Slashdot Mirror
The Seven Laws of Identity
pHatidic writes "Something strange is a brewin' at Microsoft these days. Check out this video interview with Kim Cameron, Microsoft's Architect of Identity, about Kim's Laws of Identity." From the post: "We have undertaken a project to develop a formal understanding of the dynamics causing digital identity systems to succeed or fail in various contexts, expressed as the Laws of Identity. Taken together, these laws define a unifying identity metasystem that can offer the Internet the identity layer it so obviously requires. They also provide a way for people new to the identity discussion to understand its central issues. This lets them actively join in, rather than everyone having to restart the whole discussion from scratch."
"We have undertaken a project to develop a formal understanding of the dynamics causing..."
Bingo!
It obviously requires an identity layer? News to me. As a card-carrying member of the tinfoil hat brigade, I prefer anonimity.
"It is possible to commit no errors and still lose. That is not a weakness. That is life." -Peak Performance
So Microsoft's talking about Identity Systems affects my rights now??!!
Jesus, why does everybody here think every little thing is a rights issue? I don't see any way Microsoft's proposals would somehow affect my rights online or offline.
I really don't understand this article...I have read the point form laws but they seem complicated.
...linked to them.
We all know that the only 2 rules are going to be:
1. Any corporation can find out whatever they want to about you for whatever reason, and use that information for any purpose they see fit.
2. Rule number 1 also applies to city/state/federal governments
I wish I was joking, but I'm not.
Says who? How can something that is inanimate require anything? People create requirements. Maybe M$ needs the internet to have an identity layer, I say, tough noogies for them. I don't require the internet to have an "identity layer." And since I have spent this entire weekend in the "total proportion vortex," I know that my opinion is more important than M$'s.
Not Found Very apropriate..... heheheheh
This just makes me feel like I am one step closer to the personalized advertising (think minority report?) where every site I visit is bombarding me personally (instead of anonymously) with ads for stuff I recently looked at or purchased.
If I know who I am connected to, we're only a step away from advertisers and companies knowing who is connected to them.
I don't see scams online being any worse than over the phone or anything else. I could get a call from some random person and see "out of area" on my caller id, and they could try to sell me some product, eventually acquiring my credit card number, or some other personal information. It's no less anonymous than online really, IMHO.
Browser report is 404 Not Found. Doh!
I wish I were joking, but I'm not.
This is philosobabble bullshit. Most people at MSN couldn't even figure out how to integrate passport into the internal apps correctly (i.e. without trouble on the client side a lot of the time).
That's the problem. It was shit. Shit doesn't shine in any context. I'm still listening, but my impression so far is that of a pseudointellectual who needs a reality check.
Is that seven laws or seven words of identity?
You're entitled to your tinfoil-wrapped opinion, of course, but as I always point out in these discussions, there would be a lot of advantages to having some form of confirmed identity connected with Internet-based activity, even if it's generally concealed or only anonymously verifiable except to suitable authorities.
If everything could ultimately be tracked back to you eventually, things like spamming, virus distribution, defamation, on-line fraud, and numerous other harmful behaviours would be dramatically reduced. You could improve a lot of people's lives here.
Of course, you also have to identify "suitable authorities" who should get the right to access this information. That might be relatively easy in the West -- we have court systems that most people would probably trust to issue such orders if and when necessary -- but the Internet is international and what's free speech to you might be illegal anti-government propaganda in certain other places.
Personally, I think most of the supposed advantages of anonymity on the Internet are illusory anyway. Does anyone really believe that all these people in China are happily speaking freely on the Internet as it stands today anyway?
Hence, on balance, a reliable identity system gets my conditional agreement, subject to the devil in the details of course.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
What ever happed to being a good'ole programmer? Or if you really stuck with it, you'd be a senior programmer.
All this architect shit is just a bunch of marketing crap that is foisted on folks in lieu of salary.
I don't know about Microsoft, but at Bank of America, when the "architects" join the conference calls, that's my cue that it's about to get thick and smelly.
Ugh. What a pretentious pile of horse hockey. Here are the shills of Microsoft, attempting to co-opt your data once again, by creating pseudo-intellectual "Laws of Identity". What a laugh. Why don't they fix their stupid insecure OS instead? Because they can't. It's beyond fixable. So now they seek to redefine identity in the virtual space so they can claim the high road in secure transactions.
Please. Stop. You are hurting people. You are the problem, and you should please cease and desist, and go away. I am fine with my identity, and the rights therof under the laws of my land. If you were actually LIABLE for your crappy software, then you wouldn't have the time to create this faux intellectual crap. Just because you lable it a law does not make it so....
Anyway this is an important issue so I highly recommend that people RTFA on this one. Basically, what it comes down to is that identity services should follow the same rules as your local S&M club: Sane, Safe, and Consensual.
Having skimmed the article (the PDF works fine for all you 404 moaners...) it seems to make a lot of reasonable arguments. The title isn't entirely clear: we're basically talking about prerequisites for an effective identity framework to exist. In this respect, it's good to be up-front in acknowledging principles like the first law:
Any hint of subterfuge will immediately harm any information-based system's credibility, so we might as well start by ruling out the most serious form.
I also like the claim-based approach. A claim needn't be "I am John Doe of 16 Some Street, Someville." It can be much more general, e.g., "I am a member of Group X, and therefore entitled to access Service Y." I think this sort of framework is far more likely to gain user acceptance and trust, and with good reason. The author clearly realises this as well; the second law is:
All in all, given my stated views about complete anonymity on the Internet, this sort of research seems like useful progress, and a better compromise and basis for further research than much that I've seen before.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
So really your feeling of your lack privacy loss comes from not having enough identity, and not the other way around.
As a card-carrying member of the tinfoil hat brigade, I prefer anonimity
Here are the seven principles, in abbreviated form [if anyone could make voodoo dolls of the creators of the PDF format, and stick pins in their - ah - whatevers, I'd be most grateful]:
I'm with you: Any WWW/Internet-ish global identity management system is gonna need a principle zero: With the understanding that the subsequent rules 1-7 apply only to those users who chose to forgo their principle zero rights."Something strange is a brewin' at Microsoft these days. To see what I mean, check out this video interview with Kim Cameron, Microsoft's Architect of Identity, about Kim's now famous now famous Laws of Identity. Personally, I was so schocked to see Micrsoft come down this hard on the side of open standards and corporate responsibility that I almost choked on my tinfoil hat. Is this the beginning of a new Microsoft? But more importantly, now is the time to start an open and ongoing discussion about the future of digital identity. Is Kim's vision something the Slashdot community could get behind?"
Passport failed because it was shit, and everyone knows it... so what to do when you're playing worlddomination on the Internet and have just failed? You send the whole thing to marketing, which relabels it and adds stuff about openness and how everyone can join in, and then you just keep on doing what you did before...
perl -e'print$_{$_} for sort%_=`lynx -dump svanstrom.com/t`'
This isn't from Microsoft PR, it's from one of their research groups, who are generally very clever people looking at technologies that might be used some way into the future. This isn't the next MS Passport, or something they'll put as bullet point on Longhorn/Vista/whatever it's called today.
It's fascinating that the parent AC supports the law of their land, and wants Microsoft to be held liable for their "crappy software". At the same time, the parent AC obviously opposes these ideas, which might mean many people who abuse the Internet's anonymity to break those same laws could be held liable for their actions, or be denied the ability to perform those actions in the first place if they didn't wish to accept that liability. That position is logically inconsistent...
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Given the fact that the TSA just got caught trying to continue TIA, I think that this is the last thing we need. It starts out very innocently. The industry adds something like this and pretty soon we have followup laws that begin to gradually force software to make full use of any sort of identity layer. Anonymity becomes nearly impossible, and for many countries that means that the Internet loses its alleged immunity to censorship.
One of the things that disturbs me about this sort of thing is that extreme rendition can work both ways. The Syrian government might want their back scratched for a change and Uncle Sam then turns over a few names held on US soil using USA PATRIOT Act powers to secret get the information. If our government is willing to ship people to get tortured, what makes anyone think that it's not immoral enough to scratch another, more abusive government's back a little by helping them clamp down on dissent?
Biometric information tied to your credit card would go a very long way toward solving many of these crimes. What we need are open standards for communicating and storing biometrics information. I should be able to look into a webcam with a retina scanner and it should be able to tell Amazon.com that I'm the person who owns the credit card being used. The problem with this system is that it'll end up making something like TIA more realistic because it'll be accompanied by laws that force software developers to make good use of it.
Click here or a puppy gets stomped!
You are nobody...
(unless you are in my phonebook)
The secret of success is honesty and fair dealing. If you can fake those, you've got it made. (Marx)
For those having a hard time getting to the PDF, here are the 7 Rules of Identity according to Kim. I've removed the text for brevity. 1. User Control and Consent: Technical identity systems must only reveal information identifying a user with the user's consent. 2. Minimal Disclosure for a Constrained Use: The solution which discloses the least amount of identifying information and best limits its use is the most stable long term solution. 3. Justifiable Parties: Digital identity systems must be designed so the disclosure of identifying information is limited to parties having a necessary and justifiable place in a given identity relationship. 4. Directed Identity: A universal identity system must support both "omni-directional" identifiers for use by public entities and "unidirectional" identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles. 5. Pluralism of Operators and Technologies: A universal identity system must channel and enable the inter-working of multiple identity technologies run by multiple identity providers. 6. Human Integration: The universal identity metasystem must define the human user to be a component of the distributed system integrated through unambiguous human-machine communication mechanisms offering protection against identity attacks. 7. Consistent Experience Across Contexts: The unifying identity metasystem must guarantee its users a simple, consistent experience while enabling separation of contexts through multiple operators and technologies. -------- I'm really shocked that someone who works at Microsoft came up with this. This is a constructive, interesting set of ideas. The PDF link is : http://www.identityblog.com/stories/2005/05/13/The LawsOfIdentity.pdf
That's a one-sided bargain. You're always free not to use any service on the Internet and to retain your anonymity. Whether you should be able to retain your anonymity and still use the service is a different principle entirely.
OT note: Is Slashdot really allowing ads with pop-ups now? Firefox just told me it blocked a pop-up for some survey company, which matches the ad at the top of the page. :-(
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
You mean there's more than one? I thought it was just x = x . . .
On another note, a system of identity on the internet is a good idea as outlined in TFA, but I think that Microsoft's approach---undoubtedly, to hold all of the information in one central repository, probably controlled by itself, and just be expected to be on its best behavior and not take a peek for marketing or other reasons---isn't the correct one. If there's a system of persistent identity, it'll need to be decentralized, and it'll need to be secure. I'm thinking that a distributed system like Usenet or Kademlia might be appropriate, and that information should be encrypted. If the information is requested, the keyholder can choose to relinquish it by releasing their public key to the requester; they can then, at their discretion, release their private key as well to any number of parties in order that the source of the information be unverifiable after its initial use. This is probably not the best implementation, but something along these lines might be appropriate.
this is all exceptionally complicated stuff, though, and will certainly require some overhead to implement. Of a company like Microsoft, which has become famous for doing half-assed technical jobs and relying on powerful business tactics to back them up, I don't expect all that much.
If you want to hide your identity online, just use Tor
The key to ANY identity system is the central identify repository. That's the box that holds the criteria to prove that you are you.
Who will trust Microsoft to maintain that?
Who will trust Microsoft to SECURE that? Including the implementations and protocols used to access it.
As you say, Microsoft wants an early lock-in on something that they still haven't convinced people they really need.
An "identity" system means a single point to attack to get EVERYONE'S identify (everyone who has joined it).
And it would have to be open to the public because they're the ones who would be using it.
One error and everything is blown open.
One employee who is willing to download the database and everything is blown open.
Microsoft is focusing on how to convince others that Microsoft's ownership is a good thing. Those others need to be focused on what will happen if/when Microsoft is compromised.
"1. User Control and Consent:
Digital identity systems must only reveal information identifying a user with the user's consent."
If you don't want to be bombarded with personalized ads, then don't identify yourself.
When I see things like: We need a unifying identity metasystem that can protect applications from the internal complexities of specific implementations and allow digital identity to become loosely coupled. This metasystem is in effect a system of systems that exposes a unified interface much like a device driver or network socket does.
I think, "why is it a metasystem?"
Isn't it just a "system"? If I compose some systems, I just have a bigger system, right? I thought a "metasystem" was something different -- e.g. a system of rules for analyzing or processing systems (like a metaprogram -- a program that processes programs).
When I see people using words like "metasystem", but without using some sort of formal definitions or formal notation (aka "math"), I get a bit nervous, because it starts to sound like a bunch of marketroid speak. Then I figure it is a pile of shit, being built by a bunch of shitheads (who want to sound important by using fancy made up words), and I don't pay any attention.
And maybe a few years later I read about its total failure.
http://www.thebricktestament.com/the_law/when_to_
I wonder how these "intellect" get those fancy worded ideas?
oh yeah! its called "Projection".
Being as how the article is offline (404), it seems pretty stupid to link to it...
How do broken slashdot articles get removed?
Then, when the identity info is requested, what is transfered is what the central system deems is appropriate.
So, all those bad websites put up by bad people will be trying to get additional info held by the central system.
They may even do this by tricking you into authorizing an elevated inquiry. Great. Just another way to lose your personal data.
Since "identity" is useless unless accompanying "payment" (unless you count LiveJournal), why not focus on the payment aspect instead?
That way, if Microsoft gets it wrong (what's the chance of that happening), all I'm out is the price of whatever I just bought
I agree that Mr. Cameron speaks some truth -- fairly self-evident for the most part, IMHO, although I thought the 'directionality' of identity was novel and useful. He's right, managing identity is a key issue in fully realizing the Internet's social and commercial utility.
However, this sooth demonstrates that MSFT continues to be very very good at correctly identifying new vantage points from which to extend their control. If I had to choose only one MSFT initiative to defeat, 0wning digitial identity would be it.
How much time do we have to pre-empt them, and design a publicly-accountable identity management infrastructure? Surely not a decade. Five years? Two?
It sounds like Microsoft has learned about ontologies, you know those things that we're going to use to build the semantic web. Now they're trying to build an identity ontology to allow software agents to act on your behalf. I'd prefer to see something based on authorization rather than identification but MS doesn't work along those lines. I looked at the 'Laws of Identity' page and the blog it's sourced from, but didn't watch the vid... so consume this comment with some skepticism.
A lot of services that need some sort of idenity block the IP address of every known Tor proxy. For example, Slashdot has the pink screen of death.
As for defamation, that can, also, be easily tracked by legally requesting the logs of the server involved.
Fraud would not be affected because if the person was already going to commit a crime, why not include using a false identity, too?Nope. Nor do I believe that such happens in the US. Do you?
The honest people will be the only ones affected by this and the crooks will find it easier when people believe that everyone is correctly identified.Oh, of course! A perfect identity system
What you don't understand is that this issue is all about the details.
It is beyond naive to support the concept but to skip the details. Or, if you prefer, it is "utopian".
If the browser allows the site to hide the actual address and display a different one, then the identify authentication method has been circumvented.You may wish to read the article to which you are refering.
That is the current situation and one that I am quite happy with. Should
The article was proposing much more.Again, because our current system is setup that way.
You know, the system that the entire article says needs to be overhauled because it doesn't work? Here's something you should read from the very beginning of TFA: So, if you don't have a problem with
Oh, don't know what that means?
1. Tending to cause death or serious injury; deadly: a pernicious virus.
2. Causing great harm; destructive: pernicious rumors.
Archaic. Evil; wicked.
So, you say that
this is the second time in two days that i have encountered an extreme case of extreme verbosity. allow me to translate the paragraph from the news story for you:
"There are several technological factors common to all identity issues. By specifying these factors, the industry can progress with a shared framework, including the creation of a new internet data layer."
A "unified identity metasystem" is mere puffery.
What is so hard about this? I sign this email, you know it's from me. I sign X-Random piece of data, you know it's from me. You send me a challenge, I sign it, and you know I'm on the other end.
There are nice email frontends for PGP, and the web of trust makes damn good sense. It's flexible, and it makes sure that nobody's got you by the balls.
This sounds like MS trying to reinvent something that's already working just fine, and making it horribly complicated and broken.
The First Law of Identity, is you do not talk about the law of identity.
The Second Law of Identity... is that YOU DO **NOT** TALK ABOUT THE LAW OF IDENTITY!!
Indeed, lack of imagination is one of the most common ways in which people get screwed.
... that can offer the Internet the identity layer it so obviously requires.
'cause gosh knows the Internet is struggling for popular acceptance.
Wow. It's just the way Microsoft straight-faces these lines. You don't know where to begin.
Rule #1: MS Passport is the only choice for identity management.
--
make install -not war
Based on the Report, the *only* contribution Kim has succeeded in delineating are the assumptions behind Corporate suscription based frameworks.
There is nothing here that provides any layer of protection for the construction of an online identity. None of this contributes to the level of identity assurance to enable voting online.
The problem with your statement though is that it applies to everything. By the same logic, we shouldn't put seatbelts in cars because people might drive faster. And we shouldn't give children vaccinations because it encourages them to not wash their hands before dinner and get sick. And we shouldn't educate people, because it enables them to do bad things.
The fact is, people's identities are being stolen today. People's lives are being ruined because of this as we speak. What you are basically saying is that we should allow this to happen, because the same technology could POTENTIALLY be used as a building block for evil technology in the future. But it can also be used as a building block for good technology. As can every other invention.
I thought I would be seeing laws like laws of Physics, but these are morals with privacy as the overriding concern.
That sounds more an obituary than something to get excited about.
It would be a bit more compelling if the ideas could be traced back to some theoretical basis (where's Butler Lampson's name? Mike Schroeder? C'mon, these guys work for MSR), the discussion was focussed instead of "wide-ranging", and took place anywhere other than the Blogosphere.
Am I part of the core demographic for Swedish Fish?
My name is my passport... Verify me.
Example, "crypto ID": run a secure hash over your public x509 cert, and voila, ID number. If you can sign with that cert, you've proven your ID. Doesn't mean a damn thing, of course, except that you're someone with the private key to that cert.
The hard part is linking abstract bits to offline identity. And I agree, every use of that I can imagine is at best unnecessarily nosy for the sake of mere convenience, at worst a platform for discriminatory censorship, DRM, panoptic tracking, and intrusive data-mining.
I've worked with Novell's Identity Manager and DirXML for several years now, as well as their eDirectory and several other directories. They have a lot of good back-end identity technology that's tried and true. The product set is aimed at corporate customers, but the technology is in place and probably viable for much larger-scale implementations. With the next eDirectory release, you can have two trees and IDM drivers on the same server, so you can sync trees without ever hitting the network. Am I the only one that thinks Novell should be preparing to compete in the same space? Or is it not the back-end technology at issue but the human interface? Novell, are you paying attention here?
At the moment, we have the certificate authorities who have self-appointed themselves as the arbiters of what is legitimate, and what is not. Unfortunately, they are driven by money, being commercial bodies, so the bad guys only need to provide enough cash to appear as legitimate.
Also, at the moment, we have a strong need for anonymity, for whistle blowers, and other people who can not speak publicly for fear of backlash (e.g. Deep Throat). That is almost achieved with the massive amounts of network traffic, as people can disappear into the background noise. There are services available for people who want to make use of this, such as hushmail, tor and anonymous proxies. The downside is that unless you control every hop in the network, you can never be certain that you aren't being logged. By and large, you won't be, but it is a possibility.
In order to have anonymity, people have to accept that abuses will happen, either people being identified, or crap-flooding from people abusing the system. And, anyway, even the best designed systems will be crippled by the 'analogue hole'. If it can be presented to you as information, it can be captured and manipulated. It will require the criminals to get a lot smarter about their online crime, to go undetected like this, but who is to say that they aren't already doing this?
InfoSec that matters, when it counts.
whats next from M$ ? 100 laws of monopoly. M$ seems find it hard to realize that it cannot replicate its monopoly in non-OS domains.
replace the word identity with pimping, and you get 'seven laws of pimping'. - i may not be right here, since i wouldnt access the paper, thanks to MSN.
The only reason why this news caught attention of geeks is cause the tittle sounds cool like in scifi novels.
-jan.
Either you agree with the article or you agree with me that
If it is not, then they are circumvented.Then I would drop that business because of their non-existant security model.No. At that point I do not trust that company any more.And that is where it breaks down.
Because I do not know where I am supposed to be connected to, I cannot know if it is a legitimate site.
Because I do not know if it is legitimate, I cannot (and should not) provide any information to it.
And don't bother telling me that I wouldn't be providing it or that the original site's authentication would follow me. All that means is that there are MORE points that can be attacked.
Me - to - bank site. 3 points to attack (my computer, man-in-the-middle, bank's system).
Me - to - bank - to - other site. FIVE points to attack.
And that's only if the bank validates against their internal system. Adding an external system (such as mentioned in TFA) would add another TWO attack points for EACH connection.
Adding attack points is the OPPOSITE of "security". Particularly when you're adding a THIRD PARTY.
Don't try to sell the "identity" concept by claiming that sites would suddenly abandon decent security practices.
Philosobabble? Great term! The elephant in the living room that isn't being mentioned is who, in his/her right mind would trust Microsoft or anything that MS had any control over!? It is a company that has no moral issue with lies, deceit and treachery. Holy crap. They backstabbed IBM on O/S2. IBM has plenty of resources to make MS pay ... far, far more than any of us. But MS did without blinking an eye.
Read a MS EULA lately? They ain't responsible for jack no matter what. If their software posts your credit card # all over the Internet. Tough. You have the right to go to Washington State to sue them. Good luck, there!
If you want your life to be different, live it differently.
As an interested party in the online identity world and very aware of Microsoft's role in it, I have met with Kim Cameron several times with respect to his Seven Laws and Microsoft's imminent InfoCard identity system that he is sheparding. Kim is a great guy - very sincere - but is but one tornado in a company of a thousand tornados. So I wrote an addendum, Four More "Laws of Identity" that addresses some of my concerns. (Kim said he enjoyed reading them and would comment after Digital ID World, but as yet I suppose he hasn't found the time.)
Some of my concerns stem from a basic distrust of Microsoft as well as the fact that some of the InfoCard technology - though supposed to be open standards - is still bases on WS-Trust, which itself is based on the WS-Security Suite, which as yet is RAND but not RANDz.
I also feel a bit of personal responsibility, as Passport came from Firefly which is partially descended from my 1980 MIT (Media Lab) thesis on a personalized newspaper - NewsPeek - so named as while it provided a "peek at the news", it was also clear even then that centralization of such resources could lead to a Big Brother state (and New Speak). Now Microsoft's InfoCard is not an identity system - it is a trust system - and actually a very noble and good goal. I just worry - as with many Microsoft systems - about how they may seek to "embrace and extend" in the trust arena, perhaps with disastrous consequences. On the other hand, if they manage to free all the necessary standards and really push an open standards/source identity/trust "metasystem", I think it could be excellent not only for Microsoft (sporting an extremely well-integrated UI) but also for the wider community - including all us F/OSS friendlies.
I'll end with two plugs: one for a host of free identity systems that exist (such as the one I worked on for the last couple years until we ran out of angel funding, 2idi; and one for a promising "open standard" InfoCard-like system that could easily be built as a Firefox plugin (alas, in PDF form) that could help in the battle against phishing.
The antidote for misuse of freedom of speech is more freedom of speech.
-- Molly Ivins
Man, did any of you guys actually read through all that? It was like listening to an hour of Allen Greenspan talking. My eyes sort of glassed over after about the first three laws.
3. While it will be confidential information that shouldn't be shared without some form of regulation, losing said information off the back of a truck means that the negligent companies will recieve a stern talking to and a slap on the wrist.
Mod me down and I will become more powerful than you can possibly imagine!
Tor for all you tinfoil hat types. M$ will never get through that.
"Of all tyrannies, a tyranny sincerely exercised for the good of its victims may be the most oppressive." - C.S. Lewis
I imagine that 'metasystem' means 'we will build it into the OS so it is easy and transparent; all you have to do is give us money'. Oh, and 'better stay away from that Open Source stuff, you don't want your identity to be open.
"When the going gets weird, the weird turn pro" -- HST
to have anonyminity, you have to start anonymous? You already do not have that. Lets assume that you are using MS Windows. If so, then better than average chance that you have spyware, so you are broadcasting to the world. But lets assume that you instead start with a reasonable secure system (anything else). Do you really think that you are not known? The patriot Act gave the DOJ the same capabilities to the DOJ that CIA/NSA have. If NSA is able to tap nearly all communication in other countries, how hard do you think it is here esp. in the last 4 years?
In a nutshell, you are already well know. Even if by the gov., the last 30 years should show you that it is highly corrupted (Nixon, Reagan, Clinton, GWB; basically 4 out of 6 were/are highly corrupt and the other 2 may simply not have been caught).
I prefer the "u" in honour as it seems to be missing these days.
Show me one single case where the "suitable authorities" haven't abused their power? You can't, can you? Now go munch your fodder like a nice sheep; you aren't capable of independent thought.
"Does anyone really believe that all these people in China are happily speaking freely on the Internet as it stands today anyway?"
Under your proposed scheme, they wouldn't be able to at all. They at least can now, if they know what they are doing (which has been acknowledged by the "suitable authorities" in China).
Quit trying to use your brain. You are failing miserably.
"...the identity layer it so obviously requires."
I could have sworn it said "the idenitiy lawyer it so obviously requires."
Sounds about right.
http://www.firstgov.gov/ http://www.whitehouse.gov/omb/egov/ How about we create a government project - And hook up everyone securely to it. That way - we can eliminate layers of administration and save money and time. Save time; save money. What all you skeptics are afraid of is like turning from the gold system to the credit system. Relax.
The Eighth Law is that people have a right to know their own keys.
I want my key!
NO KEY, NO SALE!
If a computer comes with a boobytrapped self destructing chip that forbids you to know your own key and keeps secrets from you and restricts your ability to control your own computer then refuse to accept it.
The "seven laws of identity" are just a public relations gimmic to help sell the well documented Trusted Computing system. Microsoft's own website documents that the Security Support Component of their upcoming operating system release *is* the Trusted Computing Group's Trusted Platform Module, and the Trusted Computing Group's technical specifications cover the identity system in detail. I have read this documentation, hundreds of pages of technical specifications.
Step one is that the system only works if you have an approved and compliant TPM chip. The TPM chip contains a secret key that you are forbidden to know, and the chip is boobytrapped to nuke itself if you attempt to read out your key or alter the system. Step two is that the chip can then cryptocgraphically identify itself to other computers over the internet. Step three is that the chip can then tell other people exactly what software you are running, and that the system only works if you are running compliant and approved software. Step four is that people can then send encrypted data and keys to your chip, and you are prohibited from reading or altering the data or keys sent to you. The chip keeps the keys and data secret and secure against the owner. The chip can then send messages and attest to your "identity" and that it has control over the system and that you cannot do anything they do not want you to be able to do. That you cannot lie about your identity or your "capabilities" to read or alter your own data. Note that this is a really bizzare use of the word "capabilities". This is that you and your computer have the "capability" to deny you the ability to read or alter your own data.
If you try to run unapproved software, or if you attempt to alter your software or data in any way, then the chip denies you access to read or modify your own files, and the chip reveals in internet communications that you have an invalid identity and that the internet communication can be refused.
If we include the Eighth Law, that people have a right to know their own keys, then everything is fine and dandy. If you are allowed to know your own keys then your computer can keep no secrets against you and truely own and control your computer. So long as you are allowed to know your own key you cannot be locked in or locked out. So long as they refuse the Eighth Law, so long as this is just a front for Trusted Computing, then this is to be rejected in the strongest terms possible.
I want my key!
NO KEY, NO SALE!
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
"Identity" and "Your personal information" aren't the same thing. You can create a system where everyone is authenticated, trusted, specific transactions can be reviewed by third parties with consent of participating parties, etc...all without giving away your *personal information*. This is the layer that's important...
Two other posters prefer 1) an authorization rather than identification based approach, and 2) maintenance of walls between i.e. their bank and their doctor. Well credit card and insurance companies make this a bit messy but I digress.
It seems to me both posters are completely correct in capturing the general attitudes everyday people have about this sort of thing, or would have if it was translated into a verbal explanation of what somebody was offering to do for you ("I'll make it so you can just check a box and your bank and doctor will be able to talk to each other").
My first analysis of the rules was that it boiled down to an essential conflict between "Do as little evil as possible" and "We must do some evil".
This tension is artificial and derives from the author's treatment of an assertion (that globally verifiable identity between meatspace and cyberspace is necessary) as equivalent to a philosophical or religious law, or at least a position of unanimous agreement. This position is not only false, but also makes the author suspect of ulterior motives considering his employer, notwithstanding the list of authors provided (which is what kept me reading to a point).
However if one wishes to create a viable business system on the net that reflects the (putative) sovereign status of a human being over his or her own person, the architecture should work differently.
In particular, open standards, one-way only authorization hashes, and user-initiated transactions rather than corporate-initiated transactions, would seem to be more appropriate.
As an example consider that one's social security number is both very insecure and very important to an individual. Same for a credit card number. Having a database which obviously links an individual's real world identity to such a number, and making the database available through an imperfect system to a virtually unlimited number of agents with their own motives, means that as time goes on the probability of one's identity being publically divulged approaches 1.
On the other hand, if you personally create a data structure (say an xml file) using an open standard (say for insurance claims) and encrypt it in such a way that part is only readable by one person on a given insurance company's staff, and further encrypt it so that only your doctor and yourself can see the other bits, well that sounds like an authorization based approach and I would have far less to worry about that. It would certainly make the FBI's job a bit harder but they can always get a court order to make the insurance agent and doctor talk, if it's that important.
My point is that the author's strategy is fatally contaminated by his employment by Microsoft. There are other logical constructs one could make to guide system development, for example one could try to make the net more anonymous and more user-centric, and place stronger legal liability on the corporate entities that use, store and transmit the data. Individuals are empowered to use the system as a homeowner uses his telephone and the circuit created for a call.
It is not necessary to do evil at all. The only people who think so are those who have been trained to see people as objects instead of seeing them as the kings of inviolate kingdoms whom the system must serve with sincerity and humility.
The paper makes some good points but I submit that the general agreement that identity is needed online which the author suggests exists, does not in fact exist. People need to be able to trust companies they buy things from, and assurance that they are not "fly by night" operations, i.e. that you can call the better business bureau or the police on them, is what makes commerce possible. That, or just paying cash. I think the author needs to get back to the concrete reality of just how our economy currently works, so long as he is getting around to making suggestions about underlying infrastructure, and think about whether or not people really want this kind of thing.
Really. Confidentiality, Availability, Integrity, Auditability. MS has had another brainslip. Or maybe not. If disclosed information is used for other purposes, you need to blacklist the untrusted entity, then sue the shit out of them. Auditability is everything, and you need a log to prove it. Its not fair that Homeland Security employees get to ring hot looking chicks, because their uberbase has no auditability to catch internal abuse.
There is no thing as a fast biometric with a low false positive, and no legal way of population discrimination at the moment, which means such pretences are expensive bullshit, designed as PR measures.
They talk about seven recommended (by them) business practices for handling identity, but fail to deal with identity itself. If they don't know what identity is, how are they supposed to deal with it correctly?
Practically the first thing they say is patently false. "The internet was built without a way to knew who and what you are connecting to." IP addresses are not absolutely guaranteed, but neither is the real world.
We recognize things by patterns and by responses. Leaving aside DNS poisoning, IP addresses are as consistent as anything in the real world. The structure of the web site presented to the public is a pattern that may be imitable for a few pages, but is not fully imitable except for completely static pages (where the whole issue of identity becomes meaningless).
DNS poisoning may need to be more fully addressed, but it is not without parallel in the real world. Personation is likewise a problem in the real world.
The first problem is a lack of confirmation. Too much of the internet is built to the click, and too many people click without checking.
The second problem is that the one-click convenience and the graphical presentation has hidden (intentionally?) the means for confirmation. It takes technical knowledge (minimal, but a bother, and many do not know) to reveal the links buried in the source, and many people turn off the URL entry field as if it were noise, and ECMAscript has a way to fake the shown URLs.
So, Microsoft has been busy hiding the tools of identity confirmation in the name of convenience, and now they want to replace what works about as well as the real world with something they can control.
This is _the_ reason I have hated Microsoft from the beginning. The do the things everyone else is too ethical to do and then they sell it. And since they do it, no one else thinks they can afford to not do it.
The time it took the article to hit my red Digital Imprimatur button? A few seconds.
... lots of work.
Modifier: the time it takes till I get to the bottom of it? Uh,
Some of us are beginning to suspect that their research group is their PR department. It's hopelessly shallow. If you don't believe me, see if you don't agree with the following illustration:
Speaker: "Hear ye, hear ye!"
Speaker: "Bow down unworthy mortals, for the High Priest cometh down from the High Ivory Tower with The Tablets from the Central Source of All Insight And Authority to deliver the 7 Perfect and Final Laws of Identity upon thee. In his Infinite Grace, he is allowing thee to see the content of the Tablets this time, that ye may experience wonderment at his Great Wisdom, and that he may not have to smite the tablets like last time, because of his..., er, your Foolish Ignorance."
Audience (bowing): "*Gasp* How merciful and generous. Praised be the Infallible Lawgiver!"
Speaker: "The first Law, is that the Anointed Keyholders may only reveal thy Identity with thine own consent. Is that clear?"
Audience: "Yes, Lord, we did click the Yes on every one of the 200 page Prophets' EULAs, as usual you have our True Consent. We all read every word of the Prophets, especially the part in ALL CAPS, we promise... (Including the part that no one is liable if the software fails utterly and our identities are revealed to the Anointed Vendors and the Anointed Advertisers withal, but that would never happen for ye and your Prophets are the Most Perfect High Experts of Security and therefore the Chosen Ones for us to Trust...) Yep, every bit of it.
Speaker: "Very well. The second Law, is that the Solution which discloses the least amount of identifying information and best limits its use is the... uh... most stable long term Solution!"
Audience: "All hail the Great Wisdom! All hail the Long Term Solution."
Child: "Hey wait, that's not a Law!"
Child: "It's not even a bluddy requirement -- or a recommendation! It has been reduced to a lame observation! No one will be held to follow a mere observation."
Woman: "Yea, some Law that is."
Old Woman: "Who hath edited the Second Law? Mayhaps an marketing devil hath possessed it."
Child 2: "The Tablets, they have no clothes!"
Audience: *up in arms* "Quiet the wayward creature! It speaketh Lies. Quiet, ye fools. Know ye not the High Wisdom of the Experts? Who brought womenfolk unto this gathering?"
Man: "Hey wait, who hath allowed the Vendors into the Temple of the Legislature to make Laws unto themselves?"
Speaker: "Uh, I must be going now, for behold, the Unholy Pager hath sounded." *runs away*
All Your Identities Belong To Us http://www.planettribes.com/allyourbase/>
Biometric information tied to your credit card would go a very long way toward solving many of these crimes.
Great. First you make some sense and then comes this.. What happens if a third-party discloses or cracks your biometric information? A new retina anyone? Also, not only can YOU go to jail for somebody else's misdoings, but YOU also have to prove YOUR innocense..
Just like today when the banks claim YOU lost the PIN to your account and it got cracked, and it's an uphill battle.
I'd prefer to see something based on authorization rather than identification
But IAUI, authorization is something that happens after you've authenticated who you're authorizing.
Example: Authorization is the process of, given an already authenticated principal, enforcing requirements like "Only members of the tinfoil hat club may view this webpage". It has nothing to do with determining if the principal is or is not a member of aforementioned club.
Example 2: In the context of an operating system, authorization of file access consists of comparing file permissions with some token denoting the identity of the account attempting the file access - the authentication was already done earlier on during login.
Software development will involve bugs, because no-one yet knows how to write completely bug free software. So, here are a few things that could happen if you make software companies responsible for any failing in their software:
Would you like to guess which ones will happen, and which ones won't, in the majority of cases?
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Trust is a commodity; a wealth is built when it is traded, poverty ensues when it isn't, and it is always built by choice.
Weither you choose to trust an action(culture), a sockpuppet (the anthropomorphisation of a suit is no different than the anthropomophisiation of a suit), a brick, a building, a person, an entity, and so forth, is upto the individual by choice.
Those who do not know this can be taken advantage of for they trust a lie, not the truth.
It is a commodity that should not be monopolized; to monopolise trust is to monopolise all communication and interaction. This is an action that will ensnare and enslave the fearful and persecute the educated.
Please save the 1984 references for when they're applicable. Crying "Big Brother is coming!" in the face of any discussion of privacy and identification technology, regardless of its potential merits for both individuals and society, does not make a compelling argument, and serves only to dampen useful discussion. The last thing we want on a subject as important as this is to stop people thinking and discussing new ideas, and wait for events to take care of things for us in whatever knee-jerk reactionary way they see fit.
To address your specific example, the invasive telescreens in 1984 monitored private behaviour in an individual's own home, amongst other things. Neither the article nor my posts advocate any such intrusion. This is a completely different concept to requiring individuals to be accountable for their behaviour on public networks where other people can be affected. This simple obligation to society in general is the basis of any legal system.
The Internet has had a free pass so far because the technology and legal framework haven't been up to dealing with much of the abusive behaviour. Look what's resulted: viruses, spam, phishing, and all the rest of it. This is what happens when you allow anyone access to a powerful, public service, without any responsibility for their actions.
I don't get this. I've had lots of replies in the past 24 hours that make similar comments, but where in either TFA or any of my posts is there any advocacy of some global authority that knows everything about you and makes all the rules? The main point here is that in order to use a service, it's not unreasonable to require you to provide sufficient information to confirm that you're entitled to use that service, and possibly to allow remedies if you abuse it. That doesn't imply giving your name, address, DoB, government-issued ID numbers, etc. to everyone you deal with. Nor does it imply some central organisation, government or commercial, needs to know everything you're doing.
Having said that, we do operate with authorities that make the rules (legislative branch of government), enforce those rules (executive branch of government) and hold you accountable if you break them (judicial branch of government). We've been doing this since long before computers and the Internet, it generally works pretty well, and I've yet to hear any compelling reason why using some sort of technology should exempt you from any responsibility for your actions, even if they are harmful to others in society. Courts can order all kinds of information to be disclosed about you from all kinds of source, if it's important to a trial and necessary to secure a just verdict. I don't have a problem with that, and I question to motives of anyone who does. But this is only a single, limited aspect of the more general principles under discussion here.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
...we have court systems that most people would probably trust to issue such orders if and when necessary...
As the "Patriot" Act continues to evolve, it should be obvious to all that any trust in governmental agencies is seriously misplaced. There are easier ways to avoid spam, virii, etc. than to give up your freedom.
Got that?
Now, go look up the definition of "pernicious".
Not where I work. It spawns another browser window and I have to log on using the credentials for their site.Yeah. Sure. And the other windows that open that I have to enter my credentials are just
It's far more secure than the situation you're describing.Yeah. You keep believing that.Sorry, I didn't realize I was talking to Nostradamus.
I know my employer won't be doing this in the next 5 years. I work for a small insurance company and they are VERY concerned about security.
You seem to have lost the "security" issues somewhere in your discussion of "wants".
Don't do that.
It's all about the security.
I don't trust Microsoft for this kind of thing because they are not accountable. They are not licensed or bonded or liable in anyway. If their 'identity layer' turns out to be crap and cost people of billions of dollars: 'oh well, your problem, you clicked yes on the disclaimer when you installed the OS.' Banks, Escrow companies, Credit Unions, Title Companies, etc. are regulated and licensed. They are not only held financially liable, but criminally liable. If they screw me over maliciously or via neglect, I at least have the possibility of seeking a legal remedy. This is not the case with Microsoft. Trusting security to an entity that cannot be help accountable makes all their 'laws' worth less than nothing.
I think you've forgotton that Microsoft typically leaves everything "open" and turned "on" by default.
So that means anybody on the web can get your information unless you turn it off. It's the Opt-Out system all over again.
That means for all the good it sounds like its just the same old stuff in a different package.
1. My Credit/Bank card requires PIN entry for everything.
2. Every time Card/Bank Account is charged I am notified/emailed.
3. I look through it every weekend to verify.
4. If this system is hacked I am not liable.
5. For large/aggregated purchases I am contacted(my cell rings if I try to charge more than $Threshold within {X,Y} Time Range)
6. Vendor release merchandise at your peril without vocal confirmation when required.
7. And it was good.
Hello Cruel World
Why is it always called upon more identification to counter abuse. Why is this misconception still around?
Make your system robust so it is not a problem if someone wants to abuse it. Then security or identification will not be nessecary.
Every identification mechanism can (and will) be bypassed. And the harder it is to bypass it, the more consequences it has, since it is so hard, chances are little it can be compromise. The Internet community is nearly infinite therefor how small the chances are, it probably will happen, see here the base of Murphy's Law.
If the system is robust enough there is little or no idenitification necessary to make it work well.
The Internet is build and designed for robustness not for security, from this view it is not necessary to govern the Internet.
Make sure you can undo abuse attempts, or crimes.
The Internet is only a means of communication, make sure the things around it are robust enough to handle abuse attempts. Do not try to create the Internet abuse proof, for that is a futile attempt.
I bow for your wisdom. /ME
"The revolution wasnt televised"
I'd say that anonymity is a corollary to the existing 7 rules. "User control" and "minimal disclosure" together imply that you can release zero information, if you choose.
Unless you'd like to rephrase rule 0 as "Services are required to serve everybody without identifying them, even minimally". You may well agree with that, but I'm not sure that I do. It's the same as what you said except turned around, focusing not on you but on the people whom you are asking to do work on your behalf.
That runs counter to the "minimal disclosure" rule. The converse of "discloses the least amount of identifying information" is "you must disclose some minimum amount if it's required". Some services require some form of identity management, from specifying preferences on my Slashdot page to specifying the shipping address for my Amazon order.
The real question is, what's "minimal" and how do we enforce it? Presumably enforcement happens by market forces: if you don't want to shop at Amazon because they require more information than you want to give, you go elsewhere. But online as in the real world, it's not always easy (or possible) to shop elsewhere. Sometimes the markets will flow to create alternatives; sometimes it's just not sufficiently profitable.
So I'm not worried about anonymity so much as I am about the larger problem: how do I encourage sites that I want to do business with to set their minimums to appropriate levels? You're proposing, I think, that the minimum is always zero, and I think that's oversimplified and unrealistic.
Why does personalized advertising bother you so much? Is it the fact that you care more about the ad, because you're irritated that you're actually interested? Or is it just that you prefer the implication that non-targeted ads imply that you're anonymous? In other words, do personalized ads bug you primarily because they remind you that you're not anonymous?
The existence of identity standards doesn't necessarily mean automatically identifying yourself everywhere you go. This is not about loss of anonymity; it's actually about improving it. There are various middle grounds between "totally anonymous" and "totally exposed" and they're trying to standardize those. And you'll presumably see ads as personalized as the level of identity you're required to expose for any particular service. If a particular service requires too much of you, don't use it.
Beyond that, personalized ads don't bother me much. If I want to read the New York Times and they feel that they're going to do better business showing an ad targeted to a 35 year old white male, feel free. Who knows, they may even be right. I'd love to reach a state where I'm grateful for ads which tell me about stuff I want to know rather than being irritated by ads that have nothing to do with me, especially when they're offensive in some way.
NEW LINES DO YOU SPEAK IT?
That's because the page in question chose to remain anonymous.
~REZ~ #43301. Who'd fake being me anyway?
I'd like to be able to maintain 2-3 seperate identities online (and in real-life too for that matter).
I think identity should be based on some kind of trust network involving ratings or something.
That way I could have my main identify that appears conventional and build trust for various social and business transactions and also have an alter-ego that perhaps has a lower trust but can be used for dissent (for example).
Also, if your main identify ever got disgrased for whatever reason, at least you could start over with a new identity (perhaps analogous to in real-life having to move to an obscure location where you don't know anyone).
But then, I also think privacy is overrated too - I'd prefer complete transparency of everyone, but only so long as it would still be feasible to at least partially segregate identities. The transparency will be an inevitable side-effect of technology eventually anyway.
There's a brief story in the Washington Post about a local company involved in innnovative identity establishment technology. The term "claims" is prominent in their description as it is in the Microsoft document. Interesting. http://www.washingtonpost.com/wp-dyn/content/artic le/2005/07/24/AR2005072400911.html
Also, do you really think that you could go stand outside of the white house and yell about how much of a failure you think Bush is? I don't. I think you would get stopped, and quickly.
Well, drive along the iron fence along Constitution Avenue, and there is always several someones there protesting this or that, with their signs in view of the White House and all the traffic.
Of course, if you use Google Maps to look at the satellite pics of the White House (at maximum zoom), the tops of the White House, and the buildings next to it, have been photoshopped... and the US Capital has been seriously de-rezzed.