baldysblog.co.uk

There are rumours coming from the Cabinet that a majority of them want to scrap the ID Card Scheme as doing so would save money and they have finally realised that the public – ie. the voters, have turned against it.

Personally and as Gordon Brown believes that stubbornness equals strength plus the Tories have already said that they will scrap it if elected, Brown won’t on principle. Blair wanted to join the Euro, Brown invented rules but truthfully, if Blair wanted it…it would never happen so, Cameron will scrap ID Cards…Brown will defend them to the grave.

What They Bought

I have written on this many times before and whilst it is certainly true that there are those who object on emotional grounds, Civil Liberties or both, there are very specific reasons why this ID Card Scheme must be terminated asap and they are all technical and not even remotely political.

Blair was sold a pup and like most politicians, wasn’t bright enough or knowledgeable enough to spot it. Personally I have never considered ID Cards from a Civil Liberties perspective only from a technical one because of my background in IT and Project Management.

If you want an ID Card system that is digitally based, it is possible but not the way this bunch of clowns have approached it, in fact it is not the Card itself that is a problem, they will be cloned within weeks anyway, the problem is the underlying database which is where the “identity” is actually held.

All databases get hacked, its a fact of life and therefore, you never have a single database or linked databases where access to one is a sequential lock that gives access to the others. What you do is to have a “silo design” containing different elements of the information in isolation with the linking mechanism being a combination of random events. Well to clarify that and because computers do not do guesswork, rather than random events, it should read “randomized events” which means that the access is not obviously sequential and leaves an audit trail.

Consequences

All very boring but the consequences are not. With a single database design, once an intruder has gained access to the system and they will, their aim will be to change say “Your ID Record” and they will then create a physical ID Card to match and authenticate it so as far as any agency checking your card is concerned it is real.

It is important to understand this sequence of events because it represents a complete sidestep of all the security both photographic and biometric because an intruder can replace the lot because the data is just digital. Once done in one fell sweep they are now “You” and can steal your assets or, plant evidence that points to you as the person who committed a crime that they in fact did from speeding to fraud or murder.

If this Card is the ‘standard’, what can you do if you and the ‘system’ disagree and the system is the default proof ? The simple answer is that there must be a “challenge” at the point of contact which can only come from a dispersed silo system.

Proving Our Identity

In a sense we all carry ID Cards from our Driving Licence, Credit, Debit, Loyalty, Store Cards and so on but actually, they are “Silos of Separate Information”. It is not the ID Card that is the problem it is the way it is linked to a digital back end that is. Trying to be clever and linking all things into one was an obvious stupidity from outset. Whilst such projects are “digital by nature” we must always remember that we live in an “analogue world” and I don’t care about what you want but for me, I want Spring, Summer, Autumn and Winter – digitize that fool !

Oh and finally, if the Government really wanted an ID Card system, there is already a simpler and more secure one already available that is very cheap, its called a SIM Card and goes inside a mobile phone – issue a telephone number for life instead of a National Insurance Number – so, no need to re-invent the wheel is there ?