back to article Home Secretary in ID card gaffe

Security experts have rubbished claims by the Home Secretary that databases for the controversial National ID Cards will be "unhackable" because they are being kept off the public internet. In an interview with BBC Radio 4's Today programme on Thursday, Jacqui Smith said "none of the [ID card] databases will be online, so it …

COMMENTS

This topic is closed for new posts.
  1. Pete mcQuail
    Unhappy

    Castro is gone but ...

    "The Home Secretary's interview with Today can be found here. Smith's interview starts about the 12:00 minute mark and her comment on database security for the National ID Cards project can be found after the 18:20 mark."

    New Labour is obviously in serious contention with a 6 hour 20 minute plus interview.

  2. Anonymous Coward
    Anonymous Coward

    "none of the databases will be online"

    Bollocks! It's far too inconvenient to keep them offline. Or does their definition of offline mean 'independent network accessed by computers that also access the public internet'? Or even 'VPN'?

    Actually, it's not hackers that scare me. It's the government misusing, mismailing, misentering, misupdating and generally fucking things up.

  3. StillNoCouch
    Coat

    Why bother hacking in the first place ?

    One could simply wait by the post for the CD's to be randomly delivered.

    (OK, I'm leaving now ... )

  4. Anonymous Coward
    Unhappy

    I do not understand...

    ...how this can really be happening.

    Surely somewhere behind the Home Secretary is a collection of techies who are able to brief her on what to and what not to say.

    Surely somewhere they have employed someone with half a brain that could create a secure system that wouldn't be as susceptable to well-known issues (like corrupt employees, but don't worry, it's OK, they have an ID card..... *Sigh*).

    And surely they can wander into another country, see how theirs is working and base the UK one off of that (although that would require the UK to send technically competent people rather than yet another politician that doesn't know their RJ-11 from their RJ-45 on a public funded jolly).

    No? Bugger :(

  5. Whitter

    Simple 'hack'

    Find a senior-ish IT person, give them £1m, get database.

    That's how secure it is to pharmaceutical or insurance companies and the like.

  6. Kevin Johnston

    Just a matter of time

    So you setup an Agency to employ people in areas where they will come into contact with Children or Vulnerable Adults and hey presto, the Government kindly gives you direct access to the data so that you can check prospective employees are who they say they are (see comments about the ID card is a receipt). Who cares that it is not on the public internet when you have to give access to most of the world to verify data, is anyone going to keep track of how many requests people make?

  7. Silo Spen
    Flame

    Oh god...

    So we have this massive database which, presumably, all the customs, passport guys, everyone, needs to have access to. If they don't have access to it, it defeats the point of the whole thing!

    If it does have to be shared, how will they get the data - by post?! I thought they had already tried that.

  8. Anonymous Coward
    Flame

    ... they really are in la-la land aren't they ?

    ... and the worrying thing is how sheeple follow them ... there are too many people in the UK that think just because someone is "in power" means they automatically know what they're talking about.

    I wonder if it'd be possible to register as Jacqui Smith on the NIDB before she does ... bit of work with some gelatin and a retrieved shiny mug would be a start ....

  9. Andy Taylor
    Coat

    @Pete McQuail

    I expect that the first 5 hours were taken up by James Naughtie's question.

  10. Vladimir Plouzhnikov

    You don't need to hack it!

    You just send flowers/a bottle of champagne/iPod/iPhone/LCD HD TV/keys from a new car/a brown envelope to a civil servant who will deliver the data to you on a disc and in a nice gift wrapping. What exactly do you send would depend on the volume of data you need and the price of that particular civil servant in question.

    These schmucks in the Downing Street are in denial.

  11. Richard
    Alien

    Who advises HM.Gov on data security?

    The only explanation for such techno-utopianisms is that someone has managed to distill the essence of Gene Roddenberry into a super-pure form.

    I don't seem to remember a certain set of CD's being copied off an internet connected server.

    [Darn, now I can't shake the image of Jacqui Smith in a Starfleet uniform]

  12. Anonymous Coward
    Stop

    Someone nail these idiots

    As someone commented on a previous article.

    What is the point of an ID card scheme that doesn't check the details of the card against a central database via a network?

    You simply forge a card and no one can check it back against any real data.

    What a waste of my money this really is. This also assumes that the excess of 1 million EU migrants in the UK will never be forced to have one becasue it's illegal to force them.

    Seriously what is the point? Non-executive directorships in big firms for the government coming up anyone?

  13. Nomen Publicus
    Boffin

    Identity provides no protection against Intent!

    It really doesn't matter at all as Identity provides no protection against Intent!

    The jumped up library card isn't a prophylactic; it doesn't magically turn the holder into a nice, fluffy person.

    A card carrying terrorist can still walk into a crowded airport and blow himself up at the first queue he finds. It's not as if he'll have a criminal record indicating that he regularly blows himself up so nobody will know to stop him.

  14. Red Bren
    Paris Hilton

    @AC

    "Surely somewhere behind the Home Secretary is a collection of techies who are able to brief her on what to and what not to say."

    There *may* be a collection of techies *may* be able to brief the Home Secretary, but do you really fancy their chances of being able to instruct a politician in the subtle art of data security?

    Even if they succeed, how do you rate the chances of a politician explaining this on to a layman electorate that gets bored of politics if it isn't delivered in easily digestible sound-bites?

    Easier to just make up some nonsense about it not being connected to the net.

    Paris, coz her party lifestyle is far more news-worthy than a creeping police state.

  15. Anthony Sanford
    Thumb Down

    I think she ment

    I think she meant that the database would not be accessible over the internet.

    Having a database that no-body can access, well it is the sort of thing this administration would come up with, ultimate security an off-line database.

    Never mind it would be useless and still does not address the problem that it could be abused in the future.

    Why don't they just scrap the database project and save us all a lot of money.

  16. Dunstan Vavasour
    Go

    Reg NIR Security Seminar

    I think The Reg should invite the Home Secretary to put forward a panel of techies who believe the thing can be made secure for a public seminar.

    The Reg could assemble a panel of IT Security savvy peeps to debate the matter openly and publicly, and we could see how the whole shebang stands up to rigorous cross examination.

    I bags the popcorn concession.

  17. threaded

    Hacked before it gets used

    This database will be such a valuable target, and being run by such utter twonks, that it is an easy one to predict it will be cracked before it even gets off the starting blocks.

    Remember you read it here first.

  18. Anonymous Coward
    Pirate

    Screw Loose

    My forefathers laid down their lives so that their descendents could avoid being ruled by evil dictators, and here we are just over half a century later giving even more power to an unelected regime who wouldn't be able to order the words "foggiest" and "clue" into a meaningful presentation.

    Come the day of the revolution brother, I'm in there with you.

  19. Anonymous Coward
    Anonymous Coward

    She's been watching Mission Impossible...

    ... and reckons they should set this up like the NOC file...

  20. Dave
    Coat

    So, how's it going to work?

    I'm happy (uh, not unhappy) that the Database will be on a private network. That makes sense. It's different to "not online", which to me means "There is a database, but it's not attached to a server." If it's not online, it's offline, therefore it's not working.

    But how do we get these "benefits" of a known, good set of ID data?

    Students can use it as proof of ID for getting a flat, or opening a bank account. How can anyone check that the card-bearer is the same person as recorded by the card without comparing the biometrics?

    Doesn't this mean that Banks will have to have all the fingerprint scanners / DNA Sequencers / Iris scanners required? Why can we trust the banks with our new, one size fits all data, when we can't trust them to shred confidential papers? [see News passim]

    And what about Landlords and Estate Agents. Without going in to all the anecdotal "evidence" that All Estate Agents Are Scum, and The Single Biggest Waste Of Time & Money When Trying To Buy A House, I can just about envisage a situation whereby the big chains have ID card readers, but not the individual Landlords who let privately. Are we going to have to have a new set of laws criminalising Renting without ID checks, or is this a completely bogus claim?

    And why would one card, which could be stolen, and can't be verified without a secure network connection, be more secure than a Driving Licence / Passport, 2 Utility Bills, or a signed letter from the college?

    With regards to workers in Airports, Docks and the like. These guys already have ID. Are the current ID / Security standards that bad that all the current security precautions in our airports and docks can be bypassed by Osama Al-Qleaner simply putting on a blue pinny, and pushing a cart load of noxious chemicals and a toilet brush?

    Just Asking, that's all.

    Mines the blue one that wiffs vaguely of bleach.

  21. Slaine
    Paris Hilton

    so which is it?

    option 1: a fantastic way to guarantee a person's identity from biometric and fingerprint data (in which case an instantaneous link to the database will be required); or...

    option 2: a steamy pile of lies piled upon incidious lies to mask the introduction of a massively expensive white elephant full of sensitive personal information that is soooooo secure that the only way to get a copy of it is by 1st class posted CDRom?

    ...for an added laugh... see http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2008/01/20/nsmith220.xml

    "But it was the Home Secretary’s use of statistics to claim the streets were safer while admitting she herself would not go out at night alone which was leapt upon by the opposition, who accused her of being “out of touch.” "

    Icon - because she'd look a darned sight nicer than that gnome secretion (sorry, home secretary) in a starfleet uniform.

  22. John Stag

    Security is a human problem.

    You can have the best firewall ever devised by man but when the employees are losing CDs in the post it won't do you much good.

    Employees can also be bribed, blackmailed, and do stuff out of sheer boredom (looking up famous people, etc.)

    Any tech-centric discussion of security is utter stupidity, but you can bet that that's what the contractors are selling them.

  23. Anonymous Coward
    Paris Hilton

    A man walks into a bank...

    .. to open a bank account, and proffers his ID card. Does he have his fingerprints taken? If not, then it could be any old fake ID smartcard knocked up in his kitchen using a £20 kit off ebay; if so, then is the bank storing his fingerprints for their own nefarious purposes? Does the bank go online and match the scanned prints with those on the central identity register? Does this mean the govt will track every time the card is shown (there appears to be space in the ID register to do so, according to the BBC website)? Does this mean that our fingerprints will need to be scanned a dozen times a day? and will the government sell the data stream to spyware scum to target us with personal services? (sorry, slipped into Phorm rant mode there!) Good job the ID register will be unhackable "just like the Police National Computer" - Jaqui Spliff. Not like this then

    http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2006/12/13/udetective113.xml

    Sigh, what's a girl to do...

  24. Maurice Shakeshaft

    What really irks me about all this...

    ...is the contempt politicians, civil servants and their advisors have for the electorates intelligence. Individuals may, in the right circumstances of pressure, come to accept the Government line that ID Cards are both necessary (for what, why....) and can be made to work (secure, maintainable, robust,...) but when exposed to arguments such as are found in the Register and the rest of the real world, swiftly recognise the complete bollocks that is being expensively foisted upon us.

    The more "they" persist with this nonsense the more they damage their credibility on the bigger issues. If they can get something as simple as this (to want to implement a National Computerised ID System) so badly wrong it bashes the other bits of some of their (potentially good) other ideas.

    Aaaarrrggghhhhhhh!

  25. Anonymous Coward
    Pirate

    It's just politics

    I am a bit surprised at the implicit assumption that JS cares (or the general population care) whether she's right or wrong about IT security issues. So few people will know any different about what they read in papers or hear on the radio, and politicians (and IT consultants) rely on a combination of ignorance and apathy. Anything vaguely plausible will do as a soundbite. Ms Smith could claim that the database will be protected by a swarm of anti-hack data-bees, and my mum (for example) would be none the wiser. And even if she didn't believe it, she'd just tut over her Daily Mail.

  26. Anonymous Coward
    Happy

    Get out the tin hats.

    Someone must be reading my emails. I suggested this over a year ago to a friend. The Database truly isn't on the public internet, and ID card logging goes one way into the system. This is to fulfil parts of the NISCII criteria.

    The holder of the card is never presented with a "This card isn't valid" no matter what he does. Then, as the information streams in, a whole load of data mining takes place offline. With reports such as ...

    "Illegal card checked into Park lane hotel 3:45 today."

    "Albus Dumbledore died three months ago, but is currently on the london underground, leaving fenchurch street."

    "Gordon Blair, NI No: NR88 88 88 A Cannot possibly have been at both the regents park mosque, AND at the Edinburgh Fringe, only ten minutes apart."

  27. Pete
    Paris Hilton

    She's an idiot

    I thought her interview just demonstrated how idiotic the government's plans for id are... particularly the bit about students - as if tuition fees, top up fees, double the interest on loans isn't enough, now they will have to shell out £60 for an id card as well...

  28. Chris
    Paris Hilton

    I don't get it...

    How's it going to work then, if it's not 'online'?

    To check someone's ID some sort of comparison needs to be made the reference (ie. the NIR), but if it's not 'online' how's that possible? Or is Ms Smith's definition of 'online' different to everyone else's?

    Paris, as she's stupid enough to believe this tripe.

  29. Anonymous Coward
    Pirate

    Maybe she should chat to Darling or Brown...

    ..they've just legalized stealing data, as long as it's sold on

  30. Anonymous Coward
    Flame

    "it won't be possible to hack into them"

    I'm looking for the 'red rag to a bull' icon, but can't seem to find one. This was the most red icon available.

  31. George
    Thumb Down

    reasons why proposed biometric ID cards will fail

    I believe that proposed ID cards should not be implemented at any cost for following obvious reasons.

    1. These cards will not work where there is no reading equipment. This shows that rather than deterring these cards will only divert fraud to other sectors.

    2. Fraudsters will have option to use fake of these cards as IDs where there is no equipment. This shows that these cards will help fraudsters to do more identity fraud.

    3. We are encouraging identity fraud by relying on signatures on agreements, cheques, money withdrawal notes, receipts, delivery notes etc. despite of knowing that in the event of crime these signatures would not even expose person's gender. Current signature is like passports without photos and hence it is so difficult to deter and prosecute fraudsters and hence we should personalise signatures with ID stickers as described on website www.xwave.co.uk

    4. Government's idea of making non-EU members have these ID cards will fail unless it is written on their foreheads that they have ID cards because otherwise criminals will fool us by claiming that they are not recent foreigners with ID cards.

    Proposed ID KEY system can be treated as a reliable universal international ID card because it will personalise signature and PIN number to only the right individuals in any country.

  32. Anonymous Coward
    Anonymous Coward

    She says it;s unhackable because...

    ...that's what she's been told to say, by the Cabinet spinmeisters, and by the same consultancy companies that stand to make a fortune out of yet another failing/failed Government IT contract.

    She says it's unhackable and it goes unchalllenged at the time because being clueless about technology is OK in UK media and politics, whereas being clueless about Art or even about Accountancy is somehow less acceptable?

    When's November 5th? Can we get it right this time please?

  33. Ian Johnston Silver badge
    Unhappy

    Cross checking

    A card which isn;t checked against a database is pointless, because it depends solely on security measures in the card and they'll last, ooh, about, three days after roll-out.

    So cards only make sense if they are checked, every time. In which case, what's the point of the sodding card in the first place?

  34. Anonymous Coward
    Anonymous Coward

    Banks...

    Those that are talking about banks using ID cards: It's one of the benefits that the government have, at one time or another, been touting, totally secure (ahem) bank account opening. The trouble is, none of the banks want it, they all have systems that work fine at the moment, you produce a passport and a couple of official bills etc. etc. it's free and just works (tm). The government don't seem to understand that no bank will want to invest in a whole load of infrastructure, multiple ID card readers for each branch, reprogramming of existing sytems and then be charged for each transaction.

    And you'd better hope that they stay that way, because who do you think will pay for that infrastructure? Yup, it'd be us. The government take taxes from us for this insane project, then force it on other companies, who have to charge us for the luxury of using the system that we have already paid for and didn't want in the first place.

  35. Grahame
    Coat

    Impenetrable...

    As the data vaults of a Liechtenstein bank?

  36. Anonymous Coward
    Anonymous Coward

    @ George

    "Government's idea of making non-EU members have these ID cards will fail unless it is written on their foreheads that they have ID cards"......

    .....Isn't that where they're going with the non-EU first idea anyway?

  37. Sam

    Resign, bitch.

    See above.

    Is Britain going for the "even thicker than America" award, or something?

  38. A Non
    Thumb Down

    AN UNPRINCIPLED SCHEME

    AN UNPRINCIPLED SCHEME

    The Home Secretary has announced the government's 2008 'Delivery Plan' for the ID scheme, a plan that NO2ID showed - with leaked documents <http://wikileaks.cx/leak/nis-options-analysis-outcome.pdf>[PDF] - in January to be little more than a marketing exercise. Nothing has changed.

    On the same day, almost a year late, the Treasury published the review that Gordon Brown commissioned from Sir James Crosby in 2006. No wonder it's been kept under wraps for so long. The government's own advisor lays out ten broad principles for the design of a "consumer-driven universal ID assurance system" scheme - and the Home Office ID scheme breaks them all.

    1. Any scheme should be restricted to enabling citizens to assert their identity ... BROKEN

    2. Governance should inspire trust. It should be independent of Government ... BROKEN

    3. The amount of data stored should be minimised. Full biometric images (other than photographs) should not be kept ... BROKEN

    4. Citizens should "own" their entry. It should not be possible, except for national security, for any data to be shared without informed consent ... BROKEN

    5. Enrolment should minimise costs and give citizens a hassle-free experience ... BROKEN

    6. To respond to consumers and give benefits, it should be capable of being rolled out quickly ... BROKEN

    7. Citizens who lose cards or whose identity is compromised should be able to get it fixed quickly and efficiently ... BROKEN

    8. The scheme's systems should work with existing, efficient, bank systems to reduce risks ... BROKEN

    9. To engage consumers enrolment and cards should be provided free of charge ... BROKEN

    10. The market should play a role in creating standards, to ensure ease of use and minimise costs ... BROKEN

    And finally - unless we've overlooked something - the Home Office published the results of its latest survey <http://www.ips.gov.uk/identity/downloads/IPS-Omnibus-Report-Wave-3.pdf>[PDF]. The Home Secretary bluffs and blusters that the benefits of ID cards are "undoubted", but her own department's research shows that while three-quarters of people consider the claimed benefits to be "very important", only just over one quarter consider them to be "very believable".

    Unprincipled. Unchanged. Unbelievable.

    [For an explanation of how each principle has been broken, see NO2ID's press release on the Crosby Review <http://www.no2id.net/news/pressRelease/release.php?name=Crosby_10>.]

  39. Harry Stottle
    Dead Vulture

    @ I Do Not Understand

    You are quite right to imply the technical consensus - which is that we cannot protect large scale databases filled with sensitive data to which large numbers are permitted access.

    However, as I explained here: http://stottle.blogspot.com/2007/11/datastrophe.html

    "Only those with political or commercial interests claim that such protection is possible."

    So the question is, where did the "collection of techies" who should have briefed her on that consensus actually come from?

  40. RW
    Linux

    Muppets

    Are these people serious? Does this Jacqui Smith person even understand the words she reads off the papers handed to her by her spin doctors? I want some of what they're smoking!

    What we're seeing is due to several pernicious habits the NuLabour crowd have become addicted to. First, a near-absolute refusal to ever admit they're wrong about anything. Second, trying to micromanage technical matters they know nothing about. (The endless interference with schools and the NHS over the most minute details exemplifies this. Folks, leave the technical details to the technicians!) Third, they adhere to that corny saying "optics is everything" and think a good sizzle will do as well as a good steak. Thus the incessant spin doctoring. Fourth, the same problem that, to my mind, affects Microsoft, namely confusing a superficial familiarity with a body of knowledge with true understanding and expertise.

    Of course these habits are not isolated. They're deeply intertwined. So much is obvious. In fact, one might summarize all these as a love of meddling based on urban legends.

    But there remains an issue I have seen no explanation of: who is it that is pushing so hard for the national ID database? What individual demands it? Maybe I'm naive, but I can't understand how, in the face of repeated, trenchant, reasoned criticism, NuLabour continues to stick to their guns on this. Even given their inability to admit being wrong, something smells funny. I wonder just what powerful person cannot be denied in this matter, what gray eminence lurks within the Labour party.

    It's rather like our Canadian laws against porn. They forbid the importation of porn that's completely legal to manufacture, possess, and sell within the country, and are selectively enforced against gay bookstores. One concludes that somewhere in the bowels of government there is a powerful homophobe who dictates policy based on personal prejudice. [This sounds a little like J. Edgar Hoover, but the fact he was a closet case is irrelevant to my argument.]

    It would be very interesting if El Reg were to quietly investigate and see if they could identify the prime mover behind this insane scheme. If the results come complete with incriminating emails and memos, so much the better.

    Or is it all nothing more than that the IT vendor for the national ID system has already been selected, and he/she/it is a big Labour supporter?

    One has to wonder. Nothing would surprise me.

    The penguin, because it's lovable and NuLabour isn't.

  41. Elmer Phud
    Pirate

    @ Chris

    'Not on-line' means not accessible from the U.K.

    Anyone needing a check will need to ring a call-centre in India where all the data will be kept.

    This will have the added benefit of ensuring the data is distributed fairly to the highest bidders.

    HTH

  42. Anonymous Coward
    Go

    Data is kept on the card, encrypted - is there a problem ?

    "You simply forge a card and no one can check it back against any real data"

    Why can't the biometric data be kept on the card, encrypted (AES or something as secure) and using a Public-Private key system, the readers can access that data but not modify it.

    So it's very hard to modify/forge and you don't need access to an online database.

    Am I missing something here (I don't work in Security and I completed my degree a long time ago) ? If that'll work, aside from the fact that it's harder to update or you may need one more often I'm not too worried.... aside from the fact that I think parliament should vote on it.

  43. Anonymous Coward
    Thumb Down

    Labour - you can trust us on ID cards - just like with the EU referendum!

    Last night Labour’s Home Secretary Jaqui Smith, having stood for public office on her party’s manifesto promise of giving the British people a referendum on the EU, brazenly filed into the lobbies to deny the British people this very thing! This morning, we learn, she has unveiled the first details of the timetable for introducing the national identity card – thereby laying the foundations of the coming EU federalist police state here in Britain.

    First of all, as one would expect, comes the “soft soap” – the non-controversial step of making all foreign nationals provide their biometric details. Then, from next year, we learn that the scheme is to be extended to British people working in high-risk areas such as airports. Then, in 2010, students and young people will be encouraged to provide their details voluntarily – why they should want to do so remains unclear. This thought must also be preying on Labour’s policestate minds as well, for we also learn – that from 2011 – everyone applying for a passport will be added to the national identity register! Clearly there can be no escape from Labour’s Gulag Britain!

    Having established Jacqui Smith’s integrity we are somewhat bemused when she is reported as claiming: “Increasingly, we need to be able to prove our identity in a whole range of ways: when we’re travelling, when we’re opening a bank account or accessing government services. We’re all better protected if we can be confident that other people are who they say they are.”

    Who’s “better protected” Jacqui – apart from Labour ministers?

    Of course Britons can rest assured that absolutely no abuse of this potentially dangerous proposal will occur – indeed, we have the Government’s collective word on that – the very same corrupt government, of course, whose members gave their word that we would have a referendum on the EU!

  44. Anonymous Coward
    Dead Vulture

    Who voted for these turkeys?

    Cause I bloody well didn't! If YOU did see here for WHO http://www.youtube.com/watch?v=b3mi-bKtDGA and heed the wisdom therein.

  45. Mike Rogers
    Thumb Down

    Our transatlantic cousins

    Let's be under no illusion. Once the database is up and running, it will be available to every jobsworth bureaucrat in the country (look at RIPA: even the fire brigade and local councils can now intercept your calls), any company willing to pay/bribe the govenment to access it (DVLA the most obvious example), all EU police forces and even the FBI:

    http://www.guardian.co.uk/uk/2008/jan/15/world.ukcrime

    Given that half the globe and their dog will have access, what difference will a few (more) dodgy criminals make?

  46. Anonymous Coward
    Paris Hilton

    Why can't the biometric data be kept on the card, encrypted...

    err because I could make my own card with my own fingerprints in it....

  47. Dennis
    Boffin

    Re: I don't get it...

    "How's it going to work then, if it's not 'online'?

    To check someone's ID some sort of comparison needs to be made the reference (ie. the NIR), but if it's not 'online' how's that possible? Or is Ms Smith's definition of 'online' different to everyone else's?"

    I've no idea how the real system will work, but how about ....

    The card reader checks your biometrics against the details on the card. The card reader then ask the central system if the hash of the data on the card is correct.

    You only need a database of hash values available online.

  48. johnB
    Black Helicopters

    Tattoos

    Wouldn't it just be cheaper to tattoo a unique number on the citizen's wrist ?

    Has anyone tried that ?

    Oh yes... I forgot, they tried that in the 1930's.

  49. Dr. Mouse

    Got bored

    I got bored with all the comments about how stupid the government is. We know they are stupid/corrupt/ignorant.

    But one thing I was told many year ago springs to mind. It doesn't QUITE work anymore, due to the advent of mainstream wireless communications, but assuming you rule that out...

    * The only way to ensure true security is a 6-inch air gap *

    ie. as soon as there is a connection to a network (and a human being could easily be considered a network connection) the machine is no longer secure. End of.

    To me this boils down to a completely secure server being burried in concrete, not powered up, and generaly being useless. As soon as you use it it is possible for the thing to be hacked. Anyone who thinks otherwise is wrong.

    So to have a useful database like the ID card one, it is impossible to make it 100% secure. Surely someone has told our politician friend this? Most likely they did, but she ignored it and decided to tell the sheeple what they wanted to hear. And the sheeple will bleet "YAY!", and rejoice in their shiney new ID-card database which is impossible to hack, and will stop evil imigrants from taking our jobs or blowing us up, and usher in a whole new age where the roads are paved with gold, it never rains, and we all live in a state of pure bliss....

    ... Until it gets hacked, or someone blows up one of the new hydrogen powered busses, or stubs their toe. Then everyone will be shocked that the sweet and innocent government lied to us.

  50. Anji
    Unhappy

    - and it gets worse!

    As if it weren't bad enough that data security is compromised by all those remote card readers - connected or not to the database - the point of entry for your most personal information is now deregulated. In an interview today with "info4security" http://www.info4security.com/story.asp?storycode=4117775&sectioncode=10 , James Hall, chief executive of the Identity and Passport Service let slip this gem,

    "As part of the proposed cost-cutting measures, the Home Office will be asking private companies to photograph and fingerprint ID card applicants directly."

    “We had previously assumed that we would do that ourselves, but as we’ve been re-thinking about this with the home secretary over the last few months, I think we recognised there’s no need for us to do it ourselves – far better to allow the marketplace to do it,” Hall said.

    “That allows you essentially to have competition between different providers, providing services to the public; probably allows you to have far more obedient points of presence out in the high street; and undoubtedly as a consequence will significantly drive down the cost.”

    - And HOW much did we pay to commission all those 70-odd registration offices that were given the go-ahead (and finance) months before this sorry project ever came close to Government approval.. or was it..?

    I have to go and lie down now. Blood pressure don't you know....

  51. John

    No internet access means wide open

    On previous form, no internet access means thousands of civil servants will download the whole blank thing on to their laptops. And then guess what?

    Web access, properly secured (like most banks now) is the only way to go. Which will come with a log, of course, so we know who asked what and why.

  52. Bjorn
    Alien

    secure cards

    While I find the idea of a national database with "off-line" user authentication containing fingerprints, DNA genome info, and criminal records, about airport workers and juveniles a somewhat alien concept, there are a couple of solutions to the common place use I haven't seen mentioned here.

    The most important being a PIN code on the card itself, allowing the card being used as a common bank card. With private forces invited in on this, a link between the card and your bank account is probably to likely. That would make the card an replacement for current banking cards, and with all in one place you would of course don't have to carry that many cards around.

    (Being totally screwed the day your purse/wallet is stolen is of course not considered, nor the question of this being accepted by international banks, instead of their favorite noble metal coloured ones. )

    This two-factor combination would also alleviate the " a card with a fingerprint being authenticated towards the base is only a card authenticating" argument.

    If this is a novel thought to the powers that be, we can only hope and assume they don't read the reg.

    The authentication scheme would then be dependent upon several factors, ranging from the card being in your possession, your picture being on the card, you having the PIN for the card, your signature being on the card, your finger print, iris scan, and DNA match being there.

    Authorization would be a result of the level of authentication, communicated by pigeon (see RFC 1149, or 2249) as communication protocol to avoid buying expensive secure digital lines.

    A digital hash of the DNA would even ensure uniqueness, and make it impossible to register several cards.

    What can I say, sounds brilliant to me, after a few pints, let me hasten to add that..

    The only thing that could mess up this would be someone untrustworthy, like the government being in charge of the database.

    They could get around that by outsourcing to India or China of course.

    :/B

  53. Stewart Haywood

    @RW

    "Are these people serious? Does this Jacqui Smith person even understand the words she reads off the papers handed to her by her spin doctors? I want some of what they're smoking!"

    I expect that Jacqui was handing out the cannabis just like in the 80's!

  54. Eden

    Get a clue?

    they couldn't, not if they were a clue, on planet clue, surrounded by clues of the opposite sex, in the middle of clue mating season, covered in clue pheremones.

  55. Anonymous Coward
    Go

    @Why can't the biometric data be kept on the card, encrypted...

    "err because I could make my own card with my own fingerprints in it...."

    No you could not, because you would not have the key to encrypt it and the reader would therefore not be able to read it ...

  56. Xpositor
    Coat

    Unfair

    People are posting very unfair comments about dedicated government. It is quite reasonable to assume that they have developed security protocols more advanced than that which we in the general population might be aware of, or could even possibly imagine.

    It is likely that they would apply this hyper-advanced security rigorously to such a system, to ensure that no nefarious person(s) would be able to gain access. I couldn't even attempt to comment on exactly how they would do this, as they obviously keep their security systems secure and private; if I knew about them they wouldn't be secure - which is why none of us know about them and everybody is making jokes (wrongly) about the government's ineptitude in such projects.

    And I don't understand why people assume that we (the people) will end up paying for the end use of any such system - e.g. having your identity checked in a bank. Banks are there to look after our money, and give us access to that money when we want it, and maybe let us have a little bit more besides. To think that they would want to charge us for rolling out new infrastructure show the general lack of understanding of what banks are about.

    Even if its use was extended to such locations as confirming your age in a pub, it would be a simple matter for the government to add another couple of pence of tax on to the price of a drink, with that covering the cost of the end reader and the transactional cost of performing the validation lookup. I am sure that you aware that our taxation on alcohol is the lowest of the developed nations, and nobody would mind paying a little bit more to feel safe and secure in their local hostelry.

    To address all of the humour aimed at airport staff. They have a very difficult job to perform under extreme stress all the time. Would you like to be the one that's responsible for making a judgement call as to whether a bottle contains plain drinking water or some volatile explosive mix? Introducing an intrinsically secure identification system would make their jobs so much easier - and if that was to happen then it goes without saying that the whole process of checking in, passing through security, and boarding the plane would be so much smoother for everybody. Like banks, the airports and airlines are there to service us, their paying customers. They reinvest the little profit that they make to ensure that our holidays and business trips start and end as best as they possibly can.

    Finally, to address the issue of there being no security as soon as you turn a system on - well I find that whole idea ridiculous. That is essentially implying that our praiseworthy government's vetting procedures for staff in such positions are useless. The CRB check isn't just for cub-scout leaders and teaching assistants, it can be used for extensive background checking on an individual, that covers not just themselves but all living relatives and friends in a simple, cost-effective manner. That they are able to turn this check around in the few days that they do demonstrates just how good the government can be at deploying complex IT systems. And don't judge others by your own standards; just because you might take a million pounds to try and get a copy of a system (which won't be possible because of the new, secret security systems), doesn't mean other people might. In fact, you will find that most civil servants are committed to their jobs, and follow the fine examples set by their paymasters, the very MP's that we keep so overwhelmingly voting in (one simple mistake on an expense claim, that I'm sure we've all accidentally done ourselves, and we attack them for it - it's just not on).

    Anyway, hopefully I've written enough to dispel your fears about this new system, I'll just go and get my coat. That's right, the white one with added 'fashion' straps and buckles.

  57. Anonymous Coward
    Coat

    re Civil Servants

    I would just like to point out, as a lowly Civil Servant, that most of these ideas and most of the data losses have occurred as a result of "initiatives" brought in by so called whizz kids from private industry, you know the ones, the directors that are so bad they can't even be employed under the "old boy network" anymore.

    The real Civil Service has constantly pointed out the flaws in their systems but has been constantly misrepresented as idle sickie taking reactionaries rather than honest hard working people who do the best they can in adverse conditions with poor leadership and even poorer equipement. Before blaming the workers, just look at who the bosses have been that created all these cockups in the 1st place.

    Posted anonymously for obvious reasons. I'll get me pinstripe jacket,bowler & brolly now

  58. heystoopid
    Alien

    Ah

    Ah nuts ! , they are dreaming in La La land ! , or is it the thetans again ?

  59. Anonymous Coward
    Boffin

    @Why can't the biometric data be kept on the card, encrypted...

    ..er you've just turned all accepted cryptography wisdom on it's head.

    It's the *decryption* key that's kept secret. The *en*cryption key is public. I know it's confusing, but if you listen very carefully to the phrase "public key encryption" you might just get a clue.

  60. Igor Mozolevsky
    Gates Horns

    RE: Unfair

    [snip drivel]

    > Anyway, hopefully I've written enough to dispel your fears about this new system,

    > I'll just go and get my coat. That's right, the white one with added 'fashion' straps

    > and buckles.

    and now we know who votes these guys in! :D

  61. Igor Mozolevsky
    Paris Hilton

    re Civil Servants

    >I would just like to point out, as a lowly Civil Servant, that most of these ideas

    >and most of the data losses have occurred as a result of "initiatives" brought in

    >by so called whizz kids from private industry, you know the ones, the directors

    >that are so bad they can't even be employed under the "old boy network"

    >anymore.

    Clearly the civil servants fail to understand that the "whizz kids from private industry" are willing to spin anything to get the budgeted cash, and it's the civil servants' responsibility to ensure that the solution they buy actually meets some criteria... Has anyone in the Gov't ever thought of actually hiring someone "in-the-know" to audit all these solutions?.. Has anyone *actually* been held accountable for any of the recent cock-ups???

    >The real Civil Service has constantly pointed out the flaws in their systems but >has been constantly misrepresented as idle sickie taking reactionaries rather

    >than honest hard working people who do the best they can in adverse

    >conditions with poor leadership and even poorer equipement. Before blaming

    >the workers, just look at who the bosses have been that created all these

    >cockups in the 1st place.

    Yes, it's the evil bosses that leave laptops in various places, don't dispose of sensitive data properly or mail CDs with individuals' data around the country without a thought...

  62. Anonymous Coward
    Anonymous Coward

    She's a politician

    Expecting honesty and technical competence is a tad optimistic.

    Part of the problem is that most of them are short of experience outside politics.

    I'm less bothered by the confusing misuse of jargon. She's not tech-competent. But somewhere along the information chain somebody is too dumb to realise what has gone missing in the simplified explanation the politician gets.

    And so politicians see something too big to really understand, and assume others have worked out the details, while we see a bicycle shed with a cheap padlock on the door and an open window.

  63. heystoopid
    Alert

    Sadly

    Sadly , once the wankers get dumb ideas welded to their single functional brain cell no amount of logic or any argument will sway the course from just stumbling towards an absolute police state like Joe Stalin's former Soviet Union to recreate the illusion of safety at the high price of all freedom absolutely as is shown in the latest round of stupidity due to be installed and functional for all initially domestic public at Heathrow

    link http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2008/03/07/nheathrow107.xml

  64. Shabble

    Minister = Middle Management

    I'm sure we've all sat in meetings with suppliers and cringed with embarassment as the middle manager with oversight over the IT dept makes some howling technical blunder. Also, I expect a fair few of us have watched with horror as our IT ignorant bosses have signed the company up to some clearly unworkable software system because they have swallowed the b*llsh*t of a smooth-talking company rep.

    I imagine that this statement about security issues is just a repetition of the assurances provided by the sales rep of the company hoping to provide the ID system. The Minister thinks that the case made by the rep is compelling (she wouldn't be in the job if she thought ID cards were unworkable) and so thinks that she can win the technical argument by repeating them.

    Unfortunately, this government has spent many years isolating itelf from technical experts (eg Iraq Dossier) as experts tend to disagree with idealistic professional politicians. The reality of the situation is irrelevent because the government doesn't live in the real world.

  65. Anonymous Coward
    Flame

    Suck it down Citizens!

    Enjoy your ID-Card ride to hell.

  66. Beachhutman

    string and tin can I presume?

    If they aren't online via the internet, how do a hundred thousand identity checking terminals from all over the country, schools, banks, hospitals public and private, post offices, town halls, airports, (and the world in our Embassies abroad) interrogate the database for identity checking?

  67. Anonymous Coward
    Anonymous Coward

    Politics...

    Democracy doesn't work. Apparently Plato worked this out some time ago.

  68. Anonymous Coward
    Go

    @Why can't the biometric data be kept on the card, encrypted...

    ..... It's the *decryption* key that's kept secret. The *en*cryption key is public. I know it's confusing, but if you listen very carefully to the phrase "public key encryption" you might just get a clue....

    Bzzzt. wrong again. there is a private key you keep private, and a public key you make public. you can derive the public key from the private one but not vice versa.

    you can encrypt with either key. anything encrypted with the private key can be decrypted only with that public key, so anyone can read it but only i could have created the message. anything encrypted with the public key can be decrypted only by the matching private key, so anyone could create the message but only i can read it. the key pairs get used both ways dependant on requirements,

    in the case of id cards i would encrypt a copy of a hash of the data with the private key. anyone can decrypt the hash using the public key and check the data matches, but only i could have created the data that the public key decrypted. this is a digital signature.

    this is already in use on the 'biometric' passports. the (weak and broken) encryption the passport rfid chip uses isnt its main security, thats just read access. so you can read a passport chip and write an exact duplicate for what its worth, but you cant modify or add any data to the passport because its all been digitally signed, using a private key you dont have. the public keys for each country are what a passport control officer would use to check that the passport data isnt forged. matching the data to whats physically printed and whats standing infront of him is a judgement call at present, one they hope biometrics would make more accurate.

    so yes, id cards could be made entirely stand alone, no database required, and fullful most of the claimed purposes, but what they then dont give is the huge database on everyone which is what the government actually wants (but wont admit).

  69. Tim Williams

    How is the data distributed ?

    If the database is not on the web then presumably the only way interested parties can get at the data is by physically travelling to the databases location (Horray, lots of bad for the environment carbon emissions) or by putting a CD in the post, which means we will soon have partial copies of the data floating about in every single government office in the country, being accessed on insecure internet connected computers.

    Or is the government proposing to build out an entirely separate physical network just for the ID database ? How long before someone accidentally connects a computer to both ?

  70. Spider
    Flame

    learn your history or be doomed to repeat it...

    have these fucktards learnt nothing? name a single secure system that has never been hacked? drm? iphone? even the pentagon? and these systems actually had some techs working on them.

    the moment it goes live it'll be a race to see who breaks it first. not a question of if, just when.

  71. MGJ
    Go

    FUD

    Have any of you guys actually read anything about how the ID card is going to work before poking holes in it?

    The biometrics are not on the card; they are used to control access to the digital certifcate stored on the card and signed with a key generated from the governments private key and the biometric, ie a replacement for a PIN, but a secure one you can't lose easily or break easily. At this registration stage the question is 'who is this person' so there are lots of checks to see that they are who they say they are, and that they are not already registered.

    Use of the card then has a number of opportunites to check the identity of the holder; they are relatively tamper proof and will have a photo on them so that is one level of checking, or they can be scanned/swiped to check that the certificate has not been revoked, and most of all can provide authentication for eletronic transactions at a distance (ie secure over internet, GSI etc). Not much to do with beating terrorism or introducing the nanny state, but how else do you introduce modern convenient governemnt with security a bit better than eBay or Facebook, when the cost (maybe £100 a head) cannot be justified out of a single departments' budget.

    At most of the points where they are needed, we already have to go and get our '2 bills and a photo'; the conveneince factor will ensure some take up, particularly for those with regular interactions with the state. What we have to ensure is that they don't get made into things to carry all the time with constant checks, and I suspect the Government has already lost that one by playing the terrorism card.

    In our department, electronic transactions are better for us, customers and taxpayers. It would be nice to know they were more secure though.

    If you meet Ken Munro for a drink, get him to tell you some of his White Hat testing stories, particularly physical penetration tests (ooer); they are quite funny, and he has good guys working for him.

  72. Anonymous Coward
    Anonymous Coward

    re: Why can't the biometric data be kept on the card, encrypted...

    Because that would protect the privacy and security of the citizen, when the object of the exercise is to remove them and place them in the hands of the Home Office... to build One Big Reference File on everyone with all significant transactions logged: Total Information Awareness.

    It doesn't matter that it can't work as they imagine. It's the bureaucratic Holy Grail of a paranoid governmentalist state. The more impossible it is, the more they want it.

    ....

    @ George - You are Yogesh Raja and I claim the Westminster Gazette prize!

  73. Martin
    Black Helicopters

    tehnically correct?

    i am sure the core databases wont be direcly connected to the web.

    check out most EAI designs and you will find the core data sat back offiice side and the data presneted to the front end via some operational data sotres and or a web facing portal

    the databases wont be "online" but surely the data would?

    otherwise how could any validation against the records take place?

  74. Doug
    Alien

    Only 30% voted for them last time...

    We are encouraging the democracy craze to various parts of the world and yet we have the worst example of democracy. Our beloved dictator wasnt voted in and it only takes 30% of total votes to get into power! So no wonder its all a bit of a disaster.

    Note that if you do bump into Jacqui at a kebab place in Peckham, dont give her any grief over this. She'll have a couple of bodyguards next to the sauces and the bulges in their trousers wont be cos they are pleased to be with her.

    Alien, cos i reckon they are all from another planet.

This topic is closed for new posts.