Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Education Privacy Your Rights Online

Verisign Develops Token for Age Verification 417

FirstTimeCaller writes "A Reuters article is reporting that Verisign in conjunction with an unnamed children's safety group, will release a USB token that can be plugged into a PC to verify the age and gender of a person participating in online chat rooms. According to the article, the token will be available free to students in a handful of schools this fall. School administrators will provide a list of students, with their ages and genders, and VeriSign will encode that information onto the tokens."
This discussion has been archived. No new comments can be posted.

Verisign Develops Token for Age Verification

Comments Filter:
  • Credit card ? (Score:2, Insightful)

    by mirko ( 198274 )
    In most countries, credit card authentication was used to ensure one had reached the legal age...
    In which situations wasn't it enough, besides the goatse ?
    • Re:Credit card ? (Score:5, Informative)

      by Paleomacus ( 666999 ) on Friday September 24, 2004 @07:08AM (#10338711)
      Well when I was 15(in 1996) I was able to get a debit card that could be used for 'adult' verification. Doesn't seem like a very good system to me.
      • Re:Credit card ? (Score:4, Interesting)

        by russint ( 793669 ) on Friday September 24, 2004 @07:24AM (#10338825) Homepage
        Well, I can't get a credit card at all (20 years old) due to bad credit.

        Not a very good system.
        • Translated story (Score:3, Insightful)

          by w3weasel ( 656289 )
          Verisign announced today that it would begin a program to create the youngest group of hackers ever.
      • Comment removed (Score:5, Insightful)

        by account_deleted ( 4530225 ) on Friday September 24, 2004 @07:26AM (#10338838)
        Comment removed based on user account deletion
      • Re:Credit card ? (Score:4, Informative)

        by halowolf ( 692775 ) on Friday September 24, 2004 @07:44AM (#10338943)
        Doesn't seem like a very good system to me.

        As these hapless victims could attest. You sir would be right. [keytlaw.com]

    • Re:Credit card ? (Score:5, Informative)

      by acceleriter ( 231439 ) on Friday September 24, 2004 @07:09AM (#10338715)
      This is about making sure you're a kid, not that you're an adult. The theory is that it'll keep the pedophiles, who won't have the "I'm a kid" token, out of the elementary school "chat rooms."

      Besides the "problem" of pedophiles in "chat rooms" being completely overblown, this is probably just the precursor of some sort of infrastructure to eliminate anonymous browsing. And who wouldn't like a piece of selling a token for $20/year to anyone who wants to get any information from the Internet in 10 years?

      • Re:Credit card ? (Score:5, Insightful)

        by ninthwave ( 150430 ) <slashdot@ninthwave.us> on Friday September 24, 2004 @07:16AM (#10338766) Homepage
        And what kid wouldn't trade there cheap token for a chat room that they see as stupid to some grimy adult for something else?
      • Re:Credit card ? (Score:5, Insightful)

        by jmcmunn ( 307798 ) on Friday September 24, 2004 @07:16AM (#10338767)

        Yeah, because we all know that none of the pedophiles out there have kids of their own who might leave this key plugged in, or laying on the desk for dad/mom to use?

        This is dumb, this does about as much good as the pages before porn sites telling people to not enter if they are not 18. Big deal, a USB key that tells someone I am young. It'll be 2 days maximum until some geek gets ahold of one and then you can buy them online for $25 +S/H.

        • Re:Credit card ? (Score:5, Interesting)

          by acceleriter ( 231439 ) on Friday September 24, 2004 @07:21AM (#10338796)
          I agree it's a dumb idea--but I think it's really a segue into some companies requiring these tokens for everyone who wants to do business with them. The Federal government, for example, has been trying to figure out for years a practial way to give each citizen a public key to be able to, for example, apply for Social Security benefits or file a FEMA claim online. But since the easiest place to put a public key, a National ID card, spawns (rightfully) mention of the Book of Revelation happens every time it's mentioned, USB keys could be an alternative.
        • Re:Credit card ? (Score:3, Insightful)

          by mikemulvaney ( 24879 )

          This is dumb, this does about as much good as the pages before porn sites telling people to not enter if they are not 18.

          Those pages are actually good for something. If you hit one and don't want to see the porn, you can go somewhere else. This is a good thing for people who aren't actually looking for porn.

          Yesterday, when I was at work, I was trying to do some quick research about a grill I wanted to buy. I went to google and accidentally searched for 'girlls', which led to some interesting hits [google.com].

      • Would it not also be a 'good idea' to use a similar mechanism for keeping kids out of "adult" areas?
      • Re:Credit card ? (Score:5, Informative)

        by oolon ( 43347 ) on Friday September 24, 2004 @07:24AM (#10338822)
        I recon a pedophile would be able to buy a token off a kid of a small ammount of money, if you were 12 and someone offered you 200 bucks for a silly bit of plastic someone gave you... I think there would be many takers.

        The problem with all these ID shemes is aways tying the token to the right person until computers have mandated biometic id readers this is never going to work with remote computers.

        Personally I think the best solution if for parents to take an interest in what their children are up to rather than seeing the internet as a why to keep them quiet. Someone will aways slip though the net, the best way for children to be kept safe is education, they need to know people lie, cheat, steal, and there are bad people in the world who would not think twice about killing someone else.

        James
      • It doesn't matter if you're doing something useful, or even something that's noncounterproductive, as long as you're doing something.
      • Re:Credit card ? (Score:4, Insightful)

        by Maestro4k ( 707634 ) on Friday September 24, 2004 @07:32AM (#10338864) Journal
        • This is about making sure you're a kid, not that you're an adult. The theory is that it'll keep the pedophiles, who won't have the "I'm a kid" token, out of the elementary school "chat rooms."
        Of course there's not much to stop a smart pedophile (or pedophiles) from finding a way to create their own tokens (what age do you want to be today?) or just stealing them. The article makes it sound like the tokens may contain the kid's names, age and gender, not just age. I'm sure the pedophiles who are on the chat rooms will appreciate knowing that it's really a kid instead of a police officer on the other end.

        Another thought: if they do uniquely identify each kid losing one could open up realms of bullying that are scary. Imagine being able to "prove" you're another kid. Then you go online and tell off all their friends, make lots of enemies, etc. until the lost token's reported and a new one isssued. Poor kid gets back online and faces all his/her online friends refusing to talk to him and complete strangers cussing them out for something they didn't do. Brilliant system.

        • Besides the "problem" of pedophiles in "chat rooms" being completely overblown, this is probably just the precursor of some sort of infrastructure to eliminate anonymous browsing. And who wouldn't like a piece of selling a token for $20/year to anyone who wants to get any information from the Internet in 10 years?
        Either that or it's an FBI dream that they'll be able to tell who's really kids online (and of course be able to obtain fake tokens to use when trolling the chat rooms for pedophiles). Personally I agree with you on it being overblown, I suspect the majority of "kids" online talking to "pedophiles" are law enforcement and vigilantes trying to set each other up, neither realizing the other party's not who they think they are.
      • Re:Credit card ? (Score:5, Interesting)

        by RWerp ( 798951 ) on Friday September 24, 2004 @07:43AM (#10338934)
        Besides the "problem" of pedophiles in "chat rooms" being completely overblown

        You're right. Most pedophiles attack children they know: their own, their family's children or their neighours.
      • Re:Credit card ? (Score:5, Informative)

        by Lumpy ( 12016 ) on Friday September 24, 2004 @07:54AM (#10339012) Homepage
        The theory is that it'll keep the pedophiles, who won't have the "I'm a kid" token, out of the elementary school "chat rooms."

        it will take exactly 3 seconds for these toatart appearing on the black market and sold to those sicko's.

        as for the "pedophile problem in chat rooms" being overblown... My daughter hang's on a couple of websites/chatrooms that are pure kid, and LITTLE kid related. while sitting there with her i nthe chat forum a sick-asshat that was asking her age, started asking her if she knew what a blow-job was, and asking other questions that made it obvious he was an adult.

        This is on the fricking NeoPets website. a site geared for little kids about a little kids toy.

        sorry, it is a big problem and most parents do not monitor their child's net access closely which makes it an even BIGGER problem.

        when I have to explain to her that posing a photo of herself on the net for her friends to see is a really bad idea, things are certianly not "overblown".
    • Re:Credit card ? (Score:3, Informative)

      by Zeinfeld ( 263942 )
      In most countries, credit card authentication was used to ensure one had reached the legal age... In which situations wasn't it enough, besides the goatse ?

      The point of the token is to prove that you are a minor and thus should be allowed into kids only chat rooms.

      The idea of the experiment is to see if the scheme is effective in keeping pedophiles and stalkers out.

  • by acceleriter ( 231439 ) on Friday September 24, 2004 @07:06AM (#10338696)
    . . . why is there a "list of students" involved? And seriously, do they not know these tokens are lent? Either this is an insidious attempt at a pilot of some sort of "internet ID" or a completely dumb idea.
    • . . why is there a "list of students" involved? And seriously, do they not know these tokens are lent? Either this is an insidious attempt at a pilot of some sort of "internet ID" or a completely dumb idea.

      Security is risk management, not risk elimination.

      The point of an experiment is to see how significant these issues actually are.

      Sharing the token is a bad idea since it will also be used to authenticate to the school web site. If a kid looses the token and has it re-issued then the original is ca

    • by zoeblade ( 600058 ) on Friday September 24, 2004 @08:08AM (#10339127) Homepage

      Either this is an insidious attempt at a pilot of some sort of "internet ID" or a completely dumb idea.

      More than likely, it's both.

  • Great... (Score:4, Interesting)

    by cassidyc ( 167044 ) on Friday September 24, 2004 @07:06AM (#10338698)
    Now instead of just faking up my ID, I can steal someone elses. All it takes is enough drink and the right students.

    Still this security thing is jsut a laugh really isn`t it?

    sigh.....

    CJC
    • Re:Great... (Score:3, Funny)

      by animaal ( 183055 )
      "...All it takes is enough drink and the right students..."

      Ah, the good old days of student dating...
      • by Anonymous Coward
        Creeper! When I saw u on #funtalk teh other nite, u were all like a/s/l? And I was all liek no. u a/s/l first! and u were all like 16 and thwen we cybered.

        Now ur saying studnt dating is the good ol days? ur not 16! Gross!

  • Right... (Score:5, Insightful)

    by The One KEA ( 707661 ) on Friday September 24, 2004 @07:07AM (#10338702) Journal
    Who's going to run the betting pool on how many minutes it takes someone to crack the keys and modify the information?

    Better yet, how many kids will lose their tokens?

    Not to mention the possibility of the breaching of the privacy of minors.

    On paper this sounds like a good way to protect children, but somehow I think the execution of the idea is not going to be as easy as Verisign and Co. think it might be.
    • Re:Right... (Score:5, Insightful)

      by jrod2027 ( 809997 ) on Friday September 24, 2004 @07:22AM (#10338805)
      Or how about how long will it take for some pedeophile to get ahold of one of these tokens?
      Instead of relying on children to take their word of how old they claim to be, the kids could be fooled by a false sense of security with these IDs.

      Peodophile: I'm an 11 y/o kid honest... see my Verisign token proves it.
      Kid: Wow, you're right. Want to go hang out?
    • Re:Right... (Score:5, Informative)

      by Maestro4k ( 707634 ) on Friday September 24, 2004 @07:39AM (#10338916) Journal
      • Better yet, how many kids will lose their tokens?
      Not at the same time of course, but I'd bet at least 50%. I work for a school system and just yesterday we had about 8 kids get on the wrong buses and another 5 or so who were new bus riders and didn't know where they lived exactly. If they can't remember things as important as which bus they ride and house they live in we certainly can't expect them to keep track of a small USB token.
      • Not to mention the possibility of the breaching of the privacy of minors.
      That's the first thing I thought of myself. I work with the bus routing software and when I need to send copies of my databases to the company who makes it to debug a problem I have to make a copy and go through and change all the names to John Doe. I also can't send the whole file since the addresses can't be masked for debugging purposes. How sending an entire list of your kids with names, age and gender to Verisign can be legal is beyond me. AFAIK that would require signed consent from every single parent/guardian for every kid.
      • On paper this sounds like a good way to protect children, but somehow I think the execution of the idea is not going to be as easy as Verisign and Co. think it might be.
      Well there's the beauty of it from Verisign's standpoint. They don't have to worry about the execution, they just provide the tokens and authorization servers. The school systems get to sort out the mess from lost/stolen keys and what not. It'll just end up overwhelming the poor staff with more paperwork and problems than they already have to deal with.
    • Re:Right... (Score:5, Informative)

      by Delirium Tremens ( 214596 ) on Friday September 24, 2004 @07:44AM (#10338944) Journal
      Who's going to run the betting pool on how many minutes it takes someone to crack the keys and modify the information?
      Please go ahead. Here is their public key:
      30 82 01 0a 02 82 01 01 00 dd 84 d4 b9 b4 f9 a7
      d8 f3 04 78 9c de 3d dc 6c 13 16 d9 7a dd 24 51
      66 c0 c7 26 59 0d ac 06 08 c2 94 d1 33 1f f0 83
      35 1f 6e 1b c8 de aa 6e 15 4e 54 27 ef c4 6d 1a
      ec 0b e3 0e f0 44 a5 57 c7 40 58 1e a3 47 1f 71
      ec 60 f6 6d 94 c8 18 39 ed fe 42 18 56 df e4 4c
      49 10 78 4e 01 76 35 63 12 36 dd 66 bc 01 04 36
      a3 55 68 d5 a2 36 09 ac ab 21 26 54 06 ad 3f ca
      14 e0 ac ca ad 06 1d 95 e2 f8 9d f1 e0 60 ff c2
      7f 75 2b 4c cc da fe 87 99 21 ea ba fe 3e 54 d7
      d2 59 78 db 3c 6e cf a0 13 00 1a b8 27 a1 e4 be
      67 96 ca a0 c5 b3 9c dd c9 75 9e eb 30 9a 5f a3
      cd d9 ae 78 19 3f 23 e9 5c db 29 bd ad 55 c8 1b
      54 8c 63 f6 e8 a6 ea c7 37 12 5c a3 29 1e 02 d9
      db 1f 3b b4 d7 0f 56 47 81 15 04 4a af 83 27 d1
      c5 58 88 c1 dd f6 aa a7 a3 18 da 68 aa 6d 11 51
      e1 bf 65 6b 9f 96 76 d1 3d 02 03 01 00 01
      Since I am a nice guy, I'll give you the first two hints to get you started. They use RSA. And their key length is 2048.
      Now, you can try to brute-force RSA to find their private key...

      See you back when Quantum Computers are sold at Wallmart :)

    • Who says Verisign even thinks it's possible?

      Verisign doesn't care. They just need to convince people that these USB keys somehow protect their children. It doesn't matter if it ACTUALLY works, just that people BELEIVE that it works. In fact, it's probably better for verisign if it doesn't work, as it's less work for them.

      The goal isn't to protect children, the goal is to get $20/year from every kid who accesses the internet. Neat trick.
  • by KyootFox ( 209674 ) on Friday September 24, 2004 @07:08AM (#10338708)
    Just check the online ID before persuing the child??

    That's gonna cut into the FBI's stake-outs, isn't it?
    • I don't think this whole thing is a good idea, but I'm sure Verisign has worked out a deal with the one or two agents really working on the almost non-existent "pedophiles in 'chat rooms'" problem to falsify tokens for them.

      In fact, if other users were able to verify the tokens, that would further reduce the hypothetical defendant's chance of being able to claim s/he didn't know the alleged underage participant was underage.

    • by Maestro4k ( 707634 ) on Friday September 24, 2004 @07:45AM (#10338956) Journal
      • Just check the online ID before persuing the child??

        That's gonna cut into the FBI's stake-outs, isn't it?

      Doubt it, they'll most likely be able to get fake tokens to use online. The main problem may be that they'll need multiple tokens as they can't be the same "child" constantly as their cover might be blown from time to time (after busts for instance).

      Other than that it probably won't matter, if you read the details of the busts the police do make from online contacts the guys were total morons to start with. They didn't arrest some horrid child predator, they arrest some moron who likes kids but isn't bright enough to be successful at it. I'm quite sure the real dangers are far sneakier, after all they know the feds are watching the chat rooms too. Additionally the statistics show that most kids are sexually abused by someone they know, generally family, so online predation isn't what the cops really need to worry about, it's just a way to make it appear they're doing something about the problem.

  • And what is stopping a dubious individual from borrowing one of these tokens?
    • And what is stopping a dubious individual from borrowing one of these tokens?

      The only way it could work is aggressive monitoring. The token must contain not just age/gender of the child, but an ID number into a huge database... and all browsing/chatting done under that ID must be reported in summary form to an adult responsible for the child (parent or teacher).

      That way, users of borrowed tokens can be caught by profiling. (Or more likely, lost/sold tokens can be deactivated before the "predatory" adul
  • by P-Frank ( 788137 ) on Friday September 24, 2004 @07:09AM (#10338716) Homepage
    Excellent! I figure by about noon tomorrow I'll download a patch that "officially" makes me a 16 year old girl.
  • by scythian ( 46974 ) on Friday September 24, 2004 @07:10AM (#10338723) Homepage Journal
    Selling his or her token to some freak on ebay!
  • Oh noes! (Score:2, Funny)

    Does this mean that "she looked 18" is no longer a valid defense?

    Cheers,
    IT
  • by palad1 ( 571416 ) on Friday September 24, 2004 @07:12AM (#10338736)
    A personal x509.3 certificate and a crypto key.

    So when he's 21 he won't complain when the barcode on his forearm will be used to 'strenghten e-vote security'.

    Train them while they are still young, the older they get, the harder for you to teach them new tricks...

    Oh, wait, this only works with pkcs#11-enabled chat applications? I guess IRC will have to be outlawed then. You don't want untagged pedophile commies subverting little Tommy on IRC now, do you?
  • "... unnamed children's safety group ..."

    So? Which business is this that is marketing something which basically says :

    "OK Parents! Using our technology, it will be safer for your kids to be additional consumers on the internet now"

    Please tell me this is not the case.
  • It seems completely obvious to the millions of people who visit /., so why isn't obvious to the people who implement these things.

    The only thing that these USB tokens verify is the information on the token!

    Untill they surgically graft these fobbles to the children and make them unstealable (ooops not possible), then they are pointless.

    hehe WON'T SOMEBODY THINK OF THE CHILDREN!

    har, I thought I would never say that.
  • Dumbest Idea Ever (Score:4, Interesting)

    by LaNMaN2000 ( 173615 ) on Friday September 24, 2004 @07:12AM (#10338741) Homepage
    This is the dumbest idea in the history of mankind: verifyably identifying children as such on the Internet. Unless, of course, they are trying to help pedophiles find targets that they *know* are too young to be FBI agents.
  • That takes care of the huge problem of 14 year old girls prentending to be 50 year old women.

    The non-issue of 50 year old men prenting to be 14 year old boys (or girls) is probably not worth the investment!
    • The non-issue of 50 year old men prenting to be 14 year old boys (or girls) is probably not worth the investment!

      Well, they probably won't have a token, will they?
  • by mr. mulder ( 204001 ) on Friday September 24, 2004 @07:16AM (#10338763)
    So, not only are students going to be forced to carry yet another form of ID, but they'll also have to give a third-party company (Verisign in this case) detailed personal information.

    What about student's rights - they have the right to enter chat rooms, etc.

    I can envision the next step - restricting web sites based upon age, then it will be restricting web pages based upon being a student, finally, just restricting overall.

    Luckily, we won't have to worry about this being a wide-spread problem - the system is too flawed to go very far; however, I feel for those that WILL be made to use it.

    Bottom line is that NOBODY should HAVE to use this system - somehow it should infringe upon their right to freedom of assembly. Albeit, a *virtual* assembly, it's an assembly!
  • by dpbsmith ( 263124 ) on Friday September 24, 2004 @07:16AM (#10338764) Homepage
    Unless the article is leaving out some, dare I say key piece of information... in about a week, students will have figured out that the computer doesn't know whether the USB token belongs to the person who inserts it or not.

    In about two weeks, they will be borrowing them from older siblings.

    In about three weeks, there will be a brisk trade in USB tokens issued to older students who have no interest in the school-approved content that is actually linked to the key, but great interest in money.

    In about three months, forged adult-ID USB token will be for sale on eBay.

    Even a plain old ID card has a signature and a photo on it, so someone can see whether it matches the holder of the card or not. But these anonymous bits of colored plastic are just an invitation to abuse.

    In a corporate setting, I suppose you've signed something that says you're responsible for all use made of the token, and you would be suspiciously unable to do your job if you loaned it to someone else... and subject to dismissal if someone finds out. I don't see how that can be applied in a school context.

    Unless they were planning to Superglue the token to the kid?
    • by erikharrison ( 633719 ) on Friday September 24, 2004 @08:15AM (#10339175)
      Ha!

      It's more like those kids who are already on the internet will continue using open environments (AOL chatrooms, IRC, message boards) where the token is useless, and those who aren't web savvy will loose the damn thing.

      The way to make these used is to make kids want to use them - for example, providing places where kids feel more secure or comfortable with some guarentee of the identity of their co-chatters. On the other hand, we're just lulling those kids into a false sense of security for many of the reasons you list above, regardless of whether or not what you mention comes to pass, but because it teaches them to trust weak technology without thinking.
  • www.isafe.org (Score:5, Informative)

    by way2trivial ( 601132 ) on Friday September 24, 2004 @07:17AM (#10338773) Homepage Journal
    see their site... they are the makers of the device
  • some type of law? I would want that information to be authenticated that way. If I remember right, parents will have to consent to it first if it is a public school.

    What are the students doing in chat rooms during school anyway? Seems that Verisign just wants another way to make money.
  • ... it's all encrypted on a Lexar JumpDrive
  • Gender? (Score:5, Insightful)

    by LordK2002 ( 672528 ) on Friday September 24, 2004 @07:20AM (#10338790)
    What on Earth has gender got to do with child safety?

    Clearly in some cases it might be necessary or desirable to prove your age, but unless the chatroom is supposed to be an online matchmaking service I fail to see what the presence of a Y chromosome has to do with anything.

    • Re:Gender? (Score:5, Insightful)

      by grahamm ( 8844 ) <gmurray@webwayone.co.uk> on Friday September 24, 2004 @07:33AM (#10338869) Homepage
      Maybe some areas might be gender specific. For example girls might find it easier to discuss things like the the changes to their bodies which happen at puberty if there are only other females present. The tokens could be used to only allows girls of the appropriate age (plus specific vetted adult female advisors) in the chatroom.
    • Re:Gender? (Score:5, Insightful)

      by figa ( 25712 ) on Friday September 24, 2004 @09:26AM (#10339742) Journal
      How are advertisers going to narrowcast effectively if they don't know the gender of the kid? These keys are going to be a boon to target marketers. They'll be able to get the age, gender, school district, and past browsing history easily, and with a little cross-referencing, ethnicity and family income.

      Foucault would probably point out that technologies of control have always been inflicted on children first, always for their safety and well being. Verisign's obvious goal in this is to breed a generation of Internet users that are accustomed to using an ID with a computer. While this generation comes of age, Verisign will probably partner with Microsoft and legislators to make Verisign-issued IDs mandatory start a computer, first for children, then for the rest of us. It's not that far-fetched, and it ties in well with DRM.

      As for girls (or boys, for that matter) discussing their private lives online, a less cynical and profit/control motivated educator would explain that you just don't discuss those things online. Kids should understand that they are publishing when they're writing in a chat room, whether it's run by the school or Mattel, and anything you say can be stored, copied, and republished outside of the context you wrote it in. These keys would obviously not keep a malicious child from copying sensitive text from a gender "locked" discussion board, complete with IDs, and text messaging it to the rest of the class.

  • EBAY! (Score:2, Interesting)

    by Lifix ( 791281 )
    Gosh. If I was a student, I would be snatching these things up like gold, then pawning them on ebay to teh pedofiles.

    This only adds a false sence of security, without biometric identification on these usb things, anyone can become a 16 year old male. Lets go chat up NAMBLA and ask them what they think!
  • If they really want to make a ton of money and have this product take off, try selling it to adults. Please. Then build it into gamespy and various game servers. There's nothing more annoying than playing an FPS when some 12-year-old bowl-of-brain-mush comes in and decides to use all of the latest words he's picked up before they go out of style. "Hey, you Nazi-licking (%black slang%) baby (%illegal activity%) roosterface! Yeah, I'm talking to you!"

    Okay, so we all know they don't use caps and punctuation,
  • School administrators will provide a list of students, with their ages and genders, and VeriSign will encode that information onto the tokens.

    Surely they should be encoding their date of birth on there and not age?

    Otherwise, come the kids birthday, the token will need updating again.

    • Re:Age? (Score:2, Funny)

      by nagora ( 177841 )
      Otherwise, come the kids birthday, the token will need updating again.

      And Verisign get paid again. I think you've hit on a business plan, there.

      TWW

  • Dangerous (Score:2, Insightful)

    by mrph ( 708925 )
    The situation could get dangerous if people start relying too much on these things.
    Once someone figures out how to crack it, he or she would be able to fool everyone who believes that the system is reliable.
    Today most people are sceptical to people online, with this system it could actually get really easy for the scumbags to convince someone of their (fake) age.

  • "Hi, I'm a pedophile. Would you mind proving that you are underage before I start grooming you for sex?

    Ok, that's great. Now what's your address, little girl?"
  • Get lost Veribad. (Score:2, Insightful)

    by mcbridematt ( 544099 )
    As a technology concious teenager, I would like to say FUCK OFF VERISIGN. I WILL NOT BE PLUGGING SOMETHING INTO MY OWN HARDWARE JUST TO LET PEOPLE KNOW WHO I REALLY AM. If I want to disclose my identity in full, thats my own decision.

    Of course, they're are a whole lot of teens out there who spend the whole night talking to friends on MSN (blame Micro$haft for capturing this market by bundling it with WinXP).

    I would like to call on parents reading this to frag all traces of MSN and other chat networks from
  • After hearing this story on the radio this morning, I was thinking that this system would work well if it had a web-of-trust component, similar to that for Thawte [thawte.com] or other digital signature authorities. To me, it's a given that this thing is going to be hacked, and exposing it to as much daylight and as many human users as possible is what would make sure the system was trustworthy....
  • Changing the world (Score:3, Interesting)

    by AdamHaun ( 43173 ) on Friday September 24, 2004 @07:32AM (#10338866) Journal
    So every chatroom in existence has to be rewritten in order to use the token scheme? Why would anyone go to the trouble of doing this? If schools want safe chatrooms, why don't they just set up their own network and do the authentication themselves? Expecting the whole world to change to support your authentication scheme seems a little farfetched.

  • Verisign age tokens, what a great currency for paedo's.
  • is to adults. You can't prove you are an adult and thus entitled to something more by NOT having one of these.

    The goal to Verisign is obvious -- once they are widespread, you try to get first libraries and then other places to require the use of the "KEY" to use the system to prove your age. As an adult, you'd "need" one, and thus have to pay for it.

    Also, its a good first step toward a "universal" (as if) public key. Ideally, imagine something like the Post Office being able to assign a public/private key to you. That's what everyone wanted with these keychain java keyring things talked about in the 90's.

    Personally, I hate seeing verisign being given this contract, but I'm not sure someone shouldn't have it.

    I'd like to see a U.N. sponsored standard, with countries and or businesses able to register as registrars. The SSL key distribution system we have now works pretty well (if overly expensive).

    At a minimum, that same system applied to people as apposed to web server names would go a long way.

    Yes, I know all the usual issues apply -- how do you prove its YOU with the key, etc. Lots of discussion on that (which is off topic) and other things. Privacy? What about additional private certificate keys? Well, why not all those things.

    Personal ID should have a data component for public key.

  • by Zog The Undeniable ( 632031 ) on Friday September 24, 2004 @07:35AM (#10338889)
    "Let me see your dongle."
  • COPPA anyone? (Score:5, Insightful)

    by YrWrstNtmr ( 564987 ) on Friday September 24, 2004 @07:42AM (#10338933)
    Children's Online Privacy protection Act of 1998 [ftc.gov]

    It's not the school administrators information to give away. This information must go through the parent.

  • by chegosaurus ( 98703 ) on Friday September 24, 2004 @08:15AM (#10339179) Homepage
    So now I know the girl I'm talking to is genuinely 16. Now all I need is a token that proves she's genuinely hot.
  • by zogger ( 617870 ) on Friday September 24, 2004 @08:41AM (#10339348) Homepage Journal
    ... the one made out of shiny flexible metal.

    This is just another example of conditioning the younger generation. Get them used to big brotherism and total surveillence/command & control. Goes along with acceptance of constant TV camera monitoring, using a thumb scanner to get a school lunch (how pavlovian can you get?) and other sorts of brainwashed response mechanisms.

    We've already got the adult population conditioned to accept things that would have caused lynch mobs 100 years ago, like "random courtesy checkpoints" on the roads.

    To the goons, the elite controllers, it's just part of the system, they want willing sheep, controllable herds, and the younger they get them brainwashed the better, then it's "acceptable and normal".

    Hey, here's an idea! Why don't we drug the kids in the schools as well? Then we can make them even MORE controllable!

    Oh ya, they do that too. Funny how all that stuff ties together.
  • by whovian ( 107062 ) on Friday September 24, 2004 @08:43AM (#10339386)
    1. The burden would be on children to get an ID. It suggests the children are to blame, when it's the pedophiles who are at fault and should be prosecuted.

    2. In the extreme, isn't this a step in the direction of corporate or even government controlled access? It could limit who, when, and where content can be accessed -- if at all.
  • The device drills a hole in the kid's head and counts the rings. TGIF!
  • FERPA violation? (Score:3, Informative)

    by awkScooby ( 741257 ) on Friday September 24, 2004 @09:06AM (#10339576)
    I thought FERPA (Family Educational Rights and Privacy Act) generally prohibited schools from disclosing personal information about students. I guess Verisign is relying on the "Organizations conducting certain studies for or on behalf of the school" exception. How do they propose implementing this if it passes the study? Certainly they should receive no excemption then.

    Of course they could provide technology to schools so that schools could program their own tokens, thus eliminating the need to send private, federally protected inforamtion to Verisign. But, that would undermine Verisign's greedy, "let us mint certs which expire more frequently than necessary, so that we can sell you the same thing over and over again" strategy...

  • Gender? (Score:3, Interesting)

    by Eudial ( 590661 ) on Friday September 24, 2004 @09:09AM (#10339601)
    Eh, what does gender have to do with anything? Isn't age the relevant part?
  • by liquidsin ( 398151 ) on Friday September 24, 2004 @09:09AM (#10339606) Homepage
    I'm already working under the assumption that every eleven year old girl I'm chatting up on irc is either a 37 y/o truck driver from Idaho or an FBI agent.

  • by scruffy ( 29773 ) on Friday September 24, 2004 @11:43AM (#10341097)
    Surely Verisign can come up with a better stupid idea than this.

    Oh yeah, there was Sitefinder. Never mind.

You can be replaced by this computer.

Working...