Need ID to see Joke ID card

A bunch of folks sent me links to this Photography License, which also found its way to BoingBoing:


Now, bizarrely, if you visit that page, Yahoo wants you to show your (Yahoo-issued) ID to see (Matt’s self-issued) ID.

It’s probably a bad idea to present a novelty version of a DHS document to law enforcement.

It’s a worse idea to live in a country where someone sees enough harassment of photographers to design such a thing so well.

The very worst idea, however, is to discover pressure to send the whole thing down the memory hole.

The Identity Divide and the Identity Archepelago

(I’d meant to post this in June. Oops! Chaos reigns!)

Peter Swire and Cassandra Butts have a fascinating new article, “The ID Divide.” It contains a tremendous amount of interesting information that I wasn’t aware of, about how infused with non-driving purposes the drivers license is. I mean, I know that the ID infrastructure, is, in essence and aim, an infrastructure of control. Even so, I didn’t realize how far it had gone as a tool of compliance enforcement.

There’s more to say than I can get into this blog post. Short form: go read it. Slightly longer form:

There are lots of details that are just great. For examples:

“The More ID checks in society, the more ID theft matters.” (page 11)

In a discussion of a 2005 deficit reduction act attempt to reduce medicaid fraud: “A GAO study instead found that the major effects of the program were higher administrative costs …and denial of medical benefits to eligible US citizens” (page 14)

“In addition, some state will not issue a state ID until a person has caught up on all outstanding payments due the staet, including traffic fines and child support payments. As ID requirements spread, persons who cannot afford to make all such payments may be denied the right to vote, to receive health insurance, or to become lawfully employed.” (page 16)

“…independent reviews of the E-Verify program have found that employers engage in prohibited employment practices…” (page 18)

My copy of this report is covered in markup, about “the computer is always right,” about linkability, about data shadows. In fact, about the only thing I don’t like is the title. I don’t think this is a divide, I think that identity has become an archepelago, a la the Soviet Gulag system.

In the preface to The Gulag Archepelago, Solzhenitsyn wrote:

And this archipelago crisscrossed and patterned that other country
within which it was located, like a giant patchwork, cutting into its
cities, hovering over its streets. Yet there were many who did not
even guess at its presence, and many, many others who had heard
something vague.

I think the argipelago is a better metaphor than a divide. A divide
exists, and most of us exist on one side of it. But the identity
archipelago! At a moments notice, we can be thrust onto its other
side. A phone call, a letter, and our identity’s connection to the
machine is broken. Our data shadow has sinned, and we are cast into
the archipelago, forced to learn its ways.

In conversation, Peter has said that the Gulag analogy is too over-used, which is a shame. Maybe identity is more like an accident–you’re driving along and 35 and boom, you wake up in the hospital. Maybe it’s more like a vase, dropped and you’re cutting yourself picking up the shards. What’s the right description for the fragile system we have where people get violently yanked into the nightmares?

[Comments have been closed because of a flood of spam against this single entry.]

Authenticating Alan Shimel is Certifiably Hard

Alan-Shimel.jpgAlan Shimel got hacked, and he’s blogging about it, in posts like “I’m back.” It sounds like an awful experience, and I want to use it to look at authentication and certificates. None of this is intended to attack Alan in any way: it could happen to any of us.

One of the themes of these posts is the difficulty of resolving the cases, especially when your password has been changed and your email accounts have been compromised. Alan’s spent a lot of time on the phone getting stuff cleaned up, and I’d like to look at that process a little.

Alan has various business relationships with organizations who know him only via email and credit cards, or perhaps with a PO. How should they handle a claim that an account has been hacked? How are they supposed to authenticate someone calling who doesn’t know the password, and wants to tie a new email account into the system? Doesn’t that sound like fraud? These organizations likely don’t know Alan’s driver’s license # or passport.

This problem isn’t hard because we lack technology, it’s hard because a networked system has emerged which makes it easy to do business all around the world with people you don’t really know. If Alan had a client cert, maybe that would have been stolen, too. If he had a smartcard, maybe that would have been attacked via a client-side trojan. He ran into these troubles, and documents them at Yahoo, in “Why Google is now my homepage instead of Yahoo:”

I have written and called to every address you can think of. They have asked for copies of my drivers license. They wanted all of my information when I first applied for an account (yes from 12 years ago). I have had to give them every email address I ever had (anytime you fill out information for a new account you should make a record of it and keep it somewhere safe. Don’t ask me where, but somewhere safe). Every mail address and zip code I have had. I sent them the answer to every secret question I can think of, but they won’t give me the question they want to answer. I sent them the hackers post bragging about getting my email account.

There may well be multiple guys named Alan Shimel out there-just seeing a faxed copy of a license isn’t very good authentication.

All we have in distant and simple relationships is persistence and that’s not that strong. We also have what Alan used, which is webs of trust. He called people who knew him and had them call people he knew:

As I have written earlier, I was lucky in that I was able to call on people to help me out. For instance my friends at FeedBurner/Google, Matt Shobe and Dick Costollo, quickly took control of my FeedBurner accounts, including the SBN feed. They were also to get someone live at Typepad to allow me to take back the blog. This took more time than it should have though. Until the Feedburner reached out to someone, the Typepad support team just kept sending a new password to mailboxes that the attackers controlled, even though I was mailing them from my stillsecure mail box! You could not get any of these people on a phone. Very frustrating! (“Our web infrastructure needs to be at public utility levels“)

Now, persistence and webs of trust seem like bad business models. They’re not easy to manage with regards to liability and contracts, but they are a great representation of how the world really works.

Closely related: “Certifiably Silly,” and “I’m certifiably wrong.”

Watchlist Cleaning Law

Former South African President Nelson Mandela is to be removed from U.S. terrorism watch lists under a bill President Bush signed Tuesday…
The bill gives the State Department and the Homeland Security Department the authority to waive restrictions against ANC members.

This demonstrates that greater scrutiny must be placed on the decisions about who gets placed on terrorist watch lists and other government blacklists. It took a long time for Nelson Mandela to get off the list, and I wonder whether anybody who isn’t of Mandela’s stature stands a chance getting off the list. The story also raises questions about just who is designated a terrorist. There must be greater accountability in creating these lists.

(Dan Solove, “U.S. Government Finally Recognizes that Nelson Mandela Isn’t a Terrorist.”)
I fully agree with what Dan says, and would extend it to creating, maintaining and using such lists. But I wanted to comment on something which struck me. The story says (accurately) that the law “gives the State Department and the Homeland Security Department the authority to waive restrictions,” and also states the sense of Congress. Why doesn’t the bill simply order the removal of all such people, and give them actionable rights if they aren’t removed?

The bill is HR 5690.

UK Passport Photos?


2008 and UK passport photos now have the left eye ‘removed’ to be stored on a biometric database by the government. It’s a photo that seems to say more to me about invasion of human rights and privacy than any political speech ever could.

Really? This is a really creepy image. Does anyone know if this is for real, and if so, where we can read more?

Photo: Alan Cleaver2000

Praises for the TSA

We join our glorious Soviet brothers of the TSA in rejoicing at the final overthrow of the bourgeoisie conception of “liberty” and “freedom of expression” at the Homeland’s airports.

The People’s Anonymous Commissar announced:

This change will apply exclusively to individuals that simply refuse to provide any identification or assist transportation security officers in ascertaining their identity.

This new procedure will not affect passengers that may have misplaced, lost or otherwise do not have ID but are cooperative with officers.

…Passengers that fail to comply with security procedures may be prohibited from entering the secure area of airports to catch their flight.

(“TSA Announces Enhancements to Airport ID Requirements to Increase Liberty“)

Commissar Hawley stated “with this advance, we overcome the latest tactic of the counter-revolutionary, and ensure that our internal passport system is fully functional.”

He went on to explain that this enhances our first ammendment rights to free expression by ensuring that all free expression will be supportive of the new policy, and that under United States v. Biswell, 406 U.S. 311 (1972), a comrade’s entry into a perversely pervasively regulated area permits content-based speech restrictions.

We are also renaming this blog “Imposed Order.”

It is the policy of Imposed Order that all comments will be supportive of this policy and the new name for the blog.

News via Gary Leff. Image via Lenin Internet Archive.

The Costs of Security and Algorithms

I was struck by this quote in the Economist special report on international banking:

There were navigational aids to help investors but they often gave false comfort. FICO scores, the most widely used credit score in America, were designed to assess the creditworthiness of individual borrowers, not the quality of pools of mortgages. “’Know your customer’ is a staple of banking that has largely been forgotten because of the disaggregation of the supply chain,” says Mark Greene, the chief executive of Fair Isaac, the company behind FICO scores. (“Ruptured credit)

“Know your customer” actually hasn’t been forgotten, it’s been co-opted. It’s been co-opted by the “AML” (Anti-Money Laundering) crowd. (The Google search is also fascinating. Look at all those ads!) But “know your customer” has been co-opted by the surveillance state. The people who want to know where your money is going in case they need to investigate you.

Bruce Schneier has a 5 step process for evaluating security:

  1. What problem does it solve?
  2. How well does it solve the problem?
  3. What new problems does it add?
  4. What are the economic and social costs?
  5. Given the above, is it worth the costs?

To be clear, the whole idea of AML doesn’t pass this test. But let’s set that aside, and test the re-definition of knowing your customer. We can then look at step 2 and 3, and ask “is re-defining a known element of good advice worthwhile?” I don’t think it is. I think it’s an example of how we let process and algorithms replace clear thinking.

It used to be that part of getting a mortgage was talking to a banker. You talked to an officer of the bank who was going to be collecting money from you for twenty years. And he made a call. That’s been replaced by the FICO algorithms and checking your ID. There’s now a process and an audit trail. And there’s no common sense. There’s no senior person who can see trends. To be fair, with common sense, it’s become harder to impose racist lending standards. That senior person can’t imagine trends.

Back to the topic at hand, we’ve moved from “know your customer” as sage advice to trite bits of checklist faux diligence. We’ve lost something important.

Really, what we’ve done is substituted a knowing a person with a knowing their data shadow. That’s not the only problem, but it’s one of a set of synergistic changes that will cost us hundreds of billions to clean up.

(Data shadows is a great term, defined by Alan Westin. Bruce Schneier used it recently in his excellent essay “Our Data, Ourselves,” which I hope to shadow shortly.)

Image: “Sinister,” by Adactio.

Saving the Taxpayers Money

The Washington Times reports, “Outsourced passports netting govt. profits, risking national security.” It is the first of a three-parter.

Interesting comments:

The United States has outsourced the manufacturing of its electronic passports to overseas companies — including one in Thailand that was victimized by Chinese espionage — raising concerns that cost savings are being put ahead of national security, an investigation by The Washington Times has found.

The Government Printing Office’s decision to export the work has proved lucrative, allowing the agency to book more than $100 million in recent profits by charging the State Department more money for blank passports than it actually costs to make them, according to interviews with federal officials and documents obtained by The Times.

The GPO tells us we don’t need to worry, because the blanks are moved by armored car. I feel better already, but can’t stop giggling.

Because RealID Isn’t Good Enough

Apparently we need not one, but two national ID cards. Illinois Reps. Mark Kirk and Peter Roskam (may they not get re-elected in November) are introducing legislation that would mandate that Social Security cards have “a photograph and fingerprint, as well as a computer chip, bar code and magnetic strip.”

The cards would be modeled after the Common Access Card issued by the Department of Defense, mostly to active military reserve members and their dependents, said U.S. Rep. Mark Kirk (R-Ill.), a sponsor of the bill. Current Social Security cards have limited security features and have no photo or biometric data, he said.

Perhaps Mr Kirk, should refresh his memory on the purpose of Social Security cards. There’s a reason that they prominently say “FOR SOCIAL SECURITY PURPOSES * NOT FOR IDENTIFICATION” across the front of them.,
“One of the ways that modern criminals use to attack … is by falsifying or counterfeiting Social Security cards,” Kirk said. “We think that a Social Security card should be hard to forge [and] that it should also make it easy to catch an identity-theft crime.”

This sounds all well and good but it’s just patently false. This is actually an attack on illegal immigration. The only main people are asked to show Social Security cards is for jobs and the main market for falsified or forged is for illegal immigrants to get jobs. Identity thieves don’t forge social security cards, all they need is the number itself. Shame on the Tribune for not digging deeper.
[Image from the above linked Tribune article]

Australia dumps National ID


Opponents of Australia’s controversial Access Card received an early Christmas present earlier this month when the incoming Rudd Labor Government finally axed the controversial ID program. Had it been implemented, the Access Card program would have required Australians to present the smart card anytime they dealt with certain federal departments, including Medicare, Centrelink, the Child Support Agency, or Veterans’ Affairs. (“Australia’s controversial national ID program hits the dumpster,” Ars Technica)

Congratulations to the people of Australia. Now let’s hope the UK and US pick up on a winning trend.

Picture by Drewsta.

Sammer at Officer Candidate School

Those of you who don’t know Sameer Parekh can ignore this message. For those of you who do, he’s joined the Marines and is attending Officer Candidate School, and would appreciate your letters:

He does not have access to email or phone. Please send him snail mail (US mail) as often as you can. He will reply whenever he can from his OCS training. Your letters would be a good morale booster for him. Please address the mail exactly as shown below-

Candidiate: Parekh, Sameer, G /2263
Officer Candidate School, A Company, 2 Platton
2189 Elrod Avenue
Quantico, Virginia 22134-5033

Fake Steve and Real Mackey

So with the small, literal men at the New York Times poking through the veil of anonymity that allowed Fake Steve to produce the best blog since “The Darth Side,” we have a serious threat to the stability of the republic, which is the false hope that by assigning people names, we can control them. Prevent the random, the funny, the disrespectful. The powerful have always hated having fun poked at them by the anonymous. They forget that anonymity acts as an important social valve, allowing people to share ideas without retribution.

John Mackey took a different approach. He didn’t blog, but engaged in conversation on a message board about his company.

I think it’s a good thing to be able to hear from CEOs shedding their spin, from journalists freed of their need for access, and everyone else who wants to put forth their own words to stand or disappear on their own strength.

Fake Steve is a little less interesting since the unveiling. The posts about immortality were a nice touch, but, I thought, over-wrought.

Global Biometrics Database, Coming to Soon to You

Raiders News Network quotes an Interpol press release, “G8 Give Green Light For Global Biometric Database:”

MUNICH, Germany – G8 Justice and Interior Ministers today endorsed a range of vital policing tools proposed by Interpol Secretary General Ronald K. Noble aimed at enhancing global security.

Secretary General Noble exposed the global problem of prison escapes of terrorists and other dangerous criminals not being promptly and adequately reported to police worldwide, thereby placing the citizens of all countries potentially at risk.

‘Moreover, the absence of a global protocol on sharing vital information such as fingerprints and photographs of escaped prisoners, including terrorists, constitutes a serious threat to the safety and security of citizens worldwide,’ he added.

Note the subtle use of the terrorist card. Note the utter lack of any mention of privacy, wrongful convictions, or the reality that refuseniks and dissidents will end up in the database, harrassed when they show up in other countries.

Don’t worry, your national ID registers won’t be checked against the database until computer power becomes a lot cheaper.