Slashdot Mirror


Schneier on National ID Cards, Key Escrow Locks, E-voting

Schneier's Cryptogram newsletter this month touches on a lot of subjects near and dear to our hearts: national ID cards, TSA-approved luggage locks, a cost-benefit analysis of stealing an election via hacking evoting machines, a nifty credit with audible security, etc.

5 of 400 comments (clear)

  1. Hard to verify out-of-state ID cards... by LostCluster · · Score: 5, Insightful

    We already have multipurpose-use government-issued ID cards in our wallets in the form of drivers licenses or non-driver photo ID cards issued by our states.

    The biggest problem with all of these is that there are 51 different issing bodies, one in every state plus one for Washington, D.C. Within each state, there are at least two formats to make non-drivers distinct from drivers, most states also have special "funny formats" for those under 21 so that they're more easily rejected when they try to purchase alcohol.

    But, with more than a hundred formats for the best ID system we have, it's impossible for anybody to be an expert on what security measures to look for and be able to notice when they're absent.

    No, this isn't an issue that'd protect us from suicide bombers or airplane hijackers... but being able to properly identify people is essential to financial transactions, and telling illegal immigrants that they don't belong here. It's not exactly a constitutional right to be able present a false ID as your own. The various issuers of drivers licenses should at least be able to agree on a common standard so those cards all look alike from jurisdiction to jurisdiction.

    1. Re:Hard to verify out-of-state ID cards... by crackshoe · · Score: 5, Insightful

      The problem with that is that you'd be infringing on what is traditionally state territory, which rarely ends well. On the other hand, the federal government got unwilling states to roll over on drinking age, so it could be possible. It is possible to get a federal ID -- its called a passport, and they're a bit more stringent on who they give them out to (although i'd in no way gurantee that there aren't hundreds or even more fake US passports about). We are still working on figuring out if you can refuse to show a cop your ID, though.

      --
      Don't worry - its just stigmata. Pass me a napkin and don't you dare tell my mother.
    2. Re:Hard to verify out-of-state ID cards... by pantycrickets · · Score: 5, Insightful

      Don't most driver's license cards have barcodes on the back that liquor stores, etc. can scan?

      Yes, and like everything else, there are tools on the net to generate fake ones. :)

    3. Re:Hard to verify out-of-state ID cards... by Alter+Relationship · · Score: 5, Insightful
      Actually, this is not funny - it's the truth. It spells out "bad guys will always use fakes and avoid the system, while simple Joe's will be screwed up and abused - identity theft, data mining, you name it".
      If you outlaw privacy, only the non-law-abiding people will have it. </obvious>
  2. Re:Windows Source not really closed? by theM_xl · · Score: 5, Insightful

    Not necessarily... We only see zero-day hacks that are detectable. Going through the trouble of getting the Windows source code suggests you're after something else than just the average virus worm... Remember those are in it for the short haul. Do a lot of damage before the virus scanners catch up with you. The black-hats gaining access to the source would likely not be in it for the short haul, but looking for longer-term profit. An exploit would be worth a lot more if it wasn't discovered criminals were using it, and could be used on choice, hand-picked targets only. True, compromising a few hundred or thousand computers isn't anywhere near as spectacular as Code Red. But the criminals aren't in it for spectacle, they're in it for money or power.