More than 51,000 DNA samples from children in West Yorkshire have been added to a controversial national database by the police, new figures reveal. To date more than 23,151 genetic profiles from youngsters aged between ten and 14 have been stored. And a further 28,169 samples have been taken from 15 to 17-year-olds by West Yorkshire Police since 2000.
Saturday, August 22, 2009
Friday, August 21, 2009
BTC - I'm sure it's clear by now that this is not the blog that gives a fair and balanced perspective. We have a tough enough time getting our perspective represented in the media.
BeatTheChip delivers the Anti-Real ID perspective religiously. We aggregate content as soon as news develops. However like anything else in this world - in order to advance the cause and alter the course of history, we need money. At the bottom of every entry on these blogs is an opportunity to give. Friday is a conventional pay day. You can count on us to shove off Numbers USA and tell Janice Kephart to go to hell DAILY. [We know they read our blog too.]
Subscribing is free, but we are asking for an initial give of between $2 -$10 for BTC content, which features frontline interviews and information about privacy, identity, technology and national legislation from those who create the news.
Free-market banditos like Jim Harper understand. You gotta get paid to change the world and that's okay. Without further ado ... classic conservative analysis to PROBLEM>REACTION> SOLUTION with Jim Harper, who has a great book up for review, Identity Crisis: How Identity is Overused & Misunderstood, available for sale as well.
If the federal REAL ID revival bill (PASS ID) becomes law, it will give congressional approval to EDLs, which up to now have been simply a creation of the federal security and state driver licensing bureaucracies.
As governor of Arizona, the current Secretary of Homeland Security signed a memorandum of understanding with the DHS to implement EDLs, and she backs PASS ID even though she signed an anti-REAL ID bill as governor. As I said before, Secretary Napolitano seems to be taking the national ID tar baby in a loving embrace.
Here’s Michigan state representative Paul Opsommer (R) on the Department of Homeland Security’s “Enhanced Driver’s License,” which contains a radio frequency identification chip with a long read range:
Expect the Department of Homeland Security to tell you what a great thing they are doing by allowing you the ability to buy these RFID licenses. They create the problem, provide a solution that is the cheapest for them and most risky for you, and then expect you to like it. But RFID is not mandated by Congress, and if enough states stand up for themselves the policy will be changed. Michigan needs to say no and do just that.
The PASS ID Act (S. 1261) seeks to make many of the same ineffectual, dangerous changes the REAL ID Act attempted to impose. Fundamentally, PASS ID operates on the same flawed premise of REAL ID -- that requiring various "identity documents" (and storing that information in databases for later access) will magically make state drivers' licenses more legitimate, which will in turn improve national security.
Proponents seem to be blind to the systemic impotence of such an identification card scheme. Individuals originally motivated to obtain and use fake IDs will instead use fake identity documents to procure "real" drivers' licenses. PASS ID creates new risks -- it calls for the scanning and storage of copies of applicants' identity documents (birth certificates, visas, etc.). These documents will be stored in databases that will become leaky honeypots of sensitive personal data, prime targets for malicious identity thieves or otherwise accessible by individuals authorized to obtain documents from the database. Despite some alterations to the scheme, PASS ID is still bad for privacy in many of the same ways the REAL ID was. And proponents of the national ID effort seem blissfully unaware of the creepy implications of a "papers please" mentality that may grow from the issuance of mandatory federal identification cards. Despite token provisions that claim to give states the freedom to issue non-federal identification cards, the card will be mandatory for most -- the PASS ID Act seeks to require everyone to show the federally recognized ID for "any official purpose," including boarding a plane or entering a federal building.
At the moment, health care reform is commanding tremendous attention and effort on the hill, so the PASS ID Act seems to be on the backburner for now. But after the August recess, anything can happen. So stay tuned for more about PASS ID and critical opportunities to flag your opposition to this flawed national ID scheme.
“The court’s decision effectively means that Americans’ privacy rights will be left to the mercy of the political branches. This is deeply troubling, because the courts have a crucial role to play in ensuring that individual rights are not needlessly infringed upon by statutes enacted in the name of national security."- Jameel Jaffer
Dismissal Of ACLU, NYCLU Challenge To Unconstitutional Spying Law Jeopardizes Americans' Privacy
August 20, 2009 -- A federal court today dismissed an American Civil Liberties Union lawsuit challenging an unconstitutional government spying law. The ACLU and the New York Civil Liberties Union filed the landmark lawsuit in July 2008 to stop the government from conducting surveillance under the FISA Amendments Act (FAA), which gives the executive branch virtually unchecked power to sweep up Americans' international e-mails and telephone calls.
The ACLU and NYCLU filed the lawsuit on behalf of a broad coalition of attorneys and human rights, labor, legal and media organizations whose ability to perform their work – which relies on confidential communications – is greatly compromised by the FAA. ::: MORE HERE:::
BTC - Yeah, well apparently The Feds don't get it. I encourage every activist who enjoys the right to peacibly assemble and petition their government for injury to their life, liberty and pursuit of happiness to join this activist task force. I jumped on as soon as I could. Do.
Wednesday, August 19, 2009
“Mr. Paget actually was doing nothing more than what we intended to have happen…the card, if powered by a reader, will give off the ID number, which is simply a pointer to the data that we share with the Department of Homeland Security,” he says.
By Jeff Goldman
The presence of an RFID tag in U.S. passport cards has raised privacy concerns, but government officials insist the technology is safe--and that the efficiency it adds at land borders is worth the risk.
By the time WHTI went into effect on June 1st of this year, requiring Americans to present passport books, passport cards, or EDLs when crossing land borders into the United States, over a million RFID-enhanced passport cards had already been issued. While WHTI itself isn’t new, its implementation for land borders was delayed two years ago in order to allow for further testing of passport card technology.
It’s important to note that there’s a key difference between e-passports(passport books) and passport cards. While passport cards use vicinity RFID (EPC Gen 2) technology, which can be read at distances of up to 30 feet, e-passports use ISO 14443 contactless smart card tech with a read range of a few inches. To compensate for their readibility (and therefore hackability) at a distance, passport cards only transmit an ID number that relates back to information stored in a secure central database, while e-passports store and transmit much more detailed information about the passport holder.
According to Randy Vanderhoof, executive director of the Smart Card Alliance, that difference was key to the selection of the two technologies. “The electronic passport was built knowing that it was going to store secure information like a person’s name, city of issuance, passport number, image of the person… and therefore they chose a more secure chip technology to protect that information—whereas the passport card was designed to be a static identifier to a central database, with no personal information stored in the chip itself,” he says.
Vanderhoof contends that the government’s decision to use the longer-range EPC Gen 2 technology in passport cards was a mistake. “The decision to trade speed over security and privacy, I think, was a poor decision on the part of the program managers under WHTI—but they repeatedly defended the decision because of the traffic flows through the land borders and the fact that they needed something that could be read from great distances,” he says.
Still, Paul Hunter, technical lead for the Western Hemisphere Travel Initiative at U.S. Customs and Border Protection, insists that the time savings provided by the passport cards are considerable. “We can actually read the documents as they’re approaching the booth…which means, instead of handing a document to an officer and him swiping it or manually typing in data, the data’s already there, and now he can focus on the person, and he can focus on the conveyance…it saves six to eight seconds per person,” he says.
And at a land border, Hunter says, time is of the essence. “We’re talking over 100 million crossings a year,” he says. “Those six to eight seconds actually are very significant. We’ve done time and motion studies where we’ve actually measured the time it takes to take the document, to bring it into the booth, to either manually type or swipe and then wait for the results—and if you eliminate all that, you are actually on average saving between six to eight seconds.”
What’s more, Hunter says, the same technology has already been in use for over ten years in the government’s SENTRI and NEXUStrusted traveler programs. “And we have not had one reported incident of somebody skimming that data and using it for nefarious purposes…the reality is, it’s just a number,” he says. “And we further mitigate that by making sure the data that’s associated with that is in a secure back-end database.”
Ultimately, Michael Holly, chief of consular affairs/international affairs at the U.S. Department of State, says Chris Paget’s interception of the passport card’s data is no reason for concern. “Mr. Paget actually was doing nothing more than what we intended to have happen…the card, if powered by a reader, will give off the ID number, which is simply a pointer to the data that we share with theDepartment of Homeland Security,” he says.
But Paget himself, now president and CTO of the security research firm H4RDW4RE, says that ID number shouldn’t be so easily accessible. “You shouldn’t necessarily think of it as low-risk just because it’s a number,” he says. “Your social security number is just a number. Your credit card number is just a number. It’s the meaning that’s attached to those numbers that makes it risky—and in this instance, it’s an identifier for a person, so any time you see that identifier, you can be certain that you’re seeing that same person.”
One possible solution, Paget says, would be to add an on/off switch to the passport card, as has been suggested by Dr. Ann Cavoukian,Information and Privacy Commissioner for the Canadian province of Ontario. Paget says it’s simply a matter of adding “a button on the card that you have to physically squeeze to turn the tag on, at which point it can be read—so it completely negates the need for shielding…because the tag is off until you actually want it to be turned on.”
The larger point, Paget says, is that RFID needs to be approached with the same caution as the Internet—both, essentially, are simply untrusted networks that move bits of data from point a to point b. “There’s no reason why RFID cannot have equivalent security to something like SSH or SSL that we use on the Internet all the time…I’m certainly not against RFID as a technology: I think it’s got great potential, but there needs to be a lot more security involved in the design of the systems,” he says.
Tuesday, August 18, 2009
The public has been made aware of RFID or Radio Frequency ID technologies commissioned for national identity documents: passports, Enhanced Drivers Licenses, TWIC cards, Speed Passes and even Tribal Identity Cards. Unfortunately, RFID as a government sanctioned technology earned a big brother reputation from its ability to track a persons current location, storing and conveying private information from 20 - 30 feet away.
Chris Paget, a technology penetration consultant, found the Western Hemisphere Travel Initiative compliant RFIDs especially troublesome. He began doing live demonstrations exposing identity security flaws RFIDs had on average cardholders. Then Chris Paget and his business partner Tim Mullen formed H4RDW4RE.com. They have made it their business to demonstrate exactly how insecure Western Hemisphere compliant RFID chips can be for people to possess in identity cards, smart-contactless cards and credit cards.
In this interview they explain the benefits of technology penetration testing or "ethical hacking" for investors and adopters. One of Paget's demonstrations went viral via YouTube in February, blowing apart any faint notion of RFID's billing as a secure identity technology. Equipped with only a $250 signal reader and a conventional laptop, Paget cloned or copied private passport information from a parked car in San Francisco.
H4RDW4RE recently featured high profile demonstrations at 2009 conventions like DefCon & Black Hat. They continue to invent solutions for existing security problems and risks ordinary people face from identity technologies present in U.S. passports and other public cards.
Monday, August 17, 2009
NEW YORK (Reuters) - U.S. authorities announced what they believed to be the largest hacking and identity theft case ever prosecuted on Monday in a scheme in which more than 130 million credit and debit card numbers were stolen.
Three men were indicted on charges of being responsible for five corporate data breaches in a scheme in which the card numbers were stolen from Heartland Payment Systems, 7-Eleven Inc and Hannaford Brothers Co, federal prosecutors said in a statement.
The suspects also hacked two unidentified corporate victims, the U.S. attorney's office in New Jersey said in the statement. :::MORE HERE:::
The Journal Gazette in Fort Wayne, Indiana takes Governor Mitch Daniels (R) to task for claiming that the burdensome identification requirements he’s implementing in the state are required by federal law.
Many states across the country have refused to participate in the REAL ID Act, preserving their citizens’ privacy and tax dollars. Not Governor Daniels, and in a recent press release he misstated federal identification requirements while acting as if he’s helpless to do anything about them.
Says the Journal Gazette: “[B]laming the federal government for non-existent requirements is disingenuous. If the governor wants Hoosiers to take extra steps to prove their identity, he should say so himself.”
More moments in Real ID history:
May 13, 2008
WisPolitics.com reports that Wisconsin Governor Jim Doyle (D) plans to take more than $20 million out of the state’s REAL ID account and transfer it into the state’s general fund.
Wisconsin Representative Jim Sensenbrenner (R) objects:
When I shepherded the REAL ID bill through Congress 3 years ago, it was in response to one of the key recommendations made by the 9/11 Commission, that ‘fraud in identification documents is no longer just a problem of theft.’ As we saw in 2001, in the hands of a terrorist, a valid ID accepted for travel in the US can be just as dangerous as a missile or bomb.
Congressman Sensenbrenner is correct to claim responsibility for REAL ID, but less accurate in other parts of his statement. The 9/11 Commission’s ‘key’ recommendation wasn’t key. (Indeed, Congress’ effort to follow the Commission’s recommendation was repealed by REAL ID.)
Nobody – not the 9/11 Commission, not Congressman Sensenbrenner, not Stewart Baker, nor anyone else – can explain the proximity between false ID and terrorist attacks, or how REAL ID cost-effectively secures the country against any threat.
Wisconsin’s governor has issued a mighty well-placed snub to the creator of the “Sensenbrenner tax.”
The plan’s first iteration, called Real ID, was approved by Congress in 2005 but met resistance from states, which balked at its $11 billion price tag. By eliminating some of the technical requirements and providing additional funding, the new plan is winning some support: Homeland Security Director Janet Napolitano, who opposed Real ID as governor of Arizona, now says that Pass ID represents “a cost-effective, commonsense solution.”