Pakistan is a sad tale. A country of 200 million+ with almost no future.
The elites are busy milking what’s left of the country before it flames out. The idiotic IMF continues giving them loans to support the extremely corrupt system..the US government also supports the extremely corrupt military.
This is what happens when corruption is built into the culture of your society and religious/tribal hullabaloo is more prioritized than economic and social development.
Corruption is a symptom of Pakistan's deeper systematic problems, not the cause. Whole books have been written about this. Unless you define corruption = anything bad that someone with power does.
It's also apparent that whenever democratic forces have been allowed to fix public systems in some small amount, corruption has gone down, or the system has become much more pleasant and efficient for the public to use.
I already responded to you above about starting this flamewar, but then you perpetuated it here by obviously breaking the site guidelines. We've had to warn you about this several times before:
Scrolling further back yet, I see even more of this, so unfortunately I think we have little choice but to ban your account and I've done so.
If you don't want to be banned, you're welcome to review https://news.ycombinator.com/newsguidelines.html and give us reason to believe that you'll follow the rules in the future. But this would mean dramatically changing the comments you post—I hope that's clear.
I think the argument against is that right now people know how terrible an authentication system this is and don't build actual security on top of it -- "we only have cardboard boxes so we installed cameras and encrypted the contents."
Once it's good people will outsource the work to what is essentially a CA system where every BMV in America is an issuer and I expect it to hold up at best as well as SMS verification.
I think the problem is that people are relying on this for actual security. The article demonstrates how easy it is to get companies to accept this form of fraudulent authentication (and the demand for this service speaks to its efficacy as well).
Why not let notaries or an authoritative agency issue cryptographically signed one time codes upon inspection of your physical ID? Frankly, it sounds like a superior system to me.
Cardboard boxes can be acquired without a record of their purchase and are easy to hide among other cardboard boxes, like a book in a library. Also can be used to hide from enemies while moving around under the box.
It can be. If my bicycle has no lock at all, I will not leave on a outdoor parking near the central railway station, because I know for sure it will be stolen. The value here comes not from imperfect security per se, but from my ability to predict the outcome. Now if my bicycle has a meh lock, the chance of it being snatched suddenly increases.
I'm saying that maybe people who chose to accept the id scan knowingly accept the risk, have a second line of checks somewhere, evaluate amount lost to fraud or fines against the cost of having full-fledged PKI and also knowingly make it your problem if their evaluation proves to be wrong.
The CAs have been hacked. Multiple times, in several different ways. And that's just the public ones we know about, which I have no reason to suppose are all of them or even necessarily a significant fraction of what we would consider compromises. At the scale of "everything done on the internet" or "all the money" you can't wave this issue away. It is difficult, if not impossible, to build a security system that is more expensive to break than "all the money and value in the world".
A government identity to do business with the government might just about be possible. A government identity to cover everything done by everyone everywhere is not. The value of cracking that system is just too high.
> A government identity to cover everything done by everyone everywhere is not. The value of cracking that system is just too high.
So the value of the system being broken is too high, yet we live in a world where it's broken, as anybody can make a photoshop of your driving license? I'm sorry I don't get the argument.
Basic principle of security: A security system should be more expensive to break for the attacker than the value of the thing it is securing to the owner.
This is generally a counter to people using binary thinking and believing that a security system is broken if there is any way in at all, thus thinking things are either in the categories "secure" or "insecure" without any further qualification. In fact those categories don't exist. It is intrinsically at a bare minimum a spectrum of security, and one can slice & dice more finely if one likes based on what sort of attacks various different types of attackers can mount, e.g., defending against whole-internet scans is one thing, nation-state attackers specifically targeting you quite another.
I'm using it in a different way: When what you want to lock behind your security system is essentially "all economic value in the world", such as "we'll solve all identity problems on the internet by just having the government provide identities", that means you need to create a security system that is more expensive to break than "all economic value in the world". However, you can't. Any conceivable security system is easier to break than that.
There is a sense in which it is simply necessary that there be a wide variety of independent identification systems, each individually covering sufficiently small amounts of value that they are possible to exist at all, and with a diversity of costs and strengths to cover the various cases.
It's a classic fallacy of "the old one may be extremely bad, but it's already there, so it's okay, but the new one needs to be perfect against anything any scenario someone can think about, no matter how far fetched". We have this pretty often here in Germany. The requirements for anything digital are so incredibly high compared to the non-digital version we have currently/had before (depending on whether we finally managed to introduce a digital version), it's just sad.
Let me send you that totally secure fax with my totally secure signature drawn by hand. Far more secure than a digital document signed by this scary, newfangled electronic signature, which could have been hacked and is therefore totally insecure.
And because of that a photo of your driver's license is at best a low-pass filter. A central identity system where you get strong identity verification will be relied on for real security and authentication making it a properly juicy target the level of Gmail for account compromises but the real life security of Verizon issuing phone numbers and sim cards.
Of course a country’s capital will always be relatively developed. But Addis Ababa contains less than 5% of Ethiopia’s population…the majority live in horrible conditions.
Six million of them living in a relatively developed environment seems like pretty clear evidence against the claim that it’s “barely a country” and “without a shred of infrastructure.”
All those so-called contributions, yet they can’t save themselves from a $925 GDP per capita and 69% of people being classified as “multidimensionally poor” [1].
Ethiopia is a typical useless African nation marred by excessive corruption and mindless tribalism.
I wonder if Ethiopians can also survive by giving up all the elements invented in the Western and Asian world…they can’t.
Ethiopians inventing a few things here and there is of no use if it’s a country where the majority lives in poverty because of corruption and violence caused by brainless tribalism.
Typical excuse for African nations run by morons elected by an equally moronic populace.
Many formerly colonized countries achieved unprecedented levels of success.
But in Africa where corruption and tribal violence is hindering development, the foolish kleptocrats running the show always try to hoodwink their population by blaming long dead and gone colonialist powers.
You mean rapidly experimenting and innovating to cut costs, unlike the competitors who don’t have the guts to do that and constantly rob the taxpayer blind?
What a callous article. It seems the author is angry that a bunch of people came together to fund a company that failed in the end...well, most startups fail anyway.
> Such journalism is a direct reflection of millionaire or billionaire media owners who don’t want to offend sources, advertisers, or event sponsors with bold, truth-telling journalism that has actual teeth. So what you get instead is a sort of journalism simulacrum that fails to critique wealth, corruption, or power with any real consistency, since the wealthy and powerful owners very obviously don’t want that.
If you want to start an activist site, go start one and solicit donations from your rage-baited audience (that's what Techdirt is afterall). The Messenger didn't claim and never wanted to be an investigative news outlet. It was a simple news outlet that churned out everyday news without giving opinions..I actually loved it!
The sheer arrogance of some journalists...and they wonder why their industry is on a massive decline.
The elites are busy milking what’s left of the country before it flames out. The idiotic IMF continues giving them loans to support the extremely corrupt system..the US government also supports the extremely corrupt military.
This is what happens when corruption is built into the culture of your society and religious/tribal hullabaloo is more prioritized than economic and social development.