Paul Kelly and colleagues at Loughborough University found that a disulfur dinitride (S₂N₂) polymer turned exposed fingerprints brown, as the polymer reaction was initiated from the near-undetectable remaining residues.

Traces of inkjet printer ink can also initiate the polymer. The detection limit is so low that details of a printed letter previously in an envelope could be read off the inside of the envelope after being exposed to S₂N₂.

"A one-covers-all versatile system like this has obvious potential," says Kelly.

"This work has demonstrated that it is possible to obtain fingerprints from surfaces that hitherto have been considered extremely difficult, if not impossible, to obtain," says Colin Lewis, scientific advisor at the UK Ministry of Defence. "The method proposed has shown that this system could well provide capabilities which could significantly enhance the tools available to forensic scientists in the future."

A couple of weeks ago I was offered a free year membership in the Clear airport security program for registered travelers.  Though my home airports of Ft Lauderdale and West Palm Beach don't yet offer Clear access, I fly enough in airports that do like Denver and Regan that I thought for free, what do I have to lose.  I filled out the forms on line and last time I was in Regan airport I handed it in along with fingerprints, Iris scans, passport, etc.  This past week my Clear card came in the mail and I have been looking forward to using it.

I thought that with my background check and all, they knew that I was a low risk for terrorist or other type of activity and therefore would not be subject to the same scrutiny and testing that we all endure when we have to fly.  Turns out that I don't think that is exactly the case.  However what it does do is allow you to go right to the front of the line in security, much to the dismay of others waiting on those lines.

The experience was great.  I went to a special entrance for Clear members where I was met by a very helpful young lady.  She escorted me to a Clear machine where we inserted my card and did a fingerprint scan.  After that was done she escorted me to another young lady who walked me past all of the people waiting on line (and a long line it was).  At the head of the line, the Clear lady gave my boarding pass and ID to the TSA person.  The TSA person checked my id and pass, same as always and they passed me through.  Than my Clear escort brought me to a special metal detector line which had no one on it, just waiting for me.  Again skipping another line.  I put my computer and other metal objects in the same old grey bin, took off my shoes and went through the metal detector.  I thanked the Clear escort came out the other side, scooped up my stuff and proceeded to my gate.  The entire process took less than 3 minutes I bet!  That was great!  The looks on the faces of the people I bypassed on line also gave me a perverse pleasure as well, I will admit.

After finishing this though I sat down and thought about it.  What security did bypass?  They still checked my ID and boarding pass. I still went through the metal detector and took off my shoes.  In fact if anything security was added to my check in, as they now did a fingerprint match.  So fact is, with all of the background checks and everything, having the Clear program did not relieve me of any security obligations and tests. In fact it added to them.  What it did give me was a "first class" personal escort to the front of the line and than a first class que for the metal detectors.  Because I was willing to pay some money and have a background search, I got the first class treatment.

To me this is not a scalable solution.  As more Clear passengers come on board, having a dedicated person walking me through the security line is just not going to work.  Also, lets be clear (no pun intended), this is not about going through less security.  Why the background check and all?  This is about paying money and skipping the line, but still going through the same security procedures that everyone else goes through.  Just faster.  Hey, don't get me wrong.  I loved it!  But I was wrong to think this was about bypassing security, this is a "first class" traveler lane.  As long as you are "clear" with that, it is good by me!

A couple of weeks ago I was offered a free year membership in the Clear airport security program for registered travelers.  Though my home airports of Ft Lauderdale and West Palm Beach don't yet offer Clear access, I fly enough in airports that do like Denver and Regan that I thought for free, what do I have to lose.  I filled out the forms on line and last time I was in Regan airport I handed it in along with fingerprints, Iris scans, passport, etc.  This past week my Clear card came in the mail and I have been looking forward to using it.

I thought that with my background check and all, they knew that I was a low risk for terrorist or other type of activity and therefore would not be subject to the same scrutiny and testing that we all endure when we have to fly.  Turns out that I don't think that is exactly the case.  However what it does do is allow you to go right to the front of the line in security, much to the dismay of others waiting on those lines.

The experience was great.  I went to a special entrance for Clear members where I was met by a very helpful young lady.  She escorted me to a Clear machine where we inserted my card and did a fingerprint scan.  After that was done she escorted me to another young lady who walked me past all of the people waiting on line (and a long line it was).  At the head of the line, the Clear lady gave my boarding pass and ID to the TSA person.  The TSA person checked my id and pass, same as always and they passed me through.  Than my Clear escort brought me to a special metal detector line which had no one on it, just waiting for me.  Again skipping another line.  I put my computer and other metal objects in the same old grey bin, took off my shoes and went through the metal detector.  I thanked the Clear escort came out the other side, scooped up my stuff and proceeded to my gate.  The entire process took less than 3 minutes I bet!  That was great!  The looks on the faces of the people I bypassed on line also gave me a perverse pleasure as well, I will admit.

After finishing this though I sat down and thought about it.  What security did bypass?  They still checked my ID and boarding pass. I still went through the metal detector and took off my shoes.  In fact if anything security was added to my check in, as they now did a fingerprint match.  So fact is, with all of the background checks and everything, having the Clear program did not relieve me of any security obligations and tests. In fact it added to them.  What it did give me was a "first class" personal escort to the front of the line and than a first class que for the metal detectors.  Because I was willing to pay some money and have a background search, I got the first class treatment.

To me this is not a scalable solution.  As more Clear passengers come on board, having a dedicated person walking me through the security line is just not going to work.  Also, lets be clear (no pun intended), this is not about going through less security.  Why the background check and all?  This is about paying money and skipping the line, but still going through the same security procedures that everyone else goes through.  Just faster.  Hey, don't get me wrong.  I loved it!  But I was wrong to think this was about bypassing security, this is a "first class" traveler lane.  As long as you are "clear" with that, it is good by me!

Among other things, the paper identifies six principles for identification systems:

• Achieve real security or other goals
• Accuracy
• Inclusion
• Fairness and equality
• Effective redress mechanisms
• Equitable financing for systems

From the Executive Summary:

How can these principles be honored in practice? That’s where the "due diligence" process comes into play when considering and implementing identification systems. Due diligence in the financial world of mergers and acquisitions and other important corporate transactions is conducted before a company makes a major investment. Proponents of, say, a merger (or in our case, a new identification program) can err on the side of optimism, concluding too readily that the merger (or new ID program) is clearly the way to go. Thorough due diligence protects against such over-optimism.

In the pages that follow, we apply this due diligence process to some recurring technical problems with current and proposed identification programs. And we discover—as you’ll see toward the end of the report—that ID programs that rely on "shared secrets," such as Social Security numbers or your mother’s maiden name, are becoming more insecure due to the increased use of identification. Similarly, ID programs based on biometrics such as fingerprints or iris scans are not the "silver bullets" that some proponents claim they are, but rather could become compromised rapidly if deployed in haphazard ways.

We then apply our progressive principles and due diligence insights to two current examples of identification programs. The first details why it would be bad policy to require government-issued photo ID for in-person voting. The second shows the basically sound policy rationale for the Transportation Worker Identification Card, used for workers with access to security-critical port facilities. By examining one identification program that is reasonable, and one that is not, our analysis shows the usefulness of the Progressive Principles for Identification Systems.

I participated in the panel discussion announcing this report, along with Jim Harper (Director of Information Policy Studies at the Cato Institute).

But two weeks ago a jury in the civil lawsuit against that employer, NDS Group, largely cleared the company -- and by extension Tarnovsky -- of piracy, finding NDS guilty of only a single incident of stealing satellite signals, for which Dish was awarded $1,500 in damages.

"I knew this was going to come," Tarnovsky says. "They didn't have any proof or evidence."

The trial was years in the making, yet raised more questions than it answered. It came down to testimony between admitted pirates on both sides who accused each other of lying. Now that it's over Tarnovsky, who was fired by NDS last year, is eager to tell his side of the story.

Dressed in loose jeans, flip-flops and a T-shirt, Tarnovsky, 37, spoke with Wired.com by phone and in an air-conditioned lab in Southern California where he's been running a consultancy since losing his job. Surrounded by boxes of smart cards and thousands of dollars worth of microscopes and computers used for researching chips, he talked excitedly at lightning speed about his strange journey, which began in a top-secret Pentagon communications center, and ended with him working both sides of a heated electronic war over pay TV.

His story sheds new light on the murky, morally ambiguous world of international satellite pirates and those who do battle with them.

The stakes are high: Earnings in the satellite-TV industry reach the billions. In the first quarter of this year alone, U.S. market leader DirecTV announced revenue of $4.6 billion from more than 17 million U.S. subscribers. Dish Network earned $2.8 billion from nearly 14 million subscribers. Although satellite piracy has greatly diminished from its peak seven to 10 years ago when the events detailed in the civil lawsuit took place, the two companies lost millions in potential revenue, and spent millions more to replace insecure smart cards used in their systems and track down dealers selling pirated smart cards.

Those smart cards are at the center of the controversy over NDS, a British-Israeli company and a majority-owned subsidiary of Murdoch's News Corp. The company makes access cards used by pay-TV systems, most prominently DirecTV -- itself a former Murdoch company. Nagrastar, a plaintiff in the case and NDS's chief competitor, makes access cards used by Dish Network and other runners-up in the market.

According to allegations in the lawsuit, in the late '90s NDS extracted and cracked the proprietary code used in Nagrastar's cards, a fact that NDS doesn't contest. What happened next, though, is hotly disputed. Nagrastar says Tarnovsky used the code to create a device for reprogramming Nagrastar cards into pirate cards, and gave the cards to pirates eager to steal Dish Network's programming. Tarnovsky was also accused of posting to the internet a detailed road map for hacking Nagrastar's cards.

Nagrastar says NDS had an obvious motive for these antics: Their own chip, the so-called P1 or "F Card," had already been thoroughly cracked by pirates, and the company wanted to level the playing field with its competitors.

NDS denied the allegations at trial. The company declined to comment for this article or to confirm details of Tarnovsky's employment other than to say it was pleased that the verdict "ended in a resounding affirmation of NDS and its business ethics and proper conduct."

Tarnovsky began his pirating career in the '90s while serving in the U.S. Army. He had a top-secret SCI security clearance working on cryptographic computers in Belgium for NATO headquarters, and spent a year at Ft. Detrick in Maryland providing support to the National Security Agency for satellite transmissions to Europe.

In 1996, he was stationed in Germany when his colonel sold him a used satellite-TV system, along with two pirated access cards, neither of which worked. Tarnovsky began posting on online pirate forums, and developed contacts in the community, ultimately learning how to fix the cards to access English-language programs from Sky in the United Kingdom.

After leaving the Army and returning to the States, he got a call from Ron Ereiser, a Canadian pirate who'd heard about him through the grapevine. Pirates had found a back door in the P1 card and were vigorously exploiting it to get DirecTV content. But the cards kept failing. In a game of pirate pingpong, DirecTV periodically deployed electronic countermeasures, or ECMs, in the satellite stream that killed the cards in their set-top boxes. Ereiser needed someone to fix the cards.

There was serious black-market money on the line. In Canada, where pirating of U.S. satellite services wasn't considered illegal until 2002, syndicates of dealers did enough business that they could afford to chip in about $50,000 to hire a programmer to reverse engineer the latest cards. Pirate cards would sell for about $200 each, with the profit split between the investors and engineers. Tarnovsky claims Canadian pirate dealers could make $400,000 in a weekend; when Reginald Scullion, a notorious pirate in Canada, was raided in 1998, authorities seized $5.5 million from his bank accounts and safe-deposit boxes, though not all of it was from piracy.

Ereiser, who now works as a consultant to Nagrastar, concedes that the money from piracy was good, but insists that nobody became an overnight millionaire. "It was lucrative," he said in a telephone interview. "But to suggest that millions were being made in a month is an absolute crock."

DirecTV's countermeasures were a nagging drag on this lucrative trade. Every time an ECM was deployed, Ereiser and other dealers would be harangued by customers demanding to have the cards fixed and their TV programs restored.

Tarnovsky, who was known online as "Big Gun," says Ereiser offered him $20,000 to fix cards that were killed by ECMs, and he agreed. Each time NDS created a countermeasure, Tarnovsky would analyze the code and find a way to circumvent the countermeasure. He did it while working full-time as a software engineer for a semiconductor company in Massachusetts.

"I'd be at work and I'd check the IRC (channel) to see if they'd launched their Thursday countermeasure yet," he says. "It was like a chess game for me. I couldn't wait for them to do a countermeasure because I would counter it in minutes."

Tarnovsky suffers from attention deficit hyperactivity disorder, which he says helped with the detailed work.

"I think so fast," he says.

It wasn't long before NDS came courting. Tarnovsky had a contact at the company to whom he'd begun passing information about holes in its software, even supplying patches to fix them. NDS offered him a job earning $65,000 a year. By the time the company fired him last year, he was earning about $245,000 in salary and bonuses and had another $100,000 in stock options, he says.

The company set him up in a lab in Southern California equipped with a computer, some DirecTV set-top boxes, sample DirecTV cards and NDS source code. There was no fancy equipment at first, but his relationship with NDS and the lab grew over the decade he worked with them. Tarnovsky says the job was a dream come true. While living in Europe he'd once seen a news report showing an engineer at a French satellite company writing countermeasures, sitting in a lab with smart cards piled around him on his desk.

"I always thought it would be so cool to be that guy," Tarnovsky says. "Finally I got the chance."

Tarnovsky had two roles at NDS -- to find holes in its software and work undercover with pirates to discover what they were doing against NDS technology.

To conceal his relationship with NDS from pirates, few people at the company knew his identity. He used the name "Michael George" and for the first four years was paid through other companies, including, for about five months, HarperCollins, the Murdoch-owned book publisher.

"It was very hush-hush, because we didn't know who could be an inside informant," he says.

Part of his job was developing ECMs for NDS. He'd examine pirate NDS cards to determine how they worked, then send instructions to engineers in Israel to create a kill for them.

"I didn’t actually load the gun and pull the trigger but I got to make the bullet," Tarnovsky says.

Among the countermeasures he says he created was one known among pirates as the "Black Sunday" kill -- an elaborate scheme that destroyed tens of thousands of pirate DirecTV cards a week before Super Bowl Sunday in 2001.

Instead of being delivered all at once like other measures, the Black Sunday attack code was sent to pirate cards in about five dozen parts over the course of two months, like a tank transported piece by piece to a battlefield to be assembled in the field. "They never expected us to do this," Tarnovsky says.

The kill didn't last long before pirates found a way to jump-start the cards. But it holds an enduring position in pirate lore; for the first time, they could see a cunning mind at work on the other side.

While Tarnovsky was killing cards, however, he was also helping pirates fix them.

Days before Tarnovsky began working for NDS, the company began phasing in its latest-generation smart card, the P2, which was thought to be virtually uncrackable. But word reached the company that two Bulgarian hackers working for Ereiser had cracked the P2. On NDS's instructions, Tarnovsky met with Ereiser undercover in Calgary to get the code. When he got there, Ereiser offered him $20,000 to work for him fighting whatever countermeasures NDS and DirecTV cooked up to thwart their P2 hack.

NDS considered it a great opportunity for Tarnovsky to maintain his pirate identity, but DirecTV insisted on some controls. Under "Operation Johnny Walker," as they dubbed it, Tarnovsky gave Ereiser a program to create pirate NDS cards, but encrypted it so no one could copy it. The program worked only with a dongle attached to Ereiser's computer and created a limited number of cards that could be killed at any time.

But, according to Nagrastar, Tarnovsky wasn't just helping NDS fight piracy by working undercover and creating ECMs, he was also committing piracy against NDS's competitors to weaken their place in the market.

After NDS engineers in Israel hacked the Nagrastar code in the late '90s, Nagrastar says Tarnovsky created a "stinger" program that turned Nagrastar cards into pirate cards. He allegedly gave the program to a Canadian named Al Menard in 1999 who sold reprogrammed Nagrastar cards for $350 each. Then in December 2000, someone anonymously posted code and detailed instructions for hacking Nagrastar's card to two websites, one of them run by Menard, exposing Dish Network to even more piracy. It was estimated in court testimony that between 100,000 and 165,000 pirated Nagrastar cards were released to the market in the wake of this posting.

Nagrastar says Menard began sending Tarnovsky cash from the sale of the pirate cards. At the end of August 2000, authorities acting on an anonymous tip seized two boxes destined for a mail drop Tarnovsky rented in Texas. Inside, they found a CD and DVD player with $20,000 and $20,100 concealed inside.

The boxes were sent from a phony address for "Regency Audio" in Vancouver to C.T. Electronics at Tarnovsky's address. A customs form for a third package that wasn't seized indicated that it was sent from Menard to Tarnovsky and also contained electronic goods.

Tarnovsky was in Israel at the time, and says he didn't know anything about the packages until he was notified that they'd been seized. He thinks they were sent by someone in Nagrastar's camp who was trying to frame him. He says Nagrastar's accusations about the "stinger" program were baseless, and that he never gave Menard any software.

On Feb. 9, 2001, U.S. Customs agents appeared at his doorstep. On advice of a lawyer, he declined to let them search his house without a warrant. Tarnovsky was never arrested or charged with any crime, but suspicions against him were mounting. NDS gave Tarnovsky a polygraph test, but asked only two, self-interested questions that never touched on the Nagrastar accusations: Had Tarnovsky sold any modified NDS smart cards, or company secrets, since he'd been working for the company? Tarnovsky answered no, and passed the test.

He continued to work for NDS for six years. But then last year, Nagrastar confronted NDS with a sheriff's report showing that fingerprints lifted from the seized electronics equipment sent to Tarnovsky's Texas mail drop belonged to an associate of Menard, raising suspicions again that Tarnovsky might have sold pirate Nagrastar cards without NDS's knowledge. NDS fired him.

Tarnovsky says his termination proves he and NDS weren't conspiring against Nagrastar. Had they been, NDS would have done anything to keep him happy, and quiet. He says the fact that Nagrastar lost the case shows he wasn't pirating on his own either.

"I've never sold a single Nagra card, ever," he says.

Although he was angry at NDS for abandoning him, he told Wired.com before the trial ended that he hoped to work for the company again.

"I want to make sure that NDS wins this lawsuit because that will clear my name," he said at the time.

When it was suggested that someone might view this as motivation for him to lie on NDS's behalf, he disagreed.

"That's crazy. I could go to jail," he said. "I would never perjure myself for some company."

Since NDS fired him he's been consulting for two semiconductor companies and a manufacturer of dongle tokens, but he misses his life in electronic warfare. If NDS doesn't want him, he says he'd be happy to work for Nagrastar -- jumping sides once again.

"I could design a whole entire chip for them like I did for NDS," he says. "NDS thinks today that their technology is superior to everybody else's and it probably is, because they're 17 years ahead of Nagra technologically. But Nagra could catch up overnight if they used my services.

"I'm a very valuable asset as far as smart-card technology goes," he adds. "I know everything about (NDS) as far as their intellectual property models go."

He offered his services to the company last year, while the lawsuit was pending. Nagrastar declined.

QUESTION: Some are raising that the privacy aspects of this thing, you know, sharing of that kind of data, very personal data, among four countries is quite a scary thing.

SECRETARY CHERTOFF: Well, first of all, a fingerprint is hardly personal data because you leave it on glasses and silverware and articles all over the world, they're like footprints. They're not particularly private.

Sounds like he's confusing "secret" data with "personal" data. Lots of personal data isn't particularly secret.

Here's the story directly from the Chaos Computer Club (in German), and its Engligh-language guide to lifting and using fingerprints. And me on biometrics from 10 years ago.

In reality, we are a much more secure nation if we do issue driver's licenses and/or state IDs to every resident who applies, regardless of immigration status. Issuing them doesn't make us any less secure, and refusing puts us at risk.

The state driver's license databases are the only comprehensive databases of U.S. residents. They're more complete, and contain more information - including photographs and, in some cases, fingerprints - than the IRS database, the Social Security database, or state birth certificate databases. As such, they are an invaluable police tool - for investigating crimes, tracking down suspects, and proving guilt.

Removing the 8 million-15 million illegal immigrants from these databases would only make law enforcement harder. Of course, the unlicensed won't pack up and leave. They will drive without licenses, increasing insurance premiums for everyone. They will use fake IDs, buy real IDs from crooked DMV employees - as several of the 9/11 terrorists did - forge "breeder documents" to get real IDs (another 9/11 terrorist trick), or resort to identity theft. These millions of people will continue to live and work in this country, invisible to any government database and therefore the police.

Assuming that denying licenses to illegals will make them leave is head-in-the-sand thinking.

Of course, even an attempt to deny licenses to illegal immigrants puts DMV clerks in the impossible position of verifying immigration status. This is expensive and time-consuming; furthermore, it won't work. The law is complicated, and it can take hours to verify someone's status only to get it wrong. Paperwork can be easy to forge, far easier than driver's licenses, meaning many illegal immigrants will get these licenses that now "prove" immigrant status.

Even more legal immigrants will be mistakenly denied licenses, resulting in lawsuits and additional government expense.

Some states have considered a tiered license system, one that explicitly lists immigration status on the licenses. Of course, this won't work either. Illegal immigrants are far more likely to take their chances being caught than admit their immigration status to the DMV.

We are all safer if everyone in society trusts and respects law enforcement. A society where illegal immigrants are afraid to talk to police because of fear of deportation is a society where fewer people come forward to report crimes, aid police investigations, and testify as witnesses.

And finally, denying driver's licenses to illegal immigrants will not protect us from terrorism. Contrary to popular belief, a driver's license is not required to board a plane. You can use any government-issued photo ID, including a foreign passport. And if you're willing to undergo secondary screening, you can board a plane without an ID at all. This is probably how anybody on the "no fly" list gets around these days.

A 2003 American Association of Motor Vehicle Administrators report concludes: "Digital images from driver's licenses have significantly aided law enforcement agencies charged with homeland security. The 19 (9/11) terrorists obtained driver licenses from several states, and federal authorities relied heavily on these images for the identification of the individuals responsible."

Whether it's the DHS trying to protect the nation from terrorism, or local, state and national law enforcement trying to protect the nation from crime, we are all safer if we encourage every adult in America to get a driver's license.

This op ed originally appeared in the Detroit Free Press.