[olduser]

Is this the motoring future?

https://www.bbc.co.uk/news/articles/c1edy30qzdno

With all the cyber attacks at the moment it makes we think what are the motor industry thinking of?
But then the government we have the government trying to tell us Digital ID cards will be secure, I received an email response to day* telling me the ID will have the very best cyber security but the very best can and will be breached. The very best security is when critical data is kept away from the cyber world.

Cyber security is rather like a lock, the best locks in the world just take more time to pick, but with cyber 'locks' thousands of people can get to work simultaneously 'picking' the lock shortening the time needed.

*

	You’re receiving this email because you signed the petition: “Do not introduce Digital ID cards”. Dear olduser., The Government has responded to the petition you signed – “Do not introduce Digital ID cards”. Government responded: We will introduce a digital ID within this Parliament to help tackle illegal migration, make accessing government services easier, and enable wider efficiencies. We will consult on details soon. The Government has announced plans to introduce a digital ID system which is fit for the needs of modern Britain. We are committed to making people’s everyday lives easier and more secure, to putting more control in their hands (including over their own data), and to driving growth through harnessing digital technology. We also want to learn from countries which have digitised government services for the benefit of their citizens, in line with our manifesto commitment to modernise government. Currently, when UK citizens and residents use public services, start a new job, or, for example, buy alcohol, they often need to present an assortment of physical documents to prove who they are or things about themselves. This is both bureaucratic for the individual and creates space for abuse and fraud. This includes known issues with illegal working and modern slavery, while the fragmented approach and multiple systems across Government make it difficult for people to access vital services. Further, there are too many people who are excluded, like the 1 in 10 UK adults who don’t have a physical photo ID, so can struggle to prove who they are and access the products and services they are entitled to. To tackle these interlinked issues, we will introduce a new national digital ID. This is not a card but a new digital identity that will be available for free to all UK citizens and legal residents aged 16 and over (although we will consider through consultation if this should be age 13 and over). Over time, people will be able to use it to seamlessly access a range of public and private sector services, with the aim of making our everyday lives easier and more secure. It will not be compulsory to obtain a digital ID but it will be mandatory for some applications. For example, the new digital ID will build on GOV.UK One Login and the GOV.UK Wallet to drive the transformation of public services. Over time, this system will allow people to access government services – such as benefits or tax records – without needing to remember multiple logins or provide physical documents. It will significantly streamline interactions with the state, saving time and reducing frustrating paperwork, while also helping to create opportunities for more joined up government services. International examples show how beneficial this can be. For instance, Estonia’s system reportedly saves each citizen hours every month by streamlining unnecessary bureaucracy, and the move to becoming a digital society has saved taxpayer money. By the end of this Parliament, employers will have to check the new digital ID when conducting a ‘right to work’ check. This will help combat criminal gangs who promise access to the UK labour market in order to profit from dangerous and illegal channel crossings. It will create a fairer system between UK citizens and legal residents, crack down on forged documents, and streamline the process for employers, driving up compliance. Further, it will create business information showing where employers are conducting checks, so driving more targeted action against non-compliant employers. For clarity, it will not be a criminal offence to not hold a digital ID and police will not be able to demand to see a digital ID as part of a “stop and search.” Privacy and security will also be central to the digital ID programme. We will follow data protection law and best practice in creating a system which people can rightly put their trust in. People in the UK already know and trust digital credentials held in their phone wallets to use in their everyday lives, from paying for things to storing boarding passes. The new system will be built on similar technology and be your boarding pass to government. Digitally checkable digital credentials are more secure than physical documents which can be lost, copied or forged, and often mean sharing more information than just what is necessary for a given transaction. The new system will be designed in accordance with the highest security standards to protect against a comprehensive range of threats, including cyber-attacks. We will launch a public consultation in the coming weeks and work closely with employers, trade unions, civil society groups and other stakeholders, to co-design the scheme and ensure it is as secure and inclusive as possible. Following consultation, we will seek to bring forward legislation to underpin this system. Department for Science, Innovation and Technology Click this link to view the response online: https://petition.parliament.uk/petit...l_response=yes This petition has over 100,000 signatures. The Petitions Committee will consider it for a debate. They can also gather further evidence and press the government for action. The Committee is made up of 11 MPs, from political parties in government and in opposition. It is entirely independent of the Government. Find out more about the Committee: https://petition.parliament.uk/help#petitions-committee Thanks, The Petitions Team House of Commons

[Drivingforfun]

What about making it optional - let individuals decide if the convenience is worth the (real or imagined) risk?

I'm quite old-fashioned but I do find paperwork and bureaucracy an unnecessary burden

I don't know whether the fact that your digital profile can be violated is a reason not to utilise the benefits it can offer? It's physically and technically possible for your physical person and property to be violated, sadly people do it every day... if people had the same attitude many have with cybersecurity everyone would lock themselves in their houses and never leave?

[Santa]

Everyone in this forum already has a digital ID issued by the DVLA, in the form of a driving licence. We also have computers and regularly log in to at least one forum.

I read of people who won't have a supermarket "loyalty" card because they collect data. Who cares if Tesco knows what I buy? I like the discounts.

Many people refuse to bank online. However, I believe the benefits outweigh the minimal risks. Most fraud occurs because individuals are duped or greedy, rather than due to an outsider gaining access to their accounts.

Many people refuse to use Direct Debit because they are concerned it gives companies access to their bank accounts. However, I prefer the convenience of not having to remember all my monthly payments, along with the reduced charges that some suppliers offer.

[olduser]

Originally Posted by Santa

Everyone in this forum already has a digital ID issued by the DVLA, in the form of a driving licence. We also have computers and regularly log in to at least one forum.

I read of people who won't have a supermarket "loyalty" card because they collect data. Who cares if Tesco knows what I buy? I like the discounts.

Many people refuse to bank online. However, I believe the benefits outweigh the minimal risks. Most fraud occurs because individuals are duped or greedy, rather than due to an outsider gaining access to their accounts.

Many people refuse to use Direct Debit because they are concerned it gives companies access to their bank accounts. However, I prefer the convenience of not having to remember all my monthly payments, along with the reduced charges that some suppliers offer.

Tesco - the cost of administrating the cards is added to what we buy, any discounts would still work without the cards.

On Line Banking - Unless we tell others our password, the risk is down to the bank.

Direct Debit - In my last job, I found many people panicking because they had lost control of their account, this should be better now banks are texting when money goes in or out.

There was some fraud in the energy world, when disgruntled employs were fired, they kept a list of customers direct debit details who had moved to another supplier but had not stopped their DD with their old supplier. They were able to arrange the payment into a bank account controlled by them. The banks argued they had followed the DD instructions therefore nothing to do with them, so no compensation was due.

Monthly DD was favoured by energy companies because, 1) it's cheaper to administer. 2) it disconnected the consumer from their usage. 3) the companies could borrow money at no interest by setting monthly payments too high. When I helped customers to sort out their bills in a few cases the total paid in one year was around £1,000 over their usage!

Mobile phone bills are made up of two parts, a charge for the usage + a payment for the device, not so long ago it was discovered, people were being charged for the device after it was paid for!
Again, this was missed because the payment was by DD.

I think, we pay a very high price for convenience.

[olduser]

Originally Posted by Drivingforfun

What about making it optional - let individuals decide if the convenience is worth the (real or imagined) risk?

I'm quite old-fashioned but I do find paperwork and bureaucracy an unnecessary burden

I don't know whether the fact that your digital profile can be violated is a reason not to utilise the benefits it can offer? It's physically and technically possible for your physical person and property to be violated, sadly people do it every day... if people had the same attitude many have with cybersecurity everyone would lock themselves in their houses and never leave?

Someone else's ID is a key to many crimes, this gives it high value in the criminal world, and phones are not especially secure, so this means it will be hacked or stolen, once stolen the ID is already digital making it easy to send anywhere in the world - no, perhaps not Afghanistan at the moment. Once I have got the ID, easy to change the photo, and I could sell it to illegal migrants over the web, nice little earner, and they can get a job once they get here.

[Drivingforfun]

I think people work under the understandable misconception that the ID is stored in one place - almost like a nice little prize chest containing everything the hackers want 😅

The data is all stored in its relevant place - i.e. DVLA data is stored at DVLA; health data at NHS. An official organisation can't access "irrelevant" data that's for another organisation. There are exceptional circumstances - i.e. DVLA may want your health records - but that would follow the existing safeguards so you'd have to explicitly consent or if you refused they'd have to go through the current processes. Even the police would have to go through current law if they needed your info for an investigation

No info is stored on your phone - what's on your phone is, effectively, the "key" to that info. Even if someone physically took your phone they couldn't read the data, and the "key" wouldn't work without biometrics (finger or face recognition)

[Santa]

@olduser Tesco - the cost of administrating the cards is added to what we buy, any discounts would still work without the cards.

Many items display two prices. Cardholders receive the lower price. The cost of running the scheme is undoubtedly covered by all customers, regardless of whether they are cardholders or not.

On Line Banking - Unless we tell others our password, the risk is down to the bank.

If you transfer money to me by mistake, the bank will not get it back for you. It's your mistake, not theirs.

Direct Debit - In my last job, I found many people panicking because they had lost control of their account, this should be better now banks are texting when money goes in or out.

The Direct Debit Guarantee states that you will be notified in advance of any changes, and in the event of an error, you are entitled to a full and immediate refund from your bank.


There was some fraud in the energy world, when disgruntled employs were fired, they kept a list of customers direct debit details who had moved to another supplier but had not stopped their DD with their old supplier. They were able to arrange the payment into a bank account controlled by them. The banks argued they had followed the DD instructions therefore nothing to do with them, so no compensation was due.

Seems unlikely to me. The courts would have rectified it if it came to that.

Monthly DD was favoured by energy companies because, 1) it's cheaper to administer. 2) it disconnected the consumer from their usage. 3) the companies could borrow money at no interest by setting monthly payments too high. When I helped customers to sort out their bills in a few cases the total paid in one year was around £1,000 over their usage!

My energy company used to pay interest on overpayments. Sadly, they abandoned that last year. It's up to individuals to monitor and keep track of these things.

Mobile phone bills are made up of two parts, a charge for the usage + a payment for the device, not so long ago it was discovered, people were being charged for the device after it was paid for!
Again, this was missed because the payment was by DD.

That’s surely the user's fault, although I do agree that they should have been informed when the phone was paid for. (Doesn’t that happen these days?)

I think, we pay a very high price for convenience.

You and I disagree on that.

[olduser]

Originally Posted by Drivingforfun

I think people work under the understandable misconception that the ID is stored in one place - almost like a nice little prize chest containing everything the hackers want 😅

The data is all stored in its relevant place - i.e. DVLA data is stored at DVLA; health data at NHS. An official organisation can't access "irrelevant" data that's for another organisation. There are exceptional circumstances - i.e. DVLA may want your health records - but that would follow the existing safeguards so you'd have to explicitly consent or if you refused they'd have to go through the current processes. Even the police would have to go through current law if they needed your info for an investigation.

No info is stored on your phone - what's on your phone is, effectively, the "key" to that info. Even if someone physically took your phone they couldn't read the data, and the "key" wouldn't work without biometrics (finger or face recognition)

But the point is, the ID is to become the universal key, armed with that key I can get into anything with a compatible lock.

When fingerprints were the flavour of the month for mobile phones, my daughter turned up with a new mobile, and making the point it was safe.
I am no hacker, but just thinking about how the software would work, I found a way in.
OK I did use my computer but a really was not that difficult.

Now I agree apart from hackers, perhaps not many people would bother but these days, a stolen phone is not just the lost value of the phone but the parts of our lives that are held in the phone that matter, and have value to others.

In the world of computer security, the uncrackable entry is the holy grail, and we are not there yet.
The biggest problem is, computers (a mobile is just another computer) are designed to be programmable, and there is a major weakness, there has to be provision to load new software - a way in.

Computer systems designed for high security have the software loaded in blocks of memory that have to be physically loaded into the machine, new or changes to the software = a new physical block. (open the case, remove the old, insert the new)

OK, if people understood the limitations, and decided they still wanted to put their life on a phone, that's their choice but I don't think people realise how insecure these systems are, and to force people to do it, just to work, or interact with the government, in my opinion, is totally irresponsible.

[olduser]

Originally Posted by Santa

@olduser Tesco - the cost of administrating the cards is added to what we buy, any discounts would still work without the cards.

Many items display two prices. Cardholders receive the lower price. The cost of running the scheme is undoubtedly covered by all customers, regardless of whether they are cardholders or not.

On Line Banking - Unless we tell others our password, the risk is down to the bank.

If you transfer money to me by mistake, the bank will not get it back for you. It's your mistake, not theirs.

Direct Debit - In my last job, I found many people panicking because they had lost control of their account, this should be better now banks are texting when money goes in or out.

The Direct Debit Guarantee states that you will be notified in advance of any changes, and in the event of an error, you are entitled to a full and immediate refund from your bank.


There was some fraud in the energy world, when disgruntled employs were fired, they kept a list of customers direct debit details who had moved to another supplier but had not stopped their DD with their old supplier. They were able to arrange the payment into a bank account controlled by them. The banks argued they had followed the DD instructions therefore nothing to do with them, so no compensation was due.

Seems unlikely to me. The courts would have rectified it if it came to that.

Monthly DD was favoured by energy companies because, 1) it's cheaper to administer. 2) it disconnected the consumer from their usage. 3) the companies could borrow money at no interest by setting monthly payments too high. When I helped customers to sort out their bills in a few cases the total paid in one year was around £1,000 over their usage!

My energy company used to pay interest on overpayments. Sadly, they abandoned that last year. It's up to individuals to monitor and keep track of these things.

Mobile phone bills are made up of two parts, a charge for the usage + a payment for the device, not so long ago it was discovered, people were being charged for the device after it was paid for!
Again, this was missed because the payment was by DD.

That’s surely the user's fault, although I do agree that they should have been informed when the phone was paid for. (Doesn’t that happen these days?)

I think, we pay a very high price for convenience.

You and I disagree on that.

Just one point Santa;

The Direct Debit Guarantee states (2017) that you will be notified in advance of any changes, and in the event of an error, you are entitled to a full and immediate refund from your bank.

Unless it has changed very recently, The agreement is that the company you are paying will advise you of any changes not the Bank.
I found this so to save typing I copy;
"Under the Direct Debit Guarantee scheme, customers are protected against unauthorized or incorrect payments, and they can claim refunds. However, the guarantee mainly applies to errors or fraud that the customer reports within a certain timeframe. The bank may not automatically be liable if they processed instructions that appeared legitimate and there was no breach of their procedures."

That is the built in get-out for the Banks.

I think, an important point for everyone to, remember to formally close, with your bank or building society, any DD that are not in use.

But I agree we disagree on the convenience.

[Santa]

The key, really, is to bank online. I can get a list of Standing Orders and Direct Debits with a couple of clicks. It's not so easy if all you have is a statement.

I don't recall when I started using DDs, but it must be at least 50 years ago. I have never found an error in all that time, although I did once make a mistake with BT. I switched from my early dial-up connection to broadband and mistakenly assumed that the original DD would be automatically cancelled. I paid two months before I spotted it and never managed to get a refund.

[Rolebama]

I am amazed at the amount of my friends, relatives etc who do not check their statements, whether they be bank, credit cards or whatever.
You may remember the time when a particular credit card company introduced computers. The computer very quickly discovered £36 payments to a restaurant in Hong Kong. Some of these payments coincided with payments made here in the UK within minutes of these transactions. £millions were taken, yet not one person had reported any suspicious payment from their accounts, yet some had had thousands stolen over whatever period.
As to hackers, some are outright criminals, but some are just mischief-makers who will hack a private account just to show they can.

[olduser]

Found this today;

https://www.bbc.co.uk/news/articles/c14g47vmkevo

Food for thought?

[NMNeil]

@olduser It's funny how many places we go where they say "Just scan the QR code" and the look of incomprehension when I tell them my phone can't do that. The same for anything else that say's "Just use your smartphone".
No chance of my phone being hacked because it's just a phone. 😁
As for scam's.
Not so long ago there was a massive data breach here in the US when someone accessed literally billions of names, addresses and social security numbers. Basically everything needed to steal identities.
https://heimdalsecurity.com/blog/soc...ounts-exposed/
So the government set up a website so you could check if you were one of those who had their info hacked. The first request was: "Enter your name address and social security number" 🙄

[olduser]

As it was the government that had not looked after the data, in my book, the correct thing to do would have been to cancelled all the compromised social security numbers and issued new ones, and compensated the owners for any inconvenience caused, or is that rocket science?

[Beelzebub]

Originally Posted by olduser

As it was the government that had not looked after the data, in my book, the correct thing to do would have been to cancelled all the compromised social security numbers and issued new ones, and compensated the owners for any inconvenience caused, or is that rocket science?

AIUI National Public Data, which was the source of the leak, was a private company, now bankrupt. As its name suggested, it took data which was already publicly available and put it in a single database making it a convenient source for its customers (and, as it turns out, hackers).

So, not the US government's fault.

[olduser]

Thank you, I incorrectly assumed they were contractors to the US government.

[olduser]

Found on the BBC;

https://www.bbc.co.uk/news/articles/ce847ngn7n8o

Is it time we had an international agreement about what can and cannot be done to cars via the internet?
Potentially, an electric car could be a car for life, apart from the battery.

Referring to the battery;

https://www.autoexpress.co.uk/featur...sands-evs-road

In that article is a link to end of life battery's.

It all reminds me of re-tread tyres, are they still available?

[NMNeil]

Originally Posted by olduser

Thank you, I incorrectly assumed they were contractors to the US government.

Due to the incompetency of the contractors I can see how you equated it to the US Government. 😁
https://moneymorning.com/2012/02/22/...ernment-waste/

[olduser]

The chimp poo needs more money to test, are the chimps seeking out poo to throw, or are they just throwing whatever is handy?
Humanity progresses by asking, why?
Sometimes the answer is immediately usable but often opens up another line of research in a different but related field?

I have no way of confirming but I read that many American politicians that lobby for these grants get a proportion of the grant, in a roundabout way of course.

What most of these type of articles don't do is trace where the money actually ends up.

Here in the UK the government is talking of digital ID's, I noticed in one news report, the company that was 'offering' to do this, on behalf of the government, has Tony Blairs son onboard, the Blair involvement has not been mentioned since!

[Rolebama]

Some years ago the News of the World would sell DVDs of stories that were too risque to print. One I saw was of a black man who got a Govt grant to look into the association of white women to black men. He got £250,000. He was caught by NotW spending it on white prostitutes. I have to wonder - has anything changed?

[Beelzebub]

Originally Posted by Rolebama

Some years ago the News of the World would sell DVDs of stories that were too risque to print. One I saw was of a black man who got a Govt grant to look into the association of white women to black men. He got £250,000. He was caught by NotW spending it on white prostitutes. I have to wonder - has anything changed?

One thing that has changed is that the NoW is no longer around to publish fiction.

[NMNeil]

@olduser When the contract with Camelot to run the UK lottery expired Richard Branson offered to run it for free. The Government turned him down and renewed the contract with Camelot.
I wonder why? 😏