[IP] real ID CRYPTO-GRAM, May 15, 2005
Begin forwarded message:
CRYPTO-GRAM
May 15, 2005
by Bruce Schneier
Founder and CTO
Counterpane Internet Security, Inc.
schneier@xxxxxxxxxxxxxxx
<http://www.schneier.com>
<http://www.counterpane.com>
A free monthly newsletter providing summaries, analyses, insights,
and commentaries on security: computer and otherwise.
For back issues, or to subscribe, visit <http://www.schneier.com/
crypto-gram.html>.
Or you can read this issue on the web at <http://www.schneier.com/
crypto-gram-0505.html>.
Schneier also publishes these same essays in his blog: <http://
www.schneier.com/blog>. An RSS feed is available.
** *** ***** ******* *********** *************
In this issue:
Blog: Schneier on Security
REAL ID
Should Terrorism be Reported in the News?
New Risks of Automatic Speedtraps
Crypto-Gram Reprints
Detecting Nuclear Material in Transport
The Potential for an SSH Worm
News
Biometric Passports in the U.K.
Lighters Banned on Airplanes
Counterpane News
Wi-Fi Minefields
The PITAC Report on CyberSecurity
State-Sponsored Identity Theft
Combating Spam
Comments from Readers
** *** ***** ******* *********** *************
Blog: Schneier on Security
For eight months now, I have maintained a blog. It's basically the
same stuff you read in Crypto-Gram, only it comes out every day
instead of once a month. And I try to revise what I write there when
I include it here. Check it out if you're interested.
<http://www.schneier.com/blog>
** *** ***** ******* *********** *************
REAL ID
The United States will get a national ID card. The REAL ID Act
establishes uniform standards for state driver's licenses, to go into
effect in three years, effectively creating a national ID card. It's
a bad idea, and is going to make us all less safe. It's also very
expensive. And it all happened without any serious debate in Congress.
I've already written about national IDs. I've written about the
fallacies of identification as a security tool. I'm not going to
repeat myself here, and I urge everyone who is interested to read
those essays (links at the end). Remember, the question to ask is
not whether a national ID will do any good; the question to ask is
whether the good it does is worth the cost. By that measure, a
national ID is a lousy security trade-off. And everyone needs to
understand why.
Aside from the generalities in my previous essays, there are
specifics about REAL ID that make for bad security.
The REAL ID Act requires driver's licenses to include a "common
machine-readable technology." This will, of course, make identity
theft easier. Already some hotels take photocopies of your ID when
you check in, and some bars scan your ID when you try to buy a
drink. Since the U.S. has no data protection law, those businesses
are free to resell that data to data brokers like ChoicePoint and
Acxiom. And they will; it would be bad business not to. It actually
doesn't matter how well the states and federal government protect the
data on driver's licenses, as there will be parallel commercial
databases with the same information.
(Those who point to European countries with national IDs need to pay
attention to this point. European countries have a strong legal
framework for data privacy and protection. This is why the American
experience will be very different than the European experience, and a
much more serious danger to society.)
Even worse, there's likely to be an RFID chip in these licenses. The
same specification for RFID chips embedded in passports includes
details about embedding RFID chips in driver's licenses. I expect
the federal government will require states to do this, with all of
the associated security problems (e.g., surreptitious access).
REAL ID requires that driver's licenses contain actual addresses, and
no post office boxes. There are no exceptions made for judges or
police -- even undercover police officers. This seems like a major
unnecessary security risk.
REAL ID also prohibits states from issuing driver's licenses to
illegal aliens. This makes no sense, and will only result in these
illegal aliens driving without licenses -- which isn't going to help
anyone's security. (This is an interesting insecurity, and is a
direct result of trying to take a document that is a specific
permission to drive an automobile, and turning it into a general
identification device.)
REAL ID is expensive. It's an unfunded mandate: the federal
government is forcing the states to spend their own money to comply
with the act. I've seen estimates that the cost to the states of
complying with REAL ID will be tens of billions. That's money that
can't be spent on actual security.
And the wackiest thing is that none of this is required. In October
2004, the Intelligence Reform and Terrorism Prevention Act of 2004
was signed into law. That law included stronger security measures
for driver's licenses, the security measures recommended by the 9/11
Commission Report. That's already done. It's already law.
REAL ID goes way beyond that. It's a huge power-grab by the federal
government over the states' systems for issuing driver's licenses.
REAL ID doesn't go into effect until three years after it becomes
law, but I expect things to be much worse by then. One of my fears
is that this new uniform driver's license will bring a new level of
"show me your papers" checks by the government. Already you can't
fly without an ID, even though no one has ever explained how that ID
check makes airplane terrorism any harder. I have previously written
about Secure Flight, another lousy security system that tries to
match airline passengers against terrorist watch lists. I've already
heard rumblings about requiring states to check identities against
"government databases" before issuing driver's licenses. I'm sure
Secure Flight will be used for cruise ships, trains, and possibly
even subways. Combine REAL ID with Secure Flight and you have an
unprecedented system for broad surveillance of the population.
Is there anyone who would feel safer under this kind of police state?
Americans overwhelmingly reject national IDs in general, and there's
an enormous amount of opposition to the REAL ID Act.
If you haven't heard much about REAL ID in the newspapers, that's not
an accident. The politics of REAL ID was almost surreal. It was
voted down last fall, but was reintroduced and attached to
legislation that funds military actions in Iraq. This was a "must-
pass" piece of legislation, which means that there was no debate on
REAL ID. No hearings, no debates in committees, no debates on the
floor. Nothing. And it's now law.
We're not defeated, though. REAL ID can be fought in other ways: via
funding, in the courts, etc. Those seriously interested in this
issue are invited to attend an EPIC-sponsored event in Washington,
DC, on the topic on June 6th. I'll be there.
Text of the REAL ID Act:
<http://thomas.loc.gov/cgi-bin/bdquery/z?d109:h.r.00418:>
Congressional Research Services analysis:
<http://www.eff.org/Activism/realid/analysis.pdf>
My previous writings on identification and national IDs:
<http://www.schneier.com/crypto-gram-0404.html#1>
<http://www.schneier.com/crypto-gram-0402.html#6>
<http://www.schneier.com/crypto-gram-0112.html#1>
Security problems with RFIDs:
<http://www.schneier.com/crypto-gram-0410.html#3>
My previous writings on Secure Flight:
<http://www.schneier.com/crypto-gram-0502.html#1>
Resources:
<http://www.epic.org/privacy/id_cards/>
<http://www.unrealid.com/>
EPIC's Washington DC event:
<http://www.epic.org/events/id/savethedate.html>
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/