Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Your Rights Online

A Digital Certificate For Every Canadian 336

thepacketmaster writes "September 27 of this year, the Canadian government took a quiet step into the online world. Called Government Online, this broad project involves giving every Canadian citizen a digital certificate, which will allow citizens to access their personal government records online. So far they only have the Custom & Revenue Agency online with a simple Change of Address, but there are over a hundred more applications from various agencies ready to be put online. Could this be the start of something good, or is this Big Brother? How about voting online?"
This discussion has been archived. No new comments can be posted.

A Digital Certificate For Every Canadian

Comments Filter:
  • well, depends (Score:4, Insightful)

    by Em Emalb ( 452530 ) <ememalb@@@gmail...com> on Saturday October 12, 2002 @11:42AM (#4437177) Homepage Journal
    "Could this be the start of something good, or is this Big Brother?"

    Depends. Yes, it could be Big Brother, if the government is planning on using this as a way to track people. It also could be something very good, in that people could quickly and easily track themselves through the government. Unfortunately, this could also be a means for people to track you quickly and easily....leading to all sorts of uncool cracking/piracy,theft. It's a new tech, gonna have it's problems just like everything else.
    • Re:well, depends (Score:2, Interesting)

      by Mashiki ( 184564 )
      Actually it is a step towards bigbrother. Slashdot already posted the bit, about the canadian goverment wanting to have a database of all internet users, as well as recording all their e-mails.

      Nice huh?
    • There was already a big hoo-hah about the canadian HRDC office (Human Resource Development Canada) having a giant database of every Canadians information gathered illegally. This is not a big stretch for Canada.

      Canadians are a bit too complacent when it comes to government bodies. Ask any Canadian why he pays 70 percent of his wages (if you make 6 figures it's closer to 80%) after all is said and done.

      And for all the Canadians who are going to scream that this is wrong, 40% income tax (Federal and Provincial, upper tax bracket), 15% sales tax on most items (Ontario GST & PST), then Property taxes, (GST on that too), petrol tax (45%), sin taxes on booze and tobacco, and in Ontario, the idiot tax (Gambling). Taxes on hydro purchases, Natural Gas, food, drink... EVERYTHING! So I know what I'm talking about, now do you?
      • Canadians are a bit too complacent when it comes to government bodies. Ask any Canadian why he pays 70 percent of his wages (if you make 6 figures it's closer to 80%) after all is said and done.

        The aggregate tax rate in Canada is 35% (of GDP). The aggregate tax rate in America is 28%. Five percentage points of the difference is universal health care. Americans pay about twice as much for health care per captia, but that isn't counted as a 'tax'. The other two percentage points are things like snow removal and additional social services.

        Gosh, how "Socialized". If you want to see socialization, look to Europe. The aggregate tax rate approaches 50% in some countries.

        I make approaching six figures, and my income-tax rate is 22%. The 7% GST replaced a previously hidden manufacturer's tax. How many hidden taxes do Americans pay?
    • I really fail to see (Score:3, Informative)

      by Inoshiro ( 71693 )
      How me filling out the same forms online as in the Real World (TM) will somehow make the government know things it wouldn't otherwise know, in a Vast Communist Conspiracy To Rule The World And Keep The Working Man Down!

      The rampant knee-jerk paranoia on this site by certain people is just disgusting.
      • Is it really paranoia when the goverment is trying to force ISP's under the proposed "lawful access bill" to record all your e-mails, and make a list of everyone that's online?

        Nope I thought not, it's reality.
  • i feel... (Score:5, Interesting)

    by thanq ( 321486 ) on Saturday October 12, 2002 @11:43AM (#4437179)

    that this is a better idea than what is available here in the US, where you can obtain anyone's private records through a third party, as long as you have money.

    • IRS Online (Score:2, Informative)

      by OffTheRack ( 551671 )
      The US already has some IRS services online:

      refund status [irs.gov]
      efile [irs.gov]

      More things are coming soon. None of it requires a digital certificate. They are going with a "private information" approach. For example, to change your address and things like that in the future you will need to know the exact AGI filed for a given year, etc.

      Not sure if this is better or worse, but that is where it is going in the USA.
      • For example, to change your address and things like that in the future you will need to know the exact AGI filed for a given year, etc.
        ... which the Social (in)Security Administration gleefully supplies in a pretty obviously marked letter to my tax return address at least once a year: my entire monetary history since I started filing returns over 20 years ago.

        So, if someone is scarfing my mail, they now have that, and everything else.

        Joy.

        We'll need some other shared secret, thank you.

  • Both (Score:2, Insightful)

    by xactoguy ( 555443 )

    This could be the start of something good, or it could be the start of a Big Brother-esque rule. It all depends on where the government takes it. If they only allow people to update their informationk, and do not track it beyond where they have to as required by law, then I would say it is a good thing. However, if they track it, and use the information to spy/whatever you want to call it on their citizens, then it could be considered as going the way of the Big Brother.

    Online voting? Never going to happen anytime soon until they can create a good system which is almost impossible to hack. Not, extremely difficulty to hack, but almost difficult, and any bugs which are found are patched immediately, not when they get around to it.

    • by ACNeal ( 595975 ) on Saturday October 12, 2002 @12:26PM (#4437379)
      Why is information garnered by computer somehow more incideous than information garnered by more traditional means?

      The government already has the information, or will have recieved it anyway. They are using the certificates to give you access to your information, and not leave it available to other people. Even the information you will give or update would have been given to the government sooner or later.

      I don't see a way for the government to abuse your privacy with this anymore than if a data entry clerk had entered your request for a change of address at the local post office.
      • >
        The government already has the information

        Not quite. Government agencies, departments and state-owned companies do, but generally speaking they can't share your data with other branches of government. So while these may be seen as orthogonal issues, the digital certificates may be seen as a PR spin to convince citizens to allow the government to centralize all this data.

        Now centralising all data *is* dangerous, prone to abuse and data security issues. But no one can protect citizens from their own stupidity if we allow government the leeway it naturally wants, because it is a human organization and all big enough human organizations usually almost have a mind of their own bent on ever growing and extending their power and influence.

    • Online voting? nah, we use a far more reliable system. Consists of a piece of paper with the candidate's name, a wonderful invention called "The Pencil" and a box. When you vote, you place a checkmark or an X next to the candidate, and place said ballot in the box. These ballots are then counted twice by hand, under the watchful eye of scroutineers from each of the parties involved. The results are then reported.

      As simple and non high-tech as it is, it's extremely accurate (there are rarely any recounts, and when there are, the results don't change much), and results are usually ready within 4 hours of the close of the polls.

      Remember folks, counting by hand is an operation that scales very well.
  • by Anonymous Coward on Saturday October 12, 2002 @11:43AM (#4437185)
    this is unnecessary, microsoft already has a system called passport that works even better

    why reinvent the wheel?
  • by Anonymous Coward
    they should avoid using online voting in florida. i can hear it now... "i meant to push the LEFT mouse button... it was so confusing..."
  • Well (Score:1, Flamebait)

    by quantaman ( 517394 )
    How about voting online?

    They better not run IIS!
    • George Schmaltzki's turtle!!! Yea!!!
    • Re:Well (Score:5, Insightful)

      by NumberSyx ( 130129 ) on Saturday October 12, 2002 @11:59AM (#4437259) Journal
      Voting online is a bad idea regardless of the software used to implement it. Simply put, there is no guarrantee of privacy. By having people goto public locations with private booths, each persons privacy can be garranteed because there are people there whose job it is to ensure it. At home, an abusive wife can illegally influence her husband into voting for a candidate or issue he would have otherwise not voted for. Corporations or Labor Unions could setup computer voting centers for thier members or employees. What guarrantee is there the persons Boss or Union Leader won't be standing over thier shoulder or there isn't a keystroke capture program installed on the computer or the data stream isn't funneled into another program designed to change votes or somehow invalidate "Wrong" votes.
      • Re:Well (Score:3, Insightful)

        by nut ( 19435 )
        -- By having people goto public locations with private booths, each persons privacy can be garranteed because there are people there whose job it is to ensure it. --

        You could actually have this and online voting as well - online voting doesn't have to mean from any internet-connected computer at all.
        If you voted 'online' at a polling booth terminal, you could gain enormous efficiencies over today's system involving so many bits of paper.

        And a digital certificate might be something you take on disk, card or some other medium to a public terminal, but again not use from just anywhere on the internet.

        • Now, I'm as much of a gadget-loving technophile as the next nerd, but the voting process in Canada is fairly simple. For federal and provincial elections, there's one candidate per party. Mark an X next to the one you like. That's it. Also, our population is pretty damn low. Counting ballots doesn't take too long. The current system works for us because it's:

          (1) Secure. The elections commisions can keep physical control over the ballot boxes, cutting down on election fraud. Also, there's no proprietary voting machines that could have some cute little "count a vote for party alpha as two votes, count a vote for party beta as half a vote" tricks. Widespread voting fraud would require the observers from every party to collaborate, and anyone who follows Canadian politics knows that'll never happen in this eon.

          (2) Private. No-one can see who you voted for, short of installing some microscopic cameras in each voting booth. Also likely to be caught out by the above observer system, considering voting booths are usually just wood frames with cloth draped over them. Cables or antennas would be probably noticed. Also, I've heard rumours of Elections Canada (the federal voting commision) looking into the legality of using RF-jamming equipment.

          (3) Reliable. Pencils and paper don't crash. And it's not like Canada's going to run out of wood and graphite.

          Electronics voting is interesting for countries with huge populations, or for strictly online events, but pretty much useless up here.
      • Voting Online (Score:2, Insightful)

        by Sahib! ( 11033 )
        ``Voting Onlin'' doesn't (necessarily) mean voting from your home DSL on your PC. The purpose of online, electronic voting is to have control over how votes are counted, and how long it takes. This does not preclude a public poll, administered by real people, where the voters are ensured their privacy. However, it does mean that there has to be some sort of digital ``accountability'' for each voter.
  • by Anonymous Coward
    Of course the government servers will be secure, but what about the client side? They can't guarantee that Joe Canadian's box won't been haX0red, so it is very naive to suggest that he uses his PC to keep his digital certificate safe, at least at this early stage in personal computing security.

    • Of course the government tellers will be ethical and secure, but what about the client side? They can't guarantee that Joe Canadian's motivation won't be to avoid the guy with a gun outside, so it is very naive to suggest that he uses his mind to keep his information safe, at least at this early stage in mental security.
  • by nucal ( 561664 ) on Saturday October 12, 2002 @11:46AM (#4437203)
    The goal of the Government On-Line initiative is to use information and communication technology to provide Canadians with enhanced access to improved citizen-centred, integrated services, anytime, anywhere and in the official language of their choice.

    Does this mean I can choose between Perl and Java?

    • by Anonymous Coward
      If you use Emacs, they'll deport you as a terrorist.
    • >The goal of the Government On-Line initiative is to use information and communication technology to provide Canadians with enhanced access to improved citizen-centred, integrated services, anytime, anywhere and in the official language of their choice.

      Interesting, considering the PM speaks neither
  • Canadians feel, but I'd expect my government to #uck this up.
    • by Anonymous Coward
      Nuff said.
    • Canadians feel, but I'd expect my government to #uck this up.

      I am Canadian so I'll tell you how we feel. We know our governement is going to #uck this up. I mean come on our Prime Minister is half senile, our Minister of human resources misplaced a billion dollars last year, the half of cabinet that isn't being investigated by the the Ethics Counsellor doesn't know what the heck they're doing, I mean the duputy Prime Minister decided that the during the Queens Jubille at the start of her visit to Canada it was a good time to discuss possibly getting rid of the monarchy!! Frankley I'll be surprised if the page when it finally does get up will consist of one link to some cabinet ministers p0rn collection, another link to extremely sensitive classified documents and have an administrator password set to "password" or "PaulMartinSux"!
  • Welll (Score:5, Interesting)

    by mindstrm ( 20013 ) on Saturday October 12, 2002 @11:53AM (#4437226)
    Any action taken by government *could* be the start of big brother.

    Big brother is someone who is always hovering there, waiting to come out. Whenever people permit government, you permit big brother in to some degree or another.

    Tha said, as a Canadian, this is cool.

    You see, all these records are obtainable now.. but it's a pain in the ass to authenticate yourself to the proper agencies (go there in person, etc). It would be nice to have a lot of stuff online.. and I'd rather the issued me a private digital certificate for access than some dumb authentication mechanism like just my SIN number & birthdate.

    As long as they aren't changing the rules reagarding the information they need to know... I'm okay with it.

    ie: CCRA doesn't need to know my address if I don't live in the country. In fact, they don't need to know my address at all; all they need to know is where to send the tax forms/refunds/whatever, which does not have to be where I live.

  • Security? (Score:5, Insightful)

    by ilsa ( 197564 ) on Saturday October 12, 2002 @11:55AM (#4437234) Homepage
    I hate to throw cold water on this, but with a digital certificate, are you proving that you are Jean Deau, or that you are sitting at Jean Deau's computer? This distinction isn't that important for, say, your my.excite.com page, but is vital for dealing with the Government. The links provided don't really give much detail on how this will be implemented. Will each Canadian have his own password, eh? Not being a Canadian myself, I am willing to work with the assumptions that a) there is some way of telling John Smith of Quebec from John Smith of Vancouver b) a substantial enough percentage of Canadians have access to the internet to make this not a waste of time and money.
    • If they do it as a browser cookie or something as lame -
      Without a password - better a pass*phrase*, it's going to be nearly useless.
      But then again, people see passwords as being hard to remember, so they make them weak or non-existant. Bad password management is the weakest link in almost any security scheme. At the very least, it will be an interesting exercise to see how they try it and how well or badly it all works.

      Of course, there's always boimetrics, which is a vile concept.

      (Maybe canada could buy up surplus Cue::Cats and issue citizens a tattoo with a barcode?)

      Cheers,
      Jim

    • Re:Security? (Score:2, Informative)

      by Anonymous Coward
      You're absolutely correct. As it is, CCRA won't even *FAX* you your documentation unless you swear on your mothers grave that the fax machine is in your immediate precense (the RCMP is worse, they'll ask for a SECURE FAX number). Why? They can't compromise your personal security by giving out your Social Insurance Number to the wrong people.

      That being said, X.509 certs can be used to identify a specific computer (ie: a site cert), or a user identity certificate. The User ID cert *should* have a passphrase protecting the magic key, so theoritically a user logging into a government service would identify themselves with the cert, and authenticate themselves using the passphrase.

      This still isn't ideal. In a world of Message Pump driven Windowing systems that allow an attacker to intercept various things at a very low level, I can see a rash of passphrase and identity theft PtP virii coming out.

      Put another way, when you're entering your PIN number for a direct debit transaction, do you enter your PIN when you see someone watching over your shoulder? Now what if you don't notice it?

      As for voting, forget it. Voting is an intimate activity. If you can't make it to the poll, the standard "away" procedures are in place and work quite well.

      As for Big Brother, let's hope Harper's Reform Party doesn't get in. Those guys are better for business than they are for society and will undoubtedly fuck Canadian's up the ass with a new regime of information sharing in our "Information Economy".

  • by wirefarm ( 18470 ) <jim@NOsPAm.mmdc.net> on Saturday October 12, 2002 @11:55AM (#4437240) Homepage
    With pgp/gpg and keyservers like pgp.mit.edu, it's painfully simple to create and revoke keys that you control - as long as Canada picks a similar system, the citizens are still in control. If you feel your key has been compromised, revoke it and go create a new one next time you go to the post office or city hall, or however they verify people...

    I've *never* felt that having a digital ID was a threat to my privacy - if I control the keys, I can use the ID when I feel like proving who I am.
    Nothing stops me from generating a new ket for some other purpose either - I usually create one for each job/work-email that I use. I've had my private one since '96 or so - you can go grab it from my slashdot profile.

    Cheers,
    Jim
  • by Viking5150 ( 97471 ) on Saturday October 12, 2002 @11:58AM (#4437250)
    Is Prime Minister Jean Poutine even aware of this initiative?
    • To quote PM Jean Poutine
      "ah yah i am aware on this initiative. this initiative was started by peoples in my cabnit, and I said that this is a good thing, because when the Canadian peoples get thier own certificates they can hang them on thier walls in frames and be proud to be canadian just like when they recived thier high school graduation certificates."
    • Is Prime Minister Jean Poutine even aware of this initiative?

      No, he's too busy dealing with the Saskatchewan seal crisis and the melting of the Parliament buildings.
  • There seems to be much sound and fury, but little action. The GOL (Govenment On-Line) initiative has been spoken of for years. But has been infamously SLOW in implementation. It seems that progress is being made now however.
  • by PhxBlue ( 562201 ) on Saturday October 12, 2002 @11:58AM (#4437253) Homepage Journal

    "You've got bribes!"

  • Netcraft (Score:4, Insightful)

    by wiZd0m ( 192990 ) on Saturday October 12, 2002 @12:05PM (#4437287)
    OS, Web Server and Hosting History for www.gol-ged.gc.ca OS Server Last changed IP address Netblock Owner
    Windows 2000 Microsoft-IIS/5.0 12-Oct-2002 198.103.32.172 Finance Canada and Treasury Board Secretariat
    NT4/Windows 98 Microsoft-IIS/4.0 5-Apr-2002 198.103.32.172 Finance Canada and Treasury Board Secretariat
    NT4/Windows 98 Microsoft-IIS/4.0 23-Jan-2001 198.103.32.142 Finance Canada and Treasury Board Secretariat

    It does not look too good to me :(
  • Let us not forget (Score:3, Informative)

    by xX_sticky_Xx ( 526967 ) on Saturday October 12, 2002 @12:07PM (#4437296) Homepage Journal
    The Longitudinal Labour Force File [privcom.gc.ca] fiasco of a couple of years ago. Of course, it has since been dismantled (or else put in the hands of a government body beyond the reach of the Privacy Commissioner) but I would not put it past the federal government to try this again under a different guise.

    Here's [hackcanada.com] a little more info.
  • Let's not forget... (Score:3, Interesting)

    by myov ( 177946 ) on Saturday October 12, 2002 @12:07PM (#4437297)
    ... that the Department of Human Resources created a massive database a few years ago, with something like 1500 pieces of information on each Canadian resident. After denying that the database existed, eventually it was shut down due to public pressure.
    • by Ektanoor ( 9949 )
      But before it was shut down, every one who was interested made a backup for himself... And went to sell it...

      Can you think that a database carrying 1500 pieces of information per Canadian can be closed just like that? Or destroyed? Anyway that base was not made in two days. And, besides, it will take a few years to become obsolete. Meanwhile, I don't believe in Big Brothers. I do believe that we have lots of jerks who dream to become Big Brothers, big corps and state bureaucrates mainly. But we have too many smarties trying to reach that peak. So, it is frequent to see, not Big Brother coming Fat, but full Chaos, where your neighbor is capable to know more than you about how your children are going on school. These Mega-Databases are not a danger of totalitarism as no state is capable of digerate that huge amount of information. Frankly these things are so big and yummy that they just fly out from the secrecy of the offices in every first chance. A few CDs and Big Brother goes on diet. However, in more common and less controlled hands, they are the basis for blackmail, extortion and several other privacy violations...
  • As a canadian. (Score:2, Informative)

    by Anonymous Coward
    I think this application is awesome. And believe it or not i trust our polotical system. IMHO its far less prone to corruption. Which means in turn that the big brother scenario is dampened a bit.

    Who dont i trust when it comes to this kind of data? The police system. The RCMP is notoriously corrupt and just a crappy system of law enforcement. (traffic ticket quotas for officers for example).

    Hopefully with this initiative we will see things like track your tax dollars and ways to choose where your tax money goes. Like the census does today but much much more powerful.

    I think with this initiative if they just setup good law to cover the use of collected data that we will be mostly safe from unnecissary data mining.

    Basically keep this data away from the judicial branches of government. Tax evasion is still a crime etc and you can proove if someone has or hasnt paid their taxes pretty simple today.

    Personally i like the idea of web-polling and referendums through the web.

    Some people will bitch and complain "i dont have a computer so im not entitled to participate in government" and all that jazz but the reality is that we have an excellent public-access library system with no user-fees for residents. These systems are able to access any and all of this data.

    The only thing that scares me about this is the possibility of "bot-nets". If you could as a polotical party or other nefarious group spyware like kazaa that could control how people vote it would be completely depremental to the process.

    However to have any kind of widespread meaning this would have to be something that wasnt "illegal" eg through the use of screwedup eulas. Like kazaa uses.

    Thus it really must be made a crime to hack a computer in canada if this initiative is to be meaningful. And that means using a computers function in any way contrary to the users intentions. No more spyware no more bullshit.
    This should be an un-waiveable right and something to be prosecuted on-sight.

    As for overseas applications doing screwy things like kazaa is to the us im really not sure of the solution. Obviously banning access to forign files is impossible and extradition treaties dont cover this kind of thing so whats a government to do?

    One possible method would be through government paid hackers. People with unlimited amounts of bandwidth and resources that could make it very hostile for a forign company to do business.

    Imaging blasting kazaa servers with the kind of bandwidth available to the military.

    At the very least if you cant take these sites offline you'll run up their bandwidth costs so high that they'll become unaffordable and or the host country will get mad about its main lines getting clogged and deal with the problem theirselves.

    Who knows. This is a dangerous technology currently but maybe they'll come out with some non-software-tamperable device to connect to your router/hub/cat5 interface etc. ... A canadians $0.02
    • Personally i like the idea of web-polling and referendums through the web.

      I can see it now:

      puts("Would you like to separate: y/n");
      yorn=getch();
      if (yorn=='n')
      yorn = 'y';

  • MIT (Score:2, Informative)

    by cristofer8 ( 550610 )
    MIT's been doing this for years. Every student who registers is given a kerberos "identity" which they can use to generate a certificate for each computer/browser. This certificate is required to access any records etc, and is used by many classes to access videos of lectures, etc. even the most techno-illiterate students (at mit, but still) have no trouble using the system.

    If canada is able to implement a similar system with the security that MIT has, it sounds like a great idea.
  • voting (Score:5, Insightful)

    by JimBobJoe ( 2758 ) on Saturday October 12, 2002 @12:10PM (#4437312)
    How about voting online?

    What is there this mad rush to figure out how to make voting to work on the internet? I mean...you vote very close to where you live...you either care to vote, or you don't, online voting isn't going to change that. The technical hurdles are so big that I can't see how they are justifiable.

    Furthermore, Canada already has its own little system of voting (piece of paper, put x in your preferred candidates box) and it's cheap, easy to count, difficult to mess up, et cetera. It's we Americans, obsessed with technology, who have varying levels of expensive technology most of which more or less works the majority of the time. (Unlike the Canadian system which works all the time for pennies per election.)

    • Re:voting (Score:3, Informative)

      by freeweed ( 309734 )
      I think you'd be amazed at how inconvenient voting can be in this country. For the past 11 years, my polling station has been at an elementary school that's all of 5 minutes drive away. Guess what? Not one single public transportation route goes within a mile of it. Walking the total distance from my house would take well over an hour, and I'm a very fast walker in pretty decent shape.

      For anyone who doesn't own a car, or live on a bus route that takes you right to the polling station, voting is a huge inconvenience. You have to arrange with friends/family/whoever, and I don't remember our constitution saying that you needed to own a car to be able to vote.

      And for those of you who cry "take a taxi"... paying $20 just to get to every election is a bit silly. *I* make do, but there are others who I know simply can't make it to the voting booth without a great deal of frustration. There's nothing in our laws saying you must have X number of dollars to be able to vote, and there shouldn't be.

      Remember, just because *you* find voting convenient in its current form, doesn't mean *everyone* does. This is why, for example, they allow troops serving overseas to vote where THEY are. Using a bit more technology to extend the ease of voting to more people is never a bad thing - unless you think some people shouldn't be allowed to vote at all, and that's a whole other ball of wax :)
      • So call the contiuency office of your choice and ask for a lift. You don't even have to vote for the party that drove you there!

      • Re:voting (Score:3, Insightful)

        by JimBobJoe ( 2758 )
        I think you'd be amazed at how inconvenient voting can be in this country.

        I think that was amazes me is that, every single election, you catch watch many people of an advanced age, with walkers and wheelchairs, come in time and time again to vote. I can attest this personally as a pollworker. Where there is a will there is a way--and many of these people did not consider themselves worth an absentee ballot. They showed up and voted.

        I don't remember our constitution saying that you needed to own a car to be able to vote

        I don't remember the Constitution saying that you were entitled to transportation to vote. But it is available.
    • The biggest problem with online voting is it allows the following fraud: On election day the bad guy sends someone to your house with a gun, and forces you to vote their way, answering yes to all forms where you say you are not influenced by others. At the polls there are independant observers watching to make sure that you are alone in the booth.

      Granted we have absentiee (sp?) ballots, but the process of requesting one takes long enough that you have time to sneak away from the bad guy and get some help to take care fo the situation.

  • Good or evil (Score:4, Interesting)

    by Ektanoor ( 9949 ) on Saturday October 12, 2002 @12:12PM (#4437323) Journal
    Is the atom good or evil? Before answering remember that we are all made of them...

    What about digital certificates?

    Good effects:

    A faster and probably more effective way to reach the state institutions.

    A more straightforward guarantee that you are treaten as a person and not as one more element of the crowd.

    A cheaper and relatively safer way of access.

    A possibility for bigger anonymity in certain conditions.

    Bad effects:

    Big Brother is possible. Someone may try to track your doings by the trace of your digital certificate. Worst, its is also possible complete Chaos as people mess with databases, loose data, steal your information.

    In certain cases you may get in a bigger and worser line because someone forgot to upgrade the networks in time and Canada population is not so small as it looks.

    State institutions may become more bureaucratic and claim "we don't know you because you don't have your digital certificate with you" or "go to the network and we will talk with you". Besides, certain companies may try to explore this advance and start charging traffic higher and higher.

    What will prevail? It does not depend on the digital certificate itself but on the way the infrastructure will be created. Unfortunately, there is a big gap between technics and knowledge among the people. So there is a risk that the negative effects will prevail. As an example I could point a company that decided to fight certain problems with security flaws. Data was being stolen and no one could control it. So they installed a system of magnetic cards. But, instead of stopping the problem, things got worse. First, the system was mainly used to know if everyone comes at 8:00 and leaves at 17:00. It also controlled all moves inside the building. So everyone who came at 8:15 or went to take a coffee in the middle of work, had his salary cut. Meanwhile, data burglary became higher than usual as people became more worried about discipline and not security. Other organisations, with similar systems, didn't suffer such problems, as they were not so attained to such a gulag approach.
  • by Quirk ( 36086 ) on Saturday October 12, 2002 @12:17PM (#4437348) Homepage Journal
    As a Canadian I'm apathetic and hopelessly ambivalent. But if it's offered it would be impolite to say no. Queen Elizabeth, now visiting during her Golden Jubilee, during one of her earlier visits to Nova Scotia was presented with a giant, fiberglass lobster. She was given a giant, fiberglass lobster because the fine folks of Nova Scotia found out she didn't have one. I'm sure the federal government in is similar vein is issuing online identity certificates. Remeber, identity is an ongoing national struggle for Canadians so every little bit helps.
  • by Skapare ( 16644 ) on Saturday October 12, 2002 @12:20PM (#4437357) Homepage

    Who will generate the private half (CSR) of the certificate? Will the end user do that and then take it (Certificate Signing Request) to their local government office to be signed once they prove who they are? Or is the government planning to generate all the certificates and just hand them out, while keeping copies that allow them to pretend to be you once you start arranging to authenticate other services with this certificate?

  • by mdeslaur ( 530851 ) on Saturday October 12, 2002 @12:23PM (#4437368)
    This is very very bad. Digital certificates are not any more secure than the computer they reside on. The next worm or virus that comes out will be e-mailing everyone's digital cert all over. Chaos will follow. My mother knows how to protect her driver's license. She knows where it is, and if someone steals her wallet, she knows it happened. With a digital certificate, a hundered different people could hack into her computer and steal her digital certificate and she will never know. Every time I go to her house, her computer is infected with a bunch of viruses even though she has an AV program. Her Internet Explorer home page has been changed to vote for someone's warez page and every week, her Outlook Express e-mails me a virus. How is the government supposed to depend on people to protect their own digital certificate when they don't understand technology? Even the government's computer networks are so insecure crackers go right through it on a daily basis. This is ridiculous.
  • by plcurechax ( 247883 ) on Saturday October 12, 2002 @12:28PM (#4437395) Homepage
    The digital certificate is known as "epass Canada [egs-seg.gc.ca]". It is your digital id, and will be useable for digital signatures (aka "secure electronic signatures").

    I am not sure how Debian users feel about "you should regularly apply commercially available patches to your browser and operating system and protect your computer with up-to-date anti-virus and firewall software, which is also commercially available. [egs-seg.gc.ca]"

    Currently signing up [ccra-adrc.gc.ca] requires details from your Tax Returns from 2001 or 2000, your Social Insurance Number (similarly misused as SSN in the US), Date of Birth, and an Access code used supplied with previous tax returns for electronically filing income tax.

    Because only CCRA [ccra-adrc.gc.ca] offers services it is unclear if the registration information for access to the CCRA services will be linked to future epass Canada uses from other federal government departments and agencies, such as Employment Insurance [hrdc-drhc.gc.ca] claims, gun registration via Department of Justice and/or the RCMP, or checking that I am on the local voting lists via Elections Canada [elections.ca].

    Frankly I don't care to have my democratic responsiblity linked to my federal tax statement. This part concerns me, and in my opinion, whether this practise is/will happen is not clear from the Privacy Policy statements.

    Finally, I cannot accept their disclaimer. Users assume the risk associated with any transfer of information to the Canada Customs and Revenue Agency (CCRA) and with any other use of this site. ... the CCRA, we do not warrant such securityare not liable for any damages that may arise from interception, loss, theft or other action. ... The CCRA is not responsible for any damage that could arise from any non-acceptance of information through this service. [ccra-adrc.gc.ca] It simply implies to me, an irresponsbile government agency. If the CCRA is not willing to take responsbility, they should not be doing it. They are an agency who are to serve the Government of Canada and the citizens of Canada.
    • Frankly I don't care to have my democratic responsiblity linked to my federal tax statement.

      And the gov can't do that without digital certificates? Hate to break it you, but they already have all the information.

      whether this practise is/will happen is not clear from the Privacy Policy statements.

      It is quite clear - the Privacy Act [justice.gc.ca] covers this, which may not be perfect but at least addresses the fundamental concerns. It certainly compares favourably with US privacy legislation.

      The real concern about a widening role for digital certificates is the potential for abuse by NON-government. I may not like my government very much, but I actually trust them way more than most mega-corps.

      • Hate to break it you, but they already have all the information

        Various agencies and departments already have the information but they do not have the information linked across departments. That's is part of my concern.

        It is quite clear - the Privacy Act covers this, which may not be perfect but at least addresses thef undamental concerns.

        The Privacy Act regulates such actions by the government, but I am concerned that they will not follow the basic restrictions of "personal information can only be used for the purposes it was collected for, and disclosed to the individual". I believe government agencies will justify their law-breaking actions to themselves that they are acting in "the best interests of society" or some such claim to attempt it seem that their actions are noble and therefore justified. Similar tactics were used to justify the sharing of Customs information with Revenue Canada before the two joined into their current joint agency, for the purposes of not paying EI to people who left the country, and to monitor travel of low and high income tax payers.

        I certainly hope that these digital certificates will not be available to non-government corporations and agencies to use.
  • by JohnnyCannuk ( 19863 ) on Saturday October 12, 2002 @01:02PM (#4437542)
    While I appreciate some of the concerns raised so far, I must comment as a developer who works for various Federal Government ministies on a daily basis.

    1) GOL, while it is a great idea (offering Online government services in addition to "paper" based serveics) it is currently not much more than an idea. It has some official "GOL" apps, but they ar usually nothing more than internal government web apps redone in the Common Look and Feel. So far, only CCRA has a "real" GOL service and all it is is the Change of Address. GOL has not recieved mush hype or funding in over a year, because of September 11.

    2) While the "pie in the sky" view of GOL (which is a LONG way from being reality) MIGHT have the POTENTIAL to be used as a "Big Brother" type of tool, the reality is that this is not likely to ever happen. Why? Most Canadian Federal Government departments don't share data between branches within the same ministry, let alone across departments or across ministries. Changing this attitude is required if "Big Brother" is to become a reality, and if you've ever dealt with the Feds (or the provinces or the city for that matter) you know its not going to change soon. Case in point: the department in our Ministry of Health that deals with First Nations (indians to the Americans) health delivery and funding often can't get information from the Department of Indian and Northern Affairs, a separate ministry. The end up collecting the same data, doubling costs.

    And lets give our "Silly servants" some credit. A particular project I am currently working on had it's scope changed because the civil servants in the group refused to create and application that would collect identifying data! We must now create a version of our app that collects no identifying data and still be able to track individual cases for analysis.

    3) GOL could in the long term cut government costs, impove efficiency and allow our governmentto govern better - they would have an up-to-date, accurate picture of some aspect of goverment business.

    My concern isn't with GOL. I think it's a wonderful idea and will not likely even be designed to allow a "Big Brother" kind of use. My concern is with the calibre of the people who will be in charge of administering the system. In my experience, most sys admins, dba's, and developes in the Feds are old, behind the times, and unaware of the very technology they are to be in charge of (most have had their jobs at various ministries since the old Mainframe days).

    Another Case in Point: the other day I saw a live "demo" of CCRA's "Change of Address" application. while it does require a great deal of information to sign up for the program to prove your identity (Name SIN, stuff from your Tax returns etc) once up and running it is only protected by username and password! No certs. No PKI. No "Smart Card". Just username and password (and no self admionistration that I saw).

    So don't worry about GOL. It's pretty far off and not likey to be "Big Brother"-ish because of the culture of our civil service. But that same culture means that when it is in place, it will be administered by old-school, 2nd place techies who can't get a job anywhere else (most of the "technical" people I deal with when creating apps for the governement would never be hired by my company - their incompetent. Why? Because that's all the feds can get - they don't pay enough to get the really good people in the private sector.

    And I haven't mentioned the Provinces yet. To becme a REAL Big Brother, the Feds would need a great deal of cooperation from the provinces...and any Canadian can tell you that's not gonna ever happen!

  • by Guppy06 ( 410832 ) on Saturday October 12, 2002 @01:28PM (#4437614)
    Voting commissioners have a hard enough time as it is trying to help voters with the silly punch cards they have in Florida. And you expect them to learn how to maintain a particular software suite? After all, these are going to be the people in charge of trying to figure out why a particular voting booth crashed.

    And that's even before we get into how much easier you'd be making it for vote fraud. First rule of network security: If you want to keep your information secure, don't put it on the @#$% network!

    A few decades back, Louisiana standardized on voting machines. You go in, pull the lever, flick some switches, pull the lever again, and you're done. And it works. No hanging chads, no unstable operating systems, no Slashdotting. It may be nineteenth century technology, but it works! Why can't you just use those instead? Why does everybody insist on adding more complexity?

    Of course, I'm willing to bet officials who are looking for computerized voting are some of the same people who put in the broken punch card system to begin with.
  • voting online (Score:3, Insightful)

    by rakerman ( 409507 ) on Saturday October 12, 2002 @01:49PM (#4437709) Homepage Journal
    Is stupid.
    Go to the polling station.
    Mark an X in the circle.
    Votes are counted while the scrutineers watch.
    Time-honoured, simple, distributed computing system. Works great.
    There's no sense in technology for technology's sake. Paper, pen, and people are the appropriate technology for voting in Canada.
  • by Anonymous Coward on Saturday October 12, 2002 @02:26PM (#4437868)
    Hi,

    I am from Belgium and there the eGovernment project is well under way. Every citizen will get a digital passport starting from 2003 on. This passport (kinda smart card) contains basic information like name, address, social security, ... and a digital certificate. You can use this card to sign online papers, review your taxes on the internet (and enter them), ...

    Basicly, this card is your entry point to the online government.

    The system is highly secured, see Federal ICT Belgium [fedict.be] for more information.
  • Hoodwinked... (Score:2, Interesting)

    by Anonymous Coward
    Very funny, I don't think they have got it all wrong. Let me tell you slim, our media does not report on all the muggings and crime that goes on in our country. My ex is a nurse and she told me that there is at least 3 mugging related stabbings a week in toronto. If they had a gun, they could protect themselves. Also, in America, if crime is that high wouldn't you want to carry a gun? Also, Americans own property outright, the guns are to protect that land. Canadians always forget that we have less people too, and when we do kill or maim out of malice we use knives, cars, bats, fists. Only in a surface comparison is Canada better than the US, but if you look closely which Canadians never do,(nationalized education), you see simple prejudice. We love to bash rednecks, yanks, southerners.

    I'm really embarrased by canucks such as this. They say, we're great because we have no guns. We also have no property rights, a constitution that guarantees nothing and everything that canucks deem good about it is based on the fact that they aren't America.

    We brag about about our free health care, even though it's going to the toilet, fast. We don't have access to breakthroughs in medicine, because in order to offer these services our government has to go through years of procedure just to make these breakthroughs available.

    Our doctors ARE leaving for the US, so we get our pick of the litter when it comes to third world doctors with sub par certification. Canadians just call these docs and nurses greedy, but it doesn't change the fact that the best talent our country had to offer, is gone, gone, gone.

    I think you're rather clueless, you should step outside the Great White Aquarium and see our country for what it really is. Full O' Shit.

    Yes, you can bet that if our government is involved
  • First,let me cmt about the self-proclaimed libertarians with their rhetoric that they don't even understand.

    Canada, Communist(tm)? Them braying this wouldn't know anybody to the left of Teddy Kennedy if we bit 'em in the ass. They claim there's no difference between, say, Jimmy Carter, Teddy Kennedy, and Stalin...and then claim that there's a *huge* gap between Reagan/Bush/Bush and Fallwel and Mussollini.

    They're simply ignorant, and militant about their ignorance, so, y'all from Canada, just ignore 'em, unless you like "debates" with folks who have no idea what a real argument is (the Argument FAQ is at ).

    Voting online - the worry that someone brought up, about the company setting up polling places, and checking keystrokes (hell, they can put something to read the signals from meters away!), I *do* worry. Union bosses? Uh, sorry, turkeys, you have *no* clue what the reality of most unions are like. Now bosses...when I worked at a Baby Bell in the mid-nineties, and all the telecoms were pushing for deregulation (the Telecom Act of 1996), our managers were told to "encourage" us to write or email our Senators and Congressmen...and that the CEO wanted a copy of the letter.

    Fascism? Yes, it's here. Look at Ashcroft. How did they get in? All you little geeks "oh, the Democrats" are all special interests (um, unions represent 13 million people - who do the telecoms, or the financial industry represent...and they give a *lot* more money to the Republicans . All the little geeks, who make in the range of what 80% or 85% of what all US workers do ($100k/yr), but are all Billionaire Gates wannabees, who won't even vote their *own* "enlightened self-interest", which is anybody *but* Republican.

    But that's ok...so, now, if y'all want to flame me that's ok, too...as long as you can tell me, without lieing, that y'all voted in the primaries the last couple of years, and then in the elections. I have my little stubs that say that I do, around here. I could find them and scan 'em (and get the jpeg down to a reasonable size in the Gimp) to prove it.

    If you ain't got 'em, sit down and shut up. They're my license to criticize. Remember, y'all got the government you deserve.

    mark
  • "A general manager at the city's hockey arena, Moehring has used the Hamilton County court's Web site to check out potential hires."
    "He's even turned away a few because of what he found."

    "But someone used the site to pull Moehring's Social Security number and other details from a 1996 traffic ticket, opening seven credit cards in his name and charging $11,000." ...
    "People don't have good intentions, and the county is laying a road map for them," Bloch said. "It goes beyond stolen identity. It speaks to personal safety."

    http://www.cnn.com/2002/US/Midwest/10/12/online.co urt.records.ap/ [cnn.com]

You can write a small letter to Grandma in the filename. -- Forbes Burkowski, CS, University of Washington

Working...