15/08/2009 by The Daily Male.

Well, It has been a good while since I posted. I have been somewhat distracted of late. But I am back and I hope to get some more rants online soon.

Anyway, Interesting article in the real Daily Mail… http://www.dailymail.co.uk/news/article-1204641/New-ID-cards-supposed-unforgeable–took-expert-12-minutes-clone-programme-false-data.html

 For anyone who thought my earlier blog stating that the new ID cards will be easily cloned, copied or faked but were doubtful, perhaps you will not accept this scheme is a very very very bad idea.

Posted in Politics, ID Cards, Society | Print | 1 Comment »

06/05/2009 by The Daily Male.

Manchester gets ID cards.

You can tell when a government is out of touch when they think it is okay for ordinary people to volunterily pay £60 for an ID card they do not want, do not need and has no practicle use.  The trouble with Jacqui Smith and her ilk is that they have spent so much time sponging off the tax payer they have lost all concept of the value of money. To them £60 is a claim for a new set of scatter cushions, so an id card is virtually free. For you and me £60 puts food on the table, shoes on your children’s feet or the ability to heat the house for a few weeks.  

 I hope the good people of Manchester have the sense to boycott this ridiculous waste of money.

FYI, Jacqui has just handed over nearly £650,000,000 to IBM and SCS to build the ID databases, money well spent? (more)

Posted in Politics, Privicy, ID Cards | Print | 1 Comment »

06/04/2009 by The Daily Male.

You will be glad to know as of Today the fact that you have visited my blog is now recorded by your ISP and stored for the next 12 months. This is just in case you are an international terrorist who has mistaken my blog for a site that contains fiendish plots to bring down the UK government. Now I am all for bringing down this bloody awful government but I wish to do so via the normal democratic process. I am not saying I am somehow special by the way, in fact all of your web activity is being recorded by your ISP. And not just your web browsing but also your email, in fact every email you receive or send from now on will be logged and recorded. This is in addition to your mobile phone activity which is already being recorded by HM Government.

So, do you feel safer knowing that all your electronic communications are now being monitored, knowing that Gordon “IAM” Brown will be able to check back to see what You Tube films you have watched, who you are talking to on face-book, what news articles you are viewing on the BBC. Or, like me, do you feel this is just another nail in the coffin for freedom and privacy in this country. Will this actually be used for anti terrorist behaviour, or, like the Regulation of Investigatory Powers act, be used by local authorities to track down “Serious Criminals” such as those who would send their children to the wrong school. Perhaps a disgruntled and violent policeman will use it to trace his abused parner after she has gone into hiding. The one thing I can absolutely guarantee is this power will not once be used to trace or convict a terrorist. The truth is that criminals will hide their web activity behind web proxies and false email accounts so the only people being recorded is you and me, well as you read this it is actually just you. Feel safer?

So what next for Gordon, what new goodies does this paranoid PM have in store for us in the future? perhaps we should all have cameras in our houses, just like ID cards, if you have nothing to hide then you have nothing to fear, and I am sure most parents will be happy that some stranger in a CCTV monitoring room is there to watch your children getting dressed for bed, ensuring no harm comes to then. well what do you think? sounds okay doesn’t it? will you sleep safer at night under the ever watching eye of big brother?

BBC Article : http://news.bbc.co.uk/1/hi/technology/7985339.stm

Correction, It has been brought to my attention that the BBC News article was incorrect (it has now been corrected) and Mr B will not be collecting our web history, just our emails and phone calls, so that is okay then! 

Posted in Politics, Privicy, Technology, ID Cards, Society | Print | 1 Comment »

12/03/2009 by The Daily Male.

You may ask what gives me the right to pontificate about this, well, I have over 22 years and an IT professional and have worked with data and database in many industries and for many clients. I understand Data and Data Security in a way that makes most people want to kill themselves. The ID card system as defined by the government is flawed in so many ways but they spin the truth and lie about the benefits to try to deceive the public about the benefits of the system. In this article I hope I can explain in “Non techy” terms why the ID card scheme must be stopped.

Note: these are my thoughts alone and do not reflect any views or opinions of the no2id campaign group.

10. It won’t stop terrorism. Honestly, how could it, home grown terrorists will have legitimate ID cards and I am sure when they apply for one they will not state that their ambition is “… to bring down the state and install sharia law through random acts of mindless violence”. Foreign terrorists will not need an ID card so it can not help there.

9. It won’t stop organised crime. In fact the ID card will be just another tool of the trade of organised criminals. They will target ways to get their hands on ID cards or create fake ones in order to make money and continue their criminal activities.

8. It won’t stop ID theft. Far from it, in fact it may make things worse. If a criminal can duplicate your ID and falsify the electronic details they will have a piece of id that will make them unchallengingly you. You may argue that this is impossible because your details are also stored on a central register but as the system will hardly ever challenge the central data and will generally just check your identity against the data held on the card they will be able to fake your identity with more certainty.

7. It is not secure Part I. The government talks a lot about data security (at the same times as they lose millions of records of our private data) without actually explaining what that actually means. Let me try to explain, without sending you to sleep, why the system is insecure. Your most private and sensitive data will be copied from the secure central database onto a small plastic data chip card. The data on this card will be encrypted using a single key system, similar to the way your data is stored on a chip and pin card.  As you may or may not know the chip and pin algorithm has been cracked and because all the cards use the same algorithm that once you have cracked it once the  data on ALL the cards is accessible. The same will be true of ID cards, the criminal fraternity will be working overtime to crack the algorithm, once it is done the whole ID card system is compromised, the only solution is to re encrypt all the cards or re issue new cards, but any old cards will be compromised and there will be millions of them, how do you ensure these old cards are destroyed? and more importantly who is going to pay to issue all these new cards and dispose of the old ones? yes, you guessed it, us. And if you think it is impossible to break these codes then read on and I will explain how it can be done.

6 It is not secure Part II. So how do you crack a secure encryption system? well there are many ways, but the most important starting point is to have an example of encrypted data, well that is easy as there will be millions of them out there, the ID card itself. Next it would help if you have access to some device that decrypts the data, a sort of enigma machine if you will. Well again there will be thousands of them, the ID card readers. The first chip and pin decryption scams were achieved by modifying the hand held chip and pin readers. The next thing that would help would be “an inside man”. This may seem a bit far fetched but remember all these ID card readers will have to be manufactured by outside agencies and will almost certainly be made in China. There will be a lot of people in the manufacturing chain that will have access to the encryption algorithm data, I wonder how much it would cost to bribe or extort the data from a Chinese manufacturer. And remember, because this is a single key system (ie each card uses the same key to decrypt it) once one cards system is cracked, all cards are accessible. Even without the inside man it is likely the system will be cracked in a few years maybe only a few months, ask Sky TV how often they have to issue new viewing cards because hackers have broken the encryption systems.

5. It costs so much, maybe as much as 15 billion to create and maintain the system. Let me write that out in full to make it clear £15,000,000,000.00 . And if you lose your card you will HAVE to buy another at a cost of £40 or more. and if you move house you will have to tell the ID register and have a new card issued, more cost. Get married or change name, new card, more cost. Fail to do so will be a criminal offence with a hefty fine.

4. It isn’t voluntary. Oh yes it is, I hear you cry, OH NO IT ISN’T I reply in true pantomime style. The government say it is voluntary but in truth other, non ID card laws, are being created to give the police the right to demand to see your ID at any time thus enforcing compulsion via the back door.

3. It won’t stop benefit fraud. No, not even this, most benefit fraudsters do not lie about their identity but instead lie about their circumstances, how many kids they have, if they are working, if they are disabled, none of this will be stopped with the ID card.

2. It breaches every single rule of good Data Protection. You never, ever, ever, and I can not stress this enough, ever allow data to be copied from a secure central database onto a removable data store (be it card, cd, chip stick etc) unless you absolutely have to. Once data had be removed from the central store it is no longer secure, even if it is encrypted. When the data is still in the central database, you can control it, see who is accessing it, check that it is still accurate. Once the data is removed it is lost, you can  not know who has it, what it says and what it is being used for. It is no coincidence that ALL the embarrassing data loses that the government have committed over the years have ALL happened because data was taken from a secure central database and placed on a removable media. So what do the government propose to do, send out this data on millions of plastic chip cards, unbelievable!

And the big number 1, THE CARD IS THE WEAK LINK. Why have a card with a copy of my thumb print or retina scan on it when I pretty much always have my thumb and eye with me at all times. If the police want to check my ID then they can scan my thumb print, send the data to the central data along with my name and the central system can confirm my identity, simple, no need for any sensitive data to have ever left the database, WHAT IS THE BLOODY POINT OF THE ID CARD AND ALL THOSE OFFLINE READER MACHINES? Having a central database of all my data is bad enough and totally unnecessary in my opinion, but to then send all that data out via the post is like setting off a huge data bomb, it is utterly and totally moronic and doomed to failure.

Posted in Privicy, Technology, ID Cards, Society, Law & Disorder | Print | 1 Comment »