Wednesday, February 2, 2011

The Internet Should Not Be Anonymous

Via Roger Grimes at PCWorld

The news of the U.S. government's latest attempt at a national citizen "Internet ID" brought yet another round of choruses: The Internet must be free! Any government ID plan is bad! Anonymity for all forever! Perform an Internet search on "Obama national Internet ID" to see the screeds against the proposed plan. Security experts around the world are saying the government would have to pry their anonymity from their cold, dead touchscreens.

I chuckled at these angry responses because they sound like the heated calls for anarchy in the 1970s from tattooed punk rockers smoking unfiltered Camels while the Sex Pistols played in the background. The difference is the angry masses in this case are being riled up by security experts, who have been ranting wildly enough to spill their expensive Imperial Stout all over their tablet devices and brie salads.

Notably, the details behind the plan are scarce right now. The rationale, according to U.S. Commerce Secretary Gary Locke, is "enhancing online security and privacy, and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities."

Even though I'm a huge privacy proponent, I get a little tired of seeing every proposal for a national or government ID met with absolute aversion. Security isn't binary. If a national ID plan offers more benefits than disadvantages, then I don't want to throw the baby out with the bathwater.

Total Internet anonymity means total anarchy

Just like the anarchist who is the first to call the police when punched in the face over his or her beliefs, the Internet would fall if we had total anonymity and no means of ensuring trust. Without strong authentication, authorization, and accounting, even places on the Internet meant for total anonymity would fail. The Internet would not be the Internet. Why? Because someone has to pay the bills and maintain control.

If the Internet was completely anarchistic, with no access control, websites would be constantly taken down, denial-of-service attacks would be even more common than they are today, and anyone could pretend to be anyone else. (This is already all too easy to do on Facebook, one of the biggest websites ever.)

Someone has to exert control and make sure ill-intentioned people don't take it all down. In the perfect world, no one would ever try to take down a website or disrupt someone else's legitimate actions. But human beings are imperfect and often seem overly capable of damaging other people's resources and experience. Case in point: I consulted for the owners of a thoroughly hacked website that had been created for collecting donations for a child's cancer treatment. I'm sure the hacker has plenty of personal excuses to rationalize his or her behavior.

Driver's licenses aren't all bad

I think most of us agree that some form of access control is needed in order for the Internet to be a useful tool for billions of people, especially as more and more critical services go online. The real question: How much control and who should control it? I'm pretty sure I don't want any government controlling the Internet, but I'm not sure a national logon ID is a complete takeover.

A lot of people whom I respect and admire are totally against any government agency requiring anyone to have a common identifier in the real world, such as a Social Security number or a passport, or on the Internet. They argue that such IDs are guaranteed to be hacked, abused, and misused -- both by malicious people and the very governments that issue them.

I understand the inherent concerns about giving any entity total trust, but a blanket statement against any common and trusted ID doesn't seem to be fair either. Although common IDs are largely imperfect, they provide value all throughout society. For example, I'm delighted that underage children aren't allowed to drive cars and that adults are forced to take a test before they can. I like that my world has street names and sequenced housing addresses so that it's easier for mail to be delivered and for the fire department and rescue squads to find my house.

For each ID we have, we should ask ourselves if society is better off with or without it. I'm not talking about using scary edge cases as the determiner, but looking at all the positives and negatives before registering complete disdain.

Know your Net neighbors

Perhaps you support the idea of driver's licenses and passports but still don't see how a national Internet ID would make the Web a safer place. Well, if the system could improve identity assurance (that is, the person is who they say they are), then it could prove useful. Maybe it would require two- or multifactor, biometric identification. A well-designed authentication system would consider all the components of the system and elevate or de-elevate assurance levels as appropriate.
This wouldn't stop hacking -- or identity theft, for that matter -- because bad guys can simply reuse credentials after the person has successfully authenticated on their compromised workstation. But it would be better than the default simple name and passwords we use today.

The details behind the Obama administration's push for a national Internet ID aren't known. But I do know that the Internet needs to be a more trustworthy place than it is today, and I'm willing to listen to new solutions that might help -- at least long enough to learn all the facts before just saying no.

In fact, I'd be happy if all it does is get the discussion to the end-game going. Anything is better than what we currently have in place

1 comment:

Logan said...

While I agree with some of the ponts laid out in the article, I am wary of the idea of ID cards. It is far too easy to obtain fake IDs for underage college students, so it will not take hackers a very long time to create fake internet ID cards either. The more information people put out about themselves on the internet, the more likely that there information will be taken and misused also. Even without ID cards, the internet is still not anonymous. Simply by compiling internet search histories, it is genrally relatively easy to figure out the user. Perhaps instead of users having ID cards, certified companies should have a way to prove that you are actually on their site when you use them. The website holders should not be allowed to be anonymous. When you are on, should show some time of internet ID that proves you are actually on their site.