Flashes of Panic

(I’m still mining this recent email exchange.)

There’s more to the problems with the internet than can be solved by replacing the technology. The trouble is that the problems aren’t technical; it’s that we’re trying to create a new mode of communication which eliminates problems we’ve covered with fragile hacks in the non-internet space. We haven’t solved these problems efficiently in real life; why do we think we’ll do better on the internet?

The following paragraphs probably should be subject to normal disclaimers regarding me sounding off on a subject in which I have no formal background, and in which specialists exist who might demolish most of my claims.

Security issues, particularly surrounding fraud (the most popular form of internet crime, barring perhaps extortion and/or the violation of various local blue laws,) are largely issues of identity and trust in the real world, because they’re about being accountable (or avoiding accountability.) Think about the mechanisms we have for proving our identities in the physical world. They’re largely biometric: height, hair color, eye color. Shape of face, fingerprint, retinal scan, dental records. DNA. Fine: we can establish individuals that way. Generally we do it in a very sloppy way: we introduce each other. We use driver’s licenses or passports with photos to “prove” that the name we introduce ourselves with loosely matches the biometric data we possess. Then we deliberately cripple or restrict the effectiveness of these tokens, because they’re government-issued and we don’t really trust the government. Or, we trust other individuals who introduce us to each other to do that introducing accurately.

If I’ve characterized that properly, identity (and accountability) in the physical world is based on trust and very loose pattern matching.

The “loose pattern matching” is a tough thing to do online, largely because the biometric data involved is either unavailable (got a fingerprint-reader to get access to your laptop yet? How about a retinal scanner to buy from Amazon?) or subject to distortion (it should be possible to put up a sock-puppet face on a webcam with existing video software, though it might not be possible yet to generate full-motion on the fly. Maybe with specialized hardware.) So we rely on trust: we generate cryptographically strong digital “signatures” which stand in for the biometric data, and use those to establish our identities.

Now, the mere existence of a digital signature isn’t enough. (It’s enough for encryption, but not enough to establish identity.) No, we need to have someone sign the public keys to verify that they belong to who they say they belong to - PGP created the strange social phenomenon of “key-signing parties” where people show up with others who will verify their identities, or paperwork, and sign each others’ keys, and trust that degrees of separation and chains of trust—Thawte calls it a “web of trust“—will mean that all keys will be trustworthy. Have you ever asked to see the ID of someone who was just introduced to you? That would be the act of a true paranoiac in the offline world, yet we do it all the time online.

In other words, online, we go back to our existing real-life methods, the fuzzy and imperfect ones.

This is a common problem with some phishing and all pharming scams: they take advantage of the server-certificate method of running encrypted websites. People assume that a secure website is a secure website when they see the padlock on their browser, and they don’t think about the identity-confirming aspect of the certificate. It matters that https://www.paypal.com is not https://www.paypal.scams.com. And even that identity function is based on trust.

The point is that the mechanisms we have for identity and accountability in the physical world are fallible, and in translation to the internet they become either unfeasible (biometrics) or so complicated only hardcore crypto-heads or paranoiacs like myself use them (trust). There are a lot of very smart people who have done a lot of involved thinking about trust and how to create it in an online environment; unfortunately, none of them have made it into software my mother can install and understand.

And I think it’s unreasonable to blame problems on the internet when we’ve “solved” them so poorly elsewhere.

Now Playing: Deep End from School Of Fish by School Of Fish