Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Privacy

Mitnick Supports A Federal DNA Database 130

Mike_K writes: "According to this interview, Mitnick supports the idea of creating a federal DNA database. He says that today's technology makes identity theft really easy, and we need a way to make sure you are who you say you are. A summary of the interview can be found here." That's not really the central point of the interview, but it is an intriguing one. Think what you will of Mitnick, his court-imposed computer deprivation hasn't stopped him from peering and poking at the technological world.
This discussion has been archived. No new comments can be posted.

Mitnick Supports A Federal DNA Database

Comments Filter:
  • Sorry! I wasn't trying to be condescending at all, just humorous. If I liked emoticons more, I would have used one.
  • Yeah!! And you could met the clone of yourself several years down the road! And then lose a job to him, because he was cloned with the "Lazy" gene removed! Isn't that exciting? And someone in the government could program a virus just to kill you! Or a terrorist could use the info to wipe out your entire family tree!! Look at the history: Score: Chemical Weapons 2 Human Race 0 Nuclear Weapons 2 Human Race 0 Genetic Engineering ? Human Race ? Nanomachines Run Amok ? Human Race ?
  • (Non-fraternal) twins have identical DNA. An identification system based on DNA is doomed for this and various similar reasons. Read Garfinkel's "Database Nation" to see why.
  • Um, no. They don't know who the criminal is just because DNA was at the scene. It can provide a list of suspects, much like a security camera or eyewitness testimony though. Consider a hotel room that someone was murdered in. How many other people's DNA could be found? Sure, they clean the rooms, but an eyelash is more than enough to get a DNA sample. So if I stayed in that room a month ago there is a chance a good DNA sample would be there waiting for the cops. Of course, they would probably refference the hotel guest book and see that I wasn't there at that time.

    I would have issue with the availablility of such a database as well. I would want it to be locked up tight. And have civilian review of access. I don't trust the government. Such a database should require a court order to access, like a wiretap, to prevent missuse.

    Just a few issues with such a database. There are more and probably some better ones to consider before implimenting such a thing.
  • Oh, I suppose the governement never did anything to help us either. Every last person in the government was the judge jury and executioner of kevin mitnick... It was a small few that screwed him over, not the whole damn thing.... Just remember, without the governement, there would have been no internet (I'm not pro government, but i believe that you have to disassociate the person from the group that person associates themselves with, this goes for all people/groups)
  • Hacker Blevin Witwick said today that all financial records should be put in Win95 servers on the public internet with no data backup. This is a surprise turnaround from the usual (e.g. L0pht) hacker position of cautioning against dangerous and stupid security moves.

    Witwick's warden (er..) handlers say this is a turning point for witwick, who formerly opposed government activities that encouraged crime.

    FBI spokesperson C.G.B. Spender (a.k.a. the cigarrette smoking man), said this is an important first step to making sure that all citizens have access to military action when they need it, by creating a situation where "enforcement alone is not enough."

    Congressman J. Robert Newbie from Wisconsin said this was a bold move and that "I've never seen anything like this before!". Spender replied "I have. Burn it!", his herbal cigarette burning fiercely in his trembling hand.

  • I'd no longer have to worry whether I was hiring someone with a congenital predisposition to, say, Tay-Sachs; I could just call up the DNA registry.

    Tay-Sachs is a genetic lysosomal disorder that develops serious problems by nine months after birth. If someone has it, he won't make it out of childhood, and thus won't reach employment age.

  • Mitnick also supports my genitals.
  • Of course any reasonable biometric system wouldn't work with a dead thumb or eyeball, making this whole argument pointless.
  • wondering why anyone is listening to that loser. He's been out of touch for HOW many years? They should have left him in jail. The moron causes a lot of willful damage. He's a black hat people, not a white hat. He just finally figured out how stupid he was, so now he's just to fix his image. Incidentally, any moron with a computer could have hacked systems back when he did, so don't be too impressed with him.
  • Ditches his "Free Mitnick" bumper sticker

    Creates a "Lock Mitnick Back Up and Gag Him!" bumper sticker

    BTW, you guys should read the book "Database Nation" by Simson Garfinkle. It deals with the loss of privacy in the Information Age.

  • No not necessarily. If I switch the Name on the DNA, I could chain my DNA to another persons name as well. (sorry, got that upside down the first time).

    Michael
  • try drinking it
    .oO0Oo.
  • To sum up, he says that you can't have both privacy and accountability (security). What matters is who controls the information: the govt (in that case, it's a lot like Big Brother), or everybody. Read this carefully:

    http://www.kithrup.com/brin/trans_chap1.htm
  • by rice_burners_suck ( 243660 ) on Sunday October 15, 2000 @04:03AM (#704982)
    IMO, the government's methods of record keeping are what caused identity theft to become possible in the first place.

    Identity theft is the process of obtaining key information about a person, such as (in the US) their social security number, driver license number, date of birth, etc., and then obtaining bank accounts, credit cards, etc. using that information. Ask yourself why knowing someone's SSN makes it possible to get credit cards in their name.

    If you live in the US, how often are you asked for your social security number? And how often is it requested by a non-government agency? As an example, I recently had an eye exam. They requested my SSN and driver license number. (I gave them neither.) Why do they think its their business to ask for that information? Social security is for retirement (and taxes). The use of social security numbers by government agencies or private companies is not required or forbidden by law. Citizens of the US are not even required to have a SSN. These days, however, it has become a personal identification number. It is now used in public schools and universities as a student number. Banks require it to open accounts or issue credit cards. Ask yourself if any why this is wrong.

    Government DNA records keeping may be extremely convenient. It's easy to think of the advantages of any government program -- that's what the government wants you to do. But whenever the government wants to implement something and they start telling you why it's so good and so beneficial, stop and ask yourself what the disadvantages are, because those will come back to haunt you and everybody else later. Try to figure out what else may be behind DNA records besides just identity theft prevention. Imagine to yourself that this idea is just one of a series of ideas that together will give the government more control over your life than you will find comfortable. This is not far-fetched, and it is not a conspiracy theory. It's just an observation of history -- people in high places want to be in higher places.

    Let's compare this to computers. Nowadays, it is difficult to crack some of the more secure systems. Take the *BSD OS's... I receive email notification of compromises and patches when they are found. Most of these compromises are buffer overruns and stupid things like that, but when many bugs like that are used in complicated sequences, it is possible to get access to private information. The government is like a huge operating system. Laws are like program statements. If some folks in high places want more control over your lives, they find the little exploits in the laws and use them to modify the system in their favor. Ask yourself: can DNA records keeping be one of many complicated steps that it takes to gain more control over a country?

    Finally, every system run by humans will have mistakes. There is no question of whether or not mistakes will be made in DNA record keeping -- they will be made. If this is put in effect, and the government mixes your record with someone else's (or if somebody manages to switch records around on purpose) how will you prove who you really are? "I'm sorry [sir,ma'am], that's what the computer says." "But the computer is wrong." "I'm sorry, we must go by what the computer tells us." Ask yourself if this is what you want, and seriously consider the disadvantages first. The advantages are without saying.

    Just my two cents worth...
    Nathaniel G H
  • Mitnick should spend about ten seconds and then he would realize how to hack DNA databases. All you need to do is plant samples from the person being framed at the scene of the crime. This is an old technique in crime movies.

    In the movie "The In Crowd", for instance, one girl borrows a blue dress of a friend, sleeps with a guy, gets his DNA smeered all over it, then frames the girl later.

    In the movie "Gattaca", the lead character uses DNA samples from another to constantly fool the establishment.

    In Presumed Innocent , the main character is almost set up by DNA>.

    The list goes on and on and on. Identity fraud is a serious problem. The only solution is not to rely upon identity. Biometric solutions like DNA or other details can be easily fooled and hacked. Mitnick is an expert at assuming other identities. He should know it by now.

    Anonymous techniques like anonymous cash or nyms are a better solution. They have their problems, but they aren't so easily fooled.

  • Yeah!! And you could met the clone of yourself several years down the road! And then lose a job to him, because he was cloned with the "Lazy" gene removed! Isn't that exciting?

    Oh, please. This is ridiculous. Nothing to worry about for at least another century or two.

    And, besides, that clone would certainly be more fit for the job that I would be, so what would the problem be?

    And someone in the government could program a virus just to kill you!

    Quit being ridiculous.

    Or a terrorist could use the info to wipe out your entire family tree!!

    Yeah, but he could also use currently available medical records.

    Look at the history: Score: Chemical Weapons 2 Human Race 0 Nuclear Weapons 2 Human Race 0 Genetic Engineering ? Human Race ? Nanomachines Run Amok ? Human Race ?

    You see the score that you want to see. Your paranoia is blinding you.

    Bruce

  • by Anonymous Coward
    The guy was a talented haxx0r who got locked up and got the shaft. This does not immediately make him Mumia Abu-Jamal [mumia.org].

    He's a tool, always has been, probably always will be. He's not a spokesperson.

  • Mitnick: The $300 million was a bogus number. It was based on the research and development costs for writing the software I stole. The only way the government could convince the media, the public, and the courts that I was the hacker from hell -- a cybermonster -- was to show how much harm I had done.

    Y-LIFE: You feel the reported damage was inflated?

    Mitnick: Right. After all, they couldn't convict me for being a super pain in the ass. ...

    One thing I can't help but point out (even though this isn't the main thrust of the Slashdot story, the Slashdot angle isn't the main point of the interview) is that if the $300 million damages were real, why were these damages never reported as losses on the companies' financial statements for their shareholders? This leads to one of two different possibilities:
    1. He didn't really cause 300 million dollars' worth of "damages" to those companies.
    2. He did cause $300 million in damages, and the companies are guilty of stock fraud and should be investigated by the SEC for misreporting their profits and losses to the shareholders.
    One can come to this conclusion regardless of how you actually feel about the man himself, although I feel that his punishment was way too severe for the electronic equivalent of looking through someone's window.

    --

  • They State I live in can't even keep my driving record and that of a convicted felon in another county straight! Never mind the fact I am of a differnt race and our names are not even close to being similar. A DNA data base would be just a another way for law enforcement to profile potential arestee's. Can you imagine all the fun little "facts" that the bean counters in washington would come up with? "ok, this guy has a genetic predisposition to making fun of police officers in resturants, pull 'em over!" "no don't lie to me, you can't be a Carpenter it says right here that your gentic type only finds carears in sales or marketing!" mmmm what a brave new world that would be
  • DNA testing or keeping a DNA library does not mean making a complete genome sequence. There are particular traits that are looked for, which differ from test to test. The percentage of people with a given set of DNA characteristics is very small, but the number of people with given characteristics is large.

    This means that if an eyewitness claims to have seen you at the location of a crime and your DNA matches a sample recovered there, it is overwhelmingly probable that you were there.

    Now we get to the part regarding privacy. If a DNA sample taken from a crime scene is checked against a comprehensive database, there will almost certainly be many, many matches. As we have seen recently, once a prosecutor has decided someone is guilty, he doesn't let anything (like the truth) stand in his way. (For example, the case of Wen Ho Lee) So your DNA randomly matches a sample from a crime scene; the reality is that it will be your responsibility to get lawyers, go to court, etc. to prove your innocence. Let us hope you are not a member of certain ethnic groups when this happens.

    A national DNA registry would be bad.

    CC

  • well you could tell them you've got an identical twin
    .oO0Oo.

  • Let's face it, someone will get a hold of the database, or part of it, eventually, ant what will you do then ??

    Issue everyone a new DNA ??


    --
    Why pay for drugs when you can get Linux for free ?

  • So we should take the advice of a conviced cracker and create a national database of everyone's DNA and put it on some computer system for the Fed to use.

    Is it just me or does this sound like he's asking us to create largest target for the Black Hat community since the Pentagon.

  • If someone figures out how to spoof biometrics-based security or identification in some system, there's absolutely no way of issuing new IDs and passwords... I much prefer systems that allow me to do something about a security break-in.
  • dna profiling doesn't profile your full genetic makeup. It samples 10 key points. (I think it's 10 but the implications are the same.) When DNA from a crime scene or wherever is attemptedly matched it also uses these 10 points. The chance of a match from a random sample is in the millions I'll accept that but DNA is not randomly distributed. People generally don't travel far from their birth town so there is more likely to be a random match in your home town than somewhere on the other side of the world.
    Juries tend to believe million to one chances over "but it wasn't me".
    I don't like crime (I love it'ah oh yeah - oops sorry) but I do look forward to the day that someone uses DNA profiling as their defence :)

    .oO0Oo.
  • I phrased it badly, but I was thinking of an adult whose DNA showed a likelihood of his children developing Tay-Sachs. I'm sure an employer would prefer not to have to deal with an employee who was constantly out tending to a dying child, plus the increased insurance costs imposed by the rather expensive medical bills involved. I once had a dentist who told me that he was only going to hire office asistants who were beyond their child-rearing years for exactly these sorts of reasons.

    And speaking of insurance, I envision that the day will come when the genetically-flawed find it tough to get. I don't see an easy way out of it through laws forbidding discrimination, since the result would be people getting themselves tested and then loading up on insurance if they find that they're at high risk for something. Sort of a real-life version of the old 'insuring a burning building'.

  • by Anonymous Coward
    What are Mitnick's credentials for speaking on any issue? I mean, except for his confirmed (as in jail time) lack of respect for someone else's privacy and property? Wait a minute, I think I see a pattern here.
  • First thing the damned trillion-dollar insurance business gets access to this database of yours, then they promptly start red-lining all the people with an identifiable genetic disposition to certain diseases.

    Which is why we need strong laws against any discrimination because of one's genetic code - forget racial discrimination, forget discrimination because of sex, much of the stuff covered in the ADA, etc etc .... they are all types of discrimination because of one's genetic code - they are also symptoms of the thin end of the wedge - we're all subject to discrimination - some insurance companies already wont carry people with family histories of certain diseases. The right thing to do is to make any sort of discrimination illegal

  • Well, would anyone have expected Kevin Mitnick's first priority to be privacy?-) (Heaven knows he's not likely to have any real soon.)
  • It's going to be awfully tough to get around a biometric system if it's done right. It shouldn't really be a problem and you can always use a combination of the two systems (biometrics and password).
  • by joshv ( 13017 ) on Sunday October 15, 2000 @03:02AM (#704999)
    ...who doesn't worship at the alter of Mitnick. I saw serveral interviews with the guy right after he was released and he did not strike me as being particularly insiteful or up to date. Additionally he had the annoying habit of explaining things at the microscopic level of detail, which is why, I assume, you no longer see him on Good Morning America.

    I found it particularly amusing when he was asked to comment on the Melissa virus. What was going through the TV producers head on this one - perhaps something like 'computers, illegal, Mitnick!'

    As to what makes Mitnick an authority on biometric identification and identity theft, I have no idea.

    Mitnick was a competent cracker in his day who was made an example of by some corporations and the US government. His 15 minutes are now up.

    -josh
  • Whoops, okay, he did mention it. Guess it shows that I didn't read the article all the way through.

    The point still stands, though.

    --

  • Of course Mitnick favors a centralized DNA database. Then he can hack it and steal all of our identities!

    And as someone else so astutely pointed out, once some identity thief steals my genetic ID there's no way to prove that I am not the thief (or vice versa), and there's no way to issue me a new identity so that I am distinguishable from the thief again...

  • Aren't parents now required by the IRS to get an SSN for their children before their 1st birthday? I think at this point everyone in the US _is_ required to have an SSN, even before they can talk.

    Maybe you can get around it if you don't have any income taxes or something.
  • by Vassily Overveight ( 211619 ) on Sunday October 15, 2000 @04:44AM (#705003)
    This would be great. As an amployer, I'd no longer have to worry whether I was hiring someone with a congenital predisposition to, say, Tay-Sachs; I could just call up the DNA registry. My health insurance premiums will plummet. And when they finally figure out the gene responsible for being gay, I could keep those weepy flamers out too ('course, I'd have to make some other excuse since that sort of discrimination doesn't play well these days). And I'll just bet that there's a gene in there that makes one susceptible to alcoholism. Anyone having that won't be working at my place either, AA member or not.
  • Yes! Assuming biometrics would never be spoofed is a dangerous assumption.

    The old standby of "something you have and something you know", like your ATM card and your PIN number, provides great security and quick handling of any stolen information. With DNA identification, if a malicious person gets a hair sample from you and publishes your gene info on the internet for the purposes of identity theft, you can't just change your genetic makeup for a new one.
  • Why was this story posted? This person has no standing in the field, or any other field besides petty crime.

    While the subject of the quote is worthy of discussion, couching it in terms of a quote from this guy is no different then the pandering the main stream media engages in.

  • Forget about Monica Lewinsky. I want to see Mitnick on Larry King. He must be pulling in a $million every week on interviews and analysis of current trends. Here we have a guy whose been given a window of opportunity and used it to become the most popular technology figurehead since John Carmack.
  • I agree with the statement that a DNA database is a pretty spooky prospect. I think it is possible for it to be done properly, but the potential catastrophe if it is mishandled (and who here trusts government, even good, democratic, well-intentioned, non-corrupt government, to never make a mistake?) far outweighs the potential advantage of One More Way To Fingerprint.

    However, I do think it's a bit optimistic to think that crypto alone holds the answer either. It's like Bruce Schneier has taken to saying more often in his new, more cynical writing: "Using crypto is like sticking a 1 foot stick into the ground and hoping the criminals trip over it" (or something along those lines). Even if we suppose that the crypto is unbreakable, and un-brute-forceable (which with Moore's law being what it is, and with advances in nanotech computing threatening to produce VERY fast stuff) - all that means is that crooks will take another route - alter the database that associates keys with identities, or keystroke log the government terminals where new key pairs and passphrases are created. I caught Schneier's fever for crypto after reading Applied Cryptography as did most people, but he's right when he says that it is no panacea.

    Cheers,

    Johnath
  • Mitnick might have used identity theft himself so that is why he might have an opinion on this.

    While complete transparency may seem cool, one danger is that this technique is abused by "bad" governments. Interestingly, if you lead this thought to the logical conclusion: Should a society intentionally allow loopholes for covert activities or terrorism - As a kind of negative feedback and control against bad things in society ?

    On a completely different venue of attack, if only your DNA prooves that you are yourself, what if someone manipulates your records so that they show someone else is yourself ?
    What this comes down to is that the method of assigning merits in the form of assets( goods and money ) to people is in itself very vulnerable, especially if merits are assigned over a logn time.

    and how would those aliens hide among US if we did DNA tests ?

  • Why does Mitnick's opinion on this issue, or any other, matter? He has no special insights in this area (other than stealing confidential information in the past). He's a criminal. Why does American society glamourize criminals and give them some sort of exalted status?
  • Everyone who breaks the law is shit? I don't know where you read that in my post. Stick to responding to what I actually wrote.

    As to being up to date, I am certain he was not denied access to technology periodicals and literature - and he had plenty of free time on his hands to study. I am not critizing Mitnick so much for being out of date, but the press for glomming on to him as if he were some technological oracle when he didn't really seem to 'get it' anymore (if he ever did).

    -josh

  • ? As an example, I recently had an eye exam. They requested my SSN and driver license number. (I gave them neither.) Why do they think its their business to ask for that information?

    I can think of two reasons just off the top of my head. 1) So that they can access your credit history if you skip on payment. 2) So that your medical records can be entered into the national medical records database. If you want to be assured of maintaining your privacy, it's not sufficient to deny them your SSN and drivers license. Either can be found by simply starting with your name and date of birth. Personally, I pay cash, give a fake name and DOB, and don't supply them with an SSN or drivers license number. Not feasible for those using insurance, unfortunately, but that's what happens when you let someone else pay for your medical care.

  • by Stonehand ( 71085 ) on Sunday October 15, 2000 @05:00AM (#705012) Homepage
    ...He has said he felt like James Bond. Still, according to figures calculated by law enforcement officials (figures that Mitnick disputes), he caused at least $300 million in damage, with millions spent on new security systems alone.

    Only $300 million worth of damage? Blofeld's oil rig, Goldfinger's base, at least two Russian nuclear submarines, a Columbian drug factory, a biotechnology research lab, countless souped-up cars, helicopters and motorcycles... Mitnick's nothing compared to Bond.
  • ....

    who gurantees me that a cracker doens't simply also change the name on my DNA?

    I guess in the end you can easily loose your idendity if the person who tries to steal it is only dedicated enough.

    Just my 2 cents.
  • by Anonymous Coward on Sunday October 15, 2000 @05:30AM (#705014)
    As Bruce Schneier says [counterpane.com]:

    "Biometrics also don't handle failure well. Imagine that Alice is using her thumbprint as a biometric, and someone steals the digital file. Now what? This isn't a digital certificate, where some trusted third party can issue her another one. This is her thumb. She has only two. Once someone steals your biometric, it remains stolen for life; there's no getting back to a secure situation."

    Biometrics is a bad idea over any kind of public network.

    Well, at least until genetics advances to the point where we can clone new thumbprints. But then that just opens the door to a new kind of identity theft.

  • Mumia Abu-Jamal murdered a police officer. He doesn't deserve the adulation he gets any more than Mitnick.

    Mitnick and Abu-Jamal are criminals, always will be. Mitnick deserves everything he got and Abu-Jamal deserves what he's going to get, sooner or later.

  • No, DNA based identification is a good *part* to a security / identification system, but it dose have some limitations. These limitations are actually more serious in the criminal justice system the in normal security applicqations. Specifically, DNA has a low rate of false positive matchesm, but when you make a lot of comparisons the chances become high.

    Example: Lets assume that DNA matches give a false positive once every million attempts, but that a false positive on a search is enough to convict someone. Let say that every police detective requests 100 DNA searchs per year. Lets say that there are 100,000 police detectives in the U.S. this means that we falsely convict 10 people per year.

    Clearly, allowing DNA evidence which is used in a search is just as stupid as pretending that 8 character passwords are good enough when a hacker can launch a script to try 128^16 account & password combinations per week/month without being noticed.

    The solution is to require more diffrent kind of identification, i.e. if the cops use a DNA search to find the guy then they may not use any DNA evidence in court period. Simillarly, if they use a finger print search to find the guy then they should not be allowed to use finger print evidence in court.
  • "No one (except you) said he was Mumia Abu-Jamal. Being a convicted murderer on death row is a far cry from Mitnick's current parole without computer use or free speech."

    Calling someone up on the phone and issuing a death threat, wheather or not in jest, is not free speech. Mitnick is a criminal.
  • The main thing about the whole Mitnick story though, and the part that most people seem to not understand, is not what he did, but what was done to him.

    I did some reading on it, and by holding him as they did, the US government actually violeted the UN Charter of Human Rights. If any other country did this, the US would be bombing them, so why are we exempting the US?

    The whole case against him was BS bully tactics, and blatent violations of the US Constitution.

    If you can't see past the buzz into the real issue, then what are you doing on /.?
  • Human blood has no DNA.
  • Because in the end it doesn't matter whose name is on the DNA in the giant register. What matters is can you go up to the little blood tester machine and have it come back with a match. Only the real person could do that.
  • by istartedi ( 132515 ) on Sunday October 15, 2000 @11:34AM (#705021) Journal

    In a related story, a washed-up con recently transfered from Lorton Federal Penetentary was quoted as saying:

    "I have to wear an orange jumpsuit with a serial number on it. At first I didn't like it, but now I do. I never have to worry about what I am going to wear, and people always recognize me. When they greet me in the yard, they say 'hey 2355232 whasup?'. When it's time for lights out, the gaurd just punches my number into his Palm Pilot and they know that I'm safely in my cell. I think every American should be issued an orange jump suit with a number on it. It would be great for the country."

    I value Mitnik's remarks about as much as I value the remarks of this fictional convict.

    Please stop worshiping at the altar of this tired-out loser. Karma to spare. Do your worst.

  • This guy is on bail. If he even says something inappropiate he can be thrown into prison again.

    Anything he says must be taken with a grain of salt, remembering that in a way he is very extortionable by the FBI, and other law-enforcement agencies, that want to have this DNA bank.

    Mitnick's obviously a clever thoughtful guy. That doesn't mean he is principled and he's always going to say what's beneficial for humanity, especially when his selfish interests are at stake.
  • Um, regardless of your opinion of Mitnick, he did mention identity theft in the article. Therefore, he does have some experience with the field (namely, federal DNA database to assure identity). Of course, someone else raised the issue of somone cracking said database and changing the name associated with a couple of DNA strands, but....

  • SELECT name,ssn,address
    FROM persons
    INNER JOIN employment ON persons.id = employment.employeeID
    INNER JOIN have_genes ON persons.id = have_genes.phenomeID
    INNER JOIN genes ON genes.id = have_genes.geneID
    WHERE termination = 'layed-off'
    AND genes.contributesTo IS LIKE '*aggressiv*'

  • by xtal ( 49134 ) on Sunday October 15, 2000 @05:40AM (#705025)

    I don't want the government recording my DNA. That's just a bad scene waiting to happen. Even if it's only a hash code generated from my DNA, it's just not cool. Canada leads the way here, although I think the USA is now running DNA databases of criminals.

    A far better idea for preventing identity theft is through the use of a smart card system and strong encryption (2048+ bits). You could generate a public/private key pair, of which only the individual knows the key - and the key is assigned at birth or issue date, with no information about the password recorded at the goverment site (maybe a backup of the smart card in a secure location). That way, you can present the public key for people like credit reporting agencies, who can issue you financial information encrypted with it - without that smart card + password, you're SOL if you want to steal someone's identity.

    Another problem with using DNA is that more criminals are going to get wise to law enforcement becoming STUPIDLY dependant on DNA for investigations. Obviously the criminal element isn't too bright - what if you went and got some hair - ever get your hair cut at a barbers? Or blood - ever donate? Or any other combination of fluids / skin whatever - we're talking MINUTE quantities - and use it to plant false "evidence" for someone. Much akin to hiding an ounce of pot in someone's car who's going over the border and "calling ahead", that person is fscked.

    Oh well. I'm a cynic, DNA databases are the future, maybe I should start writing DNA law enforcement software, eh. :)

  • This is government work at its best.

    The government hires a federal convict to advise them on a subject that they have no understanding on.
  • the problem with biometric data is that it's not terribly secret. If you used your retinal scan to validate something online, then wherever you validated with would have to have a record of it, and what's to stop someone with the record of it from sending it off as theres. Your DNA is unique, but it wouldn't be difficult at all for someone to get a sample of it, and pretending to be you. I may not be able to make my body match your biometric qualities, but I doubt it'd be too difficult to go in somewhere between the biometric entries, and the computer comparing it with its records.

    On a side note, how much could Mitnick really be informed on all of this? Why do people care about his opinions on anything? Am I going to see a story about what kind of chaloupa he things taco bell should offer next? Nothing against the guy himself, but let it go...

  • Comment removed based on user account deletion
  • No it is not crack proof. The link between you and the data about you is perhaps the strongest, but there is no reason to believe that spoofing technology cannot be developed to fool the tools that use it, and then what? You will have a few other 'yous' with a crack-proof link to the data.

  • A national DNA database would be a good thing for the reasons you cited, but I'm still wary of the privacy implications for Americans like me. So, couldn't we go and make a database of some other nation instead? Like, maybe our neighbors to the north? There's no reason why it has to be our nation, after all.
  • did it occur to anyone that no one can believe anything coming out of mitnick's mouth from here on out. for right now he's the fed's puppet to sell their propaganda to the "hacker" community. trust me, he's finished. anyone here seen gattaca?
  • Wouldn't DNA identifying people allow someone to steal someone elses id by simply having their dna? and isn't dna present in things such as hair? Sounds like a bad idea...

    -HobophobE
  • ok the government should have a DNA database I propose that we all have to give the government a sample of our pewp everyday that way they could prove we are there by checking the bathroons too. Its all about finding the "guy who did it and protect the little man"
  • You beat me to posting this and I'm with you entirely. I think its actually pretty funny watching people worship this guy like he's a god and an expert on everything that has to do with computers. I mean the guy was in jail for a few years away from a computer for crying out loud, so he's gotta be out of date on lots of stuff.
  • Look, did Mitnick get screwed by the government? Probably. Is he still getting screwed? Okay, sure. But does that mean that everything he says is intelligent or insightful? Hell, no.

    To publicise the injustice done against Mitnick seems like a good idea to me. If he, or anyone else were to make a newsworthy comment, then it should be reported. But to base a story on one paragraph of some interview with him---especially such an asnine one!?

    Mitnick is not my god. I don't even particularly look up to the man. I don't much like what happened to him, but that alone does not make him a man whose opinions particulary valid, interesting, or important.
  • by kaisyain ( 15013 ) on Sunday October 15, 2000 @06:52AM (#705036)
    I didn't realize the amount you pay in taxes was the most important indication of freedom.

    In any case, from what I can tell [virtualtaiwan.com], the income taxes I would pay in Taiwan would be about $18,000 a year as compared to the $21,000 I pay here. That's hardly "almost no taxes".

    And in return for that saving of $3,000 a year I get to move to a country that only four years ago instituted real democratic elections and has just this year dropped almost 20 places (down to 51st) on the Economic Freedom index.

    And why would you complain about government control of health care and then move to Taiwan?

    And don't they include your fingerprint on the National ID card they issue in Taiwan?

    Wasn't it just last year that the Publication Law, the one that required all publications to be registered and approved by the government, was annulled?

    I've read that Taiwan they can impose the death penalty for illegal ownership of guns and that gun control is stricter than in Japan.

    Wasn't there a government report about rapant abuse of wiretaps by law enforcement agencies in Taiwan?

    I mean, not to say that Taiwan is a horrible place or anything, but it was only in 1987 that martial law finally ended. I don't think they are quite the utopia you think they are.
  • Well, what diffrence does it make? The statement he made was completly correct wether he said it or I said it or bill gates said it. Once the data for, say, your thumb print gets stolen, your thumb can no longer safely be used as a biometric on any kind of network (unless you are relying hardware security through obscurity). and if her actual thumb got taken, well then what is she supposed to do.

    and finaly, I'm pretty sure Scheier makes money at crypto stuff, making him a professional, not an amateur.
  • As an identical twin, how would the DNA database differentiate between my brother and I? Our DNA is identical... that's the definition of an identical twin.
  • [the government] Hey Kevin, endorse our DNA database and we'll let you use computers!
    [Kevin] uh...OK!

    _________________________________________

  • I don't understand how this could stop identity theft anyway. Hackers have been able to break into almost any system. They'll definetly break into this identity DNA database too.

    Identity theft is a lot easier than you might think.

    Every time you give someone your name and social social security number, or your credit card number and expiration, etc. they can impersonate you simply by giving that information to someone else. Even if you trust the organization you're giving the information too, do you trust the dumpster divers waiting outside?

    Biometric identification isn't really going to be any better. For it to work you have to go to an office somewhere with the biometric hardware, and our world is becoming less and less of a go-to-their-office world. How do you think banking online is going to work? They aren't going to give you biometric ID hardware and hope nobody figures out some way to tamper with it (or maybe they will; it's no more stupid than the current situation). Most likely someone will come up with the bright idea of a "DNA identification number" that you can give over the telephone/internet which will work (or not work, as is the case) exactly the same as SSNs do now.

  • I agree with you. I think it would only add more paperwork to an already bogged down justice system. What about error? Just as you said, you shed a lot of hair, most people do... so it would be extremely easy for this technology to be abused... and if put into the wrong hands, how many innocent people are going to be put behind bars. Not enough people know about cloning, or genetic issues... I for one, am in that group... and it would be easy to give false information to people and have them base their decisions on only the information given. Personally, I think it should be used sparingly, if not at all.
  • The blood itself has no DNA, but white blood cells do.
  • The problem is, poeple woudl have a tendency to consider biometrics as *absolute*. THAT is the danger.
  • ...and now the New England Journal of Medicine supports U.S. Kidney Registry [newsday.com]. Where will it stop?

    "I will gladly pay you today, sir, and eat up

  • Putting aside the obvious issues of privacy, abuse, security, etc., I have one question:

    If there's no method to verify identity without a DNA database, how would you verify people's identities to BUILD the DNA database?

    Cheers,
    IT
  • by AdamHaun ( 43173 ) on Sunday October 15, 2000 @07:04AM (#705049) Journal
    > Citizens of the US are not even required to
    > have a SSN

    Unless, of course, you want to...

    Obtain benefits if your parents die
    Qualify as a dependent for tax purposes
    File for tax returns
    Get a job(so the IRS can know how much you make)
    Get a bank account that pays interest

    Don't confuse "not required" with "don't need".
  • by account_deleted ( 4530225 ) on Sunday October 15, 2000 @07:06AM (#705050)
    Comment removed based on user account deletion
  • by Andrew Dvorak ( 95538 ) on Sunday October 15, 2000 @07:12AM (#705052)

    The cost of ensuring protection of one's identity by indexing DNA comes at a cost.

    • I am indexed in the DNA database
    • I witness a crime
    • I testify against those who had committed the the crime.
    • I may require the protection of the "Witness Protection Program" to protect against retaliation from those associated with the convicted or otherwise.
    • Let's say "something happens" that I need to be referenced in this database.
    • I am now flagged as "somebody else" (note: my "original" identity)

    You can probably understand any further problems, as the witness no longer has as much guaranteed secrecy as before.


  • by Emperor Shaddam IV ( 199709 ) on Sunday October 15, 2000 @03:08AM (#705055) Journal
    This is one step closer to Big Brother. This is all we need, more control and monitoring of our personal and private lives by the government. This is just a step away from government mandated drug testing, government control of health care, and the ability for the government to track anywhere you have been from your DNA signature, and other losses of Privacy and Freedom. If the governement wants my DNA, I'm moving to another country where my privacy is respected. Doesn't anyone else see this as a danger to our privacy and freedom as I do???
  • Which country are you going to move to?
  • This is a great idea, but not just for the reasons that Mitnick says it is. A national DNA catalog would have the additional benefits of providing plenty of resources to medical researchers: imagine the benefits of being able to cross-reference this database with people's medical records! This would greatly benefit the development of genetic medicine.

    This database could even be used, a few years down the road, to attempt to clone famous personalities or provide genetic material to hopeful parents looking for donors.

    I'm sure I've hardly scratched the surface of the possible benefits here. There have to be a lot more possible upsides to this - does anyone have an idea I've missed?

    Bruce

  • by Croaker ( 10633 ) on Sunday October 15, 2000 @03:17AM (#705059)

    I notice that ZDNet has a whole freakin' story about his one toss-off comment. Here's what he said:

    "I think the government has to establish some sort of central database that uses biometric identifiers, such as your DNA, that can label you as you. This might eliminate a lot of identity theft, because anyone can apply for credit by supplying information over the phone."

    Notice he said "such as your DNA." Not, "yeah, the government should definitly scan our DNA."

    All he's saying is biometric data is the only way to be sure, and identify you as you. DNA is probably a bad example of this. I agree with him in that biometrics of some sort is probably the most crack-proof method that we could come up with to ensure identity. If he'd said "a central retinal scan database" instead, we wouldn't have a story. Seesh.

    Although... it would be somewhat amusing if in the future, every contract were signed in blood...

    As another aside, I read this interview yesterday, and came off kinda liking him a bit, which is more than I can say from the whole "Free Kevin!" thing. He even mocks his worhipper k1dd1ez . "d00d, make me a 1eet HaXoR!"

  • But that's the point.
    "awfully tough' does not mean impossible.
    And passwords would be no more effective than they are today.

  • I must say.. certainly there are some bad headlines on slash.. like any media outlet that needs hits for money..

    but blatant statements claiming people *do* things are VERY WRONG!

    OUt of context headlines and articles like this do GREAT HARM sometimes. I'm not saying this one did.. but

    'Kevin Mitnick supports a federal DNA database' is a *far* cry from what he said in the article, especially taken into context.

    Sort of like when The Hurricane said, in *pure* jest, after being provoked as to why he wasn't outside in a protest, saying 'Hell, why don't we just get up, go out there, and shoot every white person we see in revenge?'. It was *completely* a joke, and obvious to everyone there. What he was implying was 'I'm not out there because it would nto be rational to do so.'. What do the papers print? "The Hurricane in favour of shooting all white people dead".

    Yeah. Great reporting there.
  • Mitnick has an opinion on this because to a large degree, his 'intrusions' were enabled mainly by some level of identity theft!

  • by s.d. ( 33767 ) on Sunday October 15, 2000 @03:27AM (#705065)
    You are not the only one (I thought I was, until I saw your comments). Personally, I'd be much more interested to see a story that said George W Bush or Al Gore was interested in a Federal DNA Database, but apparently when in need of a story, people tend to chase down yesterday's headlines and see if they can squeeze some more blood from the stone.

    People shouldn't care about this guy anymore. I think worse than someone posting the story at all is the comments of Timothy at the end of the submitted paragraph: "Think what you will of Mitnick, his court-imposed computer deprivation hasn't stopped him from peering and poking at the technological world." What the hell does this mean? Just because he reads some magazines or watches the news, he's "peering and poking at the technological world"???? Come on...If you read the news, or really just walk around with your eyes open these days, you're submitted to a blitz of "technology is cool, technology is great" attitudes and ads. It's impossible to miss. Does that mean my computer illiterate parents "peer and poke" at technology, and should be consulted about issues like this?
  • Wow. That sucks.
    I thought the whole point of moderation was to put this stuff where nobody sees it anyway?
  • Also, Bond has sex with several hot chicks a day. I tend to doubt the same applies to Kevin Mitnick.
  • by account_deleted ( 4530225 ) on Sunday October 15, 2000 @06:29AM (#705070)
    Comment removed based on user account deletion
  • First thing the damned trillion-dollar insurance business gets access to this database of yours, then they promptly start red-lining all the people with an identifiable genetic disposition to certain diseases. On the "plus" side, this could eventually lead, after the collapse of the for-profit health-care industry, to a national health care program like all civilized countries already have, which is something this country desperately needs.

    As far as cloning all those God damned celebrities, wash your mouth out with soap! Aren't the ones we have now odious enough as singles, now you want to manufacture whole platoons of identical copies of those phony worthless sons of bitches?!

    Yours WDK - WKiernan@concentric.net

    ...about two years ago, a magazine offered me a tempting sum to fly out to Hollywood and do a profile of Sharon Stone. This is, of course, the drift these days -- the religious adulation of celebrities. But I don't give a flying fuck about Sharon Stone, so, for purely practical and writerly reasons, I had to pass. - Barbara Ehrenreich

  • The implications for abuse are far, FAR to huge to make a genetic database a good idea. Umm, can anyone say genetic screening for "the possibility of undesirable traits"? Can anyone say inability to get insurance because of a pre-existing genetic condition? Can anyone say FBI database of "potentially violent" people--like, say, most of history's greatest individuals? Can anyone recall that you leave DNA roughly EVERYWHERE you go, and that unscrupulous agencies could use this to monitor people they don't like even if they do nothing illegal?

    Bad idea, period.

  • That was pretty much my concern as well. Mitnick himself complains about the Federal Goverment's complete lack of regard for his rights as well as the possible [probable?] disregard of anynone elses: "If they can disregard Kevin Mitnick's rights, they can disregard yours"
    Yet now he's calling for that same government to be trusted with maintaining a database of our DNA [and/or other biometric info]? I think I'll pass, thank you.
    Besides, before we know it, companies will be buying those records ands granting or denying us jobs or benefits based on that. Oh how easy it would be for the HMO's to deny you certain covereage because they see that you've got a genetic predisposition to a disease? The next thing you know society will be just like the one in Gattaca.

    Ender

  • from the ok-so-even-*more*-convincing-identify-theft dept.

    i think that just about sums up the problems i have with this database. not only identity theft, but somebody with "the hook up" could put anybody's DNA on anything they wanted. just a wee little sample and a few amplifications using PCR reactions, and poof! we have enough of your DNA to implicate you in just about ANY crime! yay!

  • The military has been doing this for years. There claim is it will help them identify the remains of bodies found on the battle field. But it could also be used to solve crimes.

    Anyone who has ever studied forensics or watched the Discovery Channel knows that it is very difficult not to leave DNA evidence at a crime scene. A DNA database would make it easier to find. Think of it, crime levels would drop to nothing! Cops could start carrying portable DNA testers. Crimes could be solved almost immediately. Imagine this, cops arrive at crime scene, tests the evidence found at the scene, runs the result through the database, and within 20 minutes knows who the criminal is!!!

    Not only should we start a National Database, we should start taking DNA samples at birth. This would garantee that nobody is missed.

    Bowie J. Poag
  • This is just ridiculous, is there a need to impose such a system? Can we trust the government not to abuse this? Of course not. Unfortunatly for us there aren't many geek celebrities so any various crap that happens to fall out of their mouths eventually becomes "news."

    If a DNA program was to begin guess who it would start with first? Ex-Felons like Kevin. "Looks like you used this computer Kevin, time to goto jail again."

    "But, it was an ATM machine and I needed the money."

    "You should have thought of that before you cloned cell phones."

    That's how your government is most likely to treat you not some pie in the sky utopian ideals of perfect permanant records of each citizen with guarantees of freedom.

  • I don't understand how this could stop identity theft anyway. Hackers have been able to break into almost any system. They'll definetly break into this identity DNA database too. Also, why does the government need to know this information? It's just another step towards all of us becoming drones whose every facet of life is controlled by big brother.
  • by mrbuckles ( 201938 ) on Sunday October 15, 2000 @03:52AM (#705097)
    What the f**k!?! How does getting caught and sent to prison for cracking some computers make you an expert on all things technological. Am I going to be presented by some article with Mitnick's take every time something comes up in the technical world? He hacked, he got caught, he went to jail. His story is over.

It is clear that the individual who persecutes a man, his brother, because he is not of the same opinion, is a monster. - Voltaire

Working...