[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Red team attacks vs. cracking

On Tuesday 30 May 2006 13:02, Adam Borowski wrote:
> On Tue, May 30, 2006 at 12:20:14PM -0700, Paul Johnson wrote:
> > Even the guy at 7-Eleven has the big book of north american ID cards with
> > pictures and descriptions of what makes a real one for when they
> > encounter an ID that they've never seen before.  Surely Debian can do as
> > well as the guy selling cigarettes and beer at the 7-Eleven when it comes
> > to verification...
> How can you check if an ID card is real based only on what is written
> on the card, even if it has all the hallmarks mentioned in that book?

If you don't trust the ID, you don't sign the key.  But having the book to be 
able to get a bad feeling about the ID from sure beats the apparent current 
system of "Sign the key and hope the ID is for real."

> See, if you visit a bazaar, I bet a helpful guy with a Russian accent
> can sell you a perfectly valid passport for less than $50.  Several
> years ago, a friend of mine actually asked someone at the Stadion
> 10-lecia in Warsaw, and was led to a guy with a number of blank Polish
> IDs for ~$25 each...
> That's about what checking government-issued IDs is worth.

Perhaps in that part of the world, yes.

Paul Johnson
Email and IM (XMPP & Google Talk): baloo@ursine.ca
Jabber: Because it's time to move forward  http://ursine.ca/Ursine:Jabber

Attachment: pgpH1scvMM1yh.pgp
Description: PGP signature

Reply to: