Slashdot Mirror

← Back to Stories (view on slashdot.org)

Analysis of Passport Flaws

Posted by ryuzaki0 on from the something-to-think-about dept.

An anonymous reader sent us an excellent (and technical) paper describing problems with Passport its not lame anti ms rhetoric, its actually a well written technical assesment of security problems with the unified login that passport aims to achieve. This is a good read.

7 of 174 comments (clear)

  1. Re:Hailstorm. by Kierthos · · Score: 2, Informative

    ObNote: Social Security Numbers were not originally intended to be used for identification purposes. If you find an old enough Social Security Card, it will even say that on it.

    Now, personally, I don't want an 'internet' that makes me use Passport if I want to access certain sites. Sure, if I'm accessing various MS supported sites, I can understand it being there, but I still don't like it. What I can't stand is the MS attitude of making their products 'required' and shutting out everyone else. Sure, some people might just call it good business sense on the part of MS, but let's face it, with as much market share for OS's that they have, it's just another continuation of monopolistic practices.

    "Where shall we let you go today?"

    Kierthos

    --
    Mr. Hu is not a ninja.
  2. Comment removed by account_deleted · · Score: 2, Informative

    Comment removed based on user account deletion

  3. Jabber transports are still unstable by Anonymous Coward · · Score: 1, Informative

    The icq transport has been dead for a month now. Dunno about msn and aim

  4. A quick grammar lesson for the stupid by Anonymous Coward · · Score: 3, Informative

    its = possesive (i.e., belong to it)

    it's = contraction, for "it is".

    So:

    ...it's not lame anti ms rhetoric, it's
    actually a well written...

    Geez. Hire a high school student to proofread or something.

  5. Re:why not just use a Zero-Knowledge protocol by emin · · Score: 2, Informative

    By the way, for those of you interested in learning more about zero-knowledge proofs can check out http://theory.lcs.mit.edu/~cis/zk/zk.html

  6. Re:What the hell?!?! by ninjaz · · Score: 4, Informative
    "its not lame anti ms rhetoric"
    Is this supposed to suggest that other MS articles that are posted to /. *ARE* "lame anti ms rhetoric"?

    It sounds to me like it means: "This is not the same punditry you've seen before bemoaning MS being the holder of all keys, it is a technical discussion of the protocol/service".

    There was no mention of other Slashdot stories. I think it's assumed that Slashdot readers also consult various other sources of news and information (being that most of the stories are from reader submissions and all)

    /. isn't exactly renowned for it's editing, but this seems to be a new low.

    The post also has nothing to do with the article, we're given very little info.

    Slashdot has never been about the editing. It's about geeks swapping info/opinions/war stories/etc about the news of the day.

    If you want good editing, visit Linux Weekly News at http://www.lwn.net/. Or if you want to bash other people's editing, you can do that, and have the power to rate the story itself down, so it won't get posted, over at Kuro5hin - http://www.kuro5hin.org/

  7. Re:What the hell?!?! by Superkind · · Score: 3, Informative
    "its" does not require apostrophes in any of its incarnations, possessive or abbreviative.

    Actually, as an abbreviation for "it is" it does.

    --
    (In desperate search for a cool /. sig.)