| Main |

Web account security

For those who don’t already know, Marko Karpinnen just had someone steal his Apple ID by sending a message to Apple implying that he’d changed e-mail address and forgotten his password.

Shocking as this may be, it really highlights a serious problem with current methods of identifying people, both off and on-line.

Marko is understandably unhappy about this, and suggests that Apple should have checked that it was him “by comparing the information in their personal profile”. Yet most information about most of us, particularly prominent developers like Marko, is publicly available (for instance via WHOIS or via a variety of other means). I’m quite sure that, even if Apple had done those kinds of checks, they could be readily defeated by someone with the gall to try this kind of thing in the first place.

The fact is that we need an identity system that is not based on people’s personal details, or this kind of thing is going to happen all the time.

Posted by alastair on July 9, 2008 at 1:19 PM Digg It | | Comments (2) | TrackBacks (0)

Trackbacks

TrackBack URL for this entry:
http://alastairs-place.net/movabletype/mt-tb.cgi/245.

Comments

The ADC personal profile includes a security question. This 'attack' could have been easily prevented if they had asked the security question. That's the whole point of the security question!

The methods were already in place. Apple just failed to use them.

Posted by Jeff Johnson on July 9, 2008 4:13 PM

Except that the security question is probably not visible to Apple employees (and indeed, if it is, then that’s a whole new security/privacy problem).

And yes, it might be possible to “solve” the problem in the short term by using a similar mechanism, but it still doesn’t address the fundamental issue that underlies all of this, which is that we currently have no canonical identity. (Besides which, what do you propose to do if the legitimate owner of an account has forgotten his or her security question and/or the answer to it?)

Rather, people are expected to use facts about themselves to identify themselves to others, which creates a situation where it is necessary to protect sets of facts from appearing in the public domain. Unfortunately, most of those sets of facts consist of information that is already in the public domain, or that is held by a large number of individuals, organisations and so on already, which creates a significant risk of identity fraud.

What we need is a canonical identity system that everyone can use, based on a smart card with strong cryptography, thus reducing the number of identity cards you are required to carry to one and providing an easy way for individuals to identify themselves over the 'Net as well. An additional benefit of this kind of thing would be that we need no longer worry if the fact that Joe Bloggs is 43, married and lives in Roundabout Way makes its way into the public domain. It wouldn’t matter any more.

Posted by alastair Author Profile Page on July 9, 2008 4:27 PM

Post a comment

If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thank-you for your patience.

(Your e-mail address will not be displayed or included in any pages served on this site; nor will you get any spam as a result.)

A live preview of your comment will be displayed below. It should refresh automatically when you stop typing, but if not then the “Preview” button above will update it.

Live Comment Preview