Slashdot Mirror
Single Government ID Moves Closer to Reality
NewbieV writes "The Washington Post is reporting that "federal officials are developing government-wide identification card standards for federal employees and contractors to prevent terrorists, criminals and other unauthorized people from getting into government buildings and computer systems."
The project is known as the Personal Identity Verification Project, and is being managed by the National Institute of Standards and Technology (NIST)."
Wow, similar IDs for government employees? This might prove as dangerous to our freedom as, say, Military IDs.
Oh dear jesus god no. If you're going to put all your eggs in one basket at least guard the basket well! The problem is that by unifying all the ID card systems they don't defend the basket as much as they should.
This point can be illustrated well with Safes. If it costs fifty pounds to break into a safe and only put forty pounds worth of valuables in the safe my safe is secure. If I get ten of these safes, each with forty pounds in them then the total of four hundred pounds worth of valuables is secure. Now let's say I decide to replace my ten safes with a single safe! A safe that only takes three hundred and fifty pounds to break in to is no good; I need a safe that is secure in the face of a four hundred pound attack or more.
The problem with centralising identifications systems is that the new scheme is rarely more secure than numerous schemes it replaces. Except, Except, this time this one ID acts as identification for many types of service and this makes everything less secure. Just for the sake of argument. Let's suppose I choose to attack the system in a certain way. Let say I want to obtain a real "fake"; that is, a card that is authentic but I've paid an employee that produces the cards to put bogus information on to the card. Rather than finding two friends in two different branches of government to supply me with a real card in a fake name I only have to find a single person. This type of weaking isn't just true for this limited type of attack - this weaking is there across the board.
Having different IDs is a simple security mechanism. It's the same reason that Microsoft's Passport technology is dying. Yes it might be more convient to have a single "sign in" but it means that you've produced a single global failure point for the entire system. Such systems are brital so please, I ask these people: hire some security professionals to make these decisions. Silly politicians making "security" decisions is about as helpful as putting a football coach in control of skyscrapper construction.
Simon.
A single ID can be forged and used by terrorists for access to any government building! Brilliant!
This is a ways away from a "single government ID". That makes it sound like we are all going to get barcodes on our necks, this is simply a way to streamline the process of verifying federal employees, just as corporations have for years...this is not a problem. It becomes an issue when the ID starts to become mandatory for the non-governmental public, where the potential for abuse is.
Does anyone really think that you should have a single sign on name and password for every online service, site, e-mail account? Would you want that single sign on to be linked with all of your bank accounts? Why is it bad to have everything linked together? What makes identity theft easier?
Forget trolling about tin-foil hats or paranoid people who have nothing to hide. Let's get back to the nuts and bolts of why, from the very beginnings of nature, squirrels put nuts in many different places.
fast as fast can be. you'll never catch me.
Drivers' licenses are ubiquitous and necessary. They are marked with identifying data and a unique number. They have your picture. Authorities are allowed to ask for it, and in general citizens are expected to cough it up. They must be checked by private parties in certain circumstances (to prove your age, for example), and in other circumstance private parties insist on checking your drivers' license as a prerequisite to doing business with you (Blockbuster, e.g.)
Granted, each state keeps track of its own citizens' licenses, so I suppose that's one difference between the status quo and the ballyhooed National ID Card. But really, what else are we afraid of? Why don't we just bite the bullet and make citizens' identification cards necessary? The states can take care of issuing them and tracking the relevant data, and we can have laws about when authorities are not allowed to ask for identification, or when a citizen is not obligated to identify himself, just like we do with licenses. But not arbitrarily tying our ID cards to driving would be much more efficient. Why should it be harder for a blind man to identify himself at will simply because he cannot drive?
So to everyone terrified of national ID cards, wake up: that reality arrived long ago.
Im pretty sure most break-ins come from things like "can you swipe me in? i left my card in the car" or "i work for bob but they havnt put me on the system yet" and "hey can i just use your computer for a minute to print this?"
This comment does not represent the views or opinions of the user.
Let's say you're a terrorist. And, further, let's say you want to hurt Americans. What will you do?
Cheers,
b&
All but God can prove this sentence true.
Yeah. I'm sure that this new ID card will "prevent terrorists, criminals and other unauthorized people from getting into government buildings and computer systems."
I smell someone trying to convince people that security can be had in a product, rather than requiring constant vigilance, like it really does.
"Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
UK Parliamentary Committee Releases Report Damning ID System http://www.privacyinternational.org/article.shtml? cmd%5B347%5D=x-347-63601
Spain has ID cards, but that didn't prevent the Madrid train bomb: http://news.bbc.co.uk/2/hi/europe/3500452.stm
The British Parliament has abandoned their new ID cards for the Houses of Parliament despite the recent security breaches, as some hundreds have 'gone missing'.
Reasons against ID cards: http://www.bbc.co.uk/dna/ican/A2319176
------------
ID cards might well:
* Worsen harassment of ethnic minorities: They'll provide another pretext for stop-and-search, often directed at ethnic minorities
* Have little impact on counter-terrorism: Sophisticated terror networks would soon be able to produce counterfeit cards or papers enabling people to get legitimate cards
* Have little effect on illegal working: Employers who are already willing to break the law won't be put off by identity cards
* Lead to 'function creep': The functions of the card will grow over time as it stores more personal information. More people could demand to see it, effectively making it compulsory to carry one
* Lead to loss of privacy: There will be a massive database containing an unprecedented amount of personal information on people
* Be costly and impractical: There is scepticism about the cost and operability of the scheme, as well as the government's ability to manage the technology
----------------
Doubts over ID card scheme http://news.bbc.co.uk/1/hi/technology/2688697.stm
Environmentalism is the new Victorianism. Everyone ties on a green corset and pretends we're virtuous.
What proponents of high-tech IDs tend to overlook is the importance of having people involved. A few years ago, I worked in a hospital/research center in NYC that had very tight security (for example, everyone was finger-printed before being issued an ID). The ID itself would presumably not be impossible for someone--especially someone motivated--to fake, but the security guards were another matter. They lived at the entrance to the building, and they pretty much recognized everyone who worked there. If they didn't recognize you, they stopped you, checked your ID, and called up to wherever you said you were going. This isn't a system that would work for a bulding accessible to the general public, but the majority of government buildings are only frequented by the people who work there ... for these buildings, attentive security guards are at least as important as fancy IDs.
Timothy McVeigh had ID, too.
IDs do nothing for security at all, except lure gullible people into believing they do something to promote security. The proposed Federal IDs can tell you if a known terrorist is trying to get a job in the government. If a person is a "known terrorist" why in god's green earth hasn't she/he been picked up yet? Oh wait...
Yeah, right.