You are viewing a single comment's thread from:
RE: IoT: Went to Watch Black Mirror, Found Myself on an Episode.
Awesome comment! Gave you a follow. I agree 100% with your comments and feel that the next eight years is the time to push that agenda. The presidency is starting on a net security theme so it will be a buzz word for a while. It also needs addressed, let me know if you make a post on the subject. Would be interested in you solution to passwords.
The solution to passwords is the same as the solution for verifying a person, is the same for knowing who your friends are.
Why do we still have cell-phone numbers? Why do we still have email addresses? Our computers should be smart enough to call Bob, or send Bob a message. It could easily be done with nested public/private keys. But we don't have a stay linked protocol yet. Bob gets a new phone or server and that information is pushed to all of his mates.
Been having a lot of Bitcoin conversations lately and people say the don't trust it because it is electronic money with no value. I simply ask if they use credit or debit cards and they get that puzzled look on there face when they realize they already use electronic money.
I like the concept but this is the transition from analog(life) to digital(computer). Did you have a method in mind for creating and storing these public and private keys? I feel a bit behind on these concepts, I am curious how Bob would navigate this world with no passwords.
Humans are not designed to store multiple passwords.
So, anything that uses a password to allow an individual access has access to a password that is common for many other such devices. Just one of those devices has to fail in its security for the password to become known to someone outside. And then the entire chain of security fails.
We all know this scenario.
Something needs to be invented, and something will be. Where the computational device recognizes you. The thumbprint identifier is stupid, but may be a step in the correct direction. But, I can tell more about you by the way you swipe the screen, which icons you go for first, how fast you type. All of these could be used to identify you, or identify not you.
The way the public/private keys work. Mathematically, you create a lock, and so you have the lock and the key. If you have the lock (say on your door) and you give out the key to your friends, only your friends can enter that door. (those are public keys) The private key is like the key to the lock of safe in your house. And this safe has a drop slot. So, your friends come over, use their public key to enter your house and drop a message into your safe. You come home and use your private key to open your safe and read the messages.
So, now you know only your friends are dropping you messages, and that you are the only one who reads them.
At a meeting of you and Bob, you will pull out your computational device and trade contact information. Currently we do this as a long string of incomprehensible letters such as [email protected] or 714-555-1212. We hope that no one guesses these long strings, else they can harass us. A computer can make up a longer incomprehensible string and trade that with another computer. Then, its even harder to guess. All you have to do is have an application that talks to the other computer and trades locks and keys. Then you have to place a human identifying mark on the lock/key pair you have... such as "Bob" and then you can use that to always contact Bob.
It is a really simple concept, but right now difficult to do on internet 2.0, but someone will come up with some fix/application/protocol. Internet 3.0 will have this built in.
I am fully on board with this, ConsenSys was working on an identity system I believe if you want to check them out.