be a simple math test. Third would be a simple test on the U.S. Constitution (perhaps just make 'em read the darn thing!!!).
Only after an educated voter base is established can these truly idiotic laws not get through.
--- witty signature
Because it would be a government publication and government publications cannot be copyrighted. Isn't that the case? Perhaps it you wouldn't call that open souce. But wouldn't it have to be openly documented and copyright free?
You know, I'm getting really tired of EVERY FREAKING WEBSITE UNDER THE SUN wanting my personal information. Not just government web sites, but just about everything else nowadays.
- Want news? Tell us who you are so we can send you spam.
- Want to try a free demo? Tell us who you are so we can send you spam.
- Want to buy our product? It only costs $XXX.XX but you have to give us your personal information if you want it to be activated.
Blah, blah, blah. How about a web site that links to other web sites in various categories that DO NOT demand personal information (including email)? And a "hall of shame" of sites and products (or vendors) to avoid.
- The IRS can force me to get a MS Passport only when they outlaw PAPER.
Cheers,
Wind
(Not bad for a company under investigation!).
Somebody hack Passport, quick! Before this madness becomes reality and before "ID theft" takes on a whole new kind of meaning.
Even then, there is a sardonic part of me that relishes in possibility #3 above... =)
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
Those were the reporter's words. I find it very unlikely that they would require a login to get information on, say, national parks or AmeriCorps. Simple business sense would require otherwise (since they use the website to promote their services and reduce phone calls).
sulli
RTFJ.
Nationalistic US crackers today announced that they had done the impossible - by revoking the PassPort account of Osama bin Laden, recently issued by the INS. An unnamed inside source was quoted as saying, "I didn't know there was ANY way to revoke a passport account. I wish I could use this technique to get rid of the extra accounts I get with every Microsoft purchase. But maybe not, after all my extra votes help on election day."
The living have better things to do than to continue hating the dead.
Washington, D.C. (AP).- In a surprising turn of events, Americans have elected Bill Gates as President of the United States.
After a recount of all votes, Gates received 89 percent of all votes, leaving oponents Arnold Schwarzenegger and Tom Hanks with 3 and 2 percent each.
"It's hardly a surprise", said Steve Ballmer, campaign manager for Gates, "Bill has showed great leadership skills and built the greatest company in American history".
Ballmer then made a turnaround in his position about the infamous "Mother's Day documents", and admitted "there might be some truth to them".
The documents were published by the Electronic Frontier Foundation, an underground group that has been described as the political arm of hackers and ciberterrorists, and wer purported to have been obtained from Microsoft's internal servers. Gates and Ballmer denounced them as a fabrication.
"I guess we can tell you the truth now", said Ballmer, after Gates' voctory was official, "there might be something there".
The documents include a series of emails in which Gates, Ballmer and Microsoft's VP of legal affairs, John Ashcroft, discuss several courses of action in they won the election. Among them were: Change the countrys name to Microsoft States of América, change Gates's title from President to Chief Architect of Everything, and outlaw the use of any software not certified as "secure" by Microsoft Corp.
Critics have pointed to the posibility of electoral fraud, but the governmente has refuted the posibility.
"It's ridiculous. Preposterous", said a spokesman from the Electronics Elections Office. "We used Windows CE doubleplussecure 2018 for the polls machines, and Microsoft XXP Security-Above-All Server for the counting. These are the most secure systems in the world, and they're incapable of errors".
After being questioned on the possibility of a bug in the system, the spokesman refused to answer, pointing out that the recently passed Corporations Antidefamation Act expresely prohibits the discussion of any possible flaws in software products, lest they be used for ciberterrorism purposes.
... to see Bruce Schneier's take on this.
I've never seen his face turn puple, but this'll do it for sure.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Geeks organise revolution!
Geeks get head held down toilet bowl and flushed by non-geeks!
"Information wants to be paid"
And you can (online) in my state and locality:
* pay local traffic tickets,
* renew driver's licenses,
* renew vehicle registrations,
* pay property taxes,
etc.
Once a federal online ID becomes pervasive, it'll be used for every state and local online transaction also, just like SSN's filtered down to the state and local levels. And personally, I don't want M$ having all that info.
"We're sorry, but the website you're trying to reach has been disconnected."
At least it won't with Microsoft's technology. I can't say that I like the idea. Perennially it could have some benefits, but the possibility of having your ID stolen, having the database stolen, etc and the privacy concerns will kill it. Also, if they did this with $M technology, I wouldn't allow my ID to be placed in it, and I wouldn't use it. The government isn't stupid enough to do this. Yes, the government is stupid, but not this stupid. To many politicians would get roasted, so it will not happen.
I take no responsibility for what I say. Even though I'm never wrong
Thank you for taking your valuable time away from being wined, dined and brainwashed by lobbyists to read this letter. I strongly oppose the U.S. Federal Government setting precedent in support of a known and guilty monopolist. Please insist upon an Open Standard, arrived at by a broad spectrum of those with strong experience in the areas of Preservation of Individual Privacy and Integrity & Security of Data. Do not allow this perceived opportunity to lock the people of the United States of America into a closed standard which has proven non-secure in the past and the goals of the provider so transparent.
Regards, {Insert Your Name Here}
A feeling of having made the same mistake before: Deja Foobar
Only after an educated voter base is established can these truly idiotic laws not get through.
What on EARTH makes you think you live in a direct democracy like that?
You don't.
You live in a democratic republic.
Want to know what that means?
You vote for the people WHO YOU WANT TO MAKE DECISIONS FOR YOU. Then *THEY* make decisions FOR YOU.
At this point, other than prodding them and saying "Hey Over Here!", the voting public have ZERO control over the system, until the next election.
Simon
Coming soon - pyrogyra
Things have got to come to a head. Eventually the government is going to start passing laws that make people finally stand up and just say no.
I'm the big fish in the big pond bitch.
, and whether or not the idea is good to begin with aside, but this is something that the Government should make on their own. If this ever happens, they need to hire programmers and have their own development group for this. This type of information should never be outsourced, especially to a controlling interest in our government's financials. Heck, I would feel uncomfortable if Linus was asked to take part in it (-:
The Microsoft Government Portal explained
World Domination in progress
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
But only because the very discussion of the idea causes Ellison and McNealy to fall to the ground writhing with convulsions. :)
Sometimes it's best to just let stupid people be stupid.
Not necessarily, because the government didn't pay for its development and the deliverable would be the service, not the software.
It could be analogous to Office, which the government is a customer for. The government does not get the Office source code.
Nobody's saying that they want to do e-voting based on Passport, yet, but the services offered/required to use the service will inevitably grow.
And never underestimate the damage that even small changes can do. Change someone's address right before an election and there's a good chance you've disenfranchised them (think Florida). Or another change and you have full participation from the precincts located in the Shady Acres Memorial Park. Use the handy "write your Representative" feature and you can create another bogus grass-root support for protecting Microsoft's right to innovate.
If there's a need for such user authentication, and I think it's worth considering, then it should be handled by exactly one of two organizations. Either the US Postal Service, or the individual states existing voter registration service. Probably the USPS because resident aliens can still use government services even if they can't vote.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
What, you mean this isn't an All Fools' Day joke?
:)
Glad not to be an American at the moment
deus does not exist but if he does
I guess it will be since that's the only browser I can consistantly make work with Passport.
Just wait until online voting happens and you can only vote if you register with their online services
A troll posting with a +1?. Let's see what's wrong with your theory:
1) To force online voting every citizen would have to have a computer and an internet connection. Either that or every district would have to have terminals available for voters.
2) An absolute secure system would need to be built. An online voting system would be priority one for most hackers.
3) A system for insuring that people are who they say they are would be needed. Bioinformatics would have to be involved. Otherwise what is to stop somebody from selling their votes?
This is a topic that has been discussed over and over since the last Presidential election. Most of the same problems arise with forcing online tax payments. It will be a very long time before you see paper tax forms disappear.
sPh
Maybe it's a good idea. In creating this single gov't-wide authentication system the gov't would in effect be creating a new monopoly. So, you want to get a company that has a lot of experience with monopolies, right? Nothing like the voice of experience.
</evil>
"I don't know half of you half as well as I should like, and I like less than half of you half as well as you deserve."
"Draco dormiens nunquam titillandus."
Gee, that sounds like the perfect way to punish someone who abuses their Monopoly power - give them a big contract!
... "Give me a woman who loves beer and I will conquer the w
I want to be able to log on to a website without having to register over and over again. As a consumer I'd have loved it. On the other hand, I don't see why would corporations use Passport. Oh well it was a nice idea. Of course I don't see why the government should use it.
I'd like to be able to use my MS passport on websites like Slashdot, arstechnica, planetunreal, porn sites, etc. but for government websites, it's another story.
But getting the United States to use Passport to authenticate its 285 million citizens online would be a coup for the Redmond software company. It would also be a large step toward fulfilling Microsoft Chairman Bill Gates' stated goal of getting everyone on the Internet to use Passport as their sign-on tool.
Nothing for 6-digit uids?
Well this gives a whole new meaning to Microsoft tax.
Although it would give very good arguements towards patent free royalty free standards.
Gives a whole new potential meaning to the phrase, "Microsoft Tax", doesn't it?
Fascism starts when the efficiency of the government becomes more important than the rights of the people.
People thought the DMCA would never happen...
A lot of things that "couldn't possibly happen" have.
Just because it CAN be done, doesn't mean it should!
if the feds do use this system, I am sure MS will not have access to the information. it will most likly be used in the way tha large corperations would use it. the information will be on servers owned by the feds, and controled by the feds. I just hope that the Passport servers reside behind 2 or 3 openBSD firewalls.
I am the Alpha and the Omega-3
I just bought some MSFT shares with last year's IRA money. Pretty good stock. Almost $8 a share in cash and good growth prospects ahead.
Of course, the big minus will be if the government goes with Microsoft software. Does the government really want this buggy nightmare of constant security problems? Hope not.
On the bright side, technology like this could prove very useful for expanding civic participation (that is, more direct democracy) in the forming of public policy. A while back, there was a failed effort in California (site no longer exists, sorry) to provide for online signature of citizen-sponsored ballot initiative petitions. Passport-like technology would aid immensely in people participating in the initiative process. Further, this technology could prove useful in the creation of committees of concerned citizens to develop public policy together using the Internet as a catalyst (of course, with offline meetings always being an option).
As much power as Passport-like technology gives to the "big, bad government," it also can give ordinary citizens a lot more power as well.
Steve Magruder, Metro Foodist
This is coming from a person who A) Generally recommends Microsoft solutions (objectively, not religously) and B) believes that Passport.NET will eventually be secure once it matures, I think that this is a Very Bad Thing(tm). I normally debunk MS FUD and Conspiracy Theories, but I just have to ask, "who got what favors for this ludicrous idea?"
There is no longer anything that can be done with computers that is nontrivial and clearly legal. -- Paul Phillips
OK, let's assume that we do want access to government services online. Taxation, benefits, voting even. I want that. That's going to require fairly robust identity validation. Note: fairly. Right now, it's absolutely trivial to scam the benefits system, or to steal someone else's vote if you really care enough to do it. An online solution only needs to be as good as the ones we've already got, which (let's face it) aren't that great.
Further, while I'm as cynical as the next guy (if the next guy is a bitter, twisted conspiracy freak), I really doubt if any company is going to be able to buy this contract without providing a genuine solution, and most importantly, a credible promise of long term support. Not the best solution, or the cheapest solution, but a reliable solution.
So, who does that leave? Oracle, most likely. Microsoft are actually the wild card outsiders. IBM, maybe. Sun at a stretch.
Can you think of anyone else? Note that we're not talking about a development house, we're talking about a solution provider with a track record (even if it's a criminal track record) and thousands of techies available to patch and nurse the system for years ahead.
If we want the online services (and I do), we're going to have to accept that it will be a big Dark Side company that's running them.
So I suggest that in this case you don't go off at half cock writing to your elected representatives (I use both words loosely) demanding that Microsoft not be given this contract. At least not unless you can suggest a credible alternative. Perhaps the most productive thing you can do is to try and sell her on championing legislation to ensure transparency and openness in the running of the system, and most importantly, ensure that it's universally accessible, that the information is actually held in confidence, and that it's not mandatory.
I'm tempted to suggest that it follow the pattern of recent bill and be called the "Enduring Patriotic Freedom of Just Federal Freenessness Bill", that would be reverting to cynical type. So I won't. ;-)
If you were blocking sigs, you wouldn't have to read this.
1) To force online voting every citizen would have to have a computer and an internet connection. Either that or every district would have to have terminals available for voters.
Every district already has terminals availible for voters. How do you think you vote currently? All this would do is change the lever (hole puncher, pencil, chad maker etc etc etc) into a computer. Not much different than the current voting system.
2) An absolute secure system would need to be built. An online voting system would be priority one for most hackers.
I'm sure any system that we would trust secret government communiqués to, we can trust our vote.
3) A system for insuring that people are who they say they are would be needed. Bioinformatics would have to be involved. Otherwise what is to stop somebody from selling their votes?
Don't you see, that's what the passport would do!
Anyways, the real flaw with instituting a nationwide online voting system is that it's unconstitutional. The rules and regulations, the where, the when, the how of voting for the president is determined by each state. Theoreticaly speaking, a state could have one voting area in the middle of a land fill and the forms could be on paper, marked with crayon. The only reason it isn't like this is because that makes no sense to the state. States want their say in the government, so the more power they have voting wise, the more say they have. Hence they try to make it easier to vote.
T Money
World Domination with a plastic spoon since 1984
This spam is your spam,
This spam is my spam,
From New York harbor,
To Taiwan's island.
From per seat licensing,
to software pushes,
Blue screens of death for you and me.
- His Billdom
If I recall correctly, laws cannect be passed to benefit only one person or company. (although there are ways around this by clever wording)
"It is a greater offense to steal men's labor, than their clothes"
You just add one level of indirection. Now they don't vote stupid decisions, but people, who promote stupid ideas, so that they get voted.
Well, actually, I don't think that way, I just exaggerated a bit to make a point.
"Between strong and weak, between rich and poor [...], it is freedom which oppresses and the law which sets free"
Goodbye America, It's been nice knowing you.
I cannot help drawing parrallels between this and the National Socialists, in German using IBM equipment used to manage the census, in the runup to the final solution during WW2.
The direction the US is moving is starting to get really scary from the outside.
Well, IANAL, but I play one on TV, so I decided to chase down some links, and it seems . . . ambiguous.
According to Title 17 Chapter 1, section 105,
Copyright protection under this title is not available for any work of the United States Government, but the United States Government is not precluded from receiving and holding copyrights transferred to it by assignment, bequest, or otherwise.
But then it links to some footnotes that seem to suggest that while the US Government can own copyrights, the copyrighted material must be freely distributed to the public. So, that would still be something like open source.
I appreciate the notion that simply because a work is derivative --in this case of federal information, people's identities-- that quality of being derivative doesn't mean the work cannot still qualify for copyright protection itself. An analogy could be made to a song made up of samples. However as the samples are goverment information, I think the Freedom of Information Act would make it very difficult to keep the project as closed source.
Just when you think GW can't do anything more stupid...*sigh*. Anyone in favour of founding an independent state for geeks?
"None are more hopelessly enslaved than those who falsely believe they are free." -- Goethe
the Republicans & the Democrats....
Jaysyn
There is a war going on for your mind.
Why would this not be a good thing? With all MS bashing aside. The gov't could tell MS that "yes we will use your passport if:"
1. It is open source to meet security standards.
2. The tecnology can be used from any platform.
3. Security is first priority.
Setting a standard could be good for all of us. I would not mind having a set user identification system, user privacy issues aside, for ecommerce reasons.
Forget "privacy" as an argument against this nonsense -- we already know that won't cut it in the current political climate.
A better way would be to invoke the Americans With Disabilities act, specifically the clauses regarding equal access and accessability. And then get the ACLU or some other such civil liberties or disabled-rights outfits involved.
I think a good case could be made (that would hold up in court even against the current trends) that using Passport is prejudicial against underprivileged minorites (who can't afford the latest in computer gadgetry to go online with) and more politically cloutful, is prejudicial against people with disabilities whose screen readers or whatever can't access Passport-encrusted sites.
You can get damnear ANYTHING passed, or prohibited, if you get disabled-rights groups involved on your side. They have money and lobbying clout, and no one in public office wants to be perceived as being mean to poverty-stricken disabled children.
~REZ~ #43301. Who'd fake being me anyway?
So that means that I'm now going to have to have swineakin@hotmail.com tatooed across my forhead? Why oh why didn't I pick a cooler name like 7337 hax0r?
(B) + (D) + (B) + (D) = (K) + (&)
The IRS released today an outline of its plans to have all income tax audits performed by Arthur Andersen.
That doesn't count as a conviction? Why not?
--Charlie
Did I -say- it was okay?
No.
Again, reading comprehsion please.
But when the first 15 comments I see talk about the National ID that the ARTICLE says isn't happening...
http://quiz.ravenblack.net/blood.pl?3357354385
Comment removed based on user account deletion
The "national ID" talk is irresponsible - given that we just passed the 50% point on who has net access in the US. It's just as useless as using Driver Licenses. Please
.
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
First off - Godwin's Law. You lose.
Secondly - Learn to read. I said it was -stupid-. I said it was a bad idea. I just ALSO happened to say that people were NOT reading the article properly.
http://quiz.ravenblack.net/blood.pl?3357354385
Comment removed based on user account deletion
How about thinking -realisitcally-
Riiiiiiight, and they're gonna -really- make my, say, 75 year old Granny use the internet.
Uh-huh. Sure.
50% of the damn country isn't even ONLINE. Slashdot and the internet isn't the entire world, much less all of America.
Most of the low-income families aren't online. A lot of high-income families get ACCOUNTANTS to do their taxes.
It won't happen - any more than any of those services by phone is required - and we've had file by phone for years. And pay by phone. And countless OTHER services. Because NOT EVERYONE HAS A PHONE, and not everyone has an ISP.
---
http://quiz.ravenblack.net/blood.pl?3357354385
Does my Passport ID number start with "666", and do I have to tattoo it on my forehead and hand?
Your Servant, B. Baggins
Oh, believe me, I'm well aware.
But something has to keep me awake during long streches of nothing to do at work.
http://quiz.ravenblack.net/blood.pl?3357354385
So, the ultimate PHB is visited by the MS sales team. "You too can have all these colorful, clickable icons that will make you think you are so high-tech..."
government's purchases of $100 billion worth of technology this year and next
lol Sure that'll be enough?
But getting the United States to use Passport to authenticate its 285 million citizens online would be a coup for the Redmond software company.
Gee, you think?
It would also be a large step toward fulfilling Microsoft Chairman Bill Gates' stated goal of getting everyone on the Internet to use Passport as their sign-on tool.
So that's his stated goal? Interesting. And I suppose we're all just expected to fall into line because Bill has a goal. BZZZT. Thanks for playing! We have some lovely parting gifts..
It now acknowledges that Passport will co-exist with other tools.
Not if 285M people are required to have it.
Microsoft says it has 200 million people registered to use Passport, most of whom signed up because Microsoft told them it was needed to use other Microsoft services, such as its free Hotmail e-mail service or Windows XP operating system.
"I'll take Monopolies for $200, Alex"
"The answer is..."
Once you start vouching for identity, that makes you liable for fraud, that makes you liable for identity theft
Oh, I'm sure they'll find a way around that.
This is absolutely wrong. The Government should not involve a private company in this kind of role, ever. This is no different than the commercially-operated intersection cameras where a private company has a financial interest in the number of tickets issued.
And with ol' Billy standing between the citizenry and the ballot box? Come on... they can't possibly be serious.
Do you oppose a national ID (which really isn't what this is)?
Do you oppose the govenment making private information, such as tax info available to people through the internet?
Do you oppose the use of a outside (non-government) authentication system?
Do you oppose an authentication system which doesn't have a proven track record of good security and prompt effective responses to security issues?
Do you oppose Microsoft being the provider of the system.
Or all of the above?
Try not to be overly vague in what you write to your Congressmen. They often have little grasp of technical issues, and likley get vague complaints about just about everything the government does. You don't want to confuse them with too much detail, but you need to tell them what you don't like, and why. Alternate solutions might even be helpful.
The real problem isn't that Microsoft is the one that is being discussed that bothers me. If it works, great. What bothers me, however, and I believe this goes for many people out there, is the fact that Passport, which Hotmail uses, is so often hacked, and easily broken into. So far, whenever I hear about a new security loophole in Hotmail, it usually took someone under an hour of looking (usually not very hard either) to locate and exploit.
If the public at large, can create a new way, either from scratch, or based off of another existing technology, Passport for example, or else the Liberty Alliance's idea, (Sun, AOL, etc....) then we've got one. Whatever it is, it should be in the public domain, or owned by the government, NOT licensed from any company. If I remember correctly, the Liberty Alliance's technology will be open to anyone, at use without any cost, besides signing up with the system. To use Passport, you have to be a Microsoft Affiliate, and/or pay royalties to use it.
Overall, I think a group should be set up, maybe by W3C (http://www.org), or at least tied in through them, so that no one company profits from this, and ties the government into such a system.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
Microsoft Passport requires the use of serveral proprietary technologies that may not be available to all people who use computers connected to the internet. Passport does not work with these popular web browsers:
Netscape Navigator, Opera, Mozilla, iCab, Konquerer, or Lynx. It only works with Internet Explorer, a product made by Microsoft and only works on certain computer operating systems.
Is it really true that passport only works with IE? I find that hard to believe. If it's true it would be in my opinion Microsoft's most blatant Monopoly abuse to date. It would also mean that a bunch of Compuserve and AOL customers are going to have trouble using it very soon. Can anyone who uses those browsers confirm this?
...rather than giving a convicted felon a government-enforced monopoly
Especially a monopoly that will gladly track all your credit card information, shopping habits, etc... Does anyone else think that maybe in return for giving this contract to MS, that MS might in turn give the gov. some of the other Passport information back to them in return?
A computer once beat me at chess, but it was no match for me at kick boxing -- Emo Phillips
Oh, and it goes on the hand too, and it starts with "666"...
Your Servant, B. Baggins
Wow! MS is handing us the keys to the entire estate! Think about it: Just about anyone here can hack passport. Just imagine the power of a million hackers unleashed on a National Identiy card. It'd be great: popup porn windows on ATM machines, Bill Gates getting deported, Linus Torvalds becoming president(hey, if we say he was born a citizen who's to argue? The ID verified it. Didn't it? *snicker*). Yeah, I can't wait.
A paper by Kormann and Rubin at Bell Labs discusses most of these attack scenarios. K&R are not anti-Microsoft - they are researchers that raise valid technical concerns. There is also a (weak) rebuttal by Microsoft, which misses many of the points of the Kormann Rubin paper.
Also, what happened to the ACES project, where they were going to issue digital certificates to citizens for precisely this purpose?
Despite your feelings about Microsoft, their Passport product is a bad implementation. It is cookie-based, and is trying to use cookies for a purpose they were never intended to fulfill.
Please examine these references, and include mention of them in your letters to congressfolk:
Kormann and Rubin paper: http://avirubin.com/passport.html= 1033
Microsoft Rebuttal: http://www.passport.com/Press/RubinKormann.asp?lc
ACES: http://www.digsigtrust.com/federal/aces.html
Please be informed. This is really bad on a lot of levels.
Looks like Larry Ellison and Bill Gates are going to duke it out to be known as the Antichrist, or at least the facilitator of the Antichrist...not that I read the Bible or anything.
Congratulations, Pavlov, the dogs have barked. Your expirement was a success.
http://quiz.ravenblack.net/blood.pl?3357354385
...Homer Simpson! that's who I've registered as. Wonder how many other Homers there are out there?
You're using her as bait, Master!
I'd just like to complain about the headline. It says that the U.S. is considering using passport as a "national ID."
The immediate description says that they _might_ use it to authenticate everyone who accesses government services online.
These are two VERY different things. So, which is it?
Oh, look. They might just use it as (it was designed as) an authentication system!
If I'm not mistaken, plenty of entities are considering that, not just the government.
ATTN: Michael. Don't sensationalize stories. It's lame.
I'm not a fan of M$ or national ID, either, but this is a far cry from a national ID system.
"Alcohol, Tobacco, Firearms, and Explosives" should be a convenience store, not a government agency.
I don't want a single authentication for all my online transactions! That's really all this is about--trying to make it easier for people who don't want to remember a different login for every site. Well, guess what? Centralized authentication is massively insecure and prone to abuse.
Here's a better idea: Implement a standard for all web browsers to *locally* (or using a smart card) store authentication data for all sites a user has a seperate login for. Then, all the user needs to remember is a single passphrase to decrypt the database of authentication data. Yes, I know--mozilla already has this functionality. So lets make it an industry standard and as user-friendly as possible. And while we're at it, lets get people to start using encrypted e-mail / instant messaging / etc. as well! THAT would be a worthy government effort.
Even when you try to have a simple reading test implemented in order to grant a license to vote it gets shot down by the Supreme Court (aww, the poor people can't vote because they can't read).
The statement above shows a rather shocking ignorance of history on your part.
I think you need to study up on how the alleged "literacy test" was used in the south to prevent blacks from voting.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Comment removed based on user account deletion
Actually, I'm both. I guess you blew my cover. Now I have to get a whole new slashdot account. Damn.
Robotiq.com is heavily tested on animals
I refuse any government imposing upon me technology from a company that has been found guilty of federal crime.
I suggest a common wealth approach is the correct method by which to do what is wanted.
Hmmm, common wealth and National ID not only is right but sounds right too.
Oh GRAET. And what does this mean for us Mac users? We won't get to be citizens of the United States? We're going to have to move to some non-U.S. country -- like ALASKA??
Besides, this is Microsoft we're talking about. Two hour tech support wait to fix my national ID that just crashed?
Ugh! I'm moving to Petoria or the New Utopia (new-utopia.com).
The next comment I write will be ready soon, but subscribers can beat the rush and see it early!
Then again, state.pa.us's unemployment online forms are java or activex, IIRC...for simple fill-out forms. *sigh*
It would take an -extraordinary- act of stupidity to give a computer to -every- single family on the planet.
To outfit many computer with access for the disabled.
To teach -that many- people how to use a computer.
Yes, our goverment has been -amazingly- stupid sometimes - but we have things like the ACLU for a -reason-.
http://quiz.ravenblack.net/blood.pl?3357354385
Hi! How are you?
I detain you at Customs in order to have your advice.
See you later! Thanks
Wow, Tyler Durden finally got himself a /. account.
They that would sacrifice their
vlak bij AH noord, maar dat is niet het huis dat te koop staat. Huis te koop is aan de Buitenwatersloot
---
I work in the security industry, and I can tell you now that there are no other products that can do what the US govt want to do at the scale that they want to do in production today.
Sure there are alternatives, including the Sun Liberty thingy (substitute your evil vendor for someone else's), but no one else has a federated existing customer base of the size of Passport's.
I've reviewed various products like Netegrity's SiteMinder, iPlanet, and a few others including online banking authenticators, and trust me, it's really hard to get this right. And from the two Passport integrations I've seen, passport is done right. It's a breeze compared to Siteminder and doesn't install an SDK and samples on the box that you don't find unless you really look hard.
A government wants to just get something off the shelf and make it work. The scalability issue is the major one, and Passport is one of a very small number of products out there with a large user base today (30 million+).
The trick with any SSO scheme (and Passport is one of them) is the security administration associated with it. Plus you have to validate each and every site to ensure no leaks, no confidentiality breaches, good cookie practices, etc. This is MUCH harder than getting the SSO stuff to work.
And realistically, wouldn't you prefer the govt to just make services available online? I hate calling my govt's call centres - such a waste of everyone's time.
Andrew van der Stock
Personally, I'd be getting Adult Check not passport.
Pr0n sites are hit much harder than the many federated Passport sites by desperate geeks wanting to see pics of Natalie Portman with grits.
I'm serious.
Andrew van der Stock
The CIA sold cocaine to fund operations during Iran-Contra. I'm not sure which sources you'd find 'reputable' since people have different ideas of what's reputable but do a search on google on 'Iran, Contra, Cocaine' and you'll see what i'm talking about. The Iran-Contra affair isn't just some hallucination of conspiracy theorists.
___
It's the end of my comment as I know it and I feel fine.
http://slashdot.org/comments.pl?sid=27946&cid=3004 106
Tyler Durden was a lot more articulate as well.
/.
I'm not a lawyer, so this sort of semantic chicanery is lost on me.
Microsoft stole intellectual and physical properties, they got caught, they got punished by the court system.
And incidentally, it's scientist not surgeon- I don't practice medicine professionally.
--Charlie