"A great example of rampant, over-reaching, ignorant, and ill-conceived political foolishness.

Just imagine if security mismanagement such as that encountered at the DHS or the TSA was to impact the NSTIC; one serious data breach would provide a field day for the bad guys. And should that happen, imagine the chaos while the problem was addressed … clients of any of the government's social services would find themselves locked out, services like the Department of Motor Vehicles would grind to a halt (OK, make that more of a halt), and companies that deal with the government could see their businesses hit a brick wall.

And all of this would be because the wonks at NIST think they can do what enterprises with far more experience in hardcore IT have learned the hard way; that unified security is incredibly difficult to implement even for a few thousand people. For tens of millions of citizen, it would be effectively impossible!" - http://www.networkworld.com/columnists/2011/011411-backspin.html

same system can be used to keep certain individuals away from the internet?

Horrible, horrible idea from the get-go. Makes me want to incorporate and never own property or perform transactions on my own behalf again.

Yeah, this will end well. Extra points for the shitty animation (notice the tasteful use of clip art on the flatscreen).

Haha. Way to go statist idiots.

Voluntary at the start. But then quickly it'll become compulsory. What do you expect from the benevolent master with a big stick?

Where's the part that tells how it will be more secure?

Tell me why I don't find this to be a safe secure idea? I dont get a warm and fuzzy feelings from this security blanket.

Well leftists, you want a huge government to DO something about every problem.

Here's your "something". Now it's everyone's problem.

This is not a leftist proposal. This is an idiotic proposal. And it simply won't happen. Anybody with half a brain and the slightest but of technical savvy won't go near this plan, and it will fall apart.

If there is anybody curious about the best way to keep your passwords secure, I recommend a program like KeePass. I have a few "low security" passwords that I can remember and use for things like web-forums, and high security complex passwords for banking and other important web transactions that I use KeePass to track and keep safe. I keep the KeePass in my DropBox folder (it doesn't have to be "installed" like most programs), so I can access it even if my computer dies (or gets stolen).

Of course it is also important to have a decent anti-virus program installed, but if you don't know that, then you probably shouldn't be banking on the internet.

Isn't this called facebook? No wait, that's the one where they sell your information.

Eric Blair would be turning in his grave.

>> ^MaxWilder:

Anybody with half a brain and the slightest but of technical savvy won't go near this plan[...]


We are screwed

I'm not sure you guys are being fair. My guess is that most of you are using your personal data in the way they describe. So instead of having a secure repository for it, you've sprinkled it all over the internet with online shopping, banking, or what have you. I mean, how many companies' websites do you think you've trusted with your credit-card number alone? Even if you haven't, it doesn't mean that most internet users don't.

I agree, a central repository like that would have to be extremely secure, as would the credentials they hand out. After things like the epsilon hack, it's hard to trust that is possible. However, the alternative doesn't exactly seem any more secure. Besides, the system is opt-in. Feel free to continue doing whatever you usually do and trust.

When all you need to worry about is the weakest link, I'd rather have fewer links. Also, as the video explains, this wouldn't necessarily be implemented by government alone. This will most likely be implemented by all those private companies that know how to do "hardcore IT."

*lies.

I guarantee this can either backfire (allowing ID thieves to gain your I-D even more easily through social engineering), or can be used to track individuals. The applications, key fobs, or cards all can easily have a form of RFID or other forms of tracking implemented inside of them, and could likely make finding out what you are up to even easier than before. There are far better methods than the solution suggested above, such as better protocols, encryption standards, or simple web of trust that can be implemented without the need for any need for political debates.

Bottom line - This is something unnecessary, and there are already much better, cheaper and far less invasive methods of security.

Adding video to channels (Lies) - requested by kasinator.

I was going to say that we have better implementations of this already, like PayPal. PayPal is extremely good for filling in the role of the middle guy with the cash, when you don't know that you can trust someone yet or ever.

Pick good passwords and don't let your computer get compromised. If a website doesn't offer a well-known middle man like PayPal or have qualifications that meet certain banking standards (you can usually find this stuff on their site somewhere) or they can't even encrypt their checkout page: DON"T USE THEM.

Be careful how you deal and what you're doing (worm, bots, trojans, etc...) and you'll be fine.