[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SV: Copyrighting schemas, Hailstorm
- From: Dimitris Dimitriadis <email@example.com>
- To: 'Joel Rees' <firstname.lastname@example.org>
- Date: Mon, 04 Jun 2001 14:18:12 +0200
Thanks for your reply.
Från: Joel Rees [mailto:email@example.com]
Skickat: den 4 juni 2001 07:04
Till: Dimitris Dimitriadis; 'Bullard, Claude L (Len)'
Kopia: XML DEV
Ämne: Re: Copyrighting schemas, Hailstorm
Dimitris Dimitriadis wrote:
[dd] If I have a particular set of identification means (password, voice,
retinal scan, fingerprint, what have you) and rest assured that that's
enough and they can be forged and used by others, we end up in the pig
loving donkey case (only difference being that I have less money and more
bills, possibly even a secret lover I didn't know of until then). If, on the
other hand, we can come up with alternative means that cannot be forged, we
can rest assured that nothing bad will happen.
Forgeries have always existed and always will. So are you asking how to keep
the statical rate of occurence low enough to avoid violent revolution? (in
spite of the fact that your tool is primarily a box that allows people to do
stupid things at higher and higher speeds.)
[dd] Forged identity is only one of the many unwanted things I mentioned. In
the context you copied from, it had to do with the most obvious danger, that
of using information in a simply wrong way. That, however, is too obvious a
thing to discuss at length.
There's a series of other effects frameworks like the one we're discussing
1. Collecting information about people to predict behaviour (done today
already, no big deal)
2. Creating platforms that use that kind of prediction engines to "simplify
ordinary people's lives", that is, sell them stuff
3. Making the platform big enough for non-typical services to use the
platform as a primary menas of cummincation between subject and service
giver (govenrment, non-profit organizations, what have you).
4. Scale this up any number of times.
So onow the question becomes: who has primary access to my identification
means? Obviously not the bodies that have, up to now, done the job. This
power gets transferred to other kinds of organisations. Trivially, these
organisations can keep track of every piece of information you send around.
(Connect this to the work done on the semantic web to get some idea of why
the layer of trust is needed)
Why, then, is this relevant to xml-dev? Well, our beloved syntax makes these
things possible to a far higher degree than ordinary binary code does. And
as we are responsible human beings, we should have some clue as to what kind
of consequence it could have.
Arguments that, by the way, I cannot see have any relevance (and please
correct me if I'm wrong) are:
1. Weapons do not kill people, people do
2. People know what they do when they sign up for various services (ask the
farmers in the backwoods of India, I don't think what their fingerprints
could lead them to)
3. Forgery can be tried in a court of law. (Sure, but the question is how
you measure activity in a system you don't have access to, in order to
realise that someone has broken the law)
Has anyone noted the news items about computerizing land records for farmers
in the backwoods of India? They use fingerprint IDs, and the government
officials in charge seem sold on the concept that since passwords aren't
being used they can't be abused. Said government officials have extrapolated
to a zero probability of forgery (or at least a low enough probability of
[dd] I think this goes to show why it is so important to inform people as to
what identification means nowadays. It's equally important to raise
awareness amongst ourselves that we are, to some degree, relevant for any
change in that direction, by building systems like that, hooking up to
frameworks with that functionality and so on.
The xml-dev list is sponsored by XML.org, an initiative of OASIS
The list archives are at http://lists.xml.org/archives/xml-dev/
To unsubscribe from this elist send a message with the single word
"unsubscribe" in the body to: firstname.lastname@example.org