So if you consulted with 100 doctors and 97 told them you that you had cancer, you'd go with the 3??
Is it only climate science you dismiss so flippantly, or is this internet thing also another liberal plot...
Use UltraVNC-SC. It creates a stand-alone VNC server executable that is configured to connect back to YOUR static IP address (a reverse VNC connection basically). I have mine hosted at help.mydomain.com.au. I just tell anyone who I need to assist this name which they type in and run and voila, i'm controlling their desktop. No firewalls to configure (except yours) and no hassles on their end. Best of all it's free.
Verisign are trying to solve this problem by introducing their own two-factor authentication solution that is standards based and, at its heart, centrally managed. Its based around OATH (http://www.openauthentication.org/>) which is supposedly an open standard for two-factor authentication.
The cool thing about Verisign's offering is that they pledge to be the owners of the backend 'token store' for everyone.
The biggest problem at the moment and the reason we have so many tokens floating around is that these tokens need a 'seed record' stored somewhere secure. The seed record is used to authenticate the numbers you type from the token each time you login . Noone gives out these seed records as they're essentially the 'keys to the kingdom', so we're stuck with one token per service. Theoretically, if your token issuer would give you a copy of your seed file, you could then pass it on to anyone else so you could use that token with their service. Usually, they're reluctant to do this (security reasons, ownership isses, impractical, too difficult etc) so noone really shares tokens at the moment...
Verisign want to take that token store and centralise it - essentially outsourcing part of the token management. This means you can re-use your token with anyone else who uses the Verisign system.
Sounds great in theory, but the real challenge will be getting enough people to switch over. Its a real 'who jumps first problem', not to mention who fronts the cost of the tokens initially ('why should I pay for your token when you're going to use it with 10 other companies, and probably my competitors?' kind of thing).
Anyone had any experiences with it, good bad or ugly?
Slashdot Mirror
So if you consulted with 100 doctors and 97 told them you that you had cancer, you'd go with the 3?? Is it only climate science you dismiss so flippantly, or is this internet thing also another liberal plot...
Use UltraVNC-SC. It creates a stand-alone VNC server executable that is configured to connect back to YOUR static IP address (a reverse VNC connection basically). I have mine hosted at help.mydomain.com.au. I just tell anyone who I need to assist this name which they type in and run and voila, i'm controlling their desktop. No firewalls to configure (except yours) and no hassles on their end. Best of all it's free.
http://sc.uvnc.com/index.php?section=12
The biggest problem at the moment and the reason we have so many tokens floating around is that these tokens need a 'seed record' stored somewhere secure. The seed record is used to authenticate the numbers you type from the token each time you login . Noone gives out these seed records as they're essentially the 'keys to the kingdom', so we're stuck with one token per service. Theoretically, if your token issuer would give you a copy of your seed file, you could then pass it on to anyone else so you could use that token with their service. Usually, they're reluctant to do this (security reasons, ownership isses, impractical, too difficult etc) so noone really shares tokens at the moment...
Verisign want to take that token store and centralise it - essentially outsourcing part of the token management. This means you can re-use your token with anyone else who uses the Verisign system.
Sounds great in theory, but the real challenge will be getting enough people to switch over. Its a real 'who jumps first problem', not to mention who fronts the cost of the tokens initially ('why should I pay for your token when you're going to use it with 10 other companies, and probably my competitors?' kind of thing). Anyone had any experiences with it, good bad or ugly?