Feeds

Now we are 8 (and this token proves it)

False sense of security for sprouts

  • alert
  • submit to reddit

Website security in corporate America

VeriSign announced a new USB token that verifies the ages and sexes of children using a computer, and claimed that this will make it easier for innocent sprouts to avoid online predators, Reuters reports.

"Chatroom lurkers who can't prove their age will stick out like sore thumbs as more kids adopt the tokens," the wire service explained.

The so-called i-Stik USB token will provide verification of a child's age and sex. School administrators will provide lists of students, with their dates of birth and sexes, and VeriSign will encode that information onto the i-Stick tokens.

The scheme will begin with a handful of schools for testing this Fall, and, if all goes according to plan, be extended to thousands of schools starting next Spring.

That is, assuming its glaring flaws don't become painfully evident by that time. Most obviously, the token will not verify age or sex of the person using it, but only of the person to whom it was issued. Anyone might be using it, and no doubt paedos will be scrambling to get their hands on one of their own, either through loss, theft, or bribery. Once the tokens become popular and widely available, one can expect a brisk trade in them on paedo bulletin boards.

(Naturally, the Feds will have to be supplied with plenty of these gizmos, so that they can spend their days hanging out in kids' chatrooms with better cover.)

Meanwhile, parents will be lulled further into foolish notions that an Internet-connected PC makes for an adequate electronic babysitter. The Internet is adult space, and there is no substitute for parental supervision. If this scheme does anything to produce a false sense of security among parents, then it's worse than nothing; it's actually dangerous.

One thing that the tokens will be good for is online marketing to children. Marketers will be able to get a more accurate sense of the ages and sexes of young visitors to various online venues, and target them more precisely.

It will also make for decent PR and corporate image-making for VeriSign, suggesting that the company takes the safety of children seriously. Most importantly, it will produce a nice revenue stream from a basically worthless product that school districts will purchase with tax dollars.

In all, it's a win/win gimmick and publicity stunt, so long as child safety is not a criterion for judging its success. ®

Correction In our story regarding VeriSign's i-Stik USB token for children, we said that "school districts will purchase [them] with tax dollars." VeriSign would like it known that it will pay for the pilot programme, and that online child protection outfit i-SAFE America will fund expansion with federal grant money and private donations. Thus we should have said that the scheme, if it should succeed, will eventually need additional public funds, which might or might not come from school district budgets.

Thomas C Greene is the author of Computer Security for the Home and Small Office, a comprehensive guide to system hardening, malware protection, online anonymity, encryption, and data hygiene for Windows and Linux.

Related story

RSA cosies up to AOL as VeriSign enters token market

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Blood-crazed Microsoft axes Trustworthy Computing Group
Security be not a dirty word, me Satya. But crevice, bigod...
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.