|Whitehouse drafting plan for ecommerce security|
the government is aiming to set up a system to create certified profiles.
From cnet [news.cnet.com]:
|Releasing a draft of the potential new National Strategy for Trusted Identities in Cyberspace (PDF) last Friday, the government is aiming to set up a system that would let people voluntarily create trusted identities to use in online transactions. |
From the Government PDF:
|The [proposed] Strategy defines and promotes an Identity Ecosystem that supports trusted online environments. The Identity Ecosystem is an online environment where individuals, organizations, services, and devices can trust each other because authoritative sources establish and authenticate their digital identities. |
Enter the internet police. This is such a huge undertaking and I'm not sure how effectively the US government will handle this considering the world-market we live in. Also, can you imagine the impact if the central database is hacked?
The Government is asking for input from the public at this site: [nstic.ideascale.com...]
So all you have to do is hack someone's Ecosystem identity and then you're good to go. Everyone's e-commerce filters will be off for you and you can rack up all kinds of havoc until someone notices.
I think it's an inevitable move. There are serious potential problems, but we're headed for some system of Internet accountability, either in the immediate future or eventually.
It started out like the Wild West - first come the intrepid explorers, then the creative innovators, then eagerly come one, come all.
So at first the Internet was rule-free and anonymous, but as more and more "regular" people flocked to build stuff online, more security was needed, because, well, because that's what people do - attend to their safety as a social unit once the whole crowd gathers.
That's going to continue, and as our commercial and social infrastructure moves from the shrinking bricks and mortar to the nearly unlimited virtual territory, people are going to have to form some kind of trust standard. And it starts with knowing who you're dealing with.
And yes, until it's had time to be honed, deception and crime will happen all too easily.
And yes, it's very big brothery and potentially sad and scary, depending on its implementation, and people will fight it tooth and nail, and I don't blame them. I'm just making projections, not offering an opinion.
OK great, I was hoping there would be an easier way for the government to track literally *everything* I do. Personally I'm in favour of taking care of my own security, when you do that you have to think for yourself, and that's no bad thing.
"Government regulated" creates a false sense of security. Bernie Madoff and Kenneth Starr were both registered and regulated by the SEC. Allen Stafford had the SIPC logo all over his business cards and stationary. Nothing in this country is more heavily regulated than the financial sector, and did it help protect the consumers who were the victims of these guys? NO - in fact, for many it had the complete opposite effect.
The fact that these guys were "government approved" is DIRECTLY RESPONSIBLE for many people investing their money there. If someone tells you they can grow your money at 1% per month no matter what the market does, it sounds like a scam no matter how stupid you are when it comes to finance. But BECAUSE they were regulated and proudly displayed their government-approved logos, people threw logic out the window and assumed it was legit.
The results of this would be no different.
Security is a personal responsibility. It's your job not to lose your wallet, and likewise it's your job to do a little homework before buying online. The only weapon against fraud is an educated consumer, period. If you aren't an educated consumer, you will be a victim, and it's not the government's job to do anything about it. It's yours.
I don't think it necessarily or ultimately has to be handled by the government. It would need to be some form of a "body of trust." But the world's on the crux of big changes. I'm bemused when I think about what it might look like in fifty years.
I'll bet Google would be first in line to be that "body of trust."
I feel the same process you go through to get a SSL is all that is needed to prove your a legit business.
Will this reduce the amount of fraud well this is something to be determined. I do know one thing it will probably increase the price for those that sale this type of information, and increase the need for this type of information.
|I feel the same process you go through to get a SSL is all that is needed to prove your a legit business. |
I think the issue here is to (try to) create secure identities for individuals, not businesses.
I agree with SEOMike
|I'll bet Google would be first in line to be that "body of trust." |
If somebody can get hold of one ID, I don't see what would stop them from getting hold of a collection of IDs. Especially since the payoff is a lot bigger, so more motivation. The government needs to quit looking for quick fixes to things, and just start doing their jobs.
I've still got to finish reading the pdf from the government website and then I'll comment. Should be this coming Tuesday. I hope we don't treat this proposal in some light other than it's not meant to be seen, simply because we haven't read the proposed parameters.