[HN Gopher] The dangers of "decentralized" ID systems
___________________________________________________________________
The dangers of "decentralized" ID systems
Author : anonymous123
Score : 54 points
Date : 2024-04-21 19:30 UTC (3 hours ago)
(HTM) web link (paper.wf)
(TXT) w3m dump (paper.wf)
| wmf wrote:
| Summary: Relying on government ID isn't decentralized.
|
| I'm having a hard time thinking of one such system though.
| jandrewrogers wrote:
| The US is an odd case where there is no central government ID or
| identification base layer. There are many independent authorities
| that can issue an ID, none of which are universally provisioned
| or recognized by governments within the country. This creates
| enough edge cases that it is essentially required to be possible
| to bootstrap an identity from negligible formal documentation,
| which is also a rather large loophole.
| jiveturkey wrote:
| why doesn't a passport count? or do you mean, no central ID
| that is the only acceptable ID for various services
| jasode wrote:
| _> why doesn't a passport count?_
|
| In the USA, non-citizens (legal permanent residents aka
| "green card" holders) can't get passports. They can get
| state-level drivers licenses but only citizens can get
| passports from the centralized-level Federal government.
| photonbucket wrote:
| Greencards have a MRZ just like passports though.
|
| Green cards are effectively entry-only passports (from the
| perspective of the US). You can enter the country by land
| with just the GC with no passport. Additionally, if you
| arrive by air and you have global entry they don't look at
| your passport at all, just the GC.
| techsupporter wrote:
| > In the USA, non-citizens (legal permanent residents aka
| "green card" holders) can't get passports.
|
| Is there a reason they can't get a passport from their
| country of citizenship?
|
| Plus, passports are fully standardized, at least the
| biometric ones are. It's possible to read and verify the
| data on a biometric passport entirely offline using open
| source applications that implement the documented
| processes.
| wdb wrote:
| How did the green card holder enter the USA without a valid
| ID / passport?
| dragonwriter wrote:
| Well, they probably didn't do so with a valid US ID, and
| certainly not with a valid US passport.
| pvg wrote:
| Yes but they definitely have centralized id - the 'Alien
| Registration Card' itself. Technically, lawful permanent
| residents are supposed to carry it at all times.
| dragonwriter wrote:
| > In the USA, non-citizens (legal permanent residents aka
| "green card" holders) can't get passports.
|
| Yes, but legal permanent residents (and some other legally
| resident aliens) also have federally-issued ID, and its not
| optional the way passports are for citizens. (For LPRs, the
| Permanent Resident Card, for others the Employment
| Authorization Document or Immigrant Visa.)
| michaelt wrote:
| Forgive my ignorance, but isn't the green card already a
| federally issued, nationally recognised photo ID?
| dylan604 wrote:
| I think you greatly underestimate the number of people that
| do not have a passport.
| jandrewrogers wrote:
| A passport is an ID. However, it is not mandatory and some
| State governments do not recognize it as a valid ID for legal
| purposes. In the US, the power to issue authoritative IDs
| resides with the individual States, not the Federal
| government, which creates many interesting edge cases.
| pvg wrote:
| _some State governments do not recognize it as a valid ID
| for legal purposes._
|
| Do you know which state governments?
| jiggawatts wrote:
| Australia is the same. Even accessing federal systems involves
| a baroque system of multi-credential attestation where you
| nominally have a single "GovId" but in practice you have to
| jump through a bunch of hoops on a per-agency basis. The GovId
| itself is a weird amalgam of "n-of-m" identity papers.
|
| This all happened because back in the early 2000s there was an
| attempt at a single "Australia ID" but geriatrics had their
| brains pickled in decades of anti-communist propaganda and
| voted against it.
|
| The logic is: "Only communist governments know who their
| citizens are."
|
| Democracies apparently have to be ignorant and easily exploited
| by criminals falsely claiming pensions and other benefits using
| easily forged identity papers.
| acdha wrote:
| > This all happened because back in the early 2000s there was
| an attempt at a single "Australia ID" but geriatrics had
| their brains pickled in decades of anti-communist propaganda
| and voted against it.
|
| This is similar to how the U.S. has a certain amount of
| opposition from Christian sects who believe any sort of
| national ID number would be the biblical mark of the beast.
| There's a certain dark humor in the way privacy is used to
| complain about identification cards but that only leads to
| the semi-regulated private data brokers being used by
| everyone, including the government, with purchased access to
| far more data.
| spacebanana7 wrote:
| > geriatrics had their brains pickled in decades of anti-
| communist propaganda and voted against it.
|
| Isn't the CCP's behaviour still one of the best arguments
| against universal government ID?
| salawat wrote:
| >The logic is: "Only communist governments know who their
| citizens are."
|
| The logic is actually "That which I wish to control or
| destroy, I must first enumerate/name."
|
| A Government that exists only to administer (and not control
| the populace), has no need to know who all it's citizen's
| are. Merely to know who is involved in the limited processes
| being administered.
|
| Sadly, all common sense around that seems to have evaporated
| since 2001 in the U.S. It seems like only those of us left
| who experienced the pre-9/11 world are doing a terrible job
| at instilling a picture of a government that's not all "Big
| Brother is watching" in the younger generations. The gluttony
| of Law Enforcement and the IC for a Single Identification
| Number to unify and enumerate every flesh and blood person
| wandering around cannot be overstated.
| jandrewrogers wrote:
| In the US, significant fractions of both the Democrat and
| Republican parties are against anything that resembles a
| single national ID, for different longstanding reasons. And
| the legal hurdles are high enough that it would require both
| parties actively working together to effect material change,
| so even if one of them had a change of heart it wouldn't
| matter.
| techsupporter wrote:
| > The US is an odd case where there is no central government ID
| or identification base layer.
|
| As others have mentioned, the US Federal government issues
| passports and passport cards, yet it's entirely up to the
| agency that wants ID what IDs they will accept. I've been
| turned down for using a passport card for some Washington State
| government activities ("the card doesn't have a signature"),
| using a passport to buy an age-restricted item from a store
| ("we can't scan it"), and a passport card with the state's
| largest credit union ("too much fraud with passport cards").
|
| Yet none of these are _documented_ anywhere. Everyone just
| assumes you 'll have a state-issued driver license and if you
| don't, well, you're obviously up to something nefarious.
| (Before anyone asks, I do have a state-issued enhanced
| identification card. It looks identical to a driver license,
| except it says "identification" on it. I've still been told
| "that's not a driver's license, I can't take that.")
| jandrewrogers wrote:
| I use a Federal ID when dealing with legal purviews of the
| Federal government, and a State ID when dealing with the
| legal purviews of State governments (which is most things).
| This is the only reliable scheme I've found. As a matter of
| Constitutionality, the States are largely required to
| recognize State IDs, but no one is required to recognize
| Federal IDs because there is no authority and as a practical
| matter many governments don't.
|
| It doesn't help that some clerks are confused by the zoo of
| government issued IDs that exist in the US. IDs in the US are
| a mess, the legal barriers to making it possible to have an
| organized identity system are very high, and both the
| Democrats and Republicans are resistant to removing those
| legal barriers, so this situation is unlikely to change.
| briffle wrote:
| And even then, most of us can do a ton of damage just knowing
| the last 4 of someones social security number, and their
| bithday.
| cloudhead wrote:
| Low quality post that doesn't understand how DIDs work.
| jiggawatts wrote:
| This article avoids the elephant in the room: nobody except
| cryptocurrency nuts asked for this.
|
| The "Decentralised" part of DID should give a hint that this is
| yet another attempt to make crypto relevant to the real world
| outside of bypassing sanctions, paying for drugs, or extorting
| hacking victims.
|
| Web 3.0 failed because cryptocurrencies can't support the high
| bandwidth and low latency required. So the same people came up
| with DID, which can tolerate multi-hour transaction delays and
| storage capacities measured in single-digit kilobytes.
|
| Most of the criticisms against Web 3.0 still apply to DID. It can
| be impossible to revoke, as the article stated. Which means if
| grandma's wallet is hacked, she can be impersonated forever by
| the hacker, and not even the government can help her with this.
|
| "Yay, censorship resistant!" many will proclaim. (Loudly)
|
| Okay, name me one instance (1) where a citizen of a western
| country had their identity censored in any sense by their
| government.
| bawolff wrote:
| > Okay, name me one instance (1) where a citizen of a western
| country had their identity censored in any sense by their
| government.
|
| I don't think this is the problem DID is trying to solve, but
| the article mentions illegal immigrants and stateless people.
| bschmidt1 wrote:
| The crypto phase ended up accidentally showing us why
| centralized authority is important. It sounds great on paper:
| If we can simply enforce a protocol, then we don't need
| authority, right?
|
| But we still have to trust who enforces the protocol. If we
| rely on trusts and exchanges to any degree, for example, to
| enable faster, more convenient transactions, or for user
| experience, then those trusts (banks) cannot be running off
| with the customer deposits like BitConnect and FTX did. The
| trust should be insured and should have to follow normal bank
| and currency exchange regulations. When you add in all the
| banking infrastructure that would be needed to bring
| cryptocurrencies up to speed we'd end up with a clunkier
| version of what we have (we already have fast digital banking,
| and cash is already anonymous and instant).
|
| Regarding crypto for content chains: Basically the same ideas,
| if certain peers are trusted to host, serve, and/or broker
| content in some way, how do you trust those parties, or if
| there are content "vaults" off-chain to enable faster access to
| data, how do we know it wasn't tampered with off-chain? Can't
| store it on chain feasibly either, especially if the content is
| say full-length films.
|
| I think blockchain for both cryptocurrencies and content chains
| is better suited for smaller peer networks where you know you
| can trust the node hosts and the cryptography is used more for
| keeping nodes in sync, and for lower-level security, not as a
| replacement for trust. Or if you don't trust the node hosts,
| then the trusted party is whoever maintains the "peer list" -
| but that's just a road toward what our Federal Reserve, or our
| Wikipedia, can already do much better with consumer banking and
| open-source contributions (respectively).
| spacebanana7 wrote:
| > Okay, name me one instance (1) where a citizen of a western
| country had their identity censored in any sense by their
| government.
|
| Eugene Shvidler's sanctioning by the UK poisoned his identity.
| A UK-US dual citizen living in Britain who had Russian business
| dealings.
|
| The sanctions are devastating to personal freedom. Beyond the
| direct financial impact, they make it very difficult to travel,
| engage in charity or use digital goods.
|
| You might argue he deserved it for making money in Russia, but
| the lack of due process is astounding.
|
| His commercial behaviour predates any legal prohibition and he
| didn't get to argue his case in front of a judge/jury before a
| punishment was installed.
|
| https://www.theguardian.com/law/2023/jul/19/sanctions-regime...
| megadal wrote:
| > Most of the criticisms against Web 3.0 still apply to DID. It
| can be impossible to revoke, as the article stated. Which means
| if grandma's wallet is hacked, she can be impersonated forever
| by the hacker, and not even the government can help her with
| this.
|
| VCs have credentialStatus, the id property of which is supposed
| to be a URI resolving to an RDF defined object dictating the
| status.
|
| This means the issuer can just update the entity living behind
| that URI to revoke bad credentials.
|
| https://www.w3.org/TR/vc-data-model-2.0/#status
| cmdli wrote:
| One thing that is worth mentioning is the idea of a "private
| life" really hasn't ever existed. Even before the internet and
| computers, banks still held records of customer identity,
| merchants would still track their customers and what they bought,
| and the government could still take those records with a warrant.
| Even before then in pre industrial or rural areas, people would
| generally know who the people around them were and would
| regularly discuss what others were doing.
|
| The idea of a completely anonymous citizen that can bank, buy,
| and talk with others with full control of what other people know
| about them is pretty much a modern invention and is slowly
| disappearing again and society adapts to a technological world.
| mjevans wrote:
| The problem is; it used to take lots of real effort and
| therefore expense to investigate those facts. The results are
| now worth far more, and the cost is now far less.
|
| That is a change in the structure, the unwritten expectations
| of society, that I agree we should resist that change.
|
| The previously unwritten expectations should be codified into
| rules that should be followed.
| andy99 wrote:
| These "gaslighters" seem to show up to many discussion to say
| "what's the big deal, it's always been that way" when it
| obviously hasn't. I guess it's people who want the change and
| are trying to justify it?
|
| Anyway, a good analogy is photo radar. Speed limits are set
| knowing everybody speeds. We could now easily enforce them
| everywhere. But if we do, we need to raise them to an
| appropriate level, not the "we know you're breaking them"
| level. Same with what you're saying about privacy, as the
| cost of invading it goes down, we need different controls, we
| can't just be cool with it because it was always
| hypothetically possible to hire a private investigator to
| stalk someone.
| matheusmoreira wrote:
| The only reason it is disappearing is the government keeps
| mandating surveillance. Anti-money laundering and know your
| customer are just the financial arm of global mass
| surveillance. They just say "terrorists" and suddenly
| everything is justified. Everyone just accepts it. Just an fact
| of life that you have to do all this bookkeeping when you have
| a business. In fact, such things should be literally illegal.
| This is just some loophole the government uses to illegally
| surveil its citizens. It's illegal to warrantlessly wiretap
| everyone so they get the private sector to do it for them. Then
| all they need to do is gently ask the corporations. The CEOs
| are only too happy to get in bed with them.
|
| The bitter pill to swallow is society needs to learn to
| tolerate some amount of crime in order to maintain their
| freedom. They want the government to be all powerful so that it
| can stop crime before it even happens. They don't want the
| responsibility for themselves. The responsibility that freedom
| requires, the responsibility to personally defend themselves
| when the bad guys come knocking. No, they want to delegate it
| all to some authorities. They better hope they don't end up as
| serfs in somebody's fiefdom.
| deathanatos wrote:
| I feel like I'm missing some background. Yes, there's been much
| clamor for forcing use of government IDs recently, but I would
| hardly call any such system "decentralized", given its reliance
| on government ID -- that seems like an inherently centralized
| system.
|
| Is someone calling these "decentralized"? To me, decentralized ID
| is OIDC, which is "being developed" it's mostly not catching on
| at all, in favor of sadly centralized system like "login with
| [Google|Facebook]".
|
| Is there some weird crypto-blockchain-something-something that
| I'm not aware of?
| bawolff wrote:
| I think OIDC is more "federated" than "decentralized"
|
| I have no idea what the bitcoin people mean by decentralized.
| It sounds like PKI with extra steps. _shrug_
| mdavidn wrote:
| OIDC has very much "caught on" in business contexts. Large
| organizations end up with hundreds or thousands of independent
| internal tools, many hosted externally. OIDC and SAML are
| common protocols for centralizing employee authentication and
| governance.
| fiddlerwoaroof wrote:
| It's not really "OIDC", though, because there's so many
| options possible that the standard itself is basically
| useless: you have to implement Google, Microsoft, Okta, etc.
| separately anyways
| jebby wrote:
| OIDC has for sure caught on. I've worked in multiple roles
| where very smart identity-centric people consider it the best
| option.
| bawolff wrote:
| Key management & binding keys to identities is one of the hard
| problems in cryptography.
|
| Cryptocurrency and friends really have no bearing on the problem.
| The known solutions are the same as they always were - web of
| trust, pki, tofu, pre-shared keys, or just give up and ignore the
| outside world. All have tradeoffs and are very far from
| satisfactory.
|
| If you take a subpar solution and wrap it in 10 layers of
| cryptocurrency and magical thinking, you are just left with a
| complex version of the same subpar solution.
| aaomidi wrote:
| Yep. There is no silverbullet. All these systems are doing are
| just increasing areas where a vulnerability in logic can
| happen.
| ugjka wrote:
| It must be tied to person's biological features, i don't see
| any other way. Some kind of crypto-bio hash
| mattdesl wrote:
| having a cryptographic government-backed digital ID could really
| be a great and privacy-preserving feature of modern society. for
| example: ZK proofs are now practical, and could improve upon the
| status quo of sending a digital JPG of a scan of your passport to
| a third party for some arbitrary verification.
|
| The post reads a little bit overblown.
| anonym29 wrote:
| I will never upload photographs of my government-issued photo
| ID for any reason. I will never utilize any gov-backed digital
| ID.
|
| I will go down screaming, fighting, kicking, biting, and faxing
| my tax returns to the IRS, really doing everything lawful in my
| power to drag the whole system to a halt if digital ID gets
| forced on me. I don't care if I have to write a script that's
| going to trade bitcoin 800 times a second on 12 different
| exchanges, I don't care if I have to make my tax return 200,000
| pages long and deliberately reorder the stack so that every
| single sheet is out of order, and it's all in a font that was
| deliberately chosen to be incompatible with OCR systems. If the
| US government will let me submit my tax returns in Farsi, Urdu,
| or Esperanto, or some other obscure language that the IRS would
| need to hire someone to translate, I will, just to add all of
| the absolute maximum pain, inefficiency, and suffering into
| this process.
|
| Keep pushing this shit on people who don't want it. Malicious
| compliance is like reflected DDoS attacks with huge asymmetric
| I/O sizes: I alone can easily force the government to waste
| 10,000+ hours of effort for each hour I put in, and what's
| more, I can and will write tutorials, open source all of this,
| and advertise it everywhere if digital ID does get forced on
| society.
|
| Problem with this? Stop pushing digital ID or start pushing to
| let me renounce my American citizenship without posessing
| another citizenship.
| michaelt wrote:
| I'm not sure that would work all that well to be honest.
|
| Seems to me, the whole reason ID cards have photos on is
| because they get lost/stolen/borrowed all the time.
|
| Even if the government had the inclination to run a big
| national IT project so I could use zero knowledge proofs to
| verify my age for pornhub by scanning my driving license NFC
| chip, they'd _still_ end up needing a webcam face check to make
| sure I wasn 't some kid using dad's driving license. At which
| point the privacy angle becomes a joke anyway.
| ranger_danger wrote:
| Yes but having a fake card is an entirely different animal to
| deal with.
| megadal wrote:
| This entire article is just wrongly conflating Verifiable
| Credentials (VCs) with DIDs and then citing those false
| conflations as weaknesses of DID.
|
| > If decentralized ID is just an extension of the existing
| government ID system, it provides neither privacy nor financial
| inclusion.
|
| VC is a spec built on top of DID, in no way shape or form is VC
| required for DID.
|
| This statement alone shows the author doesn't understand (or is
| intentionally misrepresenting) the relationship between DID and
| VC (which is kind of crucial to write an entire blog post on
| either topic)
| megadal wrote:
| Also, the other points made aren't the reason VC was conceived.
|
| > And just like the existing system, it continues to exclude
| millions of people who can't get government ID
|
| VC is a technology for convenience, not solving social
| problems. It's basically just to enable technologies like Tap
| to Pay but for your Gov IDs.
|
| E.g. rather than having to carry your drivers license you just
| carry your phone. It's almost as if the article misses the
| entire purpose for which VC is designed (but then again, what
| can one expect when they're criticizing DIDs yet -actually-
| talking about VC throughout the entire post)
| filleokus wrote:
| I'm reading the article as essentially saying "decentralised ID's
| dosen't solve anything".
|
| If you have them "backed" with governmentally issued ID's, they
| allow the government ID monopoly to continue (with all its
| claimed faults). If they are instead completely separate they
| will not be considered "valid" in most situations where ID's are
| required.
|
| Then the author warn against the whole idea of having one,
| single, strong identifier connected to your person at all, and
| urges for the option of creating multiple identities.
|
| In almost all circumstances where identification is required, the
| whole point of requiring ID falls apart of you can create a new
| one whenever you want. We can of course argue that the whole
| surveillance society is wrong. KYC requirements, no fly lists,
| credit scores etc, but any proposed system need to have these in
| consideration or forever only be applicable in niche
| environments.
|
| Feels like DID is just keybase.com (pre coin-spam and zoom
| acquisition) or pgp.mit.edu wrapped in a pyramid scheme.
___________________________________________________________________
(page generated 2024-04-21 23:01 UTC)