August 6, 2009 4:16PM

The Twelve‐​Minute ID Card Hack

Several people today have sent me the article in the Daily Mail (UK) discussing the twelve‐​minute hack on a UK identity card. Security consultant/​hacker Adam Laurie was apparently able to rewrite the data on the card in very short order.

This would imply that making a more secure card is an improvement. But more security in a national ID card almost inevitably means less security for the individual in terms of privacy and autonomy.

We don’t want a highly secure national ID card. We want a diverse and competitive identity and credentialing system. In such a system, governments may serve as identity providers. But that is not necessary and, given their powers, not desirable.