This week I was going to post part two of my course in source code documentation, but something far more important has come up to rant about. It's the new Dutch passport, which will hold the owner's digitally encoded fingerprints, in time amounting to a huge biometric database. The year is 1984 again.
This post is not going to be about hackers logging in to the monster database with password "change_on_install"*. I don't doubt the system can be compromised. It's only a matter of time. Those responsible for guarding sensitive data in the Netherlands have proved themselves shockingly cavalier and nothing but an embarrassment of epic proportions is likely to effect a change. Apparently with a cheap set-up and some patience you can produce your own forged prints on plastic foil and wear them to the scene of the crime. It must be true, because I read it on the Internet.
You know, forget about fingerprints. They can be forged and therefore in court they don't always stand up. We all know the holy grail of forensic conclusiveness is DNA. Unless you have an identical twin sibling, your DNA is intimately yours. It's impossible to produce your own fake DNA to throw forensics off the scent. Next time you get a passport you'll be handing over a saliva sample, mark my words.
Anything that can go wrong will go wrong. Any technology or data that can be put to evil use will be abused. In the same way that the usefulness of a mobile phone network grows exponentially with each new user, so will a biometric database of all citizens.
Imagine how easy it becomes for prospective wrongdoers to incriminate someone of their personal acquaintance, secure in the knowledge that their DNA is stored and can be pulled from the database in no time at all. Consider how easy it is to obtain a DNA sample from someone you know. I don't mean a printout from the lab, but actual tissue. Any article of clothing is teeming with it. Just steal a hairbrush and carefully place a few hairs (not too conspicuous, of course) over the murdered body of your choice. Make sure the intended suspect has no credible alibi and they have been in contact with the future victim, preferably with some supporting CCTV footage. Bob's your uncle.
* This is the default administrator password for Oracle databases, and it's appalling how often I have found it still used in production systems, despite the unambiguous hint in its name...
1 comments:
You are totally forgetting the fact that if Dutchies and mane other travel to the US they will still have to be fingerprinted. Dweilen met de kraan open.
Oh, and none of this applies to immigrants, so my ID is just boring plastic.
http://www.24oranges.nl/2009/11/04/of-fingerprints-passports-and-borders/
Post a Comment