Satellite spy in every vehicle

Who will they get to do the IT? Going on past form they will choose EDS If so, you are safe.

Indeed, you can always rely on good old-fashioned incompetence to screw up mass-surveillance attempts.. However if a GPS box is fitted to cars it almost certainly won't be uploading tracking logs, but in the event of the police stopping you they'll have some legal mechanism in place where they'll be able to copy logs off the box in the car for whatever needs they want.

That's the problem with this kind of technology, you get feature-creep which the police justify in the same manner that they justify using anti-terror laws to prevent protests from going ahead. The ID card system will be the same, it'll go in with promises of safeguards that will be "justified" into non-existence.

We're not quite orwellian but we're certainly moving in that direction, very slowly as it takes time for the technology to work and the atmosphere of justification to catch up with the possibilities.

GPS (if they actually use GPS and not roadside transmitters for location) relies on very weak signals that are easily swamped, a small transmitter with an aerial placed near the receiving antenna will be enough to swamp it. Indeed it'll be trivial to rig up a more powerful transmitter that can fry the input circuitry, then just drive around towns zapping cars as you go! I don't see how the system will be workable.

It's probably a smokescreen for something else, introduce a controversial plan that's way above what you want, then water it down to something that you didn't feel would have been accepted in the first place, and we'll all feel much more comfortable with the watered down version.

There's a security and risk assessment company called Echelon, I went for an interview there once and know several people who used to work there. I think they're in Fleet.

15 metres with WAAS (or is it 5?), and GPS is easily defeated with weak jamming or tin foil. Also it's one-way only, you can't transmit back to the satellites, it's more likely that if transmission was required it would be done via networks like the mobile phone or pager networks.

Tracking can be done with cameras like the Trafficmaster cameras, which have already been used to provide evidence in serious crime cases. It's a crime to drive without correct plates and they already check for such things, so I reckon they won't use GPS, they'll just use Trafficmaster-style cameras on pay-per-mile routes as it's already harder to defeat those and get away with it than it is to defeat GPS as there are so many viable excuses available to explain a non-functioning GPS unit.

Personally I think that the GPS or other satellite system being bandied about rather vaugely is a smoke screen to make a watered-down version using different technology more palateable. My money is on roadside cameras with number plate recognition introduced on major routes.

There's already been a long process of tendering for pilots in Leeds and Edinburgh, abandoned due to electoral timing some years ago. That was designed to evaluate various technologies.

However, number plate recognition is now commonplace and well-proven and requires sod all to be installed in the vehicle. The difficulty is that in order to give reduced fuel tax you'd have to cover enough of the network to have all the major routes tolled. The congestion implications for nearby non-tolled routes could be disastrous though.

It's hard to visualise it happening in the next 10 years. It's another Labour smokescreen to make the actual plan less controversial when they unveil it.

Which they alreday have. Very much live and computer linked at ports and "traffic monitoring" is growing on major routes now. Look for green rather than dark blue "trafficmaster" look a like cameras. Quite often co sited.

I daresay there are counter measure that will say you are simultaneosly in Timbukto and atop Everest.

Everything in security falls apart with the insecurity of the computers and what you can alter.

That is the huge joke with the identity card system as well, because biometric shmetrics, someone is gonna get into the computers and create false identities to match, never mind that when you go to have your Iris scanned, what will they use to establish your identity ? false papers, why not .......

An area of security that's not been investigated enough is ways to fake biometrics, some work has been done but not enough, it's something I would like to research if my career goes the way I want it to in the next few months.

Researching the ID card could be difficult because the government is basically making interfering with it it illegal, meaning that only criminals will have the resources they need to probe it as honest researchers like myself won't be able to get company funding to perform a basically illegal act.

They never think these things through very well.

I believe fingerprint readers have already been cracked, although whether this is all technologies or one specific system I couldn't say. As we become more and more dependent on biometrics the prize for fakers gets higher and the criminals will put more and more effort into cracking it.

It's a mix. Some capacitive readers (solid state ones on things like laptops and USB keys) can be fooled just by breathing on them, others need more work, e.g. photographic etching of a fingerprint into a fake finger (all doable with stuff from stores like Maplin). Some have their tolerances so low to ensure that they "work" and don't keep rejecting people that they are easily fooled. It depends on the individual device and the market it's aimed at.

Iris recognition is one of the best cheap technologies, fingerprint technology isn't very good as a machine doesn't do as good a job as a trained human at recognising a damaged or greasy print. Manual workers or people who've just had lunch often cause problems for fingerprint readers.

Also there's a difference between whether a reader is used to authenticate someone or identify someone, i.e. enter a username and verify using a fingerprint (authenticate mode), or put your fingerprint on a scanner without a username and it identifies you and logs you in (identify mode). Using a typical fingerprint scanner's error rate, I calculated that with a database of 1,000 users a scanner working in identify mode would log you into the wrong account 10% of the time. With 10,000 users you'd be lucky to get the right account!

The best thing about faking biometrics is that the fake will usually work over a wide range of devices. If your iris or fingerprint is faked, how do you change it? It's not like changing a password.