Posted 8:22 AM (0) comments

Gartner: You can't trust MS Passport

Gartner analysts claim that the recently uncovered Security Flaw Shows Microsoft Passport Identities Can't Be Trusted. The flaw allowed hackers to hijack a Passport account without the knowledge of the account owner. Gartner analysts Avivah Litan & John Pescatore claim that this means no Passport account can be trusted unless it was created and/or verified after the bug was fixed. All previous accounts must be wiped out.

Their reasoning is valid, and this is the most serious challenge MS has faced in the identity management field. The Redmondites may need to entirely re-do their authorization and authentication framework as the only way to be able to ensure both consumers and businesses that the identities claimed are accurate.

Posted 8:56 AM (0) comments

Maybe its in the water

Wired reports that the Open-Source Crowd Irked by SCO and its suit to protect its intellectual property (IP). Linux programmers and distributors are supposedly fuming about recent threats of legal action aimed at open-source developers.

In particular, "The Cathedral and the Bazaar" author Eric Raymond is quoted as saying that SCO's charges are "stupid lies, easily falsified by facts in the public record." (How does one "falsify" a lie?). Not that Eric is someone who's opinion I'd trust on a matter of copyright and IP.

Rumors abound that the suit is SCO CEO Darl MacBride's last ditch effort to sell the company. Interesting strategy, isn't it? "Hey, IBM! We'll sue you, so you buy us then you can settle the suit with yourself." I've run into MacBride off-and-on over the years since he was a fledgling at Novell in the late 80's - subtlety has never been his strong suit.

SCO's marketing campaign to large enterprises ("We may sue you too, if you use Linux") is simply bizarre.

Maybe, just maybe, Novell's Jack Messman got his bizarre idea to launch "NetWare on Linux" from the "never-amounted-to-much-at-Novell" group who now run SCO. Its a small world on the Wasatch front.

Posted 3:55 PM (0) comments

Death of the Internet

My neighbor up the road in Shallow Alto, Lawrence Lessig, is bemoaning the "death of the internet" because the US Federal Communications Commission is going to allow a greater concentration of media outlets by single companies - the same people who own the newspaper can also own the TV station. Larry's journey to the left has been accomplished at a shrill level, which this latest diatribe does nothing to alleviate. Larry, Larry, Larry - the mere fact that both you and I can write and publish on the same topic shows that not only is the internet alive and well, but social discourse is at a level never before achieved. Dr. Pangloss was right!

Posted 3:43 PM (0) comments

DIY Provisionware

An Introduction to Novell Nsure Secure Identity Management has just been published by Novell's AppNotes folks. Its based on the course "Secure Identity Management Overview" which you'll likely want to view after reading the article. Then you can go on to build your own eProvisioning solution. In your spare time. At home. With stuff that's just lying around the house.

Posted 2:54 PM (0) comments

Is Microsoft never right?

The New York Times, among others, reports on Microsoft's marketing campaign ("How Microsoft warded off rival") to ensure that it came out ahead in bidding wars with suppliers of Linux and other operating systems.

I'm sorry, but that's what capitalism is all about. And if governments and enterprises choose Microsoft over the seemingly strong combination of IBM & Linux (or Sun & Solaris, for that matter) well, that's what its all about!

Posted 8:34 AM (0) comments

Make every vote count

Sam Lubell has written a good, well-balanced article in the New York Times (and I do believe Lubell actually talks to the people he quotes!) about the pros and cons of electronic voting called To Register Doubts, Press Here. I covered this in "Vote for Technology" then followed up with quotes from readers last fall.

In a nutshell, the opponents of electronic voting are demanding backup paper systems as well as unprecedented testing which are not now nor have ever been required of any other balloting system. It appears the neo-luddites have found a cause!

Posted 12:17 PM (0) comments

BrainShare Goodies

The guys at Novell 's CoolSolutions have gathered together some of the best BrainShare 2003 Presentations and made them available to download. Go get 'em!

Posted 11:51 AM (0) comments

Spamalicious!

The Washington Post has published a fairly well done article on the problems of "Blacklists vs. Spam". Its a situation I looked at in "Spam, spam, spam, lovely spam" in Wired Windows last December as well as in "Spam rebel with a cause" in July of the previous year. Blacklists, often controlled by a single individual, are believed by most subscribers to scrupulously research any domain or ip address or range before blackisting them In fact, little or no research is done as these organizations rely on eager, enthusiastic, sometimes grudge-holding volunteers to do the leg work. Its getting out of hand. Defining spam, of course, is left entirely up to the individual running the blacklist. Its time, well past time, for regulation of the blacklisters.

The Post articvle, by the way, leads off with a story concerning the same IPP I was writing about in the July, 2001 column.

Posted 9:12 AM (0) comments

Neat Tool

Jonathan Rentzsch has created an auto-Google-cache 'bookmarklet' for
IE. It installs to the Links menu, and searches Google for the last
cached version of the page you are viewing, great for when a 404 pops
up.

Drag the link "Google Cache Lookup" to your "Links" toolbar in IE.....
THen you can launch from that toolbar, or by right-clicking anywhere
on a page. Neat stuff! Thanks to InfoWorld's Jon Udell for pointing it out