Day: May 22, 2006

From Gunnar Peterson at 1 raindrop… 

This is ridiculous. Yahoo:

“Thieves took sensitive personal information on 26.5 million U.S. veterans, including Social Security numbers and birth dates, after a Veterans Affairs employee improperly brought the material home, the government said Monday.
…
“Nicholson said there was no evidence the thieves had used the data for identity theft, and an investigation was continuing.”

Sure they are probably just using it as a test bed for arbitarily large data sets for a charitable open source projectRamona Joyce, spokeswoman for the American Legion, agreed that the theft was a concern. “In the information age, we're constantly told to protect our information. We would ask no less of the VA,” she said.

Nicholson declined to comment on the specifics of the incident, which involved a midlevel data analyst who had taken the information home to suburban Maryland on a laptop to work on a department project.
…
“I want to emphasize there was no medical records of any veteran and no financial information of any veteran that's been compromised,” Nicholson said, although he added later that some information on the veterans’ disabilities may have been taken.
…
Sen. John Kerry, D-Mass., who is a Vietnam veteran, said he would introduce legislation to require the VA to provide credit reports to the veterans affected by the theft.

“This is no way to treat those who have worn the uniform of our country,” Kerry said. “Someone needs to be fired.”

Sorry, but firing people is not going to fix this problem. Instead, maybe GWB could increase his popularity by adopting Pete Lindstrom's modest plan to Eliminate the SSN Facade. And while we are at it, why not write the Laws of Identity into the Constitution? Ok, maybe not on that last one, but how about we use the Laws in the systems we build?

Regular readers know I am a great fan of the “there was no evidence the thieves had used the data for identity theft” line.  Oh.  And just one more thing.  Please refrain from taking the munitions home with you for the weekend. 

Paul Madsen's ConnectID takes me to task in a piece called “If you prick us, do we not breed?” 

It seems Microsoft does not believe we Canadians have children.

Perhaps this is part of ‘the plan’, discourage non-Americans from population growth by turning off for us all software features that facilitate family-based identity management? Brilliant!

For myself, simply knowing that I'd be on my own in the raising of additional offspring makes me feel less inclined to do my “bit” for Canada.

Or maybe this is directly at Kim‘s instigation? Some long festering grudge against his homeland? Was he forced to go to the States for some two-tier medical procedure and carries his resentment to this day?

Some might have dismissed this complaint as a being merely specious, but out of completeness I did a search and found this shocking statistic:

Canada's birth rate fell two years ago to its lowest level since 1921, when the agency began keeping records, according to Statistics Canada.  The federal agency said on Monday that Canada's “crude birth rate,” which measures the number of live births per thousand Canadians, fell to 10.5 in 2002.

The rate declined by slightly more than a quarter in the decade between 1992 and 2002, according to the report.

In 2002 Canadian women gave birth to 328,802 babies, down 1.5 per cent from the year before. It was also the eleventh decline in 12 years.

Canadians, I am confident that it was not the conscious intent of my colleagues in Windows Live to further erode the Canadian birthrate.  And remember that the statistics cited date from before the NHL strike, which left the nation – rather, nations – with nothing to do on Saturday nights, meaning the situation may well be on the mend – even without my intervention.  None the less, I'll check into this and get back to you.  Personally I take it as a good sign that there is some differentiation between what is served up in the various markets.

Speaking of Windows Live ID, a lot of thinking and refinement has been going on there recently with respect to identity.  My colleagues have written a white paper which I'll share with you over the next few days.

From techworld.com, here is piece on a leading IBM researcher who has reached the same conclusions I have in evaluating the design of the current proposal for UK identity cards.  Putting privacy issues aside for a moment – as important as they no doubt are – he is repulsed by the design from a security point of view. 

He couldn't be more right.  My central “aha” in studying the British government's proposal was that the natural contextual specialization of everyday life is healthy and protective of the structure of our social systems, and this should be reflected in our technical systems.  A technology proposal that aims to eliminate compartmentalization rejects one of the fundamental protective mechanisms society has evolved.  The resulting central database, where everything is connected and visible to everything else, is as vulnerable as a steel ship with no compartments – one perforation, and the whole thing goes down.

The starting point for a security thinker is that there will be perforations.  In low value systems, the breach will come from neglect.  In a high value system, there will be conscious attacks mounted both from without and within, and one must assume that one of these will succeed.

Our art consists in reducing the frequency of such perforations, and – once a breach occurs – minimizing the damage that is done.  The current British proposal masterfully maximizes such damage, like a fire extinguisher full of gasoline.   

IBM researcher Michael Osborne, whose job is research into secure ID cards, slated the UK government's ID cards scheme on the grounds of cost, over-centralisation, and being the wrong tool for the job.

Based in Big Blue's Zurich research labs, where the scanning tunnelling microscope was invented and won its inventors a Nobel Prize, Osborne said that the problem is neither the cards nor the fact that the scheme is intended to use biometric technology.

The big issue is that the UK government, plans to set up a central database containing volumes of data about its citizens. Unlike other European governments, most of whom already use some form of ID card, the central database will allow connections between different identity contexts – such as driver, taxpayer, or healthcare recipient – which compromises security. Centrally-stored biometric data would be attractive to hackers, he said, adding that such data could be made anonymous but that the UK Government's plans do not include such an implementation.

Osborne added that biometric technology is still immature. “It's not an exact science”, he said. In real world trials, some 10 per cent of people identified using iris recognition failed to enrol – which means the system didn't recognise them. Even fingerprinting is no panacea, as four per cent failed to enrol. Scale that up to a whole population – the UK contains nearly 60 million people – and the problem of biometric identification becomes huge, he said.

Osborne also criticised the government for the potential cost of the system. He said that it will cost a lot more than anyone thinks, pointing out that a project of this size hasn't been tried before, so the government's projected costs are not necessarily accurate.

Finally, Osborne also used a dozen criteria, including whether or not such as system is mandatory or time-limited , to show that on all but two, the UK Government's scheme fails – even before controversial civil liberties issues are considered.

And as for whether ID cards are the right tool to defeat terrorists in the first place, security expert Osborne said: “ID cards won't solve the problem because terrorists don't care about identification – and they'll have valid IDs anyway. The issue is the central database.

“But no-one knows if it'll work, or if it'll be accurate enough – it's more about perceived security than actual security.”

Osborne suggested an alternative, which involved keeping the data on the card. With such a system, only the template is downloaded and identity processing happens on the card using Java and local data rather using centralised storage and processing.

He added that since terrorists wanted to be identified, having an ID card was unlikely to be a deterrent. “However, in some previous studies, some criminals were found to be deterred by the need to possess an ID card.”

Osborne's remarks were made in a personal capacity during a visit to the Zurich labs, and did not reflect IBM's corporate viewpoint.

Just by the way, I always have trouble with the “in a personal capacity” disclaimer.  Michael Osborne presumably says the same things about the matters in which he is expert whether at work or not.  IBM should just let him speak freely as the researcher that he is – and learn, as should we all, from what he says.