Skip to content →

Category: risk

Shared Secrets: You Bet Your Life

Published August 10, 2008 by cgerrish

Groucho Marx: You Bet Your Life

Randall Stross lets the cat out of the bag in today’s Digital Domain column in the NY Times. The internet’s identity infrastructure is based on the use of passwords– and passwords are broken. And OpenID doesn’t solve the problem because the problem of passwords isn’t solved, rather it is extended. The single sign-on that OpenID enables creates a single point of failure for the defense of personal identity. Are you willing to bet your life on a single shared secret?

Most of the current internet identity work has been done on low value information. The question is will the infrastructure we’re building extend to supporting high value information? At what point will medical, legal and financial information be part of the larger identity ecosystem? Do we really want a single, unified persistent internet identity, or will a two or three tiered system of identity and authentication be created:

  • Low value: quasi-anonymous information
  • Medium value: blogs, social media, sharable
  • High value: medical, financial, legal

What’s the right number of internet identities? Robert W. Anderson suggests that I need an OpenID for each health provider, for exclusive use with that provider. By using different uncorrelated username/password combinations across high value information/transaction accounts I can create the strongest possible position within the shared secret authentication ecosystem. Microsoft’s HealthVault will be accepting OpenIDs as a Relying Party from high trust Identity Providers Verisign and TrustBearer. But even as we start to venture into the area of medical information, we haven’t left the shared secret behind.

Authentication artifacts or factors are generally described as:

  • Something you know (shared secret)
  • Something you have (security token)
  • Something you are or do (biometrics)
  • Location (not in two places at once)
  • Time (limited allowable hours)

A new factor is emerging based on social networks– a lot of low-value validated social connections could add up to a very strong authentication factor. The relationship card is a similar idea that establishes the value of an identity by the relationships bound to it. Clearly there’s a tie in to Vendor Relationship Management here.

Multi-factor authentication will require more than a shared secret; the real question here is about the human factors. What do we know about human behavior and passwords? Here are the top ten passwords:

  1. password
  2. 123456
  3. qwerty
  4. abc123
  5. letmein
  6. monkey
  7. myspace1
  8. password1
  9. blink182
  10. (your first name)

I’m somewhat surprised that “swordfish” didn’t make the list. Passwords and the shared secret authentication ceremony are a high friction point for users of the Network. The easier it is for me to remember and use my password, in most cases, the less secure it is. Even though it’s possible with most authentication systems to create a highly secure password, if I can’t remember it, I can’t use it. We’re in the early stages of imagining and building new identity architectures. Information Cards have potential to move beyond the current ceremony while building on a the wallet and card metaphor– but adoption seems to reside on the other side of the event horizon.

Ultimately internet identity and authentication ceremonies will be a social, cultural and political challenge. Systems can be built and standards can be established, but getting humans to use them is another matter all together. Evangelizing new identity ceremonies will be as simple and complex as answering the question: what’s in it for me? The Internet Identity movement needs to start taking a hard look at the human factors of these new systems. Richard Thaler offers this mnemonic device to recall the most important six principles:

  • iNcentives
  • Understanding Mappings
  • Defaults
  • Give feedback
  • Expect Error
  • Structure complex choices

The concept of Choice Architecture and the Nudge could play a large role in the success or failure of these systems. In the end, it will be humans who will either find value in these new identity architectures, or will, with a shrug of their shoulders, ask the community to please try again.

One Comment

Mark Lucovsky and Jason Calacanis suggest National Heathcare as a Web Service

Published June 28, 2008 by cgerrish

Red Cross

Shuffling through my notes, I found a post that slipped through the cracks. It references a Gillmor Gang from earlier in the month, Mark Lucovsky of Google was a guest on the show:

The conversation was wide ranging and focused on Lucovsky’s current role at Google and his former role at Microsoft. Jason Calacanis shifted the discussion on to the general ecosystem of online business infrastructure. He’s in the middle of making some decisions about the growth path for Mahalo and sees the cost of these services dropping rapidly.

Calacanis’s political point was that the virtualization of fundamental web infrastructure lowers the cost of business creativity and therefore will be a major economic driver– and may pull us out of this recession. Lucovsky commented that he didn’t see a consolidation of infrastructure providers, but rather an environment where each of the big online companies provided the thing that they do best as an API or service.

In a comment on Microsoft’s Live Mesh, Lucovsky asserted that the complexity of the problem required a seasoned professional like Ray Ozzie. He’s made the requisite number of mistakes to take on a project of that level of difficulty. Lucovsky goes onto say that there’s a difference between this kind of creativity and the frothy sort of Web 2.0 stuff that comes across our screens every day via TechCrunch.

Assuming that business creativity in this ecosystem is not the sole province of the young and the rich, there are a couple of pieces missing. This picks up the thread of a conversation that happened about a year ago about age and business creativity. It was a conversation that unleashed a lot of passion. Here are a couple of links back into that conversation space:

Creativity in any space is tied to risk taking. The young assume immortality and therefore have a high tolerance for risk, time allows for recovery from failure. The rich also can recover from failure through the buffer of money. As we all know, time is money and conversely money is time — and time heals all wounds.

If, as Calacanis asserts, it’s all about ideas in this new era of cloud-based infrastructure, then implicit in that is the notion that the services that sustain the human side of that equation take a similar form. National healthcare and a decent retirement system would reduce certain aspects of risk and open the field to a broader range of individuals: people who’ve lived a little and made the requisite number of mistakes to create at a deeper level.

A new era of a meritocracy of ideas in the technology businesses is deeply intertwined with the political questions that sustain the humans that do that work. In our conversations about the path of technology, these background processes need to brought to the surface– if there is to be change we can believe in.

Comments closed

Descartes, Skepticism & the UnNetworked Personal Computer

Published June 15, 2008 by cgerrish


Rene Descartes

Rene Descartes published his Discourse on the Method in 1637. In order to create a solid foundation for the natural sciences, Descartes employed a radical skepticism. He stripped away every piece of the world around him until he was left with his doubt, his thought and a single existence. This was expressed as: “Dubito, cogito ergo sum, I doubt, therefore I think, therefore I am. The thinking, doubting ego was all that was left as a certainty, a monologue echoing through the darkness. When I visualize that moment I think of Samuel Beckett’s The Unnamable, or of much of his later work, Imagination Dead, Imagine, for example.

It wasn’t until I listened to a Philosophy Bites podcast with Barry Smith on the philosophy of Ludwig Wittgenstein that I understood the willful solipsism of Descartes’ approach. Wittgenstein’s critique is simple and beautiful, the tools of doubt and thought are social. Language is social, there is no such thing as a private language. If there can be no private language, Descartes simply became a hermit. He believed he cut every tie, but the knife was borrowed from society. Billie Whitelaw demonstrates, in Beckett’s Not I, even as we are alone in the darkness; we frantically reach out to the world.

The first commercial personal computer wasn’t part of a network. There’s a sense in which it was an instantiation of Descartes’ Discourse on the Method. The software product and hardware peripheral ecosystem that developed around it reflected this disconnected state. And while from a technical point of view it was unconnected, from the human side it was always already connected to the Network. The conception that the computer was ever alone, disconnected in the darkness; computing, crunching numbers, writing to a hard disk in its own private Idaho was false at its point of origin. In the beginning, there was sneakernet.

Sneaker Net

The beginning of this train of thought began not with Descartes, but with Microsoft. The first era of Microsoft was created to supply products to the unNetworked computer. If you examine the products that provide the dominant share of revenue, Windows and Office, they don’t require the Network for purchase or use. Microsoft’s thought is deeply rooted in the image of the solitary computer. Wittgenstein once defined philosophy as the battle against the bewitchment of our intelligence by means of language. Microsoft is in the middle of a titanic struggle with the bewitchment of its intelligence. If there is to be a Ray Ozzie era of Microsoft, it will signal the shift from the solipsistic computer to the Network, the creation of roots and rhizomes spreading into the Network, and the establishment of revenue streams that are fundamentally of the Network. Microsoft’s current set of competitors are already living off the Network, the brain trust at Microsoft has had a large margin for error, but the door is closing.

There’s a wonderful story that Barry Smith tells about a conversation between Elizabeth Anscombe and Ludwig Wittgenstein. Anscombe says to Wittgenstein that she can understand why people thought that the Sun revolved around the Earth. Wittgenstein thinks for a moment, and says “and why is that?” Anscombe continues, “Well it looks that way.” Wittgenstein smiles and says, “And how would it look if the Earth revolved around the Sun?”

One Comment

@cshirky > Promiscuous Reading > Contra Solipsism > Here Comes Everybody

Published June 1, 2008 by cgerrish

This isn’t a review. I’m not sure that reviews are very useful beyond the basics: Here Comes Everybody is an important book. Some people will choose to read it, but that doesn’t really matter because it’s in the air we breath. You’ll absorb the book’s insights through some sense organ within the next few years. Clay Shirky has written about network theory in a style that might appeal to a broader audience; and it will directly reach more people than books by Duncan Watts or Albert-László Barabási. However reading will not be the primary diffusion model.

One criteria I have for judging the quality of a book is the number of times I have to stop reading. This generally occurs when some string of words in the flow of the book makes a strong connection either to concepts from another text, or to something I’ve scribbled in one of my notebooks. The monologue of the text is interrupted by a conversation racing across a network of intertextuality. While this slows reading as an act of consumption, it opens the door to reading as a full-duplex, 2-way engagement. And that’s where its real value is revealed; in this sense, I found Here Comes Everybody to be a very promiscuous book. There were connections everywhere.

The obvious literary reference would be to Joyce, but instead Rilke provided the more forceful connection with his fragment “We are the bees of the invisible:”

Transform? Yes, for it is our task to impress this provisional, transient earth upon ourselves so deeply, so agonizingly, and so passionately that its essence rises up again “invisibly” within us. We are the bees of the invisible. We ceaselessly gather the honey of the visible to store it in the great golden hive of the Invisible.

There’s a sense in which this describes the process by which poetry is crafted, but it also seems to inform the way we build the collective experience and history of a group. We have a collective story we tell each other about the importance of the individual, but stories about family, tribe and society are on the rise again. Shirky points out that the transaction cost of organizing a group has declined nearly to zero through the tools available on the Network. He goes on to note that low transaction costs are not sufficient — a plausible promise around purpose and a mutually beneficial membership bargain are equally necessary for a living community. 

Two factors suppressed in the current commercial infatuation with the social graph are the ownership of the products of the community and the emotional volatility of a group. These are high risk ingredients in the recipe, human elements that need to be purged to sell the current business models. And those services without explicit business models continually run up against these issues. Can you sell what isn’t solely yours to sell?

As we gather in tribes and loose associations across the Network, we invent ceremony, initiations, ritual, taboos and forms of justice to ensure the ongoing health of the system. We optimistically believe the rules, mores and sins of our fallen culture won’t simply be mapped on to the social space of the Network. Experience has shown that absent some form of persona or identity, the life of an online community will be nasty, brutal and short. Could the Network be the new world where individuals are judged by the character of their content? Or is it really just more of the same, a place where it’s not Metcalf’s law, but Sturgeon’s law that rules the day.

We’re in the middle of a shift in perspective. We’ve been focused on the individual, the physical limitations of an un-networked personal computer metaphorically defined the limits of our ability to think about the Network. In the area of identity we seem to only now be uncovering the idea of a relationship layer. The silo’d thinking of the technical community causes it to lay down cow paths on the well-paved roads of other disciplines. While Shirky’s book is written for the layman, its highest and best purpose may be in introducing technologists to the idea of society.

In the larger network of connections there are two that put themselves forward. In Saussureian Linguistics meaning is derived from the set of differences within a system. Here are a list of ideas that can help us overcome the solipsism of the hard drive:

  • “A sign is the basic unit of language (a given language at a given time). Every language is a complete system of signs. Parole (the speech of an individual) is an external manifestation of language.”
  • “A linguistic system is a series of differences of sound combined with a series of differences of ideas.”
  • “The connection between the signifier and the signified is arbitrary.”
  • “In language there are only differences, and no positive terms”
  • “Speaking of linguistic law in general is like trying to pin down a ghost”

????????
The other charged connection is to Ludwig Wittgenstein’s thoughts on the idea of Private Language. Like those who believe in Private Languages, we seem to be caught in the fly bottle. We don’t understand that language and communication is social at its core:

If the idea of a private language is incoherent, then it would follow that all language is essentially public: that language is at its core a social phenomenon. This would have profound implications for other areas of philosophical study. For instance, if one cannot have a private language, it might not make any sense to talk of private sensations such as qualia; nor might it make sense to talk of a word as referring to a concept, where a concept is understood to be a private mental representation.

Nor might it make sense to talk about identity apart from society, computing devices apart from the Network, or data (signifiers) apart from an economic and trading system of language. The end of our solipsistic weltanschauung is beginning; we are perhaps in the middle of the beginning of a general revolution. Some will ride the strong currents as they emerge, others will fight the current, grow tired, and eventually drown. And the looming danger ahead is the task of assuring and preserving the inalienable rights of the individual in this new Network. Once the technical perspective has been transformed from the one to the many, all the really important questions become political.

One Comment