Quote of the day–Bruce Schneier

For a while I’ve been saying that this whole national ID debate will be irrelevant soon. In the future you won’t have to show ID; they’ll already know who you are.

Bruce Schneier
September 26, 2007
The Technology of Homeland Security
[It was this article that inspired the above comment. My comment to Schneier’s article was:

I used to specialize in biometrics and was underwhelmed at the actual capabilities compared to the marketing hype. And that was with people that weren’t even actively engaged in trying to defeat the technology. If someone really wants to defeat it the odds of success are very close to 100%.

“Novelty” contact lens easily defeat iris scans. Remote fingerprint scanning can be defeated with Band-Aids (or just the sticky tape part of it). More sophisticated/determined people will use contact lens with someone else’s iris pattern and be wearing someone else’s fingerprints.

The bottom line is that for the average person they might be able to know who you are and where you have been. Great information to use against your political opponents and for stalkers with access to the databases but useless for stopping smart and determined criminals.–Joe]

Share

6 thoughts on “Quote of the day–Bruce Schneier

  1. In _Spychips: How Major Corporations and Government Plan to Track Your Every Move_ by Katherine Albrecht & Liz McIntyre, there’s a page which contains a photo credited to PNNL. Creepy stuff. You might want to check it out. http://www.spychips.com/

    I loaned my copy of the book to a friend. Otherwise, I would’ve scanned a copy of that particular page and sent it to you.

  2. RFID chips will work great for tracking people that don’t mind being tracked. But some aluminum foil lined shirt sleeves will block them. And how long will it be before someone figures out how to clone them? That will make things really interesting.

  3. Cloning an RFID shouldn’t be difficult for those who can make them in the first place. Find a disgruntled ex employee. Ping a chip and record the return on a good spectrum analyzer, then copy the response, right? I think its just a matter of supply and demand. I’d bet I already know people who could do this. With the right motivation, you’re likely one of them.

    I’m all for the tatoo on the forarm– its more of a classic, and I like a good classic. We could revise it a bit and use the UPC (barcode) system. Then just scan us through like so many cattle. In cold weather when we’d be wearing long sleeves, we could require an arm band– a good clean one of course. Dirty ones should result in a penalty.

  4. Hells bells, if RFID can be read by a “legitimate” system, surely it could be read by anyone else. You could, if you put your mind to it, produce an active RFID response replicator– a little black box that clandestinely reads RFID responses as you walk down a crowded sidewalk and “plays them back” when required, something like an aviation transponder. Who do you want to be today?

    Any one person capable of stealing ID codes from the Master Database could nullify the whole thing in short order by disseminating the codes worldwide.

    Or is there something I’m missing?

  5. I think that some of them may have some smarts in them. If so then you would have to break the encryption as well. But even if a brute force attack wasn’t feasible sufficient access to a reader would enable you to do whatever you wanted in the cloning game.

  6. I usually have a bottle of NewSkin in my first aid kit. Great as a clear antiseptic bandage, but I suspect it would also be great as an invisible fingerprint covering.

Comments are closed.