Category Archives: National ID

Fingerprinted and Facebooked at the Border

Posted on by

According to the Wall St Journal, “Iranian Crackdown Goes Global ,” Iran is monitoring Facebook, and in a move reminiscent of the Soviets, arresting people whose relatives criticize the regime online.

That trend is part of a disturbing tendency to criminalize thoughts, intents, and violations of social norms, those things which are bad because they are prohibited, not bad in themselves. It’s important if we want to export freedom of speech and freedom from self-incrimination, to push for an international norm of limiting the powers of governments, not of people. Of course, since the main way that the international reach of governments is limited is through treaties negotiated by, umm, governments, I don’t expect a lot of that soon.

Not to mention the creation of fake Facebook accounts by Iranian intelligence.

But most interesting is this:

Five interviewees who traveled to Iran in recent months said they were forced by police at Tehran’s airport to log in to their Facebook accounts. Several reported having their passports confiscated because of harsh criticism they had posted online about the way the Iranian government had handled its controversial elections earlier this year.

and

One 28-year-old physician who lives in Dubai said that in July he was asked to log on to his Facebook account by a security guard upon arrival in Tehran’s airport. At first, he says, he lied and said he didn’t have one. So the guard took him to a small room with a laptop and did a Google search for his name. His Facebook account turned up, he says, and his passport was confiscated.

Some thoughts on the Olympics, Chicago and Obama

Posted on by

So the 2016 Olympics will be in Rio de Janeiro. Some people think this was a loss for Obama, but Obama was in a no-win situation. His ability to devote time to trying to influence the Olympics is strongly curtailed by other, more appropriate priorities. If he hadn’t gone to Copenhagen, he would have been blamed for not caring. If he went, he’s blamed anyway. In reality, he does have some control over what happened. He could have fixed the “harrowing experience” we show the world under the ironic words “Welcome to the United States:”

In the official question-and-answer session following the Chicago presentation, Syed Shahid Ali, an I.O.C. member from Pakistan, asked the toughest question. He wondered how smooth it would be for foreigners to enter the United States for the Games because doing so can sometimes, he said, be “a rather harrowing experience.” (New York Times, “Rio Wins“)

Ironically, the President has experienced harrowing nonsense at borders, see “US Senators Detained In Russia.” He should put someone on fixing the Customs and Immigration service before it costs us even more.

However, it’s really unclear if the “loss” is a loss. “No Games Chicago” was a citizens group advocating against destroying Chicago’s parks and budget for the Olympics, and according to CNN, 45% of the city’s residents didn’t want the games. And as the AP documents in “Olympics Aren’t Necessarily an Economic Bonanza,” the outlandish “economic benefit” numbers that Olympic advocates usually throw around are based on a “multiplier effect” of around 3. Me, I know what an Olympics event costs–Montreal taxpayers paid off the ’76 Olympics in 2006.

So congratulations, Rio. I hope you don’t bulldoze the less waelthy neighborhoods, and I hope you’re all paid off by 2030 or so.

Social Security Numbers are Worthless as Authenticators

Posted on by

The nation’s Social Security numbering system has left millions of citizens vulnerable to privacy breaches, according to researchers at Carnegie Mellon University, who for the first time have used statistical techniques to predict Social Security numbers solely from an individual’s date and location of birth.

The findings, published Monday in The Proceedings of the National Academy of Sciences, are further evidence that privacy safeguards created in the era before powerful computers and ubiquitous networks are increasingly failing, setting up an “architecture of vulnerability” around personal digital information, the researchers said.

“My hope is that publishing these results may open a window of opportunity, so to say, to finally take action,” Mr. Acquisti said. “That S.S.N.’s are bad passwords has been the secret that everybody knows, yet one that so far we have not been able to truly address.”

So reports John Markoff in “Social Security Numbering System Vulnerable to Fraud.”

We’ve all known for a long time that the SSN makes a godawful authenticator. And now Alessandro Acquisti and Ralph Gross have put a final nail in the coffin for anyone using the SSN as an authenticator. I would really hate to be on the witness stand defending a decision to let anyone authenticate to my business with “the last four” because “everyone else is doing it.” Now is the time to go to management and talk to them about improving things.

My favorite response is from the Social Security Administration, “There is an Elephant in the Room; & Everyone’s Social Security Numbers are Written on Its Hide:”

For decades, we have cautioned the private sector, including educational, financial and health care institutions, against using the SSN as a personal identifier.

Ahh, decades of advice. How’s that working out for you guys? I’m sure if you tell everyone just once more, they’ll listen. For the rest of you: not getting going on a fix now will turn out to be career limiting.

Rebellion over an ID plan

Posted on by

bar_code_cow.jpg

What they were emphatically not doing, said Jay Platt, the third-generation proprietor of the ranch, was abiding by a federally recommended livestock identification plan, intended to speed the tracing of animal diseases, that has caused an uproar among ranchers. They were not attaching the recommended tags with microchips that would allow the computerized recording of livestock movements from birth to the slaughterhouse.

“This plan is expensive, it’s intrusive, and there’s no need for it,” Mr. Platt said.

The New York Times reports that not even cattle need Real ID in”Rebellion on the Range Over a Cattle ID Plan.” There’s a web site, NoNAIS.org which is tracking things like

Oklahoma is now mandating Premises ID for anyone wanting participate in the Swine Shows. One more tricky little way that they make “voluntary” into mandatory.

Image: IstockPhoto

Can’t Win? Re-define losing the TSA Way!

Posted on by

We were surprised last week to see that the GAO has issued a report certifying that, “As of April 2009, TSA had generally achieved 9 of the 10 statutory conditions related to the development of the Secure Flight program and had conditionally achieved 1 condition (TSA had defined plans, but had not completed all activities for this condition).”

Surprised, that is, until we we saw how the GAO had defined (re-defined?) those statutory conditions in ways very different from what we thought they meant, or what we think Congress thought they meant.

Read the details at “GAO moves the goalposts to “approve” Secure Flight

Need ID to see Joke ID card

Posted on by

A bunch of folks sent me links to this Photography License, which also found its way to BoingBoing:

3514238906_2db2dc0a92.jpg

Now, bizarrely, if you visit that page, Yahoo wants you to show your (Yahoo-issued) ID to see (Matt’s self-issued) ID.

It’s probably a bad idea to present a novelty version of a DHS document to law enforcement.

It’s a worse idea to live in a country where someone sees enough harassment of photographers to design such a thing so well.

The very worst idea, however, is to discover pressure to send the whole thing down the memory hole.

The Identity Divide and the Identity Archepelago

Posted on by

(I’d meant to post this in June. Oops! Chaos reigns!)

Peter Swire and Cassandra Butts have a fascinating new article, “The ID Divide.” It contains a tremendous amount of interesting information that I wasn’t aware of, about how infused with non-driving purposes the drivers license is. I mean, I know that the ID infrastructure, is, in essence and aim, an infrastructure of control. Even so, I didn’t realize how far it had gone as a tool of compliance enforcement.

There’s more to say than I can get into this blog post. Short form: go read it. Slightly longer form:

There are lots of details that are just great. For examples:

“The More ID checks in society, the more ID theft matters.” (page 11)

In a discussion of a 2005 deficit reduction act attempt to reduce medicaid fraud: “A GAO study instead found that the major effects of the program were higher administrative costs …and denial of medical benefits to eligible US citizens” (page 14)

“In addition, some state will not issue a state ID until a person has caught up on all outstanding payments due the staet, including traffic fines and child support payments. As ID requirements spread, persons who cannot afford to make all such payments may be denied the right to vote, to receive health insurance, or to become lawfully employed.” (page 16)

“…independent reviews of the E-Verify program have found that employers engage in prohibited employment practices…” (page 18)

My copy of this report is covered in markup, about “the computer is always right,” about linkability, about data shadows. In fact, about the only thing I don’t like is the title. I don’t think this is a divide, I think that identity has become an archepelago, a la the Soviet Gulag system.

In the preface to The Gulag Archepelago, Solzhenitsyn wrote:

And this archipelago crisscrossed and patterned that other country
within which it was located, like a giant patchwork, cutting into its
cities, hovering over its streets. Yet there were many who did not
even guess at its presence, and many, many others who had heard
something vague.

I think the argipelago is a better metaphor than a divide. A divide
exists, and most of us exist on one side of it. But the identity
archipelago! At a moments notice, we can be thrust onto its other
side. A phone call, a letter, and our identity’s connection to the
machine is broken. Our data shadow has sinned, and we are cast into
the archipelago, forced to learn its ways.

In conversation, Peter has said that the Gulag analogy is too over-used, which is a shame. Maybe identity is more like an accident–you’re driving along and 35 and boom, you wake up in the hospital. Maybe it’s more like a vase, dropped and you’re cutting yourself picking up the shards. What’s the right description for the fragile system we have where people get violently yanked into the nightmares?

[Comments have been closed because of a flood of spam against this single entry.]

Authenticating Alan Shimel is Certifiably Hard

Posted on by

Alan-Shimel.jpgAlan Shimel got hacked, and he’s blogging about it, in posts like “I’m back.” It sounds like an awful experience, and I want to use it to look at authentication and certificates. None of this is intended to attack Alan in any way: it could happen to any of us.

One of the themes of these posts is the difficulty of resolving the cases, especially when your password has been changed and your email accounts have been compromised. Alan’s spent a lot of time on the phone getting stuff cleaned up, and I’d like to look at that process a little.

Alan has various business relationships with organizations who know him only via email and credit cards, or perhaps with a PO. How should they handle a claim that an account has been hacked? How are they supposed to authenticate someone calling who doesn’t know the password, and wants to tie a new email account into the system? Doesn’t that sound like fraud? These organizations likely don’t know Alan’s driver’s license # or passport.

This problem isn’t hard because we lack technology, it’s hard because a networked system has emerged which makes it easy to do business all around the world with people you don’t really know. If Alan had a client cert, maybe that would have been stolen, too. If he had a smartcard, maybe that would have been attacked via a client-side trojan. He ran into these troubles, and documents them at Yahoo, in “Why Google is now my homepage instead of Yahoo:”

I have written and called to every address you can think of. They have asked for copies of my drivers license. They wanted all of my information when I first applied for an account (yes from 12 years ago). I have had to give them every email address I ever had (anytime you fill out information for a new account you should make a record of it and keep it somewhere safe. Don’t ask me where, but somewhere safe). Every mail address and zip code I have had. I sent them the answer to every secret question I can think of, but they won’t give me the question they want to answer. I sent them the hackers post bragging about getting my email account.

There may well be multiple guys named Alan Shimel out there-just seeing a faxed copy of a license isn’t very good authentication.

All we have in distant and simple relationships is persistence and that’s not that strong. We also have what Alan used, which is webs of trust. He called people who knew him and had them call people he knew:

As I have written earlier, I was lucky in that I was able to call on people to help me out. For instance my friends at FeedBurner/Google, Matt Shobe and Dick Costollo, quickly took control of my FeedBurner accounts, including the SBN feed. They were also to get someone live at Typepad to allow me to take back the blog. This took more time than it should have though. Until the Feedburner reached out to someone, the Typepad support team just kept sending a new password to mailboxes that the attackers controlled, even though I was mailing them from my stillsecure mail box! You could not get any of these people on a phone. Very frustrating! (“Our web infrastructure needs to be at public utility levels“)

Now, persistence and webs of trust seem like bad business models. They’re not easy to manage with regards to liability and contracts, but they are a great representation of how the world really works.

Closely related: “Certifiably Silly,” and “I’m certifiably wrong.”

Watchlist Cleaning Law

Posted on by

Former South African President Nelson Mandela is to be removed from U.S. terrorism watch lists under a bill President Bush signed Tuesday…
The bill gives the State Department and the Homeland Security Department the authority to waive restrictions against ANC members.

This demonstrates that greater scrutiny must be placed on the decisions about who gets placed on terrorist watch lists and other government blacklists. It took a long time for Nelson Mandela to get off the list, and I wonder whether anybody who isn’t of Mandela’s stature stands a chance getting off the list. The story also raises questions about just who is designated a terrorist. There must be greater accountability in creating these lists.

(Dan Solove, “U.S. Government Finally Recognizes that Nelson Mandela Isn’t a Terrorist.”)
I fully agree with what Dan says, and would extend it to creating, maintaining and using such lists. But I wanted to comment on something which struck me. The story says (accurately) that the law “gives the State Department and the Homeland Security Department the authority to waive restrictions,” and also states the sense of Congress. Why doesn’t the bill simply order the removal of all such people, and give them actionable rights if they aren’t removed?

The bill is HR 5690.

UK Passport Photos?

Posted on by

UK-Passport-Eye.jpg

2008 and UK passport photos now have the left eye ‘removed’ to be stored on a biometric database by the government. It’s a photo that seems to say more to me about invasion of human rights and privacy than any political speech ever could.

Really? This is a really creepy image. Does anyone know if this is for real, and if so, where we can read more?

Photo: Alan Cleaver2000