A Gorilla Riding A Bull In A China Shop
Friday, March 28th, 2008Last post I described several hazards to an internet identity on the user end. Spyware was talked about a lot. It is the 800 pound gorilla in the room that no one ever wants to talk about. I explained why anti-spyware isn’t always good enough to save you. That amplifies the problem. It’s just not popular enough yet to fear. But spyware products are innovating. They are scary stealth and sophisticated. With every revision, they get simpler to use. You can’t ignore that. That’s a gorilla riding a bull in a china shop.
You could approach the solution in several ways. You could cross your fingers and rely on anti-spyware. You could rely on an identity management system that authenticates directly between the local operating system and the websites themselves (I think this is what Cardspace does, but I am not sure of all of its spyware resistant features). Maybe other identity systems try to resist spyware as well. In our case, we are going to try to build a web-based, spyware resistant solution.
Now, if this spyware resistance I speak of cannot be done with a simple user experience in mind, then I say take the losses and scrap it. But follow me. What would it take? What would it take to build a website that is spyware resistant? Can we get phishing resistant too? I know we can. Consider the following bullets (with some of the points taken from my previous post The Internet Security Monster). I will describe how we implemented these bullets in an upcoming post.
- Phishing relies on a common authentication experience. If you stagger the authentication to show personalization before all credentials are supplied, your website becomes phishing resistant.
- If you build in authentication that does not require typing then you avoid all keyloggers.
- If your authentication is not somewhat innate, it will be unintentionally forgotten.
- If your authentication is too simple, it can be guessed.
- If your authentication experience runs off the screen then it is difficult to hijack the credentials in a screen shot.
- If your authentication does not require clicking, then it is hard to take a screen shot on a click.
- If your authentication requires additional personal knowledge after several failed attempts, you have significantly increased the complexity of an attack.
- If additional personal knowledge required to unlock an attacked account is too public, it can be found out by the attacker.
- If additional personal knowledge required to unlock an attacked account is too arbitrary, it will be forgotten.
![[Furl]](http://www.furl.net/images/logo-favicon.ico){kind=logo}
![[Newsvine]](http://www.newsvine.com/_vine/images/identity/button_seednewsvine.gif){kind=small}
