I'm in conflict...
by
chrisseaton
·
· Score: 3, Funny
"national ID card" : bad Java : good
Re:I'm in conflict...
by
Anonymous Coward
·
· Score: 2, Insightful
"national ID card" : bad
Why is that bad? How is it any different from a damn driver's license in the states? It's not. You think a cop in one state can't get your info just as fast as one in another? And do you realize how much easier it would be to write software if the whole country used the same damn format? And how much easier it would be for you to have one number to remember?
Java : good
Java sucks. Slow junk. Ugly. You can always tell a Java app from another. Pathetic.
luke: I can feel the conflict within you, father! ID cards are good- Let go of your hatred!
vader: I have decided java is bad. There is no conflict.
graspee
Re:I'm in conflict...
by
Anonymous Coward
·
· Score: 1, Informative
Java sucks. Slow junk. Ugly. You can always tell a Java app from another. Pathetic.
Hey, when you get down from your soap box, you might want to investigate Java as of the last...oh... 2+ years. It's not slow. It's not ugly. Get with the program.
Re:I'm in conflict...
by
stuffman64
·
· Score: 3, Interesting
"national ID card" : bad
I agree that a national ID card is bad; we've been over it many times before. However, I am all for a national standard for driver's licences. I work at a fairly busy convience store at Penn State University, and oftentimes I have the privledge (if you can call it that) of selling cigarettes to help college students kill themselves faster. Since the town also has quite a large secondary school system, it is absolutely necessary to card everyone who buys cigarettes as not to sell to minors.
Checking licences is quick, but is not as convienient as you may think. Since many students are out of state, I see at least 7 different states' licences (and thier many variations) at each shift. Every state has a different layout, orientation, and material (for instance, New Jersey licences seem to be nothing more than laminated paper, while PA licences are thick plastic cards). Worse yet, no state ever puts the date of birth in the same spot. While this may not seem like a problem at first, it is quite time consuming to constantly scan cards for DOB, picture, and expiration (as you cannot sell cigarettes to someone with an expired license).
If everything was standardized, things would be much less time consuming. I know people become mighty frustrated when they have to hurry off to get drunk with their friends but need thier smokes right now. What would be so hard about having a standard layout? States could still embellish and add thier own features for security or other reasons, but to anyone who works with IDs all day, this would surely make life easier. The whole vertical layout for people under 21 is also a good idea, as it is really easy to tell if someone is of age by the orientation of the license, but it seems as this may be too easy to fake. Any ideas?
First off, it's not as easy for a cop in one state to get your info as it is for a cop in another state to get your info. If you get stopped in a different state, it'll usually take quite a while longer for them to pull up specifics.
More importantly, though, ID cards and Driver's Liscences are NOT the same. That's why JUST a drivers liscence isn't valid ID for lots of things. A drivers liscense only has: Name Date of Birth Sex Eye-Color Photograph Weight when you got it Address when you got it [ it can include anatomical gift info ]
Sure, that's a lot, but it isn't everything, nor is it tied into every major database. Also, it isn't needed for anything besides checking that you can drive if you are pulled over. There are many other ID types that can be used for other purposes, such as social-security-number and student ID cards (yes those are valid for lots of things).
Its bad because you are expected to be accountable to the authorities, rather than what happens now, in most countries, which is that they are accountable to you. If you`re committed no crime, been charged with nothing, you need say or do nothing.
Anyway, you missed the more obvious error in his post: Java : good!
everybody knows that C++ would have been a much better choice of language!
- Does it have a MIDI Interface?
- What's MIDI in your face?
Re:I'm in conflict...
by
nutshell42
·
· Score: 4, Insightful
Well, let's take a short look at my ID (German), it contains:
photograph
name
date and location of birth
nationality
date of expiry
signature
address
height
eye-color
the authority which validated it
and the date when it was printed
So, which thing exactly is so much worse about that than about your driver's license?
-- Don't think of it as a flame---it's more like an argument that does 3d6 fire damage
Re:I'm in conflict...
by
Daleks
·
· Score: 4, Funny
Java : good
Exception in thread "main" java.identity.IdentityNotFoundException:
Try explaining that to the police at 2AM.
Re:I'm in conflict...
by
tealover
·
· Score: 1, Funny
Yeah, but German id cards are used to round up jews whenever war breaks out.
-- --
You see, there would be these conclusions that you could jump to
Re:I'm in conflict...
by
vrt3
·
· Score: 2, Insightful
I don't really get this: you hate national ID cards, but you have no problem with using driver licenses as an ID? Only difference I see is that someone who doesn't learn how to drive (assuming that such people exist in your country) doesn't have a driver license.
Frankly, I don't really see what's so wrong with national ID cards. Perhaps it's just because I'm so used to it (I am from Belgium), but could someone explain why they are such a bad thing?
-- This sig under construction. Please check back later.
Re:I'm in conflict...
by
Anonymous Coward
·
· Score: 2, Interesting
"Today is the deadline for males from the second round of Arab and Muslim countries and North Korea to register with the United States immigration authorities under new security rules. Amnesty International is calling on the US authorities to ensure respect for the human rights of non citizens and to review the special registration process to ensure that it is administered fairly and complies with the principle of non-discrimination under international law."
No, you dipshit. Foreign nationals (i.e. non-citizens) from certain countries, including muslim countries, have to register. None of this applies to US citizens and it's not specifically because of their ethnicity or religion. Non-arabs and non-muslims from these countries have to register too.
dude. you're posting as an ac and you're asking why mandatory id is bad?
How is it any different from a damn driver's license in the states?
becasue a driver's license is for driving which is entirely optional. an id card is just for every day existing which is not. i don't know about in the us (you guys have gone a little "security" crazy recently) but in canada, if you're not driving you are not required to carry a driver's licence.
And how much easier it would be for you to have one number to remember?
and expiration (as you cannot sell cigarettes to someone with an expired license).
I've never understood this. The point of checking ID is to verify that you're above the legal smoking age, right? The point of the ID expiring is to make sure the info stays current, but your DOB isn't gonna change. So, if the only reason to check ID is to verify DOB, then why isn't an expired ID sufficient verification of your DOB?
-- $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$]; $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Re:I'm in conflict...
by
Anonymous Coward
·
· Score: 1, Insightful
The "from" means that they're not US citizens, otherwise they'd be "from" the US (whether nationalized or born here).
If you're a visitor to someone else's home, then they have a right to track you while you're in their home. If you don't like that, don't visit their home.
i don't know about in the us (you guys have gone a little "security" crazy recently) but in canada, if you're not driving you are not required to carry a driver's licence.
You don't need to carry a driver's license around. You just need one while you're actually driving. And even that varies from state to state. Usually you need to be able to produce the license on demand when you're pulled over. I know that in New Jersey if they catch you driving without the license on your person, you might as well be an unlicensed driver. In other states (e.g. Pennsylvania) the requirement is that you must produce the license within 24 hours of being pulled over.
State governments always like to emphasize that driving is a "privilege, not a right" (which puts driving in the same category as eating). Although it's a privilege that everyone expects. In general, it's very easy to get a diver's license in the U.S. You can be on acid and get one.
Although I lost my license for three years because of epilepsy. Most state governments (e.g. New Jersey, California) require your neurologist to inform the DMV if he knows you had a seizure. While this sounds like a good policy, it creates an enormous incentive to lie to your doctor and underreport seizures, which leaves you dangerously undermedicated. I was unlucky enough to actually have a seizure in the doctor's office, so that's how they busted me. In the intervening period I ended up getting a non-driver ID because there were so many situations where I needed one. Usually they're required by non-state entities- it's hard to open a bank account or rent a video without a photo ID from the state.
Credit cards are quickly acquiring this status of de facto required ID as well- which is really annoying since those three years of not being able to drive effectively destroyed my credit rating. Just last week I was stranded at an airport because I couldn't produce a major credit card at an Alamo car rental counter, despite having had a reservation for weeks. Apparently they've had this policy since June, but their website doesn't mention it. I guess they like surprises.
Easy, your id no can be used to access your registration with the tax authority (Finanzamt). In Germany, you pay tax to the church that you belong to (Can I put 'Open Source' as my religion) which is collected by the tax authority to benefit the church. Incidentally, this is the Scientologists beef, they aren't recognised to be ablt to do this.
It means that although the id card doesn't carry religion, it is relatively easy to determine this from the files and possible for a possible future government to overstamp the id.
Nothing. That's the problem. They're both just as bad. For the good of all people, NOTHING should be used as *universal* identification. It's too dangerous in the hands of any (past, present, or future) government. This also goes for Social Security Numbers, or any other number we're dumb enough to be convinced by the clerk caste that we must provide upon demand.
Why does this then occur? It's about power. OF COURSE governments know better. It's just another way to take advantage of the common man. If you can identify him, you can know where he goes, what he does, and practically treat him like a criminal *before* he does a crime. How efficient!
Why, in free countries, do we citizens let this happen? It's because we're sheep. We're more ruled by our petty material desires and our fear than by a sense of justice and a sense of goodness borne out of a connection to our fellow man.
Universal identification = ultimately efficient and ultimately dangerous
It's a sick, sad world. However, just knowing that doesn't help. Doing something about it might.
How would making state's ID cards physically similar sacrifice freedom? I never said to make a national ID card (which I am against), only to have ID cards use a common formatting. Read a little deeper next time, please.
> Why, in free countries, do we citizens let this happen? It's because we're sheep
Bull... It's not because we're sheep, it's because most of the people are too F*%#!ng lazy to think for themselves. They'd rather go about their day-to-day lives, sitting on their asses and believing there is someone in charge doing "good" things.
Yes, but with the DMCA, you're not allowed to steal anyone's identity using the default password, "password".::knock, knock:: Whoops... I've said too much.
Actually, they tried to build a Smartcard OS once themselves, and failed. But no worries, they still have the mobile phone, pda, touchscreen and - last but not least - the gaming industry to play around with.
---
boolean sig = false;
yeah
by
Anonymous Coward
·
· Score: 1, Funny
Well its about time humanity cracked down on indentification
I always thought the term smart card was a bit..Oh I don't know, unfounded? It has a digital signature, great, what happens when it's stolen? And used against the owner? I'd like to see a card that had an image of your retina so they could tell if it was you, the eye has so many patterns, its almost impossible to fake. Cosmetics can already make someone look like someone else, but they havent figured out to replicate the eye yet...
I did see Minority Report, that's very true...Identies will ALWAYS be stolen, if people are determined to do something, they will. I quote Jimmy Buffet "Keys and locks are destined to be busted." By making it harder for the average person (or con "artist") to do some illegal, they'll work that much harder..
thats true.. eyes and fingers are much harder to steal then cards
-- Selling software wont make you money, selling a service will.
Re:Well,
by
primus_sucks
·
· Score: 3, Interesting
Personally I've had two identity theft incidents. One time someone in Japan (I'm in the US) used my credit/debit card number and cleaned out several thousand dollars from my bank account. Another incident, someone printed or obtained fake checks with my name on them. With the present system anyone with a laser printer can make checks and anyone who works at restaurant or gas station can collect credit card numbers. At least this system will hopefully make it harder. And hopefully if someone does steal your card or something you won't be held accountable for damages.
The point is, it doesn't matter how identity is encoded - the rate-limiting step is the intelligence of the user (that's us). And users will mislay cards, or have them stolen.
I'm not in favour of ID cards in any form, because they can very easily be abused, and also used to deny basic rights to non-holders.
I live in the UK, where the introduction of ID cards is currently under consideration. I wrote to my MP recently about my concerns; he forwarded it to the Home Secretary and eventually I got back a secretary's letter which read along the lines of "Thank you for your views. Now f*** off."
If ID cards were introduced here, I'd want to see some kind of photographic identifier on the card. My debit card was swiped and copied last year and the thieves ran up about £1K ($1.5K) in a day. A simple mandatory photographic ID on cards would stop this kind of fraud, and potentially also halt the abuse of ID cards. But let's hope it never gets that far.
There are all sorts of ways to secure identity. Most good smartcard rollouts specify an interaction protocol, and the data required, and let the individual implementors come up with something to please people.
Most people don't know just how much damage you can do with just someone's phone bill, and that's usually much easier to steal than their birth certificate.
The point is that there are many, many areas of poor security. Expecting a smartcard (which can be de-activated under many systems, unlike a phone bill or a birth certificate) to have a level of security as good as, or better than, a safe enclosed in concrete and buried in the Marianas Trench is a bit much.
Yes, that was hyperbole.
The thing is that most people tend to freak out whenever we put something security-related on a digital medium. Chill out.
If you do it correctly, you can have the cards not contain any information beyond keys used to access and prove identity. Those keys can be changed. Quickly (again, barring incompetence, which your example of biometrics does as well - if you have an incompetent bioreader, you will be locked out of your card. Bioreaders are much more complex than, say, a 4-key pad).
Security should be leveled. No one layer is enough. The basic security model of a good smartcard system goes something like:
You have to have the card.
You have to know something to use the card.
Even if you could somehow get to the information on the inside of the card, it wouldn't do you any good after time t.
You could optionally enhance this out to include:
You have to have the card.
You have to have something that's only with you to use the card (your face, your eye, your thumb).
You have to have a prior arrangement regarding your card and the specific place you are going to.
Your card, and your information to get to use the card has to match up with the information on file with the specific place you are going to.
You have to know something to use the card.
Even if you did have all of that, the keys on the card are automatically deactivated every t hours (24, 48, 72, 168, optionally with grace period).
As you can see, the level of security can quickly be ramped up to "insane."
Optionally, you could set a "policy identifier" that is part of the request sent to the smart card by the reader that states what meatspace authentication protocols were used. You could set your card to refuse anything that did not include certain checks.
This is mostly a "polite" check, and by no means should deactivate the other parts of authentication. It's just to give the places you do business with a list of the things they should do. Sure, the business could lie about it. The only thing that would get them, though, would be permission to interface with the security methods on your card.
As an idea of what could be done with this: you could have your smartcard set to have two keys. Depending upon the policy identifier, it would cause the smartcard to use either your low security key, or your high security key. The information you attach to each one could be different (two credit card numbers, one with a $200 limit, one with a $20,000 limit. Electronic cash, one with $20, one with $2,000).
Anyway, just something to think about: don't concentrate so much on one layer of security, like biometrics. It can be fooled. The difficulty of fooling one authentication mechanism goes up linearly. The difficulty of fooling combined authentication goes up exponentially (consider: you know your boss's passcharacter, but could you: get his card, look like him, look like him enough to fool people at the place he normally shops at while they're looking at a picture of him on their monitor, do it all before that night and before he notices? Oh, and self-employed people can't compete in this test.;-)
Having physical ownership of a smart card probably doesn't enable you to go around using the card (even if the picture on the card resembles you very closely) -- you'd need to know the PIN stored in the card in order to go around signing digital documents, or making purchases.
Furthermore, there is the mechanism for cardowners to get their ID card revoked when they discover that it is missing just like for credit cards.
There is a.pdf white paper for these European electronic ID cards here
If ID cards were introduced here, I'd want to see some kind of photographic identifier on the card. My debit card was swiped and copied last year and the thieves ran up about £1K ($1.5K) in a day. A simple mandatory photographic ID on cards would stop this kind of fraud, and potentially also halt the abuse of ID cards.
Well, you said that they swiped and copied your card. How would a mandatory photographic ID help? I mean, if they copied it onto a card with THEIR picture, they'd still be home free.
The only situation that would help in is if a) your photo was also stored by the credit card company, and compared to you as well as the photo on the card or b) the store makes a photocopy of your credit card with picture when you make a purchase (so there's a record for the cops. Not as trustworthy as above, but still a deterrent).
A photo on the card is a good portion of security, as it does make the cards harder to forge. But it doesn't stop the kind of fraud you're talking about.
I always thought the term smart card was a bit..Oh I don't know, unfounded?
The term "Smart Card" is suppose to reflect the fact that the card has a chip and therefore can process information. This is as oppose to the magnetic-strip cards which can only store information.
It has a digital signature, great, what happens when it's stolen? And used against the owner?
You can protect the information in the card with a password. The card can even be further protected by programming it to ask the User questions to which only the valid User would know the answers.
I'd like to see a card that had an image of your retina so they could tell if it was you, the eye has so many patterns, its almost impossible to fake.
This can be done by the smart cards and I believe some companies are already doing this. You can also use fingerprint information for even more security.
-- You break all the laws of physics and you seriously think there wouldn't be a price?
the eye has so many patterns, its almost impossible to fake
Interesting use of the word "almost" there. So, what happens if/when a method to fake arbitrary retinal patterns is developed?
The great thing about usernames and passwords, PINs, etc, is that if you have reason to think that someone else knows it, you can change it. You can't change your retinal pattern, or any other biometric data.
If someone manages to fake your thumb print or retinal pattern, you're stuffed - you can't change them, and if that's the only official method of identifcation, you can't even revoke them and use a PIN.
Besides, the problem isn't people managing to copy retinal patterns, its people managing to fool detectors into accepting other patterns, or even a photograph of the correct eye...
You need to store the picture electronically on the card - then a card reader (a handheld computer, POS system or whatever) will display it on screen. All the data on the card is digitally signed by the guvmint. Then unless you know the private key it should be pretty impossible to forge ID cards.
Ideally, there shouldn't be any information on the card which is not digitally signed - so it should just be a smooth piece of plastic with 'id card' on it. OK, maybe it would have some picture or cartoon of a bunny or mushroom or other abstract thing so that you could recognize your id card if you lost it - but it shouldn't have your name or address printed on the outside, because such information is liable to forgery.
Yeah, and those folks have been working on card security for 10+ years and they are still weak. Good to see it's not just the US government that is pure evil.
-- Yes, I am an agent of Satan, but my duties are largely ceremonial.
Java based???
by
Beetjebrak
·
· Score: 4, Interesting
Does a smartcard actually run a Java VM? I've always been under the impression that smartcards contain only data, and that applications run on the machines you plug your card into. Java-based smartcards sound like marketing speak to me really.
-- Learn from the mistakes of others. There isn't enough time to make them all yourself.
Re:Java based???
by
Hrshgn
·
· Score: 2, Informative
Well, many smart cards (all?) have a microprocessor inside running their own firmware. They are powered by the reading machine though.
Re:Java based???
by
c_oflynn
·
· Score: 5, Informative
There are many types of smartcards.
Some are the memory only type, where the card just has some sort of (normally secured) memory on it.
Then there are also the microcontroller cards. These cards have memory and a microcontroller built into them. You can write a program on it to do something, however you don't exactly have a lot of I/O lines or anything (just a communications link actually).
Most of the microcontroller smartcards have built-in encryption and decryption as well.
Java is pretty popular for programming smartcards, but they even have BASIC for smartcards.
The microcontroller only needs an external clock and power source, and will execute whatever program is on it.
I heard while Dr. Evil's smart card runs J2SE, Mini-Me's smart card run J2ME.
Re:Java based???
by
Wesley+Felter
·
· Score: 4, Informative
Yes, Java Cards run a crippled, stripped-down, bastardized Java VM. There are also traditional smart cards that only do crypto and data storage, and then there are fake smart cards that hold data but can't do any processing.
Re:Java based???
by
philfr
·
· Score: 5, Informative
Memory cards only contain data, some parts read-only, some parts read-write, and some parts write once. They have been used since a long time for prepaid public phone cards or access control.
Smart cards also contain a CPU, sometimes highly optimized for e.g. RSA encryption, and their data is available through a file system abstraction. Smart card suppliers call this an operating system... Multiple applications can run on these smart cards, which means you could theoretically have only one card for your ID card, your electronic purse and various loyalty cards (if your are not too worried about security/privacy issues in case of breaking into such a chip).
Memory cards are also called synchronous cards and smart cards asynchronous cards. That's because of the nature of the serial protocol they use to communicate with the device that reads them. Smart cards have a real UART embedded, and implement one of two protocols (T0 and T1) defined in ISO 7816, the second of which is fairly complex and allows to multiplex communication between multiple applications running in the card reader and their peer inside the smart card.
JavaCards embed a "JVM", but a very limited one: you can't just open a network connection or dynamically load a class. Sun specifies the precise subset of Java that corresponds to a JavaCard profile. But, yes, they run Java "cardplets"...
You are American, arn't you? Or at least Canadian. Both countries are far behind Europe in card technologies.
OK, here is the difference. In North America you use magnetic cards for everything. Magnetic card only keeps data, while software works on a card reader device.
All Europe use smart cards which are sort of micro-computers, the main task of which is encryption handling, doing it together with software on a card reader and thus doing it smarter. So, in Europe, card stealing doesn't help - it's too expensive to crack it.
Pretty smart, isn't it? In Europe people are smart and they use smart cards. In America... now you got a point. I am sorry.
Loot at his website:.nl That's dutch. And his nick "BeetjeBrak" is dutch too. In the netherlands they have the chips on the cards too (smart-card).
Apart from that, you're right. In Europe we're moving from the magnetic strip to the smart-card version. Yes, the smart-card-version is more secure than the magnetic version. However if I recall correctly, the SIM cards for GSM's were cracked some time ago, it just required an enourmous amount of effort. That's the same technology. However, VISA cards and the like are still magnetic. I'm eagerly awaiting the smart-card version of VISA cards, but I think the magnetic strip will last for a long time due to back-ward compatibility.
Apart from that, nice Ameri-bashing, which I enjoy to do as the next guy;-)
-- Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
You haven't changed your credit card/debit card recently have you? Most new cards issued have a chip in them. not sure if its ram/rom or smartcard though.
My debet card has had a chip for years. My VISA is still magnetic only and I got a new one last month.
The problem is that VISA has to work worldwide, so it has to work in the US, so it cannot be based on smartcard technology.
Besides, ever gone to the US? They look weird at you if you tell them you only have one credit card. I've never needed more than one, and I've never had credit card debt. I've heard stories of people that went to the US with one creditcard, checked into the hotel and the hotel blocked the card in order to be sure to get payment. After that, your credit card was useless, so you needed more than one. Never happened to me, luckily.
jawtheshark
(Luxembourg)
-- Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Memory cards have some non-volatile memory and some security circuitry to check keys, etc. Processor cards have a programmable CPU. Prior to JavaCard, processor cards were programmed almost exclusively in assembly code. Microsoft tried to compete with JavaCard with MS Windows for SmartCards (I'm not kidding here), but the system was lame and doesn't seem to have much support anymore.
JavaCard smart cards can be programmed using the Java programming language, but are restricted to a subset of the language. There are no Floats, Strings, or other big data types, but just int, char, byte, short and objects. But you get full inheritance, interfaces, etc. JavaCard has its own VM that has some similarities to the Java VM but is really a different beast. The bytecode set is optimized for execution on 8 and 16 bit processors and for the subset of the Java language that is practical to run on such limited hardware.
There is also some very cool security built into the language runtime for controlling access to objects based on the application execution context, so even if you can forge a pointer to an object in another application, the VM still won't let you execute its code. This level of security is needed to make financial service companies comfortable with putting 3rd party software on their cards.
Eventually as smart cards get bigger, the JavaCard VM will probably give way to the KVM (Java Micro Edition), though there may have to be some extensions added so the extra security from JavaCard isn't lost.
Please upgrade
by
Anonymous Coward
·
· Score: 4, Funny
I am sorry sir. You can not get your prescription filled here. This Pharmacy is not Java enabled. Please wait until the next service pack release.
Thank you. Please come back soon.
Re:Please upgrade
by
Anonymous Coward
·
· Score: 1, Interesting
I know you meant this as a joke, but here in Belgium we've already had a smart card for medical data for quite a while. And, yes, you do need it to get your prescription at the pharmacy.
Just go to Walgreens, apparently all you have to do to get authenticated is tell them your name. It would help if your name is not John Smith.
Big Brother or Good Sense?
by
Anonymous Coward
·
· Score: 3, Interesting
I'm very conflicted over the concept of a national ID system. One the one hand it could overcome many of the inadequacies of our state based identity system, like the ease of creating a viable fake. But combine a national ID system with a national database and I can just hear the Big Brother proponents rubbing their hands together in glee, as well as looking for an opportunity to persecute every illegal alien in the country. If the United States gives in to a national ID in the name of replacing an outdated system, must we at the same time provide the government with yet another tool to restrict our privacy?
Good or bad?
by
Blaine+Hilton
·
· Score: 2, Interesting
I realize there are many great uses for these Java cards, but I'm not sure if making it a national ID card is the best idea. The government can easily use this against the people and the privacy concerns are enormous. I believe a better implementation would be for banks to issue such as with credit cards and such, not as a device that every citizen may be required to ware.
Re:Good or bad?
by
Saib0t
·
· Score: 3, Insightful
but I'm not sure if making it a national ID card is the best idea.
As a belgian citizen, I can tell you that we already have a mandatory national ID card, so it's not much of a point.
My national ID card has this on it:
a picture
Name
Given Names
Sex
Date of Birth
Place of Birth
Signing authority
My signature
Address
ID Card Number (2 of them)
Spouse
Children names
It bears several things on it that make its counterfeiting difficult (like a nice color changing hologram-like shape of the country)
The government can easily use this against the people and the privacy concerns are enormous.
All these concerns are very legit in the USA, but from the people I have talked to, this is the "only" country where people are so afraid of being bigbrothered. I have a national ID card and I use it very seldom, and I really don't have the feeling that it is being used as a way to track my habbits down.
On the other hand, my bank uses that ID number in their files, so does my social security company (social security is built in into the belgian system, but you have to have a "company" paying your stuff), and if I could, I'd actually encourage all these government bodies who require identification at one point or another to create that database, and give access to information about me on a need basis.
The problem does not come from the traceability, these problem are a minor concern compared to the advantages.
The real problem comes from trusting your government. The belgian political landscape (if I may speak of it thus) consists in dozens of parties, with 5 or 6 big players. This ensures that the same person don't stay in power very long if they don't do a good job, and there ARE alternatives to what is in place at the moment, and it's always a coalition of several parties that is running the country. This is one of the reasons I trust my government (to a large extent).
Trust is the real problem...
--
One shall speak only if what one has to say is more beautiful than silence
Well said! (not only that sentence, but it's your summary). I wish I had modpoints, you'd get them at once!
-- Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Re:Good or bad?
by
Blaine+Hilton
·
· Score: 2, Interesting
Great response!
I believe you hit it on the head about trusting the government. Here in the states we have 2 main political parties. Many people don't vote just because you can only vote for the lesser of the evils. You don't get a "warm fuzzy" feeling for voting for the good guy, because they are all pretty much a bag of liars.
Lawers and politicans.... can't live with them and can't live with out them
It won't be long and we'll be saying "why in hell did we create an identity card?! Each person is their own identity. Cards can be stolen, altered. People cannot (undetectably).
Actually, I think you *do* get it - and unfortunately, many folks seem to be overlooking the obvious in their quest for a higher-tech and more convenient lifestyle.
There simply won't be any more guarantee that any of us are really who we claim to be, just because we hold a "smartcard" that identifies us as being a certain person.
In fact, most banks/lenders currently require 3 forms of I.D. to do such things as open a new checking account. That's because the closest thing to a guarantee of identity they have is forcing you to provide multiple proofs. Putting all the proverbial eggs in one basket, as a smartcard does, doesn't make much sense to me.
I'm belgian. I'm a Java guy.
We have had id cards for as long as I know. There are some advantages too it, I only have to show my id-card to open a bank account or to do any other transaction (with the government or private institutions).
What's the difference with carrying a driver's licence with the same information ? This is a typical US/UK aversion from id cards, where does that come from ?
I will finally be able to do my taxes online, next year, without any _paper_work
Almost every belgian has an electronic bankcard purse (dutch/french only) Every belgian has an electronic Social Security Card, which serves to repay medicines (about 80% of cost) and hospital bills. How does that work in the US again ? (Granted, there was a discussion on the ability to gather health information about individuals, by the government, when it was introduced)
And most importantly, we have privacy laws that protect citizens (we're not called consumers by our government), not corporations, SINCE dec. 1992 It's perhaps not the perfect country, but I feel lucky living here;-)
BTW I'm much more concerned about creditcard related id-spoofing, than I am about ID theft (I'm not aware of that happening in Belgium, because you just can not use "anything" to prove your identity, you need your ID-card...)
No it isnt. A grocery store a few miles away uses fingerprint scanners to charge groceries on the owner's account. Obviously if a grocery store is doing it, it can't be too expensive. Why not have a national database of fingerprints matching identity? It would be extremely convenient to scan your thumb for all transactions and identity validations. Of course privacy proponents will argue against this, but I really don't see the problem if you don't routinely break the law. After all, nowhere in the constitution does it grant a right of privacy, this is just a false idea most americans have.
Ok. So what if you used your thumbprint to gain access to something. A criminal then fakes your thumbprint and does something bad in your name. Its discovered that it wasn't you that did the bad thing but now you need to change your access method. So you then change your thumbpr... Oh wait... You have THE REAL ONE. How do you change it? Uh... Cut off your thumb? Use the other thumb? What if it happens again? You're gonna run out of fingers.
Biometrics: The measuring of the ORIGINAL copy of body parts for the purpose of identification.
Well, using only thumb prints is just as archaic as having an identity card.
You would ideally have many points of identification taken together as a whole (all of them must match). Thumb print, retinal scan, blood type, height, maybe dna, hair colour, hair type (curly, straight, thick, thin), skin colour, gender, known languages, secret passphrase, accent, whatever. Try faking all that.
From what I understand
by
joeflies
·
· Score: 2, Informative
I only have a loose understanding of how these work, so please correct me if I'm wrong
It's more than just carrying the key, it handles operations performed on the key. There are definitely programs that run on the card itself, as it is doing the key handling so that the key isn't ever exposed outside of the card.
That being said, the Java card isn't running a Java VM. I thought it was technology acquired and put under the same Java brand, but it isn't exactly Java though.
Re:From what I understand
by
Anonymous Coward
·
· Score: 1, Informative
The card runs it's own stripped down Java VM. The API is different, but the code is really interpreted on the card. Sun has a FAQ list.
Re:From what I understand
by
nuclearmoose
·
· Score: 3, Informative
Here's the Sun Java Card site:
http://java.sun.com/products/javacard/
Lots of good info there, toolkit, spec, etc. The Java Card book from Sun Press is also pretty good.
For you information: belgium allready has non-digital ID cards, which are obligatory to every citizen. You are even obligated to carry them around at any time and CAN be asked to show them to police if they have "reason" to suspect you of something.
You are required to carry ID in the US as well. Big deal. Get stopped without a driver's license or some form of ID coming out of a bar or such, and they can hold you until they know who you are.
-- Comparing it to Windows will be a moot point, since El Dorado is going to have a 40% larger code base than XP.
In the US, you don't have to drive. If you want to drive, then you do need a driver's license, for a reason. They're trying to keep track of who's a bad boy on the road and shouldn't be allowed to drive. If you don't want to have to show a proof of ID, then don't drive. It's changing, though, you need a driver's license to get onto an airplane these days.
You are required to carry ID in the US as well. Big deal.
It is a big deal here (in Belgium).
If you don't have your card, you can be arrested and held in a cell until you are able to prove your identity.
This is anywhere, anytime - not just walking out of a bar, or driving a car. Stand too long on a street corner, or if the police think you're looking at them in a funny way, or be the wrong skin colour in thewrong area - with no official id, you can be held for a long time.
If you're from north Africa, and you're walking around Antwerp with some friends, you better have your card with you - and you better not resist arrest (like breath, etc...).
This is nothing like the US.
-- "The best part? I became an ordained minister while not wearing pants." -- CleverNickName
Yeah, right. In the U.S. society today, you HAVE to drive if you want to get anywhere (pardon the pun). What are you supposed to do if you choose to not drive? There sure isn't public transportation where I live...
Hmmm, I know of one or two people who are unable or unwilling to learn to drive. These people can and do lead productive lives. So you _can_ live without a driver's lisence.
> That we're not all pacifist diversity-lovers is a consequence of > evolution's inability to keep up with societal standards.
And the fact that there's no socially imposed evolutionary pressure against racism. If we could all collectively agree not to have sex with racists, eventuall, several hundred generations or more down the road, they'd die off.
I haven't had a car for two years. Where I live there's decent public transportation, or you could try something like *gasp* walking, or riding a fscking bike.
So many people are so unwilling to look beyond their ford exploder. Nothing like driving that two blocks to the store to pick up some ice cream!
I'm from Belgium too, and knowing some people who are with the police, they always say it's not necessary to carry it all the time. It's enough to be able to show it once you get home; it happens they drive you home in order to do that. But I don't know if that's law or just standard procedure.
Even that happens very infrequently. I'm 28 know, and I had to show my ID card only once to the police, and that was when I moved and a (very friendly, by the way) police man came to check that I was really living there. Oh, and once when I was driving home and I had to stop for alcohol control; though I don't remember I had to show my ID card, perhaps my driver's license was enough.
-- This sig under construction. Please check back later.
Wow, I'm 23 and have never been behind the wheel of a car in my life and I live in America.
Then again, I also live in a city with public transportation that works (NYC.)
Seriously, that makes a driver's license different from a National ID. However, it also causes problems, because prior to getting a passport I had to use my birth certificate, university ID and social security card to prove my identity. Now I just use my passport.
Coming out of a bar you might need your ID, but you don't generally need to have an ID unless you are engaging in some restricted activity (like driving, drinking, or buying butane lighters:). Outside of those situations you don't have to tell the police who you are or show them an ID, or carry any ID or even answer any question at all (though that might be cause for suspicious, etc. etc...)
Your Rights and the Police says more, though it's not updated for these days of diminishing rights. And this page only applies to the US, of course;)
I'm sure at this very moment. There about a million of your smartcard running around the world.
What a great scan of your card.
If I were you, I would take the graphic image off your site.
What difference does it make, since you have to show this card to everyone all the time anyway. It's already public information or at least semi-public.
-- "Don't belong. Never join. Think for yourself. Peace."
V.Stone, Microsoft Corporation
It depends... I have been stopped by the police in Belgium because a 21 year old in a luxury car with foreign license plate is suspicious.
I understand that, especially since the license plate I have is often misused for tax-evasion in Belgium.
Anyways, I just had to show my drivers license and the car papers. After that the friendly police officer just gave me my stuff back and wished me a nice day.
These guys are doing their job... it is understandable. Belgium is *not* a police state as many people around here seem to think.
-- Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Oh, right! Because your name is "bungo" and his is "A/C", your word is more believable than his?
I think the point he was trying to make, was not to exaggerate about the privacy issues. You seem to be dragging racism issues into the discussion... but hey, the fact that our ID is digital or not doesn't change a thing about the racism. So I think we may want to discuss that at another place.
Here in Belgium we have a quite good social security system. People are generally content (although, of course, some people just always complain) to trade this off for some privacy. There is actually not that much of an issue about the privacy... which is well enough protected by law.
For the record: I'm a Belgian too, also hoping to get my master's degree in CS in a few month's time; I have also posted as A/C before, just because I hadn't made a/.ID then.
Actually, here is the Good Ole State of Tennessee, we have these things called "Police Contact Cards." Let's say you are standing around on the corner waiting for the bus. Officer Billy Bob rolls up and says "Come here." He can fill out a "contact card" on you and ask for your ID. Don't have ID? You are a vagrant. Trust me. Just dare and say, "I don't have to talk to you." That's disorderly conduct. Now, I am sure these things are unconstitutional, but the people they are meant to keep in line don't even know that what their rights are let alone know to say, "Piss off." Of course, in Virginia, telling a cop to "Piss off." is "Curse and Abuse" and a night in jail.
-- Comparing it to Windows will be a moot point, since El Dorado is going to have a 40% larger code base than XP.
But what if you just pretend to be someone visiting from another country? You certainly wouldn't be required to have a Belgian National ID card then, right? Would they lock me up for a long time if I were to be an American Tourist walking around Antwerp without my Belgian National ID? Note that I tend to leave my Passport with my bags (safe in the hotel room).
-- Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
Would they lock me up for a long time if I were to be an American Tourist walking around Antwerp without my Belgian National ID
I'm sorry to say, but yes, you would be locked up.
Of course, you don't have to have a Belgian id card, but you do need to have a form of photo id recognised by the Belgian govt.
There was the case a couple of years back, when a grandmother came over from England to visit her grand-daughter, and she forgot her passport. She was held in a cell overnight and then put on a train and sent back to England. We can't have grandmothers without id rampaging around Belgium now, can we?
-- "The best part? I became an ordained minister while not wearing pants." -- CleverNickName
I hope they aren't using ...
by
Dossy
·
· Score: 2, Funny
"Jan Deprest, President of Fedict, the Federal ICT department" said in the article:
It will allow Belgian citizens to authenticate themselves in an easy and
completely secure electronic way whenever they access e-government applications.
[emphasis added]
Sounds like he's (she's?) been listening to a snake oil salesman at Sun. Last time I checked, nothing was completely secure, least of all smart cards...
What does java actuall add to an id card?
by
yintercept
·
· Score: 4, Insightful
I am actually confused by the article. An "ID card" pretty much just carries data...not a full programming environment. Sounds more like business name branding.
The important part of an id card is the interface and how you access and change the information. Such an interface is first and foremost a hardware interface. Trying to say that the card belongs to computer language x doesn't make any sense.
As for functionality, would you as a business really want to record important information on a card that is easily lost, physically compromisable, and carried by a person? What businesses want is simply a verifiable id for customers. The simpler the id the better.
What's all this noise about antiquities? Try pumping an antiquity in your Surburban and see where it gets you.
Re:What does java actuall add to an id card?
by
philfr
·
· Score: 5, Informative
The ID cards are able to prove your identity. For this, they embed a private key, and calculate a signature themselves on data that is sent to them.
If they only gave this private key to the device that asked for it, they would be easy to duplicate.
Of course, you don't need Java for this, but you need a smart card with a CPU inside, and you need to develop the application that runs on that CPU.
The choice of a chipcard determines the SDK to be used for it. One of them is JavaCard...
Re:What does java actuall add to an id card?
by
yintercept
·
· Score: 2, Interesting
Of course, you don't need Java for this, but you need a smart card with a CPU inside
The functionality is still more important that the language. You pass a bunch of blips into the card and get a bunch of blips out.
Sounds like the big advantage of the technology is that the id the store gets isn't your actual private key...but a derivative produced from the key.
The cards can't actually prove identity of course. But it sounds like it would be a little bit more difficult to steal someone else's identity.
But I jump back to the point that the language itself is independent of the functionality. The Java Branding is just Java branding.
Re:What does java actuall add to an id card?
by
owlstead
·
· Score: 1
a full programming environment? No, not that but it does contain a JVM (java virtual machine). A stripped JVM, but a JVM still.
The ID is definately the most important, as are the data structures on the card. However the ability to update applications withouth a real thread to security is what Javacard is all about. See the GlobalPlatform specification for the techinical information (you're a slashdotter, you'll find it).
You would not want it to store large amounts of data, it can't. It can be used as a paying device though. And the digital ID part itself obviously.
This card is not aimed at businesses but at citizens wanting access to online and offline services. --- boolean sig = false;
There only real negative to a digital card is that companies can start asking for them and easily start filling their databases with your information.
Manually copying down information from the front of the card is far too time consuming and obvious. Plus, you can only fit so much information on it.
There are of course technical ways to design digital ID systems and laws you can put in place to prevent this from happening on any kind of scale, but I fear these cards were not designed with privacy in mind.
-- The world is neither black nor white nor good nor evil, only many shades of CowboyNeal.
No company has ever taken photocopies of my drivers license. That would be considered inappropriate. If they want my date of birth, ID numbers, etc., they ask me for them.
But as I said before, they start sticking medical history, family records, etc., on a card like this and you are just asking companies to abuse it.
-- The world is neither black nor white nor good nor evil, only many shades of CowboyNeal.
No company has ever taken photocopies of my drivers license. That would be considered inappropriate.
Ever tried to rent an apartment? Or get a job? That's two places that always ask to photocopy my driver's license.
I'm all for having something that can help me prove my identity to random folks like apartment managers, but not something that they can use to get other information about me.
Re:im not for it
by
CommieOverlord
·
· Score: 2, Insightful
You mean like the potential for abusing driver's licenses, SSN cards, health-care cards, birth certificates? There are already plenty of national or state/provincal cards out there. Abuse happens, but obviously they're good for something or they wouldn't be here.
Great News! Now instead of just having my wallet stolen, I can have someone scoop my eyes out and chop off my fingers too!
Yay! The wonders of technology!
Actually it IS a big deal.
by
nurb432
·
· Score: 1, Troll
We live in a society that all anonymity has been removed.
Having to produce ID on demand with no cause of provocation other then you are breathing is just one example of this.
This free-fall needs to be stopped..
-- ---- Booth was a patriot ----
Re:Can it be updated with GJC?
by
robslimo
·
· Score: 3, Insightful
Say... by my reckoning and based on your sig, you oughta be posting AC. Freakin' troll. - - - - - - on a more serious note - - - - -
Having Read The Fine Article and a few earlier posts, I'd have to say:
(a) National ID's are bad (good) (b) Java is bad (good) (c) how the bloody hell is anyone going to make 'smart cards' smart enough to prevent [ID] theft?
If, after all these years, Hughes (DirecTV) and others have not been able to prevent signal theft using 'smart card' technology, how safe should we feel entrusting our personal identification to this tech?
"Ohh!," say some, "this is safer yet than the old methods of identifying us to our government. This is much safer than an easily forged picture ID."
But this technology *is* assumed to be 'safer'. It is assumed to be (and marketed as) 'secure'. That also means that our govn'ts may assume that it is *true*. If a transaction, waypoint in your vacation journey, or an arrest is logged in your 'Nat'l ID' account, it will be assumed to be true... because it's safe and secure technology, right? They may be much less likely to doubt any misinformation in you recored, so think again about DTV and how secure their system is. Please think.
Fundamental Flaws
by
Anonymous Coward
·
· Score: 5, Informative
I was at an E-Gov day some months ago, where this was presented and discussed. (Vince Rijmen, of AES fame was there talking about how they solved the problems associated with e-voting). Some of the comments really scared me:
1) The keypairs on the card will be pre-generated when the citizen receives the card. IMHO a private key that has been in someone else's hands/machine is totally useless. This of course allows for involutary escrow..
2) The Belgian Federal Gov representative (Peter Strickx, ex-Sun, by total coincidence) plainly declared they do not want to have the necessary expertise in-house, but wants to outsource the whole thing (to Sun and ZETES, it now seems)
So this will put our identities (and the authentication/non-repudiation/existence of some very important personal documents) at the mercy of a couple of *private companies*, one of them American, no less, at a time when the US is governed by a madman, that gets away with secret military tribunals and illegal warmongering..
Some of the excuses, when I asked about this were that the.be gov already uses much outsourced security for its own communications!
I say this is unacceptable and an enormous security blunder. Verisign, a US company, could issue some revocations, and thereby completely stop the flow of information inside the.be gov!
Do I they want the US gov to be able to screw around with any.be citizen's identity? It would seem to be so..
Please forgive me for using AC for once, one would get paranoid for a low less...
The Belgian Federal Gov representative (Peter Strickx, ex-Sun, by total coincidence) plainly declared they do not want to have the necessary expertise in-house, but wants to outsource the whole thing (to Sun and ZETES, it now seems)
Lucky Belgians. M$ seem to be hell-bent on bribing their way into the UK Government's infrastructure.
Five years hence, watch me try to use my ID card to see an emergency doctor, only to be told that the system has been hacked through a security hole that M$ couldn't be bothered to patch, and I will need to come back tomorrow.
1) The keypairs on the card will be pre-generated when the citizen receives the card. IMHO a private key that has been in someone else's hands/machine is totally useless. This of course allows for involutary escrow..
This really depends on if the private key is generated on the card itself or on a separate machine and transferred to the card. Given decent tamper resistance, you shouldn't be too afraid of the card generating the private key.
2) The Belgian Federal Gov representative (Peter Strickx, ex-Sun, by total coincidence) plainly declared they do not want to have the necessary expertise in-house, but wants to outsource the whole thing (to Sun and ZETES, it now seems)
The Belgian Federal Government representative is an idiot.
So this will put our identities (and the authentication/non-repudiation/existence of some very important personal documents) at the mercy of a couple of *private companies*, one of them American, no less, at a time when the US is governed by a madman, that gets away with secret military tribunals and illegal warmongering..
I consider handing the management of core infrastructure to foreign private companies without any local expertise to be a terrible mistake.
Be very clear however. The US government has only so much power over private corporations. There isn't a government respresentative sitting on the boards of every major private company making sure they comply with our presidents will. These are independent entities that have their own agenda (to make money) and only deal with the government when they have to or they think they can get something out of it.
Some of the excuses, when I asked about this were that the.be gov already uses much outsourced security for its own communications!
The US 'outsources' all of its communications to private companies. Telecommunications companies, because they are core services, are under a federal regulatory body (the FCC) to make sure they continue to do everything the US needs. This works just fine.
-- The world is neither black nor white nor good nor evil, only many shades of CowboyNeal.
I say this is unacceptable and an enormous security blunder. Verisign, a US company, could issue some revocations, and thereby completely stop the flow of information inside the.be gov!
Yes and then the space aliens which control the U.S. Government will swoop down and abduct all of the waffles from Belgium, truly "striking while the irons are hot"...:)
Lucky Belgians. M$ seem to be hell-bent on bribing their way into the UK Government's infrastructure.
Five years hence, watch me try to use my ID card to see an emergency doctor, only to be told that the system has been hacked through a security hole that M$ couldn't be bothered to patch, and I will need to come back tomorrow.
Sure, in terms of external security it's a relief to hear it's Sun, not MS getting the contract. But in terms of internal security, if basic PKI standards are not respected, it doesn't matter which of both evils was chosen.
The keypairs on the card will be pre-generated when the citizen receives the card. IMHO a private key that has been in someone else's hands/machine is totally useless. This of course allows for involutary escrow..
The Belgian Federal Gov representative (Peter Strickx, ex-Sun, by total coincidence) plainly declared they do not want to have the necessary expertise in-house, but wants to outsource the whole thing (to Sun and ZETES, it now seems)
I completely agree with you that the above points raise valid doubts about the legality of the whole scheme; commercial entities should, of course, cooperate with governments in procuring the nessecary technology, but from that point on, said technology should be open to public scrutiny: this means opensourcing all software used in the process, and allowing citizens to generate their own keypairs, by visiting their local police station (you need to do that anyway, to have a paper ID card issued). Also, under no circumstances should corporate affiliates be allowed to run such government operations on a daily basis. If the Belgian (or any other) government cannot procure it's own technical expertise to handle system operation and maintenance, they should drop the scheme altogether. If both of these requirements are met, I would have no problem supporting electronic identity cards.
-- "We don't stop playing games because we grow old; we grow old because we stop playing games.."
Re:Just say NO to ID cards
by
WegianWarrior
·
· Score: 1
Well, as the parent (grandparent) is clearly clueless on several issues, why not add geografy to the mix?
Anywho...
A national ID cardf isn't 'evil' per see, allthought it could be used to track people with. But even today most counties around the globe expects you to be able to identify yourself when there is a need - so all this do is to a) standarice the card used (instead of relying on drivers licence, studentcard, military ID, bank card and so on), and b) provide a easy way to carry about information that could be accessed as appropriate. I havn't RTFA, but I imagine you could put your medical record on there (which would mean that if you're allergic to certain drugs the hospital will know if you come in in a coma), you could put (encrypted) information about your biometrics in there (so the police can see if the card is genuine) just to mention a couple of ideas.
I don't think it would be a problem to roll these babies out in europe... but then we arn't as paranoind as the avrage american slashdotter seems to be (no offence, just a casual observation).
--
Everything in the world is controlled by a small, evil group to which, unfortunately, no one you know belongs.
Easily defeated?
by
Pettifogger
·
· Score: 2, Insightful
Yeah, but just how durable is this chip? I personally took offense at the magnetic strip on my driver's license, and it just so happened that my ID had an unfortunate "accidental" experience with a large, powerful electromagnet.
If I get one of these new java IDs forced on me, it might just be "accidentally" directly exposed to 1500 watts of RF. Maybe "accidentally" take a spin on the turntable in the microwave, too.
So what's the point of making this stuff if the people who don't like it can easily defeat it?
--
IAAL
how hard can it be to break?
by
SHEENmaster
·
· Score: 1
Assuming they use a 64bit key, so that Sun could legally export it from America, that's only 2^64 possible combinations, roughly 1.845E19. While that may be more than enough for the billions inhabiting the Earth; it's also rather easy to break if you have a few computers and prime number lookup table on DVD given enough time.
I'm not saying that it's absolutely useless; time and computing power are still issues. How long would it take to break this if you "borrowed" your universities labs for processing it? How long if you got such a distributed computing project on slashdot?
-- You can't judge a book by the way it wears its hair.
Re:how hard can it be to break?
by
Skuto
·
· Score: 1
>Assuming they use a 64bit key, so that Sun could >legally export it from America
Why would they need to export encryption from the US? AES was invented in Belgium.
-- GCP
Obligatory Hitchhikers' reference
by
NewbieProgrammerMan
·
· Score: 2, Funny
Maybe the existence of a Java-based national ID card is the unspeakable concept mentioned in the Guide.
-- [b.belong('us') for b in bases if b.owner() == 'you']
Who do you want to be today?
by
billstewart
·
· Score: 2, Insightful
Sigh. The current SSN system is bad enough, but at least as Americans we didn't used to need no stinkin' badges. Until we get rid of a using a single national identifier number for everything, identity theft will be an increasing problem, and consumer tracking and electronically-assisted stalking and corrupt clerks selling license cards and control of individuals by taking away their IDs or licenses will just keep increasing.
Unfortunately, the concept of giving people a stack of uncorrelatable tax ID numbers that they can give to different people who need them is complex-sounding enough that if it's ever implemented, it'll probably be done on a smart card of some sort (or a dumb memory card rather than a processor-equipped card.)
--
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Why do I need a Java card?
by
AndroidCat
·
· Score: 3, Funny
I mean, I've already got one of those Starbucks cards with $15 still on it!
-- One line blog. I hear that they're called Twitters now.
Why is national id cards / numbers bad ?
by
Simon+Lyngshede
·
· Score: 5, Insightful
Being Danish I was given a social security number when I was born, works just like a national id. My social security card work pretty much like an national id card, you sometimes need some sort of picture id in combination with the social security card.
The only thing I hate is that it doesn't include more "features". I what to use it as a credit card, drives license, access card to the university and so on. Having an all purpose id card would make my life a lot easier. Why is national id cards a bad idea? Are people afraid that the government will track them. Who really gives a fuck if it allows the government to track you with it? They could do that anyway if they really cared enough. I simply don't get it.
Please tell me why national ids are bad. Who are you people afraid of ? Im tired of hearing that national ids are bad, without being given a good reason. So fare I just heared "National id, bad" and it's every time Slashdot brings it up. Only once have I hear of misuse in Denmark and that was due of lack of security at the post office, not really something you can blame the system for.
Re:Why is national id cards / numbers bad ?
by
itchyfidget
·
· Score: 1
You might not see it as a problem, because you are a native and (let's assume:-) law-abiding Danish citizen.
In the UK we have a lot of immigrants; currently those who seek asylum here are treated extremely poorly by the system - they are sent to what are effectively detention centres, where they are kept, often in total ignorance of their rights, for weeks/months while their claims are processed/ignored. A recent government report into these processing centres identified several major outstanding issues affecting the welfare of asylum-seekers in these centres.
Those asylum-seekers who are not sent to such centres are placed within the community, where they are often subjected to verbal or physical abuse (and in at least one instance, an attack which led to the asylum-seeker's death). Apparently we are not, as a nation, very tolerant when it comes to other races/cultures, even when they come seeking our help. We do not have a good record in integrating with non-asylum-seeking non-British nationals either.
I have heard that there is not much racial integration in Denmark (this may or may not be true; please feel free to correct me). Either way, are asylum-seekers and other non-nationals likely to be treated much differently than in the UK? I doubt it.
So let me clarify what I think the problems of an ID card system are likely to be:
1. Minority groups, whether they are nationals or not, will be more likely to be asked for their ID (this is just harrassment; the increased likelihood that police will "stop-and-search" non-whites is already documented in the UK.)
2. Asylum seekers and other non-nationals will be disadvantaged and stigmatised when they cannot present their ID (we have seen a reflection of this already in the use of vouchers for asylum-seekers to obtain food and clothing; they were very badly treated in general, but one specific example is them not being given change by shopkeepers when they presented vouchers worth so many pounds.)
3. A thriving black market in stolen IDs, for all new arrivals to the country or people who want to commit crimes not in their own name.
Are you seriously telling me none of this goes on in Denmark?
-- Mod early, mod often.
Re:Why is national id cards / numbers bad ?
by
Wateshay
·
· Score: 2, Interesting
Well, I can't speak for anyone else around here, but I think they're bad for two reasons. The first is practical. I just don't think that a national ID card (java or no java) can be made secure enough yet to justify the amount of trust that those who don't understand security will invariably put in it. If you have a number of different cards, then you aren't "putting all of your eggs in one basket."
The second reason is philisophical. Although it may make life easier, or even safer, I don't feel that the government has a right to know where I am at any given time. Over here in the U.S., we have social security numbers, too. We even have social security cards. They're not ID, though. In fact, technically, no one except the Internal Revenue Service and your employer are allowed to ask for the number (they do, but that's a different discussion entirely).
The defacto ID over here is the driver's license, which is issued by the state. These have become the ID of choice for use in identification under most circumstances, because most people have one and they contain your picture. The difference between a driver's license and a national ID, though (other than the fact that the DI is issued by the states and the NID would be issued by the Federal Govt.) is that no one is required to carry a driver's license unless they're actually driving. A police officer can't come up to me on the street and ask me for my ID because I'm acting suspiciously. Even if he arrests me for something, he can't require me to show him ID. He may be able to find it out anyway if he searches me and finds ID, or if I have a criminal record and he matches my fingerprints, but the point is that the burden of identity is on the government, not me.
You may not agree with me, and may think it's silly since 95% of the time they can find out who I am anyway, and would not have much trouble finding me if they cared to look, but it is an important issue to me. It's not about being afraid of the government tracking me. For the most part I'm not afraid of the government (although I would like to ensure that the govt's powers are limited in case at some point in the future I do need to fear them). However, for me it's about freedom, and being required to present ID to the govt limits my freedom. So, I do "give a fuck" if there is a national ID card, and I hope this clears up a little bit for you why I feel that way, to a degree more than just "National id, bad".
--
"If English was good enough for Jesus, it's good enough for everyone else."
Re:Why is national id cards / numbers bad ?
by
Simon+Lyngshede
·
· Score: 2, Informative
First of all, racial integration is just as much a problem in Denmark as anywhere else.
Regarding your 3 points. 1. No one can ask for you id based on race and really it wouldn't tell them anything. Currently is just tells people that you're entitled to free medical care and stuff like that. You can not be arrested for not having one. 2. Non-nationals has no need for a national id for another country, why would they? Same goes for asylum seekers, they however will get one if granted asylum. 3. Danish ids are useless for anyone but the owner. They in themself doesn't identify you. They simply contain your name, part of you adresse and you social security number (I check with a card reader). No one can use my id card to gain access to my bank account, only to get information which is publicly available anyway. Just a handy way of locating me in a database. Databases containing personal information is stricly regulated by the way. Cross reference is VERY illegal, even for government institutions.
Personally Im more worried about losing the keys to my apartment than my social security card.
Re:Why is national id cards / numbers bad ?
by
spRed
·
· Score: 1
People in the US have a basic mistrust of the government that goes way back. This is reinforced by the general ineptitude of beurocracies that every country sees. Add to that the fact that the US is a federation of states and National anything always sounds like a bad idea and a power grab. Hell, we didn't really have a peace time army until after WII.
The pracitcal complaint about national ID cards is that they add very little to security or convenience but have a potential to be abused. It doesn't matter that there is a tiny chance that they will be abused. It does matter that if abused it could lead to great harm. National ID == risk and no reward.
In case the above reasons weren't enough to explain the knee-jerk screams about National IDs there is also the small matter that the Bible says the anti-Christ will force everyone to wear a mark of his choosing to do their day to day business. No need to prove to the world that we really are "The Great Satan" *wink*.
-- .sig Karma out the wazoo, better to spend points elsewhere if this is above 2 or below 0
Re:Why is national id cards / numbers bad ?
by
quax
·
· Score: 1
In Germany we do have national ID cards as well, but I usually don't carry mine on me. I have never been asked by police to present it (traffic cops ask for the driver licence).
It happened to me once that I drove and had neither ID nor driver's licence on me. The cop just wrote down my license plate and asked me to turn up at a police station within the next 14 days to present my driver's licence.
So you may ask what is the national ID good for? It gives me a single token to prove my ID. For instance when opening up a bank account or when going to the polls.
I think of the ID as a service that the government provides. After all impartially serving the citizens is the sole raison d'etre of a government in the first place.
Re:Why is national id cards / numbers bad ?
by
shivianzealot
·
· Score: 1
Why is national id cards a bad idea? Are people afraid that the government will track them. Who really gives a fuck if it allows the government to track you with it? They could do that anyway if they really cared enough. I simply don't get it.
I deal with this kind of apatahy every day in the states. Let's dissect this:
Who really gives a fuck if it allows the government to track you with it?
I do. Are you willing to make the blanket statement all actions in which your ID card would be entangled can be and should be freely monitored by your country's officials? Its just a facet in the larger issue of privacy, which, depressingly, most people don't seem to understand. We justify revoking pieces of privacy to do away with crime, Bad Things(TM), -or for us USians- "terrorism." Accepting this requires us to accept the that whatever our government says is a Bad Thing really is Bad as an axiomatic truth. To say so is a gross fallacy. I come from a country which prides itself in its citizen's ability to speak their minds, yet can be fined or imprisoned for saying certian words on a public broadcast medium, as just one example.
To do away with privacy, law needs to be perfect, and people content to have the doors on public restroom stalls ripped from their hinges. The former will never happen, and national IDs are a dangerous step in that direction.
Re:Why is national id cards / numbers bad ?
by
vrt3
·
· Score: 1
The second reason is philisophical. Although it may make life easier, or even safer, I don't feel that the government has a right to know where I am at any given time.
I have an ID card (though not digital yet), and it doesn't enable the government to know where I am at any given time. They know where I live, but that's about it. I might be on sunny beach in Spain or in the forrests of Sweden and they wouldn't know.
-- This sig under construction. Please check back later.
Re:Why is national id cards / numbers bad ?
by
Anonymous Coward
·
· Score: 2, Insightful
I believe the argument goes:
We only really want to track whitches. Oh, now we only want to track Jews, Jehova's Whitnesses, gays, and political dissidents. Oh, strike that, now we only want to track communists. Strike that, now we only want to track Arabs, I mean big bad terrorists. Now put your vauables in that pile, your clother over there and go take your shower with all of the other accused unlawful combatants and enemy supporters in protective custody.
Fear of revolution keeps governments inline. What got IBM so in trouble for aiding in the Holocaust? Providing administrative tabulation machines that helped keep records on the Jews, J.W.'s. gays, etc. and made rounding up and keeping them more efficient. The first thing rising dictatoships/McCarthyist do is better control weapons and keep better tabs on people. I don't want a revolution-proof government. I don't want a revolution, but I think the government should fear its people and prevent revolution by keeping them happy rather than bullying the people.
Martin Luther King was imprisoned. Attack dogs and fire hoses were turned on peaceful civil rights demonstrations. We don't really want a society without "crime", we want a society without injustice. Sometimes some crimes bring back the justice. Martin Luther King was a righteous criminal.
Stamping out crime means stamping out dissent. Don't fool yourself. Learn from history. Anonymity threatens the law much more than it threatens justice. I can murder someone just as easily if Seven-Eleven needs to phone my fingerprint and super-secure government ID number in to the poliez in order to sell me a loaf of bread. I want an injustice-free society, not a crime-free society.
I think argument number 1 is a little paranoid, but it has some truth to it. I think argument number 2 is much better.
Argument number 2 is that people are stupid. People know current IDs can be faked. The new "fake proof" IDs will be fakable with more effort, but nobody will believe you when you say you've been the victim of identity theft. National IDs help people become sheeple.
Re:Why is national id cards / numbers bad ?
by
bmetzler
·
· Score: 1
Are you willing to make the blanket statement all actions in which your ID card would be entangled can be and should be freely monitored by your country's officials?
In the US, we elect our officials. I *want* to be monitored by officials that are working to protect us. Monitoring is good, if someone does something bad, I want the government to do something about it. I, for one, don't do bad things and have nothing to hide. I'm sure that millions of other Americans feel the same way.
The bad thing comes when Americans *choose* to elect corrupt officials who hate moral people and want to hurt them. But corrupt officials don't need an ID Card to hurt moral people, there are many ways.
If the choice is to be hurt by corrupt officials with or without ID Cards, or let the goverment use ID cards to protect me, I'm choosing ID Cards. And I'm going to do my part to make sure that good officials continue to be elected. That is why I will be voting for Bush again next year.
-Brent
Re:Why is national id cards / numbers bad ?
by
Anonymous Coward
·
· Score: 1, Insightful
You are very fortunate that you have never been harrassed by the police.
It would be quite a reasonable guess that you have white skin and well off (typical profile of the average slashdotter), but you might not be.
And this is the main problem with systematic surveillance by the government; it is much too easy to misinterpret the information that is gathered to make false conclusions about you.
National ID cards makes it possible to cross-reference data from many sources and store it forever, and the information that is gathered may be incomplete, or worse, incorrect. Who will watch the system to ensure abuses won't occur?
Do you play violent video games? Do you like watching porn? drink lots of beer?
Worse still, do you know for certain that you do not have any genetically inhereted diseases?
How would you like it if your employer or your health insurance company knew that you have a family history (and therefore through genetics you have a greater chance) of alcoholism or mental illness, even though you don't have any of those diseases?
You might trust your government's word that they'll won't abuse the power that has been granted, but can you trust your government and their actions in 50 years time? Governments always try to overstep the powers that they've been given.
Even if you have "nothing to hide", imagine this scenerio in a police state with cameras everywhere:
Someone stops you on the street and asks for directions. You tell him what he wants to know, and maybe chat for a moment. Then he goes on his way.
What you don't know is that on the police screen, biometrics has identified him - rightly or wrongly - as a suspected terrorist. And, of course, your name and address are available too. The watchers have no way of knowing what was said, just that you met and talked.
So does this mean you should run like hell if anyone you don't know wants to talk to you incase he/she is a criminal? Should you think twice before you buy that book or video game incase future employers misinterpret your personality? Should you watch what you say on the phone incase its tapped by the police?
I think this quote from a speech made by the Canada's Privacy Commission sums it up quite nicely:
If you have to go through life knowing that everywhere you go, everyone you meet, everything you do, may be observed, scrutinized, cross-referenced, judged, maybe misinterpreted and used against you by persons unknown, by authorities of the state - if you have to go through life like that, you are not truly free.
Re:Why is national id cards / numbers bad ?
by
shivianzealot
·
· Score: 1
In the US, we elect our officials. I *want* to be monitored by officials that are working to protect us. Monitoring is good, if someone does something bad, I want the government to do something about it. I, for one, don't do bad things and have nothing to hide. I'm sure that millions of other Americans feel the same way.
No, you probably _DO_ have quite a bit to hide, and this idea of "I have nothing to hide" is a huge bulk of my discontent. Ever downloaded an illicit MP3? Maybe you plan on running a home network in a state introducing legislation for ISPs PO'd about the bandwidth you've been contractually allotted. Perhaps you've used the odd seriel number for a legally purchased application in the place of a lost one? Or if you're the Free as in Speech(TM) type, you've watched a DvD on linux (you terrorist, you!). My main point was if we take these anti-privacy measures, legislation and existing law needs to become a whole lot less stupid, and I don't think George W. Bush is the man to pull it off. What sort of legislation and existing law do you think he thinks is stupid?
No, it really isn't our fault for "choosing to elect corrupt officials." Until our election process allows us to vote for candidates who's platforms we like without courting the chances of a candidate we really DON'T like of succeeding, it is the fault of our system. Understand this is not advocacy for green/constitutional/libertarian parties, rather I vastly prefer a two party system over the alternative of a coalition government. Perhaps the significance that little "(D)" or "(R)" plays in front of a public "servant's" name were much smaller, and "primary" elections done away with... well, that's another rant. Regardless, until then, corruption and rule over topics the governing body is apathetic toward is entirely self sufficiant. Only in extraordinary situations do individuals play any significant broad role for change, making the election of a "good" official difficult, but we should still try.
--
...and I apologize profusely, but I can't resist! Was it not George Bush who's general attitude was there was not enough "time" for McCain's election reforms as a result of terrorism?
--
But corrupt officials don't need an ID Card to hurt moral people, there are many ways.
Most law is subject to selective enforcement. How often do you drive five miles over the speed limit? Taking these steps against privacy makes dissent more difficult as we arm those in power with more tools to potentially subvert those who oppose them. No, its not necessary that they have ID Cards to hurt us, but it becomes immeasurably easy when you have the mask of bad legislation to harm us under.
I'm not asking for our police officers to throw their badges off and us to submit to anarchy, but rather that we understand we have an a fourth ammandment for a damn good reason.
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
National IDs don't make me feel particularly secure in my person, just more vulnerable to a more dangerous kind of terrorism
Re:Why is national id cards / numbers bad ?
by
quax
·
· Score: 1
Thanks for such a long elaborate posting. I did enjoy reading it, although I feel I may have misled you a little bit by my choice of words. When I wrote "raison d'etre" I didn't literally mean that this is how governments came into being rather than how I think a good government should think of itself (as well as how citizens should approach their government in a democratic society: As being the ultimate sovereign blessed with birth-rights that the government has to live up to).
Regarding your questions:
1) I split this up in two chunks, because there is the form that a government takes and then there is the regular election process. The latter of course happens quite regularly, but the former is fundamentally more important.
a) Our current form of government in Germany was determined by an assembly that tried very hard to make sure that the 2nd republic wouldn't fail as miserably as the 1st one. Since then there were some slight adjustments, regarding the size of the parliament for instance, and clarifications regarding the balance of power between German states and the federal government. But there has been one overarching most important process: More and more power has been going to the EU and its institutions (the EU commission and parliament). This process has been progressing steadily over many years, so than many people still do not realize how much power has been stripped from the federal government and now lies with the EU.
b) Our last elected German government came to pass as the typical mix of different stances of competing parties were evaluated by the people who bothered to vote. The last German election was especially interesting, because it was clear that it'll be a tight race. Every vote counts the same (no such thing as an electorate college) and goes to the party of choice. It was quite clear that we were to get a coalition government (e.g. two parties have to combine to get a majority in the parliament). I traditionally vote for one of the smaller outfits, the party with the kind of political agenda closest to mine, so that they can serve as strong corrective elements in the government. For the last election our chancellor Schroeder played the Iraq war trump card quite skillfully (the war was and still is hugely unpopular in my country). That probably gave him the critical percentages that the governing coalition needed.
2) This also falls into two categories: Administrative and political government.
a) When talking about serving the people in the context of an ID card, this refers to the former. Functions that should be monopolized (i.e. several competing ID card vendors pretty much defeat the purpose of an ID card), as well as tightly monitored and democratically legitimized naturally fall into the domain of governmental administration. (If you can not trust the governmental administration to follow strict privacy laws you are already in deep trouble and may want to look for a place to emigrate to).
Contrary to popular believe I think governmental agencies can be run efficiently if proper incentive and monitoring systems are used as well as private companies employed whenever possible after having gone through a competitive bidding process. A demanding citizen should not content with anything less than such an efficient administration - after all we pay for it.
b) The executive part of government is the truly political one and follows a political agenda. When voting you decide what agenda you want to see followed through. I.e. if you are against nuclear energy and pro energy saving you vote for the Green Party, if you are pro trade union and pro-welfare you vote for the Socialists etc. Usually your political profile will not coincide 100% with any party, so you try to optimize. Then there are swing voters like me who also factor in tactical considerations. And then there are those who hear Mr. Schroeder warn that there will be a war and promise that he will do all he can to prevent this war, and make their vote accordin
Re:Why is national id cards / numbers bad ?
by
MourningBlade
·
· Score: 1
Thanks for the reply.
In electoral demographics, your electorate looks much the same as the US - large blocs, with a swing component. I wonder how much of this is due to the 1-choice election system that we share.
Like you, I am a swing voter. Unfortunately, I am so because anarcho-libertarianism is rarely on the ballot.;-)
A quick series of comments, I'd, again, appreciate a response.
[C]itizens should approach their government[...]As being the ultimate sovereign blessed with birth-rights that the government has to live up to
I think that this clashes with your view that government exists to serve the people. Allow me to explain:
If I serve another person, it is at that person's option (as well as mine, of course). Let us say that I am a janitor for a school. Part of my duty is to clean the wastebaskets of all the professors. I do not think it unreasonable that one of those professors would request that I not clean his wastebasket, as he has a bad habit of throwing away important things, and therefore he will clean it out at the end of the week himself. Quite reasonable. I would then not serve him (in that faculty, at least).
Most servant-served relationships are this way, except in the case of the doctor and the patient in which there is an exception: the doctor may have to serve the patient without the patient's consent if the patient is unable to give his consent and it is necessary to save the patient's life.
If you do not believe that the government makes people better, then I think we would be inclined to agree that the "serve" definition is closer to one of a janitor providing a service for the served.
But this is not the case at all with either of our governments, unfortunately. I cannot be sure about your country, but I do know that in the US that you cannot be a bank and not follow US banking regulations. They will put you in jail.
The argument could in turn be made that society has asked for these regulations to protect them from harm, and that the government merely provides this service. Yet this does not follow, as society could equally be served by non-compulsory methods (bank certification instead of compulsory licensing).
Also, this tendancy towards compulsory inclusion/exclusion indicates that society believes government does make people better. Perhaps a better statement would be "makes the people better." Takes care of them as a doctor or a nurse would, and without their consent if they are unqualified to give it.
But I am believe, and I think you would as well, that I am quite qualified to give or not give my consent to be forced to do business with only approved banks. You and I would both reject the notion of only being able to do business with approved newspapers, so what is different about banks?
Furthermore, it doesn't stop there. Consider taxes: inherent to the notion of taxes is the idea that society has a right to your property (land tax) and the fruits of your labor (income tax, sales tax from the seller's perspective).
The argument for this is that government provides a service for you, therefore you should pay for it, but you are not given the opportunity to grant your consent to individual services, so how can you be said to be liable for the costs associated with them? It just goes around in circles.
Much of this that I have said above is anarcho-capitalistic propaganda, of course. But I hope I have at least hinted that the notion of government serving the people does not necessarily coincide with the concept of the individual as sovreign. The only arguments that seem to support the serving notion of government as it is currently implemented work if society is sovreign over the individual.
Or maybe I'm not looking at this right.
I'll keep the rest of my comments brief.
[S]everal competing ID card vendors pretty much defeat the purpose of an ID card
Re:Why is national id cards / numbers bad ?
by
quax
·
· Score: 1
I really should get back working on my project, so I'll try to keep this reply fairly short.
In electoral demographics, your electorate looks much the same as the US - large blocs, with a swing component. I wonder how much of this is due to the 1-choice election system that we share.
Actually I simplified a bit, there are after all two more smaller blocks the liberal/libertarian party (more libertarian than liberal but not 100%) and the Greens, both hover around 10% and one of them is always in the government. I think a party system like this gives the electorate more influence to determine the political agenda. When the Green for the first time got into the parliament in the 80s this was quite a shock for the established parties and all of a sudden they all started to pay lip service to ecological issues.
In a representative system like in the US or the UK you do not get this kind of dynamics. That is why there are actually many politicians in the UK advocating to adopt a proportional election system as well.
I very much sympathize with libertarian ideas. Personal freedom is what I value the most, but I recognize that society has to be allowed to establish borders for personal freedom and ecological issues provide a good example why. Let's pick a simple example, government regulations of toxic substances. I think there are many substance where a warning label is not good enough.
So yes, I think there are areas were the society through government as a proxy should enforce certain rules. Banking services are a gray area. It reminds me of a discussion I had with our gardener when I was a kid. My father is a physician and always argued that all health insurance should be organized like the private health insurances (if you earn above a certain threshold or are self-employed you are free to chose a free health insurance instead of a governmental program). The private health insurance does not process the billing rather you pay the doctor's bills and collect the money at the end of the year from your insurance. The governmental insurances on the other hand also takes care of the billing process i.e. the patient just receives the treatment and does not have to worry a bit about billing and paying. The logic behind this - that is what our gardener pointed out to me - is that the affluent and educated are smart enough to take care of this themselves, but he said he knew a lot of people who while being great garden laborers are simply to disorganized to be trusted to process such a billing and reclaiming process for themselves.
So our government indeed assumes the role you described: Takes care of them as a doctor or a nurse would, and without their consent if they are unqualified to give it.
From my point of view the key is to find the right balance i.e. when am I qualified enough to make my own decisions? As an academic I don't have much reason to complain, but this country is certainly much more of a regulatory hell for somebody who doesn't hold these kind of degrees, and our economy could benefit immensely if we thru a lot of those out.
But coming back to your banking example I must admit that I'd not be very comfortable if I had to ask every time I open an account if they are governmental certified. If I open a checking account I very much like the idea that my balance is governmental guaranteed no questions asked.
Taxes are of course a touchy issue: inherent to the notion of taxes is the idea that society has a right to your property (land tax) and the fruits of your labor (income tax, sales tax from the seller's perspective).
Property tax is actually unconstitutional in Germany, so we don't have that one. The other taxes are all "hidden" i.e. the sales tax is already included in the price tag, the income tax in deducted from you paycheck before the cash is electronically transferred to your checking account. If you are employed your are in tax filling heaven, because you do not have to file anything, if
Re:Why is national id cards / numbers bad ?
by
MourningBlade
·
· Score: 1
Quax, it's been a pleasure talking with you, and I hope to run into you again. Since you said:
You are absolutely right when pointing out that "If you cannot trust the government with data, and the task you have assigned your government requires such data, you are in deep trouble." is a much better sentence. Given the PATRIOT track record of the current US administration the libertarian solution of trying to cut back the governmental involvement as much as possible may be the only practical approach in your country. If your government is broken and the political processes are so arcane that there is not much hope that this can be mended any time soon, than the only sane choice will be to keep the government out of your life as much as possible.
and privacy was the point of the topic, I'll lay the topic to rest.
Why is the gut reaction "bad"?
by
claes
·
· Score: 4, Insightful
In Sweden, id cards needs to conform to certain standards, that are set by the same authority that standardizes many other things (www.sis.se). I do not know the details of this, but I think it is good that it is under control of a government authority. There is nothing mandatory with carrying them around, or even having them. We don't call them national id cards either, but they are accepted as id-cards everywhere. In Sweden that is... since they don't have the nationality of the owner on them, they are no good for travelling within Schengen yet.
It all comes down in what ways you trust your government of course. In this regard I trust it. For example, the nationality thing was hotly debated, since the reason we don't have nationality is that it would be discriminating for non-swedish citizens to have their nationality on them. Or so it was argued. But the government had to change for public opinion because of this, being part of Schengen is not really good if you still need passport when travelling...
Re:Why is the gut reaction "bad"?
by
schambon
·
· Score: 1
Couple of points to clarify.
1. Swedish id cards (identitetskort) are issued by third parties (banks, the Post Office) but must conform to a national standard.
2. They *do* have a "nationality" field, which is left blank for foreigners (so it is possible to discriminate against foreigners just by looking at their card).
3. They are not, as far as I know, considered by the EU as a sufficient proof of identity, but many people don't know that. I have used my Swedish id several times to travel throughout the Schengen zone by plane. (Obviously, you don't need any id whatsoever to cross Schengen borders by car, foot, or any other means).
I do it mostly for philosophical reasons, as I don't see why I should disclose my nationality in the Schengen zone; the fact that I am a legal resident in one Schengen country should be enough. (I'm not Swedish, hence my Swedish id's nationality field is blank).
4. For US readers: the Schengen zone is a subset of the European Union where border controls have been removed (so that driving from Belgium to Germany is no more difficult then driving from New York to New Jersey).
A country that can actually make photo-id's look decent!
Re:HOLY CRAP!!!
by
jawtheshark
·
· Score: 2, Informative
They are standardized all over the European Union. They all look the same. Well, I've seen my brothers one (which is not Belgian anymore, I still am), and it is *exactly* the same. Oh, minor differences like language and stuff like that, but it's essentially the same.
-- Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Seems I am indeed mistaken. However what should be noted is that the Schengen Treaty requires you to have a "European Identity Card" on you while travelling in the European Union. For some reason I just assumed they were standardized.
Good, they are not. However, I noticed a big similarity between those I saw: picture on the left, information on the right. That is perhaps not standardization, but it facilitates the work of people like policemen who can ask your ID card.
My honest opinion about the UK: they should never have joined the EU in the first place. They always make trouble.
-- Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
If more UK citizens were like you, I'd like to revoke my statement at once. Unfortunatly, most UK citizens don't think so positively about Europe as you do.
-- Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Not all the EU countries have signed/agreed to the Schengen treaty. In other words, you can't travel in every country of the EU without a border check. The UK (not suprisingly) is one of those countries - there are several others.
I was not aware that the common ID card was part of that treaty as well, but here is your explanation for why the UK may not have that ID.
Yeah, I'm aware of that. Yet, I still think I am mistaken about the ID card. It probably is not standardized and I probably just assumed because the ones I saw look so similar.
So the ID card is not common or standardized, yet you still need one to travel around the schengen zone. As said before, I'd wish we kick the UK out of the EU anyway. Denmark and Sweden are next on my list of undesirable countries in the EU... guess why?
-- Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Abuse of identity systems is what leads to many of the problems, and tracking people and their activities leads to many more of them. Even 20-30 years ago, US driver's licenses weren't primarily used as identity documents, except for tracking bad driving, though they were also used as age verification credentials for getting into bars. But that was when adults didn't need permission to work, and states were using DLs to track drivers rather than withholding them to harass Spanish speakers.
During the mid-80s, the kinds of people who wanted national databases and ID systems required states to tie driver's licenses and social security numbers together; there was no clearly Constitutional way to do so, but they used the usual bribe of "we'll cut off Federal highway funding to any state that doesn't cooperate." There were some actual problems this helped with, such as truck drivers with licenses from multiple states who could use their State X license if they'd had their State Y license pulled for bad driving.
--
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Heh - that's like saying "it's no more obtuse or fiddly than assembly language". I've fiddled with Java, and its horrible, and Java apps generally have clunky, horrible UIs.
Off topic I know, but the weirdest thing happened to me. One morning I woke up with my wife and the first thing I thought of was Audrey saying 'The rain in Spain falls mainly on the plain'.... Went into the living room and turned on the TV and saw that Audrey Hepburn died.
Yup, I stand corrected. According to her biography she was born in Brussels to a Dutch mother and a English father. That's the bit in my memory that got me mistaken. There wasn't a whole lot Belgian to her anyway.
-- --
Spelling and grammar errors tend to be a sign of erroneous thinking.
Re:Can it be updated with GJC?
by
quax
·
· Score: 1
There is something very wrong in the overall picture if you can not trust your own government to not abuse a national ID card.
Can't blame you though, I wouldn't trust it either. Pretty sad state of affairs.
...to expire ID cards is so they have to be physically replaced every so often. I don't know about other states, but California's ID cards change every few years. The latest ones have a smaller version of the photo on another part of the card.
As IDs get older, they become easier to forge. So if you force everyone to replace their IDs every 10 years, you make it harder to forge them overall.
Of course, I doubt anyone would notice that they were presented with an "old style" ID card with a future expiration date. That's asking way too much of cashier's.
-- Freedom to fear. Freedom from thought. Freedom to kill.
I guess the War on Terror really is about freedom!
Some americans should be reminded of this famous belgian . Many people think it's an american invention...
-- Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Windows for Smart Card used VB
by
John+Harrison
·
· Score: 1
They killed the product about 2 years ago. It was a mess in many ways. I am probably one of the few people on earth that actually programmed anything in it. I found it painful. I prefer JavaCard and currently use the JCOP card.
Crossreferencing no id card numbers
by
hoegh
·
· Score: 1
Databases containing personal information is stricly regulated by the way. Cross reference is VERY illegal, even for government institutions.
Make that "even more so for governmental institutions". Some years ago I worked at a Danish business school where we had employment data for approx. 10% of the danish workforce (where you had been employed and for how long - it was based on social security data (primarily "ATP-indberetninger")). Data where anonymized both regarding workers and workplaces (and some other dimensions I don't remenber today) but even so available to only a very limited group of scientists.
Even so we weren't allowed to keep the data for very long. The authorities was afraid that we might be able to track information about individuals and therefore afterwards we weren't allowed to have access to anything but aggregated data.
Having access to data that were immidiately crossreferencable was a goldmine. Take for instance the publication "Danish economy May 1988, The Labour Market" from the Danish Economic Counsil: For the first time economist where able to get behind the truth of unemployment rates. They could see that 75% of the workforce (the "A-team") where fulltime employed and 25% of the workforce (the "B-team") walked in and out for employment. If the unemploymentrate was 10% it only ment that the B-team where unemployed for shorter or longer periods on average 40% of their time.
What is my point? Well, there are actually two: 1) Danish laws regarding privacy are being rigorously upheld by the relevant authorities and 2) universially crossreferencable data is a goldmine for researchers (here are a list of publications from the Danish National Center for Register based Research) and used wisely benificial for everyone.
Re:Can it be updated with GJC?
by
robslimo
·
· Score: 1
For the most part, I was not referring to trusting the government, but to trusting 'smart card' technology too deeply. If a 'smart card' ID is assumed to be secure, those whose security has been compromised may be assumed to still be secure... making the compromise potentially more damaging.
Regarding trusting the government... The USA was founded by a bunch of 'nuts' who carefully crafted its constitution to prevent that very same government from becoming the same sort of tyranny(s) that they fled before. And for that, I thank them
Re:Can it be updated with GJC?
by
quax
·
· Score: 1
The USA was founded by a bunch of 'nuts' who carefully crafted its constitution to prevent that very same government from becoming the same sort of tyranny(s) that they fled before. And for that, I thank them
There is no doubt that these "nuts" deserve the greatest praise, having shown the world that a more free, secularly organized society can function on the greatest scale. Yet, I can not help but feel that the process how a president gets elected could need some adjustment. I think it doesn't make all that much sense anymore, that the importance of your weight entirely depends on where you live. It is like the USA were the first to implement a working system for a democratic society, lets say v1.0. Most other civilized countries are now running version 5.x with lots of cool new features but the USA never bothered to update.
Slashdot Mirror
"national ID card" : bad
Java : good
I hope the U.S. and A. uses C# for our National ID cards!
Well its about time humanity cracked down on indentification
I always thought the term smart card was a bit..Oh I don't know, unfounded? It has a digital signature, great, what happens when it's stolen? And used against the owner? I'd like to see a card that had an image of your retina so they could tell if it was you, the eye has so many patterns, its almost impossible to fake. Cosmetics can already make someone look like someone else, but they havent figured out to replicate the eye yet...
The new mark of the beast?
Why not fork?
Lets hope that a kid with a glitcher cannot reprogram these cards and steal identites like stealing satellite tv from Direct TV.
~~Some people never go crazy what truly horrible lives they must lead.~~ Charles Bukowski
Does a smartcard actually run a Java VM? I've always been under the impression that smartcards contain only data, and that applications run on the machines you plug your card into. Java-based smartcards sound like marketing speak to me really.
Learn from the mistakes of others. There isn't enough time to make them all yourself.
Comment removed based on user account deletion
Thank you. Please come back soon.
I'm very conflicted over the concept of a national ID system. One the one hand it could overcome many of the inadequacies of our state based identity system, like the ease of creating a viable fake. But combine a national ID system with a national database and I can just hear the Big Brother proponents rubbing their hands together in glee, as well as looking for an opportunity to persecute every illegal alien in the country. If the United States gives in to a national ID in the name of replacing an outdated system, must we at the same time provide the government with yet another tool to restrict our privacy?
Go calculate something!
It won't be long and we'll be saying "why in hell did we create an identity card?! Each person is their own identity. Cards can be stolen, altered. People cannot (undetectably).
I guess I don't get it.
That being said, the Java card isn't running a Java VM. I thought it was technology acquired and put under the same Java brand, but it isn't exactly Java though.
I use my Slashdot ID for all my identity needs.
Hmm.. maybe I shouldn't have said that.
For you information:
belgium allready has non-digital ID cards, which are obligatory to every citizen. You are even obligated to carry them around at any time and CAN be asked to show them to police if they have "reason" to suspect you of something.
You could have a look at mine, for example...
http://studwww.rug.ac.be/~bdejong/id.jpg
... BlackBoard IDs on these things!
-- Dossy
(Still waiting on the saliva analyzing biometric device. Nothing like spitting to authenticate yourself.)
Dossy's Blog
The most beautiful woman in the world, audrey hepburn, was born in Belgium, iirc.
"Orthodoxy means not thinking--not needing to think. Orthodoxy is unconsciousness." --Eric Blair
If we look at your passport picture, I suppose it's for your own sake that those things are hidden on a Java card.
Greets from Belgium.
>All bad things emit from Belgium. Like International Court, and other evil things.
The International Court of Justice is based in The Hague, Netherlands.
Sounds like he's (she's?) been listening to a snake oil salesman at Sun. Last time I checked, nothing was completely secure, least of all smart cards...
I am actually confused by the article. An "ID card" pretty much just carries data...not a full programming environment. Sounds more like business name branding.
The important part of an id card is the interface and how you access and change the information. Such an interface is first and foremost a hardware interface. Trying to say that the card belongs to computer language x doesn't make any sense.
As for functionality, would you as a business really want to record important information on a card that is easily lost, physically compromisable, and carried by a person? What businesses want is simply a verifiable id for customers. The simpler the id the better.
What's all this noise about antiquities? Try pumping an antiquity in your Surburban and see where it gets you.
There only real negative to a digital card is that companies can start asking for them and easily start filling their databases with your information.
Manually copying down information from the front of the card is far too time consuming and obvious. Plus, you can only fit so much information on it.
There are of course technical ways to design digital ID systems and laws you can put in place to prevent this from happening on any kind of scale, but I fear these cards were not designed with privacy in mind.
The world is neither black nor white nor good nor evil, only many shades of CowboyNeal.
You mean like the potential for abusing driver's licenses, SSN cards, health-care cards, birth certificates? There are already plenty of national or state/provincal cards out there. Abuse happens, but obviously they're good for something or they wouldn't be here.
Wrong, that was that little country north of Belgium, AKA the Netherlands.
-- Spelling and grammar errors tend to be a sign of erroneous thinking.
Great News! Now instead of just having my wallet stolen, I can have someone scoop my eyes out and chop off my fingers too!
Yay! The wonders of technology!
We live in a society that all anonymity has been removed.
Having to produce ID on demand with no cause of provocation other then you are breathing is just one example of this.
This free-fall needs to be stopped..
---- Booth was a patriot ----
Say... by my reckoning and based on your sig, you oughta be posting AC. Freakin' troll.
- - - - - - on a more serious note - - - - -
Having Read The Fine Article and a few earlier posts, I'd have to say:
(a) National ID's are bad (good)
(b) Java is bad (good)
(c) how the bloody hell is anyone going to make 'smart cards' smart enough to prevent [ID] theft?
If, after all these years, Hughes (DirecTV) and others have not been able to prevent signal theft using 'smart card' technology, how safe should we feel entrusting our personal identification to this tech?
"Ohh!," say some, "this is safer yet than the old methods of identifying us to our government. This is much safer than an easily forged picture ID."
But this technology *is* assumed to be 'safer'. It is assumed to be (and marketed as) 'secure'. That also means that our govn'ts may assume that it is *true*. If a transaction, waypoint in your vacation journey, or an arrest is logged in your 'Nat'l ID' account, it will be assumed to be true... because it's safe and secure technology, right? They may be much less likely to doubt any misinformation in you recored, so think again about DTV and how secure their system is. Please think.
I was at an E-Gov day some months ago, where this was presented and discussed. (Vince Rijmen, of AES fame was there talking about how they solved the problems associated with e-voting). Some of the comments really scared me:
.be gov already uses much outsourced security for its own communications!
.be gov!
.be citizen's identity? It would seem to be so..
1) The keypairs on the card will be pre-generated when the citizen receives the card. IMHO a private key that has been in someone else's hands/machine is totally useless. This of course allows for involutary escrow..
2) The Belgian Federal Gov representative (Peter Strickx, ex-Sun, by total coincidence) plainly declared they do not want to have the necessary expertise in-house, but wants to outsource the whole thing (to Sun and ZETES, it now seems)
So this will put our identities (and the authentication/non-repudiation/existence of some very important personal documents) at the mercy of a couple of *private companies*, one of them American, no less, at a time when the US is governed by a madman, that gets away with secret military tribunals and illegal warmongering..
Some of the excuses, when I asked about this were that the
I say this is unacceptable and an enormous security blunder. Verisign, a US company, could issue some revocations, and thereby completely stop the flow of information inside the
Do I they want the US gov to be able to screw around with any
Please forgive me for using AC for once, one would get paranoid for a low less...
Well, as the parent (grandparent) is clearly clueless on several issues, why not add geografy to the mix?
Anywho...
A national ID cardf isn't 'evil' per see, allthought it could be used to track people with. But even today most counties around the globe expects you to be able to identify yourself when there is a need - so all this do is to a) standarice the card used (instead of relying on drivers licence, studentcard, military ID, bank card and so on), and b) provide a easy way to carry about information that could be accessed as appropriate. I havn't RTFA, but I imagine you could put your medical record on there (which would mean that if you're allergic to certain drugs the hospital will know if you come in in a coma), you could put (encrypted) information about your biometrics in there (so the police can see if the card is genuine) just to mention a couple of ideas.
I don't think it would be a problem to roll these babies out in europe... but then we arn't as paranoind as the avrage american slashdotter seems to be (no offence, just a casual observation).
Everything in the world is controlled by a small, evil group to which, unfortunately, no one you know belongs.
If I get one of these new java IDs forced on me, it might just be "accidentally" directly exposed to 1500 watts of RF. Maybe "accidentally" take a spin on the turntable in the microwave, too.
So what's the point of making this stuff if the people who don't like it can easily defeat it?
IAAL
Assuming they use a 64bit key, so that Sun could legally export it from America, that's only 2^64 possible combinations, roughly 1.845E19. While that may be more than enough for the billions inhabiting the Earth; it's also rather easy to break if you have a few computers and prime number lookup table on DVD given enough time.
I'm not saying that it's absolutely useless; time and computing power are still issues. How long would it take to break this if you "borrowed" your universities labs for processing it? How long if you got such a distributed computing project on slashdot?
You can't judge a book by the way it wears its hair.
Maybe the existence of a Java-based national ID card is the unspeakable concept mentioned in the Guide.
[b.belong('us') for b in bases if b.owner() == 'you']
Unfortunately, the concept of giving people a stack of uncorrelatable tax ID numbers that they can give to different people who need them is complex-sounding enough that if it's ever implemented, it'll probably be done on a smart card of some sort (or a dumb memory card rather than a processor-equipped card.)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I mean, I've already got one of those Starbucks cards with $15 still on it!
One line blog. I hear that they're called Twitters now.
Being Danish I was given a social security number when I was born, works just like a national id. My social security card work pretty much like an national id card, you sometimes need some sort of picture id in combination with the social security card.
The only thing I hate is that it doesn't include more "features". I what to use it as a credit card, drives license, access card to the university and so on. Having an all purpose id card would make my life a lot easier. Why is national id cards a bad idea? Are people afraid that the government will track them. Who really gives a fuck if it allows the government to track you with it? They could do that anyway if they really cared enough. I simply don't get it.
Please tell me why national ids are bad. Who are you people afraid of ? Im tired of hearing that national ids are bad, without being given a good reason. So fare I just heared "National id, bad" and it's every time Slashdot brings it up. Only once have I hear of misuse in Denmark and that was due of lack of security at the post office, not really something you can blame the system for.
In Sweden, id cards needs to conform to certain standards, that are set by the same authority that standardizes many other things (www.sis.se). I do not know the details of this, but I think it is good that it is under control of a government authority. There is nothing mandatory with carrying them around, or even having them. We don't call them national id cards either, but they are accepted as id-cards everywhere. In Sweden that is... since they don't have the nationality of the owner on them, they are no good for travelling within Schengen yet.
It all comes down in what ways you trust your government of course. In this regard I trust it. For example, the nationality thing was hotly debated, since the reason we don't have nationality is that it would be discriminating for non-swedish citizens to have their nationality on them. Or so it was argued. But the government had to change for public opinion because of this, being part of Schengen is not really good if you still need passport when travelling...
A country that can actually make photo-id's look decent!
Well it's not any worse than LISP or Haskell. I still haven't quite recovered from that Functional Programming course.
During the mid-80s, the kinds of people who wanted national databases and ID systems required states to tie driver's licenses and social security numbers together; there was no clearly Constitutional way to do so, but they used the usual bribe of "we'll cut off Federal highway funding to any state that doesn't cooperate." There were some actual problems this helped with, such as truck drivers with licenses from multiple states who could use their State X license if they'd had their State Y license pulled for bad driving.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Heh - that's like saying "it's no more obtuse or fiddly than assembly language".
I've fiddled with Java, and its horrible, and Java apps generally have clunky, horrible UIs.
According to IMDB Audrey was born in Belgium. And I agree with the other poster; yes she was very beautiful.
Off topic I know, but the weirdest thing happened to me. One morning I woke up with my wife and the first thing I thought of was Audrey saying 'The rain in Spain falls mainly on the plain'.... Went into the living room and turned on the TV and saw that Audrey Hepburn died.
--jeff++
ipv6 is my vpn
Yup, I stand corrected. According to her biography she was born in Brussels to a Dutch mother and a English father. That's the bit in my memory that got me mistaken. There wasn't a whole lot Belgian to her anyway.
-- Spelling and grammar errors tend to be a sign of erroneous thinking.
There is something very wrong in the overall picture if you can not trust your own government to not abuse a national ID card.
Can't blame you though, I wouldn't trust it either. Pretty sad state of affairs.
Java apps generally have clunky, horrible UIs.
So therefore all Java is bad, even embedded java?
If jaa is so bloated and chunky and slow, how come it's used on so many mobile phones these days?
Advanced users are users too!
As IDs get older, they become easier to forge. So if you force everyone to replace their IDs every 10 years, you make it harder to forge them overall.
Of course, I doubt anyone would notice that they were presented with an "old style" ID card with a future expiration date. That's asking way too much of cashier's.
Freedom to fear. Freedom from thought. Freedom to kill.
I guess the War on Terror really is about freedom!
René Magritte was a belgian, and since everyone keeps asking, someone made a website about it.
Some americans should be reminded of this famous belgian . Many people think it's an american invention...
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
They killed the product about 2 years ago. It was a mess in many ways. I am probably one of the few people on earth that actually programmed anything in it. I found it painful. I prefer JavaCard and currently use the JCOP card.
Lasers Controlled Games!
Make that "even more so for governmental institutions". Some years ago I worked at a Danish business school where we had employment data for approx. 10% of the danish workforce (where you had been employed and for how long - it was based on social security data (primarily "ATP-indberetninger")). Data where anonymized both regarding workers and workplaces (and some other dimensions I don't remenber today) but even so available to only a very limited group of scientists.
Even so we weren't allowed to keep the data for very long. The authorities was afraid that we might be able to track information about individuals and therefore afterwards we weren't allowed to have access to anything but aggregated data.
Having access to data that were immidiately crossreferencable was a goldmine. Take for instance the publication "Danish economy May 1988, The Labour Market" from the Danish Economic Counsil: For the first time economist where able to get behind the truth of unemployment rates. They could see that 75% of the workforce (the "A-team") where fulltime employed and 25% of the workforce (the "B-team") walked in and out for employment. If the unemploymentrate was 10% it only ment that the B-team where unemployed for shorter or longer periods on average 40% of their time.
What is my point? Well, there are actually two: 1) Danish laws regarding privacy are being rigorously upheld by the relevant authorities and 2) universially crossreferencable data is a goldmine for researchers (here are a list of publications from the Danish National Center for Register based Research) and used wisely benificial for everyone.
For the most part, I was not referring to trusting the government, but to trusting 'smart card' technology too deeply. If a 'smart card' ID is assumed to be secure, those whose security has been compromised may be assumed to still be secure... making the compromise potentially more damaging.
Regarding trusting the government... The USA was founded by a bunch of 'nuts' who carefully crafted its constitution to prevent that very same government from becoming the same sort of tyranny(s) that they fled before. And for that, I thank them
The USA was founded by a bunch of 'nuts' who carefully crafted its constitution to prevent that very same government from becoming the same sort of tyranny(s) that they fled before. And for that, I thank them
There is no doubt that these "nuts" deserve the greatest praise, having shown the world that a more free, secularly organized society can function on the greatest scale. Yet, I can not help but feel that the process how a president gets elected could need some adjustment. I think it doesn't make all that much sense anymore, that the importance of your weight entirely depends on where you live. It is like the USA were the first to implement a working system for a democratic society, lets say v1.0. Most other civilized countries are now running version 5.x with lots of cool new features but the USA never bothered to update.