Passport to Nowhere
prostoalex writes "CNET News.com.com talks about less than glamorous acceptance of Microsoft's single sign-on technology, .NET Passport. Being launched as a single sign-on service for online businesses and competing heavily with open Liberty Alliance project, which so far has produced just a large amount of PDF files, .NET Passport is considered a failure (although not by Microsoft). Turns out, high licensing fees, lack of simple implementation, security leaks and server downtime, were not acceptable to most of potential clients out there."
"Microsoft was kind of pushing Passport for a problem that didn't exist..."
I think that more or less hits the nail on the head. This is aside from the downtime issue, which is embarassing, and privacy issues, which are disturbing. On the privacy/downtime note, the Liberty Alliance may be vapor currently, but the idea of a "federated" system sounds much better to me. It's not a problem I have with Microsoft, rather it's a problem I have with giving all of my personal information to a single organization to put into a central respository.
No sir, that's bad sauce.
Auto-reply to ACs: "Truly, you have a dizzying intellect."
I never saw a need for .NET Passport in any way. Privacy issues aside, all Passport would achieve for the company using it is something they could already do with simpler, more secure, and less liable technologies already available to them.
I mean, doesn't "competing heavily" imply that there's, well, an active competition in the first place?
Obliteracy: Words with explosions
It is widely pulicized now how to manage passwords for a website -- it's as simple as using other Microsoft tools, and so in a way, passport puts itself out of business by competing poorly with other Microsoft products. Why would anyone not just use an NT auth login, ASP, or one of the myriad of other ways to do a sign-on. The only place I see passports now is places where Microsoft already had a majorly vested business interest. Passport should go right up there with Microsoft BOB , IMHO.
stuff |
I like the concept of passport, but I'm not going to get in bed with Microsoft to put it on my web servers. Besides, it has always seemed to me that doing a scheme like that would introduce so many more points of failure to your web system, that it wouldn't be worth the trouble. That's not to mention security. Somehow I just feel safer when I have to log in to each site separatly.
SCO.com uses Linux
At first, the concept of a global authentication system seems great. We all have too many passwords to remember, the idea behind Passport seems great.
But in reality, there isn't anyone who is secure enough, trustworthy enough, powerful enough and smart enough to pull off a system that would work and would be trusted.
You need to have the strength and power to be able to build such a system, and with those, trust invariably goes out of the window.
So for now I'll keep all my passwords in my brain, and pay the price of my mistrust.
Jolyon
Please read my Canon EOS tech blog at http://www.everyothershot.com
...isn't such a chore that we would need a freakishly-complex infrastructure to save us a couple of keystrokes.
Every one of the tens of millions of hotmail customers have and use a .NET passport. That includes many slashdotters (like me). Granted, most of these are throw-away email accounts, but still, they are used.
"Freedom means freedom for everybody" -- Dick Cheney
I personally think that it's becoming the groupthink/chic thing to do to point out that the Slashdot crowd doesn't like Microsoft.
Personally, I'd say the posting of that story should stand as proof that Slashdot isn't so biased as you seem to indicate. Moreover, whenever good news for Microsoft is posted here, it's generally studied with great detail and flaws are exposed in the methodology. For example, in the story you mention, they ignored worms, viruses, trojans, etc, because they didn't involve a person specifically targetting a specific windows machine for an intrusion. I remember thinking that the only valuable thing to come of that study was that Linux/Unix/whatever required actual human intervention to break into it, while Microsoft wasn't worth the bother when a thousand automated tools do it for you.
-N
I've nothing to say here...
The problem with the whole concept in general to me is security.
Company A holds your credit card information and controls the sign up system.
Company B You make purchases through there system, credit card details are pulled from company A, your happy
Slap on 100 Company B's each with the ability to pull your credit card data so you can make purchases.
You now have 100 new possible locations for a hacker to crack, giving them access to a massive database of credit card data.
A chain is only as strong as its weakest link. The more merchants you add to this style system, the better change your chain will break one day.
Personal Website
Every registration-requiring service of Google nicely collects no more infomation than it needs to, but there also seems to be very little support for cross-linking registrations from one service to another. As a result, they have distinct logon screens for...
- AdWords
- AdSense
- Google API
- SiteSearch / Websearch
- Blogger
They just keep adding new services, but there's no sign of any unity coming...
Who buys windows? People buy computers, it comes with windows. Most people don't know any better.
I know you were joking (at least that's what the moderation indicates) but I just don't see people flocking to the stores to get the latest copy of windows. Adoption of XP has been pretty slow (even though it's the best windows yet). People sit there with spyware, worms, memory leaks, and complete shit on their computers and don't even care. It's amazing what the average computer user will put up with.