The end of liberty

Jeff Bone jbone@jump.net
Mon, 01 Oct 2001 20:23:38 -0500 

Marty Halvorson wrote:

> As long as the ID presented fulfills the requirements, e.g., the photo on
> the ID looks like the person presenting it, I don't see how checking
> "everyone's ID real well" is going to help.

Several different issues:

* Fake IDs vs. false but authentic IDs (i.e., homemade vs. "real" gov't issued but
false identity)
* Single authentic ID belonging to somebody else
* Multiple authentic ID belonging to somebody else

(BTW, people get into bars -w- other people's IDs because (a) bouncers aren't
well-trained in ID recognition, and (b) they generally don't care that much anyway
--- they just have to be able to say they did a first-order job on it and didn't,
say, let an 19 yr-old white guy in with a 45 yr-old Puerto Rican woman's ID. :-)

Anyone with a minimum of training can be taught to recognize a fake ID.  False IDs
are more difficult to recognize, but are more difficult to obtain as well.  A
first-pass screen for this is to require multiple picture IDs;  vital information
and so forth can then be checked.  There's usually identifying information on the
card that can be checked against appearance, too, besides the fact that there's a
picture.  The chances of anybody being able to get several pieces of authentic but
false identification are pretty slim --- unless they're well-funded and
well-connected. (Which AFAWK these guys were.)

At the end of the day, I think we've got to recognize that --- as with computer
security --- the only way to have real security is to have total isolation.  We
need to do a better job, sure;  and requiring multiple forms of ID + training and
motivation (that latter's already taken care of by virtue of 911) for security
agents goes a long, long way.  Biometrics would be better, sure, but the question
is whether the incremental improvement over what's possible -w- normal ID
technology and a little diligence is worth the cost.

> Before 911 the agent at the
> gate or ticket counter compared my ID photo with me every time I flew.  I
> don't see how your suggestion will work without biometric data on the ID,
> that's checkable against the person presenting that ID.  Even then it's
> only a matter of time before someone figures out how to fake the "new" ID
> cards.

I guarantee they're checking them better today than they were on 9/10. ;-)  Still,
I think it's reasonable to require a law-enforcement style ID recognition class
for all gate and security agents.  Even so, this misses the point.

> For example, there was a case in New Mexico a couple of years ago where a
> smart kid was selling ID's to his friends.  This was just after New Mexico
> had instituted holograms covering the photo, to make them "counterfeit
> proof".  True enough, they couldn't stand up to "real" close scrutiny, but
> they worked quite well for quite a few kids.  I claim that if a kid can
> make an acceptable counterfeit using his home PC, a professional can make
> one that would fool a security guard at the airport.

The issue is that what's "acceptable counterfeit" in one context isn't necessarily
acceptable in another.  It's a mistake to compare the two uses...

jb