MS Sez Hailstorm To Play Nice With Others

Rocketboy writes "ZDNet has posted a story saying that Microsoft will not be the only repository of user information within Hailstorm. They claim that Hailstorm was intended all along to be a network of trusted repositories along the lines of all the banks that exchange information within their ATM networks. " One of the key points from Coursey's piece, IMHO, is "MICROSOFT SAID it does not know whether a central authority should be created to oversee the open-trust network it hopes these changes will help create. In an interview late yesterday, an executive working on the project said the company is open to an industry group--such as those already controlling Kerberos and other Internet technologies--taking the lead role if it becomes necessary. ." So, the central authority part is still being worked out - but regardless, this changes the framework of Hailstorm, if implemented.

Can I act as a repositry

[barnaclebarnes]

What if an idividual wants to become a respoistry for their own information and not trust it to a central place. That way I could carry the information with me knowing it is as secure as I want it to be.

OK, let's see the specs

[Fnkmaster]

Open the standard, show us how to roll a Hailstorm server, tell us how to set up alternative Hailstorm compatible networks, come up with a process for joining the official Hailstorm network, show us how we control where our information goes.

Microsoft is just realizing that nobody will play with their new toys if their toys take away rights that we consider sacred. They have backed out of really bad ideas in the past when enough industry and pundit criticism was leveled against them. If they will again this time, that would be great, but content-free proclamations are meaningless. I trust these guys as far as I could throw a hundreds-of-billions-of-dollar-cap company.

Big difference

[pointym5]

There's a big difference between Microsoft (and whatever johnny-come-lately fabricated trustee companies that spring up) and banks. Banks have a culture wholly different from companies like Microsoft. I'm not saying they're divine or infallible, but simply that the way they look at the world and their responsibilities for information are shaped by years and years of living within a complex web of federal and state regulations, and of sitting on the "capital" of essentially unlimited public trust. They don't "think out of the box" about ways to use information they control. The comparison to ATM networks is therefore (in my opinion) structurally accurate but misleading.

Re:Big difference

[JediTrainer]

There's another difference: Banks are LIABLE if they lose your information, which translates usually to you losing money.

Microsoft has never been accountable for anything being lost in the past, by hiding behind their EULA (ie: we are not responsible for any direct or indirect losses as a result of using this product. You agree not to sue us no matter what). Well, until Microsoft guarantees unconditionally that my information is SAFE, like the banks do, I will not ever, ever trust them.

There aren't any laws protecting me, so why should I even dip a toe into the water?

Possibility of user-controlled Hailstorm-ish serv?

[Masem]

If there's a possibility that others can run services equilvalent to Hailstorm, would this not also lead to the possibility that individual users with sufficient technical know-how (namely anyone using Linux :-) could run their own Hailstorm-like server on their own box with their own security safegaurds?

Yes, this is MS, so they might only provide a WinXX client. Yes, this is MS, so they might require you to register your client with some central authority with the ability to 'audit' the server to make sure it's up to specs.

But it may also be as simple as having a client conform to certain specs (hopefully open), and that's it. Average Joe would probably never worry themselves with this, so they'd not lose that many customers in the first place.

But in the end, I think it's very important that Hailstorm cannot be a necessity for web sites and that there must be a manual entry level for data when it is needed.

It still makes me nervous

[mikey504]

I've seen the "We're not sure where this is headed, we're making it up as we go along" rap from these guys before.

It's hard for me to believe that it's true that Microsoft is "betting the farm" on their Hailstorm strategy but at the same time they haven't taken the time to develop a roadmap for its deployment and maintenance.

It's too important to them and they have too many resources devoted to it for there not to be a plan. Given that, it makes me nervous that they don't seem to be willing to share the details of that plan. That seems to indicate that they are pretty sure we won't like it.

The best protection is to insist on open, documented interfaces to all of the components of this technology. We need to make sure that the rest of the industry remains free to develop their own components of the Hailstorm/.Net architecture with the assurance that they will interoperate. The problem is, it would take a lot of cooperation for the industry to reject any offering that doesn't meet these requirements.

Sez!?

[Mike+Connell]

Is it really necessary to use words like "Sez" in the story title?

It's "News for Nerds", not "Newz 4 Nurdz"