Slashdot Mirror
Microsoft Joins the OpenID Foundation
wertigon writes "Windows Live ID just became yet another OpenID-provider. While the cynical me wonders how long it'll be before Microsoft transforms OpenID to something proprietary, they have undoubtedly put even more weight behind the OpenID initiative. So, how long before I can use my OpenID to post on Slashdot?" Patches are always welcome, wertigon ;)
This is still a useful development. I can now allow MSN Messenger using friends to read my friends-only livejournal posts without having to ask them to sign up for LiveJournal or OpenID (which most people outside of geekdom will not have heard of)
"Did you exchange a walk on part in the war for a lead role in a cage?"
So how long before governments require OpenID to eliminate internet anonymity?
Insert Generic Sig Here:
You don't have to join the OpenID foundation to become an OpenID provider. Funnily enough Microsoft did join; but in Feburary.
But as I ranted on my blog, becoming a provider is useless these days; allowing authentication using OpenID would be far more impressive.
Exactly, and this half-functionality is why this move undermines OpenID and what it stands for.
You see, OpenID still works, but it works *better* if you use Microsoft's version. Soon enough you'll find that everyone's reaching for those MS ids just to remain compatible, and MS will get what they couldn't with their Passport scheme, or LiveId or however it's called these days.
It's the same embrace, extend, extinguish bullshit again, and in my opinion, the community should just reject these MS-provided ids until they learn to play ball.
I just don't get the point of this. I go to a website and there's a little note *You can use your openid here!* and I sign in with it. but wait! it was a trick, they grabbed my username and password, now they have my openid login.
Unless I've missed the point somehow and there's some way to know if the site you're on is accredited.
OpenID also allows more easily data mining what someone says and does on different web sites, which is a dream come true, for all data miners.
So once most people start to use OpenID, then all governments have to do, is pass a law, to either requiring them to know your OpenID, or for them get your OpenID by any other means, and then that's all they need, to workout everything you have ever said online. OpenID is one step away from removing most anonymity on the Internet. This news fits in with the other Slashdot news today, about the Internet Human Rights PR smoke screen...
http://it.slashdot.org/comments.pl?sid=1011555&cid=25554573
Plus as people in power always seek power, then what they fear most, is the loss of power. So to them, finding out what people are saying is very important. (I.e. Knowledge is power). So one of the first things the some of the ones in power will do, is use widespead usage of OpenID to allow them to finding out every political view people post about them online.
To big businesses and governments, OpenID isn't about convience of easy logins. OpenID to them, is about data mining and so it makes sense Microsoft would want to play along with that goal.
There are 10 kinds of people in the world... those who understand binary and those who don't.
"At no point does the accepting site get your user name and password. You can verify this by looking at your address bar."
I bet I could get thousands of user name/password combos be putting up a web page that simply asked users to enter their user name and password. They call this "phishing". It would work.
Using any kind of login that is shared over multiple places is always not-secure. Best practice is to compartmentalize potential damage. So that if some one figures out my password for (say) this website they can't then get into my bacnk account and email. If common logins do become popular then "phishing" will become very popular.