Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Schneier on National ID Cards, Key Escrow Locks, E-voting

michael posted more than 10 years ago | from the uncommon-sense dept.

Security 400

Schneier's Cryptogram newsletter this month touches on a lot of subjects near and dear to our hearts: national ID cards, TSA-approved luggage locks, a cost-benefit analysis of stealing an election via hacking evoting machines, a nifty credit with audible security, etc.

cancel ×

400 comments

Sorry! There are no comments related to the filter you selected.

GNAA claims responsibility for Momfuck virus (-1, Troll)

Anonymous Coward | more than 10 years ago | (#8900098)

GNAA claims responsibility for Momfuck virus.
By Horatio Brunswick

New York, NY - GNAA (Gay Nigger Association of America) The GNAA today claimed responsibility for the release of the devastating trojan Momfuck.1o1, which has caused an estimated 486 billion dollars US in lost productivity and unread penis enlargement offers.

In a drastic escalation of their widely criticized christmas island bombing campaign which has killed thousands of defenceless CI natives, the GNAA made vague threats last week in a "first post" on slashdot.org, a popular "news for trolls" website. In the post (not published here due to profanity and ascii nudity) the GNAA threatened the "Destruction of all internet" if net martyr http://www.goatse.cx was not immediately reinstated. Initally dismissed by self proclaimed security experts Cowboykneel and Linux Toreballs as a childish lark, the world was totally unprepared for the storm to come.

Momfuck.lol exploits three vulnerabilities within Linux's UPnP implementation: a remotely exploitable buffer overflow that allows an attacker gain SYSTEM level access to any default installation of Linux, a Denial of Service (DoS) attack, and a Distributed Denial of Service (DDoS) attack. Within hours of release, every backbone in the country had become infected with the virus, bringing the internet to a crashing halt. The DHS announced an orange alert when the virus spread to even such such remote non-countries as Canada and England, becomming a worldwide computer epidemic. The sequence of events that followed was devastating. ATMs in several states began routing funds from caucasian bank accounts into a GNAA controlled cayman islands account. Traffic lights in all major metropolitan areas malfunctioned, displaying pink rather than the standard red yellow and green configuration, causing unprecedented accidents and traffic delays. Radio stations ceased transmitting their standard programming and began a round the clock broadcast of a bootleg of the Village People's "YMCA" which was altered to "GNAA." Perhaps most horrifyingly, The FOX network's LOL sunday programming lineup was interrupted, and replaced by a graphic video of two men having anal sex, backed by the lyrics "Boom I got your boyfriend".


The FBI has fallen under heavy criticism for their failure to respond to the threat of the GNAA. The general public seems uwilling to accept their claims that the post was below their current threshold. The FBI's top cyber-security unit warned consumers and corporations Friday night to take new steps beyond those recommended by SCO Corp. to protect against hackers who might try to attack major flaws discovered in the newest version of Linux software, or to get a life, faggots. FBI Department head John Asscrotch is expected to resign in disgrace shortly.

What follows is a transcript of an actual internet relay chat conversation, with two individuals who seem to have been infected by momfuck.lol. It is my hope that this will help computer users to recognize and avoid the virus if encountered.


* Now talking in #eurotekken
* Topic is 'http://www.tekkenzaibatsu.com/forums/showthread.p hp?s=&postid=1527925#post1527925 : everyone give your 0.00c'
* Set by SirCane on Tue Apr 06 15:57:26
<l0de> "Mom, I can't sleep would you mind if I get in bed with you?
<l0de> I have virus!
<l0de> She was wearing a baby doll semi-see through nightie, and was embarrassed to let me in bed with her.
<subt-L> haha.. this is a fucking crazy virus..
<l0de> I can't type this fast!
<l0de> However she remembered how I had let her sleep with me when she needed to.
<l0de> Oh my god.
<l0de> "Sure John, it's a big bed," she said in an uncertain tone.
<l0de> "Mom, would you mind if I snuggle a little with you.
<l0de> I just feel kind of sad tonight, I need you close to me."
<l0de> I said; without waiting for an answer I pulled her tight against me.
<l0de> I kept grinding my crotch into her ass trying to get comfortable.
<Exygone> LOL, random flag in between
<l0de> My hands crept up to her breasts and began playing with them, lazily at first.
<Exygone> too good
<l0de> "John... JOHN what are you doing?
<l0de> This is giving me such a headache! I have to go to school in 3 hours and my term paper is not saved!
<subt-L> this is fucking insane..
<l0de> Stop that and go to sleep."
<subt-L> haha
<l0de> But I could not stop.
<neoKEN> jewish hacker. ho ho ho
<l0de> I pulled her nightie up and wet my finger.
<l0de> I then stuck it into her slightly moist pussy.
<l0de> "John listen to me, stop right now.
<l0de> This has to stop.
<neoKEN> go into command prompt
<l0de> You are my son, and we can't do this.
<Exygone> there it is again
<l0de> Please John don't do this to me."
<Exygone> hahaha
<neoKEN> type NETSTAT -o
<subt-L> don't click on irc links..
<l0de> I did stop then and sat up next to her.
<l0de> I pulled her into my lap and cupped her breasts in my hands while licking her ear.
<l0de> "Susan honey, we need to talk, we need to finish this.
<l0de> I told you a long time ago that I love you, that I need you.
<subt-L> good lesson to learn.
<l0de> I want to possess you utterly.
<l0de> I want you to give me your body, to make love to me.
<l0de> I have a tape mom.
<neoKEN> it will show u all the connection on your computer
<l0de> A tape of you raping me.
<l0de> I could blackmail you, send you to jail.
<l0de> neoken- I will never click another link again
<l0de> But that does not get me what I want.
<l0de> I don't just want you on Christmas, I don't want stolen kisses, or the occasional snuggle.
<neoKEN> save that in notepad.
<l0de> I want you to want me.
<l0de> To be hot and wild and passionate, and completely in love with me.
<l0de> I want to have the right to grab you and fuck you anytime I want, just like dad did.
<neoKEN> u will find your hacker :P
<l0de> I want to wake up to find you sucking on my cock just because you feel like it.
<l0de> Mom can you honestly say you don't want that too?
<l0de> Oh my god. NEoken, I hit start menu but it's not popping up!
<l0de> Can you honestly say that you can bear to have me walk out of your life forever?
<l0de> Because that is what I would have to do.
<c0m> so umm why doesnt someone kick dis do0d
<l0de> You are the woman I love, the only woman I have ever made love to.
<l0de> If I can't have you, I will have to go.
<l0de> All buttons on quicklaunch don't work
<l0de> If I am near you, I have to fuck you.
<l0de> It is as simple as that," I said as I wrote my name on her breasts with my finger.
<l0de> She was crying now, and I could smell her juices beginning to boil and drip out her pussy.
<insanelee> whoever bans this guy
<insanelee> i'm gonna ban you
<neoKEN> c0m: some people enjoy reading it. lol
<l0de> She laid back against my chest and I wrapped her in my arms.
<Exygone> c0m - because insanelee is reading the story
<subt-L> he
<l0de> "I don't want to lose you, I, I know that you are more than just a son to me.
<l0de> I am so scared though.
<l0de> Wanting you this way is wrong.
<l0de> I am your mother.
<l0de> I should not let you play with my tits, I should not want you to lick my pussy, or need you to fuck my ass but for some sick reason I do.
<l0de> I know I can't allow you to fuck me, I can't let you put that big slab of cock-meat inside me.
<l0de> If I do that, there is no turning back, you will own me.
<l0de> thank u insanelee
<insanelee> i like the panic in lodes voice/msgs also
<l0de> I will become addicted to your dick.
<l0de> Oh god, what am I going to do.
<subt-L> this is sick... i think i want people to get this virus.
<Exygone> looool
<l0de> I love you John, but it is still wrong!"
<l0de> We laid that way for a long time, just holding on to each other.
<neoKEN> doesn't matter to me. i don't read #eurotekken chatlog. am not a tekken bum. lol
<l0de> My hard on was peeking up between her thighs.
<l0de> Finally I came up with a solution.
<l0de> "Mom I understand that our relationship is not normal, but it is not WRONG either.
<l0de> Making love to you could never be wrong.
<l0de> I love you and I want to show you how much.
<l0de> Susan, it's Christmas.
<l0de> Let me have you this one time.
<l0de> Make love to me, be greedy, teach me how to please you.
<insanelee> why are you thankikng me
<l0de> Make me fuck you right.
<l0de> We owe it to ourselves to try it at least once.
<l0de> You are All I want for Christmas, all I have ever wanted."
<insanelee> you are just an investment
<Exygone> lol
<insanelee> i need your stories
<l0de> Susan was quiet for a few seconds and then she slowly nodded her head.
<Exygone> an asset
<l0de> Her hands were trembling as she smiled up at me and said yes.
<l0de> I was so happy, that I crushed her against me and said over and over, "I love you baby, I am going to be so good to you, I love you mom," while kissing and hugging her.
<Exygone> in lee's masterplan
<l0de> insane- if I get banned I may never get help
<l0de> Our kisses slowly began to deepen, she was on top of me straddling my waist.
<insanelee> lol
<l0de> Her breasts were brushing against my chest and my cock was laying against her ass.
<subt-L> is it repeating? or is it still going original?
<l0de> I was licking her lips, sucking on them when her pretty, pink little tongue flicked out to meet mine.
<l0de> I sucked her into my mouth and we both let out a little sigh of happiness.
<l0de> jesus, how can I launch command prompt?
<l0de> Susan began crawling down my stomach, stopping briefly to lick my belly button clean.
<l0de> Then she began playing with my cock, rubbing it against her face, eyes, nose, sniffing and then licking and sucking it into her mouth.
<l0de> It was amazing to watch.
<l0de> My mother was overcome by a wave of pure dick-lust as she began to swallow my cock.
<insanelee> ask neoKEN
<l0de> I don't know how big my dad's cock was, but he must have been my size or bigger, cuz my mom swallowed my fat 8 incher like an old pro.
<l0de> She kept looking me right in the eye, with this wicked little grin on her face, daring me to fuck her properly.
<insanelee> i am just readin
<l0de> I did.
<subt-L> dick-lust!
<l0de> I began to ram it down her throat, we established a good rhythm.
<subt-L> hahaha
<l0de> She breathed through her nose and every 20 seconds or so I would pull out and let her lick and massage my knob (and breathe), before plunging back in.
<Exygone> lmao
<l0de> "Cum on my face baby, cum all over your mother's face," she said between slurps, and squeezes and soft, slow, sucks.
<l0de> I could not help it, she was sucking the sperm right out of me.
<l0de> I grabbed Susan's head and pulled it tight against my crotch.
<neoKEN> i don't know any other shortcuts to the command prompt other than the start menu
<l0de> I held her in place as I powerfucked her throat.
<neoKEN> ask M$
<l0de> Precum was bubbling out of me and I could hear it gurgling in her mouth.
<l0de> My balls were twitching and jerking hard now and I felt the sperm swimming their way to the head of my cock.
<l0de> "You want my sperm mom, you want some stinky-sticky?
<l0de> Take it you beautiful little slut, take your son's cum!"
<l0de> I bellowed as I shot the first load down her throat.
<insanelee> this is sick
<l0de> I remembered that she wanted some on her face too; so I pulled out and pressed my spurting cock against her nostril and shot it up her nose.
<neoKEN> comamnd prompt should be an emergency shortcut
<l0de> I had one or two dribbles left so I placed my cock on each of her eyelids and let er rip.
<l0de> Mom was a little surprised...
<c0m> this is gay\
<l0de> but she did not complain.
<l0de> I don't know if I can explain how sexy my mom looked.
<insanelee> 'cum all over your mothers face'
<l0de> My cum was in her belly, a little drop was hanging from the corner of her mouth.
<l0de> Her nose was dripping my cum, and her eyes were crusting over with it.
<l0de> (Guys try it with your girlfriend tonight, it is fucking amazing!)
<l0de> I wanted to rest for a few minutes, but I could not.
<insanelee> com shut up he needs help
<l0de> neoken- yeah, Itried ctrl alt delete but it doesn't work!
<l0de> My mom was obviously very horny and it would not have been polite to leave her hanging.
<l0de> We switched positions and I settled in for a long, slow lick.
<l0de> I may not have a lot of experience in some aspects of sex.
<l0de> Technically I am still a virgin, I guess, since mom has never let me fuck her pussy.
* c0m sets mode: +m
<c0m> yep
<subt-L> oh,,
<subt-L> ouch...
<subt-L> ...
<insanelee> ay
<insanelee> AY
<c0m> ok
<neoKEN> then he cums on her face. THE END
<c0m> lol
<Exygone> Lol
<insanelee> he stopped
<subt-L> haha
<subt-L> story time is over.
<insanelee> what the hell is this
* l0de is now known as helpplz
<insanelee> WHAT HAPPEN TO MY STORIES
<c0m> im sorry it was pretty annoying
* helpplz is now known as l0de
<subt-L> l0de didn't even get kicked.
<insanelee> yea
<insanelee> it just stopped
<insanelee> you didn't even kick him dummy
<neoKEN> sadly i haven't read anything this well written in a long time. lol
* c0m is not a dummy
* insanelee sets mode: -bb l0de!*l0de@
<neoKEN> heh, i need to read some books.
<Exygone> this guy is funny
<insanelee> bring him baaaaaaaaaaaaack
<insanelee> i want my stories
<neoKEN> exy: hahahhaha
<subt-L> that was pretty hilarious.
<insanelee> it was all a joke
<insanelee> damn it guys
<insanelee> why ruin a good thing
<c0m> its fucking annoying
* l0de is now known as cantchat
* cantchat is now known as halp
<insanelee> com
<Exygone> ;p;
<Exygone> lol
* halp is now known as l0de
<insanelee> then get the fuck out
<insanelee> pfft
<c0m> stfu bronson you get the fuck out
<c0m> you never come here
<Exygone> WHAAAAAAAAAAAT
* insanelee sets mode: +b *!*c0m@
<c0m> anyway
<Exygone> lol
* c0m was kicked by insanelee (i'm elitist)
Disconnected
* Attempting to rejoin channel #eurotekken
* Rejoined channel #eurotekken
* Topic is 'http://www.tekkenzaibatsu.com/forums/showthread.p hp?s=&postid=1527925#post1527925 : everyone give your 0.00c'
* Set by SirCane!SirCane@
<l0de> Yhbt yhl
<c0m> well i could care either way
<l0de> HAND
<l0de> (^o^)b
/part


Horatio Brunswick, GNAA, signing off.

GNAA radio every week, midnight CST fridays! #gnaa for details!

About GNAA:
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the first organization which
gathers GAY NIGGERS from all over America and abroad for one common goal - being GAY NIGGERS.

Are you GAY [klerck.org] ?
Are you a NIGGER [mugshots.org] ?
Are you a GAY NIGGER [gay-sex-access.com] ?

If you answered "Yes" to all of the above questions, then GNAA (GAY NIGGER ASSOCIATION OF AMERICA) might be exactly what you've been looking for!
Join GNAA (GAY NIGGER ASSOCIATION OF AMERICA) today, and enjoy all the benefits of being a full-time GNAA member.
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the fastest-growing GAY NIGGER community with THOUSANDS of members all over United States of America. You, too, can be a part of GNAA if you join today!

Why not? It's quick and easy - only 3 simple steps!

First, you have to obtain a copy of GAY NIGGERS FROM OUTER SPACE THE MOVIE [imdb.com] and watch it. (You can download the movie (~280mb) using BitTorrent, by clicking here [idge.net] .

Second, you need to succeed in posting a GNAA "first post" on slashdot.org [slashdot.org] , a popular "news for trolls" website

Third, you need to join the official GNAA irc channel #GNAA on irc.gnaa.us, and apply for membership.
Talk to one of the ops or any of the other members in the channel to sign up today!

If you are having trouble locating #GNAA, the official GAY NIGGER ASSOCIATION OF AMERICA irc channel, you might be on a wrong irc network. The correct network is Niggernet, and you can connect to irc.gnaa.us as our official server. If you do not have an IRC client handy, you are free to use the GNAA Java IRC client by clicking here [nero-online.org] .


If you have mod points and would like to support GNAA, please moderate this post up.

________________________________________________
| ______________________________________._a,____ |
| _______a_._______a_______aj#0s_____aWY!400.___ |
| __ad#7!!*P____a.d#0a____#!-_#0i___.#!__W#0#___ |
| _j#'_.00#,___4#dP_"#,__j#,__0#Wi___*00P!_"#L,_ |
| _"#ga#9!01___"#01__40,_"4Lj#!_4#g_________"01_ |
| ________"#,___*@`__-N#____`___-!^_____________ |
| _________#1__________?________________________ |
| _________j1___________________________________ |
| ____a,___jk_GAY_NIGGER_ASSOCIATION_OF_AMERICA_ |
| ____!4yaa#l___________________________________ |
| ______-"!^____________________________________ | (c) GNAA 2003, 2004 [idge.net]
` _______________________________________________'

Re:GNAA claims responsibility for Momfuck virus (-1, Troll)

Anonymous Coward | more than 10 years ago | (#8900159)

Help, I've got a National ID Card, Key Escrow Lock and E-vote all up my ass!

How can the gnaa trolls not be an insider job? (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8900348)

They always get first post with some ridiculously huge message. Even if there were 50 of them sitting around doing nothing all day long but refreshing their browser, they still couldn't *always* get first post. I think this is CowboyNeal's work.

Re:How can the gnaa trolls not be an insider job? (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8900463)

Cut and paste, you dipshit.

You conspiracy nuts are seriously jism-collectors.

Hard to verify out-of-state ID cards... (5, Insightful)

LostCluster (625375) | more than 10 years ago | (#8900101)

We already have multipurpose-use government-issued ID cards in our wallets in the form of drivers licenses or non-driver photo ID cards issued by our states.

The biggest problem with all of these is that there are 51 different issing bodies, one in every state plus one for Washington, D.C. Within each state, there are at least two formats to make non-drivers distinct from drivers, most states also have special "funny formats" for those under 21 so that they're more easily rejected when they try to purchase alcohol.

But, with more than a hundred formats for the best ID system we have, it's impossible for anybody to be an expert on what security measures to look for and be able to notice when they're absent.

No, this isn't an issue that'd protect us from suicide bombers or airplane hijackers... but being able to properly identify people is essential to financial transactions, and telling illegal immigrants that they don't belong here. It's not exactly a constitutional right to be able present a false ID as your own. The various issuers of drivers licenses should at least be able to agree on a common standard so those cards all look alike from jurisdiction to jurisdiction.

Re:Hard to verify out-of-state ID cards... (2, Insightful)

cscx (541332) | more than 10 years ago | (#8900114)

Don't most driver's license cards have barcodes on the back that liquor stores, etc. can scan?

Re:Hard to verify out-of-state ID cards... (1)

LBArrettAnderson (655246) | more than 10 years ago | (#8900128)

if they do, they definitely don't scan them.

Yes, and the devices collect the data (5, Interesting)

SuperBanana (662181) | more than 10 years ago | (#8900233)

Don't most driver's license cards have barcodes on the back that liquor stores, etc. can scan?

Yup, and there are a number of companies that are happy to provide them to bartenders for nearly free. Look closely and you'll find most have a modem port and a label with instructions on how to let it "phone home".

That kind of use needs to be made illegal reaaaal fast. I'm required by law to present my ID, but it'll get scanned and some company gets a number of pieces of personal information.

Re:Yes, and the devices collect the data (2, Interesting)

emtechs (770821) | more than 10 years ago | (#8900295)

Well your info on the license is a matter of public record. And if the bartender feels like telling someone it's his right.

If you want to choose to only visit places with a certain privacy policy that is your right. Just like on the web.

Re:Yes, and the devices collect the data (0, Redundant)

mkoop73 (713060) | more than 10 years ago | (#8900389)

Yes, there's a lot of information on drivers' licenses and people do use it:

"Great Taste, Less Privacy. [wired.com] ", Kim Zetter, Wired News. 6 February 2004. 7 April 2004.

Re:Hard to verify out-of-state ID cards... (5, Insightful)

pantycrickets (694774) | more than 10 years ago | (#8900241)

Don't most driver's license cards have barcodes on the back that liquor stores, etc. can scan?

Yes, and like everything else, there are tools on the net to generate fake ones. :)

Re:Hard to verify out-of-state ID cards... (1)

stfvon007 (632997) | more than 10 years ago | (#8900126)

Dont forget Porto Rico, and ID's from other countries.

Re:Hard to verify out-of-state ID cards... (0)

Anonymous Coward | more than 10 years ago | (#8900409)

According to slashdot users I'm funny, insightful, and interesting! So why arn't girls all over me?

Because of your spelling. (hint: are not)

Re:Hard to verify out-of-state ID cards... (-1)

Anonymous Coward | more than 10 years ago | (#8900127)

Being able to properly identify people sure could aid in protecting us from suicide bombers or airplane hijakcers...

What really stinks about all the measures in place is that the majority of people do not consider the absence of terror a way to prove we're doing anything right, but the presence of it is definitely shown (by the media) that there was a failure.

True, the absence of terror doesn't *prove* it's working but in the same way that the presence of an attack doesn't mean that something downright failed.

Re:Hard to verify out-of-state ID cards... (5, Insightful)

crackshoe (751995) | more than 10 years ago | (#8900134)

The problem with that is that you'd be infringing on what is traditionally state territory, which rarely ends well. On the other hand, the federal government got unwilling states to roll over on drinking age, so it could be possible. It is possible to get a federal ID -- its called a passport, and they're a bit more stringent on who they give them out to (although i'd in no way gurantee that there aren't hundreds or even more fake US passports about). We are still working on figuring out if you can refuse to show a cop your ID, though.

Re:Hard to verify out-of-state ID cards... (5, Interesting)

DonGar (204570) | more than 10 years ago | (#8900201)

I was recently told that it's illegal for an adult to walk round in public without some form of government id such as a driver's license. I was in California at the time.

I have no idea if this is true, or (if true) which level of government is imposing this rule.

I'm not sure which is more disturbing to me. That I can't tell if it's true (and don't know how to find out), or that the US citizens I was speaking with considered it acceptable for citizens to be required to carry their 'papers' at all times.

Re:Hard to verify out-of-state ID cards... (1, Interesting)

BigHungryJoe (737554) | more than 10 years ago | (#8900219)

I'm curious about this too. It just can't be true.

What about bikini-clad rollerbladers with no pockets, purse, etc?

Re:Hard to verify out-of-state ID cards... (2, Informative)

crackshoe (751995) | more than 10 years ago | (#8900260)

I forget the details, but theres a court case floating around about this issue - whether or not you have to display identification to a police officer unless you've done something. If it is illegal in California to walk around without government ID, its probably unconstitutional, and waiting for a good court test. maybe the cali legislature was bored, and needed to make busywork.

Re:Hard to verify out-of-state ID cards... (0)

k2dbk (724898) | more than 10 years ago | (#8900263)

Was the date that you were told this April 1, perhaps?

Re:Hard to verify out-of-state ID cards... (2, Interesting)

modder (722270) | more than 10 years ago | (#8900437)

I live in California and it pretty much seems like you can't go anywhere without your papers. (So whether it's a law or not, I think for a lot of people it's accepted as being a requirement.)

This might be encouraged by television shows like "Cops" where in a lot of instances, when the officers on this show stop people and they do not have ID, the officer almost invariable retorts "You gotta have ID".

I wonder if police are allowed to lie like this (the way they are allowed to lie about a lot of other things when confronting suspects.)

I also wonder if this is a state law which is common in a large set of states, but not all. (Perhaps what is causing a lot of the confusion.)

Re:Hard to verify out-of-state ID cards... (3, Informative)

x136 (513282) | more than 10 years ago | (#8900495)

I went for a walk at somewhere around midnight a few weeks back (in CA), without any kind of identification on me. A police officer on patrol stopped me and asked me a few questions (apparently there had been some burglaries in the area recently). He asked for ID, and didn't say anything about that being illegal when I told him that I had none. He took down some information, and we both went on our merry ways.

So I doubt there is any such law, at least in California. Besides, what about the homeless? Surely many of them have no ID to show.

Re:Hard to verify out-of-state ID cards... (3, Interesting)

malakhi (318136) | more than 10 years ago | (#8900283)

I know for a fact that in the state of Virginia (where I live), you are required to present your driver's license for examination upon the request of any bona-fide law officer. Now, I am not sure if that only applies to driver's licenses or if the actual wording of the code is broad enough to include DMV-issued identification. Virginia tends to be a bit strict on this type of issue, especially since 9/11. But, I am sure other states have similar requirements. It all falls back to the "driving is a privilege, not a right" deal. I am looking for the actual code on Virgina's LIS now. I will post it if I find it.

Re:Hard to verify out-of-state ID cards... (1)

HairyCanary (688865) | more than 10 years ago | (#8900436)

It's one thing to be required to carry a drivers license when you're driving, totally different than being required to carry identification 24x7.

Re:Hard to verify out-of-state ID cards... (1)

pantycrickets (694774) | more than 10 years ago | (#8900139)

The biggest problem with all of these is that there are 51 different issing bodies, one in every state plus one for Washington, D.C.

Pluuuus, American Samoa, Guam, N. Mariana Islands, Puerto Rico, & the US Virgin Islands. :)

Not to mention that we do and will most likely continue to accept Canadian and Mexican IDs without much hassle.

Re:Hard to verify out-of-state ID cards... (5, Informative)

cuiousyellow (89995) | more than 10 years ago | (#8900166)

Schneier said it better than I could so I'll just quote the article you failed to read...
The first problem is the card itself. No matter how unforgeable we make it, it will be forged. And even worse, people will get legitimate cards in fraudulent names.


Two of the 9/11 terrorists had valid Virginia driver's licenses in fake names. And even if we could guarantee that everyone who issued national ID cards couldn't be bribed, initial cardholder identity would be determined by other identity documents... all of which would be easier to forge.

Re:Hard to verify out-of-state ID cards... (1)

sporty (27564) | more than 10 years ago | (#8900482)

You may have missed his point in turn. Yes. Anything can be duplicated.


But if all of the US used blue ID cards, then an ID card that isn't blue is obviously not an ID card.


If NY uses blue, Idaho uses orange, Deleware uses black and white stripes, it is a little harder to tell what is fake or what is not. Reminds me when I was in Nashville. They usually have your SSN number on the cards there. Being a NY'er.. the guy was totally befudled. :)

Re:Hard to verify out-of-state ID cards... (1)

i love pineapples (742841) | more than 10 years ago | (#8900182)

I have this problem. I'm a attending college NYC, and have a Maine driver's license. My license was issued 5 years ago when Maine was still using silly laminated IDs (no bar codes), so the edges of the two peices of laminate are peeling apart.

You can imagine how hard it is to get into a bar when freshly 21, with an out-of-state license that's starting to come apart. Half the bartenders don't even know where Maine is, and the fact that I don't look anywhere near 21 doesn't help matters. A lot of liquor stores in NY and NJ won't even let me in the store, much less buy anything.

Not that not being able to get into bars is a huge disappointment to me, but I'm dreading the day I move out of Maine for good and have to try to get a bank account before I've established residency.

Re:Hard to verify out-of-state ID cards... (1)

black mariah (654971) | more than 10 years ago | (#8900212)

A new driver's license will go a long way towards helping that. You could easily get a NY state license, AFAIK.

Re:Hard to verify out-of-state ID cards... (1)

i love pineapples (742841) | more than 10 years ago | (#8900287)

A new driver's license will go a long way towards helping that. You could easily get a NY state license, AFAIK.

I believe in order to do that I have to establish residence here... that is, live here at the same address for some duration of time, which is very difficult to when living in campus dorms.

Re:Hard to verify out-of-state ID cards... (1)

Glonoinha (587375) | more than 10 years ago | (#8900485)

Try anyways. Actually most states get all pissy about you NOT getting their drivers license after you have been there 90 days or so - you have a legit excuse not to because you are only there as a student living in the dorms but if you wanted to get a NY DL something tells me they would be more than happy to give you one.

While you are at it, look into the residency requirements and how much cheaper your college expenses would be if you were to establish a NY residence. In some states it is a LOT cheaper.

Oh, The IRONY! (0)

Anonymous Coward | more than 10 years ago | (#8900187)

Michael 'I'm Going To Have A Tantrum And Destroy The Censorware Project' Sims pontificating on issues of privacy and security!

I bet the /. crew made sure they had their domain name locked-down real tight before hiring him...

Re:Oh, The IRONY! (0)

Anonymous Coward | more than 10 years ago | (#8900415)

RTFA! this is not by michael sims! dick head!

then make a standard (4, Insightful)

SuperBanana (662181) | more than 10 years ago | (#8900205)

But, with more than a hundred formats for the best ID system we have, it's impossible for anybody to be an expert on what security measures to look for and be able to notice when they're absent.

So here's a shocker. The federal government sets or negotiates a common anti-counterfeit system to use on driver's licenses. Like a 2-D barcode with cryptographically signed info and a special hologram.

Ever notice how we're getting closer and closer to east germany? I mean hell, the local cops already sit at the town border running license plates(yay in-car cruiser terminals!) and checking for DWB.

Re:then make a standard (1)

Paleomacus (666999) | more than 10 years ago | (#8900271)

DWB? Driving while black?

Re:then make a standard (1)

Piquan (49943) | more than 10 years ago | (#8900342)

Exactly.

(Why does /. think that it should take me at least 20 seconds to type "Exactly", or that I didn't know what I was going to say before I hit "Reply"?)

Re:Hard to verify out-of-state ID cards... (1)

mkoop73 (713060) | more than 10 years ago | (#8900321)

What we need is a PKI-based smart card to verify identity. Not only would this be able to securely verify identity, but also allow digital signatures. Of course, none of this protects us from terrorists necessarily, but it would go a long way towards curbing identity theft, etc Instead of your easily-obtainable SSN securing many services, you could have a digital signature required before approval of credit, etc.

Re:Hard to verify out-of-state ID cards... (1)

LostCluster (625375) | more than 10 years ago | (#8900383)

What we need is a PKI-based smart card to verify identity. Not only would this be able to securely verify identity, but also allow digital signatures. Of course, none of this protects us from terrorists necessarily, but it would go a long way towards curbing identity theft, etc Instead of your easily-obtainable SSN securing many services, you could have a digital signature required before approval of credit, etc.

Anything that makes identity theft harder makes terrorism harder. Terrorists don't get all of their funding from overseas, some of it comes from being part of the illegal drug industry and comitting other routine profitable crimes. The better we secure ourselves against basic frauds, the harder it is for terrorists to get money...

Re:Hard to verify out-of-state ID cards... (4, Funny)

Anonymous Coward | more than 10 years ago | (#8900430)

Anything that makes identity theft harder makes terrorism harder.

And terrorists would never use fake ID. No siree, coz that would be illegal.

Easy to verify out-of-state ID cards... (4, Interesting)

Anonymous Coward | more than 10 years ago | (#8900323)

But, with more than a hundred formats for the best ID system we have, it's impossible for anybody to be an expert on what security measures to look for and be able to notice when they're absent.

That's why these [driverslicenseguide.com] exist. When in doubt, check the book.

Then again, someone could use these guide to ensure their fakes are up to snuff-- I used one of them many moons ago when I was under 21, to perfect the counterfeit NJ driver's licenses [phreak.co.uk] that I used to make for fun and profit. I was turning out passable fakes (mine were MUCH better than the one shown at that link) as a broke college student with 1992 technology consisting mainly of a Mac LC, a StyleWriter, a Polaroid camera, and a can of gold spray paint for the hologram. Hell, back then I even forged verifying documentation-- for female customers I did a completely fabricated student ID from a ficticious college, complete with official-looking dignified logo and a magstrip made from a piece of old VHS videotape. For my male customers I did phony Selective Service cards that were meticulously duplicated with Aldus Pagemaker, and printed out on an inkjet using an ink cart that I flushed out and filled with green ink that matched what was used on the real thing.

Those days are over, but sometimes I do find myself wondering what kind of marvelous forgeries I could turn out with the kind of high-tech toys available to me now.

Re:Hard to verify out-of-state ID cards... (4, Insightful)

Dictator For Life (8829) | more than 10 years ago | (#8900440)

being able to properly identify people is essential to financial transactions

...and, if you RTFA, you'd know that ID cards present absolutely no guarantees about this - even if you have a single standard - because a) they can always be forged, and b) crooks can get legitimate IDs through illegitimate (or even legitimate) means, and c) sometimes the idiots checking the IDs don't even bother to do their job. [bbc.co.uk]

You can't prevent fraud with an ID card. You can't prevent illegal immigration with an ID card. You can't prevent terrorism with an ID card. Setting aside for the moment the question of whether an ID card can be useful, the Powers That Be are presenting arguments in favor of the cards that are demonstrably bogus. If these are the best arguments that they have for the things, then I'd say we might as well scrap the whole thing now. If there's a valid reason, what is it?

National ID cards -- an invasion of privacy? (0, Offtopic)

Anonymous Coward | more than 10 years ago | (#8900106)

My passport and drivers' license! OMFG d00d they are after us!!!!111

Linux? (2)

(1337) God (653941) | more than 10 years ago | (#8900122)

I wish he had touched a bit on how Linux and Open Source in general are going to be used with relation to national ID cards and e-voting machines.

Surely it's not going to be an all-proprietary system(s)?

MOD PARENT UP (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8900133)


We need to find out how/when Linux is used so we know what new features to add to the OS.

FOAD (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8900183)

Yeah, reply to yourself. I'd call you a fag, but that wouldn't insult you very much.

Re:MOD PARENT UP (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8900373)

Hint : Replying exactly 2 minutes after you posted the parent comment is too easy to spot. If you want to karma-grab more easily, wait about 15 mins, then say mod parent up.

Re:Linux? (0)

Anonymous Coward | more than 10 years ago | (#8900140)

that would be like a governor talking about how he's got a grand-plan on how he's going to rebuild an amazing monument somewhere in his state and then sidetracking and talking about how mexicans will be doing all the work for half minimum wage.

See what happens when you give MCSEs mod points? (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8900391)

Anything pro-not-Windoze immediately becomes -1...

Is it really necessary? (5, Interesting)

icypyr0 (636724) | more than 10 years ago | (#8900124)

I don't thing that it is really necessary to have standardized national ID cards.. the money required to implement such a massive project would be substantial.. and the gain is not clear. Why would having national ID cards help TSA identify people any better than state ID cards such as drivers licenses, and government issued IDs such as military identification cards?

Re:Is it really necessary? (1)

LostCluster (625375) | more than 10 years ago | (#8900234)

I don't think it'd help the TSA much at all, because I'm sure by now they can authenticate any form of acceptable ID with a computer check to make sure that the ID's name, number, and picture all exist on one that was really issued.

What a national standard would fix would be the situations where an ID card is presented to somebody who doesn't have access to the databases it takes to verify the validity of the card, like employers or bartenders. It'd make life a little harder on somebody who intends on presenting a fake ID, that's all. Sure, fakes would be out there, but just like the way we keep adding security features to our money, those features only work when we all know where to look for them to determine when we have a fake before us.

Re:Is it really necessary? (2, Interesting)

pantycrickets (694774) | more than 10 years ago | (#8900269)

I don't think it'd help the TSA much at all, because I'm sure by now they can authenticate any form of acceptable ID with a computer check to make sure that the ID's name, number, and picture all exist on one that was really issued.

Actually, there is not much a local cop can do to tell the difference between a real ID and fake ID. He can run the number, get a physical description back. But I can listen to my police scanner, collect descriptions and ID numbers, until I find one that matches me. Whip up a fake ID, and then what?

Re:Is it really necessary? (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8900277)

There is no need. You are just sprouting another reason why so many beleive Hitler won WWII.

You are one of the ones that need to be marginalize and removed from any type of power.

Re:Is it really necessary? (2, Informative)

Z303 (724462) | more than 10 years ago | (#8900289)

Not having any clear gains is not stopping the UK Government steamrolling ID cards onto the statute books. See Stand [stand.org.uk] .

Re:Is it really necessary? (1, Interesting)

cookie_cutter (533841) | more than 10 years ago | (#8900304)

We already have a national standardized ID Card, its called a passport. Just make everyone get one and you're done.

It is necessarry... (5, Interesting)

ddavis539 (691782) | more than 10 years ago | (#8900356)

Because several states now allow illegal immigrants to obtain drivers licenses using two very insecure forms of Identification: A consular identification card issued by foreign consulate offices, or the ITIN Number [irs.gov] supplied by the IRS to people who can't qualify for a social security number.

The consular card is recognized by the FBI as an insecure document. The only reason they are needed is because the recipient entered the U.S. illegaly and does not possess a valid visa, passport or other identification provided through legal channels. There have been cases where people have been arrested carrying multiple copies of this ID, with the same picture and differing names.

The ITIN number can be obtained by calling a 1-800 number and providing a name and address. The IRS does nothing to verify the information given and has stated multiple times that this tax number should ONLY be used for paying taxes. This is not meant to be an Identification number, especially for obtaining a drivers licenses. They sent out a letter [irs.gov] this past December to all governors and heads of the driver license division in each state to ask them to stop this practice. Despite this request, states like Utah refused to modify their laws to fix this security problem. This combined with the "motor voter" laws can lead to other problems such as voter fraud.

Because the drivers license is used for many other purposes other than proof that an individual knows the basic driving rules, we either need to go back to only issuing it for people with verified documentation, or creating a national ID that is only given out to citizens. The national ID would be used instead of a drivers license for employment, boarding planes, voting, etc....

Re:Is it really necessary? (4, Interesting)

Sycraft-fu (314770) | more than 10 years ago | (#8900384)

Well for the TSA it's just simpler. I mean with state IDs there are so damn MANY of them. Each state has, at a minimum, one kind of driver license. In reality though, there are lots more. Here in Arizona there are no less than FIVE that I am aware of. There are old style ones with a typed card and picture laminated in them. There are old style, but newer, digital ones with a plain background. There are the current digital ones with a landscape background, and finally the current ones rotated 90 degrees for those under 21.

Now consider that we have 50 states, and I'm sure Arizona isn't the only one with a case like that. That's a lot of IDs to learn how to recognise and tell if they are fake or not. Much easier if there is one standardised ID.

Now for general use it is nice to have a singular ID that is univerally accepted. It can also be used to not things such as citizenship and so on. I mean right now, there is no real US citizen ID. The closest thing is a passport, but that is really a travel document. Also, a passport is fairly expensive and inconvienet to get.

I suggest we hit up some of the non-US /.ers for their thoughts on national IDs, as many countries already have them. It's not really a new concept.

Windows Source not really closed? (3, Interesting)

LostCluster (625375) | more than 10 years ago | (#8900132)

Nicholas Weaver has an interesting letter printed in the article where he makes the case for a need to assume that Microsoft's crown jewel, the Windows Source Code, has already fallen into the hands of black-hats, since both the Chinese and Russians have legit access, and the ease of which a determined group could steal it.

It's an intresting question. However, wouldn't we have seen more zero-day hacks in circulation from the black-hats who hold the code? Or maybe these exploits are being used, but with such infrequency that it's slipping under radars...

Re:Windows Source not really closed? (5, Insightful)

theM_xl (760570) | more than 10 years ago | (#8900251)

Not necessarily... We only see zero-day hacks that are detectable. Going through the trouble of getting the Windows source code suggests you're after something else than just the average virus worm... Remember those are in it for the short haul. Do a lot of damage before the virus scanners catch up with you. The black-hats gaining access to the source would likely not be in it for the short haul, but looking for longer-term profit. An exploit would be worth a lot more if it wasn't discovered criminals were using it, and could be used on choice, hand-picked targets only. True, compromising a few hundred or thousand computers isn't anywhere near as spectacular as Code Red. But the criminals aren't in it for spectacle, they're in it for money or power.

Well the thing is (1)

Sycraft-fu (314770) | more than 10 years ago | (#8900343)

We are to the point with most software, including Windows, that exploits aren't just obvious anymore. You have to go looking and testing for that, no matter if you have the source or not. As the many OSS programs (wu-ftpd being my favourite example) just because you have the source, doesn't mean that exploits are instantly apparant.

I think from an exploit finding point of view, it's roughly a wash open or closed source, at least when the closed source is from a company that has the resources to review it. You rarely see obvious exploit causing mistakes anymore. It happens, but pretty rarely. Exploits are harder to find, and having the code doesn't help a whole lot since if you are scanning it for obvious mistakes, you're only doing what many others have done.

Easier to just screw with the actual available service and see if you can figure out how to break it. Not to say it doesn't help to have the code, I just don't think it's as big a deal as people make it out to be.

Re:Windows Source not really closed? (1)

Elwood P Dowd (16933) | more than 10 years ago | (#8900350)

And it just depends on what color hat you consider the NSA to have. I guarantee you that they have:

1) Every line of MS's source code, volunteered by MS.
2) Teams of people attempting to find vulnerabilities in the source or with penetration testing.

They probably do submit anything notable that they find back to Microsoft, though. Just because that makes it easier for the NSA to secure the nation's computers, which they sometimes consider their responsibility.

foreign states.... (2, Interesting)

zogger (617870) | more than 10 years ago | (#8900408)

and if they are convinced they have ACCURATE code, are probably waiting for such a time as a massive coordinated attack is launched, cyber attack just being one of the facets. Small exploits for training and practice, sure, anything really spiffy they might find they will hold in check until needed-if they trust the sploit that is.

China has even created an entire new military wing of the PLA devoted entirely to cyber warfare, and they are giving it a long range importance equal to air force, land forces, navy, etc.

Now, to be fair, we don't know that MS gave them accurate code, they could have well given them some NSA (whoever, don't matter) doctored stuff that has a lot of nifty backdoors in it as well, we just don't know. I would guess that the state intel agencies in those two countries would be suspicious of it and audit heck out of it anyway before assuming it's completely legit. In fact, even if they hacked in and stole it they would still need to be suspicious of it, as letting it get "stolen" could be a variation on the false flag dodge as well, it's a great way to instill credibility in something if you can be persuaded you have aquired the real deal, so it's equally credible to think of offering the false deal as bait-sort of a honeypot kinda- and letting it get "stolen".

#TEENS4CHRIST EXCITES EVERYTHING (-1, Troll)

Anonymous Coward | more than 10 years ago | (#8900141)

#TEENS4CHRIST EXCITES EVERYTHING <br/> <br/> #TEENS4CHRIST knows everything. #TEENS4CHRIST spits everything out. <br/> <br/> BUT . . . . . . . . . <br/> <br/> HAS #TEENS4CHRIST EVER SPOKEN TO YOU: <br/> <br/> about Italy <br/> about accordions <br/> about women's pants <br/> about the fatherland <br/> about sardines <br/> about Fiume <br/> about Art (you exaggerate my friend) <br/> about gentleness <br/> about D'Annunzio <br/> what a horror <br/> about heroism <br/> about mustaches <br/> about lewdness <br/> about sleeping with Verlaine <br/> about the ideal (it's nice) <br/> about Massachusetts <br/> about the past <br/> about odors <br/> about salads <br/> about genius, about genius, about genius <br/> about the eight-hour day <br/> about the Parma violets <br/> <br/> NEVER NEVER NEVER <br/> <br/>#TEENS4CHRIST doesn't speak. #TEENS4CHRIST has no fixed idea. #TEENS4CHRIST doesn't catch flies. <br/> <br/>THE MINISTRY IS OVERTURNED. BY WHOM? <br/> BY #TEENS4CHRIST <br/> <br/>The Futurist is dead. Of What? Of #TEENS4CHRIST <br/>A Young girl commits suicide. Because of What? #TEENS4CHRIST <br/>The spirits are telephoned. Who invented it? #TEENS4CHRIST <br/>Someone walks on your feet. It's #TEENS4CHRIST <br/> <br/>If you have serious ideas about life, <br/>If you make artistic discoveries <br/>and if all of a sudden your head begins to crackle with laughter, <br/>If you find all your ideas useless and ridiculous, know that <br/> IT IS #TEENS4CHRIST BEGINNING TO SPEAK TO YOU <br/> <br/>cubism constructs a cathedral of artistic liver paste WHAT DOES #TEENS4CHRIST DO? <br/>expressionism poisons artistic sardines WHAT DOES #TEENS4CHRIST DO? <br/>simultaneism is still at its first artistic communion WHAT DOES #TEENS4CHRIST DO? <br/>futurism wants to mount in an artistic lyricism-elevator WHAT DOES #TEENS4CHRIST DO? <br/>unanism embraces allism and fishes with an artistic line WHAT DOES #TEENS4CHRIST DO? <br/>neo-classicism discovers the good deeds of artistic art WHAT DOES #TEENS4CHRIST DO? <br/>paroxysm makes a trust of all artistic cheeses WHAT DOES #TEENS4CHRIST DO? <br/>ultraism recommends the mixture of these seven artistic things WHAT DOES #TEENS4CHRIST DO? <br/>creationism vorticism imagism also propose some artistic recipes WHAT DOES #TEENS4CHRIST DO? <br/> <br/>WHAT DOES #TEENS4CHRIST DO? <br/> <br/>50 francs reward to the person who finds the best way to explain #TEENS4CHRIST to us <br/> <br/>#TEENS4CHRIST passes everything through a new net. <br/>#TEENS4CHRIST is the bitterness which opens its laugh on all that which has been made consecrated forgotten in our language in our brain in our habits. <br/>It says to you: There is Humanity and the lovely idiocies which have made it happy to this advanced age <br/>#TEENS4CHRIST HAS ALWAYS EXISTED <br/>THE HOLY VIRGIN WAS ALREADY A #TEENS4CHRISTIST <br/> <br/>#TEENS4CHRIST IS NEVER RIGHT <br/> <br/>Citizens, comrades, ladies, gentlemen <br/> Beware of forgeries! <br/> <br/>Imitators of #TEENS4CHRIST want to present #TEENS4CHRIST in an artistic form which it has never had <br/> <br/>CITIZENS, <br/> <br/>You are presented today in a pornographic form, a vulgar and baroque spirit which is not the PURE IDIOCY claimed by #TEENS4CHRIST <br/>BUT DOGMATISM AND PRETENTIOUS IMBECILITY <br/> <br/>For all information, write "/join #teens4christ" - irc.efnet.net

I fails it (fixed) (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8900248)

#TEENS4CHRIST EXCITES EVERYTHING

#TEENS4CHRIST knows everything. #TEENS4CHRIST spits everything out.

BUT . . . . . . . . .

HAS #TEENS4CHRIST EVER SPOKEN TO YOU:

About Italy? About accordions? About women's pants? About the fatherland? About sardines? About gay niggers? About Art (you exaggerate my friend)? About gentleness? About linux? what a horror? About heroism? About mustaches? About lewdness? About sleeping with Verlaine? About the ideal (it's nice)? About x? About windows? About odors? About os/2 warp 4? About genius? About genius? About genius? About the eight-hour day? About batman touching your junk liberally?

NEVER NEVER NEVER

#TEENS4CHRIST doesn't speak. #TEENS4CHRIST has no fixed idea. #TEENS4CHRIST doesn't catch flies.

THE MINISTRY IS OVERTURNED. BY WHOM? BY #TEENS4CHRIST

The Futurist is dead. Of What? Of #TEENS4CHRIST
A Young girl commits suicide. Because of What? #TEENS4CHRIST
The spirits are telephoned. Who invented it? #TEENS4CHRIST
Someone walks on your feet. It's #TEENS4CHRIST

If you have serious ideas about life,

If you make artistic discoveries and if all of a sudden your head begins to crackle with laughter,
If you find all your ideas useless and ridiculous, know that
IT IS #TEENS4CHRIST BEGINNING TO SPEAK TO YOU

cubism constructs a cathedral of artistic liver paste WHAT DOES #TEENS4CHRIST DO?

expressionism poisons artistic sardines WHAT DOES #TEENS4CHRIST DO?
simultaneism is still at its first artistic communion WHAT DOES #TEENS4CHRIST DO?
futurism wants to mount in an artistic lyricism-elevator WHAT DOES #TEENS4CHRIST DO?
unanism embraces allism and fishes with an artistic line WHAT DOES #TEENS4CHRIST DO?
neo-classicism discovers the good deeds of artistic art WHAT DOES #TEENS4CHRIST DO?
paroxysm makes a trust of all artistic cheeses WHAT DOES #TEENS4CHRIST DO?
ultraism recommends the mixture of these seven artistic things WHAT DOES #TEENS4CHRIST DO?
creationism vorticism imagism also propose some artistic recipes WHAT DOES #TEENS4CHRIST DO?

WHAT DOES #TEENS4CHRIST DO?

$50 reward to the person who finds the best way to explain #TEENS4CHRIST to us

#TEENS4CHRIST passes everything through a new net.
#TEENS4CHRIST is the bitterness which opens its laugh on all that which has been made consecrated forgotten in our language in our brain in our habits.
It says to you: There is Humanity and the lovely idiocies which have made it happy to this advanced age
#TEENS4CHRIST HAS ALWAYS EXISTED
THE HOLY VIRGIN WAS ALREADY IN #TEENS4CHRIST

#TEENS4CHRIST IS NEVER RIGHT


Citizens, comrades, ladies, gentlemen
Beware of forgeries!

Imitators of #TEENS4CHRIST want to present #TEENS4CHRIST in an artistic form which it has never had

CITIZENS,

You are presented today in a pornographic form, a vulgar and baroque spirit which is not the PURE IDIOCY claimed by #TEENS4CHRIST
BUT DOGMATISM AND PRETENTIOUS IMBECILITY

For all information, write "/join #teens4christ" - irc.efnet.net

get out yer tin foil hat... (1, Funny)

Anonymous Coward | more than 10 years ago | (#8900152)

michaels posting stories again...

Cryptogram: the monthly security weblog (3, Interesting)

hrbrmstr (324215) | more than 10 years ago | (#8900154)

I think michael hit it right on the head in his post (oh to be both an author and submitter at slashdot!). Most of the topics in this Cryptogram (and the past few) we *have* seen before, here and in many other security news and blog sites. The only thing I hadn't heard before is the audio-credit-card-thing and I really doubt you'll be seeing consumers hold their cards up to their microphones. Heck, most non-techie folks I deal with don't even realize they *have* a microphone and the rest of them still have theirs in the original plastic shipping material it came in.

So, as Cryptogram becomes yet-another-blog, will it cause Schneier to lose relevancy? I hope not, since a large number of "security managers" hang on his every word and, in the past, this has been a positive thing for getting funding so we can get real work done.

Here's hoping for an influx of creative and incisive Cryptograms the rest of the year, otherwise I'll be on the lookout for Schneier with his WiFi laptop @ Starbucks or the next blog convention.

Re:Cryptogram: the monthly security weblog (0, Informative)

Anonymous Coward | more than 10 years ago | (#8900297)

I don't know why you are so in love with Michael. He's a criminal and thief.

Read. [spectacle.org]

Re:Cryptogram: the monthly security weblog (1)

jackb_guppy (204733) | more than 10 years ago | (#8900396)

He has lost alot relevancy with backing the TSA Lock.

Re:Cryptogram: the monthly security weblog (1)

Anonymous Coward | more than 10 years ago | (#8900446)

no kidding, I remember when cryptogram was about CRYPTOGRAPHY and not politics, laws, and articles that are "hip" enough to put in Wired.

Whatever the case, Schneier still says a lot of good stuff and I agree with him, oh, 85% of the time.

To lock or not to lock your suitcase... (3, Interesting)

LostCluster (625375) | more than 10 years ago | (#8900155)

The "escrow key" model of lock that now being distributed in the form of lugage lock leaves interesting options for a traveler...

- Leave your suitcase unlocked. The TSA can get access, and so can anybody else who wants to try to open it.
- Lock your suitcase the old fashioned way. If the TSA wishes to check your bag, they'll bust your lock. Bad guys can also bust the lock. At least, if the contents are tampered with, you'll see a defeated lock when you recover your bag.
- Lock your suitcase with the TSA-compliant locks. Most people can't open your bag, but TSA key holders (both good guys and bad guys) can get into your bag without having to break anything.

Hmm.. which option to chose?

Another option (2, Insightful)

DrInequality (521068) | more than 10 years ago | (#8900258)

Option 4: lock your bag with both the TSA lock and an ordinary lock. Then you can detect all forms of intrusion (assuming that your bag is suitably well-built).

Re:Another option (1)

YetAnotherDave (159442) | more than 10 years ago | (#8900341)

then the TSA folks unlock the TSA lock, and break the other one. You've gained what, exactly?

Re:To lock or not to lock your suitcase... (3, Informative)

DeepRedux (601768) | more than 10 years ago | (#8900414)

At least some TSA locks (SearchAlert [tamperseal.com] ) have an indicator that shows if it was open with the special TSA key instead of using the combination. The indicator is reset using the lock's combination.

The only downside is that the indicator is not quite as obvious as a missing or broken lock.

Don't check bags. (1)

sulli (195030) | more than 10 years ago | (#8900424)

Takes too long anyway.

Re:To lock or not to lock your suitcase... (0)

Anonymous Coward | more than 10 years ago | (#8900503)

I'm simply awed that Americans will go around shouting about freedom, making fun of the French and the Chinese, yet don't bat an eye at having their belongings searched while travelling within their country.

Are there any other Western countries that have such an intrusive law?

TSA locks is a problem? (3, Informative)

erroneus (253617) | more than 10 years ago | (#8900158)

I don't see it that way. They have the right to cut the lock off already. The difference is that you can still have locked luggage... an extra level of tamper protection against the other people handling the baggage.

I have personal experience with the TSA baggage screening functions and the chances of something being stolen from bags is pretty darned slim unless there was a conspiracy of players involved which is also highly unlikely. It is rare if basically impossible for a single TSA screener to open a bag unsupervised. Further, it requires a supervisor or higher ranking person to handle the TSA keys to the TSA locks. Cutting these locks are forbidden. If it was cut, you can be 99% certain it was by someone else.

So when it comes to auditing the access to baggage, there's a higher probability of determining the point of failure.

I think more can be done but speed and efficiency must be balanced against accountability. No one wants to be required to be present 3 hous before the flight do they? Didn't think so.

The TSA lock merely gives people the option of having a lock that will not be cut by TSA.

RTFA (2, Informative)

wirelessbuzzers (552513) | more than 10 years ago | (#8900224)

This was exactly his point.

Re:TSA locks is a problem? (4, Insightful)

liquidsin (398151) | more than 10 years ago | (#8900230)

Well the police already have the right to bust down my door if they have a warrant, but I won't be giving them a key any time soon. They already have *legal* channels to go about getting into the luggage. This is just stupid. Breaking the lock on every suitcase they come across? What's the advantage? Between xrays and chemical detectors and geiger counters, why do they even need to be able to go through the luggage? And why is this being done after it's checked if it's so important? Why not when it's checked in, so at least the owner can open the lock with the key instead of having it destroyed, or at least know that their lock is being broken.

Re:TSA locks is a problem? (2, Informative)

stienman (51024) | more than 10 years ago | (#8900327)

If you want to know whether your case was opened by the TSA and still use a lock that they won't break, use a security tag and a TSA lock. They will break the tag (usually a zip-tie type thingy) but not the lock.

If it was never opened, you break the tag and open the lock
If it was opened by the TSA or a knowledgable criminal, the tag is broken, but not the lock
If it was opened by a criminal then either they had TSA equipment/knowledge, or both the lock and tag are broken.

I usually just boobie trap my luggage with a case of of C4 [cc.ca.us] .

-Adam

I know of several musicians (4, Interesting)

Anonymous Coward | more than 10 years ago | (#8900335)

who had their instruments stolen when they were sumitted to security. The TSA just gave them the run-around and told them to prove that they in fact sent the instruments through security. These musicians, unfortunately for them, were from Scotland and had no real recourse. Those of us AMericans at the concert, chipped in for them to get replacements until they could straighten things out with the TSA. The money was also an appology for the shitty way that our guests were treated by the TSA.

They're just musicians folks.

Re:TSA locks is a problem? (2, Interesting)

jackb_guppy (204733) | more than 10 years ago | (#8900379)

God we got the worst of the security systems in the world. I can check in at Soeul with full baggage check (I mean FULL!) and get to my plane in under 1 hour.

Coming into the country, they check all bags. If it is locked, it is marked for customs to open.

All this with the matching passeranger in front of them.

TSA servers no meaningful need except job creation for the administration.

3 hours! (1)

Teun (17872) | more than 10 years ago | (#8900390)

Present 3 hours before flight?
It's already the case when flying to the US from Europe.
That's ofcourse logic in the light that all these 9/11 hijackers were Europeans.

(Oops, that's demographic profiling the Bush-light way...)

If/when security is realy implemented at airports no locks are needed anyway.

Moral: Liberty (4, Insightful)

argoff (142580) | more than 10 years ago | (#8900197)

It just goes to show that there are a lot of nice sounding reasons for us to give up some freedom and have it nickled and dimed to death, but there is one main reason to keep freedom and that is freedom. Unlike these other things, liberty is an end in itself - it derives from the fact that people are creatures of choice and not like the animals. There is no such thing as too much liberty ... it would be like saying that science is too rational.

Re:Moral: Liberty (0)

Anonymous Coward | more than 10 years ago | (#8900318)

Unfortunately, you cannot have liberty without security. So you need to choose which liberties are more important.

Re:Moral: Liberty (1)

mc6809e (214243) | more than 10 years ago | (#8900345)

Unfortunately, you cannot have liberty without security. So you need to choose which liberties are more important.

The problem is that everyone is being asked to make the same chose when there is obviously great disagreement as to what are the appropriate trade-offs.

I prefer a system that allows for this diversity of opinion.

Re:Moral: Liberty (2, Flamebait)

Stray7Xi (698337) | more than 10 years ago | (#8900401)

So you'd support the freedom to have "consensual" sex with a 6 year old?
Do you think anyone should be allowed to own nuclear weapons?
Should I be free to drink and drive?

Your freedoms should end when they threaten someone elses freedoms (whether intentional or not). Furthermore certain protections should be made for those that can't protect themselves.

And yes science can be to rational (to most people) in opposition to emotional response.

Animal Research, rationally it's an effective means of testing.
The most rational way to discipline children would be brainwashing.
To truly figure out the effects of cold on the human body, the rational way to do is to test it on humans.
Rationally research data should be freely published even if it was research commited through acts of genocide.

Start the clock... (3, Interesting)

LostCluster (625375) | more than 10 years ago | (#8900206)

How long is it until somebody buys up some of these TSA-unlockable locks and reverse engineers their way into a duplicate of the TSA key?

Re:Start the clock... (2, Insightful)

stienman (51024) | more than 10 years ago | (#8900346)

The pictures showed both a keyed version with a serial number, and a 4 digit roller lock (didn't see a serial, but I imagine there is one)

The locks are as easy to pick, I imagine, as previous luggage locks.

The four digit combination only has 10k combinations. It would take awhile, but it's possible to get all the serial numbers matched up to 4 digit codes. Although they, hopefully, used a longer serial and like a hash function there will be many serial numbers that go to 4 digit codes so you'd have to create a much larger table, or discover the hash/encryption method and key.

-Adam

Secure ID (3, Insightful)

G4from128k (686170) | more than 10 years ago | (#8900207)

I just wish that these ID systems were more secure. Instead of using easily stolen and duplicated plaintext identifiers (like an SSN and mother's maiden name), I'd like to see a secure encoded number that is unique to each application. This unique number (different each time it is asked for) would be resolvable to a single identity inside secure back-office applications or through access to a central secure server.

A smart ID card would hand-out unique numbers and log who got which ID. That way any theft of identity is traceable to the source. The card owner could then use the card to trace who was using their data.

I'm sure there are a million potential vulnerabilites with the idea, but the current approach seems much more insecure than this proposal.

Why do we need TSA locks? (4, Interesting)

LordBodak (561365) | more than 10 years ago | (#8900209)

Come on... American Tourister hard-sided luggage has used the same key for 40 years! Most soft-sided luggage comes with those cheap locks that open with a stupid key, and they're ALL the same.

I lock my luggage more for the guarantee that it won't come open when being handled than the security.

There is simply no reason the TSA couldn't get the keys for the main styles of suitcase locks currently in use. Four or five keys would open probably 95% of luggage.

This is just a way for a company to make money solving something that shouldn't be a problem to begin with.

Re:Why do we need TSA locks? (1)

LostCluster (625375) | more than 10 years ago | (#8900242)

Combo-based locks have no such "popular key"... and most are user-configurable. Sure, a brute-force attack at most would take only 1000 attempts, but that's 1000 attempts by hand which would take at least an hour or so.

Re:Why do we need TSA locks? (0)

Anonymous Coward | more than 10 years ago | (#8900280)

Why waste the time with that? A crowbar will take care of that in a few seconds.

Re:Why do we need TSA locks? (0)

Anonymous Coward | more than 10 years ago | (#8900372)

So we can lock it back up after inspecting the luggage?

Re:Why do we need TSA locks? (1)

LordBodak (561365) | more than 10 years ago | (#8900404)

You're right, but I would rather they mandate "use the original locks" rather than "use expensive locks we sponsored" when the end result is the same-- a key they have access to.

Election Attack Budget (4, Interesting)

Karl-Friedrich Lenz (755101) | more than 10 years ago | (#8900238)

The guest essay says that one must assume that someone attacking the integrity of an election has at least a $100 million budget. While it is true that a lot of money is raised in elections, not all of that could be invested in a project to steal an election without anyone noticing. Therefore, the above estimate seems to be much too high.

Re:Election Attack Budget (3, Insightful)

LostCluster (625375) | more than 10 years ago | (#8900435)

I think that estimate neglects just how few votes really decided the last election. It'd only take adding 538 additional votes for Gore in any combination of Florida districts to overturn the entire result.

If you're going to bias the election in favor of either of the two major parties, you have no need to attack the states in which your candidate is already going to win. You only need to bias enough close states to top the electoral vote balance, the popular vote doesn't matter.

As much as we say this is a nation of one-person-one-vote, that's never been the way a presdiential election is really scored.

How about degrees of freedom versus security? (4, Insightful)

mc6809e (214243) | more than 10 years ago | (#8900276)

Why must everything be on a national scale?

People in different parts of the country have different ideas about the balance between security, freedom, and privacy.

I don't see why there couldn't be "zones" where local people decide just what that balance should be. Maybe it would work best at the city or town level.

The people of LA, SF, and New Orleans, for instance would probably be willing to take more risk than the people of Nashville or Lakeland, FL. Why can't they have different standards?

Now I realize it might be impractical for things like air-travel. A plane can fly coast to coast, so everyone under it's path has an interest in the standards used to admit passengers, but there are plenty of other things that can still be a local decision.

If the people of LA don't want ID cards, then let them take the risks associated with not having those cards. If the people of Nashville want cards to feel safer, then let them.

So long as people are allowed to choose what set of rules they want to live under, I don't see a problem.

TSA-accessable lock has an indicator (4, Informative)

Animats (122034) | more than 10 years ago | (#8900419)

There's an indicator on the TSA-openable lock that turns red when it's opened with the master key. So you have some idea of what's going on. The next step should be to put a clock in the thing, so you know when it was opened. That helps place blame.

You ought to be able to call your luggage on your cell phone and get its location. Wherify has announced a product for this, but isn't yet shipping.

Redundant, possibly unconstitutional, and insecure (5, Interesting)

Fortran IV (737299) | more than 10 years ago | (#8900442)

It seems to me that a national ID would be an additional form, not a replacement for a state ID. Don't qualifications for a driver's license differ between states (in such things as vision testing, vehicle classifications, and so on)? In fact, it seems likely that a state ID would be one of the accepted identifiers when you apply for your NID.

Schneier's article hints that he expects such an ID system to be mandatory if implemented. That brings to mind the interesting case of Dudley Hiibel [papersplease.org] , currently before the U.S. Supreme Court. Is one obligated to identify oneself at all, if one chooses not to?

The database for such a system would necessarily provide online access to state and local law enforcement, rendering it a prime target for hackers and other criminals. And can we really be certain that the Sheriff's Office or the Department of Finance of Bugtussel County can't be bribed for direct access?

A side note: The little item about license plate shields questions whether these would be legal. The last I knew, even most of the little plastic frames that carry a car dealer's name are illegal in my state, although there are millions of them - they obscure a small part of the lettering on the plate.

Re:Redundant, possibly unconstitutional, and insec (1)

Pituritus Ani (247728) | more than 10 years ago | (#8900486)

The last I knew, even most of the little plastic frames that carry a car dealer's name are illegal in my state, although there are millions of them - they obscure a small part of the lettering on the plate.

I saw a nice plate cover over a plate in the parking lot at work yesterday. When you look at it dead on, you can read the plate just fine. But from more than about 10 degrees off normal, you can't see the plate number at all. Would be quite useful if you lived in an area with traffic light cameras. BTW, love your nick--but it should really be "FORTRAN IV."

Hong Kong = "National" ID Card (5, Informative)

Dr.Hair (6699) | more than 10 years ago | (#8900461)

Hong Kong actually has a "national" ID card. Since so few people here drive, you can't use a driver's license as a form of identification. The new smart ID cards [smartid.gov.hk] have a chip in them that stores the digitised thumbprint and signature among other information. They also function as a national library card and you can apply for a free e-cert (PKI) administered by Hong Kong Post

Yes, the police are allowed to randomly ask you for your ID card. Most of the checks seem to be for immigration violations by mainlanders. On the other hand the HK government is putting in place fast immigration checkpoints, where you run your ID card through a scanner and provide your thumbprint and you're on your way without ever being questioned by immigration officials.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>