An Information Security Community
Here's my take on Dancho Danchev's great article 5 reasons why the proposed ID scheme for internet users is a bad idea on ZDNet. Politicians all over the world have finally realized that internet crime is a serious business and they want to do something to counter it. They overreact because they realize that they slept through that development and now they are struggling to "regain control" - a control they never had, not even before. But hey - that's awesome! There are all those $vendors who sell identity management, smart-cards, smartcard-readers, deep packet inspection, ssl-decryption-gateways and all other kind of gear that would not only enable the authorities to "regain control" - no, it could also take control to a whole new and unprecedented level!
Ain't that cool? </sarcasm>
I must admit that when I learned about PKI some years ago I thought it'd be cool if every person had one single smartcard for identification and authentication. I still think it is a good technology for secure banking and other services like eGovernment services. But long ago I noticed that a single sign-on (SSO) would be a bad idea. SSO is a convenience feature and it is a vulnerability, too.
But besides from being that, it would mean the end of privacy and anonymity on the internet, if those digital IDs would become ubiquitous and obligatory.
Let's face the facts: we are still unable to secure average Joe's computer against today's threats.
Now we are striving to hold him accountable for everything that he or rather his computer is doing on the internet?
Silly idea! Well it does not come as a surprise to me, since politicians seem to still think that if you have antivirus and a firewall you're totally safe and secure. At least they say that those are "appropriate measures" to secure your PC. Some folks even propose to use an internet ID for electronic votes over the internet.
Of course your electronic ID will only be used for proving that you're eligible to vote and the vote itself will be anonymous. Of course! Everything else would be against the constitution and therefore is impossible per se. </sarcasm>.
What could possibly go wrong with that?
Well some politicians take it easy. We can always fix things, right? When the Chaos Computer Club demonstrated how the free (contactless) smartcard reader that was issued by the government to the public along with the introduction of the new electronic ID card could be misused through a man-in-the-browser attack, the responsible secretary of the internal just shrugged it off and said "well, hackers could always hack something but the security and integrity of the ID card is not to be questioned".
Dang! Your fault, dumb ass! </irony> It's stated clearly in the security notes that come along with the reader and the electronic ID that you shall not leave your electronic ID in the reader when it's not used. This would narrow down the window of opportunity for a potential hacker.
And then they introduce a new state-sponsored (which does not mean free by no means) email service "DE-Mail" - at least the name is funny - which promises to bring the security of snail-mail to email, by leveraging crypto for integrity and confidentiality - only that it's not you who is signing your email but rather the provider - because this system does not provide any end-to-end encryption. Now what could possibly go wrong with that? Well at least it could be way more convenient than using GnuPG or S/MIME right? Folks don't even know what a mail-client is - they don't even know the difference between email and facebook, so how could we expect them to use a mail-client AND GnuPG, right? Well unless someone comes up with a software and ID-scheme or trust-model that is secure AND easy to use (wink, wink).
Back to the first topic: even if internet access for average Joe will only be granted if he logs on using is personal electronic ID, the bad guys will still be able to access the internet without using their legitimate ID. If you can't enforce usage of that ID all over the world for all nation states, it will not protect anybody and it will not prevent the sort of organized crime that we have to deal with today.
Granted, it could possibly prevent some crimes of opportunity. But for what price?
Electronic IDs will not help the privacy problems associated with today's growing and very popular social networks - it will take the problem to a whole new level. There will be no privacy or anonymity for average Joe at all.
Neither does data retention and three strikes. These are all tools to control the public, not to protect them.
Those are crack-headed ideas that only help certain industries but not the users.
Much better than that are initiatives like free malware-hotlines that help users to clean and secure their PCs - or even notify them if they became part of a botnet. This can be done with technologies that do not interfere significantly with the privacy of users. I think we need more of that while strengthening network neutrality, privacy and the freedoms at the same time. Those have made the internet what it is today in the first place and we need to preserve them or get them back where they were already lost.