About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion

Advertisers

Technorati

  • Add to
Technorati Favorites

License

  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« Privacy invasion by design | Main | How do these ideas make it through to implementation? »

The China syndrome

By Dave Birch posted Feb 10 2009 at 7:51 PM

[Dave Birch] A couple of days ago and I again mentioned the government's "break the glass" plan for a national identity scheme. In other words, what is the emergency plan to be followed should the integrity of the system itself fail. The point about the "break the glass" plan is a serious one. While I have no evidence that the government has such a plan, I'm sure they must do. If hackers, mafia extortionists or opposition MPs get into the database then someone has to be able to press a button to sound the alarm, to raise the drawbridge to other government systems and to initiate the meltdown process of re-issuing keys (or whatever else needs to be done).

What kind of meltdown might require the government to break the glass? Well, just for amusement purposes (since it could never happen, because the Home Security said that the ID card system will use "military" security) let's suppose that a disgruntled member of staff steals the entire biographical database. Let's say a fifty million individual records (5 x 10^7). Each individual record comprises 50 data items -- actually in the UK Identity Cards Bill it was slightly more than 50 -- so that's 5 x 10^1. Let's say each data item is 1KB. They're not, but whatever. So now we have a database of 5 x 5 x 10 x 10^7 or 25 x 10^8 or a couple of terabytes. That's it, a couple of a terabytes. I can buy a 2TB USB hard drive on Amazon right now for a couple of hundred quid and by the time the database is up and running, it will be fifty quid. So I can store the entire database for next to nothing, chuck it in my car and zoom off with it.

When they come in in the morning and notice it missing, there needs to be a big red button on the wall that they can smash the glass and press. Ah, you might say, it seems unlikely that a vetted civil servant will deliberately and flagrantly break the data protection act or whatever. Well I imagine that's what they thought in Chile, before a civil servant started publishing their national identity register on the Internet. We shouldn't let this kind of thing stop us from building a better identity infrastructure, but we should use it to help us build a better one, by which I mean one that depends on open peer review for its security.

I've always said that I'm in favour of building a national identity infrastructure. I don't want my goal to be derailed by some crazy "China Syndrome" panic. Remember that? When the famous Jack Nicholson and Jane Fonda film "The China Syndrome" came out, it was going to be just another thriller. But 12 days later came the accident at Three Mile Island. No-one died at Three Mile Island, but the combination of the fictitious events in the film and the real events at Three Mile Island somehow combined to form a mythic catastrophe. I don't want the same thing to happen with ID. Oddly, I was thinking about the TMI analogy because of this chap's aversion to Oyster cards...

I could be one of the last of a dying breed. No, not a cynical old hack – there is still a steady trickle joining the ranks. But one of the very few Londoners left who does not have an Oyster card for navigating around the capital's public transport system.

[From Nigel Willmott: Our movements are tracked enough already. For me, 'touching in and out' of tube stations is a step too far | Comment is free | guardian.co.uk]

Now, as far as I know, Oyster cards are actually a rather good example of how privacy should work at the consumer level. Customers have a choice as to whether they have an anonymous card or not and even if they do have a personalised card the data is anonymised after a few weeks. Thus, if there's a crime or a terrorist bomb or something, then the police can obtain a list of all the people who came through the barriers. But they can't trawl back through last years records, which seems to me to be a reasonable compromise. But the newspaper reporting of the "MiFare crack", paranoia about ID schemes and people being tracked and traced, and a general mistrust of "RFID" technology is coming together to mix fact and fiction. There may be a TMI event just around the corner: a big event -- no-one get hurt -- gets conflated with fiction in the minds of the public and then it's very hard to put the meme back in the box and the public's mind is set against ALL schemes. This isn't good at all.

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8341c4fd753ef0105371e22d3970b

Listed below are links to weblogs that reference The China syndrome:

Comments

AS poor and as distorted as the news in the U.S. is today, I find it refreshing that there were cover-ups and 'arrangements' being made over nuclear plants even in the 70's. Having worked on the software for control systems that theoretically control the nuclear plants, I know that any day now, the 'holes in the Swiss cheese slices' will all line up, and boom!!!! No one is taking the time to provide the care in that software that is continually being 'improved' and building like a house of cards. Safety software engineers are paid NOT to care about the quality of the work, but to rubber stamp the specs.

The inspectors they showed there are today even more incompetent and apathetic. As long as they find a few cosmetic problems to bitch about (e.g., coffee cups hiding alarm buttons), they don't peer any further. And of course, they wouldn't examine the X-rays, or know what they were looking for, if they did. The fox is guarding the henhouse in many areas in which we foolishly think we are protected. This movie attempts to unveil that danger, something movies are no longer allowed to do, since they are made by the same Big Business conglomerates that give you the nuclear plants, the Keystone tires, the Ford roll-overs.

Jane Fonda does a fantastic job of playing the innocent ingenue, something that hard-brained tough lady isn't in real life. And of course, Jack Lennon, dear departed, did one fantastic job as the ill-fated conscience of the nuclear plant. Check this one out of the video store....before all the copies are ordered destroyed. (I'm kidding, but not by much.)

Collusion between the information distorters and dispensers AND Big Business is just one of the themes in this movie, but something that's much more prevalent now than then. Well-written, I want to now see, "The Making of the China Syndrome" to find out what was cut out of it, and how much pressure the makers of this movie were under.

Just one thing: The movie Cher was in, in which she's run off the road, was also about a nuclear plant, and a worker who knows the truth about the apathy to safety at high levels of the plant. Which one copied the other?
------------
mukesh11
http://finance.bizoppjunction.com -Finance Loans

The comments to this entry are closed.