Whatever this 'mongish' and failed government says or does,

a. I don't believe it, and

b. give an ID card to the guys in Hong Kong and they'll have it cracked in less that 24 hours

Originally Posted by lsquared

Whatever this 'mongish' and failed government says or does,

a. I don't believe it, and

b. give an ID card to the guys in Hong Kong and they'll have it cracked in less that 24 hours

Too slow.....Try the first post...... 12 minutes to crack, edit, copy and clone...

Originally Posted by Kitmarlowe

If you want another laugh

http://www.computerweekly.com/Articl...ational-id.htm

Really....? I f**king don't think so.

So if foreign nationals refuse they will be kicked out? What if they are also EU nationals? Are they going to be kicked out too? No, didn't think so.

For Non-EU we then have the human rights issues to contend with before anyone gets deported. Utter balls.

Originally Posted by Closet_Jibber

Tin Foil hat off now :D 1984 is 25 years late. I'm off to hide in the woods as I don't trust these feckers.

You've got a short memory.
Going off into the woods didn't do Dr David Kelly much good did it? :D

Originally Posted by "chocolate_frog

It is quite easy in a lot of ways.

Not with the database sizes and the permutations and combinations of access permissions that you're talking about. The numbers of people with a need for legitimate access to an individuals data couple number in the several hundred, then when you think about the exceptional access needs you're onto thousands of potential people. Once the card is cloned then it doesn't take much to subvert one of those people. The audit logs will be immense and with so many different behavioural patterns to account for there will be a need for quite a high acceptable error level.

Either solution is a security headache waiting to happen.

Originally Posted by chocolate_frog

I don't know why they don't just give out one single serial number, at birth/naturalisation.

Then, when your NIC comes through, it is hte same number.

When your NHS number comes through, it is the same number.

Driving licence, passport, etc.

They used to. It was called an NHS number. Everyone got one when they were born or naturalised. Mine was XXXX240. (Four letters hidden, just in case.)

In today's modern outsourced Government IT model this has been replaced by a very long number which can't be linked to my NI number, GP's Practice Number, Driving Licence Number or Passport Number.

But a lot of outsource companies are making money out of making this mess worse! And they're being paid by the Government to develop the technology to do it!!!!!

There is no need to worry: The Home Office has a firm grip on the really important issues connected with ID cards.......

Aristocrats guaranteed full title on ID card - but not the rest of us

"The concession will not only apply to all members of the House of Lords but also their wives and families as well as holders of knighthoods and baronetcies and their wives, as well as dames.

The decision has been disclosed in correspondence between the Home Office minister Lord West of Spithead, also known as Admiral Alan William John West, and Earl Ferrers, a former Conservative Home Office minister who is also known as Richard Washington Shirley.

While the amount of available space will limit many lengthy common names, no such restriction is to be placed on the nobility.

This must make the Right Honourable the Lord Mandelson of Foy in the county of Herefordshire and Hartlepool in the county of Durham the favourite for the holder of the longest ID card in Britain."

http://www.guardian.co.uk/politics/2...les-concession

Originally Posted by ClawedFurryMammal

Originally Posted by "chocolate_frog

It is quite easy in a lot of ways.

Not with the database sizes and the permutations and combinations of access permissions that you're talking about. The numbers of people with a need for legitimate access to an individuals data couple number in the several hundred, then when you think about the exceptional access needs you're onto thousands of potential people. Once the card is cloned then it doesn't take much to subvert one of those people. The audit logs will be immense and with so many different behavioural patterns to account for there will be a need for quite a high acceptable error level.

Either solution is a security headache waiting to happen.

You make smaller databases.....

You don't need all encompassing databases. Or if you do, you keep them small. Local.

One all encompassing database for a town, city or county. With specific details, but wider groupings held at national level for thsoe that need them.

Originally Posted by chocolate_frog

You make smaller databases.....

So you lose all the benefit of actually having it, notwithstanding my general objection to the system in principle.

How would you suggest breaking them down?

You don't need all encompassing databases. Or if you do, you keep them small. Local.

One all encompassing database for a town, city or county. With specific details, but wider groupings held at national level for those that need them.

I could come up with a whole host of alternative attack vectors, the issue is less the size of individual databases, but the aggregate and the numbers/ combinations that need to get into them.

Notwithstanding the operational issue, so what happens if I have a need to access the NHS when I'm 300 miles from home?

Originally Posted by cloudbuster

Originally Posted by Closet_Jibber

...........and issue everyone with a serial number at birth.

Tattooed inside their right forearm............

hang on.......you mean the bar-code on the back of my neck containing my full name, dob, NOK and blood group ISN'T universal ?

So...nobody else gets those funny comments at the check-out?

I want my money back !

Bare

--