Can company-mediated identity management be trusted?
Today several news outlets are reporting that GCHQ (British Intelligence) is allegedly asking messaging companies like Facebook/WhatsApp, Apple, Signal, Wire, Wickr, to allow “lawful eavesdropping” on their private and encrypted communications.
That’s not new, it’s certainly not the first time law enforcement agencies (and secret services) are asking for the ability to snoop into anyone’s life without their knowledge. What’s new in this case is how they’re proposing to do it this time.
In the past these agencies were asking for channel/session encryption keys, so that they would be able to sniff and decrypt the raw network traffic. But now they’ve figured out that the same companies who make those encrypted messaging apps also handle their users’ identities, which makes it possible for them to secretly add an invisible party to any actual conversation. This invisible party will join the channel with their own set of keys, and simply be part of the communication without anyone else’s knowledge.
This triggered the immediate reaction of some of the world’s most famous security analysts and professionals, who claimed:
This proposal […] is deeply troubling
It will severely undermine trust in the services that are subject to any such order
And, right down to the point:
No company-mediated identity could be trusted
Yes. The problem is who manages your identity. It very often is, and this is no exception.
See, regardless of whether you agree or not with GCHQ’s proposal/request, it’s important to acknowledge that it would be technically feasible for the sole reason that all those messaging apps (and the companies behind them) also manage their identity database.
In other words, when you join WhatsApp, Telegram, Apple Messages (the list is too long to name them all here) your digital identity for what those apps are concerned is managed by the app’s back-end itself. Therefore, there’s nothing preventing those apps from adding a lurking party to any conversation, if they so wished.
They probably won’t. They hopefully won’t. But they could…
And that’s troubling, because this problem is not limited to messaging apps, it applies to any identity provider that asks you to trust them with your identity database, to copy or replicate your identity database to their servers. Their marketing departments came out with superficially clever slogans, like “all of your identities in one place” which sounds scary only to the security expert scratching his head in the basement office, but appealing to almost anyone above him.
Once you copy or replicate your identity database (say, your Active Directory for example) to somebody else’s cloud servers, there’s literally nothing preventing such identity provider from adding lurking parties to it. Or do with it pretty much whatever they please, for that matters.
The problem is that every Identity and Access Management service out there (except Xiid) is asking you to trust them with a synchronized copy of your identity database, so that they can manage it “as a service” for you:
Now, there are also obvious advantages: a centralized IAM guarantees consistent identities across all of your cloud services, and that’s priceless. So, how can we keep that valuable advantage, but without giving away our identity database (or a copy of it) to any third party?
This is where Xiid.IM (Xiid’s Identity Management) solution comes in. Differently from other IAM solutions, Xiid.IM unique architecture allows you to effectively and securely use your existing identity database, without ever copying or moving it anywhere else. This means there’s always only one instance of your identity database: the one that you own and operate yourself. Yet, you can use it to enable ubiquitous access to any cloud and mobile app, just like traditional IAM solutions (but without the risks).
So, if you’re thinking about cloud adoption, and Identity and Access Management is an obvious concern and an obvious need when you do so, then you should probably choose the only IAM solution that doesn’t take away your ownership of your identity database.
Just one more reason why you should choose Xiid.
