03.12.08
National ID cards
Now I’ve got myself into a huff about nation id cards before now, but it would appear that the government is steaming ahead, regardless as to whether people want them, re interested in them, or would pay for them. I listened to a discussion on Radio4 as I drove into work this morning with an MP advocating them but saying that “people wouldn’t adopt them unless they were free and actually had a use”, which made a lot of sense. There would appear to be two ways to go here, either they are completely free and you have to carry them (a la ID cards in many other countries, and ID cards during the war) or you charge for them but they have a major benefit (like a passport or a driving license). I prefer the latter, but any ID system where your populous doesn’t have to take part is never going to work (NI numbers being voluntary - never going to happen) so unless the card made thing substantially easier, faster or cheaper, it’s probably a no go.
Anyway, what I wanted to bring up wasn’t anything to do with the politics or economics of these cards, its their development methods. What will happen (I guarantee it) is that a couple of large IT provider will be asked to bid for the work, and it will narrow down to two, the cheap one which should be ok and the expensive one which will be rock solid, and the contract will got to the cheap one who will then try and bolt on some of the expensive system.
The key to an ID card, like any security pass, is that it should be extremely difficult to copy, clone or modify. If somebody can know their own up, or change theirs so when it’s scanned it doesn’t show them up as Jeff Smith the bank robber, then they become virtually pointless. This presents many challenges, after all the process for making a fake passport is well documented, and the actual leather folders and paper seem to be being stolen left right and centre. I watched a reported filming one being made on the BBC a few year ago, and the guy started by opening up a big box of them and picking one at random. They are clearly not kept well under wraps.
I imagine what will happen is that the cards method of storing information and revealing it will be shrouded in mystery, with big words like “unbreakable encryption” being banded around. It won’t be unbreakable, nothing is given enough time, power and money, but it should at least be something other than a bit of bit flipping. There’s lot of good encryption technology out there already, and much of it would be applicable.
Technology aside, I have a development idea - why not open source the entire thing? And don’t mass produce version one, or three, or even version 47. How up with a hard and narrow set of requirements eg. Must store full name, birthday, eye colour and a lookup_id (for comparing against a list). Something super simple. Then get a first version out there, and offer up £10,000 to every person who can find a crack, a hole, a work round or a sneaky way of misusing or modifying the data. Get 10,000 cards out there to ever academic, highschool kid, sneak bastard and clever git. If they find a hole, just pay up. Don’t quibble, try and say it’s not a hole, just bit the bullet, hand over the cash, and fix it.
Once you’ve had the first 100 bugs (and there will be that many), issue a new card, and the same challenge. Repeat as required. Set up a fast feedback loop and make it worth peoples time to break the damned thing. A sharp team will find 4 or 5 good holes in the first week, and they can go buy a new car. They’re happy, and you’ve for a more secure card. It won’t take more than 8 or 10 generations of these cards before something really bomb proof starts to show.
The other thing about being completely open about your spec and technology stack is that people will have a much better idea of the card and what’s on it. At the moment, most people are pretty suspicious of everything around ID cards, but if you get it all out there people can go and understand everything involved. It won’t quash everything, but it might help.
Security through obsfucated details is no security at all.
BenB said,
March 13, 2008 at 4:25 pm
But… how do you expect your lord and masters to keep you in Champagne and first class train tickets if they took up your suggestion..
coldclimate said,
March 13, 2008 at 11:25 pm
Who cares! Maybe it would work