Read more.Quote:
Both these members of the Fast Identity Online Alliance demoed their tech at RSA 2018.
Printable View
Read more.Quote:
Both these members of the Fast Identity Online Alliance demoed their tech at RSA 2018.
HMMM.
/tinfoil hat in place.
Yes, and msny such tech giants, and not a few stores, woild absolutely adore being able to 100% accurately biometrically identify all users .... thus validating the identity of individuals in their data warehouses.
No doubt this is coming. It's probably unstoppable at this point. But unless this becomes mandatory for websites I must use, there is no chance of me agreeing to it, And off-hand, I can't think if any websites I hwve to use.
If it's optional, I will not opt.
If it's mandadory (clearly, it won't be initially) I will stop using any and all such sites, unless I have absolutely no choice. This is also the point at which I am likely to go internet-free, and dump having my own internet link (i.e. broadband).
Is it coming? Almost certainly. Will I use it? Not unless given utterly no choice.
In the above, bear in mind I don't use ANY social media sites, closed both paypal and ebay many years ago, and don't remember the last time I bought ANYTHING online, but it certainly was years ago.
It is possible, and in many ways desirable, to live life without internet access. I know, 'cos I tried it for several months a few years ago, and after about a week, didn't miss it at all.
The great internet dream of freedom is all but dead, and it's now little more than a schill for corporate vested interest and control, and a purveyor of fake or at least dubious news. We need to shoot the monster and start again. But we won't.
Now, where'd I put my bunker key? I need to check supplies.
does the fingerprint get translated into a uniquely identifiable key that's used for access or would companies actually be able to copy my exact fingerprint?
If someone with enough time and talent wanted to, they could still find you. Personally, I hate the argument "if you've got nothing to hide, you've got nothing to worry about". It is dumb for many a reason; however, you seem to have gone entirely too far the other direction. You deliberately inconvenience yourself and have a less-rich experience of the internet, and for what precisely? Pseudo-privacy? A government (where ever you live) knows exactly who you are, what you do and what you earn, and could compile a list within five minutes of your favourite shops, medical conditions and where you're likely to be at 3pm on a Tuesday. A private company just wants to use the same information to show you a few catered ads while you use their service and you lose your mind. I'm far more concerned about what a government is capable of using that information (that they already have access to) for than the likes of Google and Facebook. Point is, if you want to be as off-grid as a lot of your comments suggest you do, you wouldn't use the internet in the first place, never mind install yourself as one of the most popular and infamous/notorious accounts on a fairly well known tech news site.
Oh, but ultimately, I kinda agree. I don't like it either. Stop asking me for biometric data you creeps.
No, they couldn't find me, but don't ask me to explain why not. (note)
Much of what you say government knows about me is true, but not because of anything to do with the internet.
If private companies want to use ANY data about me to serve me adverts, will they kindly go bleep themselves. I don't want targetted ads from ANYBODY, under absolutely any circumstances whatsoever. In fact, I don't want ads, period, but especially not targetted ads. I don't want ANY company storing data on me, other than for the purposes of supplying products and/or services I have asked for, and I don't want ANY pestering with unsolicited info on products/services I haven't specifically asked for.
If companies had the decency to ASK before storing/exploiting data, I'd have no problem ... but permission to do so will NEVER be forthcoming from me.
When you say I've gone too far, inconvenienced myself and have a "less-rich" experience of the internet, I laughed. I'd love to know what "richness" of the internet you think I'm missing out on? It's not that I'm ignorant of what's on offer. It's that the vast bulk of it I either reject utterly (like facebook, twitter, etc) or am entirely indifferent to.
If the richness appeals to you, good for you, and I hope you enjoy it. But it's no inconvenience to avoid 'richness" I don't want.
(note) When using HEXUS, I'm usually on a home broadband connection, not VPN'd, and that, certainly, is traceable. On other occasions, I'm not on that broadband, and am certainly not capable of being remote-traced. Given motivation, and sufficient local resources, govermeent bodies could no doubt trace this usage, but as I'm not doing anything to raise official interest, I'm not worried about that .... unless they start pestering me with adverts.
I’m the reverse. The Government have legitimate reasons for holding data about me, and by and large how that data is used is well regulated (in the UK).
Commercial organisations have fewer legitimate reasons for harvesting any data about me other than to make money for their shareholders by selling or exploiting MY data.
And while regulations about Data Protection have been in place, they have not been particularly well followed, which is why the General Data Protection Regulations are coming into force. Perversely that is making life harder for a lot of small organisations for whom data privacy has never been an issue.
Data collection is nothing new, but the computing power available to process that data for commercial exploitation has made it a big issue.
Saracen is fully endosed by Alcan, although there have been times that we've found him in an upturned water tower, in America having breakfast with Professor Xavier, with Logan popping in with milk.
I'm not a super fan of fingerprint scanning, and that's cos I don't seemt o have very good fingerprints. Dunno why. All the ones I've used seem to think I'm either alien (possible), someone else (god help the other person) or don't have fingerprints.
Which is why I'm so rich....untraceable bank vault jobs ;-)
Must admit I'd like a more secure system than passwords and stuff for finances online. Banks use card readers/cpde scramblers etc, so maybe facial recog and a fingerprint backup is next.
Maybe a sperm sample? You can see the queue at Tesco's self service tills being a very different affair can't you?
I'm just not convinced that getting rid of passwords entirely would be a good thing.
Multi-Factor Authentication is probably the best route for the future (and in many cases, present), depending upon the usage case, so one of the steps would likely be a password. I'm just not sure that I would be comfortable with fingerprints being one of the other steps, especially if it wouldn't be limited to only being stored on your own devices (and heavily encrypted at that).
A single-layered login using a fingerprint I'd be even less enthused about (and completely against if, as mentioned above, it wasn't limited to only being stored heavily encrypted on your own devices).
"Unexpected item in bagging area." :p
the problem relying on digitised files of your fingerprints is that, should someone hack them and get hold of them, you can't ever change your finger print. It is not suitable as a form of password. User account maybe, but not password. No system is foolproof. giving hackers something that they know can NEVER change is madness. Give me dongles, multistep authentication, multiple passwords or whatever, but not EVER biometric authentication. It just isn't worth it for me.
No thanks, I will stick with passwords, I think it is safer. I mean, like what if there is a exploit or a bug that people can take advantage of. You guys can use it first and once it is fully stable I might move xD
If you haven't broken tax laws, you aren't confessing to anything.
If you have, you presumably have no qualms about lying it on paperwork. Otherwise, even bank robbers and murderers would confess the first time a cop asked them.@
The grey area, of course, is where the line is between avoidance and evasion. Fortunately, at least for now, it's where law says it is, not where pontificating politicians pretend it is. It's also a good job that, generally, English legal principles prevent changes in such things being applied retrospectively.
If you haven't paid the tax you should, you've broken the law.
Stating otherwise on a tax return, you've still broken the law but now you're lying about it too.
But supposedly this all-knowing government can tell if you've broken the law in the first place, so there's no need for this bit of paper asking you to confirm that you've broken it..... or at least that's the argument against the all-knowing government idea, anyway. I know it's not quite the case in reality.
Which is why the paper is needed, to prove you haven't broken the law, because the government doesn't know everything... yet.
Well, if you :-
a) Haven't paid tax you should have, AND
b) Didn't lie about income on your tax form, I'd conclude you either
1) Didn't intend to underpay, and theretore made an honest mistake, OR
2) Are a right moron.
If the taxman concludes that you underpaid but made sn honest mistake, the likely result is that you'll be required to pay unpaid tax, plus mandatory interest.
If, on the other hand, you underpay, and then lie on your form, the taxman is likely to conclude that your intent was to evade tax, and that's when they hit you with every punitive charge they can. And oh boy, they sure can, especially over VAT.
The tax form has two main functions.First, for honest (*) people, it passes the burden of working out taxes from HMRC to us, and all they do is a checking exercise. Second, it provides evidence of intent to defraud should you underpay, and thdn get caught lying. In other words, the same function as a police statement and/or interview .... get your version officially on-record.
(* Note - In Income tax terms, at least unofficially, "honest" means "doesn't fiddle too much".
They'll never admit it officially, but unofficially, they are entirely aware that many people pad expenses, get a bit creative with mileage claims, 'accidentally' omit the odd cash receipt, etc. All such actions are illegal, but extremely difficult to evidence, and prove, and frankly, it's not worth trying.
But, take the mickey and you may well find yourself subject to an intensive tax audit. Really irritate them and you'll get it several years running.
The above was gleaned directly from IR inspectors, off the record, during my accountancy days.)
As for "all-knowing governnent" we agree, the reality is different. There's a lot they can find out, given sufficient incentive, like a terrorism or serious criminal investigation, but short of that, they neither know nor care about the minutiae of our hum-drum lives.
Unlike Googlebook and so on, to who the minutiae of our lives - where we shop, what videos and comments we like are the stuff advertises love.
I stated seeing adverts for for the cats protection league - because I once like a cute cat video. It’s all recorded for marketing and it’s worth big bucks - which is why I’m far more concerned about commercial organisations mining data about me than government.
Je disagree, mon-sewer...
More than once I've known people receive tax rebates completely unexpectedly, and often for quite small amounts (less than £100) covering several years of overpayment... Someone is clearly watching!!
Myself, I've twice been specifically asked to submit all payslips, P60s and so on for several years, each receiving more than £1,000 in rebate, but I'd expected something along those lines. Either way, they still knew to ask for it, so that same someone is watching me, too!!
I've known such unexpected rebates too. Not personally, but the wife has.
You'll usually find that it's people with simple tax affairs, who have done something like change job, and been put on the wrong tax code for a while. Or, a change of circumstances that led to an overpayment, that self-corrects over time.
If you're on PAYE, then every period (week/month/4 weeks, etc) your payslips show accumuluted tax paid, tax due, etc, and the returns companies send automatically will generate a rebate, often a few weeks after year-end, if accum.tax exceeds tax due for period.
The rest of the time, such glitches work themselvss out in the normal course of the YTD tax paid and tax due.
Those rebates, or at least all those I've seen, are just the result of the standard reporting to HMCE. Just remember, indivuduals aren't the only ones sending dsra back to HMCE. So do companies, for PAYE, NI Contribs, etc. i.e. standard systems operating, not some over-arching mass surveilllance.
Of course, there are numerous situations where a tax rebate is due but won't happen automatically, but only when and if you claim it. One would be trsnsferring part of one spouses PA to the other when the first has an income low enough to not exhaust PAs themselves. Another might be where you have unearned income from investments, like shares, taxedcat source, but low earned income and again, unused PAs. So, if you claim, you get the "deducted at source" tax back, as the deduction assumed standard rate taxpayer.
Indeed.
Government generally has a valid reason for data collection, like tax, benefit entitlement, pensions, etc. It's about standard operation of the mechanisms of the state .... mechanisms most of us approve of, rely on and would bitch like a crazy person if they were withheld.
Corporates, on the other hand, just want to sell us sh.... erm, stuff.
Personally, MOST data government requests, I don't mind providing .... not least because not doing so is often an offence. There are exceptions. Census before last I very temporarily converted my religious belief to Jedi Knight. My conversion lasted about an hour, while I filled in the form, and the bit that asked for religious belief. As far as government is concerned, my religious beliefs are "NONE OF YOUR DAMNED BUSINESS, YOU NOSY BLEEPS".
Since they turned that question optional, I opted to not answer. But I'll dig my light sabre out again if they ever mandate an answer.
As for corporate data gathering, I object to unnecssary data gathering extremely strongly. Other than those companies I've opted to do business with, and even then only for account management and to provide goods/services I actually asked for, I don't want ANY unsolicited marketing, be it by (postal) mail, email, telephone or in-site advertising. Which I why I have a phone screener on my home phone (extremely effective, by the way), and why I'm ultra selective in who gets my home or mobile number. For instance, utility companies don't get my phone number. I very rarely give out an email address and, in fact, don't currently have one. I change periodically, and haven't renewed for, oh, a year or so. It's why I never do online banking, and have such options locked OFF by my bank, since some scumbag tried to activate it. I rarely use debit or credit cards, preferring to pay for most things by cash. So, for now at least, shops know transaction detailes but not who they are for, and my bank knows I withdraw cash, but not what I do with it. Most shops I use don't know they have me as a customer, and that's how I like it. Oh, and I never, EVER use store reward cards. The benefits are nowhere near high enough to induce me to give up the data.
Also, I have more than one bank account so that :-
a) no one bank has the whole picture, in as far as they have any, and
b) I can dump any bank that gets on my nerves without major hassle.
Oh, and I don't and never have had social media accounts, haven't used Google in years, have never "liked" anything and never will.
My ideal scenario is that the likes of Google have ZERO data on me, and preferably don't even know I exist. That may be optimistic, but years of dedication to absolute minimisation of my data profile does ensure they know as little as I can achieve.
And the implementation of the new EU-based GDPR in a month or so (just under, IIRC, about May 25th, or 28th, -ish) should help considerably in keeping it that way.
Of course, there's a potential downside. As more and more companies rely on social media searches, not having a profile, or having minimal data on it, might be viewed negatively. But, seeing as I don't need, or want, credit, or loans, mortgages, etc, and am certainly not applying for jobs, it doesn't bother me.
I don't expect this attitude to be commonplace, or popular, and probably not even understood by much of the younger generation, especially those born into the internet age, but for me, all I want is for companies to leave me the bleep alone unless I contact them, and not for any purpose to pester me with blasted adverts, junkmail, junk-email, phone calls, etc.
Whilst it is well regulated, it is still completely incompetently managed, stored and secured. Both from the standpoint of identity and access control and through cyber security.
The problem here is I can't provide specific examples without revealing far too much. What I will say is that it's not just about lacking security. It's about confirmed - completely undeniable breaches. That management then argue aren't breaches.
Because HMRC's IT is so unbelievable rubbish. They have no clue how to manage a project, hire talented staff or produce anything that works.
For several years now, payroll data is sent directly to HMRC every time you are paid. If you don't believe me, set up a government gateway account and look at your tax records.
Yet still they never get my tax right. I can't submit my return right now because a bug in the system is randomly deciding that people owe unpaid tax despite that not being the case. If I submit they will start demanding over £1000 when in reality they actually owe me about that much.
Now with that, I entirely concur.
I would maintain government has reasonable, acceptable reasons for much (though not all) of the data they like to acquire, store and maintain, that being that it's necessary for provision of the services society expects them to provide.
Their competence and professionalism in securing it, well, that's another story, even ftom some well-publicised incidents that are well and truly in the publuc domain, such as sending millions of taxpayers unencrypted data through the post, or leaving intelligence service laptops on trains.
My suspicion, and it's no more than that, is that those with the power (politicians and very senior civil servants) don't fully understand the issues, and as a result, we don't have sufficient numbers of sufficiently expert people doing it.
I'd sure hope that measures have been in place for some time now preventing a recurrence of the sorts of idiocy and incompetence that the examples I cited couldn't happen now. But I wouldn't bet my life on it. And even if the have, preventing idiocy and outright incompetence is a pretty low bar to set, and it ought to be a dsmn sight higher than that. But is it?
Some departments certainly don't get security (policemen carrying protectively marked information in plain sight for a photographer to pick up) but on the other hand, some departments are VERY security aware and in my experience the Cabinet Office which has overall responsibility for security policy is very clued up. The failure comes down to individuals who either aren't aware or don't care of the implications of privacy/security breaches - and that comes down to a failure in training and security awareness in departments that have never had to deal with particularly sensitive information.
I must admit to wondering if some of the papers getting photographed, usually outside Number 10, were done accidentally-on-purpose.
Cynic? M'oi? :D