Thursday, June 29, 2006

Credit cards and identity

Doc Searls posts his thoughts about identity at IT Garage. My interpretation of the discussion so far is one of the need to gain some control. I'd like to propose a modest shift which might help the most expensive part of Identity problem, credit cards.

Current credit card systems rely mostly on one thing... keeping a secret. The secret consists some fairly public information (Name, Address) and a true secret (the account number). Insofar as the company is concerned, this is the ONLY key required to make transactions as part of your relationship with them.

I believe it's all this way because of inertia... perhaps I'm wrong, but it seems very quaint and obsolete to me.

Because there is really only one secret number, you have no way of keeping your identity separate as far as the credit card system is concerned. The companies like to pretend their is a difference between the card holder, and a vendor, because it helps maintain the illusion that the system is secure.

Every time you give your account number to someone, for all intents and purposes, you give them your identity. Furthermore, they can use it later, at any point in time or space until the expiration date, without restriction. Your identity gets propogated everywhere, in their backups, on the laptop their webmaster uses to update things, and the person who buys the hard drive after he upgrades. ANY of those people can use your identity.

It's just not possible to keep all of these copies secure. It's stupid to try if there are alternatives available.

For basic transactions, I propose a change to the model... non trival, to say the least, but relatively simple to implement and execute. Allow us to use one time keys for each and every transaction. Don't allow it to be reused, EVER. This makes the value of an old key go to zero, as soon as it gets used.

This makes the worry about the secret getting stolen go away. 8)

Relationships require more detail, as they extend over time, and include a much bigger chunk of information. I'd still go with the one time secret, but keep the terms and conditions transparently available to BOTH parties at the credit company site. The customer needs to be able to track and modify the conditions as time progress, and it's logical that the credit card computer is the place to do this.

If the key gets locked down to a specific vendor account, the value to thieves goes down dramatically (not to zero, but substantially none the less). This makes the worry about the key getting stolen go down proportionally as well.

Those are my thoughts about it. I'm not calling for new infrastructure, and I don't even begin to deal with Single Sign On... but I do address the most expensive mess related to identity (I think).

I'm curious to see how this gets remixed.


Tuesday, June 27, 2006

Subversion Rocks!

I've been using Subversion, also known as SVN in a stand alone configuration on my laptop, and it's nice to be able to undo, and keep track over version. Today though, I took it to a new level.

I'm pulling work stuff off my laptop, and onto the servers here where it belongs. I installed SVN and used SVNserve to run it as a service. Once I got the kinks worked out, I was able to check out and commit from multiple places across the local network, and let me say... it ROCKS!

I've got one heck of a backup strategy in place for my code now, thanks to this thing. One small piece of my life firmly in control.... many more to go.

Monday, June 26, 2006

Internet incantations

Dave suggests that the internet culture results in "A network a mile wide and nanometer deep".

I'd say that he's got a valid point, one that I won't dispute.

I will say that the internet makes it possible to lower the cost of keeping relationships that might otherwise get lost over time. I'm only now (at 42) starting to learn the value of keeping such friendships, and attempting to ween myself off of my hyperextended period of indifference.

I think that the tools are just that... tools. Like the atomic bomb, they do have some moral dimension of their own, but it is overwhelmingly up to the people and societies that decide how they are to be employed that bear the ultimate responsiblity. If we choose to bury ourselves in distractions, we'll get what we want. If we choose to do the other thing, and seek knowledge and growth, and nurturing of relationships, we'll get that as well.

The internet is a tool... not a silver bullet, which I believe is a view we can all share.

I'd like to mix in my interpretation of Ethan Johnson's "physical symbolism", like this:

Doc Searls has vision of the world as he wishes it to be. He consistently expresses and refines this view. The act of sharing and promoting the idea is a type of incantation, a type of magic for lack of a better term... the act of reciting and repeating this vision will eventually cause it to become manifest in reality. How quickly this happens, and how much of an actual difference it makes in the overall scheme of life, is best analyzed post facto (say 20 years from now).

We're all making incantations of what we'd like the world to be... its very important to be careful what you wish for, you just might get it.

Thanks Dave, Doc and Ethan for the pointers, and the bits of wisdom.


Friday, June 23, 2006

Virtual BloggerCon

Thanks to Doc's timely notice, I'm virtually in San Francisco, (or so they say)... at BloggerCon... Doc Searls is doing a bang-up good job taking notes (he's just done with tools), and showing up on the IRC at times.

It's fun to actually converse with technological peers... doesn't happen much at work, where I'm the whole IT staff.


my themes...

Things I keep bringing up, over and over... all in one handy posting:
  • HTML doesn't allow markup of documents (take a web page, save it on CD-R)... now tell me how I can highlight part of it... (I CANT!)
  • There needs to be a way to jump into existing content like Video, MP3 via external hyperlink
  • Credit Card systems based on keeping your SSN or Card # secret are insanely insecure, and need to go
  • We got a wake up call in 1970 to cut our dependence on foreign energy... why haven't we?
  • 90% of all stuff on the web is crap... including this
  • I'm a very lucky man... inspite of all my complaining, I try to be grateful every day for Noran and Virginia
  • Computers are tools, the means, not the ends
  • Users shouldn't take the blame for bad tools
  • Why can't someone come up with a database that syncs to laptops?
  • Tags and metadata are great, but take wayyy to much time to create
more later...

Thursday, June 22, 2006

Not even a cheese sandwich

One of the interesting changes that Virginia brought to us is the sudden need to immerse ourselves in deep knowledge of her inputs and outputs. These need to be cafefully monitored and managed, to avoid many issues.

Recently, she had a bit of an output backlog. This is normal for infants of her age, but still managed to concern us, primarily via the lack of a sleep state that this caused. Our subsequent exhaustion then cause a ripple through our I/O as well.

We were relieved when her distress ceased, and the output queue was cleared. We had a visit with the diagnostician today, who monitors her functions and growth. She's progressing quite well, and we're performing our management and maintenance tasks competently.

This afternoon, she slept for many hours... Which delighted and mystified us just a bit... then Noran realized... why

She's all pooped out!

Cheese sandwiches, poop... for every thing, there is a season.

Tuesday, June 13, 2006

My identity stolen too.... 8(

It turns out I'm one of the 26 million veterans who had their information stolen. I'd be tempted to throw stones at the VA... but that's just reactionary diversion from the real problem.

Now... why is it that knowing my Name, Address, and SSN is enough to impersonate me?



Because the credit reporting agencies can't imagine a proper system of authentication (or just don't want to invest in one)...

I think it's absurd that a few digits of information are all that separate my credit history from oblivion. Why do we persist in blaming everyone except the credit companies for this problem?

There are better ways to authenticate people, we need to figure out what they are, and use them. The days of counting on a 10 to 20 digit number as ultimate security are over. Why should 26 million of us have our credit at the mercy of a single string of digits?

It's nuts... time to crack down on the real problem.... outmoded authentication systems.


Friday, June 09, 2006

How NOT to do identity

There's a thread over at the 37 signals blog that calls for the idea of portable credit card numbers. Its interesting that none of the comments so far see the inherent security issues with this idea.

Phone number portablity is nice because humans are expected to dial numbers, and it's very useful to associate a number with a person, and have the relationship persist for tens of years. There is no real security issue with this because the knowledge of a phone number has reasonably low value in scamming. The fact that numbers are considered permanent helps also keep the required size of the number pool smaller (new area codes not withstanding).

A credit card number happens to be its present size due to historical circumstances. Its an account number, from computers, for computers. The fact that a human may be required to recite it from time to time is the primary reason they aren't longer, or cryptographically secure (i.e. 1024+ bit random numbers in hex --> 256 characters long!)

Unlike phone numbers, the current credit card system relies on the 16 digit number as an essential element of security. Its part of a secret, along with a "security code" (3 or 4 digits tacked on to answer public concerns in the last few years), and the name, address, and other identifying (and likely publicly) data.

The current credit card system is amazingly insecure. The mere knowledge of a few facts, along with the 16+4 digits allows one to charge ANY AMOUNT against a credit card account, for the duration of the life of the card. The system forces the card holder to trust every merchant the wish to conduct business with, for the full security of this information. This is equivalent to handing all of you money to the merchant, and trusting they will take the correct amount of cash before returning your wallet to you. Only it's not even that safe, they can then dip into your wallet at any time in the future. If their computers are compromised, they anyone else who learns this secret aquires the same capablity.

A far more reasonable approach would be to use one time keys for every transaction. The credit card companies could offer a smart card, which would compute a cryptographically secure payment code which would denote the amount authorized, along with any authorization for future payments. The payment code would only work for the specified payee... if their computers were compromised, or if anyone else learned the secret... the knowledge would have zero value.

This is how this should be done. It's silly to trust that a 16 digit number with our financial futures.

Your credit card number is NOT an identity... don't be fooled into thinking it is.