Slashdot Mirror

← Back to Stories (view on slashdot.org)

MS Sez Hailstorm To Play Nice With Others

Posted by ryuzaki0 on from the believe-it-when-I-see-it dept.

Rocketboy writes "ZDNet has posted a story saying that Microsoft will not be the only repository of user information within Hailstorm. They claim that Hailstorm was intended all along to be a network of trusted repositories along the lines of all the banks that exchange information within their ATM networks. " One of the key points from Coursey's piece, IMHO, is "MICROSOFT SAID it does not know whether a central authority should be created to oversee the open-trust network it hopes these changes will help create. In an interview late yesterday, an executive working on the project said the company is open to an industry group--such as those already controlling Kerberos and other Internet technologies--taking the lead role if it becomes necessary. ." So, the central authority part is still being worked out - but regardless, this changes the framework of Hailstorm, if implemented.

6 of 143 comments (clear)

  1. Big difference by pointym5 · · Score: 4, Insightful

    There's a big difference between Microsoft (and whatever johnny-come-lately fabricated trustee companies that spring up) and banks. Banks have a culture wholly different from companies like Microsoft. I'm not saying they're divine or infallible, but simply that the way they look at the world and their responsibilities for information are shaped by years and years of living within a complex web of federal and state regulations, and of sitting on the "capital" of essentially unlimited public trust. They don't "think out of the box" about ways to use information they control. The comparison to ATM networks is therefore (in my opinion) structurally accurate but misleading.

  2. Possibility of user-controlled Hailstorm-ish serv? by Masem · · Score: 4, Insightful
    If there's a possibility that others can run services equilvalent to Hailstorm, would this not also lead to the possibility that individual users with sufficient technical know-how (namely anyone using Linux :-) could run their own Hailstorm-like server on their own box with their own security safegaurds?

    Yes, this is MS, so they might only provide a WinXX client. Yes, this is MS, so they might require you to register your client with some central authority with the ability to 'audit' the server to make sure it's up to specs.

    But it may also be as simple as having a client conform to certain specs (hopefully open), and that's it. Average Joe would probably never worry themselves with this, so they'd not lose that many customers in the first place.

    But in the end, I think it's very important that Hailstorm cannot be a necessity for web sites and that there must be a manual entry level for data when it is needed.

    --
    "Pinky, you've left the lens cap of your mind on again." - P&TB
    "I can see my house from here!" - ST:
  3. It still makes me nervous by mikey504 · · Score: 3, Insightful

    I've seen the "We're not sure where this is headed, we're making it up as we go along" rap from these guys before.

    It's hard for me to believe that it's true that Microsoft is "betting the farm" on their Hailstorm strategy but at the same time they haven't taken the time to develop a roadmap for its deployment and maintenance.

    It's too important to them and they have too many resources devoted to it for there not to be a plan. Given that, it makes me nervous that they don't seem to be willing to share the details of that plan. That seems to indicate that they are pretty sure we won't like it.

    The best protection is to insist on open, documented interfaces to all of the components of this technology. We need to make sure that the rest of the industry remains free to develop their own components of the Hailstorm/.Net architecture with the assurance that they will interoperate. The problem is, it would take a lot of cooperation for the industry to reject any offering that doesn't meet these requirements.

  4. Re:OK, let's see the specs by FatRatBastard · · Score: 2, Insightful

    If they will again this time, that would be great, but content-free proclamations are meaningless. I trust these guys as far as I could throw a hundreds-of-billions-of-dollar-cap company.

    In this case I think MS is telling the truth. They don't want to be the sole responsibility for all authentication (think of the liability they'd have). They're going to allow anyone to set up their own authentication centers. Why? Because they're going to hold ALL THE PATENT RIGHTS AROUND IT. That way they get paid whether Joe ASP buys their back end solution directly from them or from a competitor.

  5. Sez!? by Mike+Connell · · Score: 3, Insightful

    Is it really necessary to use words like "Sez" in the story title?

    It's "News for Nerds", not "Newz 4 Nurdz"

    --
    Tales from behind the Lagom Curtain
  6. Re:Microsoft Security by alen · · Score: 2, Insightful

    Actually I meant that they will be paid every time a transaction is performed. Kind of like the royalties they get with some online photo processing operations.I'm not very good at proofreading.

    The challenge for Microsoft is to find a recurring revenue stream. Jack Welch says don't let anyone get between you and your customers. Bill Gates listened, and others didn't. They are letting Microsoft get between them and their customers.