> What's the big deal with a national ID card? > It would prevent voting fraud. > It would help transparency in many other ways - So, why not? > Well, I guess it can be used for government control, and not > always in benign ways. True enough. > But right now there *are* many ways for the government to do > just that - there are lots of IDs issued by the federal and > state governments - passports, driver licences, SSN, birth > certificates... > Are you people so sure that unifying that into a single > national ID would make the risks much worse? > Here I suggest it would increase the transparency of the > system without reducing the privacy much more than it already > has been.
Here is the problem with a national ID card..... The federal facility that I work at uses a secure Common Access Card, affectionately known as the "CAC". This is the same card that most DoD and military personnel use and is the precursor to the national ID card. This card has an embedded chip with selected pieces of personal information: SSN, birthday, blood type, etc. These cards are used to get computer access at virtually every computer in this building (about 3000+ computers). To use the CAC to access a computer, the user has to have the CAC and their Personal ID Number (PIN). The CAC is placed in a reader that is on EVERY computer, the computer prompts the user for a PIN number and then authenticates the PIN number and the certificate on the CAC with a central server. The PIN and the cert on the CAC must match the PIN and cert on the server for access. Except for the rocket scientist users that write their PIN on the CAC with a permanent marker (which is highly illegal) it is a VERY secure system. Even if someone steals or finds a CAC, it is useless without the PIN. It would not be impossible to forge a card, but it would be significantly more difficult to place an authentic cert and PIN on the server to use a forged card. It would require a major hacker or an inside person. About 3 months ago, the server, that authenticates the CAC, experienced a problem that made the server think that all CAC certs had expired. For TWO days, there were 15,000+ federal employees sitting at their desk doing nothing because they could not access ANY computer system in the building. The short term fix was to disable the CAC requirement, therefore making the entire system useless. Imagine this, all citizens have a federal ID card. To make it secure and worthwhile, it must be verified by a centralized authority (if not, what's the point, anyone could forge a fake?) You go to buy something at the store, or renew your license, or get medical treatment, and your national ID card won't authenticate because there are server problems / power failure / hardware or software issues, etc - you get the point. Then you are stuck. Disabling the authentication process defeats the purpose of the system. If there isn't some sort of centralized authentication, then the cards can EASILY be forged by anyone with a good computer, and again there is no point to the system. So do you really want to be in a position of not being allowed to buy groceries because your local Kroger store had hardware problems? Or because there was a power failure or backbone failure between you and the centralized authentication authority? A national ID card sounds like a good idea in theory, but the technology is nowhere near reliable enough to make this a reliable system. By the way, a while back I posted an article about Donald Rumsfeld wanting to make it MANDATORY for every computer sold in the US to require a secured card to allow use - even home computers. I can dig up that article if anyone is interested. Gary _________________________________________________ The positive thinker sees the invisible, feels the intangible, and achieves the impossible. _______________________________________________ http://www.mccmedia.com/mailman/listinfo/brin-l
