Slashdot Mirror
Helping Surfers Sidestep Site Registration
netbuzz writes, "PrefPass, a startup debuting at DEMO today, is looking to do for the onerous Web site registration process what Amazon has done for shopping: one click and you get the goods. If it catches on, sites requiring full registration may feel the heat." Looks like sites will have an incentive to implement PrefPass; it's not antagonistic to their interests in the way Bugmenot is.
Hasn't this been attempted before, with the likes of PassPort, and other numerous "universal" single-signon type things that have attempted to partner with commercial sites, and so on?
It says it's different from PassPort, and I agree, but I fail to see why this would have any more success.
Should be implimented on Slashdot
I thought (correct me if I'm wrong) that the reason those sites want your age / sex / location was for demographics (for marketing and such).
If they just want to personalize your page, a cookie should be sufficient.
So, if this tool allows me to login to multiple sites, but with faked info, I don't see the sites going for it.
Do you need a bigger red flag that this is a submission by the company itself or a PR company working for the company?
Edit! You're editors! Use your noodle!
Have you read my journal today?
I hate sites that require registration to access "free" content. Either publish your content to your "free" website, or charge me for it. I shouldn't have to tell you anything about myself to get access.
I know I'm jaded and cynical, but how much of the information that is entered into web site registration pages is genuine, anyway?
Insisting on "correct" English is like saying that there is only one, definitive recipe for chili.
As others have stated, this concept really isnt all that new. One of the main problems with it is having the clout to make all the little shops, etc set up on the net to play ball. That really isn't an easy thing to do and the primary reason why ventures like this in the past have failed.
There is still also a barrier to overcome in convinving people that their data is safe online.. and they are especially fearful of any service that claims to be acceptable at any store. Why? Because in the publics mind that equates to lower security.
I believe that eventually something along these lines will happen. However, it is going to take a whole lot of push for a company like this to stick it to Google and their plans for Google Checkout.
Justin - Don't be afraid of my blog, it won't bite.
RTFA. This isn't for "full signup" sites, this is more like a cross-site cookie. The idea is they don't ask you to register if you're just trying to read something. The idea for the host site is that they'll be able to target (ads|pages|search results) to you based on your whole surfing history (*cough*google ads*cough*) not just that site. As a "bonus" to you, the surfer, you won't have to do anything and the host site could store your preferences (font choices, colors, etc.)
John
But when I do let you know something about me, then know that even though I'm a high school dropout
I am also a 22 year old 5"4 athletic blonde female and I just love the sex older men can give me and I'm
interested in dating and romance. I like Billy Graham, Zachariah Sitchen but I hate Prince Phillip and
I earn more than a hundred thousand dollars a year working as a pharma whore.
Can I use PrefPass to avoid registration for PrefPass?
For some reason, the article omitted a link to bugmenot. There's a Firefox extension that automates the process.
If you don't know what this is, it's a user-maintained list of usernames and passwords for sites that "bug" you for registration. Some sites block Bugmenot-listed usernames and passwords but most don't.
|/usr/games/fortune
This should be a real boon to identity thieves.
Putting all your eggs into one pasket just makes it easier for someone to steal all your eggs. Won't people ever learn?
Learn from the mistakes of others. You won't live long enough to make them all yourself.
I know it's weird, but...
I love the way you say "passport".
C'mon, won't you say it again?
mmmmmm.... passport... it's just such a beautiful word...
passport...
passport!
A Web-based service, the PrefPass registration itself requires only two pieces of information from a user: an e-mail address and the URL of a first Web site or feed in which the user is interested.
So if you're only identified by an already public identifier (that being your email address), what's to prevent people from messing around with other people's preferences? Cookies can be lost by the legitimiate user and spoofed by an attacker. IP-based filering doesn't work for different users behind a common firewall. I wonder how they can get by without some sort of password. I wish they had a technical FAQ to go along with their press release.
--
"Extra Anus Kills Four-Legged Chick" -- Headline
Just another vehicle to serve up even more advertising.
FTA: "In exchange, users agree to let PrefPass sites access their pref lists, thus allowing them to customize the experience, as well target advertising to the user."
I'll stick with BugMeNot, thank you.
Down With Slashdot BETA!!! I've been around the corner and seen the oliphant; you can only abuse me from your perspecti
I used this back when it was called BugMeNot
There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
You know, as evil as it was, I really liked Gator for one thing - it did a pretty good job of autofilling forms. Like all good software it Just worked without a great deal of hassle.
Three Squirrels
Why not do identity but saving a vCard at a certian URL on your public website.
Sites that want logins can just as for your vCard URL. You have have several, they are unique,
you decide what goes inside. Startups can make tools for mananging them.
Nice.
PrefPass should be something like PassTheInfo, HandItOverToHackers or, maybe TARGET.
Because that's what it's going to become if the public and the corporations actually start using this thing.
One Big Target. Hackers start your engines...!
Lee Darrow, C.H.
And the flaw with that approach is that many people will not want many of the sites that they go to to be known (and indexed) by what is basically an advertising agency.
Now, if you could maintain multiple profiles that would NEVER cross, this might be a good idea. Particularly if it did keep other cookies and such off of your local drive.
They want my browsing history so they can more effectively market to me. They're going to have to provide me with some more service than just centralizing my fake name and fake email address.
what a great movie....
Looks like sites will have an incentive to implement PrefPass; it's not antagonistic to their interests in the way Bugmenot is.
What is antagonistic is requiring people to give full legal names, addresses, phone numbers, email addresses, shoe and genital sizes, blood type, genetic write-up, and winning lottery numbers for the next five years. Okay, so not as much as all that but you do feel that way, don't you? In this age of spam and violations of promises stated on these websites that you will not receive unsolicited ads when you will and do five seconds after submitting the information, that all is what is antagonizing. I don't want any info about me whatsoever going to a website just to read a news article. If they need that, then why doesn't my local paper require a blood test at the damn paper box on the corner instead of $0.50? If it isn't money, then what is it? If it is money, go figure out micropayment systems that work or survive on ads but you're not getting my life's history just to RTF linked from Slashdot.
If my grammar and spelling are off, I am [distracted/tired/careless] (take your pick)
I had thought about this kind of thing as a way for the MPAA to fight the Pirate Bay. If they provide a way to access PB torrents, through RSS or something, PB would lose ad revenue. There would be no signup, just view and access torrents posted on PB without the ads. Maybe put in some movie preview torrents (also hosted by PB) to get more people into theaters.
I'm sure there are safeguards that check ips before you can join a torrent so I'm not sure if this is even viable. It was just a thought.
I run a community bulletin board and believe me it get's a lot of robots (probably from zombie systems) sending spam. Registration greatly reduces this spam. Much as I dislike registration, I think this may be helping the spammers and reduce the availability of message boards.
I honestly don't see an easy way for spammers to cull this thing (unless they bust into the PrefPass servers, I suppose).
Quo usque tandem abutere, Nimbus, patientia nostra?
Until the "A computer matched him with her?" line. -_-
-:sigma.SB
WARN
THERE IS ANOTHER SYSTEM
I thought that's what AC's were here for?
What if the Hokey Pokey really is what it's all about?
You really are making the GNAA look unprofessional with that horrible grammar and prose that reeks of overreaching your abilities as a writer. Here, let me fix that for you:
.info TLD being re-energised with a huge cash and semen injection from the GNAA LastMeasure project, punctuated by Netcraft's recent confirmation that the GNAA has gained a massive controlling stake in .info during the past 2 months".
In a self-congratulatory press conference described by one historical analyst as being "worth 10 Dresdens", the now world-famous egalitarians of the Gay Nigger Association of America announced to the world press that their highly successful open source "LastMeasure" project has now reached over one hundred thousand homes across the world.
Amidst a snowstorm of tickertape and parade-like festivity, Penisbird, one of the founders of the LastMeasure project, screeched triumphantly from his gold-plated dong perch that the exponental growth of the popular shock site can only continue. Even those outside the GNAA's dark-skinned sphere of influence can only agree, when faced with the cutting-edge "xangadot" marketing techniques employed by GNAA LM sales reps Incog, Saturn, Trake, qat, and Zeikfred Tuvai.
The sheer ferocity of the xangadot effect has caught many by surprise, none more so than xanga spokesperson AzN_ThuG_08, who was quoted as saying "MUTHAFUCKA TAKE DOWN MAH SITE...BITCH IM LETTIN U...FUCK DIS SITE AND FUCK U TOO. I CAN MAKE A NEW ONE I GOT THA TIME u stupid muthafucka" before driving his nitroglycerin-laced riced-up Honda into the GNAA headquarters in a dastardly as well as suicidal attempt to decapitate the GNAA leadership. Thankfully the 140 decibel exhaust noise of the now vapourised vehicle allowed the surrounding buildings to be evacuated several minutes before the atrocity took place.
Speaking from his converted 1970's brothel, overpaid financial analyst Gary Niger told Reuters, "The effects of what has been dubbed the 'Open Source Final Solution' can be felt in almost every area of digital society. A striking example of this would be the once worthless
Can this momentum continue? Or has LastMeasure reached its unsurpassable zenith, its only remaining direction being a downwards fall? GNAA President timecop refused to comment, instead choosing to bathe naked in a pool of Yen, laughing insanely. The future seems bright.
About LastMeasure:
A primitive version of LastMeasure was concieved by Penisbird of the GNAA after playing with an AIM utility named AIM Invader. It offered Penisbird a myriad of ways to crash AIM clients. By far the most powerful crash was the "last measure" crash, which would inundate an AIM client with file transfer requests, buddy list sends, messages full of smileys and colors, until the AIM client crashed due to lack of RAM.
The LastMeasure site originally consisted of Penisbird, Goatse, Tubgirl, Lemonparty, and Shitfaced Lady. This has since expanded to include many other of the internet's treasured icons. And with the addition of StatsMeasure, the clipboard data of thousands of unwitting victims has now been exposed for the world to see.
For more information about LastMeasure, visit the official website, LastMeasure.com
It's like asking a customer's name before you let him/her in your retail store. They don't have to tell you the truth, you'll let them in no matter what name they use, there is no useful purpose for the information, so all you've done is annoy your customer.
I could not care much less for what sites want when they try to collect my demographic information. More often then not, it is directly the opposite of my own desires and preferences. I go to a site to read an article, check a price, or a score, or the day's news. I will look at an advertisement under protest, but I will not willingly give them ammunition to bother me outside of my interaction with their site.
When a site asks for my personal information just so I can see their advertisements on my way to reading the morning's news, I have no problem at all about lying to them. I give a fake name, a fake zip code and a fake email.
If they require an email authorization, I use a spamcatcher account that is created with fake information.
Since when are we required to acquiesce to the wishes of the corporate world just for the privelege of purchasing and using their products? Since when do I have to provide correct personal information just to get the day's weather forecast?
It's the same thing when I go to a Best Buy or Radio Shack and they ask for my zip code or last name. Maybe down the line if they figure out that people are lying to them they'll stop asking.
I'm starting to believe that the next few decades will be marked by the traditional business/customer relationship being replaced by a much more combative, adversarial interaction between the individual and the corporation. It will be to nobody's benefit, but it seems that there are few ways to discourage real assholes. I'm sure those of us who still believe in the primacy of the individual and privacy in general will become inventive in coming up with more ways to thwart these "business" people who believe they have ownership rights over our lives. It's time to balance the scales a bit, I think.
You are welcome on my lawn.
Ive used Roboform for a few years since I manage a ton of Cpanels and such. It costs $, but is definitely a tool I couldnt live without.
MS was behind PassPort and anything MS is evil amd bad... right guys?
What is the difference between this and OpenID http://openid.org?
There could be a standard HTTP header field defined.
Call it 'X-Demographics'
Contents would be of the form
"X-Demographics: Age/28, Location/Seattle, Sex/Male, Occupation/Programmer"
All free-form and user selected, with browsers offering a dialog where users can set common information, and choose when/where to send it.
Servers must not require the info, and must accept invalid data without dying ( "Age -1/Location The Moon/Sex Yes Please" ) but if provided, they can customize their content/advertising.
Sure, users might deliberatly provide false data, but they would do that anyway with a 'log on' form; and if you don't want to provide it, you don't (default in a browsers should be nothing sent without user approval) and browsers should be able to control which sites get sent what data. Even a simple mechanism, such as the first time you visit a site, do not send data, but if you return to the site later, then send it.
Details of parsing are trivial (I know, not really), once a standard basic layout and header field name is chosen, I'm going for something like the 'Accept:' field format.
I don't mind reasonable advertisments, but as an example, as a guy, I really have no interest in tampon ads, and I doubt the tampon companies want to spend their advertising dollars on me.
Doesn't it really do what Gator was supposed to do - store your address and personal information to use it on registration forms?
Blah....
There is no information about the company PrefPass. Nobody is going to use this.
I'm sorry, when did giving the finger to someone who wants your email address, name, age, and set a dozen cookies suddenly become antagonistic instead of protagonistic? Woudn't the people wanting all kinds of info for a web article the ones being highly antagonistic?
Help us build a better map!
Doesn't sxip already handle this simple little task? Gracefully, and as an open standard, no less.
"...I don't believe it."
Then, in the middle of the night, the SWAT-like security teams (apparently already in or near the building) instantly scour the building.
Did I ever tell you why I got kicked out of the CIA?
Whenever a site asks me to register before I can access content (and I don't mind my username/password being made public), I use http://www.mailinator.com/. You basically make.up.an.email.address@mailinator.com, and then head over to the site, type in your made up email address, and it shows you the last 5 (probably spam) messages it has received. Of course its totally unsecure (but that's sort of the point), so be careful what you use it for.
Anonymous but for how long ?
1. Give PrefPass your email address - they assign you a unique ID
2. Visit vendor, PrefPass system passes you PrefPass unique ID
3. Vendors site gives you customised info based on your "prefs" list
4. You buy from Vendor, at this point you have to give them all the usual information required for billing.
5. Vendor associates unique PrefPass ID with vendor assigned ID and forever knows exactly who you are each time you vist.
ERR 411[Max number of witty sigs reached]