Gutless loser MP's back ID cards

chikrodah · 30-06-2005, 10:08 AM

An existing contact management database that has this 'basic' level of detail on each of its 'customers' stores between 10 and 30kb of data on each customer. Part of the reason for the 'excess' sizing is due to the database configuration needing to be able to cope with multiple languages, some of which don't even use the western character sets.

100kb for a lifetime's worth of tracking doesn't seem excessive, and a smart card can easily support that anyway.

With respect, in my experience a small (400Gb) clustered database server would set you back a mere £25,000. I won't do the multiplication - my touch typing seems to be stuttering

ops: :? :wink:

arden forester · 30-06-2005, 11:00 AM

I think Bill Cash was right to point out that the Information Commissioner thinks this will lead to "a surveillance society". Quote from Hansard.

Quote:

Mr. William Cash (Stone) (Con): The hon. Member for South Derbyshire (Mr. Todd) referred to principles. Let me give him a principle as expressed by Abraham Lincoln: "Those who deny freedom to others, deserve it not for themselves."
When the Bill was debated in the previous Parliament, I, my hon. Friend the Member for Ashford (Damian Green) and about nine others marched through the Lobby with clear conviction and certainty to ensure that we registered our protest against the principle of the Bill. Second Reading, of course, is about the principle behind the reasons for producing it. On the previous Second Reading, I produced a copy of a book by George Orwell called "Nineteen Eighty-Four", and directed it to the attention of the Home Secretary. It refers to the "Ministry of Truth", in which, George Orwell says, "Freedom is slavery". That is what lies at the heart of these proposals. [Interruption.] I hear the Minister of State say "Rubbish" from a sedentary position. I heard him generating a certain amount of hot air and rubbish on the subject on the "Today" programme this morning or perhaps yesterday—it was in the past 48 hours.

The fact remains that the Information Commissioner has stated that the Bill has within it the seeds of a surveillance society. In the previous debate, I referred to the fact that he said that it represented a sea change in the relationship between the individual and the state. I have heard the Home Secretary rubbishing the Information Commissioner today. I heard another Labour Member talking about hysterical paranoia. I would like to call their attention to the fact that the Information Commissioner holds a status by Act of Parliament that is no less than that of the Clerk of the House of Commons, in that he cannot be removed from office unless there is an address by both Houses of Parliament. That is a very high status. Those such as the Home Secretary who are wont to describe the measured remarks of the Information Commissioner in such terms seem to be getting dangerously close to fulfilling the axiom of Abraham Lincoln's to which I just referred.

Over the past year or so, we have also noticed that this new Labour Government, in contradiction to what the Prime Minister used to say, have moved increasingly down the route of greater inhibitions on individual freedom. The Civil Contingencies Act 2004 is a good example, as it contained a provision that would enable the Government to repeal any Act of Parliament if they declared an emergency.

In 1995, when the Prime Minister was in opposition, he said: "Instead of wasting hundreds of millions of pounds on compulsory ID cards as the Tory right demand, let that money provide thousands more police officers on the beat in our local communities."

Tony Blair flipflops again! Can we trust the Chancer-in-Chief? :roll: :shock:

Hansard Link
http://www.publications.parliament.u...dx/50628-x.htm

Paul Birch · 30-06-2005, 12:11 PM

Quote:

Originally Posted by Aardvark

I think that Chikrodah is the one with the more accurate calculation.

60 million times one hundred thousand is six thousand billion, not 290 thousand billion. To get up to that level you'd need to be storing 5MB per person not 100kB.

Quote:

As he/she says this doesn't include the biometrics. The calculation changes quite markedly once biometrics are incorporated.

I could easily fit powerful biometric discriminators INTO phpbb_under 1kB, probably under 100 bytes. It certainly doesn't need 5MB.

Quote:

There is more to having a database than just putting information in store and leaving it. ... There will be 2-3000 new entries every day in perpetuity. ... To input all of this data will take a massive amount of time

Not really. Most of the data are already being input somewhere.

Quote:

This is not going to be run on a couple of dozen hard drives and to suggest so is to misunderstand the nature of the IT systems we have.

That was Chikrodah's basis for calculation, not mine. However, my calculation demonstrates that the whole database could be held on only a few dozen hard drives at current densities. By the time it's all up and running that will probably be down to a single drive. Which in turn means that any number of read-access copies of the database could be cheaply held by all the relevant government departments. Each would then require about 10kB/s download to keep them up to date (and a combined upload figure of the same magnitude), which is a doddle.

I have little doubt that if the government tries to introduce such ID cards it will make a hash of it - but that will be down to general bureaucratic incompetence, not genuine technological difficulties.

John Carter · 30-06-2005, 12:16 PM

HSBC has about 110m customers World-wide and they seem to manage this with constantly changing daily transactions (far greater data density and more updates than would be required for an ID system).

All in all, a national database is nothing a couple of top-end SunFire storage cabinets couldn't easily handle.

chikrodah · 01-07-2005, 10:23 AM

Well, that will teach me to try to explain things in a way that the non-geeks on this forum might understand.

<technical apology>

My apologies to all übergeeks for posting in such a way as to omit vast swathes of double-guessing as to whether the government wants to use Ultra-SPARC based solutions or (gasp!) the dreaded Windows DataCenter.
:cry:

I'm obviously guilty of dumbing-down too much. Maybe I should stand for Parliament? :?

At no time was I suggesting that the government planned to zombie 150Gb per computer of thousands of home PCs. Although the way things are going, how could we stop them if they tried? :roll:

Nor was I suggesting that there would be the mother of all data farms immediately; rather, I was positing an ultimate size, knowing how databases tend to grow beyond the initial designer's calculations over time.

I obviously don't have PB's and JC's intimate knowledge of such high level technical systems.

</technical apology>

As an aside, Bundesdruckerei, originally Germany's state-owned security printing house and now a supplier of security documents such as ID cards, passports, etc. are piloting a RFID contactless chip passport scheme where they have estimated a minimum requirement for a 64kb chip designed to store a facial image and two fingerprints. By comparison, storing a fingerprint to FBI standards can take up to 120kb.

Additionally, the estimated cost of installing Iris Scan Biometric Passport Readers in the UK's 47 main airports and ports, is an average of £21,000 (derived from a government guesstimate of £1 million for 47 airports and ports) for the computer network cabling, and £3,000 - £5,000 per reader plus one PC per biometric passport reader (approx. £1,000). In other words at least £27,000 for the first biometric passport reader at any one location. Of course, the next half dozen would be a lot cheaper...

ID card biometric readers will be even more expensive and complicated because they are planned to make use of multiple biometrics indicators - iris scans, fingerprint/multiple fingerprint scans and facial recognition. I understand that there are currently no 'off the shelf' products which do all this, and since no other country is proposing to use the same system, there will be no global market economy of scale.

I leave it to others to do the maths; at least I appear to have sparked a bit of a discussion...

C_steam · 01-07-2005, 12:15 PM

Putting the cost issue to one side, how do we all feel about some ex-trolley dolly or other low waged worker with equivalent training to half a day at woolies operating retinal scan equipment?

I must say, if this ever happens and I have to put my eyes to a retinal scanner at an airport (or elsewhere) the temptation to suddenly scream, fall on the floor with hands over face shouting "My eyes my eyes, it burns!!" will be overwhelming.

Should have an interesting effect on the rest of the queue.

Bluemerle · 01-07-2005, 05:28 PM

Tony Benn on Question Time last night stated that he thought that the country was becoming a totallitarian police state.

Let's hope that the Old Labourites start to do something about it. :shock:

Aardvark · 09-07-2005, 09:29 AM

HSBC don't run everything from a centralised database because of national regulations. There is no central database of 115 million customers, although it is possible to access all databases from different countries up to a certain basic level.

Each countries' customer information is created and stored in the country of origin before being disseminated to the appropriate storage. Updates are created each time a transaction is logged and it does indeed happen at all times in all countires.

The reason that this can occur is that the basic transaction changes are all based on 10 digits and a dot, not 26 letters, 10 digits and a whole screed of punctuation. The other reason it can be changed regularly is that there are 1.5 million terminals worldwide loaded to do this. When you put your card INTO phpbb_a machine the magnetic strip tells the machine, using code, which bank to log into. That bank's computers then link in and process the transaction. We are each limited to the amount we can draw out each day - this is because the banks work on a minimal number of variables. You have to be very special to draw out more than £300 per day since the computer processing the transaction only knows the basics of your account. It also stops people stealing more than that from a customer held at knifepoint.

This all costs money - the worlds' banking transactions costs hundreds of millions of pounds to process every day. The cost is born in its entirety by you and I, the paying customers, either through higher interest rates or bank charges. Look at the base rate and look at what you are paying to be a bank customer.

The banking system is linked by hundreds of millions of computers and indeed I can carry out banking transactions online, as can any hacker who wants to access my overdraft and increase it. The system is different. The information held is subject to a lower level of security than many would realise since the cost of improving security outweighs the costs associated with the financial risk.

The ID card sustem is supposed to be using the highest level and most advanced security, otherwise Parliament will not agree (that said we've all been conned before). The amount of information to be stored is based on templates that are more complex than those used in banking. The basic biometrics may indeed be compressable and already there are iris scanners used in accessing certain private places - the cost is born by business, is tax deductible and in any event only requires one biometric. Nobody is running about getting fingerprints. I still think that the way the information is collected, the way it is held and the amount of biometric images required will lead to the figures suggested by Chikrodah.

Chik, how was the MS Tech Ed conference in Amsterdam? Gather you were there in your capacity as a DataBase Administrator for a multinational blue chip. Learn anything new?

chikrodah · 11-07-2005, 02:05 PM

божe мой! моя втихомолку тождественность показывает!!! :twisted:

TechEd was a curate's egg, but no less valuable for that. Plenty of thought-provoking sessions on data mining, rfid technology etc.

Very little on data fusion or UltraSparc specs, though, so it might not have been that interesting for PB and JC :wink:

30-06-2005, 12:16 PM	#24 (permalink)
John Carter Uber Member Join Date: Mar 2005 Location: On Sabbatical Posts: 5,110	HSBC has about 110m customers World-wide and they seem to manage this with constantly changing daily transactions (far greater data density and more updates than would be required for an ID system). All in all, a national database is nothing a couple of top-end SunFire storage cabinets couldn't easily handle. __________________ There are three kinds of people in this world: Libertarians, fascists, and those who haven't been paying attention.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

30-06-2005, 10:08 AM	#21 (permalink)
chikrodah Senior Member Join Date: Jan 2005 Location: Midlands Posts: 1,662	An existing contact management database that has this 'basic' level of detail on each of its 'customers' stores between 10 and 30kb of data on each customer. Part of the reason for the 'excess' sizing is due to the database configuration needing to be able to cope with multiple languages, some of which don't even use the western character sets. 100kb for a lifetime's worth of tracking doesn't seem excessive, and a smart card can easily support that anyway. With respect, in my experience a small (400Gb) clustered database server would set you back a mere £25,000. I won't do the multiplication - my touch typing seems to be stuttering ops: :? :wink:

01-07-2005, 10:23 AM	#25 (permalink)
chikrodah Senior Member Join Date: Jan 2005 Location: Midlands Posts: 1,662	Well, that will teach me to try to explain things in a way that the non-geeks on this forum might understand. <technical apology> My apologies to all übergeeks for posting in such a way as to omit vast swathes of double-guessing as to whether the government wants to use Ultra-SPARC based solutions or (gasp!) the dreaded Windows DataCenter. :cry: I'm obviously guilty of dumbing-down too much. Maybe I should stand for Parliament? :? At no time was I suggesting that the government planned to zombie 150Gb per computer of thousands of home PCs. Although the way things are going, how could we stop them if they tried? :roll: Nor was I suggesting that there would be the mother of all data farms immediately; rather, I was positing an ultimate size, knowing how databases tend to grow beyond the initial designer's calculations over time. I obviously don't have PB's and JC's intimate knowledge of such high level technical systems. </technical apology> As an aside, Bundesdruckerei, originally Germany's state-owned security printing house and now a supplier of security documents such as ID cards, passports, etc. are piloting a RFID contactless chip passport scheme where they have estimated a minimum requirement for a 64kb chip designed to store a facial image and two fingerprints. By comparison, storing a fingerprint to FBI standards can take up to 120kb. Additionally, the estimated cost of installing Iris Scan Biometric Passport Readers in the UK's 47 main airports and ports, is an average of £21,000 (derived from a government guesstimate of £1 million for 47 airports and ports) for the computer network cabling, and £3,000 - £5,000 per reader plus one PC per biometric passport reader (approx. £1,000). In other words at least £27,000 for the first biometric passport reader at any one location. Of course, the next half dozen would be a lot cheaper... ID card biometric readers will be even more expensive and complicated because they are planned to make use of multiple biometrics indicators - iris scans, fingerprint/multiple fingerprint scans and facial recognition. I understand that there are currently no 'off the shelf' products which do all this, and since no other country is proposing to use the same system, there will be no global market economy of scale. I leave it to others to do the maths; at least I appear to have sparked a bit of a discussion...

01-07-2005, 12:15 PM	#26 (permalink)
C_steam Super Moderator Join Date: Oct 2004 Location: Paddling up 5hit creek..... Posts: 7,697	Putting the cost issue to one side, how do we all feel about some ex-trolley dolly or other low waged worker with equivalent training to half a day at woolies operating retinal scan equipment? I must say, if this ever happens and I have to put my eyes to a retinal scanner at an airport (or elsewhere) the temptation to suddenly scream, fall on the floor with hands over face shouting "My eyes my eyes, it burns!!" will be overwhelming. Should have an interesting effect on the rest of the queue.

01-07-2005, 05:28 PM	#27 (permalink)
Bluemerle Uber Member Join Date: Jan 2005 Location: Dorset. Posts: 3,252	Tony Benn on Question Time last night stated that he thought that the country was becoming a totallitarian police state. Let's hope that the Old Labourites start to do something about it. :shock:

09-07-2005, 09:29 AM	#28 (permalink)
Aardvark Moderator Join Date: Dec 2004 Location: Oxonia Posts: 3,928	HSBC don't run everything from a centralised database because of national regulations. There is no central database of 115 million customers, although it is possible to access all databases from different countries up to a certain basic level. Each countries' customer information is created and stored in the country of origin before being disseminated to the appropriate storage. Updates are created each time a transaction is logged and it does indeed happen at all times in all countires. The reason that this can occur is that the basic transaction changes are all based on 10 digits and a dot, not 26 letters, 10 digits and a whole screed of punctuation. The other reason it can be changed regularly is that there are 1.5 million terminals worldwide loaded to do this. When you put your card INTO phpbb_a machine the magnetic strip tells the machine, using code, which bank to log into. That bank's computers then link in and process the transaction. We are each limited to the amount we can draw out each day - this is because the banks work on a minimal number of variables. You have to be very special to draw out more than £300 per day since the computer processing the transaction only knows the basics of your account. It also stops people stealing more than that from a customer held at knifepoint. This all costs money - the worlds' banking transactions costs hundreds of millions of pounds to process every day. The cost is born in its entirety by you and I, the paying customers, either through higher interest rates or bank charges. Look at the base rate and look at what you are paying to be a bank customer. The banking system is linked by hundreds of millions of computers and indeed I can carry out banking transactions online, as can any hacker who wants to access my overdraft and increase it. The system is different. The information held is subject to a lower level of security than many would realise since the cost of improving security outweighs the costs associated with the financial risk. The ID card sustem is supposed to be using the highest level and most advanced security, otherwise Parliament will not agree (that said we've all been conned before). The amount of information to be stored is based on templates that are more complex than those used in banking. The basic biometrics may indeed be compressable and already there are iris scanners used in accessing certain private places - the cost is born by business, is tax deductible and in any event only requires one biometric. Nobody is running about getting fingerprints. I still think that the way the information is collected, the way it is held and the amount of biometric images required will lead to the figures suggested by Chikrodah. Chik, how was the MS Tech Ed conference in Amsterdam? Gather you were there in your capacity as a DataBase Administrator for a multinational blue chip. Learn anything new?

11-07-2005, 02:05 PM	#29 (permalink)
chikrodah Senior Member Join Date: Jan 2005 Location: Midlands Posts: 1,662	божe мой! моя втихомолку тождественность показывает!!! :twisted: TechEd was a curate's egg, but no less valuable for that. Plenty of thought-provoking sessions on data mining, rfid technology etc. Very little on data fusion or UltraSparc specs, though, so it might not have been that interesting for PB and JC :wink: