Lessons Learned from the Estonian National ID Security Flaw

Estonia recently suffered a major flaw in the security of their national ID card. This article discusses the fix and the lessons learned from the incident:

In the future, the infrastructure dependency on one digital identity platform must be decreased, the use of several alternatives must be encouraged and promoted. In addition, the update and replacement capacity, both remote and physical, should be increased. We also recommend the government to procure the readiness to act fast in force majeure situations from the eID providers.. While deciding on the new eID platforms, the need to replace cryptographic primitives must be taken into account -- particularly the possibility of the need to replace algorithms with those that are not even in existence yet.

Posted on December 18, 2017 at 6:08 AM • 48 Comments

Comments

Clive RobinsonDecember 18, 2017 9:14 AM

Hmm, what were those old sayings,

    Never put all your eggs in one basket
    A chain is only as strong as it's weakest link

And so many others I'm sure people can name.

There are other more technical observation made about astronauts going into space. John Glenn's version was,

    “As I hurtled through space, one thought kept crossing my mind - every part of this rocket was supplied by the lowest bidder.”

Which kind of got highlighted with Apollo 1. Later he answered a question with,

    I felt exactly how you would feel if you were getting ready to launch and knew you were sitting on top of 2 million parts — all built by the lowest bidder on a government contract.

Alan Sheppard was also credited with,

    It's a very sobering feeling to be up in space and realize that one's safety factor was determined by the lowest bidder on a government contract.

In French they have one word "sécurité" that covers both security and safety. Which is a point people need to remember, that sometimes they are both the same. Thus they should ask the question of government mandated security solutions that companies bid for,

    If we are forced to use this, is this safe and secure, and how do we both know and prove it?

The only sensible option if proof is not forthcoming is "To just say NO"...

Dana SchwartzDecember 18, 2017 11:10 AM

(So none of the astronauts’ safety was credited to the government employees at NASA?)

There is a need for more than one design philosophy (eg Profit, Safety, Security, etc) to be incorporated in project design, plus an ease for changes during and after development without expensive and time consuming contract renegotiation.

Security SamDecember 18, 2017 11:27 AM

Alas there was a latent vulnerability
In the obscure land known as Estonia
But, the elliptic curve cryptography
Made the issue sparse as Patagonia.

AnuraDecember 18, 2017 11:28 AM

@Colonel Panik

Real ID is a standard, not a national ID. It details what information needs to be provided to obtain an ID, and what information that ID needs to contain.

Snarki, child of LokiDecember 18, 2017 11:34 AM

“As I hurtled through space, one thought kept crossing my mind - every part of this rocket was supplied by the lowest bidder.”

A long time ago, in a galaxy far, far away, Darth Vader found out the same thing about the Death Star.

Jarrod FratesDecember 18, 2017 12:12 PM

"In addition, the update and replacement capacity, both remote and physical, should be increased. ... While deciding on the new eID platforms, the need to replace cryptographic primitives must be taken into account -- particularly the possibility of the need to replace algorithms with those that are not even in existence yet."

This seems to call for the ability to remotely update firmware on the cards. Is this a capability of the existing cards? Yubikey blocks firmware updates on its devices as an unacceptable security risk due to the threat of malware that could read private keys. What is the risk/reward balance for such a capability on a national ID card?

WinterDecember 18, 2017 12:53 PM

“As I hurtled through space, one thought kept crossing my mind - every part of this rocket was supplied by the lowest bidder.”

The Onion says it best:
Historians Still Unable To Determine How Americans Were Able To Build Hoover Dam
https://www.theonion.com/historians-still-unable-to-determine-how-americans-were-1821336263

Contrary to US folklore, govenments are perfectly able to complete large, complex project to full satisfaction. For instance, they did get people on the moon several times.

scotDecember 18, 2017 1:11 PM

Why are they generating primes on the card? I deal with payment cards, and they never have to generate primes. The primes are generated in a hardware security manager and then the resulting public/private key pairs are written to the card. All the card needs to be able to do is the RSA encrypt/decrypt operation, and even there the payment cards use the Chinese Remainder Theorem to save cycles.

Gunter KönigsmannDecember 18, 2017 1:23 PM

The lessons learned sound like a step in the right direction. But one has to keep a constant eye on security. Or they will one day read;

Never put all the eggs in the same basket. Use a hundred baskets each with a different set of security flaws. And provide a way to mass-manipulate the software on many devices at once.

Fred PDecember 18, 2017 3:26 PM

@scot

From the article:
"There is a requirement that keys must be generated on-card and never leave the card. This is required in order to be able to use the ID-card to give legally binding digital signatures."

trsm.mckayDecember 18, 2017 3:48 PM

@Jarrod: This seems to call for the ability to remotely update firmware on the cards.

Of course there are trade-offs, but the decision to include an update mechanism has been increasingly common. Cost is the biggest driver (replacing deployed devices is really expensive), but technology support (such as improved security properties of updatable memory) is another. What are the compromise scenarios, and how many of them could be fixed through updates? The recommended crypto agility (which theoretically I sympathize with) is very challenging. Mostly because of HW accelerator components (along the lines of RSA exponentiation) but also because the complexity it adds to crypto protocols (and increased chance of problems). In today's world I would probably recommend a hot-standby and device replacement strategy (so it wouldn't, as the paper states, take a year to have a viable replacement ready). But I really doubt you will find any current real-world system where they decided to avoid the ability to update altogether.

@scot: Why are they generating primes on the card? I deal with payment cards, and they never have to generate primes. The primes are generated in a hardware security manager and then the resulting public/private key pairs are written to the card.

Devices have almost always had the capability of generating their own keys; the usual determining factors are duration, quality, and key management. The 8-bit chips in the late 80's would require a day or so to generate a 1024-bit RSA key, very impractical from a manufacturing standpoint. But faster 32/64-bit CPUs with HW support can greatly reduce duration as a factor. Quality (of entropy, and process) was probably less of a concern when I did these things, but it is really important as the this post shows.

Key management concerns usually prefer a key that does not leave the chip (e.g. self-generated). The method Scot describes with HSMs generating keys and provisioning them into devices require expensive security measures as part of manufacturing (time, secure space, extra processes, etc.) multiplied by the number of devices you are manufacturing. So often great efforts are expended to avoid that method. But you do have to look at the incremental differences, as even device generated keys requires some amount of secure factory procedures (most critical creating and provisioning certificates). The biggest difference in factory floor protections are ensuring integrity (needed for self-generated) vs. confidentiality and integrity (needed for injected keys).

trsm.mckayDecember 18, 2017 3:57 PM

@ Fred: From the article: "There is a requirement that keys must be generated on-card and never leave the card. This is required in order to be able to use the ID-card to give legally binding digital signatures."

You (and the article) are missing some context. That is a specific version of a general requirement which a properly setup factory floor is capable of meeting with injected keys (it just requires expensive compensations during the key injection process). The specific requirement needs to be understood within the context of the proposed solution (namely an in-place update, not physically replacing the cards). It does not invalidate Scot's question which covers a difference scenario (and no, I don't know the actual requirements, but probably includes an on-card generation because the cards are, in theory at least, capable of it and it is cheaper to manufacturer). But these subtle nuances are my bread and butter...

Clive RobinsonDecember 18, 2017 4:04 PM

@ Jarrod Frates,

With regards,

    "... particularly the possibility of the need to replace algorithms with those that are not even in existence yet."

If you look back on this blog, I've mentioned a few times that NIST needs to stop the "crypto algorithm comps" and start doing something usefull like a standardised framework to do not just the addition of new algorithms and usage modes but also to remove the old ones, without the need for "hands on engineer time".

It's actually a hard problem to solve, and it's going to take rather more than a couple of committees to even stand a chance of listing all the aspects let alone solve them.

As I've been known to point out our primitive algorithms so far have been lucky to make their 25th aniversary... I fully exprect AES to need replacing within a decade, not because there is anything currently wrong with the algorithm, but man's ingenuity and resulting technologies have a habit of making fools of the best of us...

Now whilst 25years sounds forever in terms of PC generations, it's kind of the minimum expected working life for infrastructure equipment like energy/utility meters, ladder logic for industrial control systems, electronic medical implants and much else besides.

But there is another problem... Legal documents, mortgages are twenty to thirty five years, leases ninety nine to nine hundred and nintey nine years and wills could be over ninety years these days. Any digital signiture algorithm used has to remain valid for atleast that long. And to be honest I can not see any crypto algorithm remaining unscathed for a hundred years let alone a thousand...

How we go about resolving such issues is an open question currently. But one thing is sure if there are ways, the sooner we find them the better it will be for society in general.

Clive RobinsonDecember 18, 2017 4:23 PM

@ Dana Schwartz,

So none of the astronauts’ safety was credited to the government employees at NASA?

Whilst there was a lot thinking, design and even software involved, supprisingly little in terms of tangible objects were made by NASA staff for the maned space missions prior to the STS (shuttle).

So whilst a lot of "safety design" and "safety software" was NASA's product, the hardware was outsourced mainly for political reasons. Arguably the Apollo 1 and 13 accidents as they were down to contractors were not NASA staff failings thus NASA was in effect saved from the consequences.

It was not untill the famous Rogers Commission enquiry involving Richard Feynman after the Challenger space shuttle and its crew and civilian school teacher Christa McAuliffe were destroyed in a fiery, catastrophic explosion just under 32years ago on the 28th January 1986 that NASA it's self came under investigation as to the cause of the disaster...

HaneyDecember 18, 2017 4:56 PM

> Of course there are trade-offs, but the decision to include an update mechanism has been increasingly common.

I hope that's restricted somehow, so it doesn't show up in the "Lessons Learned from the 2019 Estonian National ID Security Flaw". Eg. it would be easy enough to have the user to put a paperclip in a hole to update it. (Typing a PIN isn't enough. When cards have no display/LEDs, there's no way to tell what operation you're authorizing.)

Notable in its absence is any suggestion that the firmware should be audited and/or auditable. This was not a complex flaw that required a "force majeure" response. The maths were known and this could've been caught years ago if a competent external party had the code.

JuhaniDecember 18, 2017 5:59 PM

That could be a paradigm change as manageability has become a lot more important part of "safety design".

Clive Robinson raises an important question about keeping the documents for 25+y.
This year Estonia distributed an app named TeRa timestamp, user can use it to search for all old documents, found documents were timestamped, for free.
More can be found at https://www.id.ee/?lang=en&id=37965
Old format is from year 2003 supported SHA1. Links to old format: https://www.id.ee/?id=30289

Estonia has 10y of e-voting and 15y of digital id card experience, so there is a real need for continuous improvements, be it replacing RSA or SHA1, an id card alternative named mobile id working in SIM card, replacing mobile id card crypto from RSA1024 to elliptic or these days also smart-id. Unfortunately from all the sales talk I still don't exactly know what is smart-id, the fuzzy feeling talk does not make me feel any more secure than using Google Authenticate, besides the fact that banks don't accept Google and governmental sites support only id card or mobile id.

DaveDecember 18, 2017 6:33 PM

>In French they have one word "sécurité" that covers both security and safety.

In Romania they had the word "securitate", which ensured that you got neither...

DroneDecember 19, 2017 12:08 AM

You should come here to Indonesia and look at the corruption and inefficiency riddled eID system the bloated Socialist Government put in place. And it doesn't stop there. Now the eID system is widely feared as a new source of Government-controlled voter fraud! [Perhaps that was the goal after all.]

ClipperDecember 19, 2017 1:52 AM

The whole concept behind eID is to enable the State to monitor its citizens. If you have to carry something that combines an ID document, a wallet and an RFID identifier (where the eID concept is heading to), you can be tracked in real time with minimal effort.

Which is why this will turn out to be a bad idea.

oh sureDecember 19, 2017 1:55 AM

"The whole concept behind eID is to enable the State to monitor its citizens"

Fake news brought to you by non-thinking

MMDecember 19, 2017 4:06 AM

@Winter
"Singh added that despite the questions surrounding the structure, he was intrigued by a recent theory suggesting the iconic dam was constructed by slaves."
Soo Americans did not built it but
African Americans slaved it for sure.Wow

echoDecember 19, 2017 4:14 AM

Refactoring with a new framework approach seems to be a recurring theme with identification systems and email and C/C++ and I guess a spectrum of issues. I'm not even periphgerally qualified to comment on the deep technical issues. The discussion is fascinating though.

R00KIEDecember 19, 2017 4:25 AM

I don't know how it works in Estonia but in Portugal the government does key escrow on the encryption keys stored in each and every card, they say so in the publicly available manual.

I wouldn't be surprised if in the future due to some security blunder or attack it turned out that they were also doing key escrow "by mistake" of the keys used for signature.

That said, having a way to do field updates should help in cases like the Estonian eID. Didn't a bunch of TPM chips inside laptops receive software updates exactly because of this same problem? Obviously the update should be signed and said signature properly verified and all keys have to be regenerated after the update, the normal stuff that every once in a while is not done properly and turns one problem into a train wreck.

PeteDecember 19, 2017 4:47 AM

Quote :
---------"The whole concept behind eID is to enable the State to monitor its citizens"

Fake news brought to you by non-thinking --------------

Yeah, just look at how China isn't monitoring every little tweet their "citizens"
make . Hell, it wouldn't surprise me if they even have algorithms monitoring the tweets the "citizens" DON'T make !.

In Denmark, we have this (mandatory) online-ID thing as well, based on PKI .
So, our good government, who always thinks of the citizens best interests, sends us this little cardboard-card with all the "answers" - By SNAIL-MAIL !!
We also have mandatory national ID-numbers, based on our DOB .
We hardly use cash any more and telecoms are required to log all our phone and internet activity, despite The European Human Rights court finding the practise illegal .

So YES, the notion that The State wants to monitor everything the citizens do, is "Fake News" - And Mao, Stalin, Hitler, Pol Pot and all the other Great Leaders are good guys who can be trusted with knowing every little thing you do .
Computers and The Internet are not setting us free, as some of the old hippie tech-gurus claimed it would, it is enslaving us all .


WinterDecember 19, 2017 5:07 AM

@Justing
"@MM, The Onion is satire."

I find it sooo telling that MM did not get the joke. In my opinion, if you do not get the joke, you are most likely part of the problem.

scotDecember 19, 2017 8:30 AM

@Fred P: Yes, that is the true cause of the issue--letting lawyers make what should be an engineering decision. The vulnerability exists because they're forcing heavy-duty computation to be done on lightweight hardware, requiring them to take shortcuts. A dedicated piece of hardware could generate the keys and write them to the card and be even more secure. Don't want they keys stored? That's trivial; just don't put storage in the key generator. The hardware can also have vastly more CPU power so it doesn't have to take shortcuts, a source of true entropy, and shielding to make it immune to side-band attacks. Suck the card in, close the door, write the keys, open the door, and spit out the one and only copy of the keys.

Clive RobinsonDecember 19, 2017 9:45 AM

@ Justin Case, MM, Winter,

The Onion is satire.

Sometimes satire is the only "truth" that makes sense, which is kind of ironical.

WinterDecember 19, 2017 11:23 AM

@Clive
"Sometimes satire is the only "truth" that makes sense, which is kind of ironical."

There are philosophies and religions that claim the world is/started as a joke of the god (generally male for some reason). Maybe that is taking matters too far. But I do believe that the purest form of truth is indeed a joke.

The joke from the Onion is a perfect example. It tells us about both the state of afairs in US government as well as the prominent ideology and it shows us why both are deeply "wrong". And it does so without singling out a scapegoat. It is a tribute to the Onion that there are indeed people willing to illustrate the point by not seeing the satire.

oh reallyDecember 19, 2017 1:55 PM

"So YES, the notion that The State wants to monitor everything the citizens do"

You just compared CHINA's totalitarian state control of information to E-ID without a layer between.

E-ID doesn't automatically mean autocracy. You're comparing dissimilar things and drawing conclusions in your mind that aren't really connected on the ground.

ClipperDecember 19, 2017 4:26 PM

What's happening in China right now is a prelude of what is happening in the West. The difference is that in China they can do as they like, while in the West they have to get it done slowly, using the help of companies like Google and Facebook.

trsm.mckayDecember 19, 2017 4:56 PM

@Haney I hope that's [update to smartcard] restricted somehow, so it doesn't show up in the "Lessons Learned from the 2019 Estonian National ID Security Flaw".

They already have an update method implemented, otherwise how could they have swapped over to ECC as discussed in the paper? Obviously doing updates adds a lot to the attack surface, and you can search through this forum for examples of how things have gone wrong. But that said, I have analyzed many, and even created a few, secure update schemes (for example it is tricky to accommodate both anti-rollback measures and upgrade failure scenarios).

Notable in its absence is any suggestion that the firmware should be audited and/or auditable.

I have been a proponent of auditable source for society-critical components (like voting tabulation), but the more I work with opensource the less strong my position has become (too much code, not looked at carefully enough; but things like Google's project zero perhaps might have me swinging back the other way). But note that the smartcard (or if not specifically the Estonian smartcard version, closely related versions) have gone through Common Criteria evaluations. So the conversation should not be "has it been audited", instead it should be "why did the audit fail"?

Clive RobinsonDecember 19, 2017 6:10 PM

@ trsm.mckay,

So the conversation should not be "has it been audited", instead it should be "why did the audit fail"?

Err no it realy should be "What was and what was not audited and why?"

A "product" consits of many parts and comes about through many processes each carried out in an environment.

One of the jokes/truisms of QA is just what is and is not in scope of the audit. I've been to places that are supposadly ISO9000 but when you actually check the paper work it might only cover "final assembly"...

It's quite common for a manufacturing facility to have goods in, the lines and test/packaging certified but not the office etc. Also the design purchase and many other sections to be "off site" and not QA considered in any way.

Many security certifications are about QAing the process not the actuall parts. Thus the design process and paperwork but not the actuall code, other than it's handeling complies with certain formatting and documenting processes...

So you could say "Designed by Contract" and you get a tick in the box. But you do not have to specify what level of contract is involved at the interfaces.

It just so happens the way I've written all but noddy code for the last third of a century or so[1] is documented in code to be a contract without getting "name formal" about it. All it says is it is a method I found that works well not just for me but others. Especially as much of it is on the ISA side of the great abstraction divide/chasm which even C falls way way the other side of.

[1] That is long prior to the Eiffel programming language which claims to have "invented" thus "own" the idea. If you strip off the fluff what you are left with is a level of commonsense that gave rise to other more accademic methods such as Hoare Logic from decades before. Thus name aside Design by Contract has multiple fathers and mothers, not a King with a fiefdom to seek rent by taxation.

JasonRDecember 19, 2017 6:14 PM

The US Gov "Real ID" requirements don't dictate how or what technology is used. Each state can pick its own, and be vetted by the US Gov. Additionally, you can also have a US Passport which is a second valid form of "Real ID". That right there gives those that travel often two options. Assuming many states choose many different ways go implement, the whole nation's eggs aren't in the same basket.

Further, I plan on maintaining two state IDs. My state Driver's License which will not be a "Real ID" and my state ID which will be a "Real ID". The ID is basically the same thing as the DL but without driving privileges. However, one advantage to having both is that your state ID cannot be "suspended" where as a DL can for be suspeneded many reasons (taxes, child support, driving infraction points, etc.), and once "suspended" is not valid for anything that requires it.

hmmDecember 19, 2017 7:34 PM

"What's happening in China right now is a prelude of what is happening in the West"

Eh bullsh*t.

China is being radically deformed by the open western internet, and their central government realizes the threat for what it is. The knee-jerk is to restrict and crack down, and that's what the great firewall is, a knee-jerk reaction. It doesn't solve their problems. They want to have it both ways and it's breaking them in twain.

They've banned images of Winnie the Pooh because of visual similarities to their dopey President.
Critique of the government gets you a knock at your door, and maybe jail time - or worse.

That would never and will never fly here. You might as well try to change the flag, not happening.
We have entire mainstream TV programs dedicated to mocking our dopey president. It's our thing.
People burn the flag in effigy in the street as cops look on. It's part of Americana.


Google and Facebook and Twitter are blocking hate groups who are breaking laws against incitement and threats, and they're blocking news feeds from sources that repeatedly turn out to be hot bullsh*t. But they're not the only source of information nor is anyone restricting your access - just not on their platform. There are others and nobody stops you from going there, the web is open here. Your comparison is very shallow.

You are perfectly free to criticize google, fb, twitter, AND the government here.
Don't like FB, don't use 'em. But quit the obtuse comparison hyperbole, jeez.

trsm.mckayDecember 19, 2017 7:39 PM

@Clive Robinson Err no it really should be "What was and what was not audited and why?"

Fair enough, I agree with most of what you said. I ran out of time, and did not phrase my response as completely as I would have preferred. But my question of "why it was not caught" is probably the correct one for this particular situation. This is because I know Gemalto subjects many of their smartcards to Common Criteria evaluations, and CC includes some specific Security Functional Requirements (SFR in CC lingo) that covers RSA key generation.

So why didn't this problem get caught in the CC evaluation, 3 possibilities:

* Perhaps they did not include the RSA key generation SFR in the evaluation requirements (note that traditional CC evaluations are very flexible, this has caused a movement towards protection profiles with a preset selection of SFRs determined by industry groups, I contribute to one of these BTW). Seems unlikely to me.
* Perhaps they did evaluate against the RSA key generation SFR, and they missed the issue or a mistake was made? Always possible.
* But my bet is that the shorting-comings of this particular method of RSA key generation was not taken into account in the particular key generation SFR they used.

Much of the info to answer this question may be public (Gemalto recalled a number of cards, somewhere we can find the exact models; and completed CC evaluations usually have public documents that list the SFRs used for the evaluation). I havn't had time to check, but I will be making sure that the CC protection profile I contribute to properly prohibits this method key generation (pretty sure it is not allowed by the NIST documents we base that particular set of SFRs on, but I will double check).

hmmDecember 19, 2017 7:45 PM

"and once "suspended" is not valid for anything that requires it."

If your driving privs are suspended you can still use it as ID until it expires.
You're not required to relinquish it like a military ID.

The only people who know is cops/courts or DMV, as authorized to run your file.
Everyone else should accept it as ID, it's still valid information.
Buying beer shouldn't be a problem. Voting would be the acid test.

TõnisDecember 19, 2017 9:16 PM

In America, there is no law that requires a citizen to obtain government ID. Okay, if you want to drive then obtain a driver's license. But if you don't want to drive, there's no requirement that you obtain a government ID. "Your papers please" is foreign, repulsive to liberty and the true American way of life. It's anti-American.

hmmDecember 19, 2017 11:35 PM

Let's say I agree, how do I get a bank card, apply to rent a home, get a job, demonstrate my age to a bartender, or get out of getting detained by a cop until they can ID me on suspicion of anything they can point to nearby?

Do we just shoot muskets and dump tea in the harbor all day, what kind of America is the TRUE America?

PeterDecember 20, 2017 5:02 AM

@ oh really :

Please, after Snowden you still think "we" are not being snooped upon as much as the Chinese are ??

calculatorDecember 20, 2017 6:20 AM

@ hmm, Clipper, oh really, Peter

We have seen so far the debate security vs. privacy. Mr. Schneier and many others proved this is a false issue. What we see now, a new debate start to rise: privacy vs. hatred speech. Right wing groups and political parties have started to gain strength all around the world. There are many people who see this phenomenon as a treat and they start to fear. Those people can be persuaded that monopolies like Google or Facebook with their tracking and content filtering need to be exist against a "chaotic" internet "full of fake news" and hatred speech. Ironically privacy (a liberal value) is getting attacked by scared liberal people with best intention. Mr. Schneier should step in and share his ideas or we will loose more and more people and our privacy concinous communitiy will become fragmented. I think various national sec. agencies have already benefitted from this issue.

MikeADecember 20, 2017 1:39 PM

@ Tõnis: In theory, you do not need any form of ID to travel in the U.S. In practice, you may find difficulties. A young friend who has never had a DL (total urbanite) has on a couple occasions had to go to some length to persuade a TSA agent that, yes, a U.S. Passport _is_ acceptable ID to fly within the U.S.

@hmm: Again in theory, only certain LEO and DMV people have access to your DL status. Them and any friend or friend of friend or just someone who flashes a roll of money.

In practice, there is a difference between theory and practice.

calculatorDecember 20, 2017 5:09 PM

@ calculator

new debate start to rise: privacy vs. hatred speech

Ehh...I wanted to write privacy vs. supress hatred speech. Sorry.

oh reallyDecember 20, 2017 5:40 PM

"after Snowden you still think "we" are not being snooped upon as much as the Chinese"

Snooped on = data collection, bulk or targeted, but still limited to that.

Comparing data collection to the jackboots knocking down your door, putting you in prison for years without charges and threatening your family and taking their property because you criticized your government? You can't rationally think those are the same thing.

Slippery slopes are real but mountains still aren't molehills.

SpruanceDecember 22, 2017 3:48 AM

About a year ago on the little swedish island Hanö, I tried to pay the harbour fee for our yacht. In Sweden there is hardly any opportunity left to pay with 'real money' since everybody uses plastic and nobody bothers to carry notes around. So I was rendered helpless when told that the internet on this island was down and no plastic money could be accepted for an unknown while. Quite an improvement!

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.