Inside Germany's Plan To Kill Online Registrations (cnn.com) 140
An anonymous reader writes: Germany's corporate giants are promising a brave new future in the form of a single account -- one that will let you do your online shopping, get a flight and rent a car, all with no more registrations or repetitive passwords. Deutsche Bank (DB), Germany's biggest bank, announced Monday it's teaming up with other big firms to create a new company that will create the service. Users would enter their ID details just once before they can make all their online purchases across multiple sites. The partners -- which include Mercedes-Benz maker Daimler, insurer Allianz and publisher Axel Springer -- hope other firms will sign up to their vision. They're calling it a "pan-industry platform for online registration, e-identity and data services." The program could eventually be expanded to include government services. For example, drivers could apply for a new license through the system before their old one expires. The partners expect the program will be running in Germany by mid-2018, and they stressed it will be "secure" and comply with all European Union data protection rules.
Great idea... (Score:5, Insightful)
And then once you have universal registration - you can be tracked all over the internet with ONE ID - including all your political commentary!
Commercial use (Score:4, Informative)
you can be tracked all over the internet with ONE ID - including all your political commentary!
Technically, this effort (like lots of other similar efforts in the past) aren't targetting forum, but mostly on-line shops, and e-government platforms.
- i.e.: things where you already need to identify with your real-world ID for obvious reasons. (e.g.: Because the goods need to be delivered to you in person).
They are all platform who already know you, and could (if they wanted to put the effort and collude together) trace you.
You're confusing with OAuth and OpenID platforms (like Google, Facebook, etc.) which are targetting forums.
Re:Commercial use (Score:5, Insightful)
Sure.
Technically it never starts out that way. Just some good intentions. That's how these laws work. A frog will always jump out of a hot pot - you just put the frog in cold water and turn the heat up slowly over time.
Nobody would buy into an internet ID # scheme that would track you everywhere because nobody wants to be traced. You just start with a government ID used for shopping and eGovernment. How could that possibly be evil? It's just one ID for all your government services. And shopping. It'd be really great to use this for shopping. And health services. We already need a central repository for our health records so it should be there too. Oh and hey all of our banking accounts should tie into this too. Its convenient and it really helps government crack down on crime. Well now that we have you spending habit it'd be a good idea to give you tax credits on your health if you eat buy healthy food instead of junk food. While we're at it you should use your to register your car too and the auto insurance associated with it. Oh hey, your driving record says you speed so that should affect your government health tax credits too. In fact now that 80% of the internet uses your ID we should roll it out for Hulu and forum services too, as a convenience and let Facebook tie your account to it too.
Oh hey since we have IDs tied to facebook we can finally solve this troll problem. In fact we should require your government ID to be used to login to Facebook to verify it because everybody agrees hate speech needs to be properly penalized.
And that's how it works Charlie Brown.
Re: (Score:2)
The problem is data sharing not ID confirmation (Score:2)
You just start with a government ID used for shopping and eGovernment. How could that possibly be evil? It's just one ID for all your government services. And shopping. It'd be really great to use this for shopping. And health services. We already need a central repository for our health records so it should be there too. Oh and hey all of our banking accounts should tie into this too.
These are all service that already need to know who the real you is.
Even if there's not a simplified "Internet ID" scheme, they already know who you are, by virtue of how they work.
They all need to know that their client ID#xxxxxx is the real person Mr/Mrs. Yyyy Zzzzz.
Its convenient and it really helps government crack down on crime.
Huh ? How does it help government crack down on crime ?!
It's mainly a simple way by which they can confirm the real identity of a person.
The only thing remotely related to crime, is that all the above administrations and shops will be less com
Re: (Score:2)
You do realize how easy and 'logical' (to state bureaucrats) it is to extend this to forums and everything else, right? First they'll make it optional and then they'll mandate it.
Re: (Score:2)
Re:Commercial use (Score:4, Informative)
And so will the American [reason.com] Left [dailywire.com] — fans of German government since 1930-ies [louderwithcrowder.com].
Re: (Score:2)
Why would there even be a myth in the first place that someone whose political party was called 'the national socialists' was somehow not a liberal?
Re: (Score:1)
aka: no XD YOU'RE the real racist
great news everyone: political ideology is now measurable exclusively along the axis of individualism/statism. the american left also apparently immensely admires christian fundamentalism and the statism that comes with it.
Re:Commercial use (Score:4, Insightful)
What other dimension would you propose? The second it becomes Ok for the Glorious/God-fearing/Hardworking Collective/Commune/Community to trump the Weird/Apostate/Cantankerous Individual, oppression flourishes and life begins to suck. For everyone.
Re: (Score:1)
Most measures of political ideology include a individualism/statism axis as well as a conservative/progressive social axis.
It is as valid to equate what the western world considers "leftist" ideology to the third reich as it is to say that american democrats really actually want the same thing as christian conservatives. Both advocate statism, one advocates it as a vehicle for a taxation/wellfare scheme similar to the rest of the western world, the other advocates it as a vehicle for systematically enforci
Re: (Score:3)
And then there is paypal for payments. So it all exists, and I am not really sure what is novel in this approach, except that it is happening in Germany (and supposedly linked to your government issued ID card).
Re: (Score:2)
Thanks...but no thanks.
I'll register for the service I want, if I want, when I want.
I have separate IDs for ALL my online activity, all linked to a pseudonym email and only use PayPal filled with Gift Card cash.
I'm sure someone can track me if they tried hard enough, but at least I can make it difficult for them.
In person (Score:2)
And probably do all the transaction where your actual real world identity is a requirement in person, I presume ?
(like filing your taxes)
Re: (Score:3, Funny)
At least they said it will be secure. That's a relief.
Re: Great idea... (Score:5, Funny)
Germany has never had any problems with overbearing governance, so stop the fear mongering and show me your papers, please.
Re: (Score:2)
Germany has never had any problems with overbearing governance, so stop the fear mongering and show me your papers, please.
But this isn't being proposed by teh Ebil Gubbermint, it's being proposed by nice, safe and friendly private enterprise. What could possibly go wrong, I'm sure banks (Deutsche bank) and insurers (Allianz) always have out best interest at heart and would never seek to abuse our private information friend. Now sit back and consume some non mandatory Cadbury confectionery and Delicious Coca-Cola Amtil beverages whilst watching your favourite dramas on your LG television.
In reality I cant see this working.
Re: (Score:2)
But this isn't being proposed by teh Ebil Gubbermint, it's being proposed by nice, safe and friendly private enterprise. ..
Jawohl!!!.. Giants of integrity like Volkswagen
In reality I cant see this working. They're trying to replace individual registrations with one giant registration. In theory it sounds great, but in reality it'll just be one more password you need to remember and another giant security nightmare.
Being as nothing on the Internet seems to be secure other than the US Treasury, Treasury Direct program which seemingly achieves security by being pretty much unusable, I imagine this will turn out to be just another attack vector.
Like we need more attack vectors.
Re: (Score:2)
Conversely, my credit-card provider will happily hand out ephemeral "ids", good only for a single use. Do you suppose they know something more about the trustworthyness of the folks who want to send them a bill than this company does?
If they start up, I'm starting a company to offer them fraud insurance, for a shatteringly high fee.
Re: (Score:2)
Conversely, my credit-card provider will happily hand out ephemeral "ids", good only for a single use.
Intresting enough, anonymous or pseudonymous IDs are already features of the new electronic ID card (along with verified ID and anonymous age verification) and if for the sake of the argument we could assume the German beurocrazy as a trustworthy root, they did lots of things right from design perspective and could probably put OAuth to shame.
But still, no one is using it
And I'm not expecting anyone to use the next me-too product (both users and services) if even mandatory ownership of a secure access card
Re: (Score:2)
I suspect the part they've fallen down on is fraud.
I recently worked for a start-up, and 1/3 of our gross income was sucked up by our (North American) payment processor, who charges about six times more than a European processor who we'd have loved to use. Five sixths of the difference was purported to be handing and ensuring us against fraud.
Only a Matter of Time (Score:5, Interesting)
Gonna happen eventually. Trusting your online identity to Google or Yahoo or some outfit that may go bankrupt someday is becoming more and more stupid, in a world where having a persistent, secure, accountable and trustworthy e-mail account unique to you is becoming essential to pay your bills, do your taxes, get your Medicare, and other plain life stuff. People are afraid of government, sure, but Google or Microsoft or AOL/Verizon do not owe you an e-mail account, and can probably shut it down any time they want (you ain't paying for it, for example, and if they go bankrupt, who ya gonna sue to pull it back from backups?) Smart guys can roll their own servers, of course, or work for a university their whole life. But that's still no guarantee that their e-mails are coming from then - the server gets hacked and someone uses it to steal your tax return, there's nobody to turn to.
I see a national e-mail account as an inevitability, like getting a passport, run by the Post Office for example, as soon as government don't wanna pay for letting people do business any other way (like paper). Just a matter of when. Maybe not soon, but someday.
Re: (Score:2)
Re: (Score:2)
No, numbers on arms would be inefficient. Tatooing 2D barcodes on people's foreheads; now there's efficiency.
Re: (Score:2)
thats exactly what its for.
Re: (Score:2)
Re: (Score:2)
You can be tracked easily across the internet anyway.
However, with the new Deutsche Bank system, you can also be hacked easily across the internet.
One Ring to Rule them All (Score:3)
Re: (Score:1)
SSO? For the entire internet? What could possibly go wrong?
I'm announcing My new company SSOSSO (Score:2)
I'm announcing a company whose service will be to hold the passwords to all your different and incompatible "universal" password holders. It' will be called single-sign-on-single-sign-on or SSOSSO
obligatory xkcd (Score:3)
https://xkcd.com/927/ [xkcd.com]
Who actually believes that any of these "one standard" things REDUCE the number of different accounts you have to have?
Re:obligatory xkcd (Score:4, Funny)
The good old 927. Anybody who've been in IT for a few years probably know that number by heart by now.
Re: (Score:2)
I'll shamefully admit that, although I had memorized the content of the comic, I did have to google the number.
Re: (Score:2)
That and 538 tend to answer many, many items that pop up in IT discussions.
Re: (Score:2)
538 - hahahahaha
It like the old meta-joke where people know all the jokes so well, they give them numbers.
https://www.reddit.com/r/Jokes... [reddit.com]
http://www.realnothings.com/fa... [realnothings.com]
Re: (Score:2)
Re: (Score:1)
Oh, these systems work just fine if the powers-that-be all cooperate to make it happen.
The problem is that this is not something anyone that cares about privacy should want or encourage. It's too easy for the powers-that-be or governments to intentionally abuse and when it is compromised by criminals the damage is likely much worse than today's login systems..
There is a place for federated/one-keyring-to-rule-them-all logins. Many companies use them so you don't have to log into otherwise-unrelated databas
When foreign keys are actually foreign (Score:2)
Estonian ID card / mobile identification works pretty well. Any service can do an API call to the national system [...] Most buy/sell forums demand ID card identification to avoid fraud.
How do such forums handle buyers and sellers not from Estonia?
Re: (Score:2)
They need to become e-residents:
https://www.theguardian.com/wo... [theguardian.com]
Re: (Score:2)
Re: (Score:2)
It's more that half the websites that want you to do so, have no valid reason to need it.
If I'm trying to read your pointless blog, I'm not going to "Sign up", but I might "sign in" if it didn't involve all my personal details being transferred to you.
Re: (Score:2)
Along with the same password on each website?
That's the point where SSO comes into play.
The New Privacy Plan (Score:2)
I'll keep what tiny bit of privacy I have left
It's pretty obvious we have essentially no privacy now, and what little there is left will be gone soon.
So the answer to that problem, is spurious data. If no-one can be sure the data is really you, then you are back to having privacy...
So the solution is to program a bot to randomly browse the internet, sign up for accounts, and post things. You have no control or visibility into what the bot is doing, it just does things in the background.
Then if someone acc
Re: (Score:1)
See Track Me Not : https://cs.nyu.edu/trackmenot/ and Ad Nauseum: https://adnauseam.io/ .
They do exactly what you are suggesting.
I personally think that they could use some work. I'm trying to make improvements, and I suggest that other developers here do the same. Source is available at https://github.com/vtoubiana/TrackMeNot and https://github.com/dhowe/AdNauseam/)
Great! (Score:3)
I'll put it in a pile with all my other pan-industry platforms for online registration, e-identity and data services.
Obligatory XKCD link omitted because everybody's seen it. Really. Everyone on the internet. Don't bother.
What's so wrong with OpenID (Score:3)
Haven't we been down this road several times before?
How come no one thought of this before? (Score:5, Insightful)
Oh wait, they did. It didn't work out because it is not as great of an idea as it sounds at first.
You have one logon for ALL of your online accounts. That's great only one ID and password to remember to get access to everything you do online. Of course, that also means only one ID and password to hack for someone ELSE to get access to all of your online accounts. Then once they do, aside from the losses you might take from the hack, how do you get your account back?
Re: (Score:3)
That's not actually the biggest obstacle to this. The real problem is that too many websites think they're more important than that. In fact, many think they're so important that they have their OWN single sign on for other websites to use.
The end result is that there is never wide enough adoption of this for it to actually work out the way it's planned, and the average person never finds a "single sign on" that works for more than 1-2 sites out of the dozens upon dozens that they use.
Re:How come no one thought of this before? (Score:5, Insightful)
A related problem is that whoever sponsors the single sign one that become THE single sign on will forever after have a competitive advantage over their direct competitors in whatever their business is. The result being that those competitors will not sign up for it (for good reason).
Re: (Score:2)
Re: (Score:2)
Of course, that also means only one ID and password to hack for someone ELSE to get access to all of your online accounts
The advantages of centralizing credential validation far outweighs the disadvantages you mentioned:
1. Most people already use the same username and password for most of their accounts
2. Currently these 3rd parties are getting their databases hacked hence, accounts are hacked. With centralized account management we can apply very strong security to minimize such instances.
3. With only one service to cater to, devices can run anti logging software (such as what some banks have you install to avoid account the
Re: (Score:3)
Of course, that also means only one ID and password to hack for someone ELSE to get access to all of your online accounts
The advantages of centralizing credential validation far outweighs the disadvantages you mentioned:
1. Most people already use the same username and password for most of their accounts
2. Currently these 3rd parties are getting their databases hacked hence, accounts are hacked. With centralized account management we can apply very strong security to minimize such instances.
3. With only one service to cater to, devices can run anti logging software (such as what some banks have you install to avoid account theft via key logging)
Off course having your account stolen is going to be a huge problem but it already is for most as mentioned in #1.
Err... I have to disagree...
Re: (Score:2)
Re: (Score:2)
Even though most people already have the same username and password, it does not mean all people do. Also, you exaggerate the number of "most people" by the way. If you said "more than half" then I could agree with,
I meant majority of people reuse the same username and password.
but it is still irrelevant. Because majority of people do not follow or understand security, does not mean we all have to adjust to their less secure way./quote>
It's not irrelevant if even 30% of people do it. And yes we have to adjust if there is that much failure and the failure points are obvious.
Let say you have implemented an unhackable system. Let's say a mother gives her ID and password (and whatever your system requires) to her daughter to do some online shopping for her. Then later on, the daughter does the online shopping without the mother's permission. How could your unhackable system prevent that? I'm not talking about how to catch her misbehave, but I'm pointing directly to your argument about "strong security" perspective
If you give your username and password the problem is there regardless of solution you put in place I suspect the same user is the one that uses the same credentials for all his accounts. The current system is so convoluted and complicated that the non technical user just can't care to learn it. Click button and get moving. With a well rounded technology and processes we can simplify this to the point where grandma gets it. Remove the complications, then educate is what I think we need to do.
Please look back at #2. If someone could steal crucial information to log in, it is extremely difficult to distinguish who is who. Sometimes, you may be able to find out, but it is usually too late because all other information/asset have been stolen/sold already.
But that is true of all current account management systems and to top it off they don't usually have the expertise to do it right the first 15 times. With expertise in one place and a well rounded system it's less of an issue and easier to educate users on. With a centralize system you apply good password practices combined with "through device validation". These types of systems are known to be very strong.
Centralized data is good for convenience, but it goes opposite way of security
Simplicity to users has always resulted in lowered risk. Cars, tools... the list goes on. When you simplify use you reduce risk. This will be true of security as well.
Re: (Score:2)
I agree that simplicity could reduce risk; however, it is correct if and only if you are talking about its own aspect. However, changing from one stage to the other, regardless make it more complicated or simplified, does not guarantee that the change will not introduce any critical flaws. In this case, it obviously gives users an ease to do stuff (convenience), but at the same time it introduces an ease abusing data in various ways. Does this centralization really simplify security? I don't think so. They
Re: (Score:2)
Users will be more willing to deal with slightly more complicated authentication if the process is the same across the spectrum of accounts needed to be accessed. If the users don't understand the importance of protecting their data, both scenarios are doomed so for that reason better have the simpler system which has a chance of avoiding breaches and a better chance of being fully embraced by users.
Re: (Score:2)
Users will be more willing to deal with slightly more complicated authentication if the process is the same across the spectrum of accounts needed to be accessed. If the users don't understand the importance of protecting their data, both scenarios are doomed so for that reason better have the simpler system which has a chance of avoiding breaches and a better chance of being fully embraced by users.
In reality, user will lose trust once even a small wrong thing happens, and then they will reject it. Also, your argument doesn't invalidate what I said in my previous post -- simpler is not equal to more security or even easier maintenance because it could introduce more worse situations that would be more difficult to handle.
Re: (Score:2)
In reality, user will lose trust once even a small wrong thing happens
I guarantee that isn't true. Credit cards are a great example. Many get defrauded yet many continue to use it.
simpler is not equal to more security or even easier maintenance because it could introduce more worse situations that would be more difficult to handle
Let me ask you this. Who's data security do you think will be better?
A) Company who needs a credential validation for users to authenticate to access what they sell (services or goods)
B) Company who's business is to be the best at user authentication, specializes in fraud detection and fraud counter measures
Considering that a majority of users use the same credentials for most of their accounts it's
Re: (Score:2)
At some point, reducing points of failure hits diminishing returns if the result is one big catastrophic failure point. If someone hacks an email account, he just has access to that. Even with some password recycling, the benefit of separate systems isn't completely negated because the attacker only has some idea where the victim has accounts or what the usernames might be. With single signon, the attacker gets everything that authenticates against it and he knows he's got the keys to the victim's entire ki
Re: (Score:2)
Oh wait, they did. It didn't work out because it is not as great of an idea as it sounds at first.
Except that a huge swath of Intertube Serfs do exactly that with Facebook Login.
Re: (Score:2)
It doesn't have to be done this way.
In Sweden, we basically have that. We put our "person number" in the website and then it opens an identification request on our mobile phone (you can also use a desktop plugin). Proper 2FA, no stupid password to put on the website.
That's what I use to declare my taxes, use the local eBay, apply for a customer credit when buying something expensive online, connect to my bankS websites and also approve direct money transfers to friends through their phone number (so one pay
Re: (Score:2)
What could possibly go wrong? (Score:5, Insightful)
Talk about too many eggs in one basket! This is hoarding everyone's most precious eggs into one giant egg silo!
Not to mention this is almost THE nightmare account in terms of online privacy: one account for everything, linked to your real name through government ID. It could only be worse if it were controlled by a corporation rather than a government...at least you should be able to vote to keep marketers out!
I like it (Score:1)
One account, one login, one password. If it gets hacked or compromised, you only have ONE place to fix it. This is great for privacy and identity theft prevention. What we have now is multiple points of vulnerability, and to fix any one of them requires different avenues of detection, notification and policies. Can they track you? Of course, but right now they do that already. If you are paranoid, you could even make this ONE account a fake one, and drop out!
Re: (Score:2)
You have one place to fix the weak login specifically, but ALL of the damage is already done and you'll have to fix things in many more places. It's better to compartmentalize things so that if someone breaks into your car rental shop's online login they can't transfer money out of your bank account, steal your airline travel information, and order $5k of dildos and lube to your house with same-day shipping, for example.
Re: (Score:2)
if someone breaks into your car rental shop's online login
If implemented properly, breaking into that system will get you just the token used to identify the user on that one system. And ideally, the actual authentication to produce that token would only take place on the centralized system's servers. The most breaking in would get you is a chance to create a realistic looking attack to steal credentials later.
Re: (Score:2)
For the system to work this way, people would have to be harangued to re-enter their password when moving across different parts of the system, basically recreating the problems of early versions of Windows UAC on the web. And this would still only compartmentalize server-side exploits - a stolen password would still take everything in one fell swoop. It would be vastly worse than having your email account broken into under the status quo. Otherwise there has to be a publicly-accessible "central point of fa
Shaking my head (Score:1)
Re: (Score:2)
If there was no danger of identity theft, then it would work. But with high unemployment or low wages, it's a high risk.
Norway do this with their folk-register. Everyone registers their name, SSN number with a home/mail address. This is used by banks and mail order companies. You can opt not to use this address with each company, but it saves time in filling in online forms and validating ID.
Just what the hackers wanted (Score:1)
Let's help the hackers! All they need to do is hack a single account, and they get access to all of the linked accounts! Isn't technology great!
Any institution that participates in such idiocy would not get any of my business, that's for damn sure.
Really evil idea (Score:4, Insightful)
This isn't killing registration, it's REQUIRING one. A really horrible one.
It is like facebook, only forcing people to use it - FOR EVERYTHING.
It's not just the end of online anonymity, it's the total destruction of what remains of privacy.
Look, I do NOT want to use the same ID for my Medical history for ANYTHING. No one should be able to know what ointments I am getting or for what, just because I sent them an email.
People have a right to privacy, even if most morons ignore it.
Protect the children from this evil thing. (Score:2)
The children need to be protected from this idea, not with this idea.
What could possibly go wrong???? (Score:1)
Just saying.
United States Post Office (Score:2)
As such, I have been pushing through manager levels to get them to start handling User Certificates.
This is not just useful for buying, but twitter,facebook, even slashdot could treat positively IDed ppl different than those that are true ACs.
The hard part is getting a group that knows how to handle IDs, as well as has offices all over the US.
Re: (Score:2)
I applied for my passport at the municipal registrar office, and as far as I know, they're actually issued by the state department, not the post office.
You show a bunch of ID, they take your picture and send it off with your birth certificate to the state department who then does something mysterious and then issues the passport.
Strangely, when I applied for Global Entry I had to do it all over again, but starting with my passport. But sure enough, they took another photo, a set of finger prints, an interv
666 (Score:1)
Revelation 13 ;-)
17 And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.
18 Here is wisdom. Let him that hath understanding count the number of the beast: for it is the number of a man; and his number is Six hundred threescore and six.
Single Point of Failure (Score:1)
No thanks. I prefer unique passwords for each site as a firewall should one or more become compromised.
has been possible for decades (Score:2)
we always had a social insurance, social security, or other unique ID that could have been used with open access to government databases. We could have had this at any time since the dawn of the internet. retail stores could have accepted any government id as contact information and/or payment for well-over a century.
credit cards, debit cards, bank information, drivers' licences, social insurance numbers, social security numbers, tax filings, incorporation documents -- any one of them could have been open
Hackers rejoice... (Score:1)
SubjectIsSubject (Score:2)
Oh Hell No (Score:2)
New division name (Score:2)
What could possibly go wrong? (Score:1)
That's bullshit (Score:4, Informative)
Hello from Germany here.
It's the first time ever i heard from it. So i believe there is some initiative, but that does not mean, that this is "Germany's plan".
It's just another corporate dream. Or like our politicians tell us "the internet is new land for all of us" (Angela Merkel).
We have a thing, which is the ePerso (electronic identification built into our identity card), which nobody uses either.
In theory it can do a lot of cool stuff, including ideas like providing a pseudonymous identity to websites which is backed by a real identity you do not need to reveal, which should be able to be used to authorize for official tasks for tax and others and provide some more things.
In reality nobody is using it, nobody is implementing it and the people able to use such techie-stuff know the problems with it and are a bit paranoid (they may have a cause) about what the government may be able to do with it, when it gets established.
Back to the article: BULLSHIT. Nobody is killing online registrations, some companies are just trying to reinvent something again in ambitious ways. They may be soon some headlines about it then everybody forgets it again.
Had seen this somewhere... (Score:1)
Re: (Score:1)
Sounds like a poor version of the Dutch system (Score:3)
The banks in the Netherlands use a system called iDEAL which is used for online transactions. It is run through banking website and uses a challenge and response system combined with the presence of a user's bank card.
They branched out recently to create a new side system called iDIN. The premise is also simple: If a bank can already authenticate a person for the purposes of transactions, why not also do it for web logons? I'm starting to see many services adopt it, starting with the government and tax department which now give you the option of logging in with your government login (DigiD) or iDIN.
All that is fine providing it's restricted to services who absolutely have to positively identify me. Facebook and the like can fuck right off if they are thinking of adopting something similar.
This is "BTX" reloaded - do you remember? (Score:2)
Of course, it was also impo
the whole world should do it (Score:2)
No, it will not be secure (Score:2)
For this it is far, far too lucrative to compromise it.
Just think: An ID that lets you basically take over the life of someone else. There is no way you could possibly keep this secure. Even if I have to throw near infinite resources at it to compromise it, it's worth it.
This cannot be made secure. And anyone with a hint of a brain cell between his ears would try to stay away from using something like this for as long as it is humanely possibly.
I hope this is only for Germany (Score:1)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)