What the hell? Is it April 1st somewhere on the planet? On 1/7/2011 11:51 PM, Paul Ferguson wrote: > FYI, > > - ferg > > > ---------- Forwarded message ---------- > From: Richard Forno<[email protected]> > Date: Fri, Jan 7, 2011 at 2:10 PM > Subject: [Infowarrior] - Internet Identity System Said Readied by > Obama Administration > To: > > > Internet Identity System Said Readied by Obama Administration > > January 07, 2011, 7:10 AM EST > > By James Sterngold > > http://www.businessweek.com/news/2011-01-07/internet-identity-system-said-readied-by-obama-administration.html > > Jan. 7 (Bloomberg) -- The Obama administration plans to announce today > plans for an Internet identity system that will limit fraud and > streamline online transactions, leading to a surge in Web commerce, > officials said. > > While the White House has spearheaded development of the framework for > secure online identities, the system led by the U.S. Commerce > Department will be voluntary and maintained by private companies, said > the officials, who spoke on condition of anonymity ahead of the > announcement. > > A group representing companies including Verizon Communications Inc., > Google Inc., PayPal Inc., Symantec Corp. and AT&T Inc. has supported > the program, called the National Strategy for Trusted Identities in > Cyberspace, or NSTIC. > > “This is going to cause a huge shift in consumer use of the Internet,” > said John Clippinger, co-director of the Law Lab at Harvard’s Berkman > Center for Internet and Society in Cambridge, Massachusetts. “There’s > going to be a huge bump and a huge increase in the amount and kind of > data retailers are going to have.” > > Most companies have separate systems for signing on to e- mail > accounts or conducting secure online transactions, requiring that > users memorize multiple passwords and repeat steps. Under the new > program, consumers would sign in just once and be able to move among > other websites, eliminating the inconvenience that causes consumers to > drop many transactions. > > Fewer Passwords > > For example, once the system is in place, Google would be able to join > a trusted framework that has adopted the rules and guidelines > established by the Commerce Department. From that point, someone who > logged into a Google e-mail account would be able to conduct other > business including banking or shopping with other members of the group > without having to provide additional information or verification. > > Bruce McConnell, a senior counselor for national protection at the > Department of Homeland Security, said NSTIC may lead to a big > reduction in the size of Internet help desks, which spend much of > their time assisting users who have forgotten their passwords. Because > the systems would be more secure, he said, it may also result in many > transactions that are now done on paper, from pharmaceutical to real > estate purchases, to be done online faster and cheaper. > > A draft paper outlining NSTIC was released for comment by the White > House in June. > > ‘Who Do You Trust?’ > > “NSTIC could go a long way toward advancing one of the fundamental > challenges of the Internet today, which is -- Who do you trust?” said > Don Thibeau, chairman of the Open Identity Exchange, an industry group > based in San Ramon, California, representing companies that support > development of the new framework. > > “What is holding back the growth of e-commerce is not technology, it’s > policy. This gives us the rules, the policies that we need to really > move forward.” > > The new system will probably hasten the death of traditional > passwords, Clippinger said. Instead, users may rely on devices such as > smartcards with embedded chips, tokens that generate random codes or > biometric devices. > > “Passwords will disappear,” said Clippinger. “They’re buggy whips. The > old privacy and security conventions don’t work. You need a new > architecture.” > > Secure, Efficient > > Development of a more advanced security system began in August 2004, > when President George W. Bush issued a Homeland Security Presidential > Directive that required all federal employees be given smartcards with > multiple uses, such as gaining access to buildings, signing on to > government websites and insuring that only people with proper > clearances would have access to restricted documents. The system was > intended to be more secure and more efficient. > > The Obama administration advanced the process when it issued its > “Cyberspace Policy Review” in 2009. One of the 10 priorities was the > security identification system. > > The federal government is facilitating what it calls a “foundational” > system in two ways. It is developing the framework for the > identification plan, and it will make a large number of government > agencies, services and products available through the secure system, > from tax returns to reserving campsites at national parks. > > “Innovation is one of the key aspects here,” said Ari Schwartz, a > senior adviser for Internet policy at the Department of Commerce. > “There’s so much that could be done if we could trust transactions > more.” > > Schwartz said use of the system, once companies voluntarily choose to > participate, may spur a range of efficiencies and e- commerce similar > to the way ATM machines transformed banking, opening the way to a > growing number of services little by little. > > Privacy Concerns > > Civil libertarians have expressed concern that the system may not > protect privacy as well as the government is promising. > > “If the concept were implemented in a perfect way it would be very > good,” said Jay Stanley, a senior policy analyst for privacy and > technology at the New York-based American Civil Liberties Union. “It’s > a convenience. But having a single point of failure may not be good > for protecting privacy. The devil’s really in the details.” He said > the ACLU would “vehemently oppose” anything that resembled a national > ID card. > > Aaron Brauer-Rieke, a fellow at the Center for Democracy& Technology > in Washington, a civil liberties group, said it was important that the > system would be operated by private companies, not the government. He > said he was concerned about how the data on consumer online > transactions would be used. > > “New identity systems will allow moving from one site to another with > less friction and open up data flows, but might also enable new kinds > of targeted advertising,” he said. “We have to make sure privacy > doesn’t get lost in this.” > > Schwartz and McConnell said the new system wouldn’t be a national > identity card and that companies, not the government, would manage the > data being passed online. > > “There will not be a single data base for this information,” McConnell said. > > --Editors: Elizabeth Wollman, Joe Winski > > To contact the reporter on this story: James Sterngold in New York at > [email protected] > > To contact the editor responsible for this story: David Scheer at > [email protected]. > _______________________________________________ > Infowarrior mailing list > [email protected] > https://attrition.org/mailman/listinfo/infowarrior > > >
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
