Estonian Electronic Identity Card: Security Flaws in Key Management (opens in new tab)

(usenix.org)

222 pointsdcbadacd5y ago80 comments

80 comments

Anyone wondering if this is a new issue; it's not, it's a more detailed writing of some previous issues, one of which being the Gemalto affair[0].

The new cards issued in 2018 are not known to have any vulnerabilities.

[0]: https://www.linkedin.com/pulse/timeline-estonian-id-card-vul...

kreetx5y ago

Didn't read the paper but it appears to be fresh, so maybe the newsworthy part is that they are still not fixed?

Avamander5y ago

The paper is half for giving a technical overview of the issues and part new analysis based on datamining old certificates. The issues have been mostly fixed, compliance violations however are still badly monitored.

kreetx5y ago

Yup, true - from the end of section 2.3.4 jTOP SLE78: "The jTOP SLE78-powered ID cards were issued until the end of 2018. ID cards manufactured currently are powered by the chip platform supplied by IDEMIA (not covered in this work)."

Looks like the ID cards issued after 2018 are not covered, so I guess this really is "old news".

PrimeDirective5y ago

> The flaws of the ID-card is a very politically charged topic to discuss in Estonia, having any doubts about the ID-card or e-voting will make you a persona non grata.

I somewhat disagree, the discussion tends to get bent by some populist agent provocateurs and some of the initial reactions from the private sector media. (In Estonia, the government media is the most centered out of all news outlets, go figure). What these statements usually are is that "ID card has a flaw X, therefore we should immidiately ban it, close the R&D and burn it with fire", forgetting that crypto and computing in general, changes over time. My view is that, of course each flaw has to be resolved and sometimes this is political, but this just means the work has to continue.

C1sc0cat5y ago

Thinking that compulsory id cards "Papers Bitte" are not a good thing is not an uncommon view.

ZWoz5y ago

ID card is mandatory by law, but there aren't sanctions (in my knowledge). You need some kind document though, in US that is usually drivers license. I don't see big difference here.

bennylope5y ago

In the US you are required to have your drivers license while driving, but I do not believe there are any blanket requirements (since it would vary from state to state) that you must be able to furnish identifying documents at all times.

1 more reply

bragh5y ago

It's not about it being compulsory, but the system being unverifiable end-to-end and any criticism of that being laughed at.

If you put it into business terms, would you trust an employee or vendor who told you that everything was alright, did not allow you to perform checks and audits and mocked both your and external partners concerns [0] about it? I don't think so. If the government is indeed for the people and not vice versa, then this is not acceptable.

[0] https://www.youtube.com/watch?v=LkH2r-sNjQs Tom Scott's video about e-voting. Funniest rebuttal I saw on Estonian social media was that we are secure, since he is talking about e-voting, but we have i-voting. So I guess once we will call it c-voting, it will be even better...?

likelyunaware5y ago

That video had outdated information regarding the Estonian e-voting system. The report from 2014 has been invalidated by the newer system, IVXV, which has been redesigned to address previous criticism. The newer system is open source, available at https://github.com/vvk-ehk/ivxv. A good source to quickly familiarize yourself with the architecure, is "Improving the verifiability of the Estonian Internet Voting scheme"[0] by Jan Willemson et al

[0] https://research.cyber.ee/~janwil/publ/ivxv-evoteid.pdf

aj35y ago

I watched the video. It's a load of crap. I mean, here are his arguments (feel free to tell me if I missed something):

  - voting systems inevitably have to be closed source, loaded on easily compromisable USB stick, connected to internet unguarded and sitting that way for years. In what reality is this nihilistic fatalism a reasonable expectation?
  - voter has no way of independently verifying that their vote has been processed correctly. First of all, this is simply ignorant as there are many cryptographical schemes that allow verification, but most importantly - how do you know that your vote has been processed correctly in our current system? You don't, there is no way for you to do that.
  - US hacking machines are routinely exploited at Defcon. That's right. You know what else is routinely exploited there? Physical safes, which are used for storing you know paper ballots. Also cars. And Air Force has promised to bring a fucking satellite next year. Something having vulnerabilities in the past does not mean it still has them, something having vulnerabilities currently does not mean they are easy to exploit in practice or can't be detected and mitigated, some products in a certain category having vulnerabilities does not mean all products in this category will inevitably have vulnerabilities in the future and we should just give up on ever fixing them.
  - trusting a person in a voting booth to vote for you would be ridiculous, but filling a ballot yourself and trusting that it will get counted correctly along the way is somehow self obvious - I guess because in the first case you clearly see that a human is involved in the process and in the second example it sort of feels like the process is finished once you physically put your vote into a box?
  - the average voter won't understand checksums. Well, maybe the average voter shouldn't worry about bad bytes in that case? And how come deterministic and auditable cryptography is a problem while demonstrably non-deterministic process of current paper voting (look at how results always differ ever so slightly when votes are recounted) is a non-issue?
  - transferring votes over internet is problematic because you can't trust software on either end. Right, because you know (never mind trust) everybody that will handle your vote on the path from voting booth to the whatever-governing-body-is-announcing-results-in-your-country? 
  - central computer could be manipulating your votes and only a few people will have an opportunity to inspect it. Well, how many voting boxes have you been allowed to inspect in your life? Are you allowed to go to the central location where your votes are aggregated and recount all of them personally? How do you know that officials in your voting location, precinct or at a national level haven't agreed to manipulate the results?
  - casting doubts on the election is easy to do with electronic voting and nearly impossible with paper voting. Have you heard this cute story about medical masks becoming a conspiracy and symbol of oppression among certain population in US? Has nothing to do with electrical circuits and everything to do with politics. If a current incumbent happens to lose an election there you can be sure that election results will be called fake, no matter paper or digital.
  - malware exists, so voting from personal devices is ridiculous. Just as ridiculous as doing e-commerce or banking? Or in case of Estonia getting pretty much any other official business done, or so I hear.
  - a single vulnerability in someones computer can be scaled to millions of computers. Ok, let's say someone is still using Windows XP and got infected with something after downloading GTA from Pirate Bay. How does that affect people voting from their iPhones?
  - anecdotes, anecdotes, anecdotes

tl;dr: Stop spreading FUD.

2 more replies

p_l5y ago

It's an american view, mostly due to having only experience with ID documents through WW2 movies or cold War propaganda, mixed with religious voices against it ("mark of the beast", wish I was joking).

Elsewhere, "Papers, please" tends to be sign of excessive "stop-and-frisk" or movement restrictions, and the idea of having basic ID card seems to not have much of an opposition. Especially since it's much simpler than sometimes circular requirements of "web of trust" confirmations like in UK (though I heard it got better)

8organicbits5y ago

Correct, wikipedia even documents this:

https://en.m.wikipedia.org/wiki/Your_papers,_please

zo15y ago

Wow - that's like 3 negative "modifier" words. I don't actually know what you're saying with that sentence and I've been reading it for about 3 minutes now.

AhtiK5y ago

"The jTOP SLE78-powered ID cards were issued until the end of 2018. ID cards manufactured currently are powered by the chip platform supplied by IDEMIA (not covered in this work)."

If my memory serves me right, there was an easy way to check if your ID card was affected and it got replaced for free. The flaws described in paper are not known to exist in cards issued since the end of 2018, beginning of 2019.

jlgaddis5y ago

Yeah, an "offline tester" [0] was made available by the researchers who discovered ROCA [1] and a company with "close links" to the researchers created a "ROCA Vulnerability Test Suite" [2]. The Estonian government also had one on their web site [3] but it is, apparently, no longer available.

ROCA didn't just affect Estonian ID cards, though. It also affected also TPMs (from Infineon), certain Yubikeys [4], and even some PGP keys!

---

[0]: https://github.com/crocs-muni/roca

[1]: https://roca.crocs.fi.muni.cz/

[2]: https://keychest.net/roca/

[3]: http://www.id.ee/?lang=en&id=38239

[4]: https://www.yubico.com/support/security-advisories/ysa-2017-...

chrismeller5y ago

Yes, the Police and Border Guard has an online tool to check. They also supposedly contacted all the people with bad chips (my card was not vulnerable, so I can’t verify that).

Etheryte5y ago

The aftermath of the issue has been previously discussed here (2018): https://news.ycombinator.com/item?id=18104861

bragh5y ago

Brave guy to publish this, hopefully it won't end up similar to the Dreyfus affair — depends on which the media will roll due to it being "pickled cucumber season" (everybody is on vacation, nothing much happening during summer in Estonia). The flaws of the ID-card is a very politically charged topic to discuss in Estonia, having any doubts about the ID-card or e-voting will make you a persona non grata.

Etheryte5y ago

Regarding your last point, I have a hard time seeing what you mean. The system is audited both internally and externally fairly regularly, the latest report being released just December last year [0]. There is also frequent news coverage, both supporting and criticizing the system [1][2]. One of the current government parties [3] is an active critic of the system. So it seems like a fair stretch to say that discussing or criticizing the system isn't common or somehow not welcome.

None of this is to say that the system doesn't have flaws, as every other IT system, it does. It is however publicly discussed as you would expect in a democracy.

[0] https://www.mkm.ee/sites/default/files/e-valimiste_tooruhma_...

[1] https://www.err.ee/keyword/15389

[2] https://www.postimees.ee/term/15008/id-kaart

[3] https://www.valitsus.ee/et/peaminister-ministrid/valitsuse-k...

bragh5y ago

> The system is audited both internally and externally fairly regularly, the latest report being released just December last year

Can you please clarify the 'fairly regularly' part? One of the members of that commission said that this is the first time that this kind of audit has been undertaken: https://digi.geenius.ee/rubriik/uudis/e-valimiste-tooruhma-l... To be fair, there are lots of other reviews having taken place, but none of them are regular with the exception of the OECD ones happening during elections: https://et.wikipedia.org/wiki/Elektrooniline_h%C3%A4%C3%A4le...

> There is also frequent news coverage, both supporting and criticizing the system

ERR is government-funded and seems to me quite neutral, not sure how it is relevant here. But it still seems to me that mainstream media is supportive and you have to go to "alternative" news sources to find any true criticism.

> One of the current government parties [3] is an active critic of the system.

Actually 2, if you count both KE and EKRE. And this is one of the major criticisms against those parties and has been so for years.

A good example of the prevailing attitude can be seen in this thread from 2017 about the security hole back then from Hinnavaatlus, probably biggest IT-related forum in Estonia: https://foorum.hinnavaatlus.ee/viewtopic.php?t=715076&postda... The general tonality in the beginning was that this is a tinfoil problem and somehow brought up by KE and EKRE before elections until the reality of the situation sunk in.

Avamander5y ago

There have been no code audits.

raxxorrax5y ago

Being spammed with reviews after mentioning that there might be a disagreement about electronic id data collection drives the original point a bit.

Etheryte5y ago

While I try to sympathize, I'm not entirely sure I see what you mean. Neither the research linked in the submission nor anything that I linked to discusses data collection, unless I'm grossly misunderstanding you.

As for the things I linked, none of them are reviews. The first link is a ministry report from last year that outlines 25 shortcomings of the system and how to address them — a clear example that there's open discussion about any problems the current system has. The second and third links are national news coverage that clearly show articles from both pro and con sides. The last link is about the current government in general.

Svip5y ago

> "pickled cucumber season"

Funny, it's called "cucumber time" (agurketid) in Danish. I wonder if it's a related term in Nordic countries + Estonia.

gspr5y ago

We also call it "agurktid"/"agurknyheter" in Norwegian, and I know the Germans use "Sauregurkenzeit".

I've never heard any similar expression in English, nor in any Romance languages. The Brits use "silly season" for the same concept in journalism/news.

atlasunshrugged5y ago

Ha, I'm an American who lived in Estonia for a bit, I'm not familiar with any related US term. Maybe we just don't have this as much as Europe - I know I was shocked at how slow business got in the EU in summer, there's for sure a dip in the US with people going on vacation but nothing like Europe in July/August

2 more replies

sputr5y ago

Yeah, we also use 'time of pickled cucumbers' in Slovenia. So not just a nordic thing ;)

praseodym5y ago

It’s also called “komkommertijd” (“cucumber time”) in Dutch. Not pickled, because we call pickles “augurken”.

krzyk5y ago

and "sezon ogórkowy" (cucumber time) also in Poland :)

kaliszad5y ago

Okurková sezóna in Czech

pisipisipisi5y ago

He is a well-known researcher in Estonia, with his scope of work both known as well as appreciated (at least by the non-politicians). Of course some have the "too big to fail", thus "you don't talk about Vo..." attitude, but those want to turn technical argumentation into political "agreement" and it is hard to debate a 0 to become 1. You can't argue with computers, "lets agree this 0 is as good as 1, even better and greater!"

atlasunshrugged5y ago

Having worked for the Estonian government for a bit, I'm not sure that it'll exactly make you a persona non grata but definitely you'll get a ton of pushback if you make any claims about e-ID and e-voting as people have very strong feelings about it.

pier255y ago

I'm from the EU and considering incorporating my next company in Estonia.

Anyone else in a similar situation has any recommendations or ideas about this?

edko5y ago

In general, I had a good experiences. There are a few annoying things, however: my Estonian bank (VUB) discriminates against non-Estonian customers (even if they are EU citizens/residents) by applying a foreigners fee. Also, the local business register seems to be above data protection laws and sells your information. I receive lots of spam just by being in the register. Also, if you think that because your company is private your financial statements will also be private, that won't be the case. They will still sell the information to anyone for a few euros.

pier255y ago

> Also, the local business register seems to be above data protection laws and sells your information.

Jesus that sounds terrible...

AhtiK5y ago

Make sure to understand the tax laws when it comes to the company tax residency in scenarios where you're physically not operating in Estonia nor employing people there, nor having majority of your clients there.

See my older comment [1] for some related topcis to research.

[1] https://news.ycombinator.com/item?id=21321451

atlasunshrugged5y ago

Yes, I'd definitely echo that, a huge amount of tax implications are based on individual residency/permanent establishment so if you're living in say, Germany, for 1/2 of the year + 1 day, you should be expecting to pay at least your personal income taxes there, and likely the business taxes if you're a sole prop without local employees and local business. Of course, if you're a true 'digital nomad' who doesn't establish residency anywhere it gets much trickier. But in general, my advice it to pay for 1-2 hours with an accountant up front before you go through setting up a new entity somewhere

pier255y ago

Even if my personal account was in an Estonian bank?

2 more replies

pier255y ago

Thanks, I will definitely check this out.

Stierlitz5y ago

> n this paper, we describe several security flaws found in the ID card manufacturing process ..

Like accidentally on purpose,secure up to a point, but weak enough to allow the spooks to generate their own IDs. I mean if the cards were unhackable how would a spy do his job :]

chrismeller5y ago

As an American residing in Estonia, I’m not sure what the benefit of a state compromising the card crypto would be. There are four broad categories of uses for the ID cards:

1) Obviously, a government-issued photo ID

2) For an increasing number of shops, as your “frequent shopper” card, which admittedly is slightly related to...

3) Authentication, including: logging into your bank, government websites (the state portal, the tax authority, the the “digital story” - all your medical records, the online booking website for booking some combination of surgeons/specialists that operate under the public healthcare system), the (one) online pharmacy that exists, etc.

4) Signing things. I’ve signed my lease with it (though “paperless” Estonia still wanted me to sign a paper version as well) and more routinely you have to “digitally sign” any bank transfers... which are the standard way to pay bills in Estonia, so you do it a lot. Finally, voting online.

I don’t see how broadly compromising the crypto would really benefit anyone for any of those things, it would have to be a more specific individual attack, like draining your bank accounts.

Edit: formatting, added voting

pisipisipisi5y ago

Getting asked as an expert "can this id card thing be trusted?" my answer has been "for communicating with the government you inherently don't trust, the method or security of an authentication device does not really matter" (filing your taxes or logging to services being the scope). Some claiming encryption privacy issues ... Well, for any meaningful opsec you should not be using the id card for encrypting messages about overthrowing the same government issuing the encryption devices in the first place, if government reading your messages is a threat in your model.

chrismeller5y ago

Yeah, I think the biggest risk would be rigging an election, but we’re talking about a country of 1.2 million people. Not to dismiss the importance of their elections on Estonia, it doesn’t really have the same worldwide ramifications that compromising a US, UK, German, etc. election would have.

1 more reply

LatNax5y ago

A single leak can be bad, multiple leaks piled into a single actor can be life changing.

roywiggins5y ago

The spooks are the same government issuing the ID. They can just call up the department issuing the IDs and ask for a batch of new identities. No technical flaws necessary.

xyzzy1235y ago

I know your comment was tongue in cheek but this has come up in the digital Id space before. All these things get bootstrapped off government sources and spooks have no problems because governments control those databases. You don’t need technical hacks if you control the systems of record.

dane-pgp5y ago

So what's to stop the ruling party from issuing its loyal spooks thousands of ID cards in key districts, which they then use to cast fraudulent votes in the election?

noodlesUK5y ago

So, an argument that I hear regularly is that having a mandatory centralised and cryptographic ID system really expedites certain ID-related tasks. Can anyone in Estonia comment on this? Within the US and U.K., there’s no mandatory ID, which I think is probably a good thing for civil liberties (no papers please, for instance), but also fosters certain industries such as credit reference agencies and has all sorts of weird side effects from bootstrapping things like SSNs and NI numbers into secrets. Are there companies like Jumio and Acuant in Estonia, or has the government rendered them pointless?

Avamander5y ago

> I hear regularly is that having a mandatory centralised and cryptographic ID system really expedites certain ID-related tasks.

Paper signatures and fax are both considered obsolete, the latter is basically never used. Cheques? Never seen them. Logging into any high-value service is done using the eID. If you use local services there's rarely any need for any site specific passwords, password managers, U2F, FIDO(2), GPG or similar identity technology. There's no need to send a pic of yourself to verify your identity anywhere, zero shit like that.

You know how PayPal, Stripe or similar payment processors felt/feel really cool and fast? Yeah, we barely felt that because banklinks have fulfilled that use case for the majority for a really long time now.

There aren't any other examples on the top of my head right now, but they're really not the only things. By now, there's basically an entire generation in Estonia that literally have zero idea how things were before, and are thus often shocked by what and how much is required from them in other countries.

> Are there companies like Jumio and Acuant in Estonia, or has the government rendered them pointless?

They're basically nonexistent.

JoeAltmaier5y ago

Seems interesting, but security flaws were in a countable (small) number of cases. Is this a general issue?

pisipisipisi5y ago

This shows the issues in process and attitude. Even in the case of ROCA, you do not really break the crypto part itself, you wiggle around the implementation and procedure issues to bypass it.

cordite5y ago

Are these things PIV or something else?

fabianlindfors5y ago

Are there any Estonians here on HN who would be willing to chat a bit about digital identities in your country? I'm working on bringing e-ID to more people (https://getpass.app/) and looking to get a better understanding of current solutions.

Feel free to reach out, my email is fabian (at) flapplabs.se

j / k navigate · click thread line to collapse

80 comments

dijit5y ago

Anyone wondering if this is a new issue; it's not, it's a more detailed writing of some previous issues, one of which being the Gemalto affair[0].

The new cards issued in 2018 are not known to have any vulnerabilities.

[0]: https://www.linkedin.com/pulse/timeline-estonian-id-card-vul...

kreetx5y ago

Didn't read the paper but it appears to be fresh, so maybe the newsworthy part is that they are still not fixed?

Avamander5y ago

kreetx5y ago

Looks like the ID cards issued after 2018 are not covered, so I guess this really is "old news".

PrimeDirective5y ago

> The flaws of the ID-card is a very politically charged topic to discuss in Estonia, having any doubts about the ID-card or e-voting will make you a persona non grata.

C1sc0cat5y ago

Thinking that compulsory id cards "Papers Bitte" are not a good thing is not an uncommon view.

ZWoz5y ago

ID card is mandatory by law, but there aren't sanctions (in my knowledge). You need some kind document though, in US that is usually drivers license. I don't see big difference here.

bennylope5y ago

1 more reply

bragh5y ago

It's not about it being compulsory, but the system being unverifiable end-to-end and any criticism of that being laughed at.

likelyunaware5y ago

[0] https://research.cyber.ee/~janwil/publ/ivxv-evoteid.pdf

aj35y ago

I watched the video. It's a load of crap. I mean, here are his arguments (feel free to tell me if I missed something):

  - voting systems inevitably have to be closed source, loaded on easily compromisable USB stick, connected to internet unguarded and sitting that way for years. In what reality is this nihilistic fatalism a reasonable expectation?
  - voter has no way of independently verifying that their vote has been processed correctly. First of all, this is simply ignorant as there are many cryptographical schemes that allow verification, but most importantly - how do you know that your vote has been processed correctly in our current system? You don't, there is no way for you to do that.
  - US hacking machines are routinely exploited at Defcon. That's right. You know what else is routinely exploited there? Physical safes, which are used for storing you know paper ballots. Also cars. And Air Force has promised to bring a fucking satellite next year. Something having vulnerabilities in the past does not mean it still has them, something having vulnerabilities currently does not mean they are easy to exploit in practice or can't be detected and mitigated, some products in a certain category having vulnerabilities does not mean all products in this category will inevitably have vulnerabilities in the future and we should just give up on ever fixing them.
  - trusting a person in a voting booth to vote for you would be ridiculous, but filling a ballot yourself and trusting that it will get counted correctly along the way is somehow self obvious - I guess because in the first case you clearly see that a human is involved in the process and in the second example it sort of feels like the process is finished once you physically put your vote into a box?
  - the average voter won't understand checksums. Well, maybe the average voter shouldn't worry about bad bytes in that case? And how come deterministic and auditable cryptography is a problem while demonstrably non-deterministic process of current paper voting (look at how results always differ ever so slightly when votes are recounted) is a non-issue?
  - transferring votes over internet is problematic because you can't trust software on either end. Right, because you know (never mind trust) everybody that will handle your vote on the path from voting booth to the whatever-governing-body-is-announcing-results-in-your-country? 
  - central computer could be manipulating your votes and only a few people will have an opportunity to inspect it. Well, how many voting boxes have you been allowed to inspect in your life? Are you allowed to go to the central location where your votes are aggregated and recount all of them personally? How do you know that officials in your voting location, precinct or at a national level haven't agreed to manipulate the results?
  - casting doubts on the election is easy to do with electronic voting and nearly impossible with paper voting. Have you heard this cute story about medical masks becoming a conspiracy and symbol of oppression among certain population in US? Has nothing to do with electrical circuits and everything to do with politics. If a current incumbent happens to lose an election there you can be sure that election results will be called fake, no matter paper or digital.
  - malware exists, so voting from personal devices is ridiculous. Just as ridiculous as doing e-commerce or banking? Or in case of Estonia getting pretty much any other official business done, or so I hear.
  - a single vulnerability in someones computer can be scaled to millions of computers. Ok, let's say someone is still using Windows XP and got infected with something after downloading GTA from Pirate Bay. How does that affect people voting from their iPhones?
  - anecdotes, anecdotes, anecdotes

tl;dr: Stop spreading FUD.

2 more replies

p_l5y ago

8organicbits5y ago

Correct, wikipedia even documents this:

https://en.m.wikipedia.org/wiki/Your_papers,_please

zo15y ago

Wow - that's like 3 negative "modifier" words. I don't actually know what you're saying with that sentence and I've been reading it for about 3 minutes now.

AhtiK5y ago

"The jTOP SLE78-powered ID cards were issued until the end of 2018. ID cards manufactured currently are powered by the chip platform supplied by IDEMIA (not covered in this work)."

jlgaddis5y ago

ROCA didn't just affect Estonian ID cards, though. It also affected also TPMs (from Infineon), certain Yubikeys [4], and even some PGP keys!

---

[0]: https://github.com/crocs-muni/roca

[1]: https://roca.crocs.fi.muni.cz/

[2]: https://keychest.net/roca/

[3]: http://www.id.ee/?lang=en&id=38239

[4]: https://www.yubico.com/support/security-advisories/ysa-2017-...

chrismeller5y ago

Yes, the Police and Border Guard has an online tool to check. They also supposedly contacted all the people with bad chips (my card was not vulnerable, so I can’t verify that).

Etheryte5y ago

The aftermath of the issue has been previously discussed here (2018): https://news.ycombinator.com/item?id=18104861

bragh5y ago

Etheryte5y ago

None of this is to say that the system doesn't have flaws, as every other IT system, it does. It is however publicly discussed as you would expect in a democracy.

[0] https://www.mkm.ee/sites/default/files/e-valimiste_tooruhma_...

[1] https://www.err.ee/keyword/15389

[2] https://www.postimees.ee/term/15008/id-kaart

[3] https://www.valitsus.ee/et/peaminister-ministrid/valitsuse-k...

bragh5y ago

> The system is audited both internally and externally fairly regularly, the latest report being released just December last year

> There is also frequent news coverage, both supporting and criticizing the system

> One of the current government parties [3] is an active critic of the system.

Actually 2, if you count both KE and EKRE. And this is one of the major criticisms against those parties and has been so for years.

Avamander5y ago

There have been no code audits.

raxxorrax5y ago

Being spammed with reviews after mentioning that there might be a disagreement about electronic id data collection drives the original point a bit.

Etheryte5y ago

Svip5y ago

> "pickled cucumber season"

Funny, it's called "cucumber time" (agurketid) in Danish. I wonder if it's a related term in Nordic countries + Estonia.

gspr5y ago

We also call it "agurktid"/"agurknyheter" in Norwegian, and I know the Germans use "Sauregurkenzeit".

I've never heard any similar expression in English, nor in any Romance languages. The Brits use "silly season" for the same concept in journalism/news.

atlasunshrugged5y ago

2 more replies

sputr5y ago

Yeah, we also use 'time of pickled cucumbers' in Slovenia. So not just a nordic thing ;)

praseodym5y ago

It’s also called “komkommertijd” (“cucumber time”) in Dutch. Not pickled, because we call pickles “augurken”.

krzyk5y ago

and "sezon ogórkowy" (cucumber time) also in Poland :)

kaliszad5y ago

Okurková sezóna in Czech

pisipisipisi5y ago

atlasunshrugged5y ago

pier255y ago

I'm from the EU and considering incorporating my next company in Estonia.

Anyone else in a similar situation has any recommendations or ideas about this?

edko5y ago

pier255y ago

> Also, the local business register seems to be above data protection laws and sells your information.

Jesus that sounds terrible...

AhtiK5y ago

See my older comment [1] for some related topcis to research.

[1] https://news.ycombinator.com/item?id=21321451

atlasunshrugged5y ago

pier255y ago

Even if my personal account was in an Estonian bank?

2 more replies

pier255y ago

Thanks, I will definitely check this out.

Stierlitz5y ago

> n this paper, we describe several security flaws found in the ID card manufacturing process ..

Like accidentally on purpose,secure up to a point, but weak enough to allow the spooks to generate their own IDs. I mean if the cards were unhackable how would a spy do his job :]

chrismeller5y ago

As an American residing in Estonia, I’m not sure what the benefit of a state compromising the card crypto would be. There are four broad categories of uses for the ID cards:

1) Obviously, a government-issued photo ID

2) For an increasing number of shops, as your “frequent shopper” card, which admittedly is slightly related to...

I don’t see how broadly compromising the crypto would really benefit anyone for any of those things, it would have to be a more specific individual attack, like draining your bank accounts.

Edit: formatting, added voting

pisipisipisi5y ago

chrismeller5y ago

1 more reply

LatNax5y ago

A single leak can be bad, multiple leaks piled into a single actor can be life changing.

roywiggins5y ago

The spooks are the same government issuing the ID. They can just call up the department issuing the IDs and ask for a batch of new identities. No technical flaws necessary.

xyzzy1235y ago

dane-pgp5y ago

So what's to stop the ruling party from issuing its loyal spooks thousands of ID cards in key districts, which they then use to cast fraudulent votes in the election?

noodlesUK5y ago

Avamander5y ago

> I hear regularly is that having a mandatory centralised and cryptographic ID system really expedites certain ID-related tasks.

> Are there companies like Jumio and Acuant in Estonia, or has the government rendered them pointless?

They're basically nonexistent.

JoeAltmaier5y ago

Seems interesting, but security flaws were in a countable (small) number of cases. Is this a general issue?

pisipisipisi5y ago

This shows the issues in process and attitude. Even in the case of ROCA, you do not really break the crypto part itself, you wiggle around the implementation and procedure issues to bypass it.

cordite5y ago

Are these things PIV or something else?

fabianlindfors5y ago

Feel free to reach out, my email is fabian (at) flapplabs.se

j / k navigate · click thread line to collapse