infinite ideas machine

Re-posted from archive of infinite ideas machine 2004:

Mr Lettice’s delicious ‘How to fool ID card system – give a false ID, say UK gov’ article in El Reg points out just how useless / ineffective / unadministrable(? you know what I mean…) ID cards will be, unless it is made compulsory to carry them or, e.g. the police get to carry portable (NIR-connected) biometric scanners.

If David Blunkett thinks that the police are going to be happy to take the flak that this fundamental change in their relationship to the general public would cause, then he is sadly mistaken. In fact, it was precisely the routine stopping of law-abiding citizens and requiring that they show their ID papers that brought the wartime scheme to an end in 1953!

As the Lord Chief Justice of the time said, “such action tends to make the public resentful of the acts of the police and inclines them to obstruct them rather than to assist them”. And that was back in the far-more-respectful-of-authority ‘good old days’…

Re-posted from archive of infinite ideas machine 2004:

It’s a few months old now, but the salient points of ‘The emerging use of biometrics’ in The Economist still have a bearing:

Biometrics still do not work well enough for many applications in which they are being deployed.

UKPS biometrics trial, anyone?

Biometrics have not yet spread beyond such niche markets, for two main reasons. The first is the unease they can inspire among users. Many people would prefer not to have to submit their eyes for scanning in order to withdraw money from a cash dispenser. The second reason is cost.

I wonder if MORI had asked ‘Do you want to be fingerprinted and have your iris scanned and have both kept in a Government database?’ instead of ‘Would you have an ID card?’ whether 80% of people would have said ‘yes’?

And as for cost – £3.1 billion? And the rest…

Governments either do not believe that the costs of biometrics still outweigh any potential benefits or, more likely, fearing more terrorism they simply do not care.

A classic knee-jerk reaction, but one that even Blunkett is having to play down these days. As the author says later in the article, “[it] is difficult to avoid the conclusion that the chief motivation for deploying biometrics is not so much to provide security, but to provide the appearance of security.” N.B. for ‘terrorism’ read also ‘illegal immigration’, ‘illegal working’, etc.

The oldest biometric is the one we use most frequently—a person’s face. But while recognising faces is something that people can do easily, computers find it very difficult.

Recognising faces is something we are built to do (from the neurones up) but what we do is much, much more than simply recognise someone’s face – we connect memories, have feelings and opinions about people and can build relationships with them over time. Computers compare pixels, measurements and database records according to fixed rules – nothing more. And only one of these provides a real basis for trust.

It is only logical to expect biometric passports and visas to take a multibiometric approach.

Precisely because of the limits of each individual method! And they make the highly significant point also that, “…[the] other critical choice, driven by the limitations of biometric technology, is that these biometrics will be used for verification, not identification. That is because identification is simply not feasible with databases containing millions of users.” [emphasis added]

There’s lots more good stuff here, including a digestible run-down of the most common biometric methods – well worth a read.

Re-posted from archive of infinite ideas machine 2004:

Trevor Mendham at The Chestnut Tree points out today’s Independent article ‘Blair to push Europe Bill before election’ [article now behind paywall], in which it is reported that Tony Blair “…has asked ministers to give top priority to two Bills in the Queen’s Speech in November for a parliamentary session that would be cut short by the election. The Bills cover the new EU treaty and David Blunkett’s controversial plans for identity cards.”

David Blunkett is quoted as saying – shortly after the Madrid bombing – that the cards would probably be introduced “more quickly even than we anticipated, and that is because we are living in a new world and with a new threat that we have to take account of.”

Yet since the introduction of the Draft Bill, in his evidence to the Home Affairs Committee, and twice (that I have heard myself) in radio interviews Blunkett has been forced to downplay ID cards’ role in combating terrorism, and illegal immigration and working – the supposed primary purposes of the scheme! There may have been a subtle shift towards identity fraud as a justification – but this is only AFTER the mainstream media seems to have swallowed at least some of Blair and Blunkett’s ‘no significant civil liberties objections’ assertions of last month.

It is quite clear that not only do the Government not acknowledge the serious concerns of a wide range of people – including those within their own party, CESG (111 KB PDF, published by the Government’s own Information Assurance Technical Authority, part of GCHQ), the Law Society, the British Computer Society and many others, expressed during and since their so-called ‘consultation’ period – but that they want to railroad the legislation through without engaging in either proper debate or a realistic assessment of the scheme – e.g. its security model (and alternatives!), the capabilities of the various technologies proposed, etc.

Surely even those in the ‘if you haven’t done anything wrong, you haven’t got anything to fear’ camp (which I refuse to believe is actually 80% of us, when asked the right question) would agree that there needs to be transparent and rigorous examination of any proposed scheme’s practicalities, and free and informed debate on all of the legal and civil liberty issues.

This legislation is so flawed in principle, the scheme so misconceived in practice and both have such far-reaching implications (it’ll be your kids & grandkids that feel the weight of this, folks!) that only something as momentous and controversial as the Europe Bill could possibly mask the rotten stink of its passing.

It’s an Information Society, people, but that doesn’t mean that the Government has a monopoly on – or even grasp of – truth and common sense. It certainly doesn’t mean that they have the right to issue me with my ‘one, true’ identity, based on something of mine that they have (forcibly) taken from me. The choice is pretty stark – resist now, or run the risk of finding it increasingly difficult to resist this and any future Government (of ANY party or persuasion) legislation or measures with which you and your descendents might disgree.

Re-posted from archive of infinite ideas machine 2004:

Last Thursday’s article in the Times, ‘Long eyelashes and watery eyes thwart ID card technology’ and Lucy Sheriff’s take on it in El Reg report a (predicted) 7% failure rate in the iris recogniton part of the current UKPS biometric trials.

Hardly reassuring, even at this early stage of testing – but clear indication of why the Government wants multiple biometrics to be stored in the National Identity Register and on ID cards. This sort of failure rate scaled up across the population and number of identifications / authentications would seem to make for a system that was actually worse than useless!

You begin to see where the Government, like many others before them, (including myself, the first time I encountered biometrics / smartcards in systems design) may have got their security model wrong.

To get around these ridiculous failure rates, they think (or are told), why don’t we put a copy of a good biometric reading on a smartcard? Its digital, therefore a perfect reproduction, and can then easily be compared with a record in the NIR – where we get impressively low failure rates – even if we can’t get a good reading from the person who has presented the card to us on that particular occasion.

Wake up! You’ve just created a system vulnerable to (even inviting) precisely the sort of fraud you are attempting to eliminate – but just because you’re using these fancy new biometrics, you think you’ve created a more secure system. So you promote it in ignorance – believing in the ‘magic’ of technology, while flying in the face of logic.

Here’s how it really goes:

The minute you capture a biometric – e.g. fingerprint, iris scan, facial photograph – and make a copy of it, you are turning a ‘something you are’ into a ‘something you (or I) have’. If, and only if, the sole copy of that record is kept safely locked up, and is accessed just to do direct comparisons with freshly-captured biometrics from people asserting to have that identity can you – WITHIN THE LIMITS OF THE TECHNOLOGY – authenticate a particular person at a particular time in a particular place.

Giving an individual a copy of his/her biometric records on a smartcard defeats the entire object of biometrics by turning something that ONLY one person can provide (‘something you are’) to authenticate him/herself into something that potentially anyone can provide (‘something you have’). Its like handing out ‘fraud tokens’… literally!

Stick with me.

So in introducing different ‘modes’ or ‘levels’ of authentication – e.g. locally to the card (no reference to NIR), card to NIR (even if local authentication fails) – you have utterly broken the reliability of your system. Someone can present a valid ID card and subvert the local biometric reader, or present a fake card at a session that they know will not reference the NIR with impunity.

Thus your system, which people have to use in their daily lives and in which they must trust completely – because it holds the key to their identity – is, in fact, creating a false sense of security.

The ultimate irony is that Blunkett and Blair seem to be driven by a need to be seen to be doing something about certain problems – terrorism, illegal immigration, etc. – but their solution is actually going to make things a whole lot worse, and not just in those areas!

And we – the citizens of the UK – are, of course, going to end up worse off than when we started with billions of pounds down the drain, stuck with a database and card system that permits criminals and terrorists to actually ‘prove’ they are us (while everyone has been told that this is now impossible) and allows certain authorities with sweeping remits, e.g. SOCA?, to surveil our movements and activities (even if we have done nothing wrong ourselves) to an unprecedented degree.

I’m not even getting into the fact that NIR records themselves could quite possibly get screwed up – as reported in today’s piece in The Register, ‘DHS and UK ID card biometric vendor in false ID lawsuit’.

So, finally, and just to explain the meaning / message of my t-shirt design [below]: I object to and oppose the creation of a National Identity Register and to the principle of putting digital biometric records into ID (smart)cards.

Re-posted from archive of infinite ideas machine 2004:

(Artwork available on request)