Over in New Zealand a knife wielding passenger (http://tinyurl.com/2uksqy) tried to hijack a commuter plane to Australia.

This has led to the usual furious 'debate' (http://tinyurl.com/2hupan) over airline security and of course conspiracy theorists have started butting in.

One of the posters bought up something called the "...real ID act..." which supposedly means that all citizens (of the US/UK) will have to possess an ID card fitted with an RFID chip that will have all their information on it including DNA.

No. It seems that people are all too eager to give their liberties away when anything happens and the government are keen to take our liberties away to make us "safer". When these things happen, citizens pay for it with their freedom. We are heading towards the Orwellian State. The real ID act passed in the US + new laws like the home security act are all new and were passed without public consent, but people are made to believe they are safer with these new laws, even though your DNA, retina, fingerprints are all to be on one card equipped with an RFID chip (radio frequency identification). This card your drivers license, passport, bank card, ID card etc etc. Its everything and they want everyone to have one and soon. I think people need to wake up and stop looking to the government to save them because in the end we will be enslaved. Incidences just like this are exactly what the government needs to convince the people to get chipped. If you think its bollocks - look it up. The real ID act has passed in the US, the UK and soon NZ for sure. All money, details, sex, DNA on those cards. Wake up people, dont let it happen.


I've never heard this particular version though I have seen several ones invoving having RFID chips implanted (usually in your head) for the same purpose.

Can anyone here provide more information on just what Act the author is referring to, or just which wack-a-doo the author of the above has got his ideas from?

Here's info in the Real ID act in the U.S. I don't know what's being done in Britain.

http://www.michigan.gov/sos/0,1607,7-127-1627-130358--,00.html

I somehow doubt there will be any form of "having your DNA Code" on a chip.

Give me a break...

EDIT: Thanks for the link gravy...I see no mention of retina scans or DNA Code in that "Act" description...why am I not surprised.

TAM:)

Bob Barr, an Amercian conservative has written about his objections to the Real ID law. If his name doesn't ring any bells look at his bio on his web site.

http://www.bobbarr.org/default.asp?pt=newsdescr&RI=918


FWIW, 17 states have passed laws barring the implementation of Real ID for various reasons.
http://epic.org/privacy/id-cards/

Lots of details here:
http://en.wikipedia.org/wiki/REAL_ID_Act

I have no comment, mainly through a lack of reading on the subject, on whether there should be a "real ID" card program in the USA, or in Canada for that matter.

My point is merely on the issue of DNA Code and Retina Scanning, which I see no evidence for in the "Act" description.

TAM:)

looking at this on wikipedia:
Data requirements

Each card must include, at a minimum, the person's full legal name, signature, date of birth, gender, driver's license or identification card number. It also includes a photograph of the person's face and the address of principal residence. It is required to have physical security features designed to prevent tampering, counterfeiting, or duplication of the document for fraudulent purposes. In North Carolina, these new security features include a hologram of a map of the entire North American continent[2] (http://www.worldnetdaily.com/news/article.asp?ARTICLE_ID=57502).
It will use common machine-readable technology, with defined minimum data elements (the details of which are not spelled out, but left to the Secretary of Homeland Security (http://en.wikipedia.org/wiki/Secretary_of_Homeland_Security), in consultation with the Secretary of Transportation (http://en.wikipedia.org/wiki/Secretary_of_Transportation) and the states, to regulate).



i dont see how this is any different than the state-issued drivers license i have now

it has my full name, DOB, gender, DL number, address and picture (it also has my height, weight and eye color) it has tamper security, as well as a "common machine-readable technology" called a barcode

personally i support a national ID and a national drivers license because it would mean someone checking IDs (in an airport, liquor store, etc) doesnt need to be familiar with 50 state IDs to check for fakes, they would just need to know the national ID

Bob Barr, an Amercian conservative has written about his objections to the Real ID law.


A person not possessing a Real ID Act-compliant identification card could not enter any federal building, or an office of his or her congressman or senator or the U.S. Capitol. This effectively denies that person their fundamental rights to assembly and to petition the government as guaranteed in the First Amendment.

Well I can't contact my representative unless I have some means of communicating with them. Is it unconstitutional for me to not have a telephone?

A veteran may be denied access to a VA hospital because he or she lacks the requisite Real ID card, perhaps because they did not have the money required to purchase it or because they could not locate the background forms the Department of Homeland Security required to obtain one.

Why are veterans too poor or stupid to follow directions?

I remember seeing a clip on a news show where this FBI lady was saying they wanted to build up a massive database of peoples retina information, but she recognised there was a security problem they hadent solved yet that if someone steals your credit card you can cancel it and get a new one, but if someone steals your retina information you cant get another eye! :D. When governments are so inept they will loose computer disks with the personal details of thousands of people like they did in the Uk, thats a very important concern! :D

This "REAL ID ACT" stuff is so overblown. I hate how Conspiracy Theorists keep bringing that up as proof that our government (along with all the others in the world) are trying to form a One World Government.

It's such crap, and just like defaultdotxbe it's essentially exactly what everyone has now.

I don't think the Conspiracy Theorists would be all over it so much if it wasn't going to include a hologram of the North American Continent. Being that the new ID is supposed to make travel between countries easier, it doesn't exactly seem diabolical to put that on the ID's.

been reading up more on the real ID, and its not a national ID system as i had initially thought, its a set of minimum standard for state-issued IDs

as i mentioned previously, my drivers license already meets those requirements, it also met the requirements for obtaining the ID, so my state wont have to change anything to comply with the real ID act (BTW my state was compliant in 1998 when i got my drivers license, so it seems the requirements are neither new nor extreme)

It seems the requirements are neither new nor extreme

I think the wiki article mentions that somewhere also. I'm not positive though. Either way, the REAL ID is really nothing but a standardized system with maybe a few extra security measures thrown in.

No matter though, the Conspiracy Theorists just claim instead that the fact that it sets national standards for cards makes it a national ID card system.

Although everything else basically is left up to the states.

Would a national ID card have prevented this from happening?

When the real ID was first unveiled in America many critics thought it would make use of RFID technology. I think that is where the author's story came from. Whether using RFID technology was never discussed by the Department of Homeland Security (DHS) or if the DHS scrapped that idea after the public outcry, I'm not sure.

If a national ID card is more secure (notice I didn't say it would be) imagine how much more secure a national ID card containing DNA would be. Like a lot of governmental programs I could see this as a process. I have noticed many governmental programs that make use of gradualism. Although I have to admit I can’t tell if it was planned or if the future leaders of the country picked up where the previous leaders left off.

imagine how much more secure a national ID card containing DNA would be.

Any security benefits are completely outweighed by the dangers of having your damn DNA on your little plastic card in your pocket.

And people bitch about losing there SSN...

If a national ID card is more secure (notice I didn't say it would be) imagine how much more secure a national ID card containing DNA would be.


What would be the point? For that to be of any use as identification, you'd have to provide a DNA sample for comparison on-the-spot. I'm not too sure about the state of the technology, but I don't think a portable and quick DNA analyzer exists.

ETA: Also, you leave samples of your DNA everywhere you go!

Bob Barr, an Amercian conservative has written about his objections to the Real ID law. If his name doesn't ring any bells look at his bio on his web site.

http://www.bobbarr.org/default.asp?pt=newsdescr&RI=918

We remember Barr the former congressman very well here in Georgia. While I don’t care much for his ultra-conservative political views, he is quite sincere about his support for personal liberties. The man does stand on his principles and it was his lack of support for some provisions of the first Patriot Act that caused him to loose his seat in congress when the Bush and the GOP targeted him for defeat in 2002.

I hate the RealID Act and what it will mean for our civil liberties in terms of protection from undue surveillance and the possibility of mistaken prosecution. On top of that, I'm a (computer) security guy and as such tend to err on the side of paranoid in terms of keeping my privacy. When I heard about the use of RFID I began looking into how easy it was to counterfeit-- not surprisingly, the answer is "very easy." If I'm eventually required to have a national ID (since I do travel across the country often enough), I'll definitely be looking into how easy it would be for crooks and suspicious folk to counterfeit the ID.

The biggest flaw in any identification system I have ever read about being introduced is the fact that identity theft is so easy I could probably teach most of you how to do it in the span of a few weeks. The thing all of these identification systems are counting on is that most people just won't go through the trouble to fake anything, and the reality is that people go through that much trouble already.

I have no idea where they are getting these people who come up with these asinine plans, but all they would need is a small committee of real security experts to poke holes in their ideas if they really wanted to know whether their plans were nothing but a costly waste of time (and money).

ETA: Also, you leave samples of your DNA everywhere you go!

Good point, I think that may have been directed.

I'm still not very fond of the idea though, like you said, what would be the point? And for that matter, what's the point of the REAL ID ACT in the first place of most state ID's all ready meet the requirements? Am I missing something here?

If a national ID card is more secure (notice I didn't say it would be) imagine how much more secure a national ID card containing DNA would be. Like a lot of governmental programs I could see this as a process. I have noticed many governmental programs that make use of gradualism. Although I have to admit I can’t tell if it was planned or if the future leaders of the country picked up where the previous leaders left off.


As Cl1mh4224rd mentioned, unless you have some way of easily comparing DNA, it's really not all that secure. Of course, assuming that at some time in the future such technology were available, why would it be a problem to have such data on your card? What could people do with it they can't do now? What could they do with it they couldn't do with the hypothetical DNA scanner?


Any security benefits are completely outweighed by the dangers of having your damn DNA on your little plastic card in your pocket.

And people bitch about losing there SSN...


But that's the point: a SSN is just a number. Once you know it, that's all you need. With a DNA record, even if you had my card, you wouldn't have my DNA. Assuming a DNA scanner could exist, there's no way you could pass yourself off as me (without me helping, at least - Anyone seen GATTACA?).

I just don't see how this is supposed to be some "gradual" step towards some nefarious goal....

There is no "real ID act" in the UK.

And for that matter, what's the point of the REAL ID ACT in the first place of most state ID's all ready meet the requirements? Am I missing something here?
most states, but not all, basically it means, for example, if you are boarding a plane and the person checks your state ID, he doesnt have to sit and think "ok, nebraska, is this valid or does he need a second form of ID?" and then the guy from oklahoma wondering why he needs 2 IDs while the guy from illinois just needs his drivers license

eliminating confusion like this is one of the reasons i support a standardized national drivers license (that and i got fined 500 dollars for selling cigarettes to a guy with a obviously fake michegan drivers license, but i didnt know it was fake because i didnt know what a michegan drivers license was supposed to look like)

But that's the point: a SSN is just a number. Once you know it, that's all you need. With a DNA record, even if you had my card, you wouldn't have my DNA. Assuming a DNA scanner could exist, there's no way you could pass yourself off as me (without me helping, at least - Anyone seen GATTACA?).
this would be fine as long as DNA scans are always done in person, and not via any kind of remote means like over the internet

i woudl expect that should DNA replace the SSN people will want some way of sending the ID over the internet, so there will be a market for USB (or whatever standard we have in the future) DNA scanners, so now you need some way of ensuring the DNA being sent to the remote computer actually comes from your body and isnt simply being passed via software that spoofs a scanner

most states, but not all, basically it means, for example, if you are boarding a plane and the person checks your state ID, he doesnt have to sit and think "ok, nebraska, is this valid or does he need a second form of ID?" and then the guy from oklahoma wondering why he needs 2 IDs while the guy from illinois just needs his drivers license

eliminating confusion like this is one of the reasons i support a standardized national drivers license (that and i got fined 500 dollars for selling cigarettes to a guy with a obviously fake michegan drivers license, but i didnt know it was fake because i didnt know what a michegan drivers license was supposed to look like)

Well, I never said I wasn't for it, honestly, I guess I'm kind of indifferent. I don't see much harm in it, but I don't see much good in it either really, except to avoid situations like yours.

I just don't see why it is such a HUGE issue with privacy advocates. I mean, what privacy is this card invading that I don't know about?

Any security benefits are completely outweighed by the dangers of having your damn DNA on your little plastic card in your pocket.

And people bitch about losing there SSN...The faulty logic in this argument has already been discussed.

Would a national ID card have prevented this from happening?Since nobody answered this question I can only assume that a national ID card wouldn't have prevented this from happening.

most states, but not all, basically it means, for example, if you are boarding a plane and the person checks your state ID, he doesnt have to sit and think "ok, nebraska, is this valid or does he need a second form of ID?" and then the guy from oklahoma wondering why he needs 2 IDs while the guy from illinois just needs his drivers license

eliminating confusion like this is one of the reasons i support a standardized national drivers license (that and i got fined 500 dollars for selling cigarettes to a guy with a obviously fake michegan drivers license, but i didnt know it was fake because i didnt know what a michegan drivers license was supposed to look like)Who represented you in this case? BTW there was a inititive between the states to create standards for the state's ID's before the federal gov stepped in.

There is no "real ID act" in the UK.
Are you saying there isn't currently a national ID system or there is no legislature? The word 'no' makes it hard for me to understand. I feel like we are on completly opposite sides of the world :p
Evidence of consideration. (http://www.nysun.com/article/35295?page_no=3)
| | :covereyes | | (http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2004/11/24/MNG77A0KRL1.DTL)
Semantics. (http://www.casavaria.com/sentido/usnews/politics/2007/07-0730-real-id.htm) Ok, now you are argue that there isn't a nation ID card.

eliminating confusion like this is one of the reasons i support a standardized national drivers license (that and i got fined 500 dollars for selling cigarettes to a guy with a obviously fake michegan drivers license, but i didnt know it was fake because i didnt know what a michegan drivers license was supposed to look like)
I think the first step would be to know how to spell Michigan... ;)

I hate the RealID Act and what it will mean for our civil liberties in terms of protection from undue surveillance and the possibility of mistaken prosecution. On top of that, I'm a (computer) security guy and as such tend to err on the side of paranoid in terms of keeping my privacy. When I heard about the use of RFID I began looking into how easy it was to counterfeit-- not surprisingly, the answer is "very easy." If I'm eventually required to have a national ID (since I do travel across the country often enough), I'll definitely be looking into how easy it would be for crooks and suspicious folk to counterfeit the ID.

The biggest flaw in any identification system I have ever read about being introduced is the fact that identity theft is so easy I could probably teach most of you how to do it in the span of a few weeks. The thing all of these identification systems are counting on is that most people just won't go through the trouble to fake anything, and the reality is that people go through that much trouble already.

I have no idea where they are getting these people who come up with these asinine plans, but all they would need is a small committee of real security experts to poke holes in their ideas if they really wanted to know whether their plans were nothing but a costly waste of time (and money).
By that logic we shouldn't have any forms of ID other than the honor system (you just say who you are), since they can be faked. Do you not see the flaw in your argument?

...snip...

Are you saying there isn't currently a national ID system or there is no legislature?

...snip...

There is nothing like the "real ID" legislation in the UK. The article you quote in the opening post is factually incorrect when it states that

"The real ID act has passed in the US, the UK...."

Considering that such a large part of the "argument" in the article rests on this incorrect fact you will understand why I dismiss the article's arguments and conclusions.



...snip...

The word 'no' makes it hard for me to understand. I feel like we are on completly opposite sides of the world :p
Evidence of consideration. (http://www.nysun.com/article/35295?page_no=3)
| | :covereyes | | (http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2004/11/24/MNG77A0KRL1.DTL)
Semantics. (http://www.casavaria.com/sentido/usnews/politics/2007/07-0730-real-id.htm) Ok, now you are argue that there isn't a nation ID card.

And I'm not arguing that there is no national ID card, it's just a matter of fact that we don't have one in this country.

And I'm not arguing that there is no national ID card, it's just a matter of fact that we don't have one in this country.

Well, they are trying to get a national ID card.
http://news.bbc.co.uk/1/hi/uk_politics/7203740.stm
They're not doing very well at it though.

By that logic we shouldn't have any forms of ID other than the honor system (you just say who you are), since they can be faked. Do you not see the flaw in your argument?

Not at all. The illusion of security is often more dangerous than a well-understood lack of security.

A simple example : if you know you're talking on an open telephone that might be tapped, you will take care not to say anything that you wouldn't want to be overheard. If you are talking on a secure telephone, it doesn't matter what you say. But if you are talking on a telephone that you believe to be secure, and isn't, that's when problems arise.

With the current ID muddle, it's quite reasonable for a sales clerk or security guard to look at a "suspicious" card, not be sure if it's genuine or not, and ask for other ID if necessary. One of the goals of the Real ID scheme is to avoid this -- if your card passes the Real ID validator, then it's genuine and no other information is necessary. In this case, the guard will probably be trained not to ask for further ID and to rely solely on the validator's judgement. Imagine the problems when it turns out there's a simple security flaw and any 15 year old can turn out "valid" IDs on his printer.

As a real example of this, consider the ill-fated Clipper chip initiative, which Matt Blaze broke in less than a week. There are a number of other cryptographic examples I could cite.

With the current ID muddle, it's quite reasonable for a sales clerk or security guard to look at a "suspicious" card, not be sure if it's genuine or not, and ask for other ID if necessary.
In my experience clerks don't ask for ID anyway. A few days before Christmas my mother had her wallet picked from her purse. Within a few hours over $10,000 had been charged on her credit cards, and a few days later over $1,000 was taken from her bank account using a debit card that had been deactivated 2 years earlier! The bank is still trying to figure out how that last one happened.

One of the goals of the Real ID scheme is to avoid this -- if your card passes the Real ID validator, then it's genuine and no other information is necessary. In this case, the guard will probably be trained not to ask for further ID and to rely solely on the validator's judgement. Imagine the problems when it turns out there's a simple security flaw and any 15 year old can turn out "valid" IDs on his printer.
Hey, I prefer biometrics such as a retinal scan. Good luck doing that on a printer! Though someone on another thread claimed that would be faked. :rolleyes:

And frankly, I'd rather have a card that can be verified by a disinterested computer somewhere than by a clerk who's too busy yapping on her cell phone about what Mindy did the other day to bother looking at the picture and hologram.

Our Driver's Licences (http://www.landtransport.govt.nz/roadcode/about-licences/driver-licensing-system.html) would almost past muster too. The only thing that is different to that list to ours is that the adress is optional (if you move a lot then it's pointless having your address on it, or you'd need a new one all the time.) Standardisation seems logical to me, especially with nothing in the way of border controls between States. Having a Driver's Licence that looks similar to other States and has basic ID information on it is neither a National ID card or that I can see a breach of the consitution. Having to prove you really are who you claim to be does seem to be either I would have thought.

been reading up more on the real ID, and its not a national ID system as i had initially thought, its a set of minimum standard for state-issued IDs

as i mentioned previously, my drivers license already meets those requirements, it also met the requirements for obtaining the ID, so my state wont have to change anything to comply with the real ID act (BTW my state was compliant in 1998 when i got my drivers license, so it seems the requirements are neither new nor extreme)

It looks like the Missouri Driver's license passes the requirements as well. So does my US passport, I think. The MO DL has a barcode (partially scrambled) whereas my old Kansas DL had a magnetic strip on the back. The US Passport has a numerical code swipe area on the main information page, similar to the MICR routing and account numbers at the bottom of a check. I'm not sure if the Passport includes my address, though I do believe there's a place where you can pencil it in.

I don't really understand what the argument is against having some sort of national ID. They could make it pretty cool, in fact - Have some standard which is adhered to by each state, but leave each state to add their own holograms and etc., such as the state seal / flag / outline to give a Missouri-produced DL a subtle difference when compared to a Kansas one, for instance.

It would be great for those of us who move around a lot to not have to re-apply for a new DL each time we change states. When I moved back to Missouri from Kansas about 4 years ago, I needed to get a MO one, which basically meant having a new picture taken and giving the state $15. That was roughly 6 months after I had renewed my Kansas DL, which would have been good for the next 7 years, if I had not moved. But they just cut it up.

Link to Missouri License: http://dor.mo.gov/mvdl/drivers/newlicense.pdf

Link to Kansas License: http://www.ksrevenue.org/pdf/public.pdf

There is nothing like the "real ID" legislation in the UK. The article you quote in the opening post is factually incorrect when it states that

"The real ID act has passed in the US, the UK...."

Considering that such a large part of the "argument" in the article rests on this incorrect fact you will understand why I dismiss the article's arguments and conclusions.

And I'm not arguing that there is no national ID card, it's just a matter of fact that we don't have one in this country.
I hope I don't get schooled, but what is this? (http://www.opsi.gov.uk/acts/acts2006/ukpga_20060015_en_1)

I have a government issued Common Access Card (CAC).

Color picture on the front side, along with name, branch of service, expiry date, etc. Also a bar code that kinda looks like black and white television static, plus a memory chip to store your PIN, index finger print, name/address/city/state/physical description.

On the back is a reduced B&W picture of the one on the front, a symbol showing you are an organ donor, a magnetic stripe, and a "regular" bar code.

I need to use it to get on base, enter the building, log on to my computer, etc. I'm already feeling "big brother" more than most people, but honestly, while I wish we didn't need all this security, it's not that big of a disruption to my life (so far).

By that logic we shouldn't have any forms of ID other than the honor system (you just say who you are), since they can be faked. Do you not see the flaw in your argument?

No. You see, a card using RFID, for example, is even less effective than the honor system because I can pull your information from your RF chip simply by walking by you and never even glancing at you. With your current drivers's license, I would have to at least have a copy of it to begin making even a usable facsimile. If I wanted to go to the DMV to have them give me a fresh one of yours, I'd need x number of proofs of ID (depending on the state). That's not to say that a national card is definitely going to use RF (though some passports do), but every time I hear Congress bringing this up they discuss the efficacy of RFID, when it is so poor it should never even enter public debate as a possibility. Furthermore, from a security perspective having loads of separate ID configurations across the different states lowers the available surface area for counterfeiter's, because each different configuration carries with it its own challenges, thus reducing the conceivable area in which a counterfeiter can operate efficiently. Going from state cards to a unified national card is, purely from a security standpoint, exactly the opposite direction in terms of reducing the probability of counterfeiting and efficacy of a tracking program under those conditions.

What does a national ID card solve? Let's take a look:
Identifiability of individuals? Nope, because it's inherently no better than state-issued licenses in terms of stating who a person actually is. Additionally, unless the identification is mandatory for all eligible individuals, one can easily disregard it by never registering. There is no effective advantage in the national cards that isn't already addressed by systems in place, and there is a significant disadvantage by taking those systems already in place and merging them into one bureaucracy-- Department of Homeland Security is a good macro example of how this can lead to mismanagement and gaping holes in the efficacy of such a move.
Ease of travel to other nations? I don't see how, since a passport already handles that problem. There is no fundamental difference between a national ID and a passport, except that current post-9/11 attempts to "secure" the passport-- like sticking RFID chips in them-- have proven to be stupid mistakes that should have had more investigation to them from security experts (and had those recommendations heeded). The RealID, judging by its history and short time in Congress, has not had time to stand up to such scrutiny. Since most of the hijackers (if not all) came into the States with valid foreign passports in the first place, not faked US passports or IDs, this RealID Act seems to not actually address the aspect of security from non-nationals. "Fixing" something that does not necessarily seem to be broken in the first place is the bailiwick of poor assessment and shoddy management, and offers no better security to the individual who must inevitably follow the system.
Security? Once again, nope. I refer again to the fact that the 9/11 hijackers were not pretending to be Americans or American nationals in their attacks, so a system like this would not necessarily apply to them anyway. I also already mentioned the inherent risks to taking multiple separate (and different) ID systems from numerous states and enforcing a nationalized standard increases the surface area of potential counterfeiting, which increases the risk of identity theft among individual citizens.


Homogeneity does not increase security, not internally nor externally. It usually turns out doing exactly the opposite, no matter what the system is that is in place. This is a core principle in the field of security, whether we're talking computer security or physical (door, building, etc.) security or information security. The RealID Act breaks this cardinal rule to put forth the image of creating security, and even worse it does so for no good reason at all (once again, I refer to the 9/11 hijackers' foreign status).

So, since the new system isn't going to actually increase security (and stands a good chance of the opposite), isn't actually going to be improving on our current system of international travel (and will, in fact, add another layer of complexity since other nations still go by passports), and does nothing to increase the identifiability of citizens of the United States within our borders, what is the purpose of the act? The purpose is, apparently, to give the impression of the aforementioned things by doing exactly the wrong thing for each of them, not unlike many measures taken at airports (which hasn't actually improved security if independent and FBI testing is believable).

Flaw in my argument? No, I'm not seeing it. What I'm seeing is a propagation of flawed thinking that doesn't follow real security principles, ostensibly because actually doing so tends to make the work more difficult for those responsible for security.

ETA: And I guess I should qualify-- I've been involved in information and computer security for years, having done consulting for companies in the medical and financial fields, both of which have higher than average levels of necessity for privacy and privileged-only access to information. On the side I study investigation and premises security concepts, though I haven't applied for any PI licenses in any state (not enough money in it compared to my current career). Maybe that gives some insight into why I think the way I do, maybe it doesn't, but I wanted to clarify that I'm not coming at this from some woo angle. On the contrary, most woo-ers have a worse comprehension of basic security principles than even our government officials.

we use RF card access at the office i work at, the range is about 2-3 inches, so in order to "steal" the info from someones RFID card you would probably have to know what pocket the ID is in, and pretty much bump into them to do it (not saying it isnt possible, but its not as simple as just passing them in a hallway)

also, this assumes all pertinent information is transmitted over RF, i would figure it would more likely just send the actual card number, then other info would be pulled from a database and compared to the information displayed on the card itself (like when you use a credit card after swiping the cashier will often enter the last 4 digits to ensure the magnetic strip hasnt been reprogrammed)

What does a national ID card solve?
Whoa there! RealID is NOT a national ID card! There would still be different cards issued by every state, and it certainly would not take the place of a passport for international travel.

All it does is require minimum security features and standardized information for the ID's issued by the various states.

I hope I don't get schooled, but what is this? (http://www.opsi.gov.uk/acts/acts2006/ukpga_20060015_en_1)

It's not a compulsary ID Card, it's for those that want one, similar as our 18+ card (http://www.hanz.org.nz/index.cfm/18_Plus_Cards) for those that want ID for getting into night clubs or pubs, etc, but don't have a driver's licence or other photo ID. The difference the British one is Government run and based on a register of people who apply, ours isn't.

Homogeneity does not increase security, not internally nor externally. It usually turns out doing exactly the opposite, no matter what the system is that is in place.
is there a break-even point for this? i mean, right now IDs are homogeneous within each state, does that decrease security over a system where each county has their own ID? or each town? would each individual creating their own ID be the most secure means of all?

How is Each state providing the same information on their driver's licence akin to a National ID card? (and machine readable just means it has to have something a machine can read, a bar code, a magnetic strip, or a chip.)

Whoa there! RealID is NOT a national ID card!

Woah there, scarecrow! I never said it was a separate card, but it is a homogeneous card format, which means everyone gets a new card. Do try to not get tripped up on false semantics, please.

There would still be different cards issued by every state, and it certainly would not take the place of a passport for international travel.

That just supports what I've already said in my post: it isn't actually addressing any problem, only adding homogeneity, which is ultimately a security liability.

All it does is require minimum security features and standardized information for the ID's issued by the various states.

Like I said, homogeneity. Thanks for repeating but using different words. It doesn't change my opinion that it's a crappy idea for crappy reasons that is more likely to have no benefit or, at worst, make other concerns even worse.

-------

is there a break-even point for this? i mean, right now IDs are homogeneous within each state, does that decrease security over a system where each county has their own ID? or each town? would each individual creating their own ID be the most secure means of all?

I'd say that such a tactic is over-reacting from a security standpoint. There is a point where the level of extremity of a given security tactic becomes unnecessary or even detrimental, and depending on how far you drill down for diversity you can easily reach that point. What I would counter with, instead, is asking what problem the measure is supposed to be addressing. Putting out these standards is a large (and expensive) undertaking-- would those funds have been better put toward other measures instead of trying to re-work the state licensing formats to meet a national set of criteria? Promoting the measure as one of security is indeed not only misleading but downright untrue, to the point that this measure tends to actually go the opposite direction. This is a significant aspect of the legislation with regard to why I find it so offensive as compared to, say, the ridiculousness and inconvenience of the extra steps at airports. While I'm inconvenienced at airports (and I am, as I have between 10-15 lbs of metal hardware in my body) it doesn't hold long-term consequences to me as an individual outside of the fact that I have to get to the airport 30-45 minutes earlier than I used to. With the ID "standards" contained within the RealID, the ability for some jerk with a little bit of counterfeiting skill to steal my identity becomes easier, which places my "stuff" (bank account, credit rating, good standing with law enforcement) at risk.

But the basic question: is there a break-even point? Nope, because while plenty of large organizations (the RIAA, the MPAA, some Federal agencies) might believe otherwise, no system is completely safe and the more monolithic the system the higher the probability that it will be cracked in rather short order. That doesn't exonerate smaller systems, because there is always a hierarchy of effective systems and if the more effective systems compel a sufficient number of people to engage in it, the system becomes monolithic in its own right, meaning it's just a matter of time before it loses efficacy. This concept is pretty much the reason why security experts are always going to have employability as long as there are things that need to be secured.

My big complaint is in the waste of money for the loss of effectiveness. However, that being said I should also point out that my gripes with it are more applicable to the politics forum than the conspiracy theory one, because this isn't a matter of conspiracy and more a matter of government bureaucratic business as usual. This decade's version of $100 hammer's, if you ask me. :)

How is Each state providing the same information on their driver's licence akin to a National ID card? (and machine readable just means it has to have something a machine can read, a bar code, a magnetic strip, or a chip.)

So far, the magnetic strip is the most common "standard" that seems to be in place.

Woah there, scarecrow! I never said it was a separate card, but it is a homogeneous card format, which means everyone gets a new card. Do try to not get tripped up on false semantics, please.
No, it sets minimum standards. It does not require them to be homogenous! I don't know why this is so difficult for you to understand.

No, it sets minimum standards. It does not require them to be homogenous! I don't know why this is so difficult for you to understand.

Here, let me break it down for you: more homogenous != more security. Usually, it means higher likelihood for the opposite. Furthermore, it's a measure to try to "fix" something that wasn't "broken" to begin with-- yet more reason to be dubious about its efficacy. It offers nothing new in its implementation outside of greater homogeneity (and a big, fat bill that you and I get to pay for through taxes).

I don't know why this is so difficult for you to understand.

I don't understand what the big deal is. I think it would be kinda cool to gradually migrate toward a set format for ID's and DL's nationally. First, you set minimum standards for the type of information and how it's provided, then you set a standard for the format of how it's presented. Then you can create a template that each state or other licensing agency can adopt. At their own choice, of course.

But if you had the same basic color scheme / format / design / etc with the same information provided, you could have the states or other issuing agent only slightly alter the ID card to show where it originated, with a hologram or what not.

Bartenders and TSA and other people that need to see ID's all the time wouldn't have to be put out to know what the various state ID's look like individually. But, you could still have the states issue them seperately.

Woah there, scarecrow! I never said it was a separate card, but it is a homogeneous card format, which means everyone gets a new card. Do try to not get tripped up on false semantics, please.

its not a homogenus format, its a homogenus standard, its not semantics, they are 2 different things, as has been mentioned already in this thread many states already meet the required standards, therefore those people wont need to get a new card as the existing ones are already up to snuff

I hope I don't get schooled, but what is this? (http://www.opsi.gov.uk/acts/acts2006/ukpga_20060015_en_1)

The legislative framework for a "national ID card". However we still don't have one....

The legislative framework for a "national ID card". However we still don't have one....

And hopefully we never will. Not from any civil liberties side of things, but almost entirely because the government and its contractors have an appallig track record when it comes to large IT projects and I would fully expect their "ultra secure" database to be available for purchase on the internet within a few weeks of going live...after having spent several times what they were originally quoted as being able to produce the system for, of course.

Call me cynical...:)

its not a homogenus format, its a homogenus standard, its not semantics, they are 2 different things, as has been mentioned already in this thread many states already meet the required standards, therefore those people wont need to get a new card as the existing ones are already up to snuff

I can name two state's I've lived in since the RealID Act first began moving forward through Congress who have had drastic changes in their ID, and have shifted formats to meet the standards, thus requiring new issuance of cards.

What needs to be understood is that I don't agree with the "no big deal" argument about the act. It was a big deal because it cost a lot of money to put together and issue a set of criteria that are ultimately not going to offer any benefit outside of maybe being able to buy beer or smokes out-of-state more easily-- they can just slide your DL through a magnetic reader now in most places. The detriments, IMO, outweigh such perceived benefits and the money spend campaigning and developing this was a waste. Say what you will, but the RealID Act was pushed through with a promise of security, and it is nothing of the sort.

Is it some NWO conspiracy to control our lives and take over our precious bodily fluids? Of course not, that's ridiculous. All it is in reality is just another shining example of how using "security" in the description and invoking 9/11 in our government processes can manage to get all manner of counter-intuitive and wasteful legislation through the system. Like I said, it's a political argument, not a conspiracy theory one. Just because conspiracy theorists bring it up for goofy reasons does not mean the legislation is nothing to be concerned about in other contexts.

I can name two state's I've lived in since the RealID Act first began moving forward through Congress who have had drastic changes in their ID, and have shifted formats to meet the standards, thus requiring new issuance of cards.
yes, some states will need a new formats, but your statement that "everyone gets a new card" is not accurate, additionally the format is not nationally homogenus, each state is simply updating their own cards, my state did this a little over 10 years on its own accord, and i dont recall anyone complaining of the cost

GreNME,

What do you make of the U.S. government's Western Hemisphere Travel Initiative? That's essentially the U.S. requiring that other countries' ID meet the security standards set out by the U.S.

yes, some states will need a new formats, but your statement that "everyone gets a new card" is not accurate, additionally the format is not nationally homogenus, each state is simply updating their own cards, my state did this a little over 10 years on its own accord, and i dont recall anyone complaining of the cost

If you want to get down to semantics, we could go through each state's card changes over the last five years-- it's been five years since the RealID Act, yes?-- and we can take a look at how many had to make changes in format.

But that's pedantic. The fact is, "nothing to see here, folks" is not an adequate or intellectually honest dismissal of the issue.

-------

GreNME,

What do you make of the U.S. government's Western Hemisphere Travel Initiative? That's essentially the U.S. requiring that other countries' ID meet the security standards set out by the U.S.

It is stupid, and if any American ever wonders why many people in other nations think 'Mericans (in general, not specific) are huge honking a-holes this can go on the list of reasons.

Once again, however, none of this actually addresses the main concern I expressed, nor does it explain how the act is anything but a useless waste of money. If you would really like to, then I would caution you ahead of time that it's more a political issue than a CT one, so perhaps the CT forum is not the most proper location for such a discussion.

I will, however, comment that I think it's interesting in that there is almost a knee-jerk reaction in some things that CT-ers complain about, leading many here to dismiss as harmless or accept without bother things that really should be a genuine concern, just not for conspiracy theory reasons. This is why this is not the first time I'm pointing out that my complaints about the act are political, not conspiracy theory fodder. Go ahead and look back a few years in congressional archives or news mentions of the act, and you'll see that it was campaigned as a security measure. It is not a security measure, and actually fails the litmus of providing anything worthwhile as a security measure (while arguably providing a vector for less secure IDs). You don't have a problem with that, then that's cool with me. That doesn't mean that my gripes aren't valid ones.

If you want to get down to semantics, we could go through each state's card changes over the last five years-- it's been five years since the RealID Act, yes?-- and we can take a look at how many had to make changes in format.

But that's pedantic. The fact is, "nothing to see here, folks" is not an adequate or intellectually honest dismissal of the issue.
so why dont you find out how many have had to change? we already know it isnt "everyone" but maybe we can see if its a majority or not

my state changed because previously it was little more than a laminated piece of paper with your picture, when laser printers and photo editing software became common at the consumer level they were just too easy to fake, so the state quickly changed to something more secure, i honestly didnt know any states were still using less secure ID systems

but i got a better solution, states that dont want to make more secure IDs are welcome not to, but their residents arent allowed in airports anymore, lol

GreNME-- you're in the field of computer security?

Then can I assume that you would rather allow access to network resources using workgroup-level controls and share-level authentication, as opposed to using a domain controller and user-level authentication? Because that's what you're arguing here, that each state be allowed to implement its own security policies rather than have a single, consistent policy. Which is all the RealID is doing-- implementing a consistent security policy for access to shared resources.

You know, the obvious agrument is that most countries have a single licence format, the US is unquie in not doing so, and that format doesn't adversely affect their security, in fact I do believe that it makes it better because it means that you have to reach a certain standard to counterfeit that ID. I know I'd feel a heak of a lot safer knowing that a 15 year old could just print off an acceptable looking out of state ID and walk into a gun store with it.

How is Each state providing the same information on their driver's licence akin to a National ID card? (and machine readable just means it has to have something a machine can read, a bar code, a magnetic strip, or a chip.)

That's exactly what the Real ID Act specifies - a series of standards for state issued IDs that will allow your data to be looked up anywhere where your card turns up, and a minimum set of data to be accessed in that manner.

States are facing various federal mandates to comply by the end of 2009, I think. Like, none of their citizens can get on a plane. "You think you used enough dynamite there, Butch?"

And yes, it's not mandatory - at least, not yet, and not as long as you don't want to ride an airplane or visit another country. It won't, of course, stop there, and eventually everyone will have to have one. Hell, even all your animals will have to have one - the USDA has been working that end since 2002.

That's exactly what the Real ID Act specifies - a series of standards for state issued IDs that will allow your data to be looked up anywhere where your card turns up, and a minimum set of data to be accessed in that manner.
umm, i dont know about your drivers license but mine has all that data printed right on the card, so of course its accessible wherever the card turns up, you just look at it and read

It won't, of course, stop there, and eventually everyone will have to have one.
how long have drivers licenses and state IDs existed? did they ever decide to require everyone to have one? if not, why would this be different?

how long have drivers licenses and state IDs existed? did they ever decide to require everyone to have one? if not, why would this be different?According the Real ID law as it has been passed, you will not be able to enter a federal building or fly on a plane without this ID. That requires all people to have this ID if they want to participate in society.

According the Real ID law as it has been passed, you will not be able to enter a federal building or fly on a plane without this ID. That requires all people to have this ID if they want to participate in society.
you arent participating in society if you dont fly on planes and visit federal buildings? society sure has changed

using that logic you could equally argue that one cant participate in society without being able to drive a car, thus requiring a drivers license

You know, the obvious agrument is that most countries have a single licence format, the US is unquie in not doing so, and that format doesn't adversely affect their security, in fact I do believe that it makes it better because it means that you have to reach a certain standard to counterfeit that ID. I know I'd feel a heak of a lot safer knowing that a 15 year old could just print off an acceptable looking out of state ID and walk into a gun store with it.

You don't know much about counterfeiting, I see. :)

People haven't been able to print off out of state licenses for somewhere between 15-20 years. Most states already had programs that would change the format or the presentation of a card when weaknesses were found. Those who might claim it's just paper with laminate covering apparently never tried to create a convincing duplicate-- sure, you could fool a liquor store or bar here or there, but more than 10 seconds of scrutiny would usually show a fake (maybea minute if you're not skilled). For some states the license numbers gave you pertinent information you could verify really quick-- in New Jersey, for instance, the first four characters of the last group of characters (NJ license numbers have three sets of five characters) has your month and year of birth, something sloppy counterfeiters miss easily. That's just one example among many of the easy stuff, not even getting into the embossing or stamped laminates that you can't necessarily get done at home (and probably not even the local Kinkos).

I'm not saying that making counterfeit licenses was ever really hard, because it wasn't. The thing is, it's no more difficult today than it was 10, 15, 20, or more years ago. The only difference between then and now is that counterfeiters previously had to be able to either match multiple different standards to pull off a convincing fake, while nowadays a card in NJ isn't significantly different than a card in TX, which looks a lot like a card from CA or PA. Things haven't gotten more difficult for counterfeiters, they've gotten less so*.


umm, i dont know about your drivers license but mine has all that data printed right on the card, so of course its accessible wherever the card turns up, you just look at it and read

Then why put a machine-readable mag strip on the back? Does anyone think that those things are safe or unreadable by someone with enough savvy to get a card reader and some software to read the strip? How do you think identity thieves who copy credit and debit cards do it**?

I know I keep repeating myself with this, but once again i want to point out I'm not talking about conspiracy theory crap here, I'm talking about security regarding identifying information. I don't give a crap about some fantasy NWO or whatever organization some paranoid wants to fear, I'm talking about the real issue of identity theft and the ease with which counterfeiters and criminals are taking advantage of the ignorance of government agencies who think these technologies are somehow providing added security and safety by requiring them. It's stupidity on the part of the groups campaigning for them because of the inherent weaknesses in the tech, and it's going to be a huge waste of money when later on the government is going to have to begin enacting measures to combat it. In 2002 alone, there was more than $50 billion dollars in costs (source (http://www.ftc.gov/os/2003/09/synovatereport.pdf), pg 6) were due to identity theft based mostly on credit card and account theft (same source (http://www.ftc.gov/os/2003/09/synovatereport.pdf), pg 7), and if you think the same risks aren't going to transfer over to government-issued IDs then you're either stupid or naive. I'm not too keen on the idea of having to pay through my taxes for the decision of the government to use a known (source (http://www.pirg.org/consumer/banks/debit/fact.htm)) costly and flawed system of identification that already costs millions of individuals billions of dollars a year from losses-- and that's not counting the hundreds of millions (or more) that is spent on prevention and countermeasures (like credit monitoring services).

That doesn't mean there aren't standards out there that are effective and worthwhile, though. There definitely are-- the DoD standards for electronic storage of information and risk management are actually pretty effective, for instance-- but the RealID Act doesn't even come close to meeting those standards. Most times it's because such standards require steps that would be inconvenient, but usually it's because usually it's because it requires a diversion from systems we're generally already familiar with. Like I said, it's political.


* actually, convincing counterfeiters actually use real personal data from identity theft to get "legitimate" driver licenses nowadays. The most fool-proof way to bypass "security" checks is to provide state-issued IDs, which makes the issue more about identity theft than people using home-printed IDs to perform crimes.

** Chances are you probably think it doesn't have to do with the magnetic strips. You'd be wrong (http://www.dedhamsavings.com/index.php?option=com_content&task=view&id=83) about it. It's called ATM skimming (http://www.securitymagazine.com/CDA/Archives/bed16f39454d8010VgnVCM100000f932a8c0) and it's becoming a real problem with information and identity security.

Then why put a machine-readable mag strip on the back? Does anyone think that those things are safe or unreadable by someone with enough savvy to get a card reader and some software to read the strip? How do you think identity thieves who copy credit and debit cards do it**?
actually if you read up the thread a bit ive mentioned credit cards that have had their magnetic strips reprogrammed, and when you make a purchase the cashier enters the last 4 digits printed on the card to ensure they match what was read from the strip

but again, why does a tech-savvy identity thief need to read the magnetic strip at all? the information is printed RIGHT ON THE DAMN CARD

to answer your question about the magnetic strip, why have it on anything? why is it on credit cards? debit cards? frequent shopper cards? the answer is simple, to allow someone to quickly enter the information into a computer system without having to type it all out, and as mentioned previously comparing to the information physically printed on the card is just another measure against forgery


honestly all the problems you cite with the real ID standards exist with state IDs today, so why arent you gung ho anti state IDs too? or are you?

actually if you read up the thread a bit ive mentioned credit cards that have had their magnetic strips reprogrammed, and when you make a purchase the cashier enters the last 4 digits printed on the card to ensure they match what was read from the strip

but again, why does a tech-savvy identity thief need to read the magnetic strip at all? the information is printed RIGHT ON THE DAMN CARD

Because people tend to form habits, and when the habit becomes relying on trusting a magnetic strip instead of scrutinizing yourself the ability to bypass security checks becomes an order of magnitude easier.

to answer your question about the magnetic strip, why have it on anything? why is it on credit cards? debit cards? frequent shopper cards? the answer is simple, to allow someone to quickly enter the information into a computer system without having to type it all out, and as mentioned previously comparing to the information physically printed on the card is just another measure against forgery

It's on credit cards today because it was early on, and banks decided about 20 years ago that it would be too costly to change the mechanism to a more secure method. A few card companies have actually tried also implementing a chip with the card, but it's expensive and people were still using the magnetic strips anyway (not to mention one implementations of the chip was RFID, which is even less secure). There are more secure methods of doing exactly what the magnetic strips on the cards do, but the changes would be sufficiently costly to the card banking business that such costs would have to be offset by increasing costs to consumers, which would go over about as well as a roast pig at a bar mitzvah.

honestly all the problems you cite with the real ID standards exist with state IDs today, so why arent you gung ho anti state IDs too? or are you?

You really don't get it. What I'm against is moving toward a known flawed and unsafe system that is already heavily documented as being a costly and weak method, especially when the option to choose better systems were present and the same costs that would prevent banks from switching aren't necessarily present. They intentionally and with full knowledge chose a system that has for the last ten years cost hundreds of billions of dollars in losses in the financial sector. Heck, for the first couple years of this RealID debate they even talked about using RFID, until enough security people made enough of a stink about it and a few open-source activists decided to show just how easy it was for the average person to not only steal RF information but actually duplicate it.

What I'm against is stupidity claiming to be in the name of security. You can't secure everything, that's just a basic fact, but actively choosing stupidly insecure and risky systems is imcompetence on a national level. It just happens to be an issue that's still mostly discussed in language that contains enough technical jargon that enough people get bored with it quickly, which is the only reason something like the RealID ever got passed in the first place.

Because people tend to form habits, and when the habit becomes relying on trusting a magnetic strip instead of scrutinizing yourself the ability to bypass security checks becomes an order of magnitude easier.
and when that happened with credit cards they stopped relying solely on the strips, you think the IDs will take a step backward then?

You really don't get it. What I'm against is moving toward a known flawed and unsafe system that is already heavily documented as being a costly and weak method, especially when the option to choose better systems were present and the same costs that would prevent banks from switching aren't necessarily present. They intentionally and with full knowledge chose a system that has for the last ten years cost hundreds of billions of dollars in losses in the financial sector. Heck, for the first couple years of this RealID debate they even talked about using RFID, until enough security people made enough of a stink about it and a few open-source activists decided to show just how easy it was for the average person to not only steal RF information but actually duplicate it.

What I'm against is stupidity claiming to be in the name of security. You can't secure everything, that's just a basic fact, but actively choosing stupidly insecure and risky systems is imcompetence on a national level. It just happens to be an issue that's still mostly discussed in language that contains enough technical jargon that enough people get bored with it quickly, which is the only reason something like the RealID ever got passed in the first place.
so what would you suggest be done instead? no changes? different changes?

and when that happened with credit cards they stopped relying solely on the strips, you think the IDs will take a step backward then?

How many times a day do you use a credit/debit card? Of those, how often are you asked for ID? If the answer is greater than fifty percent then either you don't use your card(s) that often or you are extremely lucky.

so what would you suggest be done instead? no changes? different changes?

What would I suggest being done? Honestly? Not using mag strips, for one. When the option is to either go forward with spending money on a known-flawed system and not spending money until a more secure method is worked out, I go with the "not wasting money" choice almost every time. This legislation was passed in a knee-jerk fashion because of people exclaiming "something needs to be done" without first taking time to properly assess and evaluate the options and information (ironically, not unlike the way many Truthers come to their conclusions). I've not taken the time to work out a nationally-employable set of standards myself as an alternative to the RealID Act for two reasons: 1) it's a fantasy experiment because I am not in any position for it to even be looked at by someone who could make a decision one way or the other, let alone pass it on to someone who can; 2) the choice should be looked at as one of "which system should we spend money on?" but instead what should be asked is whether it is worth it to spend money in the first place if the most well-known systems are fraught with flaws and costly holes that will bite us in the rear later.

Tell me: when shopping for something, do you buy the first thing you see that claims to meet your needs but you know probably won't, or do you hold on to your money until you find something that actually does what you want? It's a simple concept, and my gripe is that the whole thing was a waste of money that is going to cost us more in the long run than having simply waited in the first place and looking into the possibility of better systems. The RealID Act is akin to someone popping into a used car lot and dropping their money on a car they know is notorious for breaking down quickly and requiring costly repairs, all because that someone felt they needed a car ASAP and didn't want to wait until they could find a more reliable car. It's irresponsible and stupid.

Tell me: when shopping for something, do you buy the first thing you see that claims to meet your needs but you know probably won't, or do you hold on to your money until you find something that actually does what you want?
it depends how badly i need something

for example im building a new computer and i want to get it running before the return period expires on all the parts, but i cant afford the video card i want yet, so i purchased a cheaper one as sortof a stopgap, i believe the same logic applies to the real ID act, perform necessary upgrades to system that are the least secure to bring them up to minimum standard, then continue to upgrade all systems as new technology becomes available

using your used car analogy, it would be losing your car (theft, accident, whatever) then dropping 200 dollars on a used car so you can at least get around until you find the actual car you want

Not using mag strips, for one.
nowhere does the real ID act require magnetic strips, my state for example uses a barcode

The legislative framework for a "national ID card". However we still don't have one....The British had a compulsory ID card during World War I and II. I do give them credit because it was abolished after the war.

A new requirement for a national ID card was passed by your leaders in 2006. I guess the distinction of whether you have a national ID card or not is debatable. While not enforced, within my understandings of your legal system it is a valid law.

you arent participating in society if you dont fly on planes and visit federal buildings? society sure has changed

using that logic you could equally argue that one cant participate in society without being able to drive a car, thus requiring a drivers licenseThe Amish do fairly well participating in the local economy without a drivers license. They could always “Take the Bus!”

The reason I engaged in a conversation with you is because a poster here suggested that the use of this card would increase. This led to you asking if an ID card was a requirement. That is why I gave the requirement examples.

The British ID cards went from 3 functions during World War II to 39 by the time it was abolished. I believe that eventually an ID will become a requirement. In my opinion this is a function of a police state. Are you OK with that?

I believe that eventually an ID will become a requirement. In my opinion this is a function of a police state. Are you OK with that?
and i dont believe that it will become a requirement, my example that existing IDs and drivers licenses never became a requirement still stands

it depends how badly i need something

For a long-term investment? Remind me to never take advice from you on money or security matters.

for example im building a new computer and i want to get it running before the return period expires on all the parts, but i cant afford the video card i want yet, so i purchased a cheaper one as sortof a stopgap, i believe the same logic applies to the real ID act, perform necessary upgrades to system that are the least secure to bring them up to minimum standard, then continue to upgrade all systems as new technology becomes available

You can believe whatever you want, but that is a completely incorrect analogy. Using your computer parts analogy, it would be like you buying a certain memory stick to get it up and running, only to find that the memory stick doesn't work well with the bus on the motherboard you're using, requiring you to either find a better chip or replace the motherboard altogether.

using your used car analogy, it would be losing your car (theft, accident, whatever) then dropping 200 dollars on a used car so you can at least get around until you find the actual car you want

Not if the $200 car you buy winds up costing you in repair as much as a down payment on a new, better-engineered car.

nowhere does the real ID act require magnetic strips, my state for example uses a barcode

Which is basically the same thing as a mag strip, only requiring less (and cheaper) equipment to read/copy. The fact that there is anything like that on government-issue ID cards at all is ridiculous.

You can believe whatever you want, but that is a completely incorrect analogy. Using your computer parts analogy, it would be like you buying a certain memory stick to get it up and running, only to find that the memory stick doesn't work well with the bus on the motherboard you're using, requiring you to either find a better chip or replace the motherboard altogether.

Not if the $200 car you buy winds up costing you in repair as much as a down payment on a new, better-engineered car.

you missed my point both times

1: the idea is always to get the better chip when you can afford it (when the technology becomes available in the case of IDs) but the cheap one gets it running so you everything else is working

2: you would be getting a new, better-engineered car before the 200 dollar one needs any repairs, again, its not intended as a long term solution

Which is basically the same thing as a mag strip, only requiring less (and cheaper) equipment to read/copy. The fact that there is anything like that on government-issue ID cards at all is ridiculous.
why? regardless of how easy it is to copy it still provides a second layer of security, whats on the strip must match whats on front of the card

also as i mentioned earlier it makes it faster to store the information in a computer for bookkeeping purposes, maybe its a good thing maybe it isnt, but i dont know many people who would be content to wait around while everything is written down manually


the reason i had asked you previously if you had a better idea was to find out if there was a better system, and it seems there isnt, so the 2 choices are

1: wait around until some magic new perfectly secure technology emerges and jump on it

2: begin to increase the security of states with less secure systems, while still waiting around for option 1

is there a third option?

you missed my point both times

1: the idea is always to get the better chip when you can afford it (when the technology becomes available in the case of IDs) but the cheap one gets it running so you everything else is working

2: you would be getting a new, better-engineered car before the 200 dollar one needs any repairs, again, its not intended as a long term solution

1. You're attributing motives (for the bill) where none like that can be verified. This was campaigned as an answer, not a stopgap.

2. You seem to have misunderstood my explanation. The figurative used car would require the repairs immediately because of existing conditions to it, not upcoming ones. If the time frame was sufficiently short to getting a new automobile that dumping the used one was worthwhile, it would be just as economical to either rent one or simply use public transportation. There are always better alternatives to wasting money.


why? regardless of how easy it is to copy it still provides a second layer of security, whats on the strip must match whats on front of the card

False security is not another layer of security. It's only the impression of security to the ignorant or naive.

also as i mentioned earlier it makes it faster to store the information in a computer for bookkeeping purposes, maybe its a good thing maybe it isnt, but i dont know many people who would be content to wait around while everything is written down manually

There are more secure ways of doing it. Bloody hell, even the identification systems for dollar bills are more sophisticated (and would hold the same amount of info as the front of a DL).

the reason i had asked you previously if you had a better idea was to find out if there was a better system, and it seems there isnt, so the 2 choices are

1: wait around until some magic new perfectly secure technology emerges and jump on it

2: begin to increase the security of states with less secure systems, while still waiting around for option 1

is there a third option?

Just because I didn't give you an alternative doesn't mean that one doesn't exist. More importantly, however, just because I didn't give an alternative doesn't mean that there was necessarily a need for an "answer" to a problem that doesn't exist. It was a knee-jerk legislation to appease panic-- never a good environment to start enacting legislation.

The figurative used car would require the repairs immediately because of existing conditions to it, not upcoming ones.
not in my hypothetical scenario, the car wouldnt require any repairs to get you around long enough for you to find a better one (and if you think this is impossible or unnecessary i can tell you havent shopped for cars much)

it would be just as economical to either rent one or simply use public transportation.
renting would be economical if you find a new car you want in under a week, public transportation is only useful if your home and destinations are all accessible via public transportation

False security is not another layer of security. It's only the impression of security to the ignorant or naive.
its 2 means to determining the information on the card, would you mind explaining to this ignorant and/or naive person how that can be less secure?


also, does this means states that had adopted such systems before the real ID act should revert to previous systems?

not in my hypothetical scenario, the car wouldnt require any repairs to get you around long enough for you to find a better one (and if you think this is impossible or unnecessary i can tell you havent shopped for cars much)

I already said your hypothetical isn't reflective of the reality.

renting would be economical if you find a new car you want in under a week, public transportation is only useful if your home and destinations are all accessible via public transportation

You're making excuses and moving further from the point while doing so (whether deliberately or not).

its 2 means to determining the information on the card, would you mind explaining to this ignorant and/or naive person how that can be less secure?

No, but I can explain to you how it is false security. You see, "determining the information on the card" isn't necessarily a security measure, and in the ways it could be argued as a security measure such mechanisms don't actually offer any real security due to inherent weaknesses. I am pointing out that, much like asking people to discard their bottled beverages while in line for airport security-- usually in a bin or on a table right next to the people in line-- is built on a false sense of security as far as its practice goes. It's a way to show or "do" something without having to actually prove results and based on questionable assertion of cause/effect, just as effective as me telling you that my belt buckle keeps away hornets because I have not been stung by a hornet since I got my new belt.

also, does this means states that had adopted such systems before the real ID act should revert to previous systems?

Are you seriously not reading what I'm saying? I'm saying there shouldn't have been such a hurry to waste a boatload of cash on something that basically has no actual practical usefulness in terms of security-- and doesn't replace a passport, so it pretty much rules out easier travel, too. In fact, the best case scenario in the arguments I've seen here are that it's now more difficult for a teenager to make a fake ID and buy beer. Do you really think it was worth enacting federal legislation and all of the inherent costs involved for that?

Are you seriously not reading what I'm saying? I'm saying there shouldn't have been such a hurry to waste a boatload of cash on something that basically has no actual practical usefulness in terms of security-- and doesn't replace a passport, so it pretty much rules out easier travel, too. In fact, the best case scenario in the arguments I've seen here are that it's now more difficult for a teenager to make a fake ID and buy beer. Do you really think it was worth enacting federal legislation and all of the inherent costs involved for that?are you seriously not reading what im saying? what "hurry" was there before the real ID act was passed? why did many states begin using IDs with magnetic strips and barcodes years before they were required to? and should they be revert to their previous systems?

EDIT: in fact i suspect the read ID standards were chosen because most states already met them

EDIT: in fact i suspect the read ID standards were chosen because most states already met them

Isn't that just another way of pointing out why enacting the legislation was useless?

Isn't that just another way of pointing out why enacting the legislation was useless?
except for the states that didnt meet the standards

Side Note: The REAL ID act also requires higher evidenciary standards in all applications for asylum (and withholding of removal and deferral of removal) filed on or after May 1, 2005. It codified some existing case law on the subject.

Also IIRC, it included some of the funding for the boarder fence.

It actually covered three different areas, not just id standardization.

It's on credit cards today because it was early on, and banks decided about 20 years ago that it would be too costly to change the mechanism to a more secure method. A few card companies have actually tried also implementing a chip with the card, but it's expensive and people were still using the magnetic strips anyway.

I take it you haven't been to Europe recently? Chips are almost universal. Pretty much the only reason cards still have magnetic strips is so that we can go on holiday to countries that still use them. I haven't seen a shop use a strip reader in years.

A new requirement for a national ID card was passed by your leaders in 2006. I guess the distinction of whether you have a national ID card or not is debatable. While not enforced, within my understandings of your legal system it is a valid law.

As already stated, there is no national ID card. They will start phasing one in in 2010 for new immigrants, and plan to make it compulsory to get one with a passport from 2012. However, there is essentially no chance of that actually happening, and the dates have been constantly pushed back.

It's on credit cards today because it was early on, and banks decided about 20 years ago that it would be too costly to change the mechanism to a more secure method. A few card companies have actually tried also implementing a chip with the card, but it's expensive and people were still using the magnetic strips anyway.

I take it you haven't been to Europe recently? Chips are almost universal. Pretty much the only reason cards still have magnetic strips is so that we can go on holiday to countries that still use them. I haven't seen a shop use a strip reader in years.

A new requirement for a national ID card was passed by your leaders in 2006. I guess the distinction of whether you have a national ID card or not is debatable. While not enforced, within my understandings of your legal system it is a valid law.

As already stated, there is no national ID card. They will start phasing one in in 2010 for new immigrants, and plan to make it compulsory to get one with a passport from 2012. However, there is essentially no chance of that actually happening, and the dates have been constantly pushed back.

Oy freaking vey.

Yes, Cuddles, I know that there are instances where chips have been implemented, which is why I mentioned them. Apprently, US companies are too lazy or scared to go at it with enough convinction to change the current practices of using strips. We know it can be done, and why the banks didn't switch over to it is honestly beyond me.

Want to hear something funny, though? Gasoline stations (Sunoco, Tetco, Exxon) that have cards, however, have begun using the chip technology in implementations here in the States. I've been amused for the couple years I've seen them that there's enough impetus for gas stations to go to a better standard than banks, where we keep our money. Obviously, being able to gas up, grab smokes, and get a six pack or a bag of Doritos is more important than keeping our bank accounts more secure. :)

Want to hear something funny, though? Gasoline stations (Sunoco, Tetco, Exxon) that have cards, however, have begun using the chip technology in implementations here in the States. I've been amused for the couple years I've seen them that there's enough impetus for gas stations to go to a better standard than banks, where we keep our money. Obviously, being able to gas up, grab smokes, and get a six pack or a bag of Doritos is more important than keeping our bank accounts more secure. :)
maybe im just living in the wrong metropolitan area but the only gas stations around here that have anything other than magnetic strips use RFID, and i think we established that was a step backward

You might be right for some of them. I don't use them, so they may very well be that way for some of them. Doesn't Exxon have those pads on the tanks now where you wave the card or keyfob in front of it to pay? Those definitely seem like RFID, in which case you're correct.

By the way, defaultdotxbe, I mistakenly used a quote attribution tag to you from this thread in replying to someone else on a different thread. My apologies on that.

You might be right for some of them. I don't use them, so they may very well be that way for some of them. Doesn't Exxon have those pads on the tanks now where you wave the card or keyfob in front of it to pay? Those definitely seem like RFID, in which case you're correct.
yeah, exxon, mobil, and i think shell use RFID keytags linked to a credit card
http://images.motortrend.com/features/auto_news/112_news050523_speedpasss.jpg

even mcdonalds used the speedpasses for a bit, but then phased them out, shame too, thats something id have gotten one for, lol

I read a recent issue of "Logistics Today" (http://www.logisticstoday.com/) that the Department of Homeland security is going to require truck drivers who enter US ports to have RFID IDs in the near future.

Armed police arrested a man listening to his MP3 player and took a sample of his DNA after a fellow commuter mistook the music player for a gun....Police tracked 28-year-old Nixon using CCTV, sending three cars to follow him. When he got off the bus, armed officers surrounded him... (http://www.guardian.co.uk/uk/2008/feb/13/ukguns.police)It appears that the requirement to give your DNA to the authorities has already made its way to the UK.

As already stated, there is no national ID card. They will start phasing one in in 2010 for new immigrants, and plan to make it compulsory to get one with a passport from 2012. However, there is essentially no chance of that actually happening, and the dates have been constantly pushed back.Ok ok, your government wants to set up a National Identity Register, containing biometric details of every British subject. You aren't required to carry a national ID card, yet. A subtle difference imo.

Ok ok, your government wants to set up a National Identity Register, containing biometric details of every British subject. You aren't required to carry a national ID card, yet. A subtle difference imo.

Not that subtle. The important points are "wants to" and "yet". The really important point being that you can't always get what you want. Not even all the governing party actually support the idea, and pretty much none of the opposition do. The whole plan has been a complete shambles that has been back tracking and being pushed further and further into the future ever since it was thought up. It's just not going to happen.

Even on the very small chance that it does happen, the register and card would still not be compulsory, since they would only be required for people who get a new passport. Aside from the fact that many people never go abroad at all, you no longer need passport to vist anywhere in the EU, which is where the vast majority of British people go if they do go abroad.

That said, I personally don't have a problem with a national ID card anyway. I already have a driving license and a passport. My only complaint is that I'd be forced to pay for a card which wouldn't be any different from two things I already own.