Re: Congress Close to Establishing Rules for Driver's Licenses
J.A. Terranson wrote: Which of course neatly sidesteps the issue that a DRIVERS LICENSE is not identification, it is proof you have some minimum competency to operate a motor vehicle... IIRC, several states have taken to issuing a no compentency driving licence (ie, the area that says what that licence allows you to drive/ride, normally occupied by car, motorcycle, truck or whatever, is blank) purely for use as identification. Few liquor stores (for example) accept anything else.
Re: Congress Close to Establishing Rules for Driver's Licenses
Dave Howe [EMAIL PROTECTED] wrote: Few liquor stores (for example) accept anything else. ..except (ta-d) the passport, which is universally accepted by liquor stores AFAICT. Imagine that. An _actual_ document of identification being used for approximately the correct purpose. -- Riad S. Wahby [EMAIL PROTECTED]
Re: Implant replaces ID cards for access to restricted areas.
From: Steve Furlong [EMAIL PROTECTED] Sent: Oct 9, 2004 7:44 AM To: [EMAIL PROTECTED] Subject: Re: Implant replaces ID cards for access to restricted areas. On Thu, 2004-10-07 at 02:20, Nomen Nescio wrote: Mexican Attorney General, Staff Get Chip Implants Implant replaces ID cards for access to restricted areas. I think I'd get the implant under my scalp somewhere. If the implant gave access to a really critical place, I wouldn't want to risk losing an arm or whatever. Also, I'd be able to block the implant's signals with my nifty tinfoil hat. I've been waiting for a use for that thing. Actually, I think the protocol requires that it be placed on your forehead, right under the tattooed sixes. Or maybe I'm getting my protocols mixed up --John
Re: Congress Close to Establishing Rules for Driver's Licenses
Riad S. Wahby wrote: ...except (ta-d) the passport, which is universally accepted by liquor stores AFAICT. And how many americans have a passport,and carry one for identification purposes?
Re: Congress Close to Establishing Rules for Driver's Licenses
Dave Howe [EMAIL PROTECTED] wrote: And how many americans have a passport,and carry one for identification purposes? Probably not all that many. Tangentially, I was once told that, at least in Massachusetts liquor stores, even an _expired_ passport was useful identification. Can anyone confirm that this is true other than at Sav-Mor Liquors? -- Riad S. Wahby [EMAIL PROTECTED]
Re: Congress Close to Establishing Rules for Driver's Licenses
Right, just because your Passport or driver's license expired, doesn't mean that you got any younger and therefore shouldn't drink. --Kaos-Keraunos-Kybernetos--- + ^ + :Our enemies are innovative and resourceful, and so are we. /|\ \|/ :They never stop thinking about new ways to harm our country /\|/\ --*--:and our people, and neither do we. -G. W. Bush, 2004.08.05 \/|\/ /|\ : \|/ + v + :War is Peace, freedom is slavery, Bush is President. - On Tue, 12 Oct 2004, Riad S. Wahby wrote: Tangentially, I was once told that, at least in Massachusetts liquor stores, even an _expired_ passport was useful identification. Can anyone confirm that this is true other than at Sav-Mor Liquors?
Re: Congress Close to Establishing Rules for Driver's Licenses
Can't specifically confirm that, but this last summer I traveled to several countries (and back into the US) using an expired passport as ID (and no, they didn't just forget to read the date, the expired passport was officially acceptable). -TD From: Riad S. Wahby [EMAIL PROTECTED] To: Cypherpunks [EMAIL PROTECTED] Subject: Re: Congress Close to Establishing Rules for Driver's Licenses Date: Tue, 12 Oct 2004 10:09:26 -0500 Dave Howe [EMAIL PROTECTED] wrote: And how many americans have a passport,and carry one for identification purposes? Probably not all that many. Tangentially, I was once told that, at least in Massachusetts liquor stores, even an _expired_ passport was useful identification. Can anyone confirm that this is true other than at Sav-Mor Liquors? -- Riad S. Wahby [EMAIL PROTECTED] _ FREE pop-up blocking with the new MSN Toolbar get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
cryptome.org down?
DNS seems to resolve, but never get to the web server. --Kaos-Keraunos-Kybernetos--- + ^ + :Our enemies are innovative and resourceful, and so are we. /|\ \|/ :They never stop thinking about new ways to harm our country /\|/\ --*--:and our people, and neither do we. -G. W. Bush, 2004.08.05 \/|\/ /|\ : \|/ + v + :War is Peace, freedom is slavery, Bush is President. -
Re: cryptome.org down?
The site has been overloaded for a couple of days due to heavy hits on files on the Indymedia UK takedown and the Bush bulge. A Slashdot attack added to that yesterday but has gone away. Today The Reg cited the Bush bulge file and the overload restarted. It'll pass shortly, maybe.
Re: Cash, Credit -- or Prints?
From: Tyler Durden [EMAIL PROTECTED] Sent: Oct 12, 2004 1:43 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Cash, Credit -- or Prints? .. Very interesting question. I'd bet almost any amount of money that it's fairly trivial to simply alligator-clip-out the fingerprint's file from almost any of the cheaper devices. Hell, I'd bet that's true even of more expensive secure devices as well. I don't think the readers store an image of the fingerprint, just some information to make it easy to verify a match. I don't think you could reconstruct a fingerprint from that information, though you could presumably reconstruct a fingerprint image that would fool the detector. From what I've seen, the whole field of biometrics needs a lot of work on characterizing the attacks and defenses against them, and coming up with reasonable ways to verify that a reader resists some attack. I think individual vendors often have some ideas about this (though I gather their defenses are often disabled to keep the false reject rate acceptably low), but there doesn't seem to be a clean process for determining how skilled an attacker needs to be to, say, scan my finger once, and produce either a fake finger or a machine for projecting a fake fingerprint into the reader. Anyone know whether some kind of standard for this exists? -TD --John
Re: Cash, Credit -- or Prints?
Can anyone explain how sophisticated those fingerprint readers are? Are there readers out there that by themselves are secure devices and essentially are able to talk with their servers thru the PCs/workstations over a protocol such that any man-in-the-middle, like a driver, can not learn anything from the traffic? (...and all that for less than $40, of course...) If not, would a trojan then be able to capture your fingerprint's digital-fingerprint, and impersonate you from any other node on the network? -Frank. R.A. Hettinga wrote: http://online.wsj.com/article_print/0,,SB109744462285841431,00.html The Wall Street Journal October 11, 2004 Cash, Credit -- or Prints? Fingerprints May Replace Money, Passwords and Keys; One Downside: Gummi Fakes By WILLIAM M. BULKELEY Staff Reporter of THE WALL STREET JOURNAL October 11, 2004; Page B1 Fingerprints aren't just for criminals anymore. Increasingly, they are for customers. Fingerprint identification is being used to speed up checkouts at Piggly Wiggly supermarkets in South Carolina, and to open storage lockers at the Statue of Liberty. Fingerprints are also being used as password substitutes in cellphones and laptop computers, and in place of combinations to open up safes. But these aren't the fingerprints of yore, in which the person placed his hand on an ink pad, then on paper. Instead, the user sets his hand on a computerized device topped with a plate of glass, and an optical reader and special software and chips identify the ridges and valleys of the fingertips. Fingerprint technology seems to be reaching critical mass and is spreading faster than other widely promoted biometric identification methods, such as eyeball scanning, handprint-geometry reading and facial recognition. Interest in these and other new security systems was heightened by the September 2001 terror attacks. Fingerprints will be dominant for the foreseeable future, says Don McKeon, the product manager for biometric security at International Business Machines Corp. One reason fingerprint-security is spreading is that technological advances are bringing the cost down. Microsoft Corp. recently introduced a stand-alone fingerprint reader for $54, and a keyboard and a mouse with fingerprint readers. Last week, IBM said it would start selling laptop computers with fingerprint readers built in. These products reduce the need for personal-computer users to remember passwords. A customer uses a fingerprint reader to pay at a Piggly Wiggly store, cutting his checkout time. Earlier this year, American Power Conversion Corp., a Rhode Island company that makes backup computer batteries, started selling a fingerprint reader for PCs with a street price of $45 -- less than half the price of competitors at the time. American Power says it has sold tens of thousands of the devices since. Korea's LG Electronics Inc. has introduced a cellphone with a silicon chip at its base that requires the owner's finger to be swiped across its surface before the phone can be used. This summer, NTT DoCoMo Inc. started selling a similar phone reader that is being used on Japanese trains as an electronic wallet to pay fares or to activate withdrawals from on-board cash machines. Proponents have never had trouble explaining the benefits of fingerprints as payment-and-password alternatives: Each person has a unique set, and their use is established in the legal system as an authoritative means of identification. But some people are uneasy about registering their fingerprints because of the association with criminality and the potential that such a universal identifier linked to all personal information would reduce privacy. Moreover, numerous businesses and governments have tested fingerprint systems in the past only to rip them out when the hype failed to match reality. That's partly because the optical readers have had problems with certain people's fingers. Elderly people with dry skin, children who pressed down too hard, even women with smaller fingers -- including many Asians -- were often rejected as unreadable. Security experts also have successfully fooled some systems by making plaster molds of fingers and then creating fake fingers by filling the molds with Silly-Putty-type plasticizers or gelatin similar to that used in candy Gummi Bears. But advocates say the rate of false rejections of legitimate users has been greatly reduced by improved software. I'd say 99% of people can register their fingers, says Brad Hill, who installed fingerprint-controlled lockers at his souvenir store at the Statue of Liberty this summer when the National Park Service forbade tourists from entering the statue while carrying packages. Mr. Hill was worried that tourists would lose locker keys when security screeners forced them to empty their pockets. Some makers of readers also say their technology can solve the fake-finger problem by taking readings from below the surface skin layer. Or they suggest combining
Congress Close to Establishing Rules for Driver's Licenses
http://nytimes.com/2004/10/11/politics/11identity.html?pagewanted=printposition= The New York Times October 11, 2004 Congress Close to Establishing Rules for Driver's Licenses By MATTHEW L. WALD ASHINGTON, Oct. 10 - Following a recommendation of the Sept. 11 commission, the House and Senate are moving toward setting rules for the states that would standardize the documentation required to obtain a driver's license, and the data the license would have to contain. Critics say the plan would create a national identification card. But advocates say it would make it harder for terrorists to operate, as well as reduce the highway death toll by helping states identify applicants whose licenses had been revoked in other states. The Senate version of the intelligence bill includes an amendment, passed by unanimous consent on Oct. 1, that would let the secretary of homeland security decide what documents a state would have to require before issuing a driver's license, and would also specify the data that the license would have to include for it to meet federal standards. The secretary could require the license to include fingerprints or eye prints. The provision would allow the Homeland Security Department to require use of the license, or an equivalent card issued by motor vehicle bureaus to nondrivers for identification purposes, for access to planes, trains and other modes of transportation. The bill does not give the department the authority to force the states to meet the federal standards, but it would create enormous pressure on them to do so. After a transition period, the department could decide to accept only licenses issued under the rules as identification at airports. The House's version of the intelligence bill, passed Friday, would require the states to keep all driver's license information in a linked database, for quick access. It also calls for an integrated network of screening points that includes the nation's border security system, transportation system and critical infrastructure facilities that the secretary determines need to be protected against terrorist attack. The two versions will go to a House-Senate conference committee. Some civil liberties advocates say they are horrified by the proposal. I think it means we're going to end up with a police state, essentially, by allowing the secretary of homeland security to designate the sensitive areas and allowing this integrating screening system, said Marv Johnson, the legislative counsel for the American Civil Liberties Union. If the requirement to show the identification card can be applied to any mode of transportation, he said, that could eventually include subways or highways, and the result would be to require you to have some national ID card, essentially, in order to go from point A to point B. James C. Plummer Jr., a policy analyst at Consumer Alert, a nonprofit organization based here, said, You're looking at a system of internal passports, basically. But a Senate aide who was involved in drafting the bipartisan language of the amendment said that in choosing where to establish a checkpoint, the provision does not give the secretary of homeland security any new authority. The aide, who asked not to be identified because of his involvement in drafting the measure, said it would not create a national identification card but would standardize a form of identification routinely issued by states. Representative Candice S. Miller, the Michigan Republican who drafted the license section of the House measure, said, I don't think this is anything that should cause anyone concern. Of the 50 states, 48 are members of interstate compacts that exchange information on moving violations, so that a driver from, say, Maryland, who picks up a speeding ticket in Florida will accumulate points in his home state. But Michigan and Wisconsin are not members of a compact. Ms. Miller said one purpose of the provision she wrote was to fix that problem. A spokesman for the American Association of Motor Vehicle Administrations, which represents the state officials who issue driver's licenses, said linking the databases and strengthening control over who could get a license was long overdue. The American public should be outraged to know that departments of motor vehicles nationwide lack the capability to do the jobs we've asked them to do, said the spokesman, Jason King. In both houses, the legislation is geared to respond to numerous recommendations made by the Sept. 11 commission. For years before the terrorist attacks of Sept. 11, 2001, law enforcement officials, especially those concerned with identity theft, argued that the states should have more rigorous standards for issuing driver's licenses. But the commission pointed out that fraud in identification documents is no longer just a problem of theft. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/
Re: Congress Close to Establishing Rules for Driver's Licenses
In both houses, the legislation is geared to respond to numerous recommendations made by the Sept. 11 commission. For years before the terrorist attacks of Sept. 11, 2001, law enforcement officials, especially those concerned with identity theft, argued that the states should have more rigorous standards for issuing driver's licenses. But the commission pointed out that fraud in identification documents is no longer just a problem of theft. Which of course neatly sidesteps the issue that a DRIVERS LICENSE is not identification, it is proof you have some minimum competency to operate a motor vehicle... -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF An ill wind is stalking while evil stars whir and all the gold apples go bad to the core S. Plath, Temper of Time
Re: Financial identity is *dangerous*? (was re: Fake companies, real money)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 9:49 AM -0400 10/12/04, John Kelsey wrote: Hmmm. I guess I don't see why this story supports that argument all that well. More like the straw that broke the camel's back, admittedly. A long time ago I came to the conclusion that the closer we get to transaction instantaneity, the less counterparty identity matters at all. That is, the fastest transaction we can think of is a cryptographically secure glop of bits that is issued by an entity who is responsible for the integrity of the transaction and the quality of assets that the bits represent. Blind signature notes work fine for a first-order approximation. In other words, an internet bearer transaction. In such a scenario, nobody *cares* who the counterparties are for two reasons. The first reason is existential: title to the asset has transferred instantaneously. There is *no* float. I have it now, so I don't *care* who you were, because, well, it's *mine* now. :-). Second, keeping an audit trail when the title is never in question is, in the best circumstances superfluous and expensive, and, in the worst, even dangerous for any of a number of security reasons, depending on the color of your adversary's hat, or the color your adversary thinks his hat is, or whatever. Keeping track of credit card numbers in a database is an extant problem, for instance, with a known, shall we say, market cost. We'll leave political seizure and other artifacts of totalitarianism to counted by the actuaries. Clearly, book entry systems where I can do transactions in your name and you are held liable for them are bad, but that's like looking at Windows 98's security flaws and deciding that x86 processors can't support good OS security. I'm walking out on a limb here, in light of what I said above, and saying that when there's *any* float in the process, your liability for identity theft increases with the float involved. Furthermore, book-entry transactions *require* float, somewhere. They are debt-dependent. Someone has to *borrow* money to effect a transaction. (In a bearer transaction, the shoe's on the other foot, the purchaser is *loaning* money, at zero interest, but that's what the buyer wants so the system compensates accordingly, but that's another story.) Because the purchaser has to borrow money to pay, and because you *cannot* wring the float out of a transaction (that is, you can get instantaneous execution, but the transaction clears and settles at a later date; 90 days is the maximum float time for a non-repudiated credit-card transaction, for instance), I claim that book-entry transactions will *always* be liable for identity theft. Put another way, remember Doug Barnes' famous quip that and then you go to jail is not an acceptable error handling step for a transnational internet transaction protocol. I would claim that enforcement of identity as a legal concept costs too much in the long run to be useful, and that the cheapest way to avoid the whole problem is to go to systems which not only don't require identity, but they don't even require book-entry *accounts* at all to function at the user level. Financial cryptography has had that technology for more than two decades now, so long that the patent's about expired on it, if it hasn't already. The aspect of this that's generally spooky is not the existence of book entry payment systems, it's the ease with which someone can get credit (in one form or another) in your name, based on information they got from public records and maybe a bit of dumpster diving, some spyware installed on your machine, or a phishing expedition. How the payment systems are cleared isn't going to change that, right? (I know you've thought about this stuff a lot more than I have, so maybe I'm missing something) See above. When you use book-entry transactions, by definition, you need identity. Biometric, is-a-person, go-to-jail-if-you-lie-about-a-book-entry identity. With bearer transactions, digital/internet or otherwise, you don't have identity. You don't *need* identity to execute, clear, and settle the transaction, primarily because all three happen at once. There's no float between the three activities. You don't have to send someone to jail if they lie, because the transaction never executes in the first place if they do. Now, there are tradeoffs. The first one is key management, which as Schneier likes to point out, is a hard problem. Personally, I think that if you don't have to associate a key with a flesh-and-blood body in meatspace, a whole continent full of problems just disappears. In a bearer transaction, it's orthogonal to the issue of security anyway, and all it does is cost you money to do for no added benefit. The second one is security of the digital bearer notes and coins themselves, which, frankly, scares people in the finance business most of all. However, I would claim that all organizations, and even people :-), do their *database* and
Airline ID requirement faces legal challenge
http://www.usatoday.com/tech/news/surveillance/2004-10-10-privacy_x.htm USA Today Airline ID requirement faces legal challenge By Richard Willing, USA TODAY At a time when Americans have come to expect tight security for air travel, it might seem to be an odd question: Does requiring airline passengers to show identification before they board domestic flights amount to an unreasonable search under the Constitution? John Gilmore is challenging the federal domestic airline ID requirement, saying it violates his right to travel in the USA anonymously. File photo Yes, says John Gilmore, a computer whiz who made a fortune as an early employee of Sun Microsystems. His challenge of the federal ID requirement, which soon could get a hearing before a U.S. appeals court in San Francisco, is one of the latest court battles to test the balance between security concerns and civil liberties. At issue is Gilmore's claim that checking the IDs of passengers on domestic flights violates his right to travel throughout the USA anonymously, without the government monitoring him. Lawyers involved in the case say it apparently is the first such challenge to the federal rules that require airline passengers to provide identification. In a similar case, two peace activists are suing the U.S. government to determine how their names came to be placed on a federal no-fly list. Rebecca Gordon and Janet Adams were not allowed to board a San Francisco to Boston flight in August 2002 after they were told that their names were on a secret FBI list of potential security threats, their court filing says. I believe I have a right to travel in my own country without presenting what amounts to an internal passport, Gilmore, 49, said in an interview. I have a right to be anonymous, (to not) be tracked by my government for no good reason. Gilmore said he has no problem with security checks that focus on passengers' luggage. He says he also does not object to having to present a passport to board flights to other countries. Some privacy groups say Gilmore has a point. But others who support the ID requirement have cast the San Francisco resident as being out of touch with the realities of air travel since the Sept. 11 attacks. Kent Scheidegger, counsel for the Criminal Justice Legal Foundation, a conservative group in Sacramento, says the ID requirement is good policy and eminently constitutional. The Fourth Amendment forbids not searches that you don't like, it forbids unreasonable searches, he says. Nothing could be more reasonable at this time than to know who you're flying with. The Justice Department is fighting Gilmore's claim. Acting on the department's motion, a U.S. district court judge in San Francisco dismissed the suit last March. Gilmore has appealed; a hearing before the 9th Circuit Court of Appeals is likely to be scheduled after briefs are filed next month. In court papers, the Justice Department has not defended the ID policy, or even acknowledged it exists. It has said national security law requires that this aspect of the case be argued in a courtroom closed to the public, including Gilmore. The appeals court denied the government's secrecy request Sept. 20, and the government has asked the court to reconsider. Rules on the Transportation Security Administration's Web site say passengers 18 and older need one form of government-issued photo identification or two forms of non-photo identification to board domestic flights. Airlines adopted such a policy on their own after terrorists bombed an international flight over Lockerbie, Scotland, in December 1988. The bomb that killed all 270 passengers on the jet was said to have been placed in a passenger's luggage by a terrorist who got into a restricted area. The airlines say checking IDs against luggage and passenger information is a way to deny terrorists access to flights. The TSA, formed two years ago in the wake of the Sept. 11 attacks, checks IDs to verify passenger identities and to check them against watch lists of known or suspected terrorists. Gilmore's suit says the requirement amounts to an unreasonable search, a burden on the right to travel and a form of self-incrimination because it singles out anonymous travelers for searching. Gilmore said the ID requirement does little to ensure security. Ordinary citizens may show correct identification, but do we really think that someone who is willing to commit a terrorist act won't also be willing to present false identification? Gilmore's suit was filed in 2002, after he was denied seats on two flights at the airport in Oakland. It was his first domestic flight since the 9/11 attacks. Before then, Gilmore said, he was permitted to board flights after presenting a Federal Aviation Administration document that said showing IDs was optional. In 1982, Gilmore, a computer programmer, was the first person hired by the founders of what became Sun Microsystems. He retired eight years ago with what his
RE: Airline ID requirement faces legal challenge
Actually, this story is quite the media bellweather. This one treats the case purely as Gilmore wants to fly anonymously, while even some other mainline media are reporting it as, Gilmore is questioning the legality of hidden laws. I guess USA Today still feels it has an audience worth pandering to. -TD From: R.A. Hettinga [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Airline ID requirement faces legal challenge Date: Tue, 12 Oct 2004 14:15:53 -0400 http://www.usatoday.com/tech/news/surveillance/2004-10-10-privacy_x.htm USA Today Airline ID requirement faces legal challenge By Richard Willing, USA TODAY At a time when Americans have come to expect tight security for air travel, it might seem to be an odd question: Does requiring airline passengers to show identification before they board domestic flights amount to an unreasonable search under the Constitution? John Gilmore is challenging the federal domestic airline ID requirement, saying it violates his right to travel in the USA anonymously. File photo Yes, says John Gilmore, a computer whiz who made a fortune as an early employee of Sun Microsystems. His challenge of the federal ID requirement, which soon could get a hearing before a U.S. appeals court in San Francisco, is one of the latest court battles to test the balance between security concerns and civil liberties. At issue is Gilmore's claim that checking the IDs of passengers on domestic flights violates his right to travel throughout the USA anonymously, without the government monitoring him. Lawyers involved in the case say it apparently is the first such challenge to the federal rules that require airline passengers to provide identification. In a similar case, two peace activists are suing the U.S. government to determine how their names came to be placed on a federal no-fly list. Rebecca Gordon and Janet Adams were not allowed to board a San Francisco to Boston flight in August 2002 after they were told that their names were on a secret FBI list of potential security threats, their court filing says. I believe I have a right to travel in my own country without presenting what amounts to an internal passport, Gilmore, 49, said in an interview. I have a right to be anonymous, (to not) be tracked by my government for no good reason. Gilmore said he has no problem with security checks that focus on passengers' luggage. He says he also does not object to having to present a passport to board flights to other countries. Some privacy groups say Gilmore has a point. But others who support the ID requirement have cast the San Francisco resident as being out of touch with the realities of air travel since the Sept. 11 attacks. Kent Scheidegger, counsel for the Criminal Justice Legal Foundation, a conservative group in Sacramento, says the ID requirement is good policy and eminently constitutional. The Fourth Amendment forbids not searches that you don't like, it forbids unreasonable searches, he says. Nothing could be more reasonable at this time than to know who you're flying with. The Justice Department is fighting Gilmore's claim. Acting on the department's motion, a U.S. district court judge in San Francisco dismissed the suit last March. Gilmore has appealed; a hearing before the 9th Circuit Court of Appeals is likely to be scheduled after briefs are filed next month. In court papers, the Justice Department has not defended the ID policy, or even acknowledged it exists. It has said national security law requires that this aspect of the case be argued in a courtroom closed to the public, including Gilmore. The appeals court denied the government's secrecy request Sept. 20, and the government has asked the court to reconsider. Rules on the Transportation Security Administration's Web site say passengers 18 and older need one form of government-issued photo identification or two forms of non-photo identification to board domestic flights. Airlines adopted such a policy on their own after terrorists bombed an international flight over Lockerbie, Scotland, in December 1988. The bomb that killed all 270 passengers on the jet was said to have been placed in a passenger's luggage by a terrorist who got into a restricted area. The airlines say checking IDs against luggage and passenger information is a way to deny terrorists access to flights. The TSA, formed two years ago in the wake of the Sept. 11 attacks, checks IDs to verify passenger identities and to check them against watch lists of known or suspected terrorists. Gilmore's suit says the requirement amounts to an unreasonable search, a burden on the right to travel and a form of self-incrimination because it singles out anonymous travelers for searching. Gilmore said the ID requirement does little to ensure security. Ordinary citizens may show correct identification, but do we really think that someone who is willing to commit a terrorist act won't also be willing to present false identification? Gilmore's