Administration Moves Forward with Internet ID Plan

[nihilijay]

Who the heck is Marty Friedman?
-is an amazing guitar player, cacophony megadeth and them a host of solo albums that got progressively more pathetic hes now almost on par with yanni. Why ever that got posted is any wonder.

Uncle - post
-well put, anyone ever see "v for vendetta" this seems like a step towards that. you all fought the British for WAY less dictatorial laws etc...
Even here in Canada they want to implement an internet usage fee much like how data plans are for cellphones and also like what happened with CD-R an "ipod" tax to compensate our less then stellar music industry artists. There isn't an obvious plan for this type of thing, but you never know.
If there was ever a sure fire way to become a target for anonymous this would be one of them.
Its stuff like this that is going to force people to create a new "underground" internet. Too many laws and a strive for rights and freedom leads the most innocent people to become criminals.

 

[butterfliesrpretty]

For the longest time I thought Ron Paul had some great ideas but it didn't outweigh the crazy. Screw it he's what this country needs right now.

 

[SteelyDan]

This is a great idea.

Not new though, we've had such a system in Denmark for years, and everyone loves it.
There has been no data breach either, since the system is made to be more secure than what online banking systems use.
Please don't believe the republican fear tactics that this will allow the gubment to track what you do on the internet or require to use this to log in to websites. That will NOT be the case.

All this does, is provide an easy but secure way to submit your tax form, make an appointment with your doctor or view your medical records in case you need to apply for health insurance. Things that you can also do now, but you'll need to remember/apply for a new login code and password for each site.
This is a "one code for all" system.

It will be optional. If you prefer to do things by mail or stand in line at the DMV, you can still do that. You can even do things over the internet using the same system you use now.

How anyone can be against this is beyond me.

 

[phatmatt]

http://www.snagfilms.com/films/title/the_end_of_america/

One step closer....

 

[siralexu]

Honestly at one time america was the land of oportunities but now i'l be dammed if id ever move to the us

 

[gdonovan]

Something I noticed over the years the more a country becomes capitalistic the more the people rights and freedoms disappear.

Are you aware of what capitalism is? We have not had it here (the US) for a very long time.

Regulations, mandates, taxes, tax breaks, subsidies all distort the free market.

Freedoms are vanishing due to larger and larger government intrusion.

Hows that hope and change working out?

 

[Ryokurin]

But that is something completely different.

I just think it's a bad idea because once a trusted account is compromised, the lower ones will fall even easier. I use many different passwords now and none have anything to do with personal information. An Internet ID would be a step back for me.

This would still be possible. What people aren't getting is that this isn't a central password for everything, you can have an ID for your forums and facebook, and a ID for your credit cards and financial info and so forth. You can also have multi forms of authenication (yubikeys, RSA, software, etc) and it's not a centralized database. From the way I understand it, the government's role is to make sure that all the different systems are at least compatible with each other

 

[slickmitch]

Change was promised, change has been delivered...no one ever promised it would be "Good" change.

Ugh, crap like this makes me want to live in this country less and less everyday.

Politicians, corporate execs, and insurance companies are getting filthy rich while we throw teachers, cops, fire fighters and nurses out on their asses.

 

[Heavy_Nova]

It's ok, now when you're born you'll be issued your social and your interwebz securom ID.

This stuff bothers me... But, it's my children I'm most worried about. The fallout from this mentality is bound to trigger more down the road - ya'll know how it works.

 

[Ashton]

As has been mentioned, this is a major IP organization's dream! RIAA, MPAA, etc will instantly know who is pirating their work (clearly it is owned by these groups not the artists now... ) This is just a nice combination of technological idiocy + deep-pocket lobbyists...

I lost faith in the "techie" president long ago. This is just more proof he's not a "techie" he's just stubborn and refuses to give up the 3-4 gadgets he's learned to use...

<tinfoil hat>Either that or the Illuminati big-brother have their hand up his ass and are just using him as a puppet now</hat>

This is a great idea.
Not new though, we've had such a system in Denmark for years, and everyone loves it.
There has been no data breach either, since the system is made to be more secure than what online banking systems use.
-snip-
How anyone can be against this is beyond me.

let me see if I can explain it to you in your native language...

Baaaah bah baaah *bleet* bah baaaaah

And I'll wear a steel lined glove so you can't take away my identity.

There will be matching glove/hat sets

 

[gdonovan]

Politicians, corporate execs, and insurance companies are getting filthy rich while we throw teachers, cops, fire fighters and nurses out on their asses.

You do not want to go there brother.

 

[wizdum]

This is a great idea.

Not new though, we've had such a system in Denmark for years, and everyone loves it.
There has been no data breach either, since the system is made to be more secure than what online banking systems use.
Please don't believe the republican fear tactics that this will allow the gubment to track what you do on the internet or require to use this to log in to websites. That will NOT be the case.

All this does, is provide an easy but secure way to submit your tax form, make an appointment with your doctor or view your medical records in case you need to apply for health insurance. Things that you can also do now, but you'll need to remember/apply for a new login code and password for each site.
This is a "one code for all" system.

It will be optional. If you prefer to do things by mail or stand in line at the DMV, you can still do that. You can even do things over the internet using the same system you use now.

How anyone can be against this is beyond me.

Because if someone gains access to my online banking account, that can be fixed through a 15 minute phone call. If someone uses one password to gain access to my online banking account, medical history, and tax information, its going to take months to fix it.

 

[push]

Yes! I can't wait! /sarcasm

 

[gdonovan]

If someone uses one password to gain access to my online banking account, medical history, and tax information, its going to take months to fix it.

If EVER.

I know people who have spent years cleaning up the mess of identity theft.

Another case of the government sticking its nose somewhere not required.

 

[SteelyDan]

Because if someone gains access to my online banking account, that can be fixed through a 15 minute phone call. If someone uses one password to gain access to my online banking account, medical history, and tax information, its going to take months to fix it.

If there's only one access system it will be more difficult/take longer to block the access?
I'm not sure why that would be the case.

If they make the system like here, (and it sounds very similar), there will be multiple layers of security.
-There's the login name and password. It is sent in a heavily encrypted form.
-There's a file installed on your PC (once). The only way to install this file on your PC/device is with a code that is sent to you by mail. It can NOT just be copied from one PC to another. So you have to be sitting at/with your PC/device to be able to log in. And you'd have to know your code.
-There's a physical element in a "key card". This is a basically just a card with a few hundred codes that only you have access to. It is sent to you by mail. You are asked for one of these codes whenever you do something that is considered sensitive material, like transferring money or viewing sensitive data about yourself.
It will never be sent to any address other than yours.

So you have 3 levels of security.
For a hacker to be able to steal your identity and log in using this "one code for all" system, he'd have to:
-Know your login code and password. Which are always sent using the highest level of encryption.
-Be sitting physically at your PC or use your mobile device.
-Live at your address for a while to be able to gain access to a card with the required codes.

Even if all these levels of security somehow fail, there is still a limit to how much damage can be done. There's a limit to how much money you can transfer to "outside accounts". If you need to transfer more than the limit, it's still possible, but this is not allowed without clear identification of who you are. Either by turning up at your bank physically identifying yourself, or with a phone call to someone who knows you at the bank.

 

[vengence]

If there's only one access system it will be more difficult/take longer to block the access?
I'm not sure why that would be the case.

If they make the system like here, (and it sounds very similar), there will be multiple layers of security.
-There's the login name and password. It is sent in a heavily encrypted form.
-There's a file installed on your PC (once). The only way to install this file on your PC/device is with a code that is sent to you by mail. It can NOT just be copied from one PC to another. So you have to be sitting at/with your PC/device to be able to log in. And you'd have to know your code.
-There's a physical element in a "key card". This is a basically just a card with a few hundred codes that only you have access to. It is sent to you by mail. You are asked for one of these codes whenever you do something that is considered sensitive material, like transferring money or viewing sensitive data about yourself.
It will never be sent to any address other than yours.

So you have 3 levels of security.
For a hacker to be able to steal your identity and log in using this "one code for all" system, he'd have to:
-Know your login code and password. Which are always sent using the highest level of encryption.
-Be sitting physically at your PC or use your mobile device.
-Live at your address for a while to be able to gain access to a card with the required codes.

Even if all these levels of security somehow fail, there is still a limit to how much damage can be done. There's a limit to how much money you can transfer to "outside accounts". If you need to transfer more than the limit, it's still possible, but this is not allowed without clear identification of who you are. Either by turning up at your bank physically identifying yourself, or with a phone call to someone who knows you at the bank.

Sounds great. How many unbreakable DRM schemes are there? A new one every 2 months right? Now how many of those "unbreakable" DRM schemes are broken? Oh, that's right every last fucking one.

 

[SteelyDan]

Sounds great. How many unbreakable DRM schemes are there? A new one every 2 months right? Now how many of those "unbreakable" DRM schemes are broken? Oh, that's right every last fucking one.

I'm not sure you can compare DRM for a computer game with a security system for online banking, but you're right, software can and will be manipulated. Which is why the system we use doesn't rely on software alone. Even if a hacker was able to bypass the first two security elements, there's still the third layer that is a physical key-card. I guess this prevents them from even trying.

You can make online security be as secure as is needed. It's just a matter of how inconvenient you want to make it for the user.
But even if someone was one day able to bypass the security, there's nothing with this new system that a hacker wouldn't be able to do now.

Take note, this is optional.
If you do NOT want a more secure, easier way to handle your business online, you simply don't apply for it.

I do not understand the outrage you guys are displaying over this.

 

[Ashton]

Keep in mind that in the USA, there are like 3 companies that use 2-factor authentication...

2 tiny banks that nobody has heard of... and World of Warcraft...

Says something about out priorities, does it not?

 

[TheWeazmeister]

I do not understand the outrage you guys are displaying over this.

Call it a sense of history. We have compromised our freedoms for security, peace, and whatever other catchphrase politicians would like to throw at you. This is going to be no different.

 

[TheWeazmeister]

Keep in mind that in the USA, there are like 3 companies that use 2-factor authentication...

2 tiny banks that nobody has heard of... and World of Warcraft...

Says something about out priorities, does it not?

LOL was just going to say that about WoW authenticators.

 

[Ryokurin]

Two factor authenication isn't exactly cheap. nor can a lot of people grasp it at least in my experience. It is getting cheaper with devices like yubikey and such.

 

[SteelyDan]

Call it a sense of history. We have compromised our freedoms for security, peace, and whatever other catchphrase politicians would like to throw at you. This is going to be no different.

You think this will compromise your freedoms?
How will it do that exactly?

Take note, this is optional.
It will not replace anything, it will not do anything that isn't possible now. It just makes the current method of logging in to online banks and government services easier and more secure.
If you're worried about losing your freedoms, just don't sign up for it.
Go to your bank in person instead. Go stand in line at the DMV.
If you think this will give you more freedoms, you will be able to still do this.

 

[TheWeazmeister]

You think this will compromise your freedoms?
How will it do that exactly?

Take note, this is optional.
It will not replace anything, it will not do anything that isn't possible now. It just makes the current method of logging in to online banks and government services easier and more secure.
If you're worried about losing your freedoms, just don't sign up for it.
Go to your bank in person instead. Go stand in line at the DMV.
If you think this will give you more freedoms, you will be able to still do this.

Sure thing, until it becomes mandatory. Until they decide that's in our "best interest." Perhaps we should all get RFIDs inserted in our bodies at the same time? The idea of a slippery slope is that it looks harmless, "cute & cuddly," or whatever expression you want to use, but it ends up being a disaster at the end of it.

 

[SteelyDan]

Sure thing, until it becomes mandatory. Until they decide that's in our "best interest." Perhaps we should all get RFIDs inserted in our bodies at the same time? The idea of a slippery slope is that it looks harmless, "cute & cuddly," or whatever expression you want to use, but it ends up being a disaster at the end of it.

Why would it become mandatory? They're not forcing anyone into this, it's an option. Just as it's an option to do your business at the post office, in the bank or at the DMV. There is nothing that indicates this will be mandatory. Now IF somehow they propose it becomes mandatory one day, you can complain about THAT. There's no probable reason to think it will become mandatory though, since people will always have the option to do it the "manual way".
Also, the way it is here, you can also log in the old fashioned way, with a code/password just for that one site.

I hope everyone understands by now that this is not for regular websites. It is not something you'll have to use to go on the internet. It's just another way to log in to secure websites, using a unified code/password instead of a bunch of different ones.

 

[Ashton]

It's just another way to log in to secure websites, using a unified code/password instead of a bunch of different ones.

The problem is this:

Mr John Smith:
Username: JohnSmith. John_Smith, JohnSmith1 (etc)
Password: Secret, John, johnsmith, Secret1, etc

Too many idiots with too little security. Even if it means compromising 1 account, getting in there will make it easier for hackers to get into other accounts.

I will agree, the 2-factor authentication makes it harder, but it's still not impossible, all that means is 1 more algorithm to crack, no different to most DRM schemes mentioned before except perhaps it will take a little longer.

Also, most things the government starts as "optional" tend to become "mandatory" and turn into one big fat mess...

 

[SteelyDan]

The problem is this:

Mr John Smith:
Username: JohnSmith. John_Smith, JohnSmith1 (etc)
Password: Secret, John, johnsmith, Secret1, etc

Too many idiots with too little security. Even if it means compromising 1 account, getting in there will make it easier for hackers to get into other accounts.

I will agree, the 2-factor authentication makes it harder, but it's still not impossible, all that means is 1 more algorithm to crack, no different to most DRM schemes mentioned before except perhaps it will take a little longer.

Also, most things the government starts as "optional" tend to become "mandatory" and turn into one big fat mess...

I do not see your government closing post offices and banks because of this.

Also, the way it works here, it's actually a 3-way security process:
-Your login/password
-A root file on your PC, activated by a code sent to you by mail
-A "key-card" sent to your address by mail, without which you cannot transfer money or view/change sensitive data.