I'm in conflict...
by
chrisseaton
·
· Score: 3, Funny
"national ID card" : bad Java : good
Re:I'm in conflict...
by
Anonymous Coward
·
· Score: 2, Insightful
"national ID card" : bad
Why is that bad? How is it any different from a damn driver's license in the states? It's not. You think a cop in one state can't get your info just as fast as one in another? And do you realize how much easier it would be to write software if the whole country used the same damn format? And how much easier it would be for you to have one number to remember?
Java : good
Java sucks. Slow junk. Ugly. You can always tell a Java app from another. Pathetic.
Re:I'm in conflict...
by
stuffman64
·
· Score: 3, Interesting
"national ID card" : bad
I agree that a national ID card is bad; we've been over it many times before. However, I am all for a national standard for driver's licences. I work at a fairly busy convience store at Penn State University, and oftentimes I have the privledge (if you can call it that) of selling cigarettes to help college students kill themselves faster. Since the town also has quite a large secondary school system, it is absolutely necessary to card everyone who buys cigarettes as not to sell to minors.
Checking licences is quick, but is not as convienient as you may think. Since many students are out of state, I see at least 7 different states' licences (and thier many variations) at each shift. Every state has a different layout, orientation, and material (for instance, New Jersey licences seem to be nothing more than laminated paper, while PA licences are thick plastic cards). Worse yet, no state ever puts the date of birth in the same spot. While this may not seem like a problem at first, it is quite time consuming to constantly scan cards for DOB, picture, and expiration (as you cannot sell cigarettes to someone with an expired license).
If everything was standardized, things would be much less time consuming. I know people become mighty frustrated when they have to hurry off to get drunk with their friends but need thier smokes right now. What would be so hard about having a standard layout? States could still embellish and add thier own features for security or other reasons, but to anyone who works with IDs all day, this would surely make life easier. The whole vertical layout for people under 21 is also a good idea, as it is really easy to tell if someone is of age by the orientation of the license, but it seems as this may be too easy to fake. Any ideas?
-- ---
At my sig, unleash hell.
Re:I'm in conflict...
by
nutshell42
·
· Score: 4, Insightful
Well, let's take a short look at my ID (German), it contains:
photograph
name
date and location of birth
nationality
date of expiry
signature
address
height
eye-color
the authority which validated it
and the date when it was printed
So, which thing exactly is so much worse about that than about your driver's license?
-- Don't think of it as a flame---it's more like an argument that does 3d6 fire damage
Re:I'm in conflict...
by
Daleks
·
· Score: 4, Funny
Java : good
Exception in thread "main" java.identity.IdentityNotFoundException:
Try explaining that to the police at 2AM.
Re:I'm in conflict...
by
vrt3
·
· Score: 2, Insightful
I don't really get this: you hate national ID cards, but you have no problem with using driver licenses as an ID? Only difference I see is that someone who doesn't learn how to drive (assuming that such people exist in your country) doesn't have a driver license.
Frankly, I don't really see what's so wrong with national ID cards. Perhaps it's just because I'm so used to it (I am from Belgium), but could someone explain why they are such a bad thing?
-- This sig under construction. Please check back later.
Re:I'm in conflict...
by
Anonymous Coward
·
· Score: 2, Interesting
"Today is the deadline for males from the second round of Arab and Muslim countries and North Korea to register with the United States immigration authorities under new security rules. Amnesty International is calling on the US authorities to ensure respect for the human rights of non citizens and to review the special registration process to ensure that it is administered fairly and complies with the principle of non-discrimination under international law."
Easy, your id no can be used to access your registration with the tax authority (Finanzamt). In Germany, you pay tax to the church that you belong to (Can I put 'Open Source' as my religion) which is collected by the tax authority to benefit the church. Incidentally, this is the Scientologists beef, they aren't recognised to be ablt to do this.
It means that although the id card doesn't carry religion, it is relatively easy to determine this from the files and possible for a possible future government to overstamp the id.
I always thought the term smart card was a bit..Oh I don't know, unfounded? It has a digital signature, great, what happens when it's stolen? And used against the owner? I'd like to see a card that had an image of your retina so they could tell if it was you, the eye has so many patterns, its almost impossible to fake. Cosmetics can already make someone look like someone else, but they havent figured out to replicate the eye yet...
I did see Minority Report, that's very true...Identies will ALWAYS be stolen, if people are determined to do something, they will. I quote Jimmy Buffet "Keys and locks are destined to be busted." By making it harder for the average person (or con "artist") to do some illegal, they'll work that much harder..
Re:Well,
by
primus_sucks
·
· Score: 3, Interesting
Personally I've had two identity theft incidents. One time someone in Japan (I'm in the US) used my credit/debit card number and cleaned out several thousand dollars from my bank account. Another incident, someone printed or obtained fake checks with my name on them. With the present system anyone with a laser printer can make checks and anyone who works at restaurant or gas station can collect credit card numbers. At least this system will hopefully make it harder. And hopefully if someone does steal your card or something you won't be held accountable for damages.
There are all sorts of ways to secure identity. Most good smartcard rollouts specify an interaction protocol, and the data required, and let the individual implementors come up with something to please people.
Most people don't know just how much damage you can do with just someone's phone bill, and that's usually much easier to steal than their birth certificate.
The point is that there are many, many areas of poor security. Expecting a smartcard (which can be de-activated under many systems, unlike a phone bill or a birth certificate) to have a level of security as good as, or better than, a safe enclosed in concrete and buried in the Marianas Trench is a bit much.
Yes, that was hyperbole.
The thing is that most people tend to freak out whenever we put something security-related on a digital medium. Chill out.
If you do it correctly, you can have the cards not contain any information beyond keys used to access and prove identity. Those keys can be changed. Quickly (again, barring incompetence, which your example of biometrics does as well - if you have an incompetent bioreader, you will be locked out of your card. Bioreaders are much more complex than, say, a 4-key pad).
Security should be leveled. No one layer is enough. The basic security model of a good smartcard system goes something like:
You have to have the card.
You have to know something to use the card.
Even if you could somehow get to the information on the inside of the card, it wouldn't do you any good after time t.
You could optionally enhance this out to include:
You have to have the card.
You have to have something that's only with you to use the card (your face, your eye, your thumb).
You have to have a prior arrangement regarding your card and the specific place you are going to.
Your card, and your information to get to use the card has to match up with the information on file with the specific place you are going to.
You have to know something to use the card.
Even if you did have all of that, the keys on the card are automatically deactivated every t hours (24, 48, 72, 168, optionally with grace period).
As you can see, the level of security can quickly be ramped up to "insane."
Optionally, you could set a "policy identifier" that is part of the request sent to the smart card by the reader that states what meatspace authentication protocols were used. You could set your card to refuse anything that did not include certain checks.
This is mostly a "polite" check, and by no means should deactivate the other parts of authentication. It's just to give the places you do business with a list of the things they should do. Sure, the business could lie about it. The only thing that would get them, though, would be permission to interface with the security methods on your card.
As an idea of what could be done with this: you could have your smartcard set to have two keys. Depending upon the policy identifier, it would cause the smartcard to use either your low security key, or your high security key. The information you attach to each one could be different (two credit card numbers, one with a $200 limit, one with a $20,000 limit. Electronic cash, one with $20, one with $2,000).
Anyway, just something to think about: don't concentrate so much on one layer of security, like biometrics. It can be fooled. The difficulty of fooling one authentication mechanism goes up linearly. The difficulty of fooling combined authentication goes up exponentially (consider: you know your boss's passcharacter, but could you: get his card, look like him, look like him enough to fool people at the place he normally shops at while they're looking at a picture of him on their monitor, do it all before that night and before he notices? Oh, and self-employed people can't compete in this test.;-)
the eye has so many patterns, its almost impossible to fake
Interesting use of the word "almost" there. So, what happens if/when a method to fake arbitrary retinal patterns is developed?
The great thing about usernames and passwords, PINs, etc, is that if you have reason to think that someone else knows it, you can change it. You can't change your retinal pattern, or any other biometric data.
If someone manages to fake your thumb print or retinal pattern, you're stuffed - you can't change them, and if that's the only official method of identifcation, you can't even revoke them and use a PIN.
Besides, the problem isn't people managing to copy retinal patterns, its people managing to fool detectors into accepting other patterns, or even a photograph of the correct eye...
Lets hope that a kid with a glitcher cannot reprogram these cards and steal identites like stealing satellite tv from Direct TV.
--
~~Some people never go crazy what truly horrible lives they must lead.~~ Charles Bukowski
Java based???
by
Beetjebrak
·
· Score: 4, Interesting
Does a smartcard actually run a Java VM? I've always been under the impression that smartcards contain only data, and that applications run on the machines you plug your card into. Java-based smartcards sound like marketing speak to me really.
-- Learn from the mistakes of others. There isn't enough time to make them all yourself.
Re:Java based???
by
Hrshgn
·
· Score: 2, Informative
Well, many smart cards (all?) have a microprocessor inside running their own firmware. They are powered by the reading machine though.
Re:Java based???
by
c_oflynn
·
· Score: 5, Informative
There are many types of smartcards.
Some are the memory only type, where the card just has some sort of (normally secured) memory on it.
Then there are also the microcontroller cards. These cards have memory and a microcontroller built into them. You can write a program on it to do something, however you don't exactly have a lot of I/O lines or anything (just a communications link actually).
Most of the microcontroller smartcards have built-in encryption and decryption as well.
Java is pretty popular for programming smartcards, but they even have BASIC for smartcards.
The microcontroller only needs an external clock and power source, and will execute whatever program is on it.
Re:Java based???
by
Wesley+Felter
·
· Score: 4, Informative
Yes, Java Cards run a crippled, stripped-down, bastardized Java VM. There are also traditional smart cards that only do crypto and data storage, and then there are fake smart cards that hold data but can't do any processing.
Re:Java based???
by
philfr
·
· Score: 5, Informative
Memory cards only contain data, some parts read-only, some parts read-write, and some parts write once. They have been used since a long time for prepaid public phone cards or access control.
Smart cards also contain a CPU, sometimes highly optimized for e.g. RSA encryption, and their data is available through a file system abstraction. Smart card suppliers call this an operating system... Multiple applications can run on these smart cards, which means you could theoretically have only one card for your ID card, your electronic purse and various loyalty cards (if your are not too worried about security/privacy issues in case of breaking into such a chip).
Memory cards are also called synchronous cards and smart cards asynchronous cards. That's because of the nature of the serial protocol they use to communicate with the device that reads them. Smart cards have a real UART embedded, and implement one of two protocols (T0 and T1) defined in ISO 7816, the second of which is fairly complex and allows to multiplex communication between multiple applications running in the card reader and their peer inside the smart card.
JavaCards embed a "JVM", but a very limited one: you can't just open a network connection or dynamically load a class. Sun specifies the precise subset of Java that corresponds to a JavaCard profile. But, yes, they run Java "cardplets"...
Please upgrade
by
Anonymous Coward
·
· Score: 4, Funny
I am sorry sir. You can not get your prescription filled here. This Pharmacy is not Java enabled. Please wait until the next service pack release.
Thank you. Please come back soon.
Big Brother or Good Sense?
by
Anonymous Coward
·
· Score: 3, Interesting
I'm very conflicted over the concept of a national ID system. One the one hand it could overcome many of the inadequacies of our state based identity system, like the ease of creating a viable fake. But combine a national ID system with a national database and I can just hear the Big Brother proponents rubbing their hands together in glee, as well as looking for an opportunity to persecute every illegal alien in the country. If the United States gives in to a national ID in the name of replacing an outdated system, must we at the same time provide the government with yet another tool to restrict our privacy?
Good or bad?
by
Blaine+Hilton
·
· Score: 2, Interesting
I realize there are many great uses for these Java cards, but I'm not sure if making it a national ID card is the best idea. The government can easily use this against the people and the privacy concerns are enormous. I believe a better implementation would be for banks to issue such as with credit cards and such, not as a device that every citizen may be required to ware.
Re:Good or bad?
by
Saib0t
·
· Score: 3, Insightful
but I'm not sure if making it a national ID card is the best idea.
As a belgian citizen, I can tell you that we already have a mandatory national ID card, so it's not much of a point.
My national ID card has this on it:
a picture
Name
Given Names
Sex
Date of Birth
Place of Birth
Signing authority
My signature
Address
ID Card Number (2 of them)
Spouse
Children names
It bears several things on it that make its counterfeiting difficult (like a nice color changing hologram-like shape of the country)
The government can easily use this against the people and the privacy concerns are enormous.
All these concerns are very legit in the USA, but from the people I have talked to, this is the "only" country where people are so afraid of being bigbrothered. I have a national ID card and I use it very seldom, and I really don't have the feeling that it is being used as a way to track my habbits down.
On the other hand, my bank uses that ID number in their files, so does my social security company (social security is built in into the belgian system, but you have to have a "company" paying your stuff), and if I could, I'd actually encourage all these government bodies who require identification at one point or another to create that database, and give access to information about me on a need basis.
The problem does not come from the traceability, these problem are a minor concern compared to the advantages.
The real problem comes from trusting your government. The belgian political landscape (if I may speak of it thus) consists in dozens of parties, with 5 or 6 big players. This ensures that the same person don't stay in power very long if they don't do a good job, and there ARE alternatives to what is in place at the moment, and it's always a coalition of several parties that is running the country. This is one of the reasons I trust my government (to a large extent).
Trust is the real problem...
--
One shall speak only if what one has to say is more beautiful than silence
Re:Good or bad?
by
Blaine+Hilton
·
· Score: 2, Interesting
Great response!
I believe you hit it on the head about trusting the government. Here in the states we have 2 main political parties. Many people don't vote just because you can only vote for the lesser of the evils. You don't get a "warm fuzzy" feeling for voting for the good guy, because they are all pretty much a bag of liars.
Lawers and politicans.... can't live with them and can't live with out them
It won't be long and we'll be saying "why in hell did we create an identity card?! Each person is their own identity. Cards can be stolen, altered. People cannot (undetectably).
Actually, I think you *do* get it - and unfortunately, many folks seem to be overlooking the obvious in their quest for a higher-tech and more convenient lifestyle.
There simply won't be any more guarantee that any of us are really who we claim to be, just because we hold a "smartcard" that identifies us as being a certain person.
In fact, most banks/lenders currently require 3 forms of I.D. to do such things as open a new checking account. That's because the closest thing to a guarantee of identity they have is forcing you to provide multiple proofs. Putting all the proverbial eggs in one basket, as a smartcard does, doesn't make much sense to me.
From what I understand
by
joeflies
·
· Score: 2, Informative
I only have a loose understanding of how these work, so please correct me if I'm wrong
It's more than just carrying the key, it handles operations performed on the key. There are definitely programs that run on the card itself, as it is doing the key handling so that the key isn't ever exposed outside of the card.
That being said, the Java card isn't running a Java VM. I thought it was technology acquired and put under the same Java brand, but it isn't exactly Java though.
Re:From what I understand
by
nuclearmoose
·
· Score: 3, Informative
Here's the Sun Java Card site:
http://java.sun.com/products/javacard/
Lots of good info there, toolkit, spec, etc. The Java Card book from Sun Press is also pretty good.
For you information: belgium allready has non-digital ID cards, which are obligatory to every citizen. You are even obligated to carry them around at any time and CAN be asked to show them to police if they have "reason" to suspect you of something.
You are required to carry ID in the US as well. Big deal.
It is a big deal here (in Belgium).
If you don't have your card, you can be arrested and held in a cell until you are able to prove your identity.
This is anywhere, anytime - not just walking out of a bar, or driving a car. Stand too long on a street corner, or if the police think you're looking at them in a funny way, or be the wrong skin colour in thewrong area - with no official id, you can be held for a long time.
If you're from north Africa, and you're walking around Antwerp with some friends, you better have your card with you - and you better not resist arrest (like breath, etc...).
This is nothing like the US.
-- "The best part? I became an ordained minister while not wearing pants." -- CleverNickName
I'm from Belgium too, and knowing some people who are with the police, they always say it's not necessary to carry it all the time. It's enough to be able to show it once you get home; it happens they drive you home in order to do that. But I don't know if that's law or just standard procedure.
Even that happens very infrequently. I'm 28 know, and I had to show my ID card only once to the police, and that was when I moved and a (very friendly, by the way) police man came to check that I was really living there. Oh, and once when I was driving home and I had to stop for alcohol control; though I don't remember I had to show my ID card, perhaps my driver's license was enough.
-- This sig under construction. Please check back later.
"Jan Deprest, President of Fedict, the Federal ICT department" said in the article:
It will allow Belgian citizens to authenticate themselves in an easy and
completely secure electronic way whenever they access e-government applications.
[emphasis added]
Sounds like he's (she's?) been listening to a snake oil salesman at Sun. Last time I checked, nothing was completely secure, least of all smart cards...
What does java actuall add to an id card?
by
yintercept
·
· Score: 4, Insightful
I am actually confused by the article. An "ID card" pretty much just carries data...not a full programming environment. Sounds more like business name branding.
The important part of an id card is the interface and how you access and change the information. Such an interface is first and foremost a hardware interface. Trying to say that the card belongs to computer language x doesn't make any sense.
As for functionality, would you as a business really want to record important information on a card that is easily lost, physically compromisable, and carried by a person? What businesses want is simply a verifiable id for customers. The simpler the id the better.
What's all this noise about antiquities? Try pumping an antiquity in your Surburban and see where it gets you.
Re:What does java actuall add to an id card?
by
philfr
·
· Score: 5, Informative
The ID cards are able to prove your identity. For this, they embed a private key, and calculate a signature themselves on data that is sent to them.
If they only gave this private key to the device that asked for it, they would be easy to duplicate.
Of course, you don't need Java for this, but you need a smart card with a CPU inside, and you need to develop the application that runs on that CPU.
The choice of a chipcard determines the SDK to be used for it. One of them is JavaCard...
Re:What does java actuall add to an id card?
by
yintercept
·
· Score: 2, Interesting
Of course, you don't need Java for this, but you need a smart card with a CPU inside
The functionality is still more important that the language. You pass a bunch of blips into the card and get a bunch of blips out.
Sounds like the big advantage of the technology is that the id the store gets isn't your actual private key...but a derivative produced from the key.
The cards can't actually prove identity of course. But it sounds like it would be a little bit more difficult to steal someone else's identity.
But I jump back to the point that the language itself is independent of the functionality. The Java Branding is just Java branding.
There only real negative to a digital card is that companies can start asking for them and easily start filling their databases with your information.
Manually copying down information from the front of the card is far too time consuming and obvious. Plus, you can only fit so much information on it.
There are of course technical ways to design digital ID systems and laws you can put in place to prevent this from happening on any kind of scale, but I fear these cards were not designed with privacy in mind.
-- The world is neither black nor white nor good nor evil, only many shades of CowboyNeal.
Re:im not for it
by
CommieOverlord
·
· Score: 2, Insightful
You mean like the potential for abusing driver's licenses, SSN cards, health-care cards, birth certificates? There are already plenty of national or state/provincal cards out there. Abuse happens, but obviously they're good for something or they wouldn't be here.
Re:Can it be updated with GJC?
by
robslimo
·
· Score: 3, Insightful
Say... by my reckoning and based on your sig, you oughta be posting AC. Freakin' troll. - - - - - - on a more serious note - - - - -
Having Read The Fine Article and a few earlier posts, I'd have to say:
(a) National ID's are bad (good) (b) Java is bad (good) (c) how the bloody hell is anyone going to make 'smart cards' smart enough to prevent [ID] theft?
If, after all these years, Hughes (DirecTV) and others have not been able to prevent signal theft using 'smart card' technology, how safe should we feel entrusting our personal identification to this tech?
"Ohh!," say some, "this is safer yet than the old methods of identifying us to our government. This is much safer than an easily forged picture ID."
But this technology *is* assumed to be 'safer'. It is assumed to be (and marketed as) 'secure'. That also means that our govn'ts may assume that it is *true*. If a transaction, waypoint in your vacation journey, or an arrest is logged in your 'Nat'l ID' account, it will be assumed to be true... because it's safe and secure technology, right? They may be much less likely to doubt any misinformation in you recored, so think again about DTV and how secure their system is. Please think.
Fundamental Flaws
by
Anonymous Coward
·
· Score: 5, Informative
I was at an E-Gov day some months ago, where this was presented and discussed. (Vince Rijmen, of AES fame was there talking about how they solved the problems associated with e-voting). Some of the comments really scared me:
1) The keypairs on the card will be pre-generated when the citizen receives the card. IMHO a private key that has been in someone else's hands/machine is totally useless. This of course allows for involutary escrow..
2) The Belgian Federal Gov representative (Peter Strickx, ex-Sun, by total coincidence) plainly declared they do not want to have the necessary expertise in-house, but wants to outsource the whole thing (to Sun and ZETES, it now seems)
So this will put our identities (and the authentication/non-repudiation/existence of some very important personal documents) at the mercy of a couple of *private companies*, one of them American, no less, at a time when the US is governed by a madman, that gets away with secret military tribunals and illegal warmongering..
Some of the excuses, when I asked about this were that the.be gov already uses much outsourced security for its own communications!
I say this is unacceptable and an enormous security blunder. Verisign, a US company, could issue some revocations, and thereby completely stop the flow of information inside the.be gov!
Do I they want the US gov to be able to screw around with any.be citizen's identity? It would seem to be so..
Please forgive me for using AC for once, one would get paranoid for a low less...
Easily defeated?
by
Pettifogger
·
· Score: 2, Insightful
Yeah, but just how durable is this chip? I personally took offense at the magnetic strip on my driver's license, and it just so happened that my ID had an unfortunate "accidental" experience with a large, powerful electromagnet.
If I get one of these new java IDs forced on me, it might just be "accidentally" directly exposed to 1500 watts of RF. Maybe "accidentally" take a spin on the turntable in the microwave, too.
So what's the point of making this stuff if the people who don't like it can easily defeat it?
--
IAAL
Obligatory Hitchhikers' reference
by
NewbieProgrammerMan
·
· Score: 2, Funny
Maybe the existence of a Java-based national ID card is the unspeakable concept mentioned in the Guide.
-- [b.belong('us') for b in bases if b.owner() == 'you']
Who do you want to be today?
by
billstewart
·
· Score: 2, Insightful
Sigh. The current SSN system is bad enough, but at least as Americans we didn't used to need no stinkin' badges. Until we get rid of a using a single national identifier number for everything, identity theft will be an increasing problem, and consumer tracking and electronically-assisted stalking and corrupt clerks selling license cards and control of individuals by taking away their IDs or licenses will just keep increasing.
Unfortunately, the concept of giving people a stack of uncorrelatable tax ID numbers that they can give to different people who need them is complex-sounding enough that if it's ever implemented, it'll probably be done on a smart card of some sort (or a dumb memory card rather than a processor-equipped card.)
--
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Why do I need a Java card?
by
AndroidCat
·
· Score: 3, Funny
I mean, I've already got one of those Starbucks cards with $15 still on it!
-- One line blog. I hear that they're called Twitters now.
Why is national id cards / numbers bad ?
by
Simon+Lyngshede
·
· Score: 5, Insightful
Being Danish I was given a social security number when I was born, works just like a national id. My social security card work pretty much like an national id card, you sometimes need some sort of picture id in combination with the social security card.
The only thing I hate is that it doesn't include more "features". I what to use it as a credit card, drives license, access card to the university and so on. Having an all purpose id card would make my life a lot easier. Why is national id cards a bad idea? Are people afraid that the government will track them. Who really gives a fuck if it allows the government to track you with it? They could do that anyway if they really cared enough. I simply don't get it.
Please tell me why national ids are bad. Who are you people afraid of ? Im tired of hearing that national ids are bad, without being given a good reason. So fare I just heared "National id, bad" and it's every time Slashdot brings it up. Only once have I hear of misuse in Denmark and that was due of lack of security at the post office, not really something you can blame the system for.
Re:Why is national id cards / numbers bad ?
by
Wateshay
·
· Score: 2, Interesting
Well, I can't speak for anyone else around here, but I think they're bad for two reasons. The first is practical. I just don't think that a national ID card (java or no java) can be made secure enough yet to justify the amount of trust that those who don't understand security will invariably put in it. If you have a number of different cards, then you aren't "putting all of your eggs in one basket."
The second reason is philisophical. Although it may make life easier, or even safer, I don't feel that the government has a right to know where I am at any given time. Over here in the U.S., we have social security numbers, too. We even have social security cards. They're not ID, though. In fact, technically, no one except the Internal Revenue Service and your employer are allowed to ask for the number (they do, but that's a different discussion entirely).
The defacto ID over here is the driver's license, which is issued by the state. These have become the ID of choice for use in identification under most circumstances, because most people have one and they contain your picture. The difference between a driver's license and a national ID, though (other than the fact that the DI is issued by the states and the NID would be issued by the Federal Govt.) is that no one is required to carry a driver's license unless they're actually driving. A police officer can't come up to me on the street and ask me for my ID because I'm acting suspiciously. Even if he arrests me for something, he can't require me to show him ID. He may be able to find it out anyway if he searches me and finds ID, or if I have a criminal record and he matches my fingerprints, but the point is that the burden of identity is on the government, not me.
You may not agree with me, and may think it's silly since 95% of the time they can find out who I am anyway, and would not have much trouble finding me if they cared to look, but it is an important issue to me. It's not about being afraid of the government tracking me. For the most part I'm not afraid of the government (although I would like to ensure that the govt's powers are limited in case at some point in the future I do need to fear them). However, for me it's about freedom, and being required to present ID to the govt limits my freedom. So, I do "give a fuck" if there is a national ID card, and I hope this clears up a little bit for you why I feel that way, to a degree more than just "National id, bad".
--
"If English was good enough for Jesus, it's good enough for everyone else."
Re:Why is national id cards / numbers bad ?
by
Simon+Lyngshede
·
· Score: 2, Informative
First of all, racial integration is just as much a problem in Denmark as anywhere else.
Regarding your 3 points. 1. No one can ask for you id based on race and really it wouldn't tell them anything. Currently is just tells people that you're entitled to free medical care and stuff like that. You can not be arrested for not having one. 2. Non-nationals has no need for a national id for another country, why would they? Same goes for asylum seekers, they however will get one if granted asylum. 3. Danish ids are useless for anyone but the owner. They in themself doesn't identify you. They simply contain your name, part of you adresse and you social security number (I check with a card reader). No one can use my id card to gain access to my bank account, only to get information which is publicly available anyway. Just a handy way of locating me in a database. Databases containing personal information is stricly regulated by the way. Cross reference is VERY illegal, even for government institutions.
Personally Im more worried about losing the keys to my apartment than my social security card.
Re:Why is national id cards / numbers bad ?
by
Anonymous Coward
·
· Score: 2, Insightful
I believe the argument goes:
We only really want to track whitches. Oh, now we only want to track Jews, Jehova's Whitnesses, gays, and political dissidents. Oh, strike that, now we only want to track communists. Strike that, now we only want to track Arabs, I mean big bad terrorists. Now put your vauables in that pile, your clother over there and go take your shower with all of the other accused unlawful combatants and enemy supporters in protective custody.
Fear of revolution keeps governments inline. What got IBM so in trouble for aiding in the Holocaust? Providing administrative tabulation machines that helped keep records on the Jews, J.W.'s. gays, etc. and made rounding up and keeping them more efficient. The first thing rising dictatoships/McCarthyist do is better control weapons and keep better tabs on people. I don't want a revolution-proof government. I don't want a revolution, but I think the government should fear its people and prevent revolution by keeping them happy rather than bullying the people.
Martin Luther King was imprisoned. Attack dogs and fire hoses were turned on peaceful civil rights demonstrations. We don't really want a society without "crime", we want a society without injustice. Sometimes some crimes bring back the justice. Martin Luther King was a righteous criminal.
Stamping out crime means stamping out dissent. Don't fool yourself. Learn from history. Anonymity threatens the law much more than it threatens justice. I can murder someone just as easily if Seven-Eleven needs to phone my fingerprint and super-secure government ID number in to the poliez in order to sell me a loaf of bread. I want an injustice-free society, not a crime-free society.
I think argument number 1 is a little paranoid, but it has some truth to it. I think argument number 2 is much better.
Argument number 2 is that people are stupid. People know current IDs can be faked. The new "fake proof" IDs will be fakable with more effort, but nobody will believe you when you say you've been the victim of identity theft. National IDs help people become sheeple.
Why is the gut reaction "bad"?
by
claes
·
· Score: 4, Insightful
In Sweden, id cards needs to conform to certain standards, that are set by the same authority that standardizes many other things (www.sis.se). I do not know the details of this, but I think it is good that it is under control of a government authority. There is nothing mandatory with carrying them around, or even having them. We don't call them national id cards either, but they are accepted as id-cards everywhere. In Sweden that is... since they don't have the nationality of the owner on them, they are no good for travelling within Schengen yet.
It all comes down in what ways you trust your government of course. In this regard I trust it. For example, the nationality thing was hotly debated, since the reason we don't have nationality is that it would be discriminating for non-swedish citizens to have their nationality on them. Or so it was argued. But the government had to change for public opinion because of this, being part of Schengen is not really good if you still need passport when travelling...
Re:HOLY CRAP!!!
by
jawtheshark
·
· Score: 2, Informative
They are standardized all over the European Union. They all look the same. Well, I've seen my brothers one (which is not Belgian anymore, I still am), and it is *exactly* the same. Oh, minor differences like language and stuff like that, but it's essentially the same.
-- Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Slashdot Mirror
"national ID card" : bad
Java : good
I hope the U.S. and A. uses C# for our National ID cards!
I always thought the term smart card was a bit..Oh I don't know, unfounded? It has a digital signature, great, what happens when it's stolen? And used against the owner? I'd like to see a card that had an image of your retina so they could tell if it was you, the eye has so many patterns, its almost impossible to fake. Cosmetics can already make someone look like someone else, but they havent figured out to replicate the eye yet...
The new mark of the beast?
Why not fork?
Lets hope that a kid with a glitcher cannot reprogram these cards and steal identites like stealing satellite tv from Direct TV.
~~Some people never go crazy what truly horrible lives they must lead.~~ Charles Bukowski
Does a smartcard actually run a Java VM? I've always been under the impression that smartcards contain only data, and that applications run on the machines you plug your card into. Java-based smartcards sound like marketing speak to me really.
Learn from the mistakes of others. There isn't enough time to make them all yourself.
Thank you. Please come back soon.
I'm very conflicted over the concept of a national ID system. One the one hand it could overcome many of the inadequacies of our state based identity system, like the ease of creating a viable fake. But combine a national ID system with a national database and I can just hear the Big Brother proponents rubbing their hands together in glee, as well as looking for an opportunity to persecute every illegal alien in the country. If the United States gives in to a national ID in the name of replacing an outdated system, must we at the same time provide the government with yet another tool to restrict our privacy?
Go calculate something!
It won't be long and we'll be saying "why in hell did we create an identity card?! Each person is their own identity. Cards can be stolen, altered. People cannot (undetectably).
I guess I don't get it.
That being said, the Java card isn't running a Java VM. I thought it was technology acquired and put under the same Java brand, but it isn't exactly Java though.
I use my Slashdot ID for all my identity needs.
Hmm.. maybe I shouldn't have said that.
For you information:
belgium allready has non-digital ID cards, which are obligatory to every citizen. You are even obligated to carry them around at any time and CAN be asked to show them to police if they have "reason" to suspect you of something.
You could have a look at mine, for example...
http://studwww.rug.ac.be/~bdejong/id.jpg
... BlackBoard IDs on these things!
-- Dossy
(Still waiting on the saliva analyzing biometric device. Nothing like spitting to authenticate yourself.)
Dossy's Blog
The most beautiful woman in the world, audrey hepburn, was born in Belgium, iirc.
"Orthodoxy means not thinking--not needing to think. Orthodoxy is unconsciousness." --Eric Blair
If we look at your passport picture, I suppose it's for your own sake that those things are hidden on a Java card.
Greets from Belgium.
Sounds like he's (she's?) been listening to a snake oil salesman at Sun. Last time I checked, nothing was completely secure, least of all smart cards...
I am actually confused by the article. An "ID card" pretty much just carries data...not a full programming environment. Sounds more like business name branding.
The important part of an id card is the interface and how you access and change the information. Such an interface is first and foremost a hardware interface. Trying to say that the card belongs to computer language x doesn't make any sense.
As for functionality, would you as a business really want to record important information on a card that is easily lost, physically compromisable, and carried by a person? What businesses want is simply a verifiable id for customers. The simpler the id the better.
What's all this noise about antiquities? Try pumping an antiquity in your Surburban and see where it gets you.
There only real negative to a digital card is that companies can start asking for them and easily start filling their databases with your information.
Manually copying down information from the front of the card is far too time consuming and obvious. Plus, you can only fit so much information on it.
There are of course technical ways to design digital ID systems and laws you can put in place to prevent this from happening on any kind of scale, but I fear these cards were not designed with privacy in mind.
The world is neither black nor white nor good nor evil, only many shades of CowboyNeal.
You mean like the potential for abusing driver's licenses, SSN cards, health-care cards, birth certificates? There are already plenty of national or state/provincal cards out there. Abuse happens, but obviously they're good for something or they wouldn't be here.
Say... by my reckoning and based on your sig, you oughta be posting AC. Freakin' troll.
- - - - - - on a more serious note - - - - -
Having Read The Fine Article and a few earlier posts, I'd have to say:
(a) National ID's are bad (good)
(b) Java is bad (good)
(c) how the bloody hell is anyone going to make 'smart cards' smart enough to prevent [ID] theft?
If, after all these years, Hughes (DirecTV) and others have not been able to prevent signal theft using 'smart card' technology, how safe should we feel entrusting our personal identification to this tech?
"Ohh!," say some, "this is safer yet than the old methods of identifying us to our government. This is much safer than an easily forged picture ID."
But this technology *is* assumed to be 'safer'. It is assumed to be (and marketed as) 'secure'. That also means that our govn'ts may assume that it is *true*. If a transaction, waypoint in your vacation journey, or an arrest is logged in your 'Nat'l ID' account, it will be assumed to be true... because it's safe and secure technology, right? They may be much less likely to doubt any misinformation in you recored, so think again about DTV and how secure their system is. Please think.
I was at an E-Gov day some months ago, where this was presented and discussed. (Vince Rijmen, of AES fame was there talking about how they solved the problems associated with e-voting). Some of the comments really scared me:
.be gov already uses much outsourced security for its own communications!
.be gov!
.be citizen's identity? It would seem to be so..
1) The keypairs on the card will be pre-generated when the citizen receives the card. IMHO a private key that has been in someone else's hands/machine is totally useless. This of course allows for involutary escrow..
2) The Belgian Federal Gov representative (Peter Strickx, ex-Sun, by total coincidence) plainly declared they do not want to have the necessary expertise in-house, but wants to outsource the whole thing (to Sun and ZETES, it now seems)
So this will put our identities (and the authentication/non-repudiation/existence of some very important personal documents) at the mercy of a couple of *private companies*, one of them American, no less, at a time when the US is governed by a madman, that gets away with secret military tribunals and illegal warmongering..
Some of the excuses, when I asked about this were that the
I say this is unacceptable and an enormous security blunder. Verisign, a US company, could issue some revocations, and thereby completely stop the flow of information inside the
Do I they want the US gov to be able to screw around with any
Please forgive me for using AC for once, one would get paranoid for a low less...
If I get one of these new java IDs forced on me, it might just be "accidentally" directly exposed to 1500 watts of RF. Maybe "accidentally" take a spin on the turntable in the microwave, too.
So what's the point of making this stuff if the people who don't like it can easily defeat it?
IAAL
Maybe the existence of a Java-based national ID card is the unspeakable concept mentioned in the Guide.
[b.belong('us') for b in bases if b.owner() == 'you']
Unfortunately, the concept of giving people a stack of uncorrelatable tax ID numbers that they can give to different people who need them is complex-sounding enough that if it's ever implemented, it'll probably be done on a smart card of some sort (or a dumb memory card rather than a processor-equipped card.)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I mean, I've already got one of those Starbucks cards with $15 still on it!
One line blog. I hear that they're called Twitters now.
Being Danish I was given a social security number when I was born, works just like a national id. My social security card work pretty much like an national id card, you sometimes need some sort of picture id in combination with the social security card.
The only thing I hate is that it doesn't include more "features". I what to use it as a credit card, drives license, access card to the university and so on. Having an all purpose id card would make my life a lot easier. Why is national id cards a bad idea? Are people afraid that the government will track them. Who really gives a fuck if it allows the government to track you with it? They could do that anyway if they really cared enough. I simply don't get it.
Please tell me why national ids are bad. Who are you people afraid of ? Im tired of hearing that national ids are bad, without being given a good reason. So fare I just heared "National id, bad" and it's every time Slashdot brings it up. Only once have I hear of misuse in Denmark and that was due of lack of security at the post office, not really something you can blame the system for.
In Sweden, id cards needs to conform to certain standards, that are set by the same authority that standardizes many other things (www.sis.se). I do not know the details of this, but I think it is good that it is under control of a government authority. There is nothing mandatory with carrying them around, or even having them. We don't call them national id cards either, but they are accepted as id-cards everywhere. In Sweden that is... since they don't have the nationality of the owner on them, they are no good for travelling within Schengen yet.
It all comes down in what ways you trust your government of course. In this regard I trust it. For example, the nationality thing was hotly debated, since the reason we don't have nationality is that it would be discriminating for non-swedish citizens to have their nationality on them. Or so it was argued. But the government had to change for public opinion because of this, being part of Schengen is not really good if you still need passport when travelling...
They are standardized all over the European Union. They all look the same. Well, I've seen my brothers one (which is not Belgian anymore, I still am), and it is *exactly* the same. Oh, minor differences like language and stuff like that, but it's essentially the same.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)