Feeds

Now we are 8 (and this token proves it)

False sense of security for sprouts

  • alert
  • submit to reddit

Security for virtualized datacentres

VeriSign announced a new USB token that verifies the ages and sexes of children using a computer, and claimed that this will make it easier for innocent sprouts to avoid online predators, Reuters reports.

"Chatroom lurkers who can't prove their age will stick out like sore thumbs as more kids adopt the tokens," the wire service explained.

The so-called i-Stik USB token will provide verification of a child's age and sex. School administrators will provide lists of students, with their dates of birth and sexes, and VeriSign will encode that information onto the i-Stick tokens.

The scheme will begin with a handful of schools for testing this Fall, and, if all goes according to plan, be extended to thousands of schools starting next Spring.

That is, assuming its glaring flaws don't become painfully evident by that time. Most obviously, the token will not verify age or sex of the person using it, but only of the person to whom it was issued. Anyone might be using it, and no doubt paedos will be scrambling to get their hands on one of their own, either through loss, theft, or bribery. Once the tokens become popular and widely available, one can expect a brisk trade in them on paedo bulletin boards.

(Naturally, the Feds will have to be supplied with plenty of these gizmos, so that they can spend their days hanging out in kids' chatrooms with better cover.)

Meanwhile, parents will be lulled further into foolish notions that an Internet-connected PC makes for an adequate electronic babysitter. The Internet is adult space, and there is no substitute for parental supervision. If this scheme does anything to produce a false sense of security among parents, then it's worse than nothing; it's actually dangerous.

One thing that the tokens will be good for is online marketing to children. Marketers will be able to get a more accurate sense of the ages and sexes of young visitors to various online venues, and target them more precisely.

It will also make for decent PR and corporate image-making for VeriSign, suggesting that the company takes the safety of children seriously. Most importantly, it will produce a nice revenue stream from a basically worthless product that school districts will purchase with tax dollars.

In all, it's a win/win gimmick and publicity stunt, so long as child safety is not a criterion for judging its success. ®

Correction In our story regarding VeriSign's i-Stik USB token for children, we said that "school districts will purchase [them] with tax dollars." VeriSign would like it known that it will pay for the pilot programme, and that online child protection outfit i-SAFE America will fund expansion with federal grant money and private donations. Thus we should have said that the scheme, if it should succeed, will eventually need additional public funds, which might or might not come from school district budgets.

Thomas C Greene is the author of Computer Security for the Home and Small Office, a comprehensive guide to system hardening, malware protection, online anonymity, encryption, and data hygiene for Windows and Linux.

Related story

RSA cosies up to AOL as VeriSign enters token market

Beginner's guide to SSL certificates

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.