New Testingstan

evilsoup wrote:hmm you know
if there was some way to use smartphones as an ID, that would be actually useful (since everyone will have one within the next ten years, even poor people, as I suspect we will end up with £10 smartphones)
but I'm not sure how to implement that in a way which wouldn't be trivial to forge. It is already possible to use some smartphones for contactless credit card payments, so in principle it probably can be done

Smartphones are already targets for theft, I wouldn't be happy about making them even more appealing to people who snatch and grab.

Also honestly that kind of ID thing would be trivial to build into even a non-smartphone.

IB, I'm on my phone, so quoting isn't working.

My point is not that minimalizing bad nationalism is bad (I don't think it is). It's that being a nationalist at the same time as demonizing nationalism is bad.

I would also note, though, that unlike most members here and on TEO, I see no problem with celebrating my nation's achievements at the same time I attempt to make it better in my own small way, I also don't believe in sweeping the bad under the rug and hiding it, though. Call me a history nerd.

There are two aspects to Metahive and Thanas's behavior I consider unhealthy: the focus on intergenerational guilt that can never be expiated, and the cognitive dissonance of them being German nationalists* while simultaneously denouncing anything that looks like nationalism.

Germany has good reason to be proud of its achievements, and I don't have a problem with the idea of German nationalists on paper, most of those who claim the title have historically been assholes, admittedly.

uraniun235 wrote:i'm kind of surprised ADR hasn't already said something like "well my ideal solution would be to re-order society in such a way where it would be fruitless to commit fraud by impersonating another individual"

why would i remind you of that which you already know so well?


so anyway i just went for my first ride after getting the puppy and as soon as i come back she immediately assaults me

and i forgot to grab my water bottle for the road so i'm all liek "get off me puppy i want to hydrate"

and she's like "but i want to lick up your sweat RIGHT NOW!!!!!!!"

and i'm liek "no puppy that's my sweat get your own glands!!!!!!!!!!!!!!!!!!"

and she's like "some communist you are"

Losonti Tokash wrote:rfid chips and thumbprint scanners seem like solutions looking for a problem

Rfid chips are used everywhere these days. They are so cheap these days, they are be paired with accelerometers to determine exactly which step in the chain it suffered excess acceleration which is known to break stuff.

I meant putting them in people, not being used at all.

evilsoup wrote:I think you (and oxy if he's serious about the thumb-print scanners) are missing that one of the major selling-points of an ID card is the simplicity of it (...)

As a matter of fact, no I didn't miss that.

I only started proposing including biometric measures in the ID card when people expressed fear of identity theft, and voluntarily took it in an arm's race to show how counter-productive it could end up being.

As other people have stated, the security problem doesn't come from the ID card in itself, but from a system where in general all one really need to do business in your name is an ID number that can be easily memorized by anyone. It's not something that will be fixed just by an ID card, however sophisticated it might be. The solution would need to see deep institutional reforms at all layers of the administration in how people's identities are handled in the administrative processes.

Because I know there's some people teaching around here...


http://youtube.com/watch?v=fuBmSbiVXo0

http://www.news.va/en/news/asiasyria-a- ... p-hindo-he

So yeah. Why are we supporting these people again?

If I were cynical, I'd say it's not so much about Syria as it is about pissing off the Russians.

Of course, that would be false, but it's an easy explanation fitting a simple worldview.

... Canned Thoughts ? Did someone already think about marketing that ?

evilsoup wrote:

Passive chipping is absolutely nothing like the holocaust.

lol thanks for that stunning insight

Are you insane?

No, really, are you insane? You're the one who made the comparison to the holocaust in the first place. Now, when someone points out that your comparison is ridiculous and only hampers conversation, you go, "Well... duh!" like you couldn't understand how anyone could make that comparison. Do you have the attention span of a goldfish regarding shit you just said?

You know what, fuck you. The rest of your post actually brings up decent points, but I've decided actually getting to them isn't worth wading through your trolling bullshit. Congratulations, your attempts at being a cool and edgy troll have successfully shut down communication, enjoy your superior debate skillz, oh extreme warrior of flame.

As other people have stated, the security problem doesn't come from the ID card in itself, but from a system where in general all one really need to do business in your name is an ID number that can be easily memorized by anyone. It's not something that will be fixed just by an ID card, however sophisticated it might be. The solution would need to see deep institutional reforms at all layers of the administration in how people's identities are handled in the administrative processes.

That's also my main argument behind chipping. A lot of ID fraud happens on the data-storage end of things, people getting unauthorized access to databases using fraudulantly obtained IDs. The thing is, the initial obtaining of those IDs involves stealing or copying the physical objects that display the ID, namely cards and the like. And a lot of the difficulty with proving fraud and rectifying the issue come with the fact that if you've lost those cards, you can have a hard time proving you're genuinely person (x), not the one who stole your card and is abusing it in your name.

With a chip, at least that end of things becomes a hell of a lot harder to screw up. You can lose cards, or have them stolen, and have a hell of a time trying to get things back in order when you suddenly have lost the means to prove that you're actually who you claim to be. With a chip, it's a lot harder to do that, you could forget your wallet at home, have your SS card and drivers license stolen, lose your birth certificate in a house fire, whatever, they can still pass a scanner over your arm and go, "Oh yeah, you're definitely person (x)".

It's not foolproof, of course. I'm sure technology would rapidly be developed so that fraudulent chips could be made, black-market scanners could go out so that ID-thieves could start getting peoples' ID numbers just by surreptitiously waving them around crowd subway cars. But this just calls for better enforcement on the administration end, just like with cards today. Make it so that 'official' uses of ID only take place in well regulated scenarios, tie peoples' ID with photographs, thumbprints, DNA samples, whatever so that in the case of fraud there are redundant backups to prove that you're you, not that other person with a fraudulent chip. Restrict access to the databases so that only authorized users can get in from certain locations, and they can only pull up information about you directly relating to their own jobs.

I'll admit, all of this applies equally to chipping and standardized cards. My contention is that chipping is just a few extra layers of security, both against intentional fraud and against the random chance of cards getting lost and/or destroyed.

So we agree that the system itself would need to be changed for chip IDs to have any real added value.

I'll just note, however, that technology doesn't even need to evolve for people to be able to remotely steal your ID from sub-dermal chips. The RFID technology behind can already be hacked from a few meters away without much difficulties. So it would need to NOT be the primary mean of identifying someone, but just a convenient shortcut that wouldn't really prove anything in a court of justice.

Oxymoron wrote:So we agree that the system itself would need to be changed for chip IDs to have any real added value.

I'll just note, however, that technology doesn't even need to evolve for people to be able to remotely steal your ID from sub-dermal chips. The RFID technology behind can already be hacked from a few meters away without much difficulties. So it would need to NOT be the primary mean of identifying someone, but just a convenient shortcut that wouldn't really prove anything in a court of justice.

I was still dealing with my idealized scenario. In there, yes, the entire system's been overhauled. The chip is just one of several redundant systems for establishing identity. In any official function where the chip is used (getting a job, getting into ID restricted areas, making transactions in your name, medical visits, etc), the scanner at the other end would be able to pull up, say, a photograph of you to verify ID. In the case of fraud, or somehow a damaged chip, or whatever, you have multiple backups available so that fixing the issue involves visiting a local government office, giving a fingerprint, photograph, DNA sample, backup PIN, backup card, or whatever and having it checked with records to verify ID so you can get a reset, or new chip, or whatever.

It's really not much different than a card, just a lot harder to lose or have stolen, and I'd even say having a stored card as a backup in case of fraud (or in case someone objects to the medical procedure) would be great.. Everything else involves a much more competently run administration, which exists in my ideal fantasy world.

If the chip was set up so it can only be scanned when the user wants it to, it could stop the secret reader problem. What I'm imagining is like a power button, so the circuit is only connected when the user is actively holding the button in. (idk how these rfid chips work, but i imagine they have a tiny circuit of some sort you can break)

Of course, the problem there is how are you going to wire a button into an implanted chip? It'd be pretty easy with a card, only turn the transmitter on when it is pinched in a corner.... but then you'd trade secret readers for pick-pockets again, so not really ahead from low tech cards, at least on this concern. (In other places, it could be cool to explore digital signatures and other cryptographic stuff to make an id card of tomorrow.)

There's a few workarounds I could think of, though each come with their own problems.

- Have the chip be partially shielded at all times, and implant it in a part of the body that is normally hidden and configured in such a way that, unless the owner makes a specific, conscious type of movement, the chip is naturally shielded by the rest of the body. The problem here, of course, is that then the ID-thieves would work on building ever more powerful scanners that eventually can get through the biological jamming.

- Have two chips, one being the regular ID chip and one being an 'activator' located on a separate part of the body. Each set is unique to the person, and the only way the ID chip becomes available for reading is if the activator is within a certain, short distance. For instance, having the chip on the right shoulder and the activator in the left wrist, the person can only be 'scanned' if they press their wrist to their opposite shoulder, an action that is unlikely to occur at random enough for ID-thieves to scan it at random. The problems with this, of course, is that more parts means more avenues for errors to creep in, and again, ID-thieves could start working on their own 'activators'... though this would be made a lot more difficult if the activation signal has a unique encryption for every individual that's chipped.

- Have the chip necessarily tied to something that is also unique about each individual, so that whenever it is scanned, that other unique identifier is also scanned at the same time. For instance, have the chip put in the eye, so that any ID scan has to pass a retina scan at the exact same time, or do the same thing with fingerprints, etc. Have each unique identifier stored on a separate database, and the only time those databases have contact is to display a positive or negative recognition for ID-scans at authorized terminals. This, of course, requires competency on the administrative end to ensure no corruption is going on at the scanning end with people saving the scanned data for their own fraudulent use later.

So dad and I have finally started plotting out the details of the Father-Son trip to Europe we've been talking about since I graduated High School. We're going to do it as a sort of celebration after I finish at community college so I can relax a little before I transfer and Shit Gets Realtm.

Of course looking at the news, i'm just hoping American tourists are still welcome in Europe at that time.

"looking at the news" => did I miss something important ?

the nsa spying stuff

Business as usual as far as expectations for the US have been set, at least for my social circle (including the researchers and engineers at the lab, when I was still working there a few days ago).

Darksi... I think you need to ease up on the fear just a little. To throw out massive overgeneralizations: Europeans thought Americans were self-centered blowhards before the NSA scandal, Europeans will continue to think Americans are self-centered blowhards after the NSA scandal. I very much doubt you will see any noticeable change except maybe casually chatting with someone and them going, "Oh, you're American? When you get back, tell your government to cover their tracks better, okay?"

Europe has been fucked over by the US' (and the Soviets') secret services and other political intrigues since WW2.

We've had more than 70 years to get used to it.

By now it has been clearly established as a fact of life that the US is a convenient ally, but one that cannot and shouldn't be trusted.

And after that the US wonder why NATO is becoming more and more hollow with each passing years since the fall of the Soviet Union...

That and I think it's safe to have faith the average European can tell the difference between the American government and an American tourist. The former screws their country over, the latter visits afterward and gives them ridiculous amounts of money for cheap crap.

Though they also won't forget to criticize everything that's not "just like home", while acting like kids every time they see something "typical".

You wonder why everyone in Paris act like a sack of shit ? Try to deal with millions and millions of fucking tourists visiting your city every year...

other cities manage fine without getting the reputation that Parisians have
hmm although actually, new yorkers have a similar reputation. Londoners would, but I think that kind of behaviour would be impossible to distinguish from general Englishness so

also IIRC RFID chips use an induced current rather than containing a battery -- or most do anyway, and I'm not sure how safe it would be to have a battery in a person. Maybe we could do something with human bioelectricity. Anyway, I don't know if that would affect any attempts to give them a switch.

Also switches or whatever would add complexity and therefore more things to go wrong, and given that this is inside the palm of someone's hand (or whatever, but that seems like the most logical place for it) that's particularly bad

According to wikipedia these style of chips are already used in some nightclubs, which is kind of interesting in an iKidney way

also djinkitty you need to learn how to humour

----

Hmm, you know, given the ever-decreasing size of computer chips, it might well be possible to have enough power on a credit-card-sized ID card to store a private key and use it to generate encrypted messages, so you could have all that cryptographically-secure identification goodness in a way that would be easy for people to use. Combine with all this wireless data transmission stuff and this might be actually useful

I'm thinking like: you write out an email on your tablet, and then fire up the appropriate app and touch your ID card next to it, and it takes the text, encrypts it, and feeds it back into the app.

there's probably an obvious flaw there that I haven't seen (even if it's just 'lol that would be prohibitively expensive'). In fact, I'm not even sure that it would serve a useful purpose at all, I'm pretty much just rambling

http://www.mediatrainingtoronto.com/blo ... -the-world

Saw this list on SB.com.

I take issue with number 49.

the biggest problem i'm having with the credit card thing is i think it just must have a UI of some sort, at least a PIN entry, so if it is stolen, it isn't useful unless they can get the password from you too

(now pins/passwords often aren't hard to figure out.... but eh, most of us americans have memorized our social security number, which is 9 random digits assigned to us by the government. maybe the password could be randomly generated and memorized in a similar fashion, to make them harder to attack. then combine it with "this can only ever be put into your own card" and now stealing it means

1) intercepting it when it is first given out, which is a difficult task in the first place and perhaps even harder with technology, but one easy way of access would be if they forget their password or need to get it reset, such as if they believe it was stolen.... but still that's a fair amount of work, especially if changing it is as rare as changing an SSN today

2) swapping someone's card for a fake which records it, then stealing that too. (though the user would realize it doesn't actually work if they tried to use it, which could tip them off, making stealing it a bit harder)

3) watching over their shoulder as they punch it in (arguably easy if you're a malicious bar owner or something catching people on security cams as they enter... but hey)


and probably something a better thief than me woudl think up


but regardless i'm confident this could be done in a much more secure way than your email password, self-selected bank PIN, or "get the number (and some trivially attainable public info, lol mother's maiden name and previous address, not hard to get!) and you have the ID"



anyway yeah gotta have a UI to enter this code and perhaps confirm the stuff you want to share too


don't want to do this on an external device like your pocket computer/iphone/merchant's terminal because that would be far too easy to phish or intercept in transit to the card