I think that using a single source for authentication/authorization of any kind is stupid: be it a smartphone, a password, a certificate or anything of the sort. Multiple sources should always be used, such as logging it with a username/password and getting an e-mail/SMS/TOTP code to enter, though even those can be compromised if people don't use randomly generated passwords for all of their sites/e-mail accounts/apps.
But on topic of the questions in this discussion, allow me to offer an unpopular opinion, just because it sounds like an interesting thing to think about.
> As great as smartphones are, do you want a future where everyone is required to purchase one, an a cell plan to exist in society, to engage in commerce, enjoy shelter, health care and security?
Required to purchase one? How about given one instead? In my country, we have eID cards, which can be used for digitally signing documents and can serve as methods of authenticating against a government site - due to legislation, now everyone gets one, much like people got passports. And yet, nobody questions needing these cards or passports, even though technically if you lose yours, you do have to pay for a new one because "it's government property".
Alternatively, if people would still have to purchase one, force the manufacturers to be open about their production costs and profit margins, mandate certain specs of devices not to exceed certain pricing - much like Chromebooks have already taken over education in many places of the world due to their relatively simplistic nature, i don't see why we couldn't have basic spec Android devices in abundance either.
Better yet, protect phones and being able to use them like one would treat the likes of eID cards and similar:
- all phones need security updates for 5-10 years from the manufacturer
- all phones need certain levels of battery life: if a new Nokia 105 can last for a week, i don't see why you couldn't cut down the standby modes of Android phones to do the same
- all phones need their batteries to be replaceable by the user, should they want to do so, no phone can be sold without them as available replacement parts for purchase
- all phones need proper permission setups: a passcode for installing apps, and full control over network requests, similar to NetGuard https://netguard.me/
- all phone OSes need to be open source and open to modification, no more locked bootloaders or other stuff like that (might need a confirmation with the user's code first)
- all phones need their hardware drivers and all documentation pertaining to those be open source
- all phones must support custom apps being written, installed and run by the owner, much like a *nix machine doesn't constrain you
- all phones must support third party app stores, should the user choose to use them, e.g. FOSSHub/Fossdroid
- to fight malicious usage of the above, have a LED indicate whether a custom ROM is or isn't being loaded and have a checksum or something show up during boot with info about any digital signatures of the ROM
Edit: perhaps the term "phone" here should be replaced with something like "gov-compatible-phone" or whatever one could come up with - i don't doubt that dumb phones would still have their uses. Technically, all of the above should have been achievable on something like the Symbian OS as well.
Who knows, maybe eventually the majority of phones would once again become more blocky and more of them would be IP-68 certified, or something like that. In my mind, phones should be dependable computing devices, more like a Raspberry Pi/Arduino with a sturdy case in your pocket, rather than dainty status symbols. Think along the lines of these:
> It's an even more dire question: do you want a future where you're required to carry that cellphone on your person at all times?
I already do, so nothing would change for me. I cannot imagine leaving a phone at home, much like i cannot imagine spending a day without Internet (this is probably a controversial statement, should lend itself to some discussion about how people live nowadays, especially the younger generation). Doing so would be depriving myself not only of a means to communicate and navigate, but also of the ability to look things up, like tutorials, or information about something that i'm interested in. Some might extend those arguments to things like note taking, audio notes included, as well as entertainment. Alternatives exist, of course, but they're rather unwieldy - who wants to drag a notepad, a map and a compass, as well as a voice recorder, maybe a dumb phone or a walkie talkie with them separately?
Edit: probably interesting to compare this with carrying a wallet around - since it has money/bank cards and quite possibly ID and other pieces of information as well. Which could be replaced by a phone. And it's not like you could use it after stealing/robbing it off of someone, since it would be behind a passcode or additional lock mechanisms.
> And for the slippery slope: do you want a future where it's legal to arrest people until their phones can be verified?
I have no illusions about this not being abused if that were ever the case, which kills argumentation in favor of anything like it from the onset. Similarly to how there were various "tests" put in place before voting in US, many of which targeted ethnic minorities. I bet similar excuses could be made about officers "failing" to validate a phone/identity due to "technical issues" and thus depriving people of their freedoms.
That said, i am in favor of means to identify people that actually work for a change - you should not be allowed to start a company on someone's behalf after presenting pieces of information that could easily be found out, like someone's name and any sort of a national identifier. My country basically had the same problem - a national identification number for each person, which many sites still asked for during signup. Due to this value ever leaving the confines of something that holds and uses it as necessary, it's no longer reasonable to rely upon. Consider the eID cards instead - it stores a private key and can only be used to sign things with PIN codes that the user must know/store themselves. The certificates never leave the physical device. We need more of that approach. PII leaking would suddenly become a less harmful thing, because it's not like you could actually do anything with that information.
> To prevent impersonation, maybe chip people like dogs so that they can be reliably matched to their phones, and make it a crime (maybe "attempted impersonation") to tamper with the chip or to help someone tamper with the chip?
Pretty dystopian, admittedly. Some people already do, to enjoy the benefits of RFID chips. Personally, for the most part, i'd prefer to stick with fingerprints for opening biometric locks with phone apps and such acting as alternatives. Then again, if i were writing a dystopian novel (you know, more dystopian than real life, where every action that we take online is catalogued and can be looked up by the powers that be) it'd be curious to explore the benefits and drawbacks of having everyone have chips in them. If the society were ruled by a benevolent AI? Probably less crime and strong application of the law. If the society were ruled by regular people? Probably blackmailing and discrimination like you cannot even imagine.
(note: none of these views are exactly held strongly, just something fun to ramble about)
I myself am a "single source for authentication/authorization" and i dont think it is stupid at all.
It is just hard to tell it to a machine. So i am ok to use a token for that.
The trouble for me are the instances, that want to certify, that i am me. I dont need them, but they are there. The middleman, who wants to have a say, to allow or deny.
I have no problem to tell a token, that it is me. I am pretty happy to self-certify myself.
Actually it is - while you provide for yourself and that may be fine, if you have dependents, having daddy be the single source of authentication for everything is pretty damn stupid. You might have accounts for your kids but they need to actually access those accounts.
If you end up in a coma in the hospital, again, having yourself as the single source of authentication for medical purposes is pretty dumb, too.
If you have any group of people dependent upon a thing, having yourself as the single source of authentication is pretty damn stupid. Look up how nuclear missiles are/were protected, if you want a real world tech example.
This thing where people assume they are the only thing in the world so whatever they want is fine for everybody else, that the real fucking stupid thing.
Well, that's the crux of the problem, isn't it? We need a way for you to confirm that it's you and not someone else who has stolen your credentials. Multiple factors of authentication generally work well enough against this. Same for physical devices, be it those eID cards or something like YubiKey or whatever.
> I am pretty happy to self-certify myself.
Well, that's how GPG/PGP works - as long as you give your public key to other people by yourself, be it in person or otherwise. Then you can manage the private certificates for signing stuff yourself however you wish - be it keeping them in a cloud account somewhere (hopefully not), on a local HDD, a USB stick, or printed on a piece of paper where you'd re-type it as necessary (just a silly example).
The problem is that people want a central authority for certain cases, such as interacting with the government - with the appropriate set of software and middleware built around it, so less technically literate people could just put the card in a reader, input a few codes in some official software and be on their way, rather than trying to figure out what the hell a keychain is.
But on topic of the questions in this discussion, allow me to offer an unpopular opinion, just because it sounds like an interesting thing to think about.
> As great as smartphones are, do you want a future where everyone is required to purchase one, an a cell plan to exist in society, to engage in commerce, enjoy shelter, health care and security?
Required to purchase one? How about given one instead? In my country, we have eID cards, which can be used for digitally signing documents and can serve as methods of authenticating against a government site - due to legislation, now everyone gets one, much like people got passports. And yet, nobody questions needing these cards or passports, even though technically if you lose yours, you do have to pay for a new one because "it's government property".
Alternatively, if people would still have to purchase one, force the manufacturers to be open about their production costs and profit margins, mandate certain specs of devices not to exceed certain pricing - much like Chromebooks have already taken over education in many places of the world due to their relatively simplistic nature, i don't see why we couldn't have basic spec Android devices in abundance either.
Better yet, protect phones and being able to use them like one would treat the likes of eID cards and similar:
Edit: perhaps the term "phone" here should be replaced with something like "gov-compatible-phone" or whatever one could come up with - i don't doubt that dumb phones would still have their uses. Technically, all of the above should have been achievable on something like the Symbian OS as well.Who knows, maybe eventually the majority of phones would once again become more blocky and more of them would be IP-68 certified, or something like that. In my mind, phones should be dependable computing devices, more like a Raspberry Pi/Arduino with a sturdy case in your pocket, rather than dainty status symbols. Think along the lines of these:
> It's an even more dire question: do you want a future where you're required to carry that cellphone on your person at all times?I already do, so nothing would change for me. I cannot imagine leaving a phone at home, much like i cannot imagine spending a day without Internet (this is probably a controversial statement, should lend itself to some discussion about how people live nowadays, especially the younger generation). Doing so would be depriving myself not only of a means to communicate and navigate, but also of the ability to look things up, like tutorials, or information about something that i'm interested in. Some might extend those arguments to things like note taking, audio notes included, as well as entertainment. Alternatives exist, of course, but they're rather unwieldy - who wants to drag a notepad, a map and a compass, as well as a voice recorder, maybe a dumb phone or a walkie talkie with them separately?
Edit: probably interesting to compare this with carrying a wallet around - since it has money/bank cards and quite possibly ID and other pieces of information as well. Which could be replaced by a phone. And it's not like you could use it after stealing/robbing it off of someone, since it would be behind a passcode or additional lock mechanisms.
> And for the slippery slope: do you want a future where it's legal to arrest people until their phones can be verified?
I have no illusions about this not being abused if that were ever the case, which kills argumentation in favor of anything like it from the onset. Similarly to how there were various "tests" put in place before voting in US, many of which targeted ethnic minorities. I bet similar excuses could be made about officers "failing" to validate a phone/identity due to "technical issues" and thus depriving people of their freedoms.
That said, i am in favor of means to identify people that actually work for a change - you should not be allowed to start a company on someone's behalf after presenting pieces of information that could easily be found out, like someone's name and any sort of a national identifier. My country basically had the same problem - a national identification number for each person, which many sites still asked for during signup. Due to this value ever leaving the confines of something that holds and uses it as necessary, it's no longer reasonable to rely upon. Consider the eID cards instead - it stores a private key and can only be used to sign things with PIN codes that the user must know/store themselves. The certificates never leave the physical device. We need more of that approach. PII leaking would suddenly become a less harmful thing, because it's not like you could actually do anything with that information.
> To prevent impersonation, maybe chip people like dogs so that they can be reliably matched to their phones, and make it a crime (maybe "attempted impersonation") to tamper with the chip or to help someone tamper with the chip?
Pretty dystopian, admittedly. Some people already do, to enjoy the benefits of RFID chips. Personally, for the most part, i'd prefer to stick with fingerprints for opening biometric locks with phone apps and such acting as alternatives. Then again, if i were writing a dystopian novel (you know, more dystopian than real life, where every action that we take online is catalogued and can be looked up by the powers that be) it'd be curious to explore the benefits and drawbacks of having everyone have chips in them. If the society were ruled by a benevolent AI? Probably less crime and strong application of the law. If the society were ruled by regular people? Probably blackmailing and discrimination like you cannot even imagine.
(note: none of these views are exactly held strongly, just something fun to ramble about)