HP Announces National Id System Built on .NET

Anonymous Coward writes "Yahoo is running a story about HP's national ID plan, 'The need to securely identify people moving across national and international borders has never been more important than it is today,' said Jim Ganthier, worldwide leader, Defense, Intelligence and Public Safety, HP. 'HP and Microsoft are working together to provide government agencies the ability to access the integrated data streams needed to securely identify people both in the physical and virtual worlds.'"

Re:Microsoft:

You may mean that in jest (or maybe not) but seriously, with microsoft's absolutely WOEFUL security record, a record of being constantly INsecure, of constantly avoiding fixing problems when they're raised, time after time after time... I have to ask

Are HP completely braindead?

If HP were farmers: "HP announces alliance with Lions, Jackals and Wolves to mind sheep & lambs".

dumb question but...

[blackcoot]

they intend to build a secure national id system out of technologies which have proven themselves to be insecure at each turn?

god forbid there ever be something like code red or equivalent that hits this system, because the resulting sound will be that of 280 odd million people being simultaneously sodomized by very large cacti.

fuck off

[Turn-X+Alphonse]

Simplely put, the government can fuck off. I will downright refuse to use ANYTHING built on microsoft technology which is this important. If all my personal data is being kept on it then I DEMAND security above and beyond anything MS has ever done.

I don't care if I get arrested 100 times over for refusing to carry an ID card, it'll be worth it.

Re:fuck off

I will downright refuse to use ANYTHING built on microsoft technology

Well then I guess you refuse to use airlines, banks, power companies, mortgage companies, amazon.com, etc.

I don't care if I get arrested 100 times

Yeah, that will really be worth it. You will sure show them.

Re:fuck off

I think you proved the point of you being a lunatic, that does not really care about security, but cares that MS should not make the product.

Lets review

[John+Seminal]

The USA starts wars all over the globe.

Libraries are now requiring finger prints.

Chicago installed 3000 camera's.

And now this...

I just have one question. Did ANYONE read the patriot act?

What if I want to read a book by Lenin, and not let anyone know that I have read his book? It seems that will be more difficult to do in the future. If I read it at the library, they have my fingerprint scan. If I buy it from the downtown borders, the police camera can look inside to see what books I have. If I somehow sneak the book home, and read it, then want to discuss it on the internet, they can find me.

This reminds me of Ray Bradbury, only far more sinister, with a splash of Orwell tossed in. My dear God, how dumb is the american populace? Has the smartest 5%, the ones that run the entertainment industries, the news, the companies, has the smartest 5% of the people sold their souls for more money?

We have all been enslaved.

Re:Lets review

...Has the smartest 5%, the ones that run the entertainment industries, the news, the companies, has the smartest 5% of the people sold their souls for more money?...

Of course. The degradation of Western society is led by greed, not morals. And the US leads the charge. Freedom? Just a buzzword now. The hippies had it right in the 60s-70s, the corporations are taking over, they saw it for what it was. Every ill Western society suffers is due to greed and avarice.

Family values? Nonexistant. Why? Western society (read greed) dictates both parents must work, JUST TO PAY THE BILLS. So who's at home with junior, nurturing him/her? No one, or the local day care center, who's responsibility is to make sure these kids behave, but not nurture. Parents have abdicated their responsibility to their children because our greedy society dictates it must be so.

When are Westerners going to realize that people, and family, are far more important than The Bottom Line? Hope its soon, or humanity on the whole is doomed.

Re:In this system...

[benjamindees]

You forgot, the US government provides the "great idea" as well as the "implementation", the "budget", the "users", and the "continued support". meh

Re:Well...

[Crimson+Dragon]

Yes I am. Quite right. Except the comparison is large apples (national ID system) versus tiny apples (OS on a PC). I don't care about performance: I care about security. Part of the reason for the .net scrap was SECURITY based.

Re:Security?

Would you rather a hole which required a recompilation of every piece of code and then a redistribution and upgrade of the application at each point it is used?

C# trades you those old fashioned buffer overflows for a language where you have two problems, logic flaws and runtime flaws. If the runtime flaw is found, it's boatload easier to fix and redistribute, and you can do so knowing it wont break your application. Logic flaws are just common programming errors, and you have those anyway regardless of language, thats what testing is designed to find. Runtime environment errors in .NET are much easier to fix than the bugs that crop up in unmanaged language code.

From a management perspective, having a runtime that can be patched once, protecting all applications on the system from a hole is much more preferable to a system where if a hole is found, each individual executable file and library needs to be recompiled, and then redistributed to each machine. With a System Update Server running, you can patch a whole high-school in fifteen minutes, so imagine which route was the easiest to follow :)

What could possibly go wrong?

[John+Seminal]

They make a system just secure enough to track 90% of the users, the avarage mom and pop. They use that data to figure out how much they can get away with... how much patriotic swell there is in redneck america.

They make the system just insecure enough to let hackers get in, to let disasters strike. They use that as justification for more intrusive forms of government control.

Is it possible that governments aim here is not to make a system that is unhackable? Maybe they want it to fail, as a prelude to enslavement?

This is why computers suck. They will no longer be an aide to your life, no longer making life simpler and easier. Computers will now be used to track you, identify you. You are already probably in some government index with a score of how much of a threat you are. Check out Lenin from the library, your score goes up. Join the wrong chats, your score goes up.

Remember, this is the same government that tapped the phones of the Black Panthers in the 1960's, arrested innocent people, killed innocent people, overthrew the democratically elected president of Chile. Our government stinks with evil.

Re:What could possibly go wrong?

[slashdotnickname]

Oh poor Black Panthers. The organization that spawned the majority of gang and drug trade movements that would imprison younger generations into standard of livings much lower than their parents.

Most of the progress made by the brave pioneers of the 50s and 60s was severly halted by these thugs. Lowlifes that would rally against the "evil white man" while at the same time shitting on their own communities with destructive vices. And yet the parent post want's us to take offense at the government phone tappings.

Dumbass.

A few corrections to the quote in TFT

"The need to securely identify people moving across national and international borders has never been more important than it is today." No, let me phrase this in a more precise way: "The world security situation isn't really any different than it has been for the past thirty years, but now we finally have the political will to build systems to give us more control over people's lives. People are now willing to give up more of their freedom for perceived security, and we're going to take the opportunity to do it. But once we do it, it will be too late to ever undo it because if there's ever a movement to undo it, we'll put them on no-fly lists, we'll tap their communications and use that information to discredit their organizations, and finally there's now a bill to make it so that people who are on the secret no-fly-list can't buy guns, so we can disarm them too, without any judicial process."

Is that more clear?

Yes, and worse, they can have you killed

[John+Seminal]

So if someone exploits a security hole in .NET they can take my identity?

If we have a system where everyone is tracked, through databases, camera's, RFID in cars, fingerprints in libraries, and a future dna database, think about the abuse?

Someone hacks the government servers, and puts in data, data that says you are a terrorist, a dangerous terrorist with knowledge of how to build bombs.

You, of course, are just an avarage joe who is walking to the local park to read Invisible Man. Next thing you know, a van hits you on the sidewalk, and you're dead. The driver is not just some old man who lost control. He is an old man who appears to have lost control.

I can't help but wonder, if Joe Mccarthy was alive, if Bush would nominate him to be Director of Homeland Security? The technology we have today is what he was missing to acomplish his goals. If he had todays technology, he could have killed the people who complained, before they got organized. Just find out who is reading the "banned" books, and execute them. Of course, the USA will never pull a book off a library shelf. They will just monitor who reads it.

Re:Yes, and worse, they can have you killed

[Jah-Wren+Ryel]

Someone hacks the government servers, and puts in data, data that says you are a terrorist, a dangerous terrorist with knowledge of how to build bombs.

You, of course, are just an avarage joe...

The danger is not to the average Joe (maybe the average Joe for whom a hacker has a grudge perhaps) but the real danger is to those people who are considered a threat by those who officially/legally control the database.

It is far more likely that we will see such a database used to harass the political opposition (we've seen plenty of anecdotal evidence of that with the no-fly list already). We are also likely to see it used to benefit the "friends" (aka campaign contributors) of the database controllers - corporate whistleblowers for example.

A national ID system is one of the most un-American things to arise from the 9-11 kneejerkers. The only possible benefit is that it will catch stupid terrorists - the ones not smart enough to buy a counterfeit ID or bribe the right underpaid clerk. Meanwhile it is a huge sacrifice of freedom (you know, one of those principles this country was founded on) that will lead to further centralization of power, increased corruption and of course a huge tax bill to pay for the boondoggle.

"I tell you, freedom and human rights in America are doomed.
The U.S. government will lead the American people in -- and the West in general --
into an unbearable hell and a choking life." -- Osama bin Laden, Oct 21, 2001.

Re:Yes, and worse, they can have you killed

I can't help but wonder, if Joe Mccarthy was alive, if Bush would nominate him to be Director of Homeland Security?

Don't wonder. You know. Large swaths of the modern conservative movement have already, in the real non-hypothetical world, been trying to whitewash McCarthy and repaint him as an honest hero who was right about everything and who was only discredited because of a smear campaign by the evil Liberals, who did this because they hated America and wanted the Communists to destroy it. Have you ever heard of a little book called "Treason", by Anne Coulter? Because that's basically its thesis. Meanwhile, the Bush administration has shown no qualms about working with and drawing on as resources thoroughly discredited individuals from the foreign policy scandals of the 1980s (you know, the scandals that helped create the current foreign policy mess in the middle east that Bush is ostensibly trying to fight), and have even been violently trying to spin Vietnam as a war where our mistake was in leaving, not in going in.

This administration and this movement are, quite outside of straw men, very enthusiastic about trying to rewrite history so that anyone in America who's ever tried to engineer jingoistic hatred for personal political gain, or start or participate in a war on false pretenses, was in the right. If McCarthy were still alive the media would have been browbeaten by now into treating him as an American hero.

Historical Analysis

[digitalgimpus]

Lets See:

Hitler needed an ID system. IBM was the ideal partner for them during the Holocaust. Perfect for tracking victims.

Bush needs and ID system. HP is the ideal partner for them during the Crusades 2.0. Perfect for tracking non christians.

history does always repeat itself.... sadly.

The need to reject baseless assumptions...

[JimBobJoe]

'The need to securely identify people moving across national and international borders has never been more important than it is today,'

If *anything* the lesson of 9/11 should have been that identification is not effective nor relevant to certain types of security sitautions, like air travel.

Instead, the assumption stands that identification is essential, but, in regards to 9/11, it was somehow lacking, either in format (see REAL ID act) or application.

Bad security is built around bad assumptions. Remove the bad assumptions and rebuild the security framework.

Based on the vast quantity of individuals flying, and the amazing sum of variables, all of which indicate little about the potential danger of the passenger, a defense could be made that we would be safer building a security system around nameless tickets.

Re:I'm pretty torn about this

[trucker3406e]

Just because someone came up with Idea doesnt mean we have to use it. Its obvious that this "ID" system is a complete and utter violation of the right to privacy. However no one seems to care what the bill of rights says anymore. I hope enough ppl know what tosay to a national ID system...

RE: not exactly

[King_TJ]

I agree that we're collectively allowing "freedom" to become a meaningless buzzword - but the 60's hippie generation didn't do much of anything to help prevent that. Rather, much of it had seeds in that era.

IMHO, we do an awful lot of worshipping the 60's that's unwarranted. Flower children, hipppies, etc. etc. The fact is, most of the people growing up in the 60's doing their psychadelic drugs, having sex with anyone willing, and protesting Vietnam ended up tightly wrapped up in "corporate America" afterwards anyway. (Hey, take Steve Jobs for example. Still pays lip service to his 60's "hippie past" with all those folk-rock 60's artists he has play music before his Apple keynote speeches and so on. But he's just another big-time corporate C.E.O. today.)

The 60's was great from a cultural standpoint. Lots of really good music and art came from it. But "greed" was never exclusive property of the "corporation". It's a trait shared *individually* by all of us, and properly channeled - can be a good thing. (To some extent, "greed" is what motivates people. If you didn't want more than what you already have, why would you work for someone doing a task you disliked? If there was no such thing as "greed", pay-raises would serve no useful purpose in the workplace.)

The real problem is, most Americans seem to be far too "non-chalant" about political issues. We take a "Who cares? Politics is boring! New law X or Y doesn't affect me directly anyway." attitude, and government grows and grows in power. The founding fathers of our country realized this could be its downfall. That's why they made such statements as "The price of freedom is eternal vigilance." Preserving freedom is *work*. It's not something you attain once and you're finished. You have to fight to keep it every day, or it slips away, one new piece of legislation at a time.

Re:Like it ot not,

[analog_line]

.NET is the most advanced RAD environment on the market today.

What kind of complete moron uses "Rapid Application Development" to implement something as dangerous as a national ID system?

Re:What's so bad about this?

[DigitlDud]

Exactly what does it violate? The bill of rights doesn't say anything about a right to privacy. It comes down to what is in the majority interests of Americans. I'm sure most would agree a national ID is worth it for a more secure nation. We already have social security IDs, this is more of a 21st century version.

evil government

[Infonaut]

Our government stinks with evil.

Is this the same government that helped stop Fascism, stopped Soviet Communism, and gave the world the Internet, or is it a wholly different government? Is it the government that sat by while the Soviet Union invaded Afghanistan? Is it the same government that in the 1970s let inflation run rampant in the United States, causing the standard of living here and around the globe to stagnate, or is it the one that fostered a huge technology and economic boom through more open market policies?

My point is that a government is never wholly good or evil. I'd say that describing a government as "good" or "evil" plays right into the hands of absolutists like Bush, except in the most extreme cases (Nazi Germany and Pol Pot's Cambodia come to mind).

I'd say that even elected governments make mistakes, sometimes horrible ones. Talking about the US government desiring the enslavement of its own citizens is just bizarre. But putting a government like that of the United States in the same boat as one like Nazi Germany is absurd.

Re:evil government

[falconwolf]

putting a government like that of the United States in the same boat as one like Nazi Germany is absurd.

Is it really? The US government herded certain groups of people into ghettos, remember Warsaw, stealing their land, killed many of them, and did medical procedures on others without their knowledge or consent. The government took children away from their parents and stuck them in boarding schools where they were beaten for speaking in their own languages. The government used others for medical experiments again without consent.

Falcon

Re:It depends on what the term RAD means to you

[Pollardito]

very hard to believe. but then again, i read the text on their own site :

Statistics based on released Secunia advisories since 2003. Choose below to see statistics based on different criteria.

Please Note. The statistics below should not be used for a direct comparison of how secure two different products are. This is partly due to the fact that a Secunia advisory often cover multiple vulnerabilities. Also certain operating systems bundle a very large number of software packages and are therefore affected by many vulnerabilities that would be counted as a vulnerability in stand alone products for other operating systems / platforms. Other factors such as vendor response times and ability to properly fix vulnerabilities is also important.

Re:What's so bad about this?

[CHR1S]

I'm not surprised to hear this coming from DigtlDug since he is now working for Microsoft according to his blog.

Seriously, just because you work for a company does not mean that you have to be blind to the security issues that do and may exist in a particular product.

Re:I'm pretty torn about this

[Master+of+Transhuman]

Why are you upset?

If it's being done by HP in .NET, it can't work!

We're safe! The only way we could be safer is if it was being done by Microsoft in .NET.

Re:I'm pretty torn about this

[aled]

It makes GUI interfaces a breeze. What took a 3 hour seminar in Java took 10 minutes in a .NET seminar.

Surely that proves .Net is the platform of choice for a national id system for a few hundred million people.