Catching up on some Tomalek posts I read a fascinating article on the inherent insecurity of a national ID program. I was already against this whole Orwellian plot, but Bruce Schneier really nails some major points even more important than the typically vague “invasion of privacy” argument. And it all centers around, perhaps, the greatest quote on security I’ve ever read:
[S]ecurity must be evaluated not based on how it works, but on how it fails.
I mean, that’s everything in a nutshell. Sure you have to take risks somewhere, but a nationwide database linked to an undoubtedly forgable card with the private information of 250+ million people… Do you understand the concept of single point of failure? You don’t trust my out-of-state license, here look at my credit cards… or maybe my passport… or any of my any other IDs that corroborate who I am. I won’t bother rewriting the article (it’s short anyway), but if you’re interested in security issues I suggest you check it out.