Cyber ID? Uniform ID? National ID?

About: obama eyeing internet id for americans - tech talk - cbs news

Maybe not yet, but why not DHS or some cybersecurity within? Centralized regulation will only provide a march toward stupidity just like previous marches & surely a greater loss of privacy.  Unspecified is access to what a person spends on the internet (& what will get more taxes) & who gets on the no-fly list by accidental intention. The original draft might be here. The question of who gets exempted is raised by me!

<== credit.

Tags

  1. cyber id
  2. national id
  3. identity

Comments


Seth says
Well, imho, we certainly do need to rethink how identity on the nets works!   Lots of groups are working on that.  I believe the W3C has a working group on it now, also the group that i mention in A call for identity on the web ....  I would prefer that it not be done by the governments ... at the same time i don't particularly like the way the Googles and the Micorsofts and the facebooks are meshing together to not solve the real problems for us people. 

Mark de LA says
Yep, it would be nice here at fbi to access many groups with one ID. From your speaktomecatalog.com perspective there may be other needs although I thought that the billion$$$ Internet sales/yr business testifies that it is solved fairly well. It should be an opt in process for the user's convenience.  As with Obamacare, I don't think Big Government is apt to let that happen in the final system.


Seth says
U 2011-01-10 13:53:17 14806

If you can remember one sentence you've got it solved.  It has been said that the hardest code to crack is a simple long sentence.  Of course if you are likely to use well known quotes you might increase the odds of cracking it.  With a hardware/software solution where a dongle is needed it increases the odds in your favor.
So are you supposed to remember a sentence for every website you identify yourself to?

U says
seth 2011-01-10 14:02:08 14806
U 2011-01-10 13:53:17 14806

If you can remember one sentence you've got it solved.  It has been said that the hardest code to crack is a simple long sentence.  Of course if you are likely to use well known quotes you might increase the odds of cracking it.  With a hardware/software solution where a dongle is needed it increases the odds in your favor.
So are you supposed to remember a sentence for every website you identify yourself to?

The one sentence is like a master password.  At some part of the design you will have to remember something.

Seth says
Well we need a effective cyber Id. There are lots of problems with user/password scheme that is working now. There is a big question who should issue them.

U says
Doesn't or couldn't Verisign do stuff like that? People naturally look to government for collective stuff, but private enterprise & collective enterprise would be my solution.

Seth says
U 2011-01-10 08:47:18 14806
Doesn't or couldn't Verisign do stuff like that? People naturally look to government for collective stuff, but private enterprise & collective enterprise would be my solution.
Yes Verisign could do it ... actually does, they currently will issue you a individual certificate of identity, i believe. 

At one level, issuing a individual identity string (certificate), is just a mechanical function ... just an app.  If you get an app that you trust on your devise, you can (should?) be able to mint your own identity strings at will.   The question then is what sites on the net will accept that identity string to know that whenever you communicate it to them you are the same person.  So, if that is our assumption, then the question becomes: How do we get the big companies to adopt such a standard when is does not necessarily appear to work immediately to their business advantage?  It is interesting to grock just how big of a technological/political question that actually is.

U says
I still haven't identified the pain motivating such attention on this subject. Who needs it & why? Just because it is feasible or nice doesn't mean is should be done.  A free market means that those things that make business sense will show up sooner than those that don't. Why should the government standardize it?


Seth says
U 2011-01-10 11:15:50 14806
I still haven't identified the pain motivating such attention on this subject. Who needs it & why? Just because it is feasible or nice doesn't mean is should be done.  A free market means that those things that make business sense will show up sooner than those that don't. Why should the government standardize it?

  • User/password is too easy to hack
  • Users abuse it by using same password all over
  • Too hard to remember which passwords you use at different sites
  • hard to remember from devise to devise
  • and the biggie:  Does not work across different domains.

Seth says
a bit of tweet art ... can i express the essence of my point in a tweet ...
source my tweet

... me thinks i did it


U says

There are already hardware/software systems that generate random passwords each time you use them. I think webroot does that http://news.cnet.com/8301-19518_3-20011726-238.html

Seth says
and for a little humor in this regard ... read the whole series here ...



Seth says
U 2011-01-10 12:27:15 14806

There are already hardware/software systems that generate random passwords each time you use them. I think webroot does that http://news.cnet.com/8301-19518_3-20011726-238.html
Wow that's absolutely no solution to anything that i have mentioned here.  Hint: what is the method people need to use to remember randomly generated passords to reauthenticate themselves?

U says

If you can remember one sentence you've got it solved.  It has been said that the hardest code to crack is a simple long sentence.  Of course if you are likely to use well known quotes you might increase the odds of cracking it.  With a hardware/software solution where a dongle is needed it increases the odds in your favor.

Seth says
U 2011-01-10 14:46:46 14806
seth 2011-01-10 14:02:08 14806
U 2011-01-10 13:53:17 14806

If you can remember one sentence you've got it solved.  It has been said that the hardest code to crack is a simple long sentence.  Of course if you are likely to use well known quotes you might increase the odds of cracking it.  With a hardware/software solution where a dongle is needed it increases the odds in your favor.
So are you supposed to remember a sentence for every website you identify yourself to?

The one sentence is like a master password.  At some part of the design you will have to remember something.
Nope, there is not really any string that needs to be remembered with the  modern identity systems that are being proposed. 

Thing to grock here is that you really do change what we are talking about when you introduce the idea that you use the same identity in whatever domain you converse.  Without that idea in the mix, then the problems with name/password just does reduce to learning how to make up hard to guess passwords and how to remember them.  Those of y'all who master that learning will not have any problems with staying with this old system that kind of works ... and those who do not master it, will just be vunerable to loosing access to their sites and getting hacked.

C says
So are you just proposing a system for those with bad memories.  Write it down somewhere! Maybe a pack of sticky notes - co$t 95 cents.
If in your system there is nothing supplied by you like a password, anyone can get in unless you give up a DNA sample each time & other biometrics upon demand. 


Seth says
C 2011-01-10 17:56:41 14806
So are you just proposing a system for those with bad memories.  Write it down somewhere! Maybe a pack of sticky notes - co$t 95 cents.
If in your system there is nothing supplied by you like a password, anyone can get in unless you give up a DNA sample each time & other biometrics upon demand. 

We all have limitations to our memories when it comes to registering at lots of different sites, some of which we may not visit again for many moons.  Most people end up reusing the the same word, but that has its limitations .... not to mention that it is just a nuance.

Your sentence "If in your system there is nothing supplied by you like a password, anyone can get in unless you give up a DNA sample each time & other biometrics upon demand" is far from true.  One way this is done is with digital certificates that are stored on your devise.  These are like the certificates that websites get to close the little lock icon when they transmit information securely with the SSL protocol your browser uses when you visit a URL starting with HTTPS.   These are not like a password because you don't need to remember them. 

And yes, biometrics would be good too ... i could get a fingerprint app for my pad right now and lock it so that nobody could compromise my security even if they stole my pad ... so any certificates on the devise would in fact be secured by my DNA .

C says
Without biometrics which provide exact ID or physical security, like you lock up your computer (or your dongle or both) in an impenetrable vault, there isn't much else that can't be hacked.

Seth says
For example this is the kind of thing that i am looking for ...
source: emailed to the [foaf-protocols] list
W3C is pleased to announce the creation of the WebID Incubator Group, whose mission is to further advance for full standardization the WebID protocol, an authentication protocol that uses the SSL/TLS layer for user identification by tying the client to a profile document on the Web through placing a URI in a certificate. The following W3C Members have sponsored the charter for this group: The Apache Software Foundation, DERI Galway, Garlik, INRIA, Nokia, OpenLink Software, Talis, Telecom Italia SpA, and Vrije Universiteit Amsterdam
... more information in the Charter.

Note that with this scheme the identity string is in the client's devise and/or browser.  You're not supposed to have to depend on a Google, Facebook, twitter or Micorsoft company to give you your identity identifier.


Mark de LA says
Part of the argument over ID viewed through the lens of DRUDGE:
BBC: 'Barcode Everyone at Birth' with 'implanted chips'...

Bilderberg Pushes Mandatory Internet ID for Europe...

Bars using new app and hidden cameras to scan customers' faces...



See Also

  1. Thought Win Win Interactions with others with 252 viewings related by tag "identity".
  2. Thought Eropa with 81 viewings related by tag "identity".
  3. Thought Anonymity Vs Identity with 79 viewings related by tag "identity".
  4. Thought about: Unhacking Wars - comment 67183 with 71 viewings related by tag "identity".
  5. Thought about: re: should webids denote people or accounts? from seth russell on 2014-05-17 (public-webid@w3.org from may 2014) with 31 viewings related by tag "identity".
  6. Thought A New Respect for The Specific with 17 viewings related by tag "identity".
  7. Thought seth@thinking.live with 12 viewings related by tag "identity".
  8. Thought Patty as Me with 9 viewings related by tag "identity".
  9. Thought Funny Surprise on Signing my name with 7 viewings related by tag "identity".
  10. Thought identity crisis with 3 viewings related by tag "identity".
  11. Thought about: logically speaking with 3 viewings related by tag "identity".
  12. Thought about: Gravatar - Globally Recognized Avatar with 2 viewings related by tag "identity".
  13. Thought about: REpresentation - comment 57743 - comment 57813 with 2 viewings related by tag "identity".
  14. Thought Moving Parts create Possibilities. with 2 viewings related by tag "identity".
  15. Thought Feature: Roaming profiles are here with 2 viewings related by tag "identity".
  16. Thought Kim Cameron with 1 viewings related by tag "identity".
  17. Thought about: NetMesh: Light-Weight Digital Identity (LID) with 1 viewings related by tag "identity".
  18. Thought My Foaf with 1 viewings related by tag "identity".
  19. Thought Identity Management SSO with 1 viewings related by tag "identity".
  20. Thought fidenity with 1 viewings related by tag "identity".
  21. Thought about: Real ID Act Approved By House Of Representatives - Gizmodo with 0 viewings related by tag "identity".
  22. Thought the Identity Web vs mutually resonant entities with 0 viewings related by tag "identity".
  23. Thought about: Identity 2.0 ? Firefox 2.0 and Identity 2.0 with 0 viewings related by tag "identity".
  24. Thought about: On OpenID and comment policies | Decentralized Information Group (DIG) Breadcrumbs with 0 viewings related by tag "identity".
  25. Thought about: Identity, Reference, and the Web (IRW2006) Workshop with 0 viewings related by tag "identity".
  26. Thought Bozo Faust with 0 viewings related by tag "identity".
  27. Thought Author has been lost from headers - IDENTITY crisis with 0 viewings related by tag "identity".
  28. Thought FOAF with 0 viewings related by tag "identity".
  29. Thought What are the limits of liberty? with 0 viewings related by tag "identity".
  30. Thought about: Kim Cameron's Identity Weblog with 0 viewings related by tag "identity".
  31. Thought Identify Crisis! with 0 viewings related by tag "identity".
  32. Thought about: cis-berkman - The Identity Gang with 0 viewings related by tag "identity".
  33. Thought how would a global author screen name work? with 0 viewings related by tag "identity".
  34. Thought Yet Another Distributed Identity System with 0 viewings related by tag "identity".
  35. Thought OpenID with 0 viewings related by tag "identity".
  36. Thought There is a whole lot of confusion about which of these URIs you can use, and where you can use them, to identify yourself. with 0 viewings related by tag "identity".
  37. Thought The dynamics of an Internet Cafe with 0 viewings related by tag "identity".
  38. Thought distributed identity fastblogit style with 0 viewings related by tag "identity".
  39. Thought group quads project with 0 viewings related by tag "identity".
  40. Thought Another Idea with 0 viewings related by tag "identity".
  41. Thought the proposed right to have any linkage of my persona within a service to my physical identity removed if I close my account with 0 viewings related by tag "identity".
  42. Thought Me represented in the Linked Data Cloud with 0 viewings related by tag "identity".
  43. Thought A call for identity on the web ... with 0 viewings related by tag "identity".
  44. Thought about: Sam Ruby: Identity System Discovery with 0 viewings related by tag "identity".
  45. Thought about: sourceforge.net: search with 0 viewings related by tag "identity".
  46. Thought Newsfighter with 0 viewings related by tag "identity".
  47. Thought the trans domain identity wish with 0 viewings related by tag "identity".
  48. Thought about: kingsley idehen - google+ - youid 1.3.0 is live! with 0 viewings related by tag "identity".
  49. Thought infocard with 0 viewings related by tag "identity".
  50. Thought about: what is salient identity? with 0 viewings related by tag "identity".