About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« May 2008 | Main | July 2008 »

9 posts from June 2008

Meet the people

By Dave Birch posted Jun 24 2008 at 6:33 PM
[Dave Birch] Preparing my notes for RUSI, I was thinking about what it would take to get the public to have confidence in a national identity management scheme, and it reminded me that I took part in a very good public debate about privacy and surveillance recently. I was on a panel that included the assistant Information Commissioner Jonathan Bamford and Tom Ilube of Garlik as well as fellow Royal Academy of Engineering Working Group member Martin Thomas. It was a little unusual (for me) in that many of the audience were genuine members of the public rather than technology or sector specialists, so I thought it might be a useful service to bring some of their questions to your attention. They were a timely reminder to me about the kind of concerns that our customers will have to address to formulate successfull consumer propositions with an identity component. For example, there were a couple of questions about vehicle tracking. I'm certainly guilty of spending most of my time thinking about personal data in too few dimensions: vehicle tracking was as much a concern the the audience as people tracking. But the subtext should be noted: many of the anecdotes were about how wrong the DVLA database is, which clearly informed opinions about the people database (aka national identity register): there's a clear distinction, as far as I can see, between the small number of people who are against government identity management because it's just plain wrong and the much larger number of people (I might go so far as to venture, the majority) who are against it because they think the government will lose, delete, corrupt or spy on their data if they ever get the system working in the first place.

Continue reading "Meet the people" »

It's crazy, but it might just work

By Dave Birch posted Jun 18 2008 at 9:04 PM

[Dave Birch] Let’s create a vision for a 21st-century identity card. Let’s create a vision that we can communicate effectively. Let’s create a vision that is founded on minimising the storage of personal data. Let’s create a vision that the public and the government can understand. Let’s create a vision that contains some genuine innovation, some excitement, some potential. But most of all, let’s create a vision that is founded in mass media, because that’s where the British public get their science and technology education from. I would suggest that, as in so many things, Dr. Who should be our guide.

You’ll be familiar, of course, with Dr. Who’s psychic paper. As any devotee of the BBC’s wonderful series knows, the psychic paper shows the “inspector” whatever it is that they need to see. If the border guard is looking for a British passport, the psychic paper looks like a British passport. If the customs officer on Alpha Centuri wants to see a Betelguesian quarantine certificate, the psychic paper looks like a Betelguesian quarantine certificate.


Now that is what I call a vision for an ID card. And what's more, it will work.

Continue reading "It's crazy, but it might just work" »

Grasses up

By Dave Birch posted Jun 17 2008 at 11:56 AM

[Dave Birch] If you haven't been over to Wikileaks, you should probably go and have a quick look before you read the rest of this post! There's an article about it in a recent New Scientist, talking about how "onion routing" is used to provide anonymity. So people (eg, whistleblowers in large corporations) can obtain genuine anonymity online. I'm in favour of this, generally speaking, and it's certainly necessary in a free society. But is it sufficient?

Suppose, for example, that I post a plausible-looking document that seems to show that the British Royal family are actually giant extraterrestrial bloodsucking lizards. How do you know whether it's a genuine leak or a double-cross? If, for example, there's a document purporting to be the Identity & Passport Service's National ID Scheme Options Analysis, how can you be sure that it really comes from them (just to pick a mischievous example) or was made up by someone at No2ID? If we as a society agree that some from of whistleblowing is a social benefit -- and yes, we must also accept that it means that some drug-dealing Nazi child pornographers will be able to take advantage of it too -- then we should have systems in place to deliver it. And that doesn't mean implementing anonymity.

Continue reading "Grasses up" »

Adriana Lukas, MediaInfluencer

By Dave Birch posted Jun 16 2008 at 11:29 AM
[Dave Birch] Adriana Lukas was one of the founders of Samizdata, one of the first political blogs, and went on to be part of the The Big Blog Company before becoming a social networking, well, guru, frankly. She is developing interesting new thinking about identity from a non-technical direction and in this podcast she discusses some of the key concepts, touching on hew work with Project VRM and "The Mine" tool.

Continue reading "Adriana Lukas, MediaInfluencer" »

"Real" and "virtual"

By Dave Birch posted Jun 13 2008 at 4:57 PM
[Dave Birch] At the 21st European e-Identity Conference, there was a presentation on the regulation of virtual worlds by Bart Schermer from the University of Leiden. I know we've discussed it here many times before, but I mention the presentation here because In the Netherlands (where the conference was taking place), the first virtual theft case is now being prosecuted. The case concerns the theft of €4,000 worth of Habbo Hotel furniture stolen by a "phisher" who obtained account passwords. Not only does this confirm that phishing in virtual worlds is going to be just as much of a problem as phishing in the sort-of-real world, it confirms that the virtual world might be a good customer for bank authentication systems. Of course, as a consumer I don't care if phishers get in to my bank account, because my bank will give me the money back. But I do care if they take over my virtual world avatar: Will I get my magic sword back?

Continue reading ""Real" and "virtual"" »

Phorget it

By Dave Birch posted Jun 10 2008 at 12:50 PM

[Dave Birch] I have to write something about tracking and tracing, for unspecified purposes. Broadly speaking, and within some bounds, I want to be tracked and traced because I want a better service, more useful adverts, that sort of thing. I remember someone telling me that in countries with strict laws about the collection of personal information for marketing purposes, you get more junk mail because the originators cannot target the offers. If you know I hate golf, why send me stuff about golfing holidays? The goal is to get to the point where companies are not supply advertising by information relevant to my state and relationships. If I'm in a Forum about writing Dungeons & Dragons adventures, then a post from a company providing some useful tips and a link to their adventure-writing software is not really an advertisement, because it's something the community is happy to see. But how to get to this harmonious balance: should my information be under the control of the companies or me? You must remember Phorm.

Phorm said it was setting up a new online advertising platform called the Open Internet Exchange, which any Web site will be allowed to join. Proceeds from ads that are shown on these publishers' sites will be shared with BT, Carphone Warehouse and Virgin Media, which together represent more than two-thirds of the Internet access market in Britain... The three Internet providers have agreed to give Phorm access to customers' surfing records, letting it track a Web user's every move.

[From Providers get a piece of ad income - International Herald Tribune]

Is this acceptable? Wouldn't I prefer to control my my personal browsing habits and partition them, parcelling out the data to people who I think relevant? Or, to put in another way, CRM or VRM? Since the original trials, Phorm have changed the system (remember, it is operated by your ISP, not by Phorm) to provide for an opt out, but I assume that ISPs will incentivise me heavily to opt in because

Phorm could be the future, a future in which targeted advertising is essential to the business model of an ISP.

[From The law of Phorm | OUT-LAW.COM]

This seems reasonable to me, but within some pretty strict bounds. For one thing, if my mobile operators knows that I'm ringing a bank's mortgage enquires line, can then they bombard me with junk mail about mortgages? I hope not, and I wouldn't expect the same from my ISP: I they know I've been looking at Abbey National's mortgage offers, can they just sell this information to the highest bidder in a carousel of mortgage companies? Wait, I assert my moral right as the author of that idea...

Continue reading "Phorget it" »


By Dave Birch posted Jun 10 2008 at 9:08 AM
[Dave Birch] Down at the European Technology Standards Institute (ETSI), I saw a good presentation by Jens Kungl from the 64 billion euro METRO Group, which operates 2,400 retail locations in 31 countries. He knows a bit about retail, and Metro have been experimenting with RFID for some time, so his opinions need to be taken seriously. He began by making (strongly) the point that the best way to scupper an RFID project in retail is to begin tracking people instead of goods. In my opinion, one of the dangers here (and there are genuine privacy concerns that need to be addressed) is the regulatory response, which may be over-anxious, mis-targetted or plain wrong. For example

The Washington legislation outlaws the use of RFID "spy technologies" to collect consumer information without the owner's consent. The only problem is, heavy corporate lobbying narrowed the scope of the law (before Governor Gregoire signed it) to cover only criminal acts such as fraud, identity theft, or "some other illegal purpose" (making it a Class C felony to do so). Collecting information from consumer RFID chips for marketing purposes in Washington—with or without the owner's consent or even knowledge—is still fair game.

[From Washington State passes RFID privacy law; where's Uncle Sam?]
Surely, collecting information for anything but the purpose for which is was intended is just wrong, and it doesn't matter why it's being collected. Anyway, the point of this post is that Jens said that the trigger for item-level tagging is the five euro cent tag and this has arrived sooner than they were planning, so they are going to begin item-level tagging earlier than they had originally planned (they are already rolling out pallet-level tracking). He also said something about two Watts at 868MHz, but he was losing me a bit there...

Continue reading "Metro-politan" »

Supply and demand always win

By Dave Birch posted Jun 5 2008 at 6:43 AM

[Dave Birch] You know those wobbly writing boxes that you have to read when responding to blog posts, signing up for Hotmail, that kind of thing? I've always found them really annoying, and so have hackers, spammers and various other ne'erdowells. As a consequence, there's a substantial demand for software that can read the wobbly writing so that computers can pretend to be people...


All of these developments clearly indicate the demand and supply for CAPTCHA breaking services, as well as the potential for abusing the clean domain reputation of the most popular email providers whose continuous emphasis on usability, namely coming up with more user friendly CAPTCHAs, often results in the easy of which the process can be automated.

[From Microsoft’s CAPTCHA successfully broken | Zero Day | ZDNet.com]

But look at the second comment on the story, which makes a point that occurred to me as I was reading the story. I was thinking "hey, can I get some of that software to make life easier for me when I'm posting blog comments?". More than once I've had a quick thought while reading someone's blog post, clicked on "comment", typed in a quick note and then given up when I've typed in the wobbly writing incorrectly a couple of times. As the commenter points out, if the cracking software can read the codes better than many people can, so there will be a demand for that software from people who want to use it for legitimate access!

And, by the way, if you authenticate yourself with OpenID, as I just did on Faster Future, why should you need to read the wobbly writing at all? Surely one of the most important attributes that OpenID could share is "is_a_real_person" or something similar.

Continue reading "Supply and demand always win" »

NFC, privacy and identity infrastructure

By Dave Birch posted Jun 2 2008 at 12:22 PM

[Dave Birch] I've had a few e-mails from people about this paper by Colin Mulliner. This paper describes vulnerabilities in NFC implementations using "smart posters". It's the nature of the attacks, rather than exposure levels, that are worth looking at since, as Colin says,


The attacks demonstrated are trivial due to the manufacturer time to market (TTM) obsession, thereby shipping devices with trivial vulnerabilities, in Mulliner’s research they orbit around passive tags which are mostly abused as vectors for the any of the attacks demonstrated.

[From Attacks on NFC mobile phones demonstrated | Zero Day | ZDNet.com]

The attacks fall, broadly, into two categories. There are attacks on the implementation of the NFC tag standard in a current handset -- these remind us of a useful lesson about implementing new standards, but are not that significant in the long run -- and attacks on the way that tags work in the current NFC standards. The problem that Colin has focussed on here is that there is no way of knowing whether a tag is "real" or not: you wave your phone at a Royal Bank of Scotland advert at the train station, but the tag has been tampered with (shielded by a bogus tag, for example) so that your phone is redirected to a web site in the Ukraine which looks like RBS but is just going to use your entered username/password to log in to your account for nefarious purposes. Unfortunately, that's the way tags work: there is no way of preventing this and Colin is right to highlight both modifying original tags and replacing them with malicious tags as interesting security questions.

These questions relate to the better understood issue of product vs. provenance in the RFID world and, as we know, one way to solve that problem is by using digital identity: it's just that it's the identity of stuff in question, not the identity of people.

Continue reading "NFC, privacy and identity infrastructure" »