Re: Fortress America mans the ramparts
At 08:54 AM 4/10/04 -0700, Steve Schear wrote:
Wolfe is also scathing of steps taken post September 11 to protect airports. "It's not real security. This is eyewash security. This is for public consumption so that people think that they are doing something."
Several years ago, on this list I belive, I coined a word to describe such foolery - securisimilitude.
"Security theatre" is perhaps as good, and fewer syllables besides. "Fortress America" might be "Maginot-Asylum America" more precisely. PS: what happens if your passport's chip doesn't work? Do you get sent back and the airline fined $10K? Do you wait extra time while the still-readable passport number indexes your record online? How much extra time? (Anyone have experience with domestic eg traffic pigs discovering that your magstrip is corrupted?) Are all chip biometrics encrypted with the same key? How much does that cost on BlackNet these days? How much extra should our Seals Flaps and Documents dept charge? ---- Do you need an air quality management district permit to burn hostages?
"Major Variola (ret)" <mv@cdc.gov> writes:
PS: what happens if your passport's chip doesn't work? Do you get sent back and the airline fined $10K? Do you wait extra time while the still-readable passport number indexes your record online? How much extra time? (Anyone have experience with domestic eg traffic pigs discovering that your magstrip is corrupted?)
Are all chip biometrics encrypted with the same key? How much does that cost on BlackNet these days? How much extra should our Seals Flaps and Documents dept charge?
Details are available from sources like http://www.icao.int/mrtd/download/documents/Biometrics%20deployment%20of%20M... and http://www.icao.int/mrtd/download/documents/PKI%20Digital%20Signatures.PDF (in general the docs are at http://www.icao.int/mrtd/download/documents/, where MRTD = machine-readable travel documents) although you have to be careful what you reference since they're still frantically updating the designs as they go, so any document will be out of date in a few months. It's also being (as far as I can tell) designed by people with little or no security experience, under intense pressure from the US to Do Something About Security. Early technical drafts I saw (not the generic whitepapers on the site, which are pretty vague) were an appalling pile of kludgery. From what I've heard since then it hasn't gotten any better. I dunno whether this is because the work is being contracted out to the Usual Suspects, who don't know much about the area, or whether they did try and get experienced people in and were told that what they were trying to do wouldn't work and/or couldn't be done in less than 5-10 years. Peter.
participants (2)
-
Major Variola (ret)
-
pgut001@cs.auckland.ac.nz