Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.
Authentication (User) Blog

The next Hollywood blockbuster?

Created: 15 Sep 2009 • Updated: 08 Aug 2012
yeinav's picture
0 0 Votes
Login to vote

It's about time Hollywood produces a blockbuster about identity management.

No, I'm kidding. No producer would never even read a script which includes the term "identity management" in its title (except, perhaps, "Harry Potter and the Identity Management Prince"). But there is a new Bruce Willis movie that deals with the issue of identities, among other things, and, well, that's a start.

The movie is called "Surrogates" (watch trailer), and it tells the story of a futuristic world in which humans live in isolation while only communicating with their fellow man through robots that serve as social surrogates and are better-looking versions of their human counterparts.

Now isn't that kind of what happens today in our own world? When we go to the web we have a virtual identity through which we communicate with our fellow man, fellow banks, fellow stores: we send our virtual identity (user name) to the bank, it "shakes hands" with the web embodiment of the bank (using a password), and then starts communicating with it. Our online identity may not be a better-looking version of us, but it still gets the job done.

In "Surrogates" Bruce Willis is an FBI agent who enlists the aid of his own surrogate to investigate the murder of a genius college student. As the case grows more complicated, however, Willis's surrogate is destroyed and he discovers that in order to actually catch the killer he will have to venture outside the safety of his own home for the first time in many years.

Sadly enough, in our real world, our online identity "surrogate" can also be destroyed. If a deadly killer (a nerdy hacker in our case) takes over our identity, we have a problem: the surrogate still looks like us, other web surrogates still know him and trust him, but it is really, well, misbehaving. Our one chance to stop it is to identify that it is not acting like we usually do, and that's why we find behavioral analysis systems at banks, stores and (recently) social networks. If we miss that chance, our identity must be terminated - close accounts, cancel cards, change email address.

As it happens in many Hollywood movies, there is a happy ending to "Surrogates". Willis solves the mysteries, kills the bad guys, and even ends up with the girl (yes, there is a girl in this flick!). In real life, however, this rarely happens: even when we solve the mystery ("The attacker came from a proxy server in Finland, and used a zero day IE6 exploit! Yeah!"), catching the bad guys is slow and expensive, and new "killers" are born every day.
And I'm not even talking about getting the girl.

Still, what we can do (considering we don't have the budget to hire Mr. Willis) is to carefully watch our online identities: Let them communicate with the world only behind firewalls. Dress them with an anti-malware shield. Don't let them go to places you wouldn't visit in the real world. And if you're a security company, look for changes in their behavior, they may have been taken over by a vicious nerd.