by Dan Moren
Senate ID cards security “chips” are just photos
Truly mind boggling story from Ars Technica’s Sean Gallagher, picking up on a letter from Senator Ron Wyden (D-OR), about the lack of security for Senate employees:
The Government Accountability Office repeatedly warned of gaps in federal information security, including the lack of two-factor authentication on critical federal systems like those at OPM. And during President Barack Obama’s “cyber-sprint,” many more agencies did roll out smartcards for authentication.
But apparently Congress never took its own advice. A letter from Senator Ron Wyden (D-Ore.) to the Senate’s Committee on Rules and Administration last week pointed out that while many executive branch employees now have PIV cards with chips embedded in them, Senate employees get ID cards with a picture of a chip on them… [emphasis in original]
That is the craziest, face-palmiest, head-deskiest thing I’ve ever heard. It’s like telling people to pay with the cardboard credit cards that banks send you in the mail.