Archive for November, 2007

IDiot Cards

Saturday, November 24th, 2007

One of my pet topics has bubbled to the forefront of media attention in Britain over the past week. The reason for this was a howling blunder on behalf of the HMRC governmental department (Her Majesty’s Revenue and Cockups) who managed to mislay personal details of 25 million UK citizens including their names, addresses, date of births, National Insurance numbers and bank account details. A junior official at HMRC was able to download this information onto a couple of CDs and pop them in the regular post, where of course they subsequently disappeared. Oops.

This is the same government advocating compulsory ID cards for all UK citizens, that will contain substantially more information than was on these CDs. But this argument is well trodden, and I am against ID cards for reasons more fundamental than of potential fraud: it is the wrong relationship between the citizen and the state: they do not own us – they work for us.

Ethics aside, it is also doomed to failure. As long as humans are humans, we will always be susceptible to error – an asset for evolution, but not so hot for super-sized security logistics. It only takes a single error for any national identity scheme to be compromised. Once the data is out there, it can never ever be retrieved.

Human error within the “system” is only one potential fallibility, the other is the system itself. Ministers are touting biometric data as the silver bullet to fraud prevention. They point towards finger print data (pardon the pun) as a means of secure authentication. The fact that you can replicate someone’s fingerprints using encoded data on a biometric chip, some cryptographic know-how and a £12.50 trip to Maplin’s seems to have been conveniently ignored. If we rely solely on this kind of technology in the future then we’re in for Trouble.

And don’t expect the banks to look after you either, they care as much about security as turkeys do for Christmas. For example, when I phone my bank I am asked a series of “security” questions for authentication. Fine, no problem. But whenever the bank phones me, they still ask for the same authentication! This is so utterly, utterly stupid. I could phone up anyone pretending to be from a bank and demand all sorts of personal information. Banks fail to understand that authentication is a 2-way process.

Not that authentication seems to bother HSBC too much either. About a month ago I received a letter, addressed to “Ms X” at my address. As Ms X has never lived here I phoned the bank to see what was going on and to suggest that someone was using my address for potentially fraudulent purposes. Next week I received 2 statements and a paying-in book. Another phone call to the “fraud” department, in New Delhi. A few days later, a cheque book arrived. Another phone call. The following week, a PIN number arrived in the post as did a note from a courier attempting to deliver a credit card. Another phone call to HSBC. There has been nothing for a few days now so perhaps they’ve got the message, but I wouldn’t trust this bunch of fools with my money if that’s the way they treat fraud.

I fear that the ID cards issue has now become too politicised to be debated rationally. Yes we need an alternative to using utility bills for authentication, and there are many things we can all do to achieve this – using a little common sense for a start – but investing in billions for a system that could be outwitted by bowl of bananas certainly isn’t the answer.

Fear

Wednesday, November 21st, 2007

Fear is spongy opaque blob
of irrational terror
that feeds off your oxygen
streams through your veins like hot tar
sits in your stomach as a spiky knot,
invades your thoughts
distracts
makes frowns
throws your balance off centre.

Wobble

You run away from fear, but not very far
You bury it in distractions, and it rises to the top
It sits there nagging, spitting,
gripping, fixating

So

Pause for thought and turn to the fear
Stroke it’s ugly head
Give it a piece of bread
and cheese with pickle
Sit with your fear and sing it a song
A lullaby, a nursery rhyme
Give it plenty of time

The fear now sits and skulks
Turns to putty, soft and mellow

Now take your hands and inspect what’s left
Peel off the layers, one by one
Each one getting softer
And warmer
And finally,
the centre

Where there’s a note written in fear:
From the fear, saying nothing but

Help! I’m scared! Help me please!

There’s nothing to fear in fear
except the fear that
you’ll never fear.

————————

Written in 7.5 minutes flat and dedicated to abp, with love.