[LINK] No country for cyber outlaws

Karl Auer kauer at biplane.com.au
Sat Jan 22 18:45:50 AEDT 2011 

On Sat, 2011-01-22 at 14:43 +1100, Bernard Robertson-Dunn wrote:
> I have a theory that, even if a solution or technology solves a problem, 
> (which it often doesn't) it will cause more problems. These problems are 
> often even worse than the one it is aimed at solving.

Oh yes. Oh very yes.

> But now there is a new sheriff in town, with the White House announcing 
> this month new guidelines to protect users.

Well - no. The US is basically a homeowner setting the rules in its own
living room. I can see how Russia, for example (renowned as a clean,
safe place, with no spammers or Internet nasties) would leap at the
opportunity to become part of the US family of cybertrust, giving each
Russian user a US-issued Internet ID. And clearly the US will want to
prevent Chinese people shopping in the US, what with the balance of
trade being so heavily tilted towards the US at the moment.

> The law is the National 
> Strategy for Trusted Identities in Cyberspace and it will allow the 
> establishment of internet IDs.

For US citizens, who as a group are well known for blindly accepting
Government controls on their freedoms. Yeah, that'll work.

> For example, if you wanted to buy a bottle of wine online, your digital 
> ID would supply only proof that you are over the legal drinking age, 
> without providing your date of birth.

That I do not laugh. Let a citizen perform a hundred transactions, and I
will give you his or her identity.

> To vote online, the ID would allow authorities to check your bona fides, 
> such as street address, through tax records, without the possibility of 
> exposing their contents.

Oh, my laugh is turning hollow!

> One of the claimed benefits is that users would no longer have to 
> remember myriad passwords for different transactions.

What a HUGE benefit. One ring to bind them...

> Websites that use the strategy to authenticate identity would carry a 
> small icon on their pages, similar to retail and banking sites which 
> announce they use encryption software to safeguard transmitted information.

And no website that did not perform all the protective mantras and
rituals would EVER place such an icon on their pages! No! Of this I am
certain.

> The internet ID aims to put a brake on cyber crimes such as identity 
> theft and online fraud.

... by providing a single token for the criminal to obtain or fake,
instead of many. Clearly this makes the criminal's job far harder, and
vastly reduces the likelihood that much effort will be expended on
cracking the system.

> "We have a major problem in cyberspace, because when we are online we do 
> not really know if people, businesses and organisations are who they say 
> they are," he says.

And nor, usually, do we need to! We need only to know if they are good
for the money. Or over a certain age. Actual identity is extraordinarily
rarely needed, and it is FAR better if everyone who does need to know
that maintains separate systems for determining and recording it. 

> Mayer described the draft strategy, issued in June, as "long on rhetoric 
> and short on details". Locke says a new draft will be issued in the next 
> few months.

That is sooo comforting.

> The task of implementing internet ID will be a joint government-public 
> enterprise.

Whew. For a minute there I thought corporate vested interests might be
allowed to participate in the design and implementation of the system.

> the tension between 
> privacy and the protection of consumer rights on one hand and freedom 
> of communication on the other.

Argh! There is no tension!

Regards, K.

PS: Auer's Theorem:   Any solution that involves "everybody" will fail.
    Auer's Corollary: If implemented, then the more people such a
                      solution involves, the more catastrophic will be
                      the consequences of its inevitable failure.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)                   +61-2-64957160 (h)
http://www.biplane.com.au/kauer/                   +61-428-957160 (mob)

GPG fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687
Old fingerprint: B386 7819 B227 2961 8301 C5A9 2EBC 754B CD97 0156
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <https://mailman.anu.edu.au/pipermail/link/attachments/20110122/defd57fd/attachment.sig>

More information about the Link mailing list