Tim May wrote:
On Friday, September 14, 2001, at 08:53 AM, Howie Goodell wrote:
<snip>
One example: the IDs for airplane crews, and eventually everyone who travels or goes near an airliner, could be "smart cards" containing their owners' biometric identifiers -- like fingerprints, voice, picture, and retinal scan -- cryptographically signed by the agency that collected them.
You are not a friend of ours. This is such a leap into the Surveillance State Void that I am speechless that any member of our list, even Choate or Farr, could advocate it.
... In fact the scanners could be designed without removable storage or communications links: after a few days they would erase
This last point is crucial. Most of the debate about
Allow me to re-quote the end of my paragraph, and following paragraph which was the one I really cared about: their records unless they were read out after a hijacking. personal identification assumes there is a fundamental trade-off between being insecure and becoming a police state; therefore democracies have to settle for some compromise that is only halfway secure and only halfway free. This is not true today. Electronic and cryptographic technology like David Chaum's "blind signature" and "personal representative" lets us design systems with both strong security and strong protection of privacy and individual freedom. (See his August, 1992 _Scientific American_ article, "Achieving Electronic Privacy".) My point was that we should sell crypto as a way to achieve security. That's a product people are buying this week. Cryptographic protocols can square the circle; provide both privacy and security. So let's be imaginative and sell, sell, sell! These smart cards don't need to be connectable to your identity; just your body and a responsible party's signature. American Airlines and Lloyds put $1B behind my biometrics being one of an authorised class of pilots or plane cleaners. Who I am isn't necessary. Biometric scanners can be open source as well as unconnected. The signature on the card can be blind (albeit after a mind-boggling number of Chaumian challenges.) Databases of biometrics can be separated from identity and accessed through remailers. If we can get the bandwagon rolling our way, we have a chance to steer it. If not -- well, you're better at those metaphors. Take care! Howie Goodell -- Howie Goodell hgoodell@cs.uml.edu Pr SW Eng, WearLogic Sc.D. Cand HCI Res Grp CS Dept U Massachussets Lowell http://people.ne.mediaone.net/goodell/howie Dying is soooo 20th-century! http://www.cryonics.org