Wes Kussmaul | Nov 5, 2024

November 05, 2024 00:32:22

Hosted By

Ari Block

Show Notes

In this conversation, Wes Kussmaul discusses the intricate relationship between identity and privacy in the digital age. He introduces the concept of accountable anonymity, likening it to a car's license plate system, where individuals can remain anonymous while being held accountable for their actions. Kussmaul emphasizes the importance of digital signatures in combating phishing attacks and the role of attestation officers in verifying identities. He also addresses the challenges of misinformation and the need for trust in digital spaces, ultimately encouraging future generations to explore opportunities in authenticity enterprises.

View Full Transcript

Episode Transcript

[00:00:00] Speaker A: Wes, thank you so much for coming on show today. I'm so glad to talk to you. [00:00:06] Speaker B: It's a pleasure being here. [00:00:07] Speaker A: I'd like to start off with a question about identity and privacy. These two things seem to me to be inconsolable. Is that true? [00:00:23] Speaker B: It is not true, and I'm glad you put it that way, because I want to hit that head on and show you that it is not, in fact, the case. So let me just start with a metaphor, an example in the physical world where we have imperfect, accountable anonymity. That's what we're looking for, right? Accountable anonymity. So think about your car's license plate. Anyone can see it making you accountable for what happens on public roadways. But no one gets to know the identity of the driver or owner unless there's been an incident. So, a fender bender, some other kind of incident, or if. If the cops suspect you of transporting some illegal material. Otherwise, your identity is not known. You can have as many cars as you want, provided you have the budget. And disclosure of the identity of the driver of one doesn't disclose the identity of the driver of the other. Now, online, we can emulate that imperfect system with much greater, I won't say perfection, but excellence. So you can get much closer. Digital identity certificates don't carry identity information in them. So they're like a car license plate. They make you accountable in public spaces, public digital spaces. But in the case of our identity certificate, we call them license site certificates. In the case of our identity certificates, your identity is disclosed only at the direction of a court order. And not just any court order. You have one person on this planet who has access to your identity information. That is your attestation officer. Your attestation officer is presented with a court order. He or she will evaluate the court order. It comes from some dictator, you know, using some kangaroo court. He or she will toss it in the trash. It has to be a valid, legitimate court order. Let's say you have defrauded someone or defamed someone in public, and they need to know who you are. Take action. In that case, your attestation officer disclosed to the complaining party, not to the public, not to anyone, but the person named in the court order. This is the name. This is the identity of a person who has offended you or cheated you or whatever. And I might add, you know, we've proven the concept at Delphi. We were the social media business in the 80s. I created the world's first online encyclopedia, which was a terrible business model, but it Morphed into social media fairly quickly and saved our bacon with a sustainable business model. Anyway, we would get visits from the DEA occasionally and the DEA would say, we need to know the name of this user, whoever has this username, we need to know who it is. They say, well, we're the dea. Do we need a court order? Yeah, you need a court order. And if it's a valid court order, we will disclose the identity. The web, I won't say the Internet, the web disrupted things. You're probably aware of the famous Peter Steiner cartoon dog telling a friend, the Internet, no one knows you're a dog. That anonymity came with total lack of accountability. And that's why. So license plates system implemented properly and I'd be happy to talk for hours about the implementation, the proper implementation of that because it's not simple. We can deliver true, accountable anonymity. [00:05:34] Speaker A: So I want to take a step back and think through how this license plate solution would impact real issues that we're coming across in our day to day basis. Give us an example, whichever you want around. If it could be fraud or phishing or any kind of these issues that we're facing today on the web, how would this actually look? What would a person do in this process that would prevent, let's say, this evil from happening? [00:06:05] Speaker B: Well, you're familiar with digital signatures and. [00:06:12] Speaker A: Keep it as simple as possible to kind of bring our audience with us. [00:06:15] Speaker B: You can, if you have a, what's traditionally known as a key pair in your device, your phone, your laptop, whatever, you have this pair of very large numbers, mathematically related numbers. One is public and the other was, is not only secret, but it never leaves your device. And that's a key. You use the secret one of those to digitally sign anything. And to one form of digital signature is authentication to log into something to sign an email. Now all our email protocols have accommodated digital signatures four decades, so no one ever uses stuff. But it's built in, it's there. All we need is to have these two big numbers. And most importantly, they need to be that your attestation officer needs to be able to say, yeah, I checked this person's identity claims and they are who they claim to be. You use the secret number to digitally sign anything, an email message. So we fret about to use an example, you know, practical example, phishing attacks. You cannot educate people to detect phishing attacks. It does not work. I don't care what anybody says. And I have proof, here's my proof. I go to the RSA Security conference and the AGC security conference every year, occasionally the black hat conference. And I will be having a beer, alcoholic or non, with a CISSP that's a security expert. And I have to admit to being a bit disingenuous here because I will say in the course of our conversation over a beer, I'll say, hey, you know, I have to admit I've clicked on a bad link, I've clicked on a bad attachment over 50% of the time. The person I'm talking to, the security expert will say yeah I know, I've done the same thing. This is the person who's training the masses how to recognize a phishing attack. So tell me how that is going to work if the person who's the, if the knowledgeable person falls victim to the phishing attack. Answer, it doesn't work. [00:09:11] Speaker A: I will admit that as a self proclaimed security expert, king of the lemurs, whatever, you know, maybe five, ten years ago I could look at an absolute majority of these attacks and be like okay, something's wrong here. The website, the address, the. But nowadays it's getting so good, I just don't know anymore. [00:09:31] Speaker B: Right, well there's a solution. Here is the solution. Digitally signed emails. So I want to signed by a measurably reliable identity certificate or the pen. We call it personal endorsement number otherwise known as a private key of the signer. So it's not as though you can't cheat somebody through email, but you can't do it and be anonymous or be, excuse me, you can't do it and be unaccountable. [00:10:07] Speaker A: So I want to ask some relatively simple questions. What prevents me from using somebody else's identity? [00:10:14] Speaker B: Because it's in your. The pen. The that private large number is in your device. And one assumes that your device requires you to use a biometric to release the private key, the pen for use. So someone else gets your phone. I mean your biometric isn't going to work your facial image or your fingerprint. We are. There are two right ways and one wrong way to use biometrics. And the right way is in your device. Right. You're one of the two right ways is in your device to allow your private key to be used to sign something. Or you're pair of large numbers can be used for digital signing, for authentication and for decryption key management. So those are the three uses and you're totally in control of them because you can't use that pen, that privacy pen that I referred to. Again, it's the secret large Number, you cannot use it without a biomass. [00:11:38] Speaker A: So now I'm. I can only give, you know, one identity. What's preventing me or what's the mechanism from for me getting 100 identities and just nothing, keeping scrolling through them? [00:11:51] Speaker B: Absolutely nothing. Okay, now the thing is, are those hundred identities accountable? You know, we have a few videos to make the point. One is, one is from one of our, or we call them authenticity enterprises. And this tries to get the attention of bankers because they do have a massive synthetic identity problem. So if you can just buy 100 phones and be 100 different people and your biometrics check out on each phone, absolutely, it's a problem. And that, in fact, is the situation we have today. You can go out and buy a cheap mobile phone and be a new person, and your biometrics are absolutely rock solid. However, in the system done right, the license plate system. Remember, you can have as many cars as you want, but they all have to have a license plate. Same with our identity certificates, you can have as many license plate credentials. And by the way, unlike another car, each one is free. You don't pay for incremental. At least right now we're still looking at that business model. So maybe I should keep my mouth shut about the cost of each one. But they're cheap. They're certainly a lot less than a new Maserati. [00:13:27] Speaker A: Right? [00:13:29] Speaker B: And so, yes, you can have as many license plate certificates as you want, but they're all tied to something called a foundational certificate, which is like your birth certificate. Just like your driver's license is tied to your birth certificate and your car's license plate is tied to your driver's license. Again, you don't advertise your birth certificate, you seldom use it. That's the way the foundational certificate works. It's seldom used. It is used to generate new license plate certificates. And I also want to mention that I mentioned signing emails. Okay, there's a catch here. The catch right now is that emails are digitally signed through something called S Mind. There's a protocol called S Mind and unfortunately that requires certificate have the email address in it. We, it would be very nice if we revisited the SMI protocol so that your email address did not have to be in the certificate. You can have the same accountability. It can be done. It's just a different way of addressing the problem. So I used phishing as an example and I need to add that caveat right now. But for authentication, for commenting on blogs, for all the things you do on the net, your license plate Credential makes you accountable without disclosing your identity. [00:15:19] Speaker A: So I want to ask another simple question. What happens if the system that has that link between the license plates and our true identities, what if that gets hacked and that gets leaked out? [00:15:33] Speaker B: Well, I'm glad you asked. The identity database is in what's called a certification authority. Every pki. This is an example of PKI puzzle pit infrastructure. Every PKI part of it is the certification and it has a record of all of the public numbers. Not private. If done right, some of them, some of them generate the key pair centrally and distribute it. And that's the wrong way and should never be done that way. The public big numbers are in the certification authorities database. Ours has no identity information. The only person who can map that public big number to you, to your name, your identity, is your attestation office. So what the, what the central database has is the address, the public key of the, of your attestation officer. Not your public key. I mean, not your name, not any identifying information about you. Yes, it has your public. It has your public big number, which doesn't disclose any. And the mapping between that public big number and your foundational certificate is not kept there either. There's no mapping between the entry in the database and your identity. So it's an identity database without identity. [00:17:27] Speaker A: So how does that work? Where the statistician officer needs to basically blue a court order, say, okay, this public number is this person. There's got to be a system that they're logging into and accessing this link between those two numbers or two pieces of information. [00:17:44] Speaker B: It's in there and in their device. It's on the, in their possession. I enrolled this person on such and such a date. Yes. This is in my roster of people that I have enrolled. I have checked their identities. I tested their identity. By the way. Your attestation officer is a Virginia remote online notary. They carry civil and legal, civil and criminal liability for any official acts of theirs, including, you know, attesting to your identity. And that mapping is in their possession. It's, it's a local database. They, they can, they can see who that public key represents, but they're not to disclose it. That's where the mapping exists. In there locally with them. [00:18:35] Speaker A: Okay, so would that local group, company, whatever, however it manifests, would they be vulnerable? [00:18:44] Speaker B: Always an individual. [00:18:45] Speaker A: Okay, and the individual, what's it going to be? Your personal information and link is on their, on their phone, on their computer, at home, at their servers. How does that, what would that look like? [00:18:58] Speaker B: It's a laptop. It's a laptop with a secure laptop. [00:19:16] Speaker A: And the assumption is that you'll have many of these. So all this data would be distributed not necessarily all in one place, right? [00:19:24] Speaker B: Every. And you get to choose your attestation officer so you have a relationship with your attestation officer. It's a human relationship, one on one. This is the person who is responsible for keeping my identity confidential and nobody else. There's no place, there's no mapping anywhere else in the world. There is a provision for. If this attestation officer is incapacitated, there is a provision for their work to be transferred to a substitute, a backup. [00:20:11] Speaker A: So, Wes, if there's a court order and there's a clear, clearly, you know, this person on the Internet broke the law in a clear manner, that solves a certain set of problems. What about just bad behavior, misinformation, things that are not clearly illegal but seem to have be having a bad influence? Does this concept idea solve that as well? Does it help us to find people who are not acting in good faith? Or is really this all about people who have clearly broken the law? [00:20:51] Speaker B: Okay, so the answer is yes, it addresses the problem. But when I say it addresses the problem, it is something other than your license. So here's. Here's the thing that we have. I will say that the set of assumptions that we have fallen into has led us to spray. And that is it started with the whole information wants to be free. The beginnings of. Even before the web, there was something called gopher, sort of a free web web. You know, on the Internet, no one knows you're at all. Well, okay. We have a space like that in the physical world too. We're all outdoors. We have called the Internet. We call it. I guess somebody has recently told. Hey, Wes, we still call it anyway. We call it the information highway or the information. It's a roadway system. It delivers packets from point A to point B, observes a, you know, a standard worldwide protocol. You know, red means stop, green means go. It's a roadway. So what would we do in the physical world that we found ourselves hanging out, living, holding our meetings, keeping our files, letting our kids hang out by the side of a busy road. What will we do? I think the answer is we pretty quickly find a way to get indoors to get the protection of this thing. The collection of accountability spaces, all building. Where are the buildings? Well, no, we don't have buildings because the Internet. Internet is freedom. Yeah. Well, okay. Outdoors is freedom too. Sometimes we want our typical use of A roadway of a highway in the physical world. Go from indoor space to indoor space building not 100% of the time, but typically how we use roadways. Why is it different online? I have no idea, other than I watched it evolve. I was there through the evolution and this notion that this wonderful new thing should only be used in an unconstrained way. There are things that you want to do in a constrained way. You want to. In a building, you tend to know who's in a room with you. That's the purpose of the building, other than, you know, keeping the rain off your head. [00:23:58] Speaker A: Let me play the devil's advocate here for a moment. To me, it seems that there are a lot of people who want to be anonymous and don't want a license plate. And then on the other hand, there are businesses that will make more money and be successful in this anonymous environment. So having both a consumer and a provider both enjoy this completely anonymous environment, that's what gives it life. [00:24:33] Speaker B: No one is saying that you have to have this. You can use, certainly live your life outdoors, you know, live off the grid. And no one's saying that's not allowed. But I want to mention that, you know, we think of relying parties as being institutions and governments and business. No, we are all relying parties. We all rely on the identity claims made by others. This is. And when we get defrauded as individuals, it's by another individual. Typically, we are all relying parties and we think that we have a means to maintain your anonymity, but make sure that those that you rely on are accountable. [00:25:31] Speaker A: So what you're saying basically is that, you know, if you want to chit chat and you're not putting yourself in any kind of risk, that's fine, you can be outdoors. But if somebody's asking you for money or anything that can damage your reputation or anybody else's reputation or create any damage, you should come indoors and have a proper transaction. [00:25:49] Speaker B: That's right. You should have a residence. You should have an online residence. What is a residence? Think about it. What's your home? Isn't it a social network of sorts? It's where family and friends get together and, and you know, you need to have a right and need to be there. And typically it's when you are present, you allow guests in, but not always, not 100% of the time. You may have a cleaning person in your abs, you know, so residents, clubhouse, office. If you picture any kind of building, the equivalent can happen, exists online in digital space. And actually there's an in between kind of space called a public accommodation. So if you think about retail stores and banks, I love the bank. You're super secure. Anyone can walk any. In fact convicted bank robbers have bank accounts walk into bank lobbies. So, but so there's outdoors, public accommodation, indoors. Indoors, everything has an ACL access control list. You are identified by your pcn, your public key. No one needs to know the identity behind that, but you are accountable there. Or you may have a space where you may build a clubhouse where you say, no, I want to be able to know your name to be in my clubhouse, I want to know your name. You say, well my name is Joe Jones and say, I would like to have a license to know that for sure. So I would have. And we have this thing called moi, My own information. This is your personal information ball. It's built partly on the W3C, solid system, solid podcast, and partly our own additions to it. But let's say you have a clubhouse, this person wants to join. You say, you know, here in this clubhouse, we all have a license to know each other's real names. That means I want to get go to your moi and under license, under an agreement not to use your name for any other purpose, I want to know your name. And then of course you have your choice of saying, well, I don't want you to have access to my. I mean, I'll tell you my name, but I'm not going to give you access to that item in my moi. Okay, well, you can't join the public. [00:29:08] Speaker A: That's so interesting, this concept of that there's environments with differing levels of trust and you're really opting into do I want to be part of this environment. And then I'm both receiving and giving that trust. By definition of agreeing to join that. [00:29:22] Speaker B: Community, it's exactly like the physical world. There's no difference. See, that's the funny thing. There's this assumption that if you're doing something to alter the way digital space works, it must pervade the whole Internet. You know, all 4 billion people. [00:29:42] Speaker A: Right. [00:29:43] Speaker B: It must work that way for all of them. No, not at all. Your building is going to be different from my building. You might have a residence, an office, plus a clubhouse for your chess club. You may be own a publication and say you own a whole village with buildings inside of it. It's just exactly, exactly, exactly like the physical world. Look out your window to see how it works. It needs no more explanation than that. Just look at the physical world. There's your model. Outdoors is for everybody. Outdoors works the way it works everywhere, worldwide. That's outdoors. You have roadways outdoors. They're pretty much the same everywhere in the world. You know, if suddenly some law change in the protocol made green stop and red go, then you'd have to change the whole world to make that happen. Which, you know, that's somebody else's problem, right? It's not the problem of a real estate developer. We have one of our enterprises, it's called Abex Properties. It's a real estate development firm, develops digital buildings where our entrepreneur there will be happy to build a digital building for you and manage it for you. It works just like real estate. [00:31:16] Speaker A: Wes, such a great conversation and we. I barely noticed that the time flew by and we're out of time. So that brings us to my last question. A lot of our audience are youngsters kind of choosing their next steps in the career. If you think back to 20 something year old Wes, what would your advice be. [00:31:38] Speaker B: Asked? To look at our authenticity enterprise business plans. Because you can be a CEO of an enterprise that brings the benefits of authenticity to your target audience. I hesitate to use the word franchise because it carries certain legal baggage, but essentially that's the business model that we use. [00:32:13] Speaker A: Wonderful. Wes, thank you so much for joining today. I appreciate you. [00:32:18] Speaker B: Thank you, Ari. I had fun.
Previous Episode
Next Episode

Other Episodes

Episode

November 13, 2024 00:27:56
Episode Cover

Jess Jensen | Nov 13, 2024

In this conversation, Jess Jensen emphasizes the importance of understanding your audience for effective communication and marketing. She discusses the necessity of targeting specific...

Listen

Episode

September 19, 2024 00:52:42
Episode Cover

Tom Rose | Sep 19, 2024

In this conversation, Tom Rose shares his profound journey through grief after losing his wife to breast cancer. He discusses the emotional turmoil he...

Listen

Episode

June 04, 2024 00:37:18
Episode Cover

Rudy Krabbe | Jun 4, 2024

SummaryIn this conversation, Ari Block interviews Rudy Krabbe, discussing his proudest moment in his professional history, his experience working at Swatch, the challenges of...

Listen