Did People Think No One Would Recognize REAL ID If Introduced Under Another Name?
from the pass-id,-indeed dept
Last year, it became clear that REAL ID was dead on arrival as pretty much everyone was against it, and states were refusing to implement it. With the changing of the administration, it seemed like REAL ID was finally going to die completely... but apparently not just yet. EFF alerts folks to the fact that the same concept has basically been reintroduced under the name PASS ID, as if that would trick people:Proponents seem to be blind to the systemic impotence of such an identification card scheme. Individuals originally motivated to obtain and use fake IDs will instead use fake identity documents to procure "real" drivers' licenses. PASS ID creates new risks -- it calls for the scanning and storage of copies of applicants' identity documents (birth certificates, visas, etc.). These documents will be stored in databases that will become leaky honeypots of sensitive personal data, prime targets for malicious identity thieves or otherwise accessible by individuals authorized to obtain documents from the database. Despite some alterations to the scheme, PASS ID is still bad for privacy in many of the same ways the REAL ID was.But why let that stop the gov't from coming up with more ways to keep tabs on you?
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
On the National Security Defense...
PASS ID operates on the same flawed premise of REAL ID -- that requiring various "identity documents" (and storing that information in databases for later access) will magically make state drivers' licenses more legitimate, which will in turn improve national security.
The "improve national security" defense is odd, misplaced, and won't work. Recently, my mom somehow got a fascination of, and started researching 9-11 as if it was a conspiracy. She brought it up and we had a 3 hour phone conversation about it last week. What's interesting is that she's not a putz, in fact, she has a Doctorate.
I think the boomers are waking up to a lot more than people let on, and using the guise of "National Security" just won't cut the mustard. So here's my advice to fellow Senate friends: Be more creative. Maybe say it will protect us from bears, goblins, oilmen and robber-barons as these seem to be bigger threats these days.
[ link to this | view in thread ]
http://crypto-gram.libsyn.com/
As far as preventing identity theft and fake ID's, Steve does discuss a good method that would work but would be scary to implement. Basically give the government a public/private key pair and when you go in to get your ID and pictures taken and such they look up your record and on some small chip on your ID or something that they can scan, even a USB drive or whatever, they have a high quality picture of you with all required information (ie: full name, drivers license number, etc..) that's digitally signed by the government. Then, in order for someone to pretend to be you they would either have to have access to the government computers (or hack them) that have the private key (or access to it) or they would have to do a cryptographic attack (highly unlikely). Unless someone leaked the key out to the public of course, but if that happens everyone will know it and the key will expire.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re:
As far as the cracking thing is concerned, you are right, some ciphers have been cracked, but they often get cracked gradually whereby we start finding algorithms that yield higher and higher statistical probabilities of cracking the key. The government should replace the keys and ciphers long before the cipher is actually cracked.
For example DES was "cracked" (well, some financial institutions still even use that because it's still often difficult enough to decrypt) but part of that is because the government didn't really give the public much time to test it before adopting. Most of that is also because computers have gotten quicker. But as the key gets larger the quickness needed exponentially increases and computers bandwidth is advancing at a limited rate and most cryptographers take that rate vs bandwidth needed to crack a cipher in a reasonable period of time into consideration. WEP was cracked but only because it wasn't really designed to be a mainstream standard, it was designed by a bunch of people who just wanted some temporary way of encrypting data. It was later adopted as a mainstream standard and the cipher it uses still hasn't really been cracked (I believe it uses RC4), just the poor WEP implementation. Heck, Diffie-Hellman key exchange still hasn't been cracked.
But regardless encryption is a cat and mouse game. Keys expire and are replaced by new keys and ciphers get updated and replaced. The point is that it's highly unlikely that a key will suddenly get cracked by some random person because cracking this stuff is a gradual process whereby when we do start to get even remotely close to cracking it we replace the cipher long before it gets cracked. Heck, many of the ciphers that are considered "cracked" and that have been replaced by better ciphers are still pretty secure even today.
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Welcome To 1984 ....and 1944
[ link to this | view in thread ]
Re: Re:
The Nazi's had a variant of that....but just for Jews.
[ link to this | view in thread ]
money
Sign up is "FREE"...
Launch your Blastoff Network and get paid! When you invite your friends to join the Blastoff Network, you will get paid every time they make a purchase within the Blastoff Network. Just think about getting paid every time your friends buy a song on iTunes, books at Barnes & Noble or a new TV at Target. And as your friends begin to invite their friends, you will see your network and your income begin to virally grow. So spread the word and get ready to Blastoff!
Don't miss this opportunity to Blastoff and make money with the rest of us on October 26, 2009!
Be ready to Blastoff!
http://www.blastcashback.com
[ link to this | view in thread ]
Spoiked
[ link to this | view in thread ]
I think the boomers are waking up to lots extra than human beings let on, and the use of the guise of "National Security" just may not reduce the mustard. So right here's my recommendation to fellow Senate buddies: Be more creative. Maybe say it'll protect us from bears, goblins, oilmen and robber-barons as those seem to be bigger threats nowadays.
professional dissertation help UK
[ link to this | view in thread ]
education
Thank you for sharing your professional opinion, students also face similar problems on educational portals, in addition, they must work on their research papers, in which case I advise you to contact https://primeessay.org/article-critique-writing.html
[ link to this | view in thread ]