Slashdot Mirror
Obama Eyeing Internet ID For Americans
Pickens writes "CBS News reports that the Obama administration is currently drafting the National Strategy for Trusted Identities in Cyberspace, which will be released by the president in the next few months. 'We are not talking about a national ID card,' says Commerce Secretary Gary Locke, whose department will be in charge of the program. 'We are not talking about a government-controlled system. What we are talking about is enhancing online security and privacy and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities.' Although details have not been finalized, the 'trusted identity' may take the form of a smart card or digital certificate that would prove online users are who they say they are. These digital IDs would be offered to consumers by online vendors for financial transactions. White House Cybersecurity Coordinator Howard Schmidt says that anonymity and pseudonymity will remain possible on the Internet. 'I don't have to get a credential if I don't want to,' says Schmidt. There's no chance that 'a centralized database will emerge,' and 'we need the private sector to lead the implementation of this.'"
This Internet ID scheme has been floated a couple of times now and it is not going to happen. The Federal Government like big companies and big programs aka Comcast/NBC, Net Control(net neutrality) and National Healthcare. It is about controlling the most people with the least effort. This is no different than requiring me to 'show my papers.' All of this really needs to stop. --If the feds need something to do they could start by implementing IPv6 and getting everyone an IP address.
We will be enhancing your privacy and security.
By making you more uniquely identifiable and creating a single point of failure for the security method.
*HEADDESK*
Chas - The one, the only.
THANK GOD!!!
There is no chance that a centralized database will emerge, unless of course this catches on, in which case a centralized database will be necessary to address abuses.
The truth is that all men having power ought to be mistrusted. James Madison
OK, fine. But you should know that my credit card company are already happy that I am who I claim to be (and that I pay my bill on time, natch) and my bank have already given me a free security token. Oh, and I have no problem with remembering a few different passwords so thanks, but no thanks.
To be honest, I'm more interested in whether this Schmidt fellow even knows what a smartcard or CA is. I doubt he could be more ignorant than that fool in France that started the OO.org is a firewall thing though.
If God forks the Universe every time you roll a die, he'd better have a damned good memory.
Surely if this was a good idea, individuals and companies would create it and administer it on their own. Do we really need the government to tell us how to implement our systems? ...could tax money not be better spent on other things?
anything that can be read by a computer, can be changed or faked, by another computer. those who commit crimes, will be much more able to do it than ordinary citizens.
Read radical news here
Digital signatures have been legally equivalent to normal ones for some time now, but where is the accountability? Many have long said the USPS should provide certs; I stand by that idea.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Which they were constantly telling us, "No, it'll only be for the program!" Don't trust these people farther than you can throw them.
There is no -1 Disagree.
So when can I get a cryptographically secure national ID card with multi-factor authentication? I'm as much a fan of the government tracking and cataloging me as the next guy, but this isn't exactly a slippery slope; we already have national IDs in the form of social security numbers and driver's licenses: Government-issued numbers required for identification and backed by a central database.
It's just that the current system is about as poorly-implemented as it can be (and justifiably so, since it was never meant to be used like it is). Not only are SSNs weak, predictable, and easily-forged; there is no way to protect or limit their usage by authoritzed or unauthorized parties. There also no way to protect how those parties store and safeguard them.
So while I hate the idea of our government issuing IDs, its too late to really change that. But please for the good of every citizen do it right.
I don't have to get a credential if I don't want to,' says Schmidt.
Oh sure. Just like I don't have to get a state-issued ID card if I don't want either, right? Except once these gov-sanctioned IDs come into play, they do become standards (even when it's explicitly against the law, like with SSN).
And they know it. Hey, tell me which candidate it was again who was going to stand up for the little guy?
> 'We are not talking about a national ID card,'
Yes you are.
> 'I don't have to get a credential if I don't want to,'
Unless you want want to engage in any sort of non-cash transaction. Of course, if you try to live entirely on cash, you will eventually be accused of "money laundering"...
> 'There's no chance that 'a centralized database will emerge,'
No. It will stay hidden.
> 'we need the private sector to lead the implementation of this.'
Because that way when things go wrong you can blame the "evil corporations".
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
It's NOT the private sector. It's the government, which is worse.
I'll be honest here: *If* we do something like this, I'd rather have the federal government managing it directly. Large corporations are just as cooperative with the cops as your average branch of government, and at least the federal government doesn't have a profit motive for sharing the information it has about me.
I already have an "Internet ID," it's called my GPG public key.
Get used to that word.
No you cannot regulate the Internet. No you cannot create national Internet ID, so you can identify and intimidate your critics.
You cannot do these things because the courts have already said you can't and the new Congress is acting to prevent you from trying.
Not that this will stop him good fascist Soros sockpuppet he is. 2012 will though.
Corporatism != Free Market
Dear Obama,
Thank you for your deep concern of my privacy and security as it relates to my personal financial conduct on "The Internet" and my memory of passwords. I will forever take a rain check to your failed and train wreck attempt to control the public.
I don't have to get a state-issued ID card if I don't want either, right? Except once these gov-sanctioned IDs come into play, they do become standards
They will do it like they did with driver licenses, they will say "accessing the internet is not a right, it's a privilege".
I wonder which part of "The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people" they didn't understand.
Or how about "The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people
Comments on this draft closed in July, and it's been changed since. But this should give you a sense of what they're actually proposing. http://www.dhs.gov/xlibrary/assets/ns_tic.pdf
When are we going to graduate from this democracy myth and start calling the US the plutocratic oligarchic republic that it is?
Never, thanks to an education system that ensures that 99.9% of the population don't even understand what plutocratic oligarchic means and parents too busy watching ESPN or American Idol to compensate for said system's deficit.
Seven puppies were harmed during the making of this post.
at least the federal government doesn't have a profit motive for sharing the information it has about me.
Do you really believe this? As Robert Heinlein said in "The Moon is a Harsh Mistress", "My point is that some person is responsible. Always. If H-bombs exist - and they do - some person controls them. In terms of morals there is no such thing as 'state'. Just men. Individuals. Each responsible for his own acts."
The profit motive of the federal government is that of thousands of people who would be without a job if the government didn't have all those agencies controlling every detail in your life.
Wow... all of this to stop the internet as a threat from happening. Eliminate anonymity as a possibility on the internet, wait a few years until everyone is complacent, and they use it to mop up any stragglers who don't bend to the will of The Powers That Be.
Good thing they aren't doing anything to fix the security model we all rely on, which would leave viruses and botnets as a plausable denyability... oh... wait... they are.... "The App Store", which means no local filesystems, and no way to propagate information outside of what is allowed by the OS.
And then there is the push towards cloud computing, again no local storage.
We'll be ok... but our kids won't... because they will see local storage as a vulnerability, and shun it at all costs.
I think this will all play out in 10-20 years...at least I hope it takes that long.
Public key crypto is great, but claiming that a digital signature is equivalent to a real signature is asking for trouble. People have convinced CAs to sign certificates that identify them as Bill Gates, and those certificates could be used to generate fraudulent transactions if we moved to such a system. We really should not be reducing the amount of face to face time people spend on finances -- we already reduced it too much.
To put it another way, how many people get away with cheating on their taxes each year? How many times has the USPTO granted a patent on something that was obviously a joke? Do you really want the post office acting as a CA?
Palm trees and 8
'We are not talking about a national ID card,' says Commerce Secretary Gary Locke, whose department will be in charge of the program. 'We are not talking about a government-controlled system'
You Lie.
My point is that some person is responsible.
The problem comes when this person isn't responsible to the people. The responsibility in hiring and firing the responsible person may be diluted several times through appointed officials, and even elected officials are in a way appointed by the media.
You've missed my point. I'm not saying that there *should be* a government-run identity system, I'm saying that *if* we have one, we'd be better off if the government ran it.
If you believe the government will do nefarious stuff with your data, since corporations will hand over their data the moment some guy with a suit and a badge shows up and says "national security", giving your data to a corporation is the same as giving it directly to the government.
And while it's true that some government officials might be persuaded to become corrupt and sell your data for profit over principle, corporations *by definition* are in the business of putting profit motive first.
So corporate verification of identity has all the drawbacks of government verification of identity, plus more.
In essence, when personal privacy is on the line, corporate officials are just government officials who are *guaranteed to be corrupt*.
Are you wacked? Of course you will have to have one. One by one, sites and services would be denied to you if you didn't have one. Eventually, you couldn't do ANYTHING without complying. Remember Social Security numbers- how they were supposed to be used ONLY for SS and never used for any other purpose. Tell you what, you just try to do anything now without being forced to give your national ID number- credit card, loans, electricity, health care, taxes, driving, ANYTHING useful.
The notion that you can use a competitor is laughable, since most "competitors" are now owned by the same few people that own virtually everything else. Don't you know that the wealthiest 1% of the people already own 85% of everything there is to own? Don't you realize that the only national debate going on now is just how much of the remaining 15% they will be allowed to own as well? I guess they've lulled you into a false sense of security.
At least when the government screws you over, you can vote them out of office. Try that with a phone or cable company. Sure you can "switch to a competitor", but with the same few people owning all the "competitors", do you really think you have shown them? If the market had true competition, how do you explain that 9 times out of 10 prices only go up rather than down? How do you explain that just 5 companies control about 85% of all media outlets and the major shareholders are often the very same individuals? Dream on pal and let Fox News sing you back to sleep.
Seriously. Almost nobody commenting here even took five seconds to even think about what was actually being discussed. It's all just knee-jerk "jack boots are coming" nonsense.
"Internet ID for Americans" - Article title FAIL. This has nothing to do with a government identity of any sort. Nor is it a singular identity, credential, or technology. It's for use in commerce - you know, like OpenID? - but actually standardized so that companies will actually widely accept it. That's why the first sentence of the linked article, the whole point of the news of it, is that the Commerce department would head the effort, not Homeland Security. (Declan McCullagh, I like you, but you should be ashamed.) From the article: "This is not about a national identity card." From these comments: "It's a national identity card!"
"Single point of failure" - Reading comprehension FAIL. The published strategy talks about setting up an identity trust ecosystem where individuals set up any number of identities and credentials, of their own choosing, possibly using different technologies of use as they see fit. Much like the SSL cert ecosystem today provides a means of merchant identification, without there either being a single point of failure or sinister government control.
"Trying to solve a problem that doesn't exist" - Reality-check FAIL. I just don't know what planet you're from. If you're saying that identity theft on the Internet isn't a major concern, then you're seriously misinformed. It costs our economy millions, if not billions, in lost productivity and fraud. That's a valid government concern - making sure that economic activity can take place safely and thrive.
For frack's sake, the same people who were screaming about how Microsoft Passport was a bad idea (and it was, because it was monopoly-controlled) are now saying the free market should solve the problem. Or, you know, that there's actually no problem at all. No wonder it's so hard to get anything done in this country.
Having a national strategy to push towards building a real trust infrastructure is a GOOD idea. Reduces costs, reduces redundancy and waste, IMPROVES security on the Web. Trust infrastructure GOOD. Psycho spasmodic knee-jerk Fox-News "Govmint bad" reactions with no forethought BAD.
The difference between the state, and anyone else, is that modern states have a monopoly on force.
And the difference between a *democratic* state, and anyone else (including both the corporations and the various governments you mentioned) is that the modern state is responsible to the people who grant it the use of force.
Without that key element, I agree, there is no difference between a government, a corporation, or your neighborhood mafia. But even in a total "might makes right" world, corporations are no *better* than governments in terms of information trust, because the government can take your information from the corporations using their monopoly on force.
But really, if you think democracy is a negligible factor in American politics, there's no point in us discussing this further.
And people decided not to use it. Raise your hand if you have an OpenPGP key and it's been signed by a lot of people (i.e. an identity, certified by multiple parties such that non-distributed systems seem like a joke in comparison). Ok, put down your hands; I was asking in the wrong place. Most people don't put up their hand here, so nobody builds upon the system.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
This is not a National ID because you could have unlimited certifications.
You are only allowed one social security number, if having multiple SSN's was an option, it wouldn't be very good at tracking a single person.
This proposed system would allow you to have as many certs as you want.
This would give you the ability to use a unique cert (identity) for each bank or other transaction entity.
Also these certs could still be offered by independent organizations.
In reality this system is not about ensuring you are a specific person, but rather the same person for all transactions on that single certificate.
There's no chance that 'a centralized database will emerge,' and 'we need the private sector to lead the implementation of this.'"
Uh, no?
Identity one area I would very much love to have in the hands of government.
Why? Because if you put it into the hands of a "private sector" entity, that almost certainly means a commercial entity, which means if it finds a way to make a profit from your data, it will. Or, in other words, it isn't your data anymore, it is theirs. Thank you, but no thanks. I prefer to have an identity instead of renting it.
Sure, there are all kinds of other dangers with the government handling this stuff. But if you are more afraid of the government than of private corporations, you've not been getting the news for the past 20 years, have you?
Assorted stuff I do sometimes: Lemuria.org
Every corporation will start to use this system and that will turn what was a "enhancement to security" into a "Standard required to access any internet service"
First they tell you its just to help, then they own you.
Fuck the national ID, internet ID.... how about fucking universal single payer not for profit health care?
Fuck both of these parties. Fuck Obama.. fuck Bhoener... fuck them all.
Never, thanks to an education system that ensures that 99.9% of the population don't even understand what plutocratic oligarchic means
I always love posts like this...people who get all high and mighty because some people are too stupid to know the meaning of a word which has absolutely no bearing on their everyday life. I'm a college graduate (graduated from a major university with a 4.0 GPA), and I'll admit that I don't even know what the definitions of plutocracy or oligarchy are. I'm sure I learned them in middle school or high school, and in the 20 years since then, I've probably read them a mere handful of times, though I think I've never found the need to use them. I know how to look them up in a dictionary when I see them and need to understand what I'm reading. I just did so and said "oh yeah, ok, that's right", but I can guarantee you that in 2 weeks I'll have forgotten what it means (ok, so since I participated in this discussion, it'll stick in my head a bit more and I'll probably remember for 6 or 8 weeks).
You know what? Between all the crap I have to remember for my job, for my hobbies, all the stuff I've had to learn when I had my child and over the last 6 months (and everything else I'll learn about children over the next 18 years), all the laws I have to remember, everything I need to know for financial and tax purposes, all the stuff I need to know about automobiles, stuff I had to learn about choosing new carpet or a new kitchen appliances, about electrical repair, about plumbing, taking care of my swimming pool, maintaining my yard equipment, taking care of my garden, and a billion other things......remembering the definition of a couple of words I'll most likely never use really isn't something I give a shit about. I suspect the next time the words will be important to me is when my daughter is learning about them in middle/high school. So I guess that makes me stupid, and probably nothing but one of the sheep, or whatever else makes you feel good about yourself. Whatever. Baaaaaaaaaaaaaa
They don't even have single sign on for their OWN systems, and they think they're the right entity to create it for 300 million people? That's hilarious. This will be a $100 billion project that will never actually meet its goals.
Thanks, but no thanks. I actually WANT different passwords on my accounts. I don't WANT my facebook account to unlock my bank, or my slashdot password to unlock my facebook account.
I'm sorry, but if you really want this, you want someone else to do it. If you're smart, you won't want anyone to do it, or at the least, you want opt out.
Most of that "40%" has kids, or they couldn't get enough Earned Income Credit to even negate their own income tax owed. They do still pay Social Security and Medicare and Federal Unemployment taxes, all they aren't paying is the Income tax itself. It's called Earned Income tax credit because you have to have a job, with wages, to qualify for it. That's not sitting on their asses and doing absolutely nothing, that's working. If that 40% had been sitting around for years, not working, then we would have had a multi-year 40% unemployment rate (which, you may notice, we didn't)
Your figures are totally wrong, your principles are false, your conclusions are wrong, and the part at the end about "the 15% you are blaming", shows you didn't read the parent post before reflexively vomitng forth your mindless hate and fomenting class warfare. As that parent poster said "You are entitled to your own opinions, not your own facts." Please get some real facts about how the system works and stop repeating misinformation.
Who is John Cabal?