ID cards

The argument about ID cards in the UK is unresolved, the idea of having to carry ID is unsettling, many (me included) believe it to be unnecessary. Here’s a link to a piece about the possible results of implementing such a scheme. It’s a discussion about an American system, but the prinicipal holds true for any location.

My argument may not be obvious, but it’s not hard to follow, either. It centers around the notion that security must be evaluated not based on how it works, but on how it fails.

It doesn’t really matter how well an ID card works when used by the hundreds of millions of honest people that would carry it. What matters is how the system might fail when used by someone intent on subverting that system: how it fails naturally, how it can be made to fail, and how failures might be exploited.

taken from www.schneier.com

Leave a Reply