Verisign Develops Token for Age Verification 417
FirstTimeCaller writes "A Reuters article is reporting that Verisign in conjunction with an unnamed children's safety group, will release a USB token that can be plugged into a PC to verify the age and gender of a person participating in online chat rooms. According to the article, the token will be available free to students in a handful of schools this fall. School administrators will provide a list of students, with their ages and genders, and VeriSign will encode that information onto the tokens."
Credit card ? (Score:2, Insightful)
In which situations wasn't it enough, besides the goatse ?
If it's just to verify "age and gender" . . . (Score:5, Insightful)
Right... (Score:5, Insightful)
Better yet, how many kids will lose their tokens?
Not to mention the possibility of the breaching of the privacy of minors.
On paper this sounds like a good way to protect children, but somehow I think the execution of the idea is not going to be as easy as Verisign and Co. think it might be.
So now the Child Stalkers can... (Score:3, Insightful)
That's gonna cut into the FBI's stake-outs, isn't it?
Can't work won't work (Score:2, Insightful)
Man, a 13 year old could make a big profit (Score:5, Insightful)
Just what little tommy needs! (Score:5, Insightful)
So when he's 21 he won't complain when the barcode on his forearm will be used to 'strenghten e-vote security'.
Train them while they are still young, the older they get, the harder for you to teach them new tricks...
Oh, wait, this only works with pkcs#11-enabled chat applications? I guess IRC will have to be outlawed then. You don't want untagged pedophile commies subverting little Tommy on IRC now, do you?
Am I missing something, or is this lame? (Score:4, Insightful)
In about two weeks, they will be borrowing them from older siblings.
In about three weeks, there will be a brisk trade in USB tokens issued to older students who have no interest in the school-approved content that is actually linked to the key, but great interest in money.
In about three months, forged adult-ID USB token will be for sale on eBay.
Even a plain old ID card has a signature and a photo on it, so someone can see whether it matches the holder of the card or not. But these anonymous bits of colored plastic are just an invitation to abuse.
In a corporate setting, I suppose you've signed something that says you're responsible for all use made of the token, and you would be suspiciously unable to do your job if you loaned it to someone else... and subject to dismissal if someone finds out. I don't see how that can be applied in a school context.
Unless they were planning to Superglue the token to the kid?
Re:Credit card ? (Score:5, Insightful)
Re:Credit card ? (Score:5, Insightful)
Yeah, because we all know that none of the pedophiles out there have kids of their own who might leave this key plugged in, or laying on the desk for dad/mom to use?
This is dumb, this does about as much good as the pages before porn sites telling people to not enter if they are not 18. Big deal, a USB key that tells someone I am young. It'll be 2 days maximum until some geek gets ahold of one and then you can buy them online for $25 +S/H.
Re:Right... (Score:1, Insightful)
Oh, it's probably not that bad. Presumably it's an X.509 cert with the key generated on board the token, though that's just a guess. Anyway, it's certainly not worth the effort of doing cracking, except maybe to reuse them for something useful.
Better yet, how many kids will lose their tokens?
Only the stupid ones. The smart ones will sell them to the kind of people who like to hang out on kid's chat channels at $50 a pop. It's a win-win. The kids get some cash, the pervs get to masquerade as kids.
Re:Dumbest Idea Ever (Score:4, Insightful)
Gender? (Score:5, Insightful)
Clearly in some cases it might be necessary or desirable to prove your age, but unless the chatroom is supposed to be an online matchmaking service I fail to see what the presence of a Y chromosome has to do with anything.
Re:Right... (Score:5, Insightful)
Instead of relying on children to take their word of how old they claim to be, the kids could be fooled by a false sense of security with these IDs.
Peodophile: I'm an 11 y/o kid honest... see my Verisign token proves it.
Kid: Wow, you're right. Want to go hang out?
Dangerous (Score:2, Insightful)
Once someone figures out how to crack it, he or she would be able to fool everyone who believes that the system is reliable.
Today most people are sceptical to people online, with this system it could actually get really easy for the scumbags to convince someone of their (fake) age.
Comment removed (Score:5, Insightful)
Get lost Veribad. (Score:2, Insightful)
Of course, they're are a whole lot of teens out there who spend the whole night talking to friends on MSN (blame Micro$haft for capturing this market by bundling it with WinXP).
I would like to call on parents reading this to frag all traces of MSN and other chat networks from their teens computers so the quality of english spoken worldwide does not decline within the next decade. I stopped wasting my time talking to losers on such chat networks because I simply can't bear the quality of english OR SHOULD I SAY SMSlish being driven around by people who think 500 millisecond responses are critical. Spoken to your kids english teacher recently? Doesn't come as a suprise to me that I am one of the only students in the english class that can maintain good spelling with no cutbacks to save time.
Also think what else such USB Keys could do. Enable sitefinder instead of Google? Spy on students in cases where X person is under agreement to lease equipment from the school? Erase traces of non-DRM music to keep their friends at the **AA happy? Hmm, better speed up development of my RFID disk wipe module ASAP. I think I'll need it when school IT staff think they can blackmail me into violating californian breakin disclosure law again. They've already tried to break into my own blog to see what dirt I have marked private on them.
Re:Credit card ? (Score:4, Insightful)
Another thought: if they do uniquely identify each kid losing one could open up realms of bullying that are scary. Imagine being able to "prove" you're another kid. Then you go online and tell off all their friends, make lots of enemies, etc. until the lost token's reported and a new one isssued. Poor kid gets back online and faces all his/her online friends refusing to talk to him and complete strangers cussing them out for something they didn't do. Brilliant system.
Re:Gender? (Score:5, Insightful)
Re:Nothing is perfect! (Score:5, Insightful)
It's really not better than nothing at all. The illusion of safety can be more dangerous than being wary of threat.
COPPA anyone? (Score:5, Insightful)
It's not the school administrators information to give away. This information must go through the parent.
Re:If it's just to verify "age and gender" . . . (Score:5, Insightful)
If we've learned nothing else from social attacks, it's that a misplaced sense of security can actually be worse than a lack of security at all. If you think that authentication is working, you're less on your guard (and more trusting) that you would be if you thought that it definitely wasn't working. If the system is that easy to foul up, it's thus worse than no authentication at all.
Now if it was 2 or 3 factor authentication (i.e. in order for the token to work you have to do a fingerprint and PIN check) then it's a different story. If it's just a dongle, it's pretty worthless.
There's already a device that protects children. (Score:5, Insightful)
Re:If it's just to verify "age and gender" . . . (Score:5, Insightful)
Either this is an insidious attempt at a pilot of some sort of "internet ID" or a completely dumb idea.
More than likely, it's both.
Re:Am I missing something, or is this lame? (Score:4, Insightful)
It's more like those kids who are already on the internet will continue using open environments (AOL chatrooms, IRC, message boards) where the token is useless, and those who aren't web savvy will loose the damn thing.
The way to make these used is to make kids want to use them - for example, providing places where kids feel more secure or comfortable with some guarentee of the identity of their co-chatters. On the other hand, we're just lulling those kids into a false sense of security for many of the reasons you list above, regardless of whether or not what you mention comes to pass, but because it teaches them to trust weak technology without thinking.
mod parent up! (Score:3, Insightful)
Re:Credit card ? (Score:3, Insightful)
Yes, this evil, murky boogey man lurking around every chat room corner is overblown. But, because it makes parents' blood boil the law makers and authorities can get away with murder by bringing it up.
And of course we know that these keys cannot be spoofed or duplicated. Verisign says so.
Another poorly thought-out technical solution to a Human problem.
Translated story (Score:3, Insightful)
Who says Verisign thinks it's easy? (Score:3, Insightful)
Verisign doesn't care. They just need to convince people that these USB keys somehow protect their children. It doesn't matter if it ACTUALLY works, just that people BELEIVE that it works. In fact, it's probably better for verisign if it doesn't work, as it's less work for them.
The goal isn't to protect children, the goal is to get $20/year from every kid who accesses the internet. Neat trick.
Credit vs. Debit (Score:2, Insightful)
Advantage of credit cards is that a) you can exceed your available money (although I don't reccomend this, as the interest rates approach loan shark proportions) b) Because there's an extra buffer between you and your bank accounts, there's a fair amount of theft protection built in. You're only liable for $X of a stolen credit card, usually about $50, assuming you report it promptly. Debit cards, well, you may have a bit more trouble getting the money back from your bank. c) Using a credit card improves your credit rating. This is why I pay for everything by credit card, then pay off my bill in full every billing cycle. As a result, I've built a solid record as someone who makes use of credit and is also reliable. *shrug* It can make a big difference when it comes time for you to purchase your first car or house.
At the end of the day, I tend to carry my Discover card for credit (cash back is miniscule, but better than nothing) and a check card marked with a Visa logo for places that don't take Discover and for ATMs. ^_^ And I carry another credit card, a MasterCard, which I use if I run into places that don't carry Visa or Discover. I used to also keep an American Express card, but it seemed to be overkill. (Plus there's some political issues there, but that's another matter entirely)
Re:Rule #1 (Score:1, Insightful)
Re:If it's just to verify "age and gender" . . . (Score:3, Insightful)
Re:Gender? (Score:5, Insightful)
Foucault would probably point out that technologies of control have always been inflicted on children first, always for their safety and well being. Verisign's obvious goal in this is to breed a generation of Internet users that are accustomed to using an ID with a computer. While this generation comes of age, Verisign will probably partner with Microsoft and legislators to make Verisign-issued IDs mandatory start a computer, first for children, then for the rest of us. It's not that far-fetched, and it ties in well with DRM.
As for girls (or boys, for that matter) discussing their private lives online, a less cynical and profit/control motivated educator would explain that you just don't discuss those things online. Kids should understand that they are publishing when they're writing in a chat room, whether it's run by the school or Mattel, and anything you say can be stored, copied, and republished outside of the context you wrote it in. These keys would obviously not keep a malicious child from copying sensitive text from a gender "locked" discussion board, complete with IDs, and text messaging it to the rest of the class.
Re:Credit card ? (Score:3, Insightful)
Yesterday, when I was at work, I was trying to do some quick research about a grill I wanted to buy. I went to google and accidentally searched for 'girlls', which led to some interesting hits [google.com]. I didn't visit any of those sites, and did a search for 'grills' instead. A few minutes later, I hit 'back' one time to many, and through some unknown sequence of keys, I either submitted a "I'm feeling lucky" or selected that first hit, and my monitor was filled with pictures of black-teens-ebony-sex. Luckily no one can see my monitor in my office, but still.
Re:Gender? (Score:5, Insightful)
One of the biggest strengths of the internet is the ability to discuss issues anonymously that you may be too embarrassed to discuss with your friends and family--friends and family who would be of no help anyway since they know just as much as you.
Re:Gender? (Score:4, Insightful)
So let me get this straight -- these kids are having to prove their identity in order to be able to discuss stuff anonymously. That makes sense.
Re:Credit card ? (Score:2, Insightful)
There's more to life, the universe and everything than money. Money doesn't make a person. Every day, people fall on financial hardships and sometimes need to over-extend themselves just to get by. Especially in this economy (though, yes, it is getting better).
Responsibility should be judged on many different things than how much money one has. How about how they treat others or how they conduct themselves? Does the neighborhood crack-head who lives off of welfare and hand-outs but happens to be in great financial shape since he has little to no bills deserve to be called an "adult" over the guy who works his 9-5, stays clean and sober, drives the speed limit and goes to church every Sunday, but since he got laid off and works at BK for minimum wage, his bills have been late?