McNealy Calls for National ID Card Too

Syre writes: "Well McNealy's at it again calling for a national ID card (a smart card powered by Java, anyone?)." So let's get this straight: Oracle wants a national ID card powered by Oracle. Sun wants a national ID card powered by Java. (Even though the U.S. already has a national ID card, since the states are in the process of linking their driver's license databases together.) Is there any company that doesn't want to exploit a tragedy for financial gain? And didn't each and every one of the hijackers present valid ID?

Re:ANOTHER one?

[Jordy]

Exactly what advantage does yet another card have? I'm sure they'll be just as easy to counterfeit as current identification methods...


Uhm, no. The current security of ID cards relies on the fact that it's hard to create a physical duplicate of the card itself. This is mediocre compared to the system being proposed.

A real smart card would have enough space on it for a real cryptographic signature that can guarantee (unless of course the key is comprimised) that this particular card was issued by the good old USA. Coupled with issue and expiration dates, this alone would be vastly superior to anything we have currently and provide a significant barrier to counterfietters.

But that's not all. If you had a real-time lookup system to verify that an ID was in fact issued at all and each card itself had it's own unique entry in the system you end up with a system that is resistant to even key comprimises.

On top of that, if you require unique characteristics such as fingerprint, DNA, retinal scan, heat signature and photo to be gathered at the time of issue of the ID so you could do duplicate scanning (one person can't have two IDs) you end up with a system which is orders of magnitude more secure than what currently exists.
You could even go a step further and only allow a particular machine to be able to read the cards that are only allowed to be operated by government workers subjected to stringent FBI background checks and self-destruct if tampered with. The card itself would obviously also be tamper-resistant.

Even more impressive is that if this was done properly, you could subject every person entering the country to it and in real-time issue temporary IDs that would allow even foreigners who may lie about themselves to never be allowed to lie twice.

Of course, what would be better than a national ID is an international ID (which passports are for, but are pretty poor... ink stamps when entering and leaving a country, please.) Though at least they have barcodes and pretty holograms.

Then again, you have to understand how traditional counterfietting is done. Rarely does anyone actually create a fake ID. Instead, you find an incompetent DMV in some state, steal enough ID information and let them create a nice new ID for you. A well run national ID program would prevent this.