[Politech] Bruce Schneier on ID cards and the "illusion of security" [priv]

From: Declan McCullagh (declan@private)
Date: Tue Feb 03 2004 - 10:43:24 PST

  • Next message: Declan McCullagh: "[Politech] Chapel Hill reconsiders red-light cameras [priv]"

    ---
    
    http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2004/02/03/EDGSI4M3171.DTL&type=printable
    
      How We Are Fighting the War on Terrorism
      IDs and the illusion of security
      Bruce Schneier
      Tuesday, February 3, 2004
      San Francisco Chronicle | Feedback | FAQ
    
    
      In recent years there has been an increased use of identification checks
    as a security measure. Airlines always demand photo IDs, and hotels
    increasingly do so. They're often required for admittance into government
    buildings, and sometimes even hospitals. Everywhere, it seems, someone is
    checking IDs. The ostensible reason is that ID checks make us all safer,
    but that's just not so. In most cases, identification has very little to do
    with security.
    
      Let's debunk the myths:
    
      First, verifying that someone has a photo ID is a completely useless
    security measure. All the Sept. 11 terrorists had photo IDs. Some of the
    IDs were real. Some were fake. Some were real IDs in fake names, bought
    from a crooked DMV employee in Virginia for $1,000 each. Fake driver's
    licenses for all 50 states, good enough to fool anyone who isn't paying
    close attention, are available on the Internet. Or if you don't want to buy
    IDs online, just ask any teenager where to get a fake ID.
    
      Harder-to-forge IDs only help marginally, because the problem is not
    making sure the ID is valid. This is the second myth of ID checks: that
    identification combined with profiling can be an indicator of intention.
    
      Our goal is to somehow identify the few bad guys scattered in the sea of
    good guys. In an ideal world, what we would want is some kind of ID that
    denotes intention. We'd want all terrorists to carry a card that says
    "evildoer" and everyone else to carry a card that said "honest person who
    won't try to hijack or blow up anything." Then, security would be easy. We
    would just look at people's IDs and, if they were evildoers, we wouldn't
    let them on the airplane or into the building.
    
      This is, of course, ridiculous, so we rely on identity as a substitute. In
    theory, if we know who you are, and if we have enough information about
    you, we can somehow predict whether you're likely to be an evildoer. This
    is the basis behind CAPPS-2, the government's new airline passenger
    profiling system. People are divided into two categories based on various
    criteria: the traveler's address, credit history and police and tax
    records; flight origin and destination; whether the ticket was purchased by
    cash, check or credit card; whether the ticket is one way or round trip;
    whether the traveler is alone or with a larger party; how frequently the
    traveler flies; and how long before departure the ticket was purchased.
    
      Profiling has two very dangerous failure modes. The first one is obvious.
    Profiling's intent is to divide people into two categories: people who may
    be evildoers and need to be screened more carefully, and people who are
    less likely to be evildoers and can be screened less carefully.
    
      But any such system will create a third, and very dangerous, category:
    evildoers who don't fit the profile. Oklahoma City bomber Timothy McVeigh,
    Washington-area sniper John Allen Muhammed and many of the Sept. 11
    terrorists had no previous links to terrorism. The Unabomber taught
    mathematics at UC Berkeley. The Palestinians have demonstrated that they
    can recruit suicide bombers with no previous record of anti-Israeli
    activities. Even the Sept. 11 hijackers went out of their way to establish
    a normal-looking profile; frequent-flier numbers, a history of first-class
    travel and so on. Evildoers can also engage in identity theft, and steal
    the identity -- and profile -- of an honest person. Profiling can result in
    less security by giving certain people an easy way to skirt security.
    
      There's another, even more dangerous, failure mode for these systems:
    honest people who fit the evildoer profile. Because evildoers are so rare,
    almost everyone who fits the profile will turn out to be a false alarm.
    This not only wastes investigative resources that might be better spent
    elsewhere, but it causes grave harm to those innocents who fit the profile.
    Whether it's something as simple as "driving while black" or "flying while
    Arab," or something more complicated such as taking scuba lessons or
    protesting the Bush administration, profiling harms society because it
    causes us all to live in fear...not from the evildoers, but from the police.
    
      Security is a trade-off; we have to weigh the security we get against the
    price we pay for it. Better trade-offs are to spend money on intelligence
    and analysis, investigation and making ourselves less of a pariah on the
    world stage. And to spend money on the other, nonterrorist security issues
    that affect far more Americans every year.
    
      Identification and profiling don't provide very good security, and they do
    so at an enormous cost. Dropping ID checks completely, and engaging in
    random screening where appropriate, is a far better security trade-off.
    People who know they're being watched, and that their innocent actions can
    result in police scrutiny, are people who become scared to step out of
    line. They know that they can be put on a "bad list" at any time. People
    living in this kind of society are not free, despite any illusionary
    security they receive. It's contrary to all the ideals that went into
    founding the United States.
    
      Bruce Schneier, CTO of Counterpane Internet Security in Cupertino, is the
    author of "Beyond Fear: Thinking Sensibly About Security in an Uncertain
    World" (Copernicus Books, 2003).
    
    _______________________________________________
    Politech mailing list
    Archived at http://www.politechbot.com/
    Moderated by Declan McCullagh (http://www.mccullagh.org/)
    



    This archive was generated by hypermail 2b30 : Tue Feb 03 2004 - 11:44:30 PST