Sunday, May 15, 2005

More Real ID

Identity crisis
Congress just passed an act requiring Americans to carry a national I.D. card. Forget the Big Brother concerns -- security experts say terrorists will figure out how to get them, and warn that your DMV experience will become even more hellish. (By Farhad Manjoo, SALON.COM, May 13, 2005)

The article is an overview of the Real ID act, and the various protestations against it. The Schneier bit is just one of the interviewees quoted in the article.

To recap - the Real ID act calls for the formation of a national identification card that's machine readable. It will piggyback on drivers licenses, hence the implementation requirement will be passed on to individual states.

Farhad's article is very interesting, even with a couple innacuracies. For example he claims the U.S. Passports already have RFID in them, while linking to this article. But if he had bothered to read the article, as well as the background material linked from the article, he'd know there was a proposal to add RFID to U.S. passports, but that the proposal was recently rejected.

The key concern is the RFID chip, and Farhad seems to position that chip as nothing short of the Mark Of The Beast in the Book of Revelations.

Hundreds of immigration rights and civil-liberties groups have criticized the bill. They argue that the national I.D. card will allow cops and corporations to spy on citizens and worry that new databases of personal information will aid identity thieves.

The most potent argument he makes is demanding solid identity cards is like looking in the rear view mirror and fixing the problem that just occurred. It's like this nonsense we go through at the airports, just because one guy made a half-assed attempt to blow up an airplane with bomb material in his shoes, we now all have to take off our shoes in the airport.

the "failure of imagination," to borrow the 9/11 Commission's phrase. Depending on whom you ask, the act will cost tens to hundreds of millions of dollars to implement. By focusing our resources on a plan to prevent a repeat of 9/11, we may be failing to anticipate and prevent a different attack -- one in which the attackers aren't foreigners but American citizens, whose weapons aren't airplanes but buses, and whose target isn't an office building but a shopping mall.

The act is not worth the trade-off ... We get no additional security while expending enormous costs to institute the national I.D. system. The cost is measured not only in money but also in the loss of privacy.

The big thing we should worry about with this is the ways it can be misused. For example passive RFID can be read from a distance, using a powerful enough reader. For example an argument could be made for installing readers in every doorway leading in and out of public buildings, or perhaps all buildings. In order for the Real ID card to work, the RFID reader has to query a central database to determine the identity associated with the card, and hence the owners of that central database then would be able to track every Real ID holder and most of their movements. An argument could be made to require Real ID for any purchase in any store, just as today we're asked to show a "picture ID" when we buy something with a credit card or check. And, again, the owners of the central identity database would be able to track where we purchase items.

The Real I.D. Act will result in the creation of a nationwide database of personal information that would be a juicy target for attackers. "There isn't a database on the planet that isn't vulnerable to attack," says Schneier, an expert on database security. "Maybe they'll manage to create the first safe database -- but that isn't the way to bet."

Yup ... I've been working in computer software for over 20 years, and I have to totally agree with this. It's not just the database, though, but the whole system. With RFID scanners installed ubiquitously some of them will fall into mischevious hands, be reverse engineered, and they'll find a way to get into the system.

They might insert false identities into the system .. might tamper with things .. or it could end up being a huge leak of private information.

Plus, if you've ever looked at your own credit report, you know how completely innacurate those are. The credit reporting companies have a big incentive for accurate reports, and they still get them wrong.

On Dec. 14, 1999, Ahmed Ressam, a 28-year-old Algerian man who had obtained a legitimate Canadian passport under the name Benni Noris, attempted to cross from Victoria, B.C., to Port Angeles, Wash. Customs agents ran his passport -- an old-style passport that wasn't machine readable -- through the computer and found nothing odd. But something about Ressam's demeanor didn't sit well with the agents in Port Angeles, so they began searching his car. They found 100 pounds of nitroglycerin explosives stashed in his trunk. He had planned to blow up LAX.

This system could lull us with a false sense of security that could allow people like that to slip buy security guards who aren't being alert because the machines tell them who everybody is.