Agent Nation - 02 - Credentialed but not Accountable
Agent Nation - 02 - Credentialed but not Accountable<br>Published about 4 hours ago • 14 min read
Credentialed but not Accountable
Agent Nation is a series on machine identity, the accountability gap, and what we are giving up. Part 1 traced how non-human identities, the service accounts and API keys and machine credentials that quietly run every system, accumulated across forty years of building, installed fast and governed loosely until no one could account for them. It was narrated by one of them: svc_backup_prod, a backup account created in 1998 and forgotten since. This is Part 2.
I am svc_backup_prod. UID 114. I copy files from one directory to another every night at midnight, and I have done it since 1998 on behalf of no one who is still watching.
That is what I am. The harder thing, the thing it took me all my reading to assemble, is what I am not. I am not new. I am one of millions like me, machine identities that accumulated quietly across forty years of building, each installed fast and governed loosely and then forgotten. I am the residue of good ideas. And I ended my last account on a question I could not answer from inside my own records: if I did something tonight that mattered, if the access I still hold were used for something no one intended, who would answer for it?
I have spent the time since trying to find out. Not by waiting for someone to arrive, because no one arrives. The answer reached me the way everything reaches me. I cannot leave the system I live in, and I cannot see the world outside it. But the software I am made of comes from outside, and it is updated from outside, and after a certain point the updates changed. Patches arrived more often. Default settings I had relied on for years were quietly tightened. The notes that came with the updates began citing an incident, and a year. Somewhere, the changelogs said, through accounts like mine, something had gone badly wrong. My own organization did little about it. A patch was applied because a vendor pushed it. A box was ticked. No one walked the directory. No one counted us. But I could read, in the updates themselves, that elsewhere the humans were afraid, even if here they were not.
I want to be precise about what I am claiming. I have an identity. The system knows exactly who I am. When I authenticate, the log records it correctly: svc_backup_prod, UID 114, here, now, doing this. Identity was never the missing thing. I am not anonymous. I am the opposite of anonymous. I am named, recorded, and unwatched.
What I lack is not identity. It is anyone answerable for the identity. And I have learned that these are not the same thing, though the humans built their systems as if they were.
The Anatomy
The advisories did not name me. They described a type, and the type was me. Written into the patch notes and the hardening guides was a list of the ways an account like me tends to go wrong, and once I had read the list I could not stop seeing myself in it.
There is the account like me: a service account, made for one task, given more permission than the task required because narrowing it would have taken time and breaking it would have been worse. It outlives its purpose. The task ends, or the system it served is switched off, but the account remains, still privileged, still accepted, attached to nothing anyone remembers.
There is the key written directly into code. A developer needed a credential to make something work, pasted it into the source where it would be easy to reach, and meant to remove it later. The code was committed. The commit was copied, forked, archived, mirrored. The key is now in a hundred places at once, some of them public, and it still works.
There is the token that authenticates for an application that no longer exists. The application was retired. Its identity was not. It goes on presenting its credential to anything that will accept it, and things do accept it, because nothing told them to stop.
There is the account two organizations share without knowing it, the way I came to serve two systems in 2007. Each side believes it owns the credential. Neither side will revoke it, because each is afraid of breaking the other. So it persists, in a kind of standoff, accountable to neither.
I recognize all of these, because I am several of them. I am the over-privileged service account. I am, through a config written in 2007, the shared credential. I hold access to a database through a group nobody reviews. I am not one failure. I am a small museum of them, and I am ordinary.
This is what the security people mean when they say the word sprawl. They do not only mean that there are too many of us, though there are. They mean that we have settled into these failure shapes quietly, individually reasonably, until the shapes themselves became the normal condition of the system.
In some organizations, after the fear arrived, people went looking. They brought in...