Catching up on some Tomalek posts I read a fascinating article on the inherent insecurity of a national ID program. I was already against this whole Orwellian plot, but Bruce Schneier really nails some major points even more important than the typically vague “invasion of privacy” argument. And it all centers around, perhaps, the greatest quote on security I’ve ever read:
[S]ecurity must be evaluated not based on how it works, but on how it fails.
I mean, that’s everything in a nutshell. Sure you have to take risks somewhere, but a nationwide database linked to an undoubtedly forgable card with the private information of 250+ million people… Do you understand the concept of single point of failure? You don’t trust my out-of-state license, here look at my credit cards… or maybe my passport… or any of my any other IDs that corroborate who I am. I won’t bother rewriting the article (it’s short anyway), but if you’re interested in security issues I suggest you check it out.
Although the idea of a way to track each and every citizen would have some benefits, I also have to remind myself of the article I read on airport security, and how they’ve detained this air force officer for questioning at airports over a dozen times. Why? Because his name is on a list, and they can’t remove it.
So while we can have any old terrorist walk into the country from Canada or Mexico, or come in with a French or British visa, we’ll continue to spend our time investigating US citizen Bob John for the 13th time.
This card/database idea sounds like communism – works in theory (and Civ II :D) but when you apply it to humans, things go all wrong.