Slashdot Mirror
A Universal Roaming Profile?
Arnaud Sahuguet asks: "I have a cell-phone with my phone book, a PDA with my calendar info and my address book. I have my home desktop bookmarks, my work desktop bookmarks, my laptop bookmarks, my PDA bookmarks, etc.
They are all mine, but somehow they are not, because they live in
different networks (or on the same network but with different operators).Everybody keeps talking about convergence, but I don't see any
convergence on the user profile front (data that matters to me). Microsoft is pushing for .NET MyServices, Sun et al. are pushing for Liberty Alliance, Apple is pushing for .Mac. Is it the right way to go?" One of the large major issues surrounding such a system would be implementing it in a way where the user can control the flow of data: where it is stored, when a certain piece of data can be sent, and who is allowed to get it. Sounds like a fine idea to me, what do you all think?
Napster is (I should say was) a community of users willing to share MP3 music files, administered by a central server managing meta-data about users and files. I don't know what the exact goal was, but I can see it as a way to free ourselves from the music industry monopoly.
GUPster would be a community of network entities (e.g. servers at Yahoo!, server at SprintPCS, servers at my university, my home machine, etc.) willing to share standardized user profile components, administered conceptually by a central server managing meta-data about entities and components. The goal is to create synergies between network components in order to deploy value added services for the user. (Since I am working for the telecom industry, the goal is to make network operators happy by making end users happier.)
Just like in Napster, my user profile information will be distributed but the meta-data will be centralized (at least from a logical point of view) at the GUPster server. This way, I can decide that my credit card information will be stored at my bank, my calendar information on my Yahoo! account, my game scores on the Sony web site, etc. Network components storing my profile information will have to support the right set of interfaces and protocol and will register to the server the pieces of my profile they are storing.
Note: I will be the one deciding who stores what. Think of it as like moving to a new place. You can choose your electricity, gas, phone, cable and Internet providers.
Applications willing to access any of this information will talk to the GUPster server. And just like Napster, the server will not return data, but referrals (i.e. where this information can be found).
Unlike Napster, the central server will also enforce some access control policies defined by the user (let's call them my 'privacy shield'). If the request for user profile information is not OK (e.g. nobody can access my presence information after 9pm), the returned referral is empty.
Does it sound crazy?"
"As a user:
- would you be willing to have your personal profile information stored on the network?
- who would you trust? Your bank, your ISP, your cell phone provider, your company, the EFF, no one but you?
- what kind of guarantees would you require?
Napster is (I should say was) a community of users willing to share MP3 music files, administered by a central server managing meta-data about users and files. I don't know what the exact goal was, but I can see it as a way to free ourselves from the music industry monopoly.
GUPster would be a community of network entities (e.g. servers at Yahoo!, server at SprintPCS, servers at my university, my home machine, etc.) willing to share standardized user profile components, administered conceptually by a central server managing meta-data about entities and components. The goal is to create synergies between network components in order to deploy value added services for the user. (Since I am working for the telecom industry, the goal is to make network operators happy by making end users happier.)
Just like in Napster, my user profile information will be distributed but the meta-data will be centralized (at least from a logical point of view) at the GUPster server. This way, I can decide that my credit card information will be stored at my bank, my calendar information on my Yahoo! account, my game scores on the Sony web site, etc. Network components storing my profile information will have to support the right set of interfaces and protocol and will register to the server the pieces of my profile they are storing.
Note: I will be the one deciding who stores what. Think of it as like moving to a new place. You can choose your electricity, gas, phone, cable and Internet providers.
Applications willing to access any of this information will talk to the GUPster server. And just like Napster, the server will not return data, but referrals (i.e. where this information can be found).
Unlike Napster, the central server will also enforce some access control policies defined by the user (let's call them my 'privacy shield'). If the request for user profile information is not OK (e.g. nobody can access my presence information after 9pm), the returned referral is empty.
Does it sound crazy?"
Microsoft Passport?
*ducks*
Robots are everywhere, and they eat old people's medicine for fuel.
do you really think we want to trust someone else with that information? and if we did, would it be a commercial interest? I lied on my profiles from the time I got my first Hotmail acount more than half a decade ago. And I've seen more problems with companies having people's information than i care to count since then. So I don't see anyone with a background in information security or an idea of what goes on with that information, particularly those of us who are paranoid, as liking this concept one bit, regardless of who controls it.
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
what about when this profile gets accessed by someone else? someone is bound to figure out how to spoof usernames and get another user's profile, giving them full access to all your information! now doesnt that sound like fun? it takes identity theft to a new level when your entire identity is on a network.
"And perhaps, posterity will thank me for having shown it that the ancients did not know everything." -Pierre Fermat
hell I don't even trust my own bookmarks on my own computer.
Girlfriend: Bill, why do you have two more links listed under Porn?
Bill: Uhh, I have always had those, they are there just for laughs.
Girlfriend: Bill, what a bunch of crap.
Bill: Actually, they are full of great sites.
Nobody here will trust the government to setup a universal ID card - why on earth would we want a full profile, ready and waiting to be hacked?
Even the idea of what you are suggesting (info on the Internet) scares the shit out of me.
Now, on the other hand, a profile based on a physical item (ie/ a cd, datacard, etc) might be a nice idea. Just plug it into your PDA, cell phone, laptop, pc, etc.
Of course, considering how much information about me is sent across the Internet, maybe it's time to just give up privacy.
If we have to do that, let's at least all go nudist. That might be a fair trade off then...
Robots are everywhere, and they eat old people's medicine for fuel.
It's called my brain. Seriously though, I follow the philosophy of "A chain is only as strong as its weakest link." Distribution of resources (with no central access) limits the damage of a single weak link.
Of course, though, if I was interested in a central system, why not something implemented with a directory service (e-Directory or AD)? A nice little certification architecture for a multi-tiered privilege structure? I'd put my faith in NDS before a lot of the other products mentioned.
What is music when you despise all sound?
... is an open source (preferably) suite that I can run on my PC at home, where I can decide the access controls, and have complete control privacy policy. Ok, so this requires a permanent connection, but that's becoming more and more available all the time.
I'm not all paranoid about privacy. I think that convenience is more important than any information people my glean from me ("He drinks PBR! We've got him now"). So, that being said, I think that so far, Yahoo does one of the best jobs of any kind of convergence. While it's not open, they've got enough services where you really can start to integrate. You can sync your Yahoo mail with any mail client, you can store your browser bookmarks there, files, notes, etc. You can get all of your Yahoo info already personalized in a Sprint phone. You can take care of scheduling with your Yahoo, your cell phone, or even text messaging to almost any device. It's not perfect, but it's the best I've seen. I'm even willing to buy some of their upgrades (premium mail, for example).
What you are looking for is a synchronization system (ie. SyncML). Passport and Liberty alliance only store authentication credentials and some basic profile info (ie. your contact info and optionally your credit card info for purchases.) SyncML.org has created an open standard for synchronization of PIM data so that you can have access to all of your contacts, appointments, tasks, bookmarks, etc from any devices or computers you sync with.
A co-worker and I just discussed this very thing yesterday! However, we defaulted to a hardware device that you would carry with you (quite possibly a PDA), then when you log into a machine, would have your preferences wirelessly available. Not just a desktop, but your cell phoen could wirelessly use teh address book for making calls, etc. I personally like the hardware solution best because then no one owns the cetral store of your personal data & preferences but you.
But, hardware or software, the only way this would be useful is if there was a standard for these major classes of data so multiple devices and applications could read, and in some case modify, the data. Your cell phone might not only want to use your existing numbers,but add a number when you receive a call from a never-before-seen number.
Who would make such standards? Surely Microsoft could give it a stab, and then extend it beyond usefulness. Maybe some of the existing standards are good enough, or could be extended (vCard, vCal, etc.).
Probably all just a pipe dream anyways.
with netscape 4.x (dunno about mozilla), you could store a roaming profile in an ldap db. then you could log in with navigator from wherever and instantly have your addressbook / bookmarks / preferences / mail settings magically load up. i have seen it work, and it was pretty sweet.
-BlueLines
--BlueLines "The cost of living hasn't affected it's popularity." -anonymous
There's no need for trust. Store my data on your server but store it encrypted. Only I have the decryption key. Everything I send to you and receive from you is encrypted. You are just providing the storage (and possibly I am paying you for this service).
Now, I don't need to trust you. I, of course, do have to trust my local machine and I have to trust the client I use to access my files. But I do not need to trust you.
Oceania has always been at war with Eastasia.
Take a look. This is the first of open standards to control information about yourself.
May we never see th
A better solution than storing it on someone else's server would be to make the interface synchronizable between platforms.
I'd keep a copy on my work desktop. I'd sync my home PC and my work PC over the internet (using VPN or SSL, of course.) I'd HotSync it to my PalmOS device. My Palm could Bluetooth it to my phone. My phone could GPRS it to my car's phone. My wife could sync the "Family" category on her Palm to the "Family" category on my Visor.
PalmOS does this sort of thing now with the HotSync program, but only in the limited "Handheld -- Palm Desktop -- Outlook" chain. With a robust protocol (almost certainly XML) and a strong standards committee this should not be an insurmountable task.
John
The poster illustrates the problem with examples such as bookmarks and address books ( which is a different problem than what liberty et. al tries to solve I believe) . These kinds of information can already be kept in an LDAP server and most applications can store and retrieve these from those servers. Outlook does it, mozilla does, ximian does it.
LDAP address book support is relatively mature in most email readers. Check out OpenLDAP for more info.
Single sign-on can also be done via LDAP. Or Kerberos/LDAP if you're so inclined. Netscape NTSych product, the Psynch® product, etc. can be used to sych NT or win2k with an external database. Check out projects such as pgina. There's a free general purpose NT password sync dll available from AcctSync. This DLL is nice, you can catch user passwords and pass them to an arbituary script with the username. This could be a perl script that updates LDAP to a vbscript that updates the coresponding Oracle user, it doesn't matter.
Also, it's simple to store public certs in an ldap server, making it easier to deploy PKI on a budget ( you don't want to know how much netscape and novell charges for this per user, trust me :)
In short, a lot of your problems can be solved right now by running a LDAP server and configuring your applications to rely on it for their datastore. Good luck.
Based on upvotes, Ageism is the only "-ism" Slashdotters care about and think isn't SJW
Back in Netscape 4.x days I had my netscape profile roaming across three home computers, and several computers at work. It worked great. You could select certain items to roam ... for example, the actual browser preferences file, calendar entries, bookmarks, cookies, etc. I think it might have even let you roam certificates (but maybe not).
... probably in NS 7 though.
... instead just MS-bastardized standards designed to get you to purchase more of their software so that it will work together (hah).
I use Mozilla now and I didn't see the roaming functionality in there on a quick check
You could setup to Roam and store your info in either an LDAP database or on an HTTP server (much easier). You could then use SSL for those of you that are concerned with security to roam. Whenever you exited the browser, if you'd changed something (for example, new bookmark), it would update the central profile location with the new files. Nice feature, there were a couple of point releases where it would get confused and you'd wipe out your bookmarks on one system, but that was not a concern since you ended up with copies of everything on multiple computers.
Note that Netscape's roaming support extended to Unix systems too. It was sweet. Too bad Microsoft's browser monopoly killed it off. We won't see real innovation like that anymore
A lot of you said people wouldn't store their profile info on someone else's network. Most people would though. Most of you store your email on other people's network right now. In this case, I was using my own colocated server and also ran an IMAP server on it to keep my mail in sync.
The biggest problem they had w/roaming was the lack of documentation. You can go back into newsgroup archives and occasionally run across some poor soul trying to figure out what you had to do on the server. Once setup, though, it worked great.
Good to see that we're now going to try and reinvent the wheel. Of course, this wheel will only work with a Microsoft axle, transmission, engine, and body, and it will cost you every time it turns.
Would you have your house, your car, your office, and your secret cash box all use the same key? It's all very convenient until someone else finds the key....
Got Rhinos?
To an extent, Jabber already supports "roaming profiles" with your IM, through the use of a server-side contact list, and even any transports you might be using (AIM, ICQ, etc), along with their login info. This is more of a single-signon type thing, but it is along the same lines as a roaming profile.
But this could be taken much farther. The current protocol already offers arbitrary data storage on the server, and it could be beefed up if necessary (that's the wonderful part about an extensible protocol).
So then in your web browser (or in some global location on your OS), you could enter:
myusername@my-own-domain-nyah.com
and a password, and the browser could retrieve the necessary bookmarks and other data. And all of your data is safe at your-own-domain-nyah.com, instead of Microsoft HQ.
That pretty much covers all the bases. Time to hack this out.
-Justin
Sounded good. I tried a demo of iPlanet a year or so ago, I couldn't get it working; *way* to complicated and fragmented. And I haven't heard much of Sun employees using it.
I have dreamed of a portable virtual desktop for years. Unfortunately, it doesn't exist yet; but for each specific application, there are some solutions (and some general solutinos). The best I have come up with is the following arrangement:
A little rough around the edges, but 90% of what I do (and probably 98% of what typical users do) revolves around email, the web, and a couple of specific applications, it goes a long way towards the ultimate solution, which hopefully will be available some day.
The true solution to this is a unversal open *protocol* for applications. IMAP lets universal email be *very* portable. There is no equivalent for calendaring. This is no equivalent for TODO lists. There is no equivalent for most other important applications. If there were, then mutliple vendors could implement it on different platforms, giving true portability.
Until this happens, there will be fragmented proprietary solutions, which by definition, will not be the universal solution. Sigh.
Love many, trust a few, do harm to none.
If you look at our website you'll find a web-based Contact Manager software accessable from (virtually) all the devices you mentioned above.
/Shameless Plug
It's tested with Konqueror, IE, and Mozilla, and is known to work with a number of Palm-based devices, including the Handspring Treo cellular phone.
I have no problem with your religion until you decide it's reason to deprive others of the truth.
The easiest way to do this is to run a website on your how server. Slap on SSL and you're pretty much good to go. I have:
Centralized Webmail
Centralized Calendaring that I can share with my wife and theater company
Steaming Music that is granted by music profile, so I only share my music with people whom I would normally loan CDs to.
Centralized bookmarks with a convienant javascript link in my toolbar to add sites at home and at work.
The question is why did I have to develop this myself. I think this is the future. Why not take the idea of one of those router/webserver/firewalls a step further and make an all in one information box. You plug it into the network. You patch it. Why doesn't this exist?
Database people do this sort of thing all the time, by making the data superior to the application and forcing apps to work through a very rigid interface. The way to do this is probably to store the preferences in a relational database. Those things are well understood, scale up, and can be replicated. Apps would get to the database via SQL, as usual. It's not the latest buzzword-compliant technology, but it's well-understood.
I'm surprised that /. isn't all over this...
Check out http://www.xns.org
"XNS is an open, XML-based protocol for identifying and linking any resource participating in any kind of digital transaction. You'll find the complete technical specifications on this site.
XNS provides a flexible, interoperable method for establishing and maintaining persistent digital identities and relationships between these identities. The protocol provides services for registering and resolving identity addresses, defining and managing XML identity documents, conducting and protecting identity transactions, and linking and synchronizing identity attributes."
Basically, store what you want, where you want, in an open format. As a public trust organization, they don't store your identity, they only proxy it. Store it with MS, with Apple, with your work, at home.
For instance, lets say that I want your medical records. I would go to the central registry and make a request. The central registry would reply that the information is stored at, say, the Mayo Clinic. I would still have to go there and jump through whatever hoops they present to actually get the data.
The definite good thing about this is that if you decide that you don't want to use the Mayo Clinic for some reason (poor security policies, impersonal staff, whatever), then you can designate John Hopkins, and future requests will be transparently routed there instead.
The potentially good thing is that the central redirector could implement its own security policies. For example, medical info requests should only be forwarded if they come from someone with a certificate signed by an appropriate authority (i.e. ama-assn.org and/or amerchiro.org).
The process would work a lot like DNS. In fact, I don't see any reason why the central server couldn't be distributed in a manner similar to DNS servers.
Nothing for 6-digit uids?