> Not true. The technology for a distributed, redundant, > fault-tolerant system definitely exists. Look at, for example, > the Internet domain name server (DNS) system. Or google.com. > > The problem is whether people are willing to spend the time > and resources necessary to design, set up, and maintain such a system. > Evidently in the system you described, they were not. (Two > days to come up with the "short term" solution of disabling > the security? Obviously no one had gone through and > anticipated various scenarios and formulated plans of action, > let alone having designed the system robustly in the first place).
Everything that you said about the technology is absolutely true, to some degree, however, there is still the possibility of hardware or software failure at the scanning point, and many places in between. Do you remember a few years ago when corrupted copies of the DNS were distributed and a significant portion of the internet was useless for a few hours? I can dig up some references if you are interested. A centralized or distributed authority would have to have significantly more security and accountability than the DNS system has today. As for the problem that I used as an example, everyone was aware of the "short term" solution in the first 30 seconds of the problem, but it all came down to one contractor in Florida making the decision that the system would NOT be disabled, even at the expense of paying 15,000+ employees for two days to literally sit and do nothing. >From a security standpoint, that was the correct decision, but from a practical standpoint, how many millions of dollars were lost in salaries and lost productivity? In essence, you are right, it comes down to system design, planning and policy. But my fear would be what happens when your card can't be authenticated. Would there be a contingency plan? Would a contingency plan that bypasses authentication defeat the purpose of the system? Cards go bad, are damaged, lost, destroyed, people forget their PIN number, etc - that happens EVERY day here. Based on my experiences here with a secured ID card, a national ID card system would be disastrous. _______________________________________________ http://www.mccmedia.com/mailman/listinfo/brin-l