(They let me in eventually with a passport. But if they're going to trust a foreign-issued passport as photo id, it's not really that obvious to me why they wouldn't trust a foreign-issued driving licence. It's not like they can really tell whether either of them are forged.)
What I've never understood is, that, how a gov't issue ID (for the purposes of allowing entry) is of any use whatsoever. It's not as if someone is doing a instand background check to know if the person is a criminal, or wanted, or whatever. It's trivial to forge a gov't ID. -- Alex Rubenstein, AR97, K2AHR, alex@nac.net, latency, Al Reuben Net Access Corporation, 800-NET-ME-36, http://www.nac.net
At 1:07 PM -0400 10/23/06, Alex Rubenstein wrote:
What I've never understood is, that, how a gov't issue ID (for the purposes of allowing entry) is of any use whatsoever.
It's not as if someone is doing a instand background check to know if the person is a criminal, or wanted, or whatever. It's trivial to forge a gov't ID.
I'll disagree; it's rather challenging to create a state drivers license or state ID card which will also pass third-party database verification. Hence, a requirement for such an ID supplied in advance with enough time to verify it provides a very solid basis of identification. (As smb noted, it says nothing at all about authorization, but that's a different problem which one can address after you have a high enough certainty for identification). /John
On Mon, Oct 23, 2006 at 01:07:56PM -0400, Alex Rubenstein wrote: [snip]
What I've never understood is, that, how a gov't issue ID (for the purposes of allowing entry) is of any use whatsoever.
No matter how easy to forge, *requiring* them raises the risk/reward bar. Penalties for forging Q Random Company ID are less than those related to forging "government issue" IDs. Of course, it moves the bad guys' gamble to 'will there be a rent-a-cop that doesn't check the ID book or have they installed actual lookup facilities'? Cheers, Joe -- crimson@sidehack.gweep.net * signature@rsuc.gweep.net RSUC / GweepNet / Spunk / FnB / Usenix / SAGE
On Mon, 23 Oct 2006, Alex Rubenstein wrote:
(They let me in eventually with a passport. But if they're going to trust a foreign-issued passport as photo id, it's not really that obvious to me why they wouldn't trust a foreign-issued driving licence. It's not like they can really tell whether either of them are forged.)
What I've never understood is, that, how a gov't issue ID (for the purposes of allowing entry) is of any use whatsoever.
It's not as if someone is doing a instand background check to know if the person is a criminal, or wanted, or whatever. It's trivial to forge a gov't ID.
I see the frustration, but not the problem. 1. Verify with your supplier that they are sending somebody. 2. Get names and other identifying details to your satisfaction. 3. And this is the tricky part - identify them. Identification: --------------- There are many solutions for #3 to happen. Any badge-based security system can be broken with 5 minutes worth of operational intelligence gathering, if you are that much of a target for someone to care. All you need is to actually have security with a beurocratic system for admitting people and enforcing others don't get in, and then work it out with your supplier/whoever else you want to let in. In-doors: --------- Once you identify them, depending on your concerns, make sure they are escorted through-out their stay or just let them roam. Conclusions: ------------ I think that although your concerns are justified, they are msiplaced with AT&T, they should be with your own security, if it is of importance - which may not be the case. Gadi.
participants (4)
-
Alex Rubenstein -
Gadi Evron -
Joe Provo -
John Curran