Stupid woman
You'd think she'd be smart enough to shut up about it with an election coming up.
Identity minister Meg Hillier says that the Identity and Passport Service has "custom built" its own database for the identity card scheme. Following reports that the IPS had scrapped plans to store biographical information on the Department for Work and Pensions' database, Hillier said that the controversial scheme has three …
"the one that holds the fingerprints and facial image, the biometric data, and then the other information which is broadly what is on your passport already and the third bit is the one that links the two"
Also known as one database with 3 tables?
What is wrong with just storing the info on the chip?
I imagine this is for verification reasons. As and when somebody manages to (a) modify an existing card in a way that it still looks internally valid to card readers or (b) creates a whole new card that looks internally valid to a card reader, you need some way of refuting the contents of the card. A simple mechanism would be to hash the card contents, hash the database contents, compare the two.
If you don't have two sets of data, you can't do that.
And to all those who ask why multiple databases, the simple answer is likely to be security. For verification purposes all you need is some kind of hash from the biometrics database. Separate that data out, put it in an utra-secure environment and only allow verification requests and responses from the outside world. This helps prevent disclosure - accidental or deliberate - which should be topmost in the minds of the people designing this system.
Not that I want it - I just wanted to explore possible reasons for some of these design decisions. Still fail.
You can't refer back to the main db in cases like this. Can you imagine the infrastructure? *GLOBALLY*? And you'd need wireless+portable, with a response time in seconds. So most readers will simply use a local check, trusting the card.
WTF is the point in the card then?
My (slightly tin-foil-hat) opinion is: social control.
The answer to your last question is partly contained in the comment above yours - the one in capitals.
The other answer is of course that it would be easier to create and use fake cards if they weren't checked in realtime against a secure remote database.
Sure, the forger would have to find a way round the digital signature, but with that done all the check would be doing is verifying that the biometrics on the card matched the person presenting it.
Which tells you very little.
Has anyone tried explaingin databses to _civil servants_?
I would actually expect the implementation to be three different databases, on different platforms, from three different suppliers, with all the interoperability and security issues that this entails. A typical implementation for these three would be something like:
1) SQL Server on Windows, custom app front-end written in C++
2) MySQL on Linux, web front-end written in PHP
3) Oracle on some custom hardware, data only accessible through stored procedures
Anyone expecting any less of a dogs dinner for such a government led IT project is sadly naïve.
They wouldn't be allowed to use something completely free such as MySQL!
The argument would ensue "Is it supported?".
I had an argument with a free open source module I embedded into an application I wrote for a government agency, I justified it by a) it works where as the non-free product doesn't work adequitely, b) we don't have to buy it so no hassle with licenses and the bureaucratic nature of the agency for which we're working.
My management was concerned it wasn't supported..but the fact is, the bloody thing worked properly so we didn't need support for it!
And as for Oracle? They've probably got some rule that says though shalt only use Microsoft shite.
a person may only have 1 face, but can have several addresses, alternative ids etc.
a bit shorthand, but..
Table:person:
Fields:
uniqueID
name
dateofBirth
(,etc.)
Table:address:
Fields:
uniqueID
address line 1
(,etc.)
Table:personAddresses:
Fields:
person.uniqueID
address.uniqueID
personAddressType (e.g. work/primary residence/other residence)
Table:alternativeID
Fields:
uniqueID
value
Table:personAlternativeIDs:
Fields:
person.uniqueID
alternativeID.uniqueID
personAlternativeIDType (e.g. National Insurance Number, Passport number, Drivers Licence number, Prison System number, medical practicioners license number etc.)
I don't see why they would require an address history in this whopper of a database. Surely they only neeed your MAIN residence (like with driving liceneses)...my god the politicians will have to exempt themself ASAP.
I guess you COULD have multiple profile shots, but your retina, finger prints and DNA are not going to change...unless you visit Ukraine or eat a lot of North Sea fishies. Also I would question the need for out of date information being on the system...if the objective is to identify you, they should only ever need the most recent of everything...address included! As for the other identifiers, I guess this could be farmed out to another table (Person ID, ID ID, ID Number)...this might be getting silly.
"I don't see why they would require an address history in this whopper of a database. Surely they only neeed your MAIN residence (like with driving liceneses)...my god the politicians will have to exempt themself ASAP."
1)How else will they be able to cross reference all the *historical* surveillance data without it?
2)Because they can.
That will immediately net 90% of the UK population.... opps sorry I am a year ahead of myself there.
That will net 70% of the UK population........ opps sorry 6 months ahead of myself there
Make it compulsory to have an ID Card to collect unemployment benefit. That way our out going MP's will vote against it as they won't want to have to get an ID Card when the get slung off the gravy train!
If you don't vote you can't complain when things don't go your way.
@Ottoman
I dearly hope you're very young Mr/Mrs/Ms Ottoman...such perfect naivety. If you happen to be older than say, like, 20, then I applaud you for your belief. Of course, you could learn that the system is not really here for your views...that way you really would be engaging with reality. Heaven ( as if ) forbid. Google "Reality Info" for an education :) Serious. Try it:) All the best in your journey. Peace.
I am neither young nor naive, I however, am very tired of people bitcing and complaining yet doing nothing about it and resigning to their fate. You don't like something, change it!
Often, in life, we do not get exactly what we want, so choose the next best thing which is available, if you are not in a position to create your options.
Doing nothing and hoping that it will go away is exactly what is wrong with the society we are living in.
FAIL it is indeed but not on my behalf.
There is already a data-gathering project underway.
It is masked as an improvement to the CRB process and you only need to be registerd once.
It will cover most youth workers, teachers, loads of folks who come in to contact with children (no, not like that!) and it's being sold as a simple one-off.
Chances are that an 'enhancement' will produce a 'registration card' to avoid any misgivings and to prove you are registered. It has been said that it won't be required for things like baby-sitting but the CRB scheme expanded with knee-jerk rapidity and I assume the same will happen in this case.
Not long before the Tories get in and instead of ID cards we just get our NI numbers tattooed to our foreheads instead (with a barcode that links to our national register of information and allowances)
Balderdash!
I recently had an election missive through the door from the Tories. In it there was a mini-questionnaire which said "Which of these Tory policies do you support?"
Err, excuse me? Where's the option for "None of the above"? Where's the option to say "Just because I may have voted for you does not mean I support all of your policies"? In fact where is there *anything* that lets us do more than vote for a particular coloured rosette but which allows whoever gets the most seats to claim that they now now have a mandate from the people to do X, Y and Z because one vote covers *everything* in their manifesto.
Representative Democracy? Not in this country!
Using existing databases will inevitably lead to problems, as anyone who has ever tried to get an existing "sales" database to work with an existing "accounts" database by writing "a new bit in the middle" will tell you.
("Well OUR customer IDs have SIX digits...", "But we have ALWAYS put their credit rating in the 'Telex number' field...", "Oh we NEVER fill that field in...")
That card reader sounds suspiciously like the "new hardware" we used to prepare for trade shows.
You know the sort - where you take the salesmen through the exact sequence of keys they need to press to make it appear to be doing something, and then tell them that under no circumstances must they let potential customers touch it.
The rest of Hiller's comments remind me of a mammoth thrashing about in a tar pit for some reason.
Hillier emphasised the importance of the ID card to people who are "socially disadvantaged"
because they are usually the people who change address the most and are the least likely to remember to tell the government so it means they can picked up and fined any, and every time, its convenient.
put the micro-chips under the skin of every individual and link us all in real-time to the uber triple-databasen. I sooo want my phone to be a real part of me, a bio-mechanical organ, pulsing with data streams about my every thought and movement. What could possibly go wrong I say, I say what could possibly go wrong.
"She said that what was important about the identity card was the chip and suggested that in the future it may be possible to install the chip in another device, such as a mobile phone."
Great, as a larger lout I enjoy stealing cellular telephones, but I haven't had much incentive to do so since I stole my last iPhone. Now that phones will come with a free identity I can sell to my dealer, I might have to break out the old half brick again.
"Hillier emphasised the importance of the ID card to people who are "socially disadvantaged"."
I don't care what Hitler says, my dole money does me fine.
I still havn't been told HOW the ID card will fight terrorism.
Although it worries me that the Gov will keep my data on a database, and worries me further that they have started making cards before finishing the database design, I could live with these things.
BUT ONLY AFTER AN EXPLANATION OF WHY!!!
Surely the Reg could interview someone to find this out?
Anon because...oh look a black heli...
I went last week Thursday to do the application and I received the card in the post yesterday. So much for biometric data as they only took my photo and finger prints. I was not asked to pee in a cup or to fry my eyes in a lazer eyeball gazing thinghy, or do a blood donation.
So, what's all the fanfare about? The paperwork only covered your name, address and citizenship. You have to divulge a lot more about yourself just to open a bank account, or buy something on credit.
What biometric data? "took my photo and finger prints" That biometric, data you idiot.
Good luck changing your fingerprints when your id gets stolen. Fortunately it's fairly easy to drastically change the shape of your face. If you decide you need such a service, I'd be happy to help.
"pee in a cup" What?
"fry my eyes in a lazer" Are you 12? Wtf is a lazer?
"Referring to many of her constituents who are without any form of identity document"
They have no birth certificate, rental agreement, utility bill, bank card, benefit card, council tax bill or any number of other items which can collectively prove identity?
If they are so destitute that they in fact do not have any of the above, how can the prove who they are in order to go on to the ID database? And if they can prove who they are now, then they don't need to be on the ID database!
Stupid, stupid, STUPID Labour toady!
This is YOUR FAULT you main-party voting morons!
And if you didn't get off your fat ass to even vote, hang your head in shame you feckless turd.
The next lot are merely softening the words and desparatly trying to invent policies that are different from this lot.
The main difference is that the banker will really, really fuck us over with the Tories - with new lab they were only practicing. Don't forget who Cameron's mates are and who Boris is desparate to defend.
Your choice is tis fucked or so well fucked you can't even complain about it.
'Hillier said that the "9/11 had put the cast on the ID card" about terrorism'
Hello, Hillier you chump. This is reality calling. The 9/11 terrorist travelled on THEIR OWN PRIMARY ID (passports). If the USA had had ID cards then they would have still gone ahead as, despite making no attempt to hide who they were, the were not stopped by the security services.
So how the bloody hell will ID cards help? The security services couldn't even track those guys by their passports numbers! FFS!
Argh!
Britons - rise up and overthrow these threats to our nation!
When Hillier said "9/11 had put the cast on the ID card", what she meant was:
"After 9/11, the populous was sufficiently panicked and easy to mould, that we were then able to sell the concept of an ID card as an anti-terrorist measure, rather than its real purpose as an authoritarian tool to monitor people."
3 tables... please!
Database 1. "information which is broadly what is on your passport already"
i.e. who you are
Database 2. "There is the one that holds the fingerprints and facial image, the biometric data"
i.e. how to prove who you are
Database 3. "and the third bit is the one that links the two,"
i.e. the very important bit.
if i want to search for/browse/aggregate information on people I just need access to database 1
if i am the police and i want to verify a given identity (stop and search) I just need access to database 2
if i want to trawl for a fingerprint match I need access to all 3, so that i can work back to the record in 1, by getting a match in 2, via 3
access can be controlled based on functional area, with reduced need around access.
- council uses the database as its source on people in the area (or FKs its own database from it) and only for this.
no connectivity at all needs to be setup to databases 2 and 3, hence "mr. council person" can't look at the biometric data (if he wanted to!) even if he "borrows" his good friends "mr. policeofficer"'s login.
also....
database 3: "the one that links the two"
it will be an awful lot easier (design, development and especially TESTING) to add links to databases 4, 5, 6 etc. in future with the link info. split out.
also, as the biometric data is hidden away in another database to which access can be totally independently controlled, why do databases 4-6 have to be government databases.
- UKGOV PLC can supply uniqueIDs for everyone in the country, to commercial organisations, (theoetically) without UKGOVs own data being accessable.
GCHQ monitoring of communications
they have a record of a phone call between phone A and phone B
- if the ID database(s) isn't going to end up having phone numbers in it I'm sure it will key through to the phone operators db's.
So... they can get the ids of each person and create, in their own database a relationship between these people ("anonymously"... they won't have your personal details, just an ID number)
they have a record of an email from email address X and address Y
- again, just wait for it to happen, you'll havre to register the email address as belonging to you else.. well, they'll have the email address and the ip address and the ISP will be able to tell them .
So... they can get the ids of each person and create, in their own database a relationship between these people (again, "anonymously"... they won't have your personal details, just an ID number)
If the uniqueID of the person with phone A is the same as that of the person with email address X we have a nice little network of "anonymous" people and their relationships built up.
Now, this person is arrested for terrorist offences... the security services update database E with the arrest which triggers a the GCHQ database to do a bit of PageRank or similar algorithm and pull in the details of "the interesting contacts" and the police know this persons contacts... with everything having been kept anonymous up until this point.
As database 3 links the biometrics to who you are, wouldn't this be the most important and vulnerable of the 3 to hacking attempts. After all, if you can get into that database with write access, then identity theft takes on a whole new meaning.
Have a criminal record you want to get rid of? Just point your biometrics to someone else. Loaded with debt, just become someone else.
Ah well, I guess hollywood needed a new version of "the net" to broadcast, so why not persuade some smuck to implement it in real life.
I suspect you may be imputing too much common sense and "customer care" to the institutions involved.
The reason originally adduced (see the Strategy issued end 2006) for using three (or two-and-a-half) existing databases rather than Mr Blunkett's single clean one, was cost-saving, not security. It is unlikely security (of your data) has ever been a consideration. The Whitehall rationale for the scheme in the first place was to enable massive data-sharing. And before it was disbanded/downgraded, the Independent Experts Group appeared to be saying in coded language that the IPS was utterly clueless about security.
The idea that retrofitting three vast, used, civil service databases is cost-saving is clearly nonsense. My guess would be a combination of empire-building (the IPS gets its tentacles directly into other agencies, and is therefore much more difficult to uproot), and cost-*hiding*.
Start with a 70 million record database, which is quite substantial by quite a few yardsticks.
Multiply by the number of updates/additions per year (we wont need deletions for at least a century) *including* death notifications and c1500 births a day over (say) 120 years just to be on the safe side.
Don't forget the separate biometrics database. Image compression on passports is quite efficient so say 70m x 100k or 7TB
And of course you'll be wanting to back this lot up on a regular basis.
No wonder IBM got the contract.
After all IBM Germany wrote the book on fine tuning a nationwide database to efficiently identify people for special treatment.
If we refusniks refuse to apply for a card then we will lie outside the DB. We won't be able to get any form of benefit but then again you can always walk into Tesco's and walk out again with all the food you want and then they either arrest you but they won't be able to identify you or they will just ignore you as you are too much trouble - all those forms to fill out!!