Urban75 Home About Offline BrixtonBuzz Contact

Why we must now fight ID cards

ericjarvis said:
Tesco don't have all my details. They only know what I buy from Tescos. That doesn't even give them a clear picture of my eating habits, let alone the rest of my lifestyle. They only have one of my email addresses. They don't know what I look like, or who lives in my flat other than myself. There's lots they will never know that the State already does.
Click to expand...
actually, Tesco probably know a lot more than that. Considering they keep the data for decades they will have compiled a vast amount of info about you, even if you dont normaly buy a paper from their, they'll have the record of whatever it is, similarly clothes & accoutrements, if you require regular medicines they'll have an idea of your health record (and you can pick prescriptions up from some Tesco as well), odd other items all build up a picture, even if you dont take out any insurance or other financial products with them (to do which you need to give a lot more info too). If you are a regular Tesco shopper they WILL have built up a vast amount of information about you, from which they can tell an awful lot. With the aid of a couple of crafty computer programmes they can extrapolate from existing data to tell a lot more still.
 
belboid said:
actually, Tesco probably know a lot more than that. Considering they keep the data for decades they will have compiled a vast amount of info about you, even if you dont normaly buy a paper from their, they'll have the record of whatever it is, similarly clothes & accoutrements, if you require regular medicines they'll have an idea of your health record (and you can pick prescriptions up from some Tesco as well), odd other items all build up a picture, even if you dont take out any insurance or other financial products with them (to do which you need to give a lot more info too). If you are a regular Tesco shopper they WILL have built up a vast amount of information about you, from which they can tell an awful lot. With the aid of a couple of crafty computer programmes they can extrapolate from existing data to tell a lot more still.
Click to expand...

I don't want defend Tesco as I hate them. (wait for it).......... However, they are fairly good at protecting people's private data because the last thing the want is the bad publicity. They just want to sell you the most products.

Their Club Card system works by initially assigning you a code against your personal details.

When you make purchases details of what you have brought are inputted into the system and run through a rather complex algorithm. This algorithm assigns you codes a bit like the old demographic code things.

So for example one person may have a number of codes that relate to certain types of shoppers and different interests in products

A2, B3, D23 etc.. linked to their Club card code 123456. Tesco can then rather intelligently decide to issue vouchers to specific code groupings automatically depending on prices, levels of stock, the weather and perhaps changes in your buying patterns.

If their data was ever compromised all you would be able to steal is a list of codes next to another code. It would be very hard to get the personal details back out of the system as they are encrypted on the way into it, and only then linked back up for a direct mailing operation. It is therefore a degree of separation away from someone being able to say I know Mr Smith brought X,Y,Z on a particular date.
 
belboid said:
actually, Tesco probably know a lot more than that. Considering they keep the data for decades they will have compiled a vast amount of info about you, even if you dont normaly buy a paper from their, they'll have the record of whatever it is, similarly clothes & accoutrements, if you require regular medicines they'll have an idea of your health record (and you can pick prescriptions up from some Tesco as well), odd other items all build up a picture, even if you dont take out any insurance or other financial products with them (to do which you need to give a lot more info too). If you are a regular Tesco shopper they WILL have built up a vast amount of information about you, from which they can tell an awful lot. With the aid of a couple of crafty computer programmes they can extrapolate from existing data to tell a lot more still.
Click to expand...

Only if you shop for a fairly wide range of products at Tesco. I don't. I've never picked up prescriptions from them, and almost certainly never will. Books and music are invariable purchased elsewhere, likewise the vast majority of fresh food. The bloke who runs the local corner shop knows more about me.
 
moon23 said:
With regards to public opnion indypendant polls as opposed to the Home Office's own polling data shows a consistent decline in support. It's now about 50/50 when asked about cards.
Click to expand...

This isn't relevant. Political parties stopped paying attention to polls of the general population decades ago. What counts is how popular an idea is amongst target groups, the people they believe can be persuaded to vote for them. They no longer give a toss what people who strongly support any party think, they are of very little relevance when it comes to getting elected.

Insane, but how it's been since the late 80s.
 
ericjarvis said:
This isn't relevant. Political parties stopped paying attention to polls of the general population decades ago. What counts is how popular an idea is amongst target groups, the people they believe can be persuaded to vote for them. They no longer give a toss what people who strongly support any party think, they are of very little relevance when it comes to getting elected.

Insane, but how it's been since the late 80s.
Click to expand...

Which is why we need to take action against the scheme
 
detective-boy said:
I am not arguing for a "mass centralised database". The database and the actual card are different issues and each has pros and cons. Personally I am persuaded by the cons of the multiple linking of existing databases into a single one - I think the potential for improper access to data is way too large (albeit it has been massively overstated by some opponents).

The only database to make biometric ID cards effective would be a database of their issue - something we already have one way or another in the database of national insurance numbers, etc. which everyone has.

And please link to any evidence of biometrics being overcome by fraudsters - I'm NOT talking about someone duplicating a card or whatever, I'm talking about someone else presenting as the ID card holder and passing the biometric test. (ETA: Just seen you have - I'll have alook later and come back on it)
Click to expand...

For a biometric test to be possible an aspect unique to a person has to become digital.

As soon as something becomes digital it can be hacked.

Once a biometric has been hacked either the whole system is useless, or you will forever be associated with the criminal who has your details.
 
moon23 said:
Watch this video, do you still think biometrics are difficult or impossible to get around by a fraudster?
Click to expand...
Effectively, yes (though never say never about anything). I would never recommend a single biometric anyway (even if only one or two were used routinely for screening and the others were kept for subsequent checks in cases where issues arose). And when you look at all the steps needed in the process demonstrated, the time it took ("We've been working for days on this") and the fact that it would be patently obvious to anyone watching you plant your latex covered finger on the scanner that something was wrong ... that is NOT an example of how ID card biometrics could be readily evaded.
 
moon23 said:
There are alterative proposed methods for proving your ID that dont require the state to keep a mass centralised database.
Click to expand...
How? How can you possibly have a system where a mobile piece of data (the card) can be verified without reference to a static piece of data (the database)? :confused::confused:
 
moon23 said:
The individual can then be given the corresponding key which proves thier ID when they want to make a transaction.
Click to expand...
Client: "Hello. My name is d-b. My ID key is 0166ggT55Yh778."
Trader: "Thank you ... er ... what am I supposed to compare that with ...?"

:confused::confused:
 
newme said:
Not even close to the truth. ID cards are fairly ineffective at preventing almost everything they have been aimed at like an all purpose weapon. Plus they have already been cracked in various forms.
Click to expand...
Why answer with details about ID cards generically when I was specifically talking about the biometrics? Come on, lets have some decent evidence of how the biometrics in ID documents have been effectively evaded ...
 
detective-boy said:
Why answer with details about ID cards generically when I was specifically talking about the biometrics? Come on, lets have some decent evidence of how the biometrics in ID documents have been effectively evaded ...
Click to expand...

As soon as something is digital it can be sniffed out and duplicated - no system is 100% secure.
 
ericjarvis said:
You are comparing identity checks done wrongly with the current system ...
Click to expand...
Please let me know how to effectively (and practicably) do identity checks "properly" ...

"Hello. I'm d-b. I live at 23 The High Street."

Now what ...

Tesco don't have all my details.
Click to expand...
Oh dear, oh dear ... you really are naive about what they hold! Private corporations (not least Google) and their information gathering and analysis is a massive issue ... but the media don't worry about it and the activists are only interested in the State knowing anything ...
 
newme said:
If the only thing on the database was issue, how would u verify that the biometric details on it were correct?
Click to expand...
It wouldn't only have issue - it would have the biometrics. I personally would recommend the fingerprint as the most user-friendly first line screen as the technology already exists for very quick, efficient and portable scanners but there are others.
 
detective-boy said:
Why answer with details about ID cards generically when I was specifically talking about the biometrics? Come on, lets have some decent evidence of how the biometrics in ID documents have been effectively evaded ...
Click to expand...

Can you prove biometrics are 100% secure?

How do you update your biometric data if it's captured?
 
moon23 said:
Verification success rates

69% facial biometrics
96% Iris
81% Fingerprint.

Not high enough to be functional in a real word environment.
Click to expand...
Compared to what we have (or, to be rather more accurate, don't have) now?

Have you any idea how many people pass identity checks with forged documents? It's a massive problem for the SIA (in relation to issuing security guard, etc. licences); the banks (in trying to ensure they know who they're giving mortgages, etc. to); companies like e-Bay (trying to ensure naive fools who will spend vast fortunes on stuff to some random on the internet with a Pay-as-you-Go mobile number and a hotmail e-mail address as their only contacts aren't defrauded) ...

Verification success rates of something like 6.9%, 9.6% and 8.1% would be a vast fucking improvement!
 
moon23 said:
If the Data was all stored locally on the card, that would actually be an improvement in my view. The Germans have a system like this, in fact it's an offense to link ID card information to any mass database system in Germany, which is probably wise given their history.
Click to expand...
If you were able to link the biometric being measured (e.g. my fingerprint or iris scan) to the one recorded on the card that would obviate the need for the biometric on the central database (which would only then need to have the very basic detail of serial number and name or something as a record of official issue.

But it would open up the possibility of someone building the card from scratch (so their biometric was in it although it showed your details).
 
moon23 said:
The National ID database is nothing like we allready have in terms of the tracking of every time the indivduals data is verified.
Click to expand...
There is no reason why any tracking data should be retained. I have never said there is. (But if you were to look at the systems we already have, I suspect that a variety of departments behind NI numbers, etc. could tell you who checked up on the veracity of which number when ...)
 
moon23 said:
However, they are fairly good at protecting people's private data because the last thing the want is the bad publicity.
Click to expand...
Sorry .. I thought you were arguing that it was technically impossible to keep data secure (i.e. anyone, not just the State). :confused::confused:

If Tesco's can do it, then the State can do it (whether the State would spend the right amount to achieve it, or be organisationally competent enough or whatever is a very different argument).
 
BigPhil said:
For a biometric test to be possible an aspect unique to a person has to become digital.

As soon as something becomes digital it can be hacked.
Click to expand...
Yes ... but it can't be replicated in the carrying out of a new test at the "proof of ID" point. Yes, my fingerprint is digitised and put on the card and / or database ... and so (theoretically) someone could hack in an steal my digitised fingerprint or alter it on the database to their digitised fingerprint ... but they still won't have my finger to put on the scanner at the "proof of ID" point ...

And, at the end of the day, it doesn't matter is it is not 100% fool-proof so long as it is significantly more foolproof than the bits of card / plastic bearing a seven-digit code we now have ...
 
BigPhil said:
Can you prove biometrics are 100% secure?
Click to expand...
You're the one making the claim that it isn't, it's for you to justify that claim.

And even if I wanted to answer that question, I couldn't. What on earth does "100% secure" mean? Against what? When? In what circumstances? Which biometrics? :confused:
 
detective-boy said:
Sorry .. I thought you were arguing that it was technically impossible to keep data secure (i.e. anyone, not just the State). :confused::confused:

If Tesco's can do it, then the State can do it (whether the State would spend the right amount to achieve it, or be organisationally competent enough or whatever is a very different argument).
Click to expand...

You are missing the point about the value of private data. With enough resources you would be able to get your hands on data accumulated from whatever supermarket.

If the reward for breaking a system is someone's identity that is extremely valuable. If that identity becomes the trusted method of identifying yourself there will be massive resources being put to break the system.

If you hack a biometric system the whole system, and the billions of investment behind it is at risk
 
detective-boy said:
Yes ... but it can't be replicated in the carrying out of a new test at the "proof of ID" point. Yes, my fingerprint is digitised and put on the card and / or database ... and so (theoretically) someone could hack in an steal my digitised fingerprint or alter it on the database to their digitised fingerprint ... but they still won't have my finger to put on the scanner at the "proof of ID" point ...

And, at the end of the day, it doesn't matter is it is not 100% fool-proof so long as it is significantly more foolproof than the bits of card / plastic bearing a seven-digit code we now have ...
Click to expand...

It does need to be 100% fool proof if the security token is personal. By definition it cannot be updated.

You may not have a finger to fool the system (although the reward is potentially so vast people may well chop a finger off!). The scanners will be in general use and with enough resources you'll get hold of one and be able to hack it - capture the data as it passed through the first time and then feed it through subsequently using the hacked scanner.
 
detective-boy said:
Please let me know how to effectively (and practicably) do identity checks "properly" ...

"Hello. I'm d-b. I live at 23 The High Street."

Now what ...
Click to expand...

For the equivalent of an ID card check, show passport, driving license, bank card, TU membership card, domestic utility bills etc. Now explain how an ID card is safer and more effective than the frequently existing requirement of two pieces of ID. Bear in mind that the convenience of only requiring one piece of ID necessitates the added danger of ID theft due to only one piece of ID being required.

detective-boy said:
Oh dear, oh dear ... you really are naive about what they hold! Private corporations (not least Google) and their information gathering and analysis is a massive issue ... but the media don't worry about it and the activists are only interested in the State knowing anything ...
Click to expand...

The difference is that so far no private corporation has claimed the intention to collate everything possible into a single database. Of course that doesn't mean there aren't people trying to do precisely that on a private basis, but having been on the Economic League blacklist since I was 22, and in the security services files since around the same time, I really couldn't care less. The problem isn't the holding of information, it's the accuracy of the information, and what it's used for that matters to me. The State has used inaccurate information about me to make my life more difficult than it need be. So far the only private company to do so was only able to cause me any problem when the inaccurate information was used by the Civil Service.

That's what it's all about. Tescos are a bunch of bastards, but by and large they want me to be a happy and prosperous consumer, and don't care much beyond that. The State has a tendency to want a little more from me than that. When Tescos screw up the information, then it's a tad more difficult to buy something I want. When the State screws up I get turned down for jobs, my phone tapped, my partner questioned about me, and so on.
 
Biometrics type stuff is no where near ready yet.

Iris recognition is the closest but theres still as far as i know(im about 2/3 years out of date now) problems with how long it takes and the machinery needed.

Imagine how much longer it will take at passport control if every person has to have thier iris checked by a special computer and then verified(irtis can't be done off any cctv system and facial recognition software is inaccurate). It will cause choas and considering 4 in 100 peoples checks will be wrong in someway its going to create a lot more work for everyone.

I would also quite like to see just how secure all this data is going to be. I reckon a lot of hackers are going to try and break in even if not for criminal gain then for interlectual persuits.

The goveremnt and tech don't really go hand in hand and they are always fucking up, it wont go well.

I have no moral objections to id cards and the like though. I own a passport i have a driving liscence so its not like im off grid anyway and don't see what difference them having a copy of my iris and finger print will actually make. My only real objections is there hasn't been a clear message(as far as i know) as to who will have access to what information yet, my bank and insurance compnay can fuck right off!


dave
 
Rod Sleeves said:
When ID cards were first announced I was associating with some unsavoury characters quite a lot, all of them couldn't wait for ID cards, and were actually offended that I would want to campaign against them.
Click to expand...

Did these unsavoury characters explain what they intended to do once ID cards come into use? Do you think they will be capable (equipped & competent) of doing whatever naughtiness they intend?
 
JHE said:
Did these unsavoury characters explain what they intended to do once ID cards come into use? Do you think they will be capable (equipped & competent) of doing whatever naughtiness they intend?
Click to expand...

As Mr Blunkett confirmed shortly afterwards they would be able to establish new identities without any blemishes. This is still the case. Plus you'd only need one piece of ID rather than four or five.
 
the govt.s plans for id cards still continue even as they appear to hit fail after fail.
I think that there are other, more insidious, moves within society to normalise the use of ID cards- for example at my work, at sainsburys, they are introducing 'Think 25' which will require anyone 'who appears' under 25 to provide ID before they can buy ANY age restricted item- not simply alcohol or tobacco, but also dvds cds andd games- that is any at all- imagine soon twenty four year olds without ID refused service when trying to buy a harry potter dvd ( which as a PG cannot be bought by an unaccompanied child) This isn't just Sainsburys but all supermarket and other stores.
The move to think 25 comes straight from the police and the shops either comply or risk losing their off licences.
This drive to an ID card culture is presented as a protective measure to deter underage drinking, and the announcements at the moment in the stores speak of Sainsburys introducing it because it is a 'responsible store'
 
barney_pig said:
the govt.s plans for id cards still continue even as they appear to hit fail after fail.
I think that there are other, more insidious, moves within society to normalise the use of ID cards- for example at my work, at sainsburys, they are introducing 'Think 25' which will require anyone 'who appears' under 25 to provide ID before they can buy ANY age restricted item- not simply alcohol or tobacco, but also dvds cds andd games- that is any at all- imagine soon twenty four year olds without ID refused service when trying to buy a harry potter dvd ( which as a PG cannot be bought by an unaccompanied child) This isn't just Sainsburys but all supermarket and other stores.
The move to think 25 comes straight from the police and the shops either comply or risk losing their off licences.
This drive to an ID card culture is presented as a protective measure to deter underage drinking, and the announcements at the moment in the stores speak of Sainsburys introducing it because it is a 'responsible store'
Click to expand...

I've been told by young people that it's impossible for them to go out for a drink without ID proving that they're 18+. That's certainly different from my day.

Other changes in recent years: years ago people were hardly ever asked to provide certificates proving their qualifications to employers, now it's pretty standard; years ago you only needed a passport if you travelled abroad, now a passport is used often to prove ID in govt offices and elsewhere.

But these changes aren't being brought in as ways of getting people to accept the idea of ID cards. It's pretty much the other way round. There is much much much more distrust, including institutionalised distrust, and there has been more importance attached to enforcing age limits. These developments have made some people think that it would be useful and more straightforward to have a super-dooper Nat ID scheme.
 
You must log in or register to reply here.

Similar threads

L
Oops - How did the Government not see that this was going to happen? (ID cards)
Replies
4
Views
262
Buddy Bradley
Buddy Bradley
ska invita
ID Cards 2025 edition
21 22 23 24 25
Replies
723
Views
16K
liquidindian
liquidindian
platinumsage
Civil service interns must be working class from next year
2
Replies
58
Views
1K
GarveyLives
G
SCOUSE71UK
Starmer must make the hard decisions?
Replies
2
Views
255
Shippou-Sensei
Shippou-Sensei
ManofRay
Life now.
2
Replies
45
Views
1K
ice-is-forming
ice-is-forming
Back
Top Bottom