Feeds

Running queries on the HMRC database fiasco

Dis-information systems management

The Power of One eBook: Top reasons to choose HP BladeSystem

Finally, the ID card thing

Chancellor Alistair Darling has been quoted as saying that the disaster actually strengthened arguments in favour of ID cards. OK, I’m game, let's think this through. One of the advantages of ID cards is that they make it easier to tie data from several disparate systems together. For example, it appears still to be possible for a person in this country to be drawing benefit while working. An ID card, complete with unique identifier, should make these anomalies much easier to spot.

So, on the surface, this argument sounds reasonable. The data was being shipped so that it could be cross-correlated between two systems. ID cards make cross-correlation easier. Therefore, this is an argument for ID cards. However, there is a glorious technical flaw in this argument.

ID cards may help to identify people more accurately but they don't, in any shape or form, help with the movement of the data. ID cards would have made no difference whatsoever to the fact that the data has to be moved. Indeed, had the ID data been included it would, presumably, have been one more piece of data to delight the bad guys.

I'm used to the fact that politicians don't understand technology, but it frightens me that, in the midst of one crisis, they can still find the time to misuse it to promote another unrelated political agenda.

Finally, of course, the fact that our government has demonstrated a complete lack of ability to protect our data is, for me, a strong argument against ID cards. But then, I'm not a politician.

Summary

Once again, it is fair to say that we aren't being told the technical details and neither should we be. However, these security concerns also provide a convenient smoke screen from which can emerge bland assurances like: "It would have been very expensive to do this", "this strengthens the arguments for ID cards". While we cannot directly gainsay these, if we make reasonable assumptions, it is clear that many of them are nonsense. ®

Designing a Defense for Mobile Applications

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.