Archive for the ‘tech companies’ Category

BTC – The Stanford NSTIC forum held by US Dept. of Commerce Scry. Locke Friday was well attended by privacy and technology field members.  Intepretations of events were delayed because so many of the details are still unavailable, conceptual and probably undeliverable, due to federal budgetary lack.

While the high concept NSTIC plan itself seemed clear to some, the details haven’t yet been decoded for the general public. It may be because the scope of the program has been displayed as borderless as the Internet itself.  After reading other reporting on the event, I figured my insights might be beneficial.

The title of the project is the National Strategy for Trusted Identity in Cyberspace.  Locke stated from the gate that NSTIC “is not a national ID card program”.  No…but it does have a sweet spot for SmartCard to endorse it and discussions of ID cards were considered at one point.  One clever attendee illustrated, by covering other words in the NSTIC moniker, the words “national” and “identity” were still present along with associations unaddressed by panelists.

White House Cybersecurity czar, Howard Schmidt did mention there “is no centralized database”.  Okay. Unfortunately, we do now know it may not be necessary because PC technology will tell on their users involuntarily.  Privacy settings are upgraded constantly. This is why the FCC entertains the “Do Not Track” list.

Balm for ceaseless government burns to digital privacy is still currently lacking in approaching NSTIC.

CDT’s Jim Dempsey was on hand offering a tempering idea: addressing current government approaches, handling and practices to digital privacy and civil liberty “before we make decisions based on impending threats.”  He is currently one of the nominees to Obama’s privacy and civil liberty board.  That’s great; but we have a Bill of Rights which entitles us to 4th Amendment protections regardless of which way the US government panel rolls on things like sedition, free speech, identity and private property.

There are at least 3 federal agencies now involved with NSTIC: Department of Defense, Department of Homeland Security and now the Department of Commerce.   Too many cooks in the kitchen may be responsible for nauseating waves of bureaucracy.  According to one source, after 3 years of policy development, NIST may be the only organization who can clearly navigate the agency mapping for all hands involved public or private.  Now that the Dept. of Commerce is in on the game it does not necessarily DHS has stepped out to the exclusion of the matter.  DoD heralds are ever present to the start up interests of most Silicon Valley ventures. There was no short attendance of “useful people” embracing parts of the NSTIC behemoth and providing amenity.

Identity ecosystem proponents for interagency business and CEO’s with track records for nationalized encryption all seemed to be trolling for federal subscribers, optimistic about gaining the United States government as an adopter or customer.  Globalists were also represented to idealize the prospect for the US government to become the leader in international Net gatekeeping.

There isn’t doubt towards the ability of NSTIC parts and systemic counterparts ability to perform good things.  What is dubious is why we are doing this, the true relevance of NSTIC and who pays to sustain that system.

According to Lucky Green, a security consultant, the base purpose of the program would provide elementary authentication services to the public via the US Government.

BTC: “Do we need the government to do that?”

Lucky: “HELL NO!”

Some of the more unfortunate conclusions drawn are that NSTIC’s identity driven data is a source of commerce.  The prospect may be evolving that US government wants their own identity driven apparatus which culls information like Facebook’s social network.  NSTIC definitely has that megalomaniacal feel of a regular Dept. of Defense funded start-up combined with a democratically led entitlement program.  Where the money comes from for such a grandiose, “global” national  identity system matters.

The last question asked of the NSTIC panel went to the matter of its federal budget. Members of the panel answered irritably towards presumptive evidence of said Sasquatch-like budget for the NSTIC program.

No one has shown us the money yet.  We will keep you posted when numbers materialize.

c/o TechDirt , Mike Masnick

With health care reform out of the way, lots of politicians are pushing out new legislative ideas, hoping that Congress can now focus on other issues — so we’re seeing lots of bad legislation proposed. Let’s do a two for one post, highlighting two questionable bills that many of you have been submitting. The first, proposed by Senators Schumer and Graham, is technically about immigration reform, which is needed, but what’s scary is that the plan includes yet another plan for a national ID card. Didn’t we just go through this with Real ID, which was rejected by the states? Jim Harper, who follows this particular issue more than just about anyone, has an excellent breakdown of the proposal, questioning what good a national ID does, while also pointing to the potential harm of such a plan.

Then we have the big cybercrime bill put forth by.. Senators Rockefeller and Snowe (updated, since there are two separate cybersecurity bills, and its the Rockefeller/Snowe one that has people scared), that tries to deal with the “serious threat of cybercrime.” But, of course, it already has tech companies worried about the unintended consequences, especially when it requires complying with gov’t-issued security practices that likely won’t keep up with what’s actually needed:

“Despite all [the] best efforts, we do have concerns regarding whether government can rapidly recognize best practices without defaulting to a one-size-fits all approach,” they wrote.

“The NIST-based requirements framework in the bill, coupled with government procurement requirements, if not clarified, could have the unintended effect of hindering the development and use of cutting-edge technologies, products, and services, even for those that would protect our critical information infrastructure.”

They added the bill might impose a bureaucratic employee-certification program on companies or give the president the authority to mandate security practices.


This is one of those bills that sounds good for the headlines (cybercrime is bad, we need to stop it), but has the opposite effect in reality: setting up needless “standards” that actually prevent good security practices. It’s bills like both of these that remind us that technologically illiterate politicians making technology policy will do funky things, assuming that technology works with some sort of magic.

BTC – Lexis Nexis is reputedly the TSA’s data aggregate of choice. Who is running it makes a difference. I smell .. BIDEN.

NEW YORK–(BUSINESS WIRE)–LexisNexis® Special Services Inc. announced that Thomas Jarrett, the state of Delaware’s first Chief Information Officer (CIO) and a former Vice President and President of the National Association of State Chief Information Officers (NASCIO), has joined the company as Director of Business Development. Mr. Jarrett will be responsible for helping LexisNexis Special Services Inc (“LNSSI”) market solutions that leverage public records data and advanced analytics technology to enhance the abilities of state and local law enforcement, revenue and social services agencies.

Database seamstresses Intercede could be coming to a DPS location near near you.

This up from ShareCast:

Identity credentials specialist Intercede has confirmed that more than one million people have been enrolled in the United States Department of Homeland Security’s Transportation Worker Identification Credential programme (TWIC) at around 149 port locations.

Intercede’s IDCMS software product enables the seamless integration of the credential with the relevant IT infrastructure at each location.

80 Million Tax dollars is on Digimarc

C/O Trading Markets.com

More than 58 million has been awarded to support state-specific programs to achieve Real ID material compliance, which involves updating state driver’s license and ID card systems with extra security features.  Funding was also provided for the development and testing of the verification hub, which will enable all states to verify applicant proof-of-identity documents.

Digimarc provides products and services that enable the annual production of more than 60 million personal identification documents, including two-thirds of US driver’s licenses and IDs for more than 25 countries.

____________

BTC Commentary – Comments? Anyone? Anyone? Post beneath this article.

80 million dollars..  I wonder if someone who loves freedom will just buy out Digimarc’s contract, so DHS can go deal with some other issue that directly affects our national security.  That would be, opposed to creating a situation that has the potential to criminalize those without proper  federal IDs.   I know many of  the Free Market minded people have some kind of monetary excesses.  Maybe if we pony up like 120 million collectively and say “DIGIMARC- We’ll pay you NOT to do business with DHS on Real IDs,”  – they may just lose interest in Real ID’s.  I’m not sure what DHS will do if that happens.  You can call your State’s head of Motor Vehicles to find out how much money will be paid from your state to induct you into the New World Order’s cattle-log by simply asking for the amount of money going to Digimarc.  If they are not telling, get someone with a Law Degree to ask your question with an Open Records Request-  the paper sodium penenthol for bureaucrats. We have ways of getting the truth.
This is about money, just like every other aspected pursuit of American “happiness”.     If we don’t want Digimarc doing this – DHS will find some other way.  They will probably outsource the work to somewhere (US  Homeland Security ) for digital securities that require our social security numbers, address, your age,  your gender and other cute things like your hair color, your eye color and a neat 3d  profile of your face. 

No wonder everyone hates us.  Why are we so special?  The street kids in Mumbai don’t get a cool 3D face profile.  What the hell is that about?  Some 15 year old constructing our surveillance chips in a clean room somewhere in Southeast Asia has an exam to prep for. Why the hell are we making his life difficult with Real IDs?  HAVE SOME COMPASSION!

The concern here is that Homeland Security  will cut corners here and behave like any other corporatized element of our government.  If it’s a boring dirt job that can be done without paying an American a living wage, it will be shipped overseas and someone else will be doing it.  It may be too much to ask Homeland Security to do this themselves.   We do in fact know that the technologies used are being constructed and tested in fun places like Pakistan.   Which may eventually mean that your SSN# , address etc will be handled  by some other person in another country for Homeland Security.   In a rational mind, this defeats the purpose of calling it  “homeland security”.  More research is needed on where the inventory of your identity records will land after DHS funnels it through the DMV.  If it’s outside the borders of the US, what is the fundamental drive behind you having this national ID?   Ask now before you surrender the keys to your identity to the DMV. 

Ok.. It looks like the list of things to do if you’re an anti-REAL ID activist is to find out which tech companies are wooing your states DMV. You have to know your Who’s Who in Department of Motor Vehicles and you need to find out who is delivering the deadline for compliance and implementation. You may have as soon as mid-month to get an extension for your state to find funding for the federal mandate. You may have until March 31, ’08. To make thing’s somewhat easier CNET.com has a state information map that posts updates on what your state is planning to do with your tax money.

It’s time to ask the questions: “How does the government expect us to pay for all of this and who is getting our money?”