Or is that security teams on crack?
Homeland Security accepts fake ID
The Department of Homeland Security allowed a man to enter its headquarters last week using a fake Matricula Consular card as identification, despite federal rules that say the Mexican-issued card is not valid ID at government buildings.
Bruce DeCell, a retired New York City police officer, used his phony card — which lists his place of birth as “Tijuana, B.C.” and his address as “123 Fraud Blvd.” on an incorrectly spelled “Staton Island, N.Y.” — to enter the building Wednesday for a meeting with DHS officials.
Mr. DeCell said he has had the card for four years and has used it again and again to board airliners and enter government buildings, without being turned down once. But he said he was surprised that DHS, the agency in charge of determining secure IDs, accepted it.
Good ol’ Homeland Security!
5 Comments
good thing he was being completely ethical since he got away with it.
You left something out of your post Jared.
” ‘Mr. DeCell had provided his name, birth date and Social Security number to be pre-cleared for entry to the building and had been vetted before’, Mr. Agen [a spokesman for the DHS] said. ‘The security guard accepted the ID to match Mr. DeCell’s name to a name on her list of cleared visitors, he said.’ ”
The picture is a little different when you include that. It’s not like this guy just walked up to the entrance without any prior clearing and flashed his Matricula Consular
card and got in. The photo and the name matched up so the security guard cleared him.
No, it’s still just as bad. The only additional complexity that introduces is that someone wanting to gain access fraudulently would only have to know the name of any person that’s “preauthorized” in order to make their fake ID, which would be trivial.
Also, he boarded all sort of airplanes and other govt. buildings, which I’m sure he wasn’t “pre-cleared” on.
The fact that there is that additional complexity makes it not as bad as you made it sound. There definitely are many security problems in many places where there shouldn’t be, but I don’t think this is quite as big of a deal as DeCell wants to make it. I would be curious to know the details of the other times he has done this, because without the details on this one, it sounds worse than it actually is, and I am inclined to believe that that is true about many of the other times he has used it.
There is no significant additional complexity. If all you need is the *name* of someone who is allowed to enter the building, that information is easy to come by, especially for anyone wanting to put in any degree of planning, which an attacker that poses any serious threat would do.
Sure, it may deter casual passers by from attempting to gain unauthorized access, but those people aren’t the ones that pose the security risk (if any) anyway; it’s the people who want to get in for a premeditated reason that would be cause for concern.
For such people, all they would have to do is sit around outside after work and follow any number of the many people that work there home, and then look in their mailbox the next day. Print up their fake ID with that “authorized” name and their own picture and they are in - that is why this is insecure. The list of “preauthorized names” is not a deterrent to anyone who would actually be a credible threat.
Additionally, it just shows the pure incompetence of the people checking the IDs. Why even have people checking IDs at all if they aren’t going to spot obviously invalid ones?
The reason this is news is that you would think that if the DHS themselves determines that they NEED ID checks, then they would at least do better than a half-assed (or quarter-assed, even) job of it. The fact that they clearly do not should be cause for concern, if you care about the DHS being a legitimate operation.