Thread: OT ... ID cards
View Single Post
  #304   Report Post  
John Rumm
 
Posts: n/a
Default
Mary Fisher wrote:

Compaq (sp?) so that he can read old correspondence if he needs to. He never
does ...one day the machine could be useful, say for knocking down a house
...

Sounds like the array of systems I have sat on shelves that are kept
because they offer a particular facility (like being able to recover
data from an Osborne or Kaypro formatted CP/M disk) that "might come in
handy".

If you shred all paper evidence of your life and won't commit anything to

I don't, did I give that impression?


Well, you did give the impression that you don't keep records you consider
to be sensitive or vulnerable. At least, that's what you seem to be urging
me to do.

Not my intention, I was urging safe disposal of ones that you no longer
need - quite a different thing.

the pc (except your website, curiously) how can you check on past

The website has some sales stuff plus a fair amount of the information I
use to answer customer questions... I don't rate much of it as
particularly sensitive. Having said that a bit of detective work could get
you more information no doubt.


I rest my case.

Same applies to most of us, IP addresses can be traced to accounts
thence people etc. In my case having a unique name (in the UK) makes it
somewhat easier!

Personally I keep a fair amount of information, but there comes a point
where a twelve year old bank statement has little value.


Except for historical interest. In five hundred years time, if there's
anyone left, historians would love them.

Yup, I keep the odd old copy of Personal Computer World and Byte
magazine just for them. (The adverts make for the most interesting
reading - you forget just how much you were once prepared to pay for
computer stuff!)


So when the filing cabinet will accept no more I get all ruthless on it
and shred the old stuff ;-)


No, get another filing cabinet. That's been our solution :-) Not, of course,
just for bank statements ...

I also keep plenty of computerised information - but it is simpler to keep
adding storage to deal with that one ;-)


Filing cabinets are cheap. Second hand.

Alas space to store them is not... ;-)

I like CC cards for the
security they bring to some classes of purchase however.


Not for much longer, I understand.

Why is that?


I haven't taken much notice but I understand that some people have expressed
doubt about the security.

With my original comment I was thinking more about the "joint and
several" liability aspect of security... i.e. if a transaction goes
wrong and the original vendor either refuses to provide satisfaction (or
has gone bankrupt) then you still have a claim against the card provider.

So you ARE being personal.

Sometimes, mostly not.


But how does the reader differentiate?

I suppose to need to ask if you are unsure...

Very true - especially after ten years of posting to it. All those little
bits of information added together probably divulge a fair amount.


And you still do it.

I would not want you to miss me ;-)

Are you saying that you're incapable of designing a secure system?

Yes! (blunt enough?)


Honest. Why not?

Hmm good question. I suppose the simplest answer is that to have a
secure system you have to have thought of all the possible lines of
attack (i.e. got the requirements exactly right). You need to have
proposed a solution that perfectly addresses those requirements, and you
need to have implemented the proposed solution faultlessly.

In reality none of those things ever happen. There (usually) is no way
of even knowing if you have thought of all the attacks, and the
remaining steps are subject to a (quantifiable) error rate.

If you could do all of the above, you still only have a part of a
system. You would need to be fully in control of all the other
variables. Those variables include people - and they are very difficult
to "program" to do exactly what is needed in every situation.

It is like trying to design a burglar proof house - you may get all of
the locks and alarms just right, but ignore the possibility that someone
might bribe the cleaning lady to let them in.

If there was a way of buying an ID card that had a reasonable level of
trustworthiness, but was not linked to a central register (or at least one
of the scale proposed), and it was available to those that wanted it, then
I would say fine so long as it is not going to cost 10's of billions of
tax payers money.


So if it were secure and cheap it would be OK?

Secure, cheap, optional, and non invading, then it would be ok...

Tell you what, if it were secure and people were PAID to have it, they'd all
be in favour, would they?

I would not have thought so...

With the current proposals I object on several levels however, not just
the prospect for criminal misuse of the data.


When this thread began people objected for different reasons. I suspect that
many people would object whatever was proposed because they simply don't
want to be traceable by anyone for any reason. My argument was that if you
have nothing to hid you have nothing to fear.

That may be true, but it makes two assumptions. Firstly that the holders
of the information are benign, and secondly that having something to
hide is always indicative of wrongdoing.


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/
Reply With QuoteReply With Quote