Identity — A Story

[Dave Birch] Here’s a story about identity, just to show you how identity infrastructure works in the “real world” and how we aren’t wise to use what is alarmingly known as common sense in order to import this infrastructure across the virtual world boundary into our online future.

My son and I were out in the car one evening and we decided that since we had the lounge to ourselves that evening that we’d watch a movie together. Normally, we either buying movies through Apple TV, rummage around in the badly organised pile of DVDs in the living room, or go on Pirate Bay if we can’t find what we want through the preceding two mechanisms. But since we were out and about, we thought we go to Blockbuster. They were having a special offer whereby you could rent three DVDs for £10 for the weekend, so we decided to take advantage of it. After having spent the obligatory half an hour wandering aimlessly around the store and arguing about every single potential movie choice, we settled land on DVDs. When we got to the counter I realised that I’d forgotten my wallet but luckily we scraped up £10 between us in cash.

The actual Blockbuster video card that I was given when I opened the account, something like 15 or 20 years ago, has been long lost. For the last several years, on the odd occasion when we ventured in for a DVD, I’ve just given my surname and address and then paid using a credit card in that same name. This has served as adequate identification infrastructure for tens, if not hundreds, of visits. But this time I didn’t have my wallet, so when a guy asked me for my card and told him that I didn’t know where it was, he then asked for a credit card in the usual fashion and I told him that we didn’t have one of those either. So he said we couldn’t rent the DVDs. I was a bit annoyed because I couldn’t be bothered to drive all the way home, so I was just going to give up. But then the guy said have you got anything in the car that could be identification, like an insurer’s document or something, or even a letter addressed to you from someone official? I frankly doubted that I did, my son grasped at the straw and we went back to the car. Just as I’d imagined, there were no identification documents of any kind. They’re in the back of the car were half a dozen copies of the Digital Identity Reader 2010, the indispensable volume for all concerned with the topic of identity.

Over my son’s protestations, I went back into the shop with a copy of my book. I showed it to the guy and said “there you go, that’s me”. “Hold on”, he said, “have you got something with a picture on it, or is there a picture of you in the book?” I was forced to admit I didn’t, and there wasn’t. But son to the rescue with his raised-on-the-inter-web sensibilities. He held out an iPhone, and said “just googled him”. Fortunately under that search term, under Google images, the third picture along was me. We had our DVDs.

In the future, everyone will be famous for fifteen megabytes

None shall password

[Dave Birch] Technology does throw up some damned difficult issues sometimes, particularly when it has an impact on law enforcement. In the old days, when your door was kicked in by size 12s, all of your documents could be read and used in evidence. But it’s not so easy now.

Brazilian police seized five hard drives when they raided the Rio apartment of banker Daniel Dantas as part of Operation Satyagraha in July 2008. But subsequent efforts to decrypt files held on the hardware using a variety of dictionary-based attacks failed even after the South Americans called in the assistance of the FBI. The files were encrypted using Truecrypt and an unnamed algorithm, reportedly based on the 256-bit AES standard. In the UK, Dantas would be compelled to reveal his passphrase under threat of imprisonment, but no such law exists in Brazil.

[From Brazilian banker’s crypto baffles FBI • The Register]

I suppose you could always say that you were mentally ill and couldn’t remember the password, or something similar, but in the UK that wouldn’t keep you out of chokey.

The first person jailed under draconian UK police powers that Ministers said were vital to battle terrorism and serious crime has been identified by The Register as a schizophrenic science hobbyist with no previous criminal record. His crime was a persistent refusal to give counter-terrorism police the keys to decrypt his computer files. The 33-year-old man, originally from London, is currently held at a secure mental health unit after being sectioned while serving his sentence at Winchester Prison.

[From UK jails schizophrenic for refusal to decrypt files • The Register]

This is a really difficult issue. In the UK it’s illegal to not give the police your password to (I think) anything. Certainly, if you have encrypted email, files, disks etc and you won’t hand over the password (or decryption key) to the forces of law and order then you will go to jail. Someone else just has, in fact.

A teenager has been jailed for 16 weeks after he refused to give police the password to his computer. Oliver Drage, 19, of Liverpool, was arrested in May 2009 by police tackling child sexual exploitation. Police seized his computer but could not access material on it as it had a 50-character encryption password. Drage was convicted of failing to disclose an encryption key in September. He was sentenced at Preston Crown Court on Monday.

[From BBC News – Man jailed over computer password refusal]

He got 16 weeks in chokey for this. I can see three possibilities here: he is guilty of some child porn offence and his encrypted files would prove it, he is guilty of something else or he is not guilty but just doesn’t want the police looking through his files. Take the worst case (from society’s point of view, not his) and let’s say he is guilty of a serious child porn offence (I’m not saying he is, or isn’t, and I fully recognise that he wasn’t convicted of any such thing). I’m a parent. If he did such a thing, I want him locked up for a long time and I don’t want him back on the streets without treatment. 16 weeks is a joke. 

In the future, everyone will be famous for fifteen megabytes

Now and then

[Dave Birch] I went along to the University of Southampton Class of 1980 30th reunion, which was fun. I really did enjoy my time there (it’s one of top 10 UK universities according to the students) and was looking forward to seeing it again. I booked up for the whole package, which included staying in a dorm again for the night.


It was a little different from my old room in that it had en-suite and internet and a telephone. Mollycoddled, today’s students.


When I was in my first year, I actually lived in Connaught Hall, part of the Wessex Lane halls. These were different from the other halls, mainly because they had a warden system, whereby each landing was under the control of a warden (all of whom, I think, were lecturers or mature students). I don’t remember much about ours except that he seemed to drink a lot. I was there reading Physics, which I loved but wasn’t very good at. I was actually something of a maths prodigy, but I didn’t wanted to study it at university. Fortunately, Southampton at that time had good computing courses, so a combination of failing physics modules together with pass maths and computing modules earned me a degree. As it happened, only two of us physicists showed up (me and David Perry) but I got the full class list so maybe I’ll type it in to a web page somewhere in case one of my former classmates google’s themsevles.

We went off for a tour around the campus. Here’s our tour guide, who was born eight years after I graduated, standing outside the Hartley Library, which was built in the 1930s, asking us if it had been there when we were students.


In my second and third years I shared a house with friends in Sirdar Road, right behind the Engineering blocks, so my world lay essentially along a straight line, from the Brook Inn (our local pub) along Sirdar Road, past Engineering…

Way Home

… and then across the campus to Physics. The Physics building hadn’t changed much at all as far as I could see.


After the campus tour I went to a lecture — quite unlike any I had ever attended on the campus before, because it was about Agincourt and such like and it was given by Anne Curry, Professor of Medieval History and author of a book on the subject — and then in the evening we met for a talk by Professor Dame Wendy Hall who explained her personal journey from being student at Southampton to being Dean of the Faculty of Physical and Applied Sciences via being the first ever non-American chair of the ACM.

Wendy Hall

We then sat down to very pleasant dinner followed by drinks at the bar. At dinner, the organisers had put copies of the student newspaper from now and from then out for us to browse. Much of the content was the same then as now, although the politics today seemed much less radical (today’s students don’t have things like the Anti-Nazi League to galvanise them, I suppose). I don’t envy them. I had a full grant and lived easily, frankly. But one thing that did leap out at me was that the old newspaper had “milk round” adverts in it.


These date from the days when there used to be jobs for graduates, so employes would come to down, rent out a pub and ply prospective employees with drink. That’s how I got my first job. All in a all, a lovely reminder of how I started down the short and not especially winding path to Consult Hyperion.

In the future, everyone will be famous for fifteen megabytes