Thread: OT ... ID cards
View Single Post
  #306   Report Post  
Mary Fisher
 
Posts: n/a
Default

"John Rumm" wrote in message
news:42936274$0$39053$ed2e19e4@ptn-nntp-
Compaq (sp?) so that he can read old correspondence if he needs to. He
never does ...one day the machine could be useful, say for knocking down
a house ...

Sounds like the array of systems I have sat on shelves that are kept
because they offer a particular facility (like being able to recover data
from an Osborne or Kaypro formatted CP/M disk) that "might come in handy".

Yes sigh

If you shred all paper evidence of your life and won't commit anything
to

I don't, did I give that impression?


Well, you did give the impression that you don't keep records you
consider to be sensitive or vulnerable. At least, that's what you seem to
be urging me to do.

Not my intention, I was urging safe disposal of ones that you no longer
need - quite a different thing.

So you only store data which could be useful to a miner for six years.

I see. Right. Safe as houses, really ...

:-)

the pc (except your website, curiously) how can you check on past

The website has some sales stuff plus a fair amount of the information I
use to answer customer questions... I don't rate much of it as
particularly sensitive. Having said that a bit of detective work could
get you more information no doubt.


I rest my case.

Same applies to most of us, IP addresses can be traced to accounts thence
people etc.

That's what I've been saying all along.


Personally I keep a fair amount of information, but there comes a point
where a twelve year old bank statement has little value.


Except for historical interest. In five hundred years time, if there's
anyone left, historians would love them.

Yup, I keep the odd old copy of Personal Computer World and Byte magazine
just for them. (The adverts make for the most interesting reading - you
forget just how much you were once prepared to pay for computer stuff!)

I was thinking of personal material. Ancient accounts give a wealth of
information to the social historian.


So when the filing cabinet will accept no more I get all ruthless on it
and shred the old stuff ;-)


No, get another filing cabinet. That's been our solution :-) Not, of
course, just for bank statements ...

I also keep plenty of computerised information - but it is simpler to
keep adding storage to deal with that one ;-)


Filing cabinets are cheap. Second hand.

Alas space to store them is not... ;-)

Build a shed. A concrete one with steel doors and properly alarmed.

I like CC cards for the security they bring to some classes of purchase
however.


Not for much longer, I understand.

Why is that?


I haven't taken much notice but I understand that some people have
expressed doubt about the security.

With my original comment I was thinking more about the "joint and several"
liability aspect of security... i.e. if a transaction goes wrong and the
original vendor either refuses to provide satisfaction (or has gone
bankrupt) then you still have a claim against the card provider.

Even with chip and pin? There seems to be a lot of confusion and perhaps
misunderstanding about the new system. I'm not using it but for a different
reason.

So you ARE being personal.

Sometimes, mostly not.


But how does the reader differentiate?

I suppose to need to ask if you are unsure...

Which I did and was told that you were talking to a wider audience.You, said
that, not someone else.The use of one to indicate the general could be
useful in avoiding misunderstandings.

Very true - especially after ten years of posting to it. All those little
bits of information added together probably divulge a fair amount.

And you still do it.

I would not want you to miss me ;-)

And I would.

If I remembered ...

Are you saying that you're incapable of designing a secure system?

Yes! (blunt enough?)


Honest. Why not?

Hmm good question. I suppose the simplest answer is that to have a secure
system you have to have thought of all the possible lines of attack (i.e.
got the requirements exactly right). You need to have proposed a solution
that perfectly addresses those requirements, and you need to have
implemented the proposed solution faultlessly.

In reality none of those things ever happen. There (usually) is no way of
even knowing if you have thought of all the attacks, and the remaining
steps are subject to a (quantifiable) error rate.

If you could do all of the above, you still only have a part of a system.
You would need to be fully in control of all the other variables. Those
variables include people - and they are very difficult to "program" to do
exactly what is needed in every situation.

So NO system is foolproof so the criticism of the ID one being prone to
faults because of government tenders and carelessness and cheapness has lost
value.

It is like trying to design a burglar proof house - you may get all of the
locks and alarms just right, but ignore the possibility that someone might
bribe the cleaning lady to let them in.

Yes. Quite.

If there was a way of buying an ID card that had a reasonable level of
trustworthiness, but was not linked to a central register (or at least
one of the scale proposed), and it was available to those that wanted it,
then I would say fine so long as it is not going to cost 10's of billions
of tax payers money.


So if it were secure and cheap it would be OK?

Secure, cheap, optional, and non invading, then it would be ok...

Which of those would you be prepared to compromise?

Tell you what, if it were secure and people were PAID to have it, they'd
all be in favour, would they?

I would not have thought so...

What about other people? Even the earlier objectors in this thread?

With the current proposals I object on several levels however, not just
the prospect for criminal misuse of the data.


When this thread began people objected for different reasons. I suspect
that many people would object whatever was proposed because they simply
don't want to be traceable by anyone for any reason. My argument was that
if you have nothing to hide you have nothing to fear.

That may be true, but it makes two assumptions. Firstly that the holders
of the information are benign,

There is no proof that they are not.

and secondly that having something to hide is always indicative of
wrongdoing.

Why else hide something?

Mary



Reply With QuoteReply With Quote