←back to thread

I read the federal government’s Zero-Trust Memo so you don’t have to

(www.bastionzero.com)
656 points EthanHeilman | 2 comments | 27 Jan 22 15:06 UTC | HN request time: 0.461s | source
Show context
adreamingsoul ◴[27 Jan 22 18:02 UTC] No.30103816[source]
Here in Norway we have BankID which uses MFA. To access any government, banking, or official system you have to authenticate with your BankID.

Its simple amazing.

replies(8): >>30103945 #>>30103980 #>>30104019 #>>30104025 #>>30104329 #>>30104701 #>>30104874 #>>30113601 #
thomascgalvin ◴[27 Jan 22 18:15 UTC] No.30103980[source]
I'm America, about 30% of the population would start screaming about the Mark of the Beast if we tried to roll out something like this.
replies(2): >>30104141 #>>30104929 #
jandrewrogers ◴[27 Jan 22 19:21 UTC] No.30104929[source]
There is a large contingent of non-religious people who are against it on civil liberties grounds. The resistance to it truly crosses both parties, and it requires the cooperation of the States, which makes it politically non-viable as a practical matter.
replies(1): >>30106151 #
kelnos ◴[27 Jan 22 20:33 UTC] No.30106151[source]
The thing I don't get about the non-religious arguments is that we already have a national ID, it's just a patchwork system of unreliable, not-particularly-secure forms of identification that are a pain in the ass for a regular citizen to have to deal with. And the REAL ID stuff essentially makes state IDs conform to a national ID specification anyway.

And regardless, if you do want a national US ID, you just get a passport, and it'll be accepted as a form of ID everywhere a state-issued driver's license or state ID is accepted. Of course, in this case it's technically voluntary, and many Americans don't travel internationally and don't bother to get a passport.

replies(2): >>30107139 #>>30108391 #
1. mindslight ◴[27 Jan 22 23:11 UTC] No.30108391[source]
> The thing I don't get about the non-religious arguments is that we already have a national ID, it's just a patchwork system of unreliable, not-particularly-secure forms of identification

Yes, and this unreliable patchwork is already being heavily abused by surveillance companies (eg Equifax, Google, LexisNexis, Facebook, Retail Equation, etc) involuntarily storing our personal information - creating permanent records on us that we can only guess the contents and scope of, sorting us into prescriptive classes so that we can be better managed, and completely unaccountable to even their most egregious victims.

Social security numbers were promised to only be used for purposes of administering social security, and yet now they're required by many businesses for keying into that surveillance matrix. The main thing holding back more businesses from asking for identifiers is that people are hesitant to give them out.

Before there is any talk of strengthening identification, we need a US GDPR codifying a basic right to privacy. Until I'm able to fully control the surveillance industry's dossiers on me (inspection, selective deletion, prohibit future collection), I'll oppose anything that would further empower them.

replies(1): >>30156463 #
2. kelnos ◴[31 Jan 22 23:40 UTC] No.30156463[source]
> Before there is any talk of strengthening identification, we need a US GDPR codifying a basic right to privacy.

That's a fair point, agreed. Privacy needs to be legally recognized as a strong right before we allow more centralization of this sort of thing. (Though sadly it's already pretty centralized, just not by the federal government.)