http://www.cbsnews.com/8301-501465_162-20027837-501465.html

Anyone willing to trust the government to keep their online security for them? Anyone willing to believe the government that no national database of these IDs will be kept?

This all sounds like a hackers wet dream to me, one centralized ID for every single transaction a person does online. Wow, I can see the identity thefts piling up already.

The Obama administration is currently drafting what it's calling the National Strategy for Trusted Identities in Cyberspace, which Locke said will be released by the president in the next few months. (An early version was publicly released last summer.)



"We are not talking about a national ID card," Locke said at the Stanford event. "We are not talking about a government-controlled system. What we are talking about is enhancing online security and privacy and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities."

Details about the "trusted identity" project are unusually scarce. Last year's announcement referenced a possible forthcoming smart card or digital certificate that would prove that online users are who they say they are. These digital IDs would be offered to consumers by online vendors for financial transactions.



Schmidt stressed today that anonymity and pseudonymity will remain possible on the Internet. "I don't have to get a credential if I don't want to," he said. There's no chance that "a centralized database will emerge," and "we need the private sector to lead the implementation of this," he said.

No thank you.

Just like any other government, ours is always trying to get their foot in the door.
Once we allow them to do it, there's almost never going back. There is no recourse for government intrusion.

I don't like it but: "Details about the "trusted identity" project are unusually scarce. Last year's announcement referenced a possible forthcoming smart card or digital certificate that would prove that online users are who they say they are. These digital IDs would be offered to consumers by online vendors for financial transactions."

Gives me hope as does the "I don't have to get a credential if I don't want to". The article doesn't give a lot of details but it sounds like they're creating a way to sign in securely at different sites across the web using a digital ID or a smart card of some sort. It almost sounds like a multipurpose version of what World of Warcraft does with it's account keyfob thingy. Which would be a good thing, though I think this would be an endeavor better suited for the private marketplace.

I Wear Pants;630107 wrote:I don't like it but: "Details about the "trusted identity" project are unusually scarce. Last year's announcement referenced a possible forthcoming smart card or digital certificate that would prove that online users are who they say they are. These digital IDs would be offered to consumers by online vendors for financial transactions."

Gives me hope as does the "I don't have to get a credential if I don't want to". The article doesn't give a lot of details but it sounds like they're creating a way to sign in securely at different sites across the web using a digital ID or a smart card of some sort. It almost sounds like a multipurpose version of what World of Warcraft does with it's account keyfob thingy. Which would be a good thing, though I think this would be an endeavor better suited for the private marketplace.

Exactly how i feel.

Private sector should handle this, but i don't think the general idea is all that bad, to be honest. I don't want the feds handling it, but if a private firm would to propose this and go ahead and try to make it work, i could see people being for it.

I use the WoW fob, i'm a nerd.

I don't play WoW but the first thing I was reminded of when reading this was the fob thing. I'm also a nerd obviously.

Yea, i mean, this is one thing i don't want the feds involved in, but i don't think the general premise of it is terrible, if a private company were to take it on, and it was determined that consumers wanted it/felt there was a need for it.

Obama socialist agenda.... WTF how many ways does it have to be demostrated before some of you get it....

It isn't an ID or thing to track you online. It's something that verifies who you are for signing in to things like banking accounts, etc to make them more secure.

Not the end of the world, not that I think it should be done by the government but it's actually a good idea and if it is used for things like taxes or paying for license plates or other things like that I would be in support of it. As just an online secure ID I like the idea but think it should be done private sector or at least spun off into a non-profit.

It may not be the actual ID, but if it can be used to track you online, it's DEFINITELY not something I want the government to hold sway over.

Too much intrusion, and way too much opportunity for abuse.

I Wear Pants;630165 wrote:It isn't an ID or thing to track you online. It's something that verifies who you are for signing in to things like banking accounts, etc to make them more secure.

Uhh supposedly. Do you believe everything the government tells you or what? Have some skepticism man.

I Wear Pants;630165 wrote:It isn't an ID or thing to track you online.

Uh huh

I Wear Pants;630165 wrote:It's something that verifies who you are for signing in to things like banking accounts, etc to make them more secure.

And we should have warm fuzzies knowing that the Feds want to "verify" the security of our on-line banking transactions? Maybe we can have TSA do the digital groping?

I like how the feds are so concerned with online financial activity, but anyone suggest using SS # to verify who you are to vote and it's NO NO NO, we can't do that. :rolleyes:

tk421;630198 wrote:I like how the feds are so concerned with online financial activity, but anyone suggest using SS # to verify who you are to vote and it's NO NO NO, we can't do that. :rolleyes:

Exactamundo. When votes are on the line, then there should be no verification. If you want to transact on-line and avoid paying taxes...then they MUST know about you.

believer;630193 wrote:Uh huh



And we should have warm fuzzies knowing that the Feds want to "verify" the security of our on-line banking transactions? Maybe we can have TSA do the digital groping?

The feds don't want to "verify" the security. From what I understand it's a program to make signing into online accounts more secure. Nothing to do with the government and really shouldn't be something the governent does because it isn't something that is exactly vital but it isn't some web tracking mechanism. It's a way to securely log in.

Or at least that's the gist of what I got from this article which was pretty vague.

If something like this were to be created, it should be managed by the private sector and be optional. I have no problem with the way things work now.

So you'd install this ID on your devices, I assume? I'm not sure it changes anything, really. Any sort of ID that gets installed or has a pw can be hacked or stolen. Sounds like a false sense of security, to me. I might guess the purpose is more for tracking money laundering and funds in criminal activities because if every transaction requires an ID it would be unlikely for criminals to create dozens of ID's to hide activity (unless they hack/steal them).

From what I gather in the article it is either a secure digital ID or like a digital card or keyfob of some sort. Like the WoW fob I mentioned.

Or at least that's what I figure it is.

Not anything that is spying or tracking your moves online or anything, but also not something I think the government needs to be doing. A private sector company would be something that should do this not the government.

And if you read the article the dude says it will be optional so that's nice at least.

If it's what I think it is then it isn't a bad idea but I don't think the government should be the ones doing it.

cbus4life;630148 wrote:Yea, i mean, this is one thing i don't want the feds involved in, but i don't think the general premise of it is terrible, if a private company were to take it on, and it was determined that consumers wanted it/felt there was a need for it.

Indeed, but I'm willing to bet that it won't help anything. All you need to exploit something like this would be a FUD RAT and a FUD keylogger, something that anyone who knows what they're doing can get pretty cheaply (or even for free if they know where to look).

I Wear Pants;630165 wrote:It isn't an ID or thing to track you online. It's something that verifies who you are for signing in to things like banking accounts, etc to make them more secure.

Not the end of the world, not that I think it should be done by the government but it's actually a good idea and if it is used for things like taxes or paying for license plates or other things like that I would be in support of it. As just an online secure ID I like the idea but think it should be done private sector or at least spun off into a non-profit.

It can be as exploitable as our current system ... possibly more-so if it is used as the exclusive method of verifying someone's identity.

With the potential that CAPTCHA has, as well as the encryption systems in place with virtually all financial institutions (and their policies on restitution if someone's identity and finances are compromised), not to mention the ability to create passwords too complex to brute force, and security questions which CAN be very cryptic if you actually care, this is completely unnecessary.

An information thief isn't looking to steal info from the paranoid. That's too much work. He's looking to steal information from the apathetic. When it comes to your info online, it's okay to be a little paranoid. No need to go overboard, and not use anything online (in some ways, online is more secure than the physical institution itself). Create long, nonsensical passwords with numbers, letters (both upper and lower cases) and even symbols if permitted.

Write them down on a sheet of paper and hide them near your computer. DO NOT SAVE THEM ON YOUR COMPUTER.

Same with security questions. Make the answer incorrect, but write down the correct answer near your computer ... NOT ON IT. As an example, you could make your security question and answer something like this:

Q: What was the make and model of your first car?
A: The_War_of_1812

Makes no sense, but that's actually more secure. As long as you know the real answer, it's fine.

iclfan2;630184 wrote:Uhh supposedly. Do you believe everything the government tells you or what? Have some skepticism man.

Whether or not the government would ever use it maliciously, I can't say. I seriously doubt their ability to keep it as secure as a private enterprise would. It's simply a matter of incentive.

Government screws up, they compensate the victims ... by raising taxes. So really, they don't compensate at all. The populace does.

Private company screws up, they compensate the victims ... and risk going out of business from the added expense and the bad press.

Private company has more to lose, so they have extra incentive not to screw it up. That's why I trust the private sector more with it, even though it's not necessary, and not really that much more secure.

tk421;630198 wrote:I like how the feds are so concerned with online financial activity, but anyone suggest using SS # to verify who you are to vote and it's NO NO NO, we can't do that. :rolleyes:

Funny, isn't it?

dwccrew;630579 wrote:If something like this were to be created, it should be managed by the private sector and be optional. I have no problem with the way things work now.

You have no reason to. Education is the problem. Not the resources available.

gut;630582 wrote:So you'd install this ID on your devices, I assume? I'm not sure it changes anything, really. Any sort of ID that gets installed or has a pw can be hacked or stolen. Sounds like a false sense of security, to me. I might guess the purpose is more for tracking money laundering and funds in criminal activities because if every transaction requires an ID it would be unlikely for criminals to create dozens of ID's to hide activity (unless they hack/steal them).

Agreed.

I Wear Pants;630594 wrote:From what I gather in the article it is either a secure digital ID or like a digital card or keyfob of some sort. Like the WoW fob I mentioned.

Or at least that's what I figure it is.

Not anything that is spying or tracking your moves online or anything, but also not something I think the government needs to be doing. A private sector company would be something that should do this not the government.

And if you read the article the dude says it will be optional so that's nice at least.

If it's what I think it is then it isn't a bad idea but I don't think the government should be the ones doing it.

Actually, the greater the number of "security measures" online, the greater chance one is exploitable ... ESPECIALLY if it is new. It's not necessary, and could actually be worse, depending on how it's used.

Obama should be more worried about how we are going to pay his salary and leave shit like this alone.

This is something that I agree we can and should pass on. There are more pressing matters. Not that you have to drop everything because there are pressing matters but this shit isn't important or at least not in a good way.

I Wear Pants;643953 wrote:This is something that I agree we can and should pass on. There are more pressing matters. Not that you have to drop everything because there are pressing matters but this shit isn't important or at least not in a good way.

In essence, this is what GWB's campaign to "save the sanctity of marriage" was. Agree or disagree, there were FAR too many important things to worry about.

There are now as well.

I Wear Pants;643953 wrote:This is something that I agree we can and should pass on. There are more pressing matters. Not that you have to drop everything because there are pressing matters but this shit isn't important or at least not in a good way.

Yes, we need to get on with repealing Obama Care....

Anyone who suggests that any type of "protection" system isn't going to be used to track every damn transaction is simply naive to the point of their own detriment.

Every move the last 10 years or so (debit cards, online transactions, advertising) seems to lead us toward a cashless society, with the added ability to be tracked...I'll pass.

ytownfootball;645403 wrote:Anyone who suggests that any type of "protection" system isn't going to be used to track every damn transaction is simply naive to the point of their own detriment.

Every move the last 10 years or so (debit cards, online transactions, advertising) seems to lead us toward a cashless society, with the added ability to be tracked...I'll pass.

Even those others at least add some sort of advantage. This one, quite frankly, doesn't do a damn thing to actually make anything more secure. A far more blatant attempt to track the cash I PayPal my brother so he can get a car, etc.