Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Obama Eyeing Internet ID For Americans

Soulskill posted more than 3 years ago | from the anti-troll-doctrine dept.

Government 487

Pickens writes "CBS News reports that the Obama administration is currently drafting the National Strategy for Trusted Identities in Cyberspace, which will be released by the president in the next few months. 'We are not talking about a national ID card,' says Commerce Secretary Gary Locke, whose department will be in charge of the program. 'We are not talking about a government-controlled system. What we are talking about is enhancing online security and privacy and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities.' Although details have not been finalized, the 'trusted identity' may take the form of a smart card or digital certificate that would prove online users are who they say they are. These digital IDs would be offered to consumers by online vendors for financial transactions. White House Cybersecurity Coordinator Howard Schmidt says that anonymity and pseudonymity will remain possible on the Internet. 'I don't have to get a credential if I don't want to,' says Schmidt. There's no chance that 'a centralized database will emerge,' and 'we need the private sector to lead the implementation of this.'"

cancel ×

487 comments

how about no (5, Insightful)

trolman (648780) | more than 3 years ago | (#34803760)

This Internet ID scheme has been floated a couple of times now and it is not going to happen. The Federal Government like big companies and big programs aka Comcast/NBC, Net Control(net neutrality) and National Healthcare. It is about controlling the most people with the least effort. This is no different than requiring me to 'show my papers.' All of this really needs to stop. --If the feds need something to do they could start by implementing IPv6 and getting everyone an IP address.

Re:how about no (4, Interesting)

transami (202700) | more than 3 years ago | (#34803872)

"If the feds need something to do they could start by implementing IPv6 and getting everyone an IP address."

+1 (x 2^128)

Re:how about no (4, Insightful)

Lawrence_Bird (67278) | more than 3 years ago | (#34804034)

exactly. typical nannystatery, looking to solve a problem that does not exist with a government sponsored effort. And who for a moment doesn't think that this would carry advantages for the 3 letter boys and girls?

Re:how about no (5, Interesting)

arivanov (12034) | more than 3 years ago | (#34803948)

Typical American paranoia. Not that UK is much better.

Anyway, I have had a Bulgarian digital ID for nearly 4 years now. It is privately run - there are several companies which have been licensed to issue the certificates and they issue certs/smartcards to individuals and businesses. The govmint has nothing to do with it besides being obliged by law to accept a smartcard signed electronic document as a valid signature in any form of communication. I can sign a contract, sign my tax return, sell/buy stuff that requires a signed contract, give instructions to my bank and all of these are _EQUALLY_ legally binding to me showing up with a passport/ID and signing it in person. On top of that most cert authorities and smartcards fully support Linux at least on x86 so you do not even need to pay MSFT tax to use it.

On the negative side, banks, etc have been pretty quick on the uptake that this is an acknowledged and transactions are legally binding so you cannot do any electronic banking without it any more.

In any case - an example where "technological backwater" "undeveloped" "fifth world economy" and "third rate democracy" (all are labels which BG has had in USA press at various times) shows how this _CAN_ be run as a useful tool for individuals and companies to do business without the govmint having anything to do with it besides collecting some license revenue.

Re:how about no (5, Insightful)

Anonymous Coward | more than 3 years ago | (#34804042)

Yeah, typical paranoia. You write: "you cannot do any electronic banking without it any more." "I don't have to get a credential if I don't want to," says Schmidt. Of course the government will not make a central database when it gets tax return files signed by everyone in the country. No, certainly not. How stupid do you and the government think we are?

Re:how about no (3, Insightful)

Anonymous Coward | more than 3 years ago | (#34804052)

Typical American paranoia. Not that UK is much better.

Anyway, I have had a Bulgarian digital ID for nearly 4 years now. It is privately run - there are several companies which have been licensed to issue the certificates and they issue certs/smartcards to individuals and businesses. The govmint has nothing to do with it besides being obliged by law to accept a smartcard signed electronic document as a valid signature in any form of communication. I can sign a contract, sign my tax return, sell/buy stuff that requires a signed contract, give instructions to my bank and all of these are _EQUALLY_ legally binding to me showing up with a passport/ID and signing it in person. On top of that most cert authorities and smartcards fully support Linux at least on x86 so you do not even need to pay MSFT tax to use it.

On the negative side, banks, etc have been pretty quick on the uptake that this is an acknowledged and transactions are legally binding so you cannot do any electronic banking without it any more.

In any case - an example where "technological backwater" "undeveloped" "fifth world economy" and "third rate democracy" (all are labels which BG has had in USA press at various times) shows how this _CAN_ be run as a useful tool for individuals and companies to do business without the govmint having anything to do with it besides collecting some license revenue.

So if the smartcard was spoofed, we'd be right fucked, huh.

Re:how about no (2, Interesting)

Anonymous Coward | more than 3 years ago | (#34804056)

Typical American paranoia.

There may be countries where the government is trustworthy enough to allow this. But the United States isn't one of them.

Re:how about no (4, Insightful)

Culture20 (968837) | more than 3 years ago | (#34804208)

Typical American paranoia.

There may be countries where the government is trustworthy enough to allow this. But the United States isn't one of them.

In fact, the government was set up to not trust itself. The framers of the constitution didn't trust the government they were creating, so they crafted it to be full of gridlock.

Re:how about no (1)

trolman (648780) | more than 3 years ago | (#34804078)

Thanks for the feedback. BTW I have always liked the .cx domain for some reason.

Re:how about no (5, Interesting)

Seumas (6865) | more than 3 years ago | (#34804080)

I'm sure Bulgaria has absolutely no political corruption and that everyone in the government is absolutely trustworthy and that there is and was absolutely nothing shady about the selection of the private entity (yay, another government utility monopoly!) to provide the services and that there are absolutely no questionable connections between government officials and the selected company, just like there are no relations in America between officials and the selection of companies like Haliburton, L-3, and various FDA fast-tracks, either.

I don't know a lot about Bulgaria, but Americans and Brits tend not to like to be identified and monitored, though their government and the stupider sheep among the population constantly do everything they can to undermine this desire. It's abhorrent enough that our SS# has gone from being something you ONLY provide to your employer to set aside SS tax in your account and to the government when you're ready to withdraw and has instead come to be used to get a driver's license, create a cell phone account, cable account, internet account, bank account, blockbuster rental account, etc.

Let's either value privacy and autonomy or throw up our hands and quit this charade and go full bore into fully complying with all wishes and desire of the motherland.

Re:how about no (2)

Gofyerself (1709970) | more than 3 years ago | (#34804096)

It is one thing to buy a digital certificate from a company and quite another to have one "issued" by your government. You say typical American paranoia, but give me one instance where the American government did not abuse its power and overstep its rights while trying to provide "service" to its people. There are countless examples today, nanny camera's, Social Security number, drones for fucks sake. The list goes on. Read the Patriot Act, this would be a sweet deal for government to be able to implement a way to track every US citizen without having to do much work in aggregating data from different sources.

Re:how about no (1)

ultranova (717540) | more than 3 years ago | (#34804182)

Anyway, I have had a Bulgarian digital ID for nearly 4 years now. It is privately run - there are several companies which have been licensed to issue the certificates and they issue certs/smartcards to individuals and businesses. The govmint has nothing to do with it besides being obliged by law to accept a smartcard signed electronic document as a valid signature in any form of communication.

These facts, when combined, make me uneasy. Who bears the responsibility if a private ID issuer makes a mistake and gives and ID in your name to a fraudster?

Re:how about no (2, Interesting)

Anonymous Coward | more than 3 years ago | (#34804210)

I stopped reading when I encountered "govmint".

Re:how about no (0)

Anonymous Coward | more than 3 years ago | (#34804280)

You're also happy to live in a police state lead by an authoritarian moron who can barely speak. It's quite understandable that you wouldn't see a problem with that.

Ahem, democracy? (0)

Anonymous Coward | more than 3 years ago | (#34803998)

Isn't is just a little bit odd that allegedly, according to everyone who talks about it, in this country the government is the people?

When are we going to graduate from this democracy myth and start calling the US the plutocratic oligarchic republic that it is?

Re:Ahem, democracy? (5, Insightful)

Dunbal (464142) | more than 3 years ago | (#34804060)

When are we going to graduate from this democracy myth and start calling the US the plutocratic oligarchic republic that it is?

      Never, thanks to an education system that ensures that 99.9% of the population don't even understand what plutocratic oligarchic means and parents too busy watching ESPN or American Idol to compensate for said system's deficit.

Re:how about no (2, Interesting)

Anonymous Coward | more than 3 years ago | (#34804090)

Sure trying to improve the lousiest health care system of any western democracy fits like a glove with authoritarian privacy concerns. You have to make up your mind are mega corporations benevolent benefactors, while the government is an authoritarian nightmare, or it the other way around. You can't have it both ways. Personally I think each is a little bit of both, but when it comes to my health, I'd rather my insurance be run by a bureaucrat tasked with initiatives to improve the standards of living on a regional, state, or national level than an corporate accountant tasked with increasing the bottom line everywhere possible. You get one or the other with whichever system you choose.

Re:how about no (0)

Anonymous Coward | more than 3 years ago | (#34804292)

yeah just have a look at all the slashdot icons beside the story. This can be no good :o

Slight conundrum? (5, Insightful)

Chas (5144) | more than 3 years ago | (#34803766)

We will be enhancing your privacy and security.
  By making you more uniquely identifiable and creating a single point of failure for the security method.

*HEADDESK*

Re:Slight conundrum? (0)

Anonymous Coward | more than 3 years ago | (#34803968)

My reaction to this was sort of similar.

Except in my case, i picked the desk up and hit it off my head.
Y'see, back problems. Rather than bend over, i bent the laws of physics instead.

Re:Slight conundrum? (1)

CrazyDuke (529195) | more than 3 years ago | (#34804110)

I see, so you live in Russia?

Re:Slight conundrum? (4, Funny)

Culture20 (968837) | more than 3 years ago | (#34804254)

I see, so you live in Russia?

No, Soviet Russia lives in him.

no centralized database, for now (5, Insightful)

Attila Dimedici (1036002) | more than 3 years ago | (#34803774)

There is no chance that a centralized database will emerge, unless of course this catches on, in which case a centralized database will be necessary to address abuses.

Re:no centralized database, for now (1)

Anonymous Coward | more than 3 years ago | (#34803980)

They'll just attach a game to it and the sheep won't be far behind. Facebook is already a centralized database and they line up to get on board.

Offered for financial transactions? (4, Insightful)

newcastlejon (1483695) | more than 3 years ago | (#34803784)

OK, fine. But you should know that my credit card company are already happy that I am who I claim to be (and that I pay my bill on time, natch) and my bank have already given me a free security token. Oh, and I have no problem with remembering a few different passwords so thanks, but no thanks.

To be honest, I'm more interested in whether this Schmidt fellow even knows what a smartcard or CA is. I doubt he could be more ignorant than that fool in France that started the OO.org is a firewall thing though.

Re:Offered for financial transactions? (2)

gilesjuk (604902) | more than 3 years ago | (#34803878)

Indeed. A central point of failure is never a good thing.

Just like a biometric ID card is a bad idea too. Until you have on there is the risk that someone registers one in your name. Then you have a really hard time to prove that this person is not you.

Re:Offered for financial transactions? (2)

sloth jr (88200) | more than 3 years ago | (#34803898)

Given that the US has mandated PKI using SmartCards for 6+ years now, yes, Schmidt knows what a CA and a smartcard is.

It's good that your bank provides you a security token; the proposed initiative is a good one, and lays out a common strategy for something-you-have authentication that can then be potentially used in a much wider variety of venues than your bank.

Expect this to become part of the PCI standard.

No, thanks (1)

mangu (126918) | more than 3 years ago | (#34803950)

lays out a common strategy for something-you-have authentication that can then be potentially used in a much wider variety of venues than your bank.

You mean, like credit cards?

We already have something-you-have authentication for any situation that NEEDS authentication.

And I'd rather NOT be authenticated in all other situations.

Card not present (1)

tepples (727027) | more than 3 years ago | (#34804144)

something-you-have authentication

You mean, like credit cards?

Credit cards are often used in card-not-present situations such as telephone or online purchases. The account number, expiration date, CVV2 number, and billing address aren't something you have; they're something you know. They're only something you have if a retailer has a policy of no gift shipments, in which all shipments are to the billing address.

Re:Offered for financial transactions? (1)

Demonoid-Penguin (1669014) | more than 3 years ago | (#34804036)

OK, fine. But you should know that my credit card company are already happy that I am who I claim to be (and that I pay my bill on time, natch) and my bank have already given me a free security token. Oh, and I have no problem with remembering a few different passwords so thanks, but no thanks.

To be honest, I'm more interested in whether this Schmidt fellow even knows what a smartcard or CA is. I doubt he could be more ignorant than that fool in France that started the OO.org is a firewall thing though.

I'm feeling a bit cynical tonight so I suspect you forgot "to think of the children". Besides the last time I heard that (last year) it was a twerp from Microsoft advising our department of insane internet censorship that we need internet drivers licenses - which is of course, a completely different thing.

Re:Offered for financial transactions? (1)

Seumas (6865) | more than 3 years ago | (#34804100)

Not to mention, companies already offer these services. Free for the most part, or for a small fee if you want the encryption FOB. Lastpass, for example. Fuck, even Blizzard offers them. There is absolutely no need for a government organization or any kind of regulation of this. There is already a market catering to the demand of this service, without any of the icky and creepy government involvement.

Anonymous Coward (0)

Anonymous Coward | more than 3 years ago | (#34803786)

'There's no chance that 'a centralized database will emerge,' .....BS

Why is the government involved in this? (2)

scross (1621251) | more than 3 years ago | (#34803790)

Surely if this was a good idea, individuals and companies would create it and administer it on their own. Do we really need the government to tell us how to implement our systems? ...could tax money not be better spent on other things?

Re:Why is the government involved in this? (3, Insightful)

g0hare (565322) | more than 3 years ago | (#34803824)

Oh, probably standardization and compatibility with government systems, if the government is going to accept the ID.

Security and profits? (1)

filekutter (617285) | more than 3 years ago | (#34803794)

We DON"T need the private sector "enhancing" our security. In fact, that's an oxymoron.

Re:Security and profits? (0, Insightful)

Anonymous Coward | more than 3 years ago | (#34803814)

It's NOT the private sector. It's the government, which is worse.

Re:Security and profits? (4, Interesting)

goodmanj (234846) | more than 3 years ago | (#34803906)

It's NOT the private sector. It's the government, which is worse.

I'll be honest here: *If* we do something like this, I'd rather have the federal government managing it directly. Large corporations are just as cooperative with the cops as your average branch of government, and at least the federal government doesn't have a profit motive for sharing the information it has about me.

Re:Security and profits? (0)

Seumas (6865) | more than 3 years ago | (#34803984)

Are you kidding? Government officials are all about profit motive. Not the profit of giving you a secure, reliable, and safe service. The profit of exploiting and manipulating your information and security for companies that lobby to them or otherwise offer benefits in or out of the shadows. Further, there's little you can do that is stupider than trusting the government to be secure about anything. They are constantly leaking masses of DMV records, social security records, medical records. They can't even seem to safeguard their own private communications.

Not to mention, you know . . . the whole creepiness of relinquishing ANYTHING to the jurisdiction or purview of the fucking GOVERNMENT. Are you going to hand over your biometrics to acquire these IDs? Do you think the government wouldn't really have a master-key? Piss someone off? You don't have any access to your money. Choose not to participate in the program? Ooooh, sorry, we've finally decided that you must have a registered ID if you want to receive any government benefits, civil service benefits, or file your taxes. It's totally optional, though! You can always choose not to file your taxes. Or not to receive your social security and other benefits. Or not to get a driver's license!

Re:Security and profits? (3, Informative)

goodmanj (234846) | more than 3 years ago | (#34804222)

You've missed my point. I'm not saying that there *should be* a government-run identity system, I'm saying that *if* we have one, we'd be better off if the government ran it.

If you believe the government will do nefarious stuff with your data, since corporations will hand over their data the moment some guy with a suit and a badge shows up and says "national security", giving your data to a corporation is the same as giving it directly to the government.

And while it's true that some government officials might be persuaded to become corrupt and sell your data for profit over principle, corporations *by definition* are in the business of putting profit motive first.

So corporate verification of identity has all the drawbacks of government verification of identity, plus more.

In essence, when personal privacy is on the line, corporate officials are just government officials who are *guaranteed to be corrupt*.

Re:Security and profits? (1)

nschubach (922175) | more than 3 years ago | (#34804004)

at least the federal government doesn't have a profit motive for sharing the information it has about me.

Yet.

Re:Security and profits? (0)

Anonymous Coward | more than 3 years ago | (#34804020)

I'd rather have the federal government managing it directly.

Why? Seriously, what in the history of government makes you think they could mange this without screwing it up or having it corrupted or expand way beyond it's initial stated purpose?

at least the federal government doesn't have a profit motive

Oh noes! A profit motive! Look out! Its coming right for us!

Profit motive of public servants (4, Insightful)

mangu (126918) | more than 3 years ago | (#34804074)

at least the federal government doesn't have a profit motive for sharing the information it has about me.

Do you really believe this? As Robert Heinlein said in "The Moon is a Harsh Mistress", "My point is that some person is responsible. Always. If H-bombs exist - and they do - some person controls them. In terms of morals there is no such thing as 'state'. Just men. Individuals. Each responsible for his own acts."

The profit motive of the federal government is that of thousands of people who would be without a job if the government didn't have all those agencies controlling every detail in your life.

Responsible, but not to the people (2)

tepples (727027) | more than 3 years ago | (#34804176)

My point is that some person is responsible.

The problem comes when this person isn't responsible to the people. The responsibility in hiring and firing the responsible person may be diluted several times through appointed officials, and even elected officials are in a way appointed by the media [pineight.com] .

Re:Security and profits? (1)

Seumas (6865) | more than 3 years ago | (#34803944)

Who else is going to do it? I'd rather be the customer of a private entity who makes their money by offering me a secure and robust service and their success is determined by their ability to cater to me than some government effort who has no interest in providing me with anything and is only best served by manipulating and exploiting me. When Company A screws me over, I can use a competitor. When my government screws me over, I just have to keep taking it.

Re:Security and profits? (4, Informative)

turkeyfish (950384) | more than 3 years ago | (#34804240)

The notion that you can use a competitor is laughable, since most "competitors" are now owned by the same few people that own virtually everything else. Don't you know that the wealthiest 1% of the people already own 85% of everything there is to own? Don't you realize that the only national debate going on now is just how much of the remaining 15% they will be allowed to own as well? I guess they've lulled you into a false sense of security.

At least when the government screws you over, you can vote them out of office. Try that with a phone or cable company. Sure you can "switch to a competitor", but with the same few people owning all the "competitors", do you really think you have shown them? If the market had true competition, how do you explain that 9 times out of 10 prices only go up rather than down? How do you explain that just 5 companies control about 85% of all media outlets and the major shareholders are often the very same individuals? Dream on pal and let Fox News sing you back to sleep.

You don't have to have one! (0)

Anonymous Coward | more than 3 years ago | (#34803800)

You don't have to have one of these IDs if you don't want to use the internet.

Re:You don't have to have one! (1)

mangu (126918) | more than 3 years ago | (#34803960)

You don't have to have one of these IDs.

FTFY.

Re:You don't have to have one! (1)

Demonoid-Penguin (1669014) | more than 3 years ago | (#34804058)

You don't have to have one of these IDs if you don't want to use the internet.

Of course not [puts on tin-foil hat] just like you don't need photographic identification if you don't fly or drive.

And that's not a foot in the door - it's our new draft stopper. (sigh)

Re:You don't have to have one! (5, Insightful)

markdavis (642305) | more than 3 years ago | (#34804234)

Are you wacked? Of course you will have to have one. One by one, sites and services would be denied to you if you didn't have one. Eventually, you couldn't do ANYTHING without complying. Remember Social Security numbers- how they were supposed to be used ONLY for SS and never used for any other purpose. Tell you what, you just try to do anything now without being forced to give your national ID number- credit card, loans, electricity, health care, taxes, driving, ANYTHING useful.

Morons. (4, Insightful)

unity100 (970058) | more than 3 years ago | (#34803806)

anything that can be read by a computer, can be changed or faked, by another computer. those who commit crimes, will be much more able to do it than ordinary citizens.

Re:Morons. (1)

goodmanj (234846) | more than 3 years ago | (#34803860)

You do realize that a good fraction of the people on this website make a living trying to prove you wrong, don't you?

Re:Morons. (0)

Anonymous Coward | more than 3 years ago | (#34804128)

Smart cards are not about reading something. Smart cards are computers and perform cryptographic functions with a unique secret key that is embedded in the processor of the card. The whole construction of the card is such that this secret does not need to leave the processor for the card to fulfill its purpose. The way proper smart cards are constructed, they're easily more secure than handwritten signatures, passwords, transaction number lists and fingerprints, all of which also hinge on secret information but divulge that secret every time they're used.

Don't confuse the "if it can be read, it can be copied" mantra against DRM with a lack of cryptographic procedures for proving knowledge of a secret without revealing it.

Passport? (1)

mswhippingboy (754599) | more than 3 years ago | (#34803810)

Doesn't this sound a lot like Microsoft's Passport they tried to get traction on a few years ago but failed?

A great idea (5, Insightful)

drinkypoo (153816) | more than 3 years ago | (#34803816)

Digital signatures have been legally equivalent to normal ones for some time now, but where is the accountability? Many have long said the USPS should provide certs; I stand by that idea.

Not a good idea (2)

betterunixthanunix (980855) | more than 3 years ago | (#34804142)

Public key crypto is great, but claiming that a digital signature is equivalent to a real signature is asking for trouble. People have convinced CAs to sign certificates that identify them as Bill Gates, and those certificates could be used to generate fraudulent transactions if we moved to such a system. We really should not be reducing the amount of face to face time people spend on finances -- we already reduced it too much.

To put it another way, how many people get away with cheating on their taxes each year? How many times has the USPTO granted a patent on something that was obviously a joke? Do you really want the post office acting as a CA?

Same as Social Security (3, Interesting)

Grapplebeam (1892878) | more than 3 years ago | (#34803844)

Which they were constantly telling us, "No, it'll only be for the program!" Don't trust these people farther than you can throw them.

They use it for government work (0)

Anonymous Coward | more than 3 years ago | (#34803846)

Looks like they've fallen in love with these cards they stick into the side of their laptops to authenticate themselves for government work.
Users will tell you it's the biggest nuisance.

Re:They use it for government work (0)

Anonymous Coward | more than 3 years ago | (#34804162)

Looks like they've fallen in love with these cards they stick into the side of their laptops to authenticate themselves for government work. Users will tell you it's the biggest nuisance.

Ah - rainbow keys - I managed to collect a few of them, at one place we competed to see who could get issued with the most *and* how many we could have validate at the same time. There's always a weak point - that one was having one person issue keys (central point of failure).

National ID Please! (4, Interesting)

Jahava (946858) | more than 3 years ago | (#34803858)

So when can I get a cryptographically secure national ID card with multi-factor authentication? I'm as much a fan of the government tracking and cataloging me as the next guy, but this isn't exactly a slippery slope; we already have national IDs in the form of social security numbers and driver's licenses: Government-issued numbers required for identification and backed by a central database.

It's just that the current system is about as poorly-implemented as it can be (and justifiably so, since it was never meant to be used like it is). Not only are SSNs weak, predictable, and easily-forged; there is no way to protect or limit their usage by authoritzed or unauthorized parties. There also no way to protect how those parties store and safeguard them.

So while I hate the idea of our government issuing IDs, its too late to really change that. But please for the good of every citizen do it right.

Re:National ID Please! (1)

Gofyerself (1709970) | more than 3 years ago | (#34804150)

Social Security numbers are not national ID and neither are drivers licenses. Passports on the other hand are, but not every American is mandated to have one. There is no reason that a national ID number has to be secure, a number means nothing.

Re:National ID Please! (0)

Anonymous Coward | more than 3 years ago | (#34804172)

And this government created ID system that we have that is "about as poorly-implemented as it can be" is going to be improved upon by the same people?

Re:National ID Please! (1)

ducomputergeek (595742) | more than 3 years ago | (#34804270)

When social security started, your SSN was supposed to only be for them. It was never "meant" to be a national ID, at least that's what the folks in government said at the time. Yet that's what it has become....funny how that happens.

Riiiiiight. (4, Insightful)

Mr. Underbridge (666784) | more than 3 years ago | (#34803868)

I don't have to get a credential if I don't want to,' says Schmidt.

Oh sure. Just like I don't have to get a state-issued ID card if I don't want either, right? Except once these gov-sanctioned IDs come into play, they do become standards (even when it's explicitly against the law, like with SSN).

And they know it. Hey, tell me which candidate it was again who was going to stand up for the little guy?

They'll call it a "privilege" (2)

mangu (126918) | more than 3 years ago | (#34804018)

I don't have to get a state-issued ID card if I don't want either, right? Except once these gov-sanctioned IDs come into play, they do become standards

They will do it like they did with driver licenses, they will say "accessing the internet is not a right, it's a privilege".

I wonder which part of "The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people" they didn't understand.

Or how about "The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people

LastPass (0)

Anonymous Coward | more than 3 years ago | (#34803882)

Hasn't the government heard of LastPass, or don't they just want to use it?

Re:LastPass (0)

Anonymous Coward | more than 3 years ago | (#34803930)

Online password management is inherently Insecure

Cyberspace, really? (0)

Anonymous Coward | more than 3 years ago | (#34803888)

Can we stop calling it 'cyberspace'?

Privatize the project... (1)

dominique_cimafranca (978645) | more than 3 years ago | (#34803890)

...outsource it to Facebook.



Bwa ha ha ha ha!

Re:Privatize the project... (1)

Cwix (1671282) | more than 3 years ago | (#34804086)

*shudder*

'Trusted identity' == 'national ID' (3, Insightful)

John Hasler (414242) | more than 3 years ago | (#34803902)

> 'We are not talking about a national ID card,'

Yes you are.

> 'I don't have to get a credential if I don't want to,'

Unless you want want to engage in any sort of non-cash transaction. Of course, if you try to live entirely on cash, you will eventually be accused of "money laundering"...

> 'There's no chance that 'a centralized database will emerge,'

No. It will stay hidden.

> 'we need the private sector to lead the implementation of this.'

Because that way when things go wrong you can blame the "evil corporations".

Re:'Trusted identity' == 'national ID' (0)

Anonymous Coward | more than 3 years ago | (#34804082)

> 'we need the private sector to lead the implementation of this.'

Because that way when things go wrong you can blame the "evil corporations".

But only after being funded with public money by hundreds of millions (if not billions).

Re:'Trusted identity' == 'national ID' (1)

Gofyerself (1709970) | more than 3 years ago | (#34804168)

Our corporations have bought our government for the last five decades at least, and thanks to the Supreme Court, it is now entirely legal for corporations to throw a gazillion dollars at their sweetheart candidate.

Trust (0)

Anonymous Coward | more than 3 years ago | (#34803908)

The key issue here is trust. Do people trust the government to not peek at the private data they would be sending them? Lol, do I have to put that in the form of a question? They have already proven themselves several times early as happy to collect data on people when they have no right to at the cost of the integrity of many important agencies.

Yes please... (1)

Dr_Barnowl (709838) | more than 3 years ago | (#34803910)

I would sincerely like the plethora of stupid paper documents I have to deal with reduced to a single wad of data, cryptographically signed by the appropriate gov. dept for each part -

e.g. - the DMV for the driving license, etc.

On the proviso that there is NOT a giant central DB tracking it all.

Re:Yes please... (1)

Gofyerself (1709970) | more than 3 years ago | (#34804180)

The whole point of this initiative is to ensure trust between the ID media and the person, how could there not be a giant central DB involved.

Hey- You voted for Him (-1, Troll)

gearloos (816828) | more than 3 years ago | (#34803934)

One Bad Ass Mistake America --i cant agree more. what were YOU thinking?

Re:Hey- You voted for Him (0)

Anonymous Coward | more than 3 years ago | (#34803988)

Well, certainly someone voted for him, but it was not I !

Re:Hey- You voted for Him (0)

g0hare (565322) | more than 3 years ago | (#34803990)

That McCain was, and still is with the benefit of hindsight, a better choice.

Re:Hey- You voted for Him (1)

Anonymous Coward | more than 3 years ago | (#34804070)

Two words: President Palin.

Re:Hey- You voted for Him (0)

Rockoon (1252108) | more than 3 years ago | (#34804112)

They told me that if I voted for McCain, that shit like this would happen.

They were right.

Re:Hey- You voted for Him (-1)

Anonymous Coward | more than 3 years ago | (#34804256)

But it was historic! We've erased 200 years of racial prejudice with this one vote! It was... oh, who am I kidding? The R's will keep getting called out for being racist, despite having appointed many black men and women to high ranking posts. The D's will keep getting the black vote despite having their situation NEVER improve because government handouts don't enable progress, only cripple them. And those who disagree with Our Dear Leader on policy, using sound argument, will be called racist by a noisy few.

No. (0)

Anonymous Coward | more than 3 years ago | (#34803936)

The government has proved again and again when it meddles with something, it usually ends up screwing it up. I can see, given the current state of affairs, that this is only a "gateway" for harsher liberty loss. This is simply a give a a little, take a lot mentality. Who says it wont eventually be required for everything? Since they did it to us last time, who says they wont do it again? Leave the fucking internet alone.

I've already got one, you see (2)

Eil (82413) | more than 3 years ago | (#34803942)

I already have an "Internet ID," it's called my GPG public key.

Re:I've already got one, you see (1)

tagno25 (1518033) | more than 3 years ago | (#34803972)

If only it was able to be used as login info, except you would need something else for security since the public key is public, and the private key should not be transfered to a 3rd party.

Re:I've already got one, you see (3, Insightful)

laughingcoyote (762272) | more than 3 years ago | (#34804198)

You could set up a login mechanism using GPG. Wouldn't even be that hard. All you'd have to do is automate the following:

  • My system connects to the host. The host requests my public key, my system sends it (in cleartext, since it is, well, the public key after all).
  • The host encrypts a randomly generated string of characters (the "challenge string") using my public key and sends over the encrypted data, as well as its public key in cleartext.
  • If I have the appropriate private key, my system decrypts the challenge data, re-encrypts it to the host's public key, and resends it. Since the challenge data would be randomly generated every time, there would be no use in saving or intercepting it—the next login would be a different challenge string anyway.
  • The host decrypts the data. If I've returned the right challenge string, it logs me on.

Who signs your GPG key? (1)

tepples (727027) | more than 3 years ago | (#34804200)

I already have an "Internet ID," it's called my GPG public key.

Signed by whom? With the rise of TSA's so-called "gate rape", not everyone is willing to fly to key signing parties in remote locations.

And it will be... (1)

Black Parrot (19622) | more than 3 years ago | (#34803954)

completely unbreakable, unlike every other computer security system that has ever been developed.

There's no chance that 'a centralized database will emerge'

Of course not. What government or business would be so crass as to track what people do on the internet?

To the Regime: NO (3, Insightful)

WCMI92 (592436) | more than 3 years ago | (#34803966)

Get used to that word.

No you cannot regulate the Internet. No you cannot create national Internet ID, so you can identify and intimidate your critics.

You cannot do these things because the courts have already said you can't and the new Congress is acting to prevent you from trying.
Not that this will stop him good fascist Soros sockpuppet he is. 2012 will though.

Re:To the Regime: NO (1)

Seumas (6865) | more than 3 years ago | (#34804114)

I'm pretty sure they can and China has given them a decent enough test-bed to follow.

You and I may not like it, but we're a drowned-out voice amid a sea of government, officials, and sheep. Frankly, life is too fucking short to give a god damn anymore by wasting all of our time and energy fighting the inevitable. We'll be dead soon enough and the next generation of sheep can suffer the consequences of the sheep that came before them.

Go away Government interference (2)

adosch (1397357) | more than 3 years ago | (#34803982)

Dear Obama,

Thank you for your deep concern of my privacy and security as it relates to my personal financial conduct on "The Internet" and my memory of passwords. I will forever take a rain check to your failed and train wreck attempt to control the public.

Social Security anyone? (1)

markdavis (642305) | more than 3 years ago | (#34804040)

>"'We are not talking about a national ID card,' says Commerce Secretary Gary Locke"

Oh really. Just like Social Security numbers would never be used for anything but Social Security. This is a HORRIBLE idea.

Might want to read the draft before commenting. (5, Informative)

ghelleks (613300) | more than 3 years ago | (#34804054)

Comments on this draft closed in July, and it's been changed since. But this should give you a sense of what they're actually proposing. http://www.dhs.gov/xlibrary/assets/ns_tic.pdf [dhs.gov]

Check your sleds! (0)

Anonymous Coward | more than 3 years ago | (#34804062)

Make sure the runners on your sleds are waxed and hang on tight! Slippery slope ahead!

Not a National ID card? right... (0)

Anonymous Coward | more than 3 years ago | (#34804064)

"We are not talking about a national ID card," says Commerce Secretary Gary.....

But we are talking about a card, that can be used to identify you nation wide, right?

Playing the long game.. (3, Interesting)

ka9dgx (72702) | more than 3 years ago | (#34804122)

Wow... all of this to stop the internet as a threat from happening. Eliminate anonymity as a possibility on the internet, wait a few years until everyone is complacent, and they use it to mop up any stragglers who don't bend to the will of The Powers That Be.

Good thing they aren't doing anything to fix the security model we all rely on, which would leave viruses and botnets as a plausable denyability... oh... wait... they are.... "The App Store", which means no local filesystems, and no way to propagate information outside of what is allowed by the OS.

And then there is the push towards cloud computing, again no local storage.

We'll be ok... but our kids won't... because they will see local storage as a vulnerability, and shun it at all costs.

I think this will all play out in 10-20 years...at least I hope it takes that long.

You Lie (3, Insightful)

Culture20 (968837) | more than 3 years ago | (#34804148)

'We are not talking about a national ID card,' says Commerce Secretary Gary Locke, whose department will be in charge of the program. 'We are not talking about a government-controlled system'

You Lie.

Nothing to worry about (1)

BangaIorean (1848966) | more than 3 years ago | (#34804228)

How is this different from the Social security number/database, your passports, your driving licenses and the relevant databases?

User=MBurns:SSN=000-00-0002:IntID=865833 (1)

wrencherd (865833) | more than 3 years ago | (#34804260)

What problem(-s) could another id # solve that is not already covered by MAC/IP address, paypal id, credit card+pin, (anything)+pin, social sec #, driver's license #, university ID #, library card #, etc. etc.?

It certainly won't stop people from lying or creating false identities.

fucLkeR (-1)

Anonymous Coward | more than 3 years ago | (#34804274)

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...