The Commons Report Stage of the Identity Cards Bill is now complete.
Home Office Minister Tony McNulty
managed to come up with an astonishing comment which should have every IT Security expert in the world spluttering into their coffee:
"We want people to be able to access secure websites, by means of their PIN number, so that they can adjust and change data on the register. "
He actually pronounced each letter of "'P-I-N' number" (Personal Identification Number number)
So "hackers" or "phishers" or terrorists or criiminals or foreign intelligence agencies etc. will be able to steal or muck around with NIR data without any of the security provided by Biometrics at all !!
How long before a compuer virus brute force attacks your, by definition short PIN, and either compromises your information, and that of millions of other people, or causes you to have your NIR view/edit/update account to be locked or disabled - a Denial of Service ?
No doubt you will then be accused of tampering with the Register and sent to prison for 10 years, since it will be impossible for most people to prove that their IP address was hijacked or faked.