Monday, 3 November 2008

I have elsewhere identified the major source of savings that could be 
made in state expenditure without inconveniencing anybody at all.

These are the grandiose NHS Computer system which the profession do 
not want and which has failed  though the government refises to 
asdmit this and goes on with throwing good money after bad.  It might 
eventually cos £30 billion - a staggering sum.

Now here is a complete reason why the whole ID card scheme should 
also be scrapped, saving a minimum of £15 billion.  IT IS NOT SAFE!

The two could provide up to £30 billion in savings too.

xxxxxxxx cs


GUARDIAN   Comment is Free  3.11.08 .
Gordon loses it
As the PM admits that the government cannot guarantee data security, 
going ahead with ID cards means he's lost the plot too

 David Davis


There can be few more astonishing confessions in modern politics than 
the prime minister's admission on Sunday that the government is 
unable to guarantee the security of our personal information on the 
state's databases.

This admission shatters all the previous claims that the government 
has made that its obsession with creating vast databases can in any 
way improve the safety and security of the citizen.

Of course, he had little choice. Since the government first proposed 
the mother of all these databases, the ID card register, barely a 
month has passed without some monstrous data loss. It started with 
25m tax credit records, went through innumerable lost laptop 
computers, included everybody from civil servants to ministers 
leaving records in trains, pubs and restaurants, and concluded this 
week with a lost flash drive compromising the security of the 
government's entire Gateway system.

Soldiers' lives, our bank account, tax, passport and driving licence 
details, even the addresses of children, have all been compromised by 
these failures.

When the government first proposed the ID card and its associated all-
singing, all-dancing database, the national identity register, many 
of us thought they were naive. In particular, we thought there was a 
serious strategic weakness at the heart of the idea, a flaw known 
colloquially as the "honey pot problem".

This is a recurrent problem with large databases that contain 
valuable data. Because they are so valuable, they attract the 
malevolent attention of large numbers of hackers, fraudsters, 
criminals and even terrorists. Under sustained attack, even such 
sophisticated organisations as Microsoft and the Pentagon have 
succumbed, so what chance the Home Office?

Even the governments' fiercest critics, however, assumed a basic 
level of competence on the part of the government; an assumption that 
now looks seriously flawed.

Perhaps we should have known better. As well as the honey pot 
problem, there is another difficulty that applies to these vast 
government databases. To do their job, these databases have to be 
accessible to many people.

Whether it is the NHS database, the various children's databases, or 
the national identity register, they can only work if they have 
thousands of access points. If the government cannot protect one 
laptop or one flash drive, what chance a system with over ten 
thousand terminals?

When we were first discussing the ID card system with the senior 
police officers with most responsibility for the system, l asked them 
what plans they had to deal with anybody using virus programmes to 
compromise the system. It was embarrassing. They did not have the 
first idea. Indeed, up until that point, they had clearly not even 
realised that such a possibility existed.

And there lies the difficulty. Faced with intractable problems with 
political pressure for a solution, the government reaches for a 
headline grabbing high-tech "solution". Rather than spend the 
resources, time and thought necessary to get a real answer, they 
naively grasp solutions that to the technologically illiterate 
ministers look like magic. And most ministers are very illiterate 
about any serious technology.

So what we get is a form of magic, but one that is of most use to the 
dark side of our society. Many of us have worried about the state 
deliberately misusing the vast quantities of data that they hold on 
us. That problem is still there. But perhaps it will turn out that 
the biggest threat to our society in these enormous databases is that 
the government will be the unwitting, indeed witless, accomplice, to 
every hacker, fraudster, sexual predator, criminal or terrorist that 
would like easy access to all our details. That, far from protecting 
us all against identity theft, the state, with its grandiose 
projects, will be its biggest facilitator.