(Compulsory) national ID cards

gregrampage wrote:

Are any of those biometric systems? You're trying to group existing systems with the proposed one, when the original post clearly stated the inclusion of biometrics.

Um, just about every modern passport issued by countries has biometrics in it. In fact, as a foreigner you CAN NOT ENTER THE UNITED STATES WITHOUT A BIOMETRIC PASSPORT

bandit0013 wrote:
gregrampage wrote:

Are any of those biometric systems? You're trying to group existing systems with the proposed one, when the original post clearly stated the inclusion of biometrics.

Um, just about every modern passport issued by countries has biometrics in it. In fact, as a foreigner you CAN NOT ENTER THE UNITED STATES WITHOUT A BIOMETRIC PASSPORT

Fair enough. I was not aware.

gregrampage wrote:
bandit0013 wrote:
gregrampage wrote:

Are any of those biometric systems? You're trying to group existing systems with the proposed one, when the original post clearly stated the inclusion of biometrics.

Um, just about every modern passport issued by countries has biometrics in it. In fact, as a foreigner you CAN NOT ENTER THE UNITED STATES WITHOUT A BIOMETRIC PASSPORT

Fair enough. I was not aware.

Sorry, I realize the caps may have come off as "yelling" at you, that wasn't my intent. I was "super emphasizing"

bandit0013 wrote:
gregrampage wrote:
bandit0013 wrote:
gregrampage wrote:

Are any of those biometric systems? You're trying to group existing systems with the proposed one, when the original post clearly stated the inclusion of biometrics.

Um, just about every modern passport issued by countries has biometrics in it. In fact, as a foreigner you CAN NOT ENTER THE UNITED STATES WITHOUT A BIOMETRIC PASSPORT

Fair enough. I was not aware.

Sorry, I realize the caps may have come off as "yelling" at you, that wasn't my intent. I was "super emphasizing"

No worries.

bandit0013 wrote:
gregrampage wrote:

Are any of those biometric systems? You're trying to group existing systems with the proposed one, when the original post clearly stated the inclusion of biometrics.

Um, just about every modern passport issued by countries has biometrics in it. In fact, as a foreigner you CAN NOT ENTER THE UNITED STATES WITHOUT A BIOMETRIC PASSPORT

Not quite true. Foreigners wishing to visit the United States under the VWP (Visa Waiver Program) are required to have a passport with biometric data - though there are still grandfather exceptions for valid passports issued before a given date.

To the best of my knowledge, foreigners who obtain a visa for their travel are not required to have a passport with biometric data (at least, not yet).

I'm not entirely sure a national biometric ID card would stop identity theft, either. Unless you wanted to make showing it required for every single purchase everywhere, which is, well, insane, not to mention impractical.

Now that I think about it, how is that related at all? How would a national ID card stop someone from jacking your credit card info and using it? (Either through a poorly secured database, phishing, or a good-old-fashioned card skimmer, which is what burned me. Those things are damned hard to spot!) Is there something I'm missing to this plan?

All the VWP countries (mostly european) have to at minimum have machine readable ones. The grandfather is for machine readable with no chip.

Kannon wrote:

I'm not entirely sure a national biometric ID card would stop identity theft, either. Unless you wanted to make showing it required for every single purchase everywhere, which is, well, insane, not to mention impractical.

Now that I think about it, how is that related at all? How would a national ID card stop someone from jacking your credit card info and using it? (Either through a poorly secured database, phishing, or a good-old-fashioned card skimmer, which is what burned me. Those things are damned hard to spot!) Is there something I'm missing to this plan?

Multi-factor authentication is what makes a national id/biometric card more secure. A credit card on its own can surely be skimmed, but a credit card company that linked to a national id system would be nearly impossible to spoof.

There are 3 main things required for multi-factor authentication:

1. Something you have (the card)
2. Something you know (a pin, password, etc)
3. Something you are (fingerprint, etc)

If you play warcraft and use the authenticator that is multi-factor authentication. You know your user name and password, you have the authenticator key. This is far more secure than single factor authentication (user/pwd). Adding a third element or replacing the key with a fingerprint takes it to a level that makes it near impossible to beat.

Additionally many banks release authenticator keys to their customers.

I still don't like the idea of a national ID, but I have to admit that the idea of a universal multi-factor secure ID that I could use anywhere is appealing.

My concern is that no system is 100% secure. Wasn't RSA hacked fairly recently? What happens when someone breaks and manipulates the fingerprint system, for example?

With most systems, I think the answer is "the same thing that happens now when someone steals your identity" but in this case it's a lot harder to say "I didn't make that purchase" (for example) when the system says I used my fingerprint in the transaction.

Not to mention, that as nifty as that sounds, there's nothing stopping companies from doing that now. I'd put money on that it's too expensive or would freak people out.

There's also the problem of e-commerce, and the logistics of replacing card readers _EVERYWHERE_. (I know places that are just now upgrading readers from the early 90's, for instance.)

Don't get me wrong, I like the idea, I'm just a lot more pessimistic of how things happen than you are. And, if it could happen like how you outlined (Paraphrasing, but say, free of charge, biometric IDs, bonus points if you could tie it in to the driver's licence and other permit registries so I only had to carry one card, and keeping the biometric data non-searchable by police and FBI (and etc, etc)), I'd go for it. In a heartbeat, no less.

However, I have deep misgivings about a national ID registry, considering the history of hilarious government screw ups, recent trends of being about as transparent as a brick wall, and as accountable as a trust-fund baby. Plus, with all that, it'd be forever (if ever) that the neat security stuff got implemented for anything meaningful.

I do apologize if I'm being opaque or moving the goalposts for the argument, as it were. I'm not terribly with it today. If used properly (and not as a means to disenfranchise voters, or broaden the eye of Big Brother over there), it'd be a great thing. Especially if you could nationalize a few other permits, as well. Neat, convenient, and less red-tape and paperwork all around. I just think that we need to address the deep-seated corruption in our government first, then work on the neat stuff.

Companies would quickly get on board because it's orders of magnitude cheaper than everyone rolling their own authentication.

bandit0013 wrote:

All the VWP countries (mostly european) have to at minimum have machine readable ones. The grandfather is for machine readable with no chip.

Correct. I was responding to the all-caps boldface assertion that "In fact, as a foreigner you CAN NOT ENTER THE UNITED STATES WITHOUT A BIOMETRIC PASSPORT".

Which I think we both agree may overstate the case a bit.

Bandit, there essentially IS NO FRAUD at the individual voter level. There's tiny, trace amounts of it, barely even detectable.

The solutions being enacted do not, in other words, solve a problem, and they simultaneously make it difficult for marginal people to be able to vote. They create a very noticeable barrier to voting in order to solve a problem that does not exist.

The REAL goal here is to get that barrier up, to try to shut people out of the voting process if they aren't fully conforming with all the various bureacracies we've set up.

So what you're saying is that in this day and age where we have electronic voting machines and electronic information on ID cards that having to show and SWIPE your national ID card wouldn't prevent this kind of fraud?

No, of course not, because in the age of electronic voting machines, it is trivial to just change the votes after they've been cast. All these technologies make it EASIER to have elections stolen, not HARDER, because now there's no paper trail.

I don't know where you get these ideas, but I don't think your sources are good.

Malor wrote:

No, of course not, because in the age of electronic voting machines, it is trivial to just change the votes after they've been cast. All these technologies make it EASIER to have elections stolen, not HARDER, because now there's no paper trail.

I don't know where you get these ideas, but I don't think your sources are good.

You do realize that electronic voting machines have a paper receipt printed on them that you can review right?

Most of the systems, as currently implemented, do not.

Electronic voting COULD be secure, it's quite easy to design a system that's completely robust. Computer-ASSISTED voting, instead of computer-CONTROLLED voting.

But every system that has been implemented so far has been fatally flawed, and easily corruptible without leaving any trace at all. And I think it was the president of Diebold that was on record as saying that he would be able to deliver elections for Republicans.

We COULD do voting right. But we are not doing so. And I believe this is deliberate.

Oh, just for the record, here's how to do a computerized balloting system that's nearly fraudproof:

As the first line of interaction with voters, you have machines that assist in the generation of a ballot. These are optional, people can still do them by hand if they choose, but the machine will guide them through all their options, confirm their votes, and then generate a perfect paper ballot for them. The machine keeps no records of any kind. It is just a tool to make ballots, kind of a specialized desktop publishing program. When it's done, it prints a ballot for the box, which the voter is then told to review, and a receipt for that ballot, showing that the voter did indeed vote. When the voter is satisfied that the generated ballot represents his or her intention, he puts it in the ballot box.

Then there's a separate machine that counts ballots. It is also quite stupid. All it does is tally up votes and send results to a central machine. Because almost all of the ballots will have been computer-generated, the counting process will be extremely clean and precise. But no ballots are destroyed, so that manual counts remain possible.

This way, you get all the advantages of computers (accuracy and speed) but you still have an irrevocable paper trail. It is machine ASSISTED voting, rather than machine CONTROLLED voting. Every step can be replaced by humans if, for some reason, the machines are malfunctioning or aren't trusted.

Further, there's another step that can be taken. When the receipt and ballots are printed, very long identifying numbers can be added. To my understanding, there's no way to take the receipt number and figure out what votes were cast, and no way to take the number on the ballot and figure out which voter it came from. (this is using really advanced math, related to public key encryption, and I don't know the details.)

There's a mathematical technique that can be used, where the election officials can publish a checksum value. The end-voters can then run a computation between the number on their receipt and the election checksum, and can determine with absolute validity whether or not their ballot was included in the final results. This math is too hard to do by hand, generally, but there would be free websites where you could copy and paste the election checksum, and then type in your ballot number, and the website would tell you if your ballot is part of the final election outcome. I gather it's pretty trivial to implement this, and you'd see little 'election checker' applets and such pop up all over. You could mathematically prove whether or not your vote was counted, without, apparently, revealing the contents of that vote.

Now that would be a pretty outstanding system, I would think. There's a perfect paper trail, and there's a mathematical check to be sure that your vote was included in the final result. Voters can know their voices were heard, and they will be able to immediately detect fraudulent results.

The current electronic voting systems, as implemented, just have voters show up to a computer, click their votes, click "cast ballot", and then walk out with basically nothing. There is absolutely no way to know that their ballots are even recorded accurately, and nothing stops election officials from simply modifying the database directly. There is no audit trail, and the results exist nowhere except electronically. It's quite easy for a single trusted person to invisibly steal elections with a few hundred keystrokes.

@malor

Any time you introduce paper ballots as valid you introduce the ability to stuff ballot boxes. A centralized system tied to a national id would ensure that only one person voted and with biometrics that the person who voted is who they say they are. The most common cases of large fraud are due to stuffing boxes and poll workers voting for people who didn't show up. Anytime you introduce a "dumb" machine the security issue is due to it being "dumb".

What you want is a smart machine with the ability to print a receipt for you. Third parties like the media already do exit polling, but in a digital world you should be able to acquire a digital receipt which could be uploaded to the third party for extra insurance that nothing awry is going on.

Any time you introduce paper ballots as valid you introduce the ability to stuff ballot boxes.

Any time you introduce electronic ballots as valid you introduce the ability to stuff false electronic votes into the computer.

Ultimately, paper is always more valid than electrons. Always. Under every circumstance. Any objection you can make about paper also applies to electronic voting, but many abuses of electronic voting are not possible with paper.

Malor wrote:
Any time you introduce paper ballots as valid you introduce the ability to stuff ballot boxes.

Any time you introduce electronic ballots as valid you introduce the ability to stuff false electronic votes into the computer.

Ultimately, paper is always more valid than electrons. Always. Under every circumstance. Any objection you can make about paper also applies to electronic voting, but many abuses of electronic voting are not possible with paper.

Modifying electronic records, regardless of the system, always leaves a footprint.

bandit0013 wrote:
Malor wrote:
Any time you introduce paper ballots as valid you introduce the ability to stuff ballot boxes.

Any time you introduce electronic ballots as valid you introduce the ability to stuff false electronic votes into the computer.

Ultimately, paper is always more valid than electrons. Always. Under every circumstance. Any objection you can make about paper also applies to electronic voting, but many abuses of electronic voting are not possible with paper.

Modifying electronic records, regardless of the system, always leaves a footprint.

I am fairly certain is not true, especially with the "regardless of the system" caveat. That said, the footprints left don't always point to the culprit or necessarily even indicate something is wrong.

There have been constant news stories lately of major systems being compromised. I don't understand where your confidence in electronic systems comes from.

gregrampage wrote:
bandit0013 wrote:
Malor wrote:
Any time you introduce paper ballots as valid you introduce the ability to stuff ballot boxes.

Any time you introduce electronic ballots as valid you introduce the ability to stuff false electronic votes into the computer.

Ultimately, paper is always more valid than electrons. Always. Under every circumstance. Any objection you can make about paper also applies to electronic voting, but many abuses of electronic voting are not possible with paper.

Modifying electronic records, regardless of the system, always leaves a footprint.

I am fairly certain is not true, especially with the "regardless of the system" caveat. That said, the footprints left don't always point to the culprit or necessarily even indicate something is wrong.

There have been constant news stories lately of major systems being compromised. I don't understand where your confidence in electronic systems comes from.

News stories of systems being compromised you say? Guess they left a footprint.

It's actually quite simple. You keep the "I showed up to vote" system separate from the actual voting machine system. Compare the numbers at the end. Done.

bandit0013 wrote:

News stories of systems being compromised you say? Guess they left a footprint.

It's actually quite simple. You keep the "I showed up to vote" system separate from the actual voting machine system. Compare the numbers at the end. Done.

In most of those cases they didn't mind not leaving a footprint, but I see your point. I thought you meant a useful trail more than a sign it had been compromised.

What happens when those numbers don't match? Which one do you use? I forget where I heard it but there was some kind of old advice that a sailor should never bring two compasses because if they don't match you have no idea what's right. Either use 1 or bring a 3rd.

gregrampage wrote:

What happens when those numbers don't match? Which one do you use? I forget where I heard it but there was some kind of old advice that a sailor should never bring two compasses because if they don't match you have no idea what's right. Either use 1 or bring a 3rd.

You would be doing it at the polling station level. First you'd have to determine whether not counting any of the votes would impact the results of the broader election. If they would then you'd have to go through the receipts and compare them to the actual data. If for some unforeseen reason that couldn't be done you'd throw out the whole thing and do it again.

Pretty much the process we use today.

Also, recall earlier in the thread I advocated for the code running those machines to be transparent and available to the public for examination.

Modifying electronic records, regardless of the system, always leaves a footprint.

Untrue. Many of the systems just use Access databases, which are trivially editable. A simple 'database cleanup' command completely rebuilds the tables from scratch. And if you understood Access tables, you could easily write a tool to modify hex values in the database directly, without leaving any trace whatsoever.

This is, in general, true of all databases -- bypassing the normal routines and editing the bytes directly on disk prevents most logging.

It's a LOT harder to corrupt paper ballots, and there's a scale problem -- you need physical help past a few hundred. Electronic tampering can scale to almost any size, from just one person. Stuffing paper ballots is a risky process that requires physical access and help; modifying and/or stuffing electronic ballots is silent, invisible, untraceable, and can sometimes be done remotely, without even having physical access.

Reviving to cite an interesting article in the most-recent Economist about India's efforts to institute a national ID system.

This month India’s unique identity (UID) scheme will enroll its 200 millionth member, having had almost none only a year ago (see article). By the end of this year, says Nandan Nilekani, a former software mogul who runs the project, the tally could stand at 400m, a third of all Indians. The scheme is voluntary, but the poor are visibly enthusiastic about it. Long lines wait patiently in the heat to have their fingerprints and irises scanned and entered into what has swiftly become the world’s largest biometric database.

For the poor, having a secure online identity alters their relationship with the modern world. No more queueing for hours in a distant town and bribing officials with money you don’t have to obtain paperwork that won’t be recognised if you move to another state looking for work. A pilot project just begun in Jharkhand, an eastern state, will link the new identities to individuals’ bank accounts. Those to whom the government owes money will soon be able to receive it electronically, either at a bank or at a village shop. Ghost labourers staffing public-works schemes, and any among India’s 20m government employees, should turn into thin air. The middlemen who steal billions should more easily be bypassed or caught.

That is just the start. Armed with the system, India will be able to rethink the nature of its welfare state, cutting back on benefits in kind and market-distorting subsidies, and turning to cash transfers paid directly into the bank accounts of the neediest. Hundreds of millions of the poor must open bank accounts, which is all to the good, because it will bind them into the modern economy. Care must be taken so mothers rather than feckless fathers control funds for their children. But most poor people, including anyone who wants to move around, will be better off with cash welfare paid in full. Vouchers for medical or education spending could follow.

Most amazing to me is their statement that the poor are fairly enthusiastic about the scheme, while most opposition comes from government functionaries. It makes sense, since they do make the point that cultural standards about privacy are quite different when you're living ten to a room, and that the government officials are not-uncommonly scamming money via "ghost" workers, but I was still surprised.

It sounds like a true success, but it's also solving an entirely different set of problems than we face in the US. And when those problems are solved, this will be a case to keep an eye on, to see just how the state handles this information.

Dimmerswitch wrote:

Most amazing to me is their statement that the poor are fairly enthusiastic about the scheme, while most opposition comes from government functionaries.

Indian government officials are renowned for their ability to extract a bribe. That's why web sites like I Paid a Bribe exist and there's a massive anti-corruption movement going on.

Yes, the corruption of Indian officials is legendary.

I was still surprised that the support/opposition roles were reversed compared to the US, though it makes total sense after reading the article.

South Carolina has filed suit against the Justice Department rejection of it's voter id law. Now, a study of the claims made of 950 dead voters voting has released it's initial results, after analyzing 207 of the cases. None of them were attributable to voter fraud.

In its review, the election commission found 106 cases of clerical errors by poll managers — such as marking that John Doe Sr. had voted when it was really John Doe Jr. There were another 56 cases of what the commission called "bad data matching." It said that the DMV used only a voter's Social Security number to match their names against death files, and that produced incorrect matches. The commission says there's no evidence that the voters are in fact dead.

Of course, there are nearly 750 records to go. South Carolina has about 2.5 million registered voters (the number is from 2007), so let's say 1,000 allegations of voter fraud would be 1 in 2500 voters, or (since about half of them or less actually vote in most elections) maybe 1 in 1250 votes cast. If you believed that, it would be a .08% rate of fraud - a margin that would trigger a recount if it actually shifted an election result, because that happens when vote margins are less than 1%.

And that's the absolute, can't be true by the numbers worst case. What this says is that the current system *works* in South Carolina. Now, if they find 750 cases of fraud in the remaining 750 or so, that would set off my alarms. But the fact remains that even with *no* changes, the claimed level of voter fraud is entirely - by a factor of 12 - compensated for by the current system of recounts and identity registration and checks.

Why should they spend money to fix a problem that does not affect outcomes? Isn't that just growing government for no good reason?