Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

White House To Drop Details of Cyber ID On Tax Day

timothy posted more than 3 years ago | from the who-goes-there-seriously-who-goes-there dept.

Privacy 276

BeatTheChip writes "Dept. of Commerce Scry. Gary Locke plans to release solidified details of the National Strategy for Trusted Identities in Cyberspace [NSTIC] program starting 11 AM on Tax Day. Technologies and new policies will be demonstrated and discussed to attending press. NSTIC, a federal cyber identity program, drew criticisms earlier this year on initial announcement for similarities to a national identity program. It was deemed 'Real ID for the Internet' by some privacy and civil liberty organizations. NSTIC is a national online authentication program for public use under the oversight of the Dept. of Homeland Security."

cancel ×

276 comments

Sorry! There are no comments related to the filter you selected.

Connection Error (4, Insightful)

elrous0 (869638) | more than 3 years ago | (#35821310)

Sorry citizen, in compliance with U.S. law, Comcast Cable Broadband now requires that all subscribers identify themselves by their U.S. Internet Identification Number before accessing internet content. Please contact your local office of the Federal Bureau of Investigation (FBI) for more information on how to obtain your U.S. Internet Identification Number. And thank you for choosing Comcast as your broadband provider!

Re:Connection Error (2)

BigJClark (1226554) | more than 3 years ago | (#35821388)


disclaimer: I am not a US citizen

What scares me infinitely more than giving my ID to a government institution for obtaining a service (drivers license, Liqour store, etc), is the fact that the public sector will be charged with creating a secure, robust, dependable system. It would seem like an absolute blessing for one with questionable morals to be able to steal identities, obtaining records for advert purposes, etc


I don't think they could do it successfully....

Re:Connection Error (4, Insightful)

Toe, The (545098) | more than 3 years ago | (#35821458)

Sigh. Yeah, let's just use people's Facebook identity as their trusted ID.
I can't think of a single reason why that might not be a superb idea.

P.S. Oh, hey! Let's also let the voting machines be designed by the private sector, in closed source on Windows. That can't possibly be a problem, right?

Re:Connection Error (-1)

Anonymous Coward | more than 3 years ago | (#35821684)

I like how you added "On windows" as if it actually mattered what OS you used for a voting machine.

You're a dumb troll. Go die.

Re:Connection Error (2)

zeroshade (1801584) | more than 3 years ago | (#35821724)

Actually, it does matter. For something like a voting system, an open source system right down to the OS is the best way to go about it. That way there is a complete paper trail showing precisely how they work. It severely reduces the chances for fraud.

Re:Connection Error (1)

gartogg (317481) | more than 3 years ago | (#35821924)

You don't understand. If the system is closed enough, the designer never has to worry about these hypothetical audits you suggest. That frees him to make REAL money designing software.

Re:Connection Error (1)

gartogg (317481) | more than 3 years ago | (#35821938)

You know, by fixing elections.

Re:Connection Error (2)

Toe, The (545098) | more than 3 years ago | (#35821732)

The issue of whether or not a voting machine can be hacked is rather important.

Diebold (and other) voting machines use XP, last I heard. That's about the most hacked/compromised OS ever made. So yeah, it matters, and no, I won't go die.

Re:Connection Error (2)

jesburger (1591001) | more than 3 years ago | (#35821790)

Actually, eventually you will.

Re:Connection Error (2)

ScrewMaster (602015) | more than 3 years ago | (#35821768)

I like how you added "On windows" as if it actually mattered what OS you used for a voting machine.

You're a dumb troll. Go die.

Uh, what? It absolutely does matter, given that the likes of Diebold have been caught repeatedly changing the firmware in their voting machines after they were inspected and sealed. I also like the idea of using an operating system that is simple, robust, and doesn't have the layer upon layer of crap that is Windows, where nobody, not even Microsoft, can tell you exactly what is there. Something based around a stripped-down open-source OS, perhaps. One where the code that is running on the machine can be verified to be the exact code that is supposed to be running, down to the last bit, and furthermore is simple enough that one would have a damned hard time hiding anything.

Re:Connection Error (1, Insightful)

GameboyRMH (1153867) | more than 3 years ago | (#35822012)

Well since it doesn't matter, why not choose one of the OSes that doesn't have the worst security record by a huge margin? To choose the horribly insecure one would just be stupid right? And if that one with relatively horrible security record costs 3 digits when many of the other options (including those with the best security records) are free, that would be doubly stupid, wouldn't you agree? And if that expensive, insecure OS is also relatively heavy on system resources, for a system that only has to present a very basic GUI and do some basic storage and maybe (ideally not) networking functions, that would be triply stupid, wouldn't it?

Doesn't it look like the GP has a point?

Somehow I doubt you are right (0)

Anonymous Coward | more than 3 years ago | (#35821702)

It would seem like an absolute blessing for one with questionable morals to be able to steal identities, obtaining records for advert purposes, etc

You mean like they do already?

The current system is not better, if anything, it's worse because while I believe I have the right and the duty to hold the public sector absolutely accountable to me, doing so in the private sector is rather more difficult.

I retain the right to use violence against the government, it's in my state's constitution, but less so against the private.

Welcome (5, Insightful)

xMrFishx (1956084) | more than 3 years ago | (#35821406)

Welcome to City 17. You have chosen or been chosen to relocate to one of our finest remaining urban centres...

Re:Connection Error (1)

Toe, The (545098) | more than 3 years ago | (#35821480)

Sorry, Citizen. Your U.S. IIN has accessed it's limit of porn for today.
Please wait until tomorrow to continue whatever you were doing.

That's Not How It Works (2, Informative)

blair1q (305137) | more than 3 years ago | (#35821544)

From the NIST NSTIC [nist.gov] link in TFA:

# Private: This new "identity ecosystem" protects your privacy. Credentials share only the amount of personal information necessary for the transaction. You control what personal information is released, and can ensure that your data is not centralized among service providers.
# Voluntary: The identity ecosystem is voluntary. You will still be able to surf the Web, write a blog, participate in an online discussion, and post comments to a wiki anonymously or using a pseudonym. You would choose when to use your trusted ID. When you want stronger identity protection, you use your credential, enabling higher levels of trust and security.

Re:That's Not How It Works (1)

Anonymous Coward | more than 3 years ago | (#35821618)

Voluntary for now maybe....

Re:That's Not How It Works (5, Insightful)

majestic_twelve (2034368) | more than 3 years ago | (#35821682)

It will be voluntary until businesses only accept transactions associated with this ID and, like EULA's which are also completely voluntary, people will simply "agree" and go along with it so they can watch their porn, buy their Amazon merchandise, or whatever have you.

Re:That's Not How It Works (1)

countertrolling (1585477) | more than 3 years ago | (#35821692)

Gee, that all sounds so believable..

...You control what personal information is released...

Sure you do.. And I gotta a stable full of unicorns crapping five tons of gold dust every day. I can't just dump the stuff into the river, you know..

Re:That's Not How It Works (4, Insightful)

penguinman1337 (1792086) | more than 3 years ago | (#35821704)

Yeah, right. According to Uncle Sam, SSNs are also voluntary. And while it may be voluntary according to the government, what's to prevent ISPs from requiring it for internet access?

And how is this private? Sure, it might just share enough info to complete a transaction on any specific site, but what's to prevent the administrator of the program (in this case the highly trustworthy US government) from using it to track citizens who happen to be doing things they don't approve of? For example, making a donation to a group that has contrary views to said government (for example, if I decided to donate to the American Communist Party.)

Re:That's Not How It Works (1)

Anonymous Coward | more than 3 years ago | (#35821708)

So was social security at one point...

Re:That's Not How It Works (1)

Toe, The (545098) | more than 3 years ago | (#35821716)

# Private: This new "identity ecosystem" protects your privacy. Credentials share only the amount of personal information necessary for the transaction. You control what personal information is released, and can ensure that your data is not centralized among service providers.

Hm. I don't see any mention of how you can control access by law enforcement. But if you haven't done anything wrong, then you have nothing to be afraid of... right?

# Voluntary: The identity ecosystem is voluntary. You will still be able to surf the Web, write a blog, participate in an online discussion, and post comments to a wiki anonymously or using a pseudonym. You would choose when to use your trusted ID. When you want stronger identity protection, you use your credential, enabling higher levels of trust and security.

Social Security Numbers are entirely voluntary. Heh heh.
Try getting a job, getting health insurance, or opening a bank account without one. But you don't really have to do any of those things, right?

Re:That's Not How It Works (1)

Ben4jammin (1233084) | more than 3 years ago | (#35821748)

This new "identity ecosystem" protects your privacy...tee hee
Credentials share only the amount of personal information necessary for the transaction...hahaha
You control what personal information is released...lolololol
and can ensure that your data is not centralized among service providers...HAHAHAHAHAHAHA
The identity ecosystem is voluntary (FOR NOW)...lolhahalolhahalol!!1!

From the article:

People and institutions could have more trust online because all participating service providers will have agreed to consistent standards for identification, authentication, security, and privacy.

I think I just passed out. I mean seriously, when does this stuff ever stop where it is supposed to? How long will it be before there are websites (govt, banking) that will REQUIRE this for you to participate...all for your "protection" I'm sure. I guess I am just getting jaded in my old age.

Re:That's Not How It Works (1)

majestic_twelve (2034368) | more than 3 years ago | (#35821820)

I just read your article quote as "the same half-assed security will be used everywhere therefore once it's cracked we're all fucked!"

Re:That's Not How It Works (1)

penguinman1337 (1792086) | more than 3 years ago | (#35821832)

This is what happens when we let governments start protecting us from ourselves. The point of the government is to keep me safe from the barbarians kicking in the castle walls, or from Bob down the street who wants my stereo system. As long as another person's rights aren't being violated, the government should stay out of my business.

Re:That's Not How It Works (1)

peragrin (659227) | more than 3 years ago | (#35822060)

I really hate to defend the government against you but What is the difference between bob down the street stealing your stereo, and marie across the street stealing your bank account?

One is easier to protect againist than the other. the second one only requires one to fake certain information that is forced by companies to be given out regularlly.

for the record national ID system will fail again. I will cheer loudly.

Re:That's Not How It Works (1)

ColdWetDog (752185) | more than 3 years ago | (#35821860)

I guess I am just getting jaded in my old age.

But you're happy. That's all that matters....

fuck (0, Insightful)

Anonymous Coward | more than 3 years ago | (#35821344)

well, fuck.

Remember, face forward as the Kinect scans (1)

WillAffleckUW (858324) | more than 3 years ago | (#35821362)

Thank you for complying, citizen.

Remember, we all love the Computer and those who do not will be removed to a secure detention facility for their safety.

Today is red jello day - all workers must eat all of their red jello. Failure to comply will result in five demerits.

Requires TPM (5, Interesting)

GameboyRMH (1153867) | more than 3 years ago | (#35821364)

Without TPM this idea is a joke. I think you can see where this is going.

Re:Requires TPM (0)

mcmonkey (96054) | more than 3 years ago | (#35821586)

Without TPM this idea is a joke. I think you can see where this is going.

It's Jar Jar, isn't it?

OMFG, it's Jar Jar!

Re:Requires TPM (1)

GameboyRMH (1153867) | more than 3 years ago | (#35821658)

In the sense that stupid politicians are being used as pawns by the Dark Side, yes.

Wrong Day (2)

kevinNCSU (1531307) | more than 3 years ago | (#35821372)

Federal Tax filing date is April 18th this year, not the 15th.

Re:Wrong Day (2)

14erCleaner (745600) | more than 3 years ago | (#35821408)

April 15th is Emancipation Day in Washington. Ironic.

Re:Wrong Day (2)

majestic_twelve (2034368) | more than 3 years ago | (#35821706)

Indeed. Emancipation from all that is right and embracing all the corrupt practices that defines our day to day existence.

Re:Wrong Day (0)

Anonymous Coward | more than 3 years ago | (#35821462)

Which is odd, because I thought typically it was the 15th (unless the 15th fell on a weekend). But I guess Friday April 15th is Emancipation Day observed (WTF...how many freaking holidays do these people get off). In some states (or at least Michigan), state taxes are still due on April 15.

this is very scary (1)

Anonymous Coward | more than 3 years ago | (#35821378)

that is absolutely terrifying. why aren't citizens revolting over this? i'm canadian and with the prospects of another conservative government looming (god forbid) our douchebag of a prime minister steven harper would most likely adopt a similar program here, as he loves to lick the balls of the US at any opporunity. so please, strong citizens of the Unites States - STOP THIS.

Re:this is very scary (3, Interesting)

Jackie_Chan_Fan (730745) | more than 3 years ago | (#35821498)

Because CNN and Fox news wont report it...

And thats because their parent companies want it.

Democracy (0)

Anonymous Coward | more than 3 years ago | (#35821624)

So let's all stop pretending this is a democracy, OK?

Let's stop using that word altogether. No democratic republic, no representative democracy.

Let's call it what it is: plutocracy with a nice sprinkle of totalitarianism.

Re:this is very scary (1)

jandrese (485) | more than 3 years ago | (#35821836)

Fox will report it, they'll talk about how great it is and how everybody should love it because it makes the internet so much better, etc...

Nobody asked for this (2)

2bfree (113445) | more than 3 years ago | (#35821382)

Nobody asked for, or needs this expect maybe the government wanting track citizens and content companies wanting to track "pirates."

Re:Nobody asked for this (2)

Toe, The (545098) | more than 3 years ago | (#35821510)

Government and corporations... that's everyone who matters, isn't it?

Re:Nobody asked for this (0)

Anonymous Coward | more than 3 years ago | (#35821754)

Its not true that NOBODY wants this.

Banks and major credit cards want this. Fraud has gotten so bad that they are begging for some system to combat it, and are willing to accept any kind of ridiculous suggestion as a solution, sight unseen.

A private company, or several companies competing to offering a similar service for a dollar (or 5) a year could make this work.

The government? No chance it will work.
Every chance it will become mandatory.

Re:Nobody asked for this (0)

Anonymous Coward | more than 3 years ago | (#35821788)

This is about sales tax. Now that they know where you live, they can tax you appropriately.

Re:Nobody asked for this (1)

Anonymous Coward | more than 3 years ago | (#35822010)

Our current identity infrastructure is based on your SSN and mother's maiden name. It's a terrible system. It would be awfully nice to have something grounded in cryptography based on a web of trust model.

Waste waste waste! (0)

Anonymous Coward | more than 3 years ago | (#35821386)

I'm not from the US so I gotta ask, why are they wasting money on crap like this?

Seriously?? What is the point?

I guess you can fund any shitty project with taxpayer money, let it go too far and then not give a crap if it works or not.

Re:Waste waste waste! (0)

Anonymous Coward | more than 3 years ago | (#35821844)

Read about it before you ask questions like that:

http://www.nist.gov/nstic/faqs.html [nist.gov]

Its nor really a government project.

Don't worry (1)

spoilsportmotors (1251392) | more than 3 years ago | (#35821392)

It'll be For The Children. Or to help Thwart Terrorism. But really, it's just to help pay off the MPAA & RIAA, and make the jobs of the vast legions of winged lawyers that much easier.

Re:Don't worry (0)

Anonymous Coward | more than 3 years ago | (#35821440)

But the internet is mostly for porn.

Re:Don't worry (1)

penguinman1337 (1792086) | more than 3 years ago | (#35821500)

A large portion of politicians have legal backgrounds. Coincidence?

Re:Don't worry (1)

majestic_twelve (2034368) | more than 3 years ago | (#35821718)

Obama being a constitutional lawyer has only lead to his administration performing the most heinous, yet "legal", violations of the spirit of the same document.

Re:Don't worry (1)

Anon-Admin (443764) | more than 3 years ago | (#35821812)

conflict of interest is more like it

Re:Don't worry (1)

ScrewMaster (602015) | more than 3 years ago | (#35821794)

and make the jobs of the vast legions of winged lawyers that much easier.

You mean angels? Oh wait ...

*Puts on tinfoil hat* (5, Insightful)

penguinman1337 (1792086) | more than 3 years ago | (#35821394)

I am honestly afraid that this is basically going to turn into an internet driver's license. Imagine if you were required to get government approval in order to read a book? This violates all kinds of freedom of speech provisions. I'll wait to see the details before I make a final judgement, but I much prefer being able to remain effectively anonymous online.

Re:*Puts on tinfoil hat* (0)

Anonymous Coward | more than 3 years ago | (#35821436)

Not only to read a book, but to publish anything.

It absolutely would violate the freedom of speech because If i want to speak on the internet, it will now require a license?

Get the fuck out of here. If this kind of shit happens, people should rise up and burn the government down and kill everyone of these traitors and start over.

Re:*Puts on tinfoil hat* (2)

blair1q (305137) | more than 3 years ago | (#35821494)

If i want to speak on the internet, it will now require a license?

I was asked to forward this:

Hi. This is the /. TOS speaking. Have you read me lately? I'm your license to speak on the Internet. At least through /.

If you want to speak on the internet unencumbered by a TOS, start your own forum.

Hope this helps.

Re:*Puts on tinfoil hat* (3, Insightful)

penguinman1337 (1792086) | more than 3 years ago | (#35821778)

You're right, individual sites have every right to enforce TOS on their individual site. If I don't like it, I can go make my own blog somewhere and say whatever the hell I want. Imagine for a moment if a browser's license was required.

"Hello, this is the Internet Police, you have gotten too many anti-social points on your internet license. It is hereby suspended for the next 6 months."

Re:*Puts on tinfoil hat* (1)

Anonymous Coward | more than 3 years ago | (#35821620)

I am honestly afraid that this is basically going to turn into an internet driver's license. Imagine if you were required to get government approval in order to read a book? This violates all kinds of freedom of speech provisions. I'll wait to see the details before I make a final judgement, but I much prefer being able to remain effectively anonymous online.

Not sure if you have heard, but in the US there is a judicial branch of the government that has a long history of successfully enforcing the first amendment. Wild speculation about theoretical actions that will be invalidated by the courts are not useful.

Re:*Puts on tinfoil hat* (1)

penguinman1337 (1792086) | more than 3 years ago | (#35821966)

Not sure if you have heard, but in the US there is a judicial branch of the government that has a long history of successfully enforcing the first amendment. Wild speculation about theoretical actions that will be invalidated by the courts are not useful.

I'd rather nip this kind of thing in the bud at the legislative level than let it go into law and hope that a panel of 9 people shoots it down. Open debate is a cornerstone of a free society. I'm simply speaking up and voicing my opinion in hopes that this bad idea doesn't get implemented.

Re:*Puts on tinfoil hat* (1, Insightful)

DNS-and-BIND (461968) | more than 3 years ago | (#35821900)

Imagine an internet where everyone had to sign in as their real name, and trolling became obsolete. Teabaggers could easily be identified, fired from their jobs, and publically ostracized for their disgusting racism. Every American who expressed negative feelings about the President would be suspected of racism [cnn.com] . This would be noted on each citizen's permanent record and easily viewable by anyone who cared to search. How would this be a bad thing, exactly? Freedom of speech is one thing, but freedom of speech doesn't cover hate speech.

Re:*Puts on tinfoil hat* (0)

Anonymous Coward | more than 3 years ago | (#35821982)

Yes it does. Freedom of speech protects the vilest, most disgusting speech you can imagine. How would this be a GOOD thing? Remember, one day the people you don't like will be in charge and YOU will be considered the "teabagger".... Of course you'll cry loudly when it's YOUR speech they're stifling.

Re:*Puts on tinfoil hat* (1)

penguinman1337 (1792086) | more than 3 years ago | (#35822044)

Freedom of speech is one thing, but freedom of speech doesn't cover hate speech.

Unless the target is white males, or muslims. You're allowed to hate them.

I wouldn't normally say this but... (-1)

Anonymous Coward | more than 3 years ago | (#35821404)

Fuck you Obama. I don't want real id and I don't want it remasked under NSTIC.

Oh the irony (1)

Hultis (1969080) | more than 3 years ago | (#35821416)

A few hours ago we got news about Safari implementing the Do Not Track option, and now we get a this, enforcing tracking for all US citizens.

Re:Oh the irony (1)

ColdWetDog (752185) | more than 3 years ago | (#35821948)

A few hours ago we got news about Safari implementing the Do Not Track option, and now we get a this, enforcing tracking for all US citizens.

So, you go online with Safari and then what happens? The world implodes into a singularity? Could be fun to watch (from a safe distance, of course).

Drop? (1)

gfreeman (456642) | more than 3 years ago | (#35821422)

Drop? As in get rid of, lose, no longer keep?

Is this another US/Everyone else language fail, like "Let's table this idea"?

Re:Drop? (1)

Anonymous Coward | more than 3 years ago | (#35821472)

Drop, as in "on your head like a large rock".

Head trauma is funny.

Re:Drop? (2)

mcmonkey (96054) | more than 3 years ago | (#35821542)

This is someone looking entirely uncool by trying to look cool.

It's drop, as in a Hip Hop artist referring to an album release date as when it's going to drop.

Unfortunately, it only works in the context of a Hip Hop artist releasing an album. In any other context, it reads as, "I'm only this white because the sun doesn't reach my mom's basement."

Re:Drop? (1)

gfreeman (456642) | more than 3 years ago | (#35821632)

It's drop, as in a Hip Hop artist referring to an album release date as when it's going to drop.

Thank you. I can now look cool if I ever become a Hip Hop artist and decide to release^H^H^H^H^H^H^H drop an album.

Now only criminals will be able to post anonymous (1)

Attila Dimedici (1036002) | more than 3 years ago | (#35821424)

With this system in place, they will know the identity of everyone who posts online, except of course those who have hacked the system so as to appear as someone else. Once this system is in place it will be much easier for the government to gain convictions when crimes are commited. Of course, we will never know how many of the people convicted are the actual criminals, rather than just a victim of a hacker who chose their identity at random.

Re:Now only criminals will be able to post anonymo (1)

blair1q (305137) | more than 3 years ago | (#35821470)

Of course, we will never know how many of the people convicted are the actual criminals, rather than just a victim of a hacker who chose their identity at random.

If it's possible to hack an identity, and it's possible to show that it's possible to hack an identity, then the system is mooted and the conviction based on the system is invalid.

Re:Now only criminals will be able to post anonymo (1)

Attila Dimedici (1036002) | more than 3 years ago | (#35821610)

It will be possible to hack an identity. Whether it will be possible to convince a jury that your identity was hacked is another matter altogether.
There are other problems with this system as well. What happens when the system says that you are not you? Not that someone else is you, just that you are not you?

Re:Now only criminals will be able to post anonymo (1)

majestic_twelve (2034368) | more than 3 years ago | (#35821746)

We're talking about just another computer system here. It can and will be hacked.

Re:Now only criminals will be able to post anonymo (0)

Anonymous Coward | more than 3 years ago | (#35822040)

Well, it's not really that hard. All login systems will come equipped with a 'Hack' button in the upper right corner of the display.

Of course, it will only appear to those with sufficient expertise in Computers.

Re:Now only criminals will be able to post anonymo (1)

ScrewMaster (602015) | more than 3 years ago | (#35821828)

Of course, we will never know how many of the people convicted are the actual criminals, rather than just a victim of a hacker who chose their identity at random.

If it's possible to hack an identity, and it's possible to show that it's possible to hack an identity, then the system is mooted and the conviction based on the system is invalid.

Possibly. Of course, if you take the situation with regards to DUIs, it's illegal in some states (California, I believe) for a defense attorney to even bring up the subject that a breathalyzer is anything but one hundred percent accurate. Said attorney can be up on contempt of court charges if he does. So yeah, it's pretty easy to imagine that the government will prevent any demonstration in court of the fallibility of their system.

Re:Now only criminals will be able to post anonymo (1)

characterZer0 (138196) | more than 3 years ago | (#35821608)

Just get a cheap VPS in another country and route everything through that.

Re:Now only criminals will be able to post anonymo (0)

Anonymous Coward | more than 3 years ago | (#35821648)

~Everyone is ~Potentially a ~Criminal..

Re:Now only criminals will be able to post anonymo (2)

ScrewMaster (602015) | more than 3 years ago | (#35821912)

Of course, we will never know how many of the people convicted are the actual criminals, rather than just a victim of a hacker who chose their identity at random.

The real danger is that this is just another form of automated justice. If a log generated by a server somewhere in somebody's cloud says your guilty ... then you're guilty. Period. End of statement. Face it, courts only rarely disregard computer-generated "evidence", although that's likely only because they don't have the mental tools to make a judgement as to the probability of a computer error, so they simply ignore the possibility. I suspect that most people here on Slashdot are like me, in that they certainly would not want their future, their livelihood or their freedom beholden to the reliability and accuracy of somebody's little black box.

What we have here is Man fading in the shadow of the machine. And I don't like it.

Re:Now only criminals will be able to post anonymo (1)

Attila Dimedici (1036002) | more than 3 years ago | (#35822062)

That is exactly the point I was trying to make. I knew when I finished the post that I had failed to say it as clearly as I would have liked (but I didn't feel like taking the time to fix it).
Actually, a bigger problem with this sort of government centralized identity database is when the data about who you are becomes corrupted. When one database becomes the central arbiter of who you are, how do you get it corrected when it is wrong?

Re:Now only criminals will be able to post anonymo (2)

mlts (1038732) | more than 3 years ago | (#35822050)

What is ironic is that properly implemented, this system can assure a truly kick-ass privacy ecosystem.

One could base it around a smart card. The private key is stored, and a certificate from a trusted CA (county courthouse) states that this key belongs to this individual.

Then start sticking certificates on the key. The user can determine who gets to see the certificates, and who doesn't.

Carded at the bar? The bar doesn't need to know the DOB. The bar finds a certificate stating that this person is over 21 years of age, signed by the state. That is good enough evidence for legal purposes to start slinging the drinks. The bar is legally covered, and the patron does not have to show when they were born.

Criminal record? The potential employer sees a certificate from NCIC stating the bearer has zero crimes on his/her rap sheet. The employer checks to see if this cert was revoked, and it hasn't been. So, even without looking up the user in a database, there is legal proof of no felonies present.

Degree from accredited institution? The employer finds a cert from Miskatonic University stating the person has graduated and has a B. S. Going up the cert chain, the university has a certificate from an accreditor stating that they are in good standing.

Credit report? Vinny's Used Cars gets a certificate from Experion that the person is in the top tier of credit, and no other details are handed out.

Of course, with keys and an active CRL mechanism, if someone was convicted, the criminal record cert stating there is no record would be revoked, or it can be a SLC that is pulled from a certificate server, with an expiration duration of minutes to hours.

I have hopes... if done right, a good smart card would help privacy and security. However, if done wrong, it would rain down hell on anyone in the US.

I for one (0)

blair1q (305137) | more than 3 years ago | (#35821446)

I for one welcome our new, positively identified overlords.

Privacy and positive ID are incompatible (2)

Adrian Lopez (2615) | more than 3 years ago | (#35821456)

"NSTIC is a key building block in the national effort to secure cyberspace. According to industry surveys, as many as 8 million Americans are victims of online fraud and identity theft each year and lose an average of $631 out-of-pocket per incident. Through a private sector-led effort facilitated by the government, NSTIC aims to make online transactions more trustworthy and enhance consumers’ privacy, thereby giving businesses and consumers more confidence to conduct business online."

The government wishes to enhance consumers' privacy by attaching a unique identifier to each and every online transaction? What an excellent example of doublespeak.

The internet Tax is here. (2)

Jackie_Chan_Fan (730745) | more than 3 years ago | (#35821476)

You are about to be tagged and taxed. America owns you.

Re:The internet Tax is here. (1)

penguinman1337 (1792086) | more than 3 years ago | (#35821508)

Screw this, I'm moving to Canada.

Re:The internet Tax is here. (1)

majestic_twelve (2034368) | more than 3 years ago | (#35821758)

You think they're really any better?! I'm moving to the fucking Amazon jungle.

Re:The internet Tax is here. (0)

Anonymous Coward | more than 3 years ago | (#35821640)

Not if I refuse to "join" this "internet".

56k forever. It'll have the wonderful side effect of ridding us of bandwidth-hog sites with too many ads.

Back to basics, back to freedom.

Put away your tinfoil hats (0)

Anonymous Coward | more than 3 years ago | (#35821514)

I don't mind the whole "OMG they know who I am!!!" part, I mind the fact that they are going to waste millions of dollars implementing something that won't work.

They can already figure out who is posting what. The Gov't already has easy access to my IP address along with my CC. They already siphon off everything that goes through the internet, anonymity is no longer exists. You must not assume that anything you say on the internet is "anonymous". Patriot act made sure of that.

So, with that being said, can this be used for good? Is there any redeeming factor here? I can't see how this is more useful than my social security number. Some company will ask for my ID, I give it to them, and then some hacker steals it. All the sudden, it is just as useless as my SSN

Is there any way this can actually be used for good?
(posted as AC because I'm too lazy to log in)

If you're going to tax the internet (0)

Anonymous Coward | more than 3 years ago | (#35821552)

it helps if you can track the users.

"Just in time for tax day, Sens. Dick Durbin (D-IL) and Mike Enzi (R-WY) are expected to unveil a bill shortly that would permit - for the first time - states to collect taxes on Internet, catalog, and other sales when the seller is not based in the state. All told, the estimated $23 billion Internet tax hike would permit a small cartel of states to reach outside of their borders to force individuals and businesses who aren't even residents to collect taxes."

Read more: http://www.atr.org/senators-unveil-massive-internet-tax-a6053#ixzz1JWvpRZEO

Re:If you're going to tax the internet (0)

Anonymous Coward | more than 3 years ago | (#35821878)

Of course, the comments are more interesting than the article itself.

Makes it more difficult for victims of fraud (1)

Anonymous Coward | more than 3 years ago | (#35821594)

So the idea is that this cyber ID can be used to positively identify you, to reduce fraud, right? So what happens when someone gets your cyber ID anyway and goes around impersonating you? Well, now there is extremely convincing evidence that it was you and not the fraudster. Nobody is going to believe someone else got your cyber ID. This is going to make it a lot harder for victims of fraud to get their name cleared.

I had heard the same thing has happened to people who use those credit cards with the embedded RFID chip (or whatever tech they use). Everyone knows how easy it is to clone the magnetic strip, so those are considered vulnerable and if you dispute a transaction that was done that way, the bank will believe you. However, the chip is considered absolutely secure, so if someone made a transaction that appeared to come from the chip assigned to your card, there was no way to dispute it because there is "irrefutable" evidence that you made the transaction.

i will call my ISP and cancel (2)

FudRucker (866063) | more than 3 years ago | (#35821614)

and remove my PCs from internet connectivity before i subject myself to such a heavy handed draconian measure.

goodbye internet, it was fun while it lasted, but the government is here to help which always takes the fun out of things.

a couple of questions (0)

Anonymous Coward | more than 3 years ago | (#35821646)

who requested this?

who will pay for it?

who will manage it? (or is homeland security just looking for job security?)

why is this being proposed by commerce?

7 reasons for no 1 id (1)

Anonymous Coward | more than 3 years ago | (#35821656)

Solutions that require the citizen to abdicate their online identity (federated identity management) are in the best interests of democracy.

Online participatory government, which includes online voting, is a necessary next step to increase the involvement of citizens in their governance. But two basic challenges are introduced with online interaction, which are not managed well with our current Internet: Verification and Anonymity. These problems must be solved with an equal concern for both the government's need for verification and a citizen's right to anonymity. Federated identity solutions meet the government's need, but at the expense of the citizen’s.

1. The greatest threat to federated solutions is subversion by authority. In-person voting is highly distributed and each step of the process is very visible. Even in countries where totalitarian governments are in control, it is very difficult to hide intervention. It would be too easy for a government to invisibly alter results in a federated solution because of its centralized nature. Evgeny Morozov recently argued in "The Net Delusion" that the centralized (read: federated) nature of the current Internet makes it vulnerable to centralized control. As current events show, many governments are just waking up to this fact, while China is already making a science of it.

2. Federated solutions require that the citizen register with a third party, chosen by the government, to manage the citizen's online identity. If the citizen has different criteria for trust than the government, then the citizen cannot avail themselves of services requiring an online identity.

3. Even if there was a choice of identity managers, there is no evidence to suggest that security can be guaranteed by the federated solution provider. There are too many examples of governments, businesses, and even security firms being hacked or inadvertently disclosing sensitive user information.

4. Electronic Voting is only one aspect of participative government: polls, comments, data access, and more innovative uses of online collaboration could all be facilitated with a verifiable anonymous identity. But federated identity solutions tend to not be very extensible. Federated identity solutions typically require adding orders of magnitudes of complexity and risk to use the solution in multiple contexts. For example, using a single identifier over multiple sites will increase the risk of re-identification.

5. Anonymization of votes by federated solutions, gains much of its security by introducing additional complexity. Complexity, in turn, introduces new and unknown vulnerabilities, increases the burden of auditing and oversight, and makes subversion by authority easier to hide.

6. One of the weakest security links in most, if not all federated solutions is Public Key Infrastructure. Not only is PKI susceptible to brute-force decryption (the cost of which is dropping every day), but the biggest vulnerability to PKI is when certificates are used. A certificate issuer, such as the government of China, has a built in backdoor to communications dependent upon that certificate. One of the founders of the Internet, Van Jacobson, calls certificates a disaster. This is a clear example that the interests of the citizen are not a priority. Ignoring certificate warnings or other certificate subversions would allow a third party to pretend to be the site that creates the citizen’s online identity and the citizen would be fooled into providing essential identity information to an un-trusted party.

7. There is a long-term risk that the federated identity be used for more and more purposes than it was intended and becomes necessary to function in society, as social security numbers have. Just as social security numbers have exceeded their use as a worker identifier, a federated online voting identity will be used for far more than government interaction and form a huge dependency on the identity provider.

Granted, federated identity solutions dominate current e-government offerings. But this is more a reflection of making the problem into a nail because all we know about is a hammer. Alternative technologies must be found or created that would not require the government to dictate the criteria for trusting one's online identity while still ensuring the criteria for validation of identity is meet for each need. These challenges should be solved in a manner that creates new opportunities rather than limit those we currently have.

correction to 7 reasons for no 1 id (0)

Anonymous Coward | more than 3 years ago | (#35821928)

correction: NOT in the best interests of democracy

Aside from Arizona... (0)

Anonymous Coward | more than 3 years ago | (#35821674)

... I am not required to carry identification in public. This is a constitutional right in the US. ... I can hardly understand why my presence in virtual public is any different.

Also, when, exactly, do our political bodies intend to AMEND the constitution to further clarify the important distinctions we need, as citizens in 2011, that relate our constitution from the 1700s to present time? A lot has changed, and while the constitution hasn't changed much, it is getting harder and harder to find 'interpretations' we are largely happy with.

Tax Day (1)

killmenow (184444) | more than 3 years ago | (#35821680)

Sorry, but tax day this year is April 18th.

True Names? (1)

HiggsBison (678319) | more than 3 years ago | (#35821726)

Am I the only one here flashing back to "True Names"?

United States of China (0)

Anonymous Coward | more than 3 years ago | (#35821816)

Isn't it hilarious the USA makes fun of China for how they handle the Internet while slowly trying to copy them...

someone needs to shit in the federal gov's mouth (0)

Anonymous Coward | more than 3 years ago | (#35821840)

Someone needs to take a hearty diarrhea in the federal government's mouth. Fuck the federal government, power to the states.

Like a Game Registration Code (1)

Sponge Bath (413667) | more than 3 years ago | (#35821986)

That IIN has already been registered. You do not exist, access denied.

Acronym needs a k (1)

abitowhot (1855238) | more than 3 years ago | (#35822032)

Add a k so it is NSTICK. A barely noticeable nasty little bloodsucker burried into your skin. teehee
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>