Posted 1:53 PM (0) comments

Snoopy Sears

World +dog seems to be cock-a-hoop over the new authentication that Sears has enabled, claiming OpenID is now accepted. Well, it is, but you'll only see it if you know it's there and go looking for it. First you'll be presented with a NASCAR box showing badges for Facebook, Yahoo, Google, Twitter, AOL and MySpace. Clicking on the [more] link gets you a choice of OpenID or Windows Live. But it isn't just authentication that Sears wants.

Click on the Facebook link, for example, and you see "Allowing Signin.mysears.com access will let it pull your profile information, photos, your friends' info, and other content that it requires to work."

Click on the Twitter link and get: "The application Signin.mysears.com by Sears would like the ability to access and update your data on Twitter."

Do I really want Sears to know who my friends are (and how to contact them)? Do I really want Sears to be able to update my Twitter data (whatever that is)?

Decidely and emphatically, NO!

Some may think this is a step forward for OpenID, but it's not. It's a step back for privacy.

Labels: openid, privacy, rant

Posted 11:35 AM (0) comments

Targeting targeted advertising

There's a strong movement afoot to set targeted advertising as the antithesis to privacy. See, for example, this sententious blathering from that normally reliable publication, The Register.

Advertising is what's paying for the internet. There are two types of advertising, targeted and non-targeted. Non-targeted ads means I have to wade through ads for feminine hygiene, pet flea collars, securities traders, mortgage lenders and dozens of others that I not only have no interest in, but will never have an interest in because I'm the wrong gender or don't have the item (pet, need to trade stock, re-financing quandary, etc.) that they are aiming for.

On the other hand, I am interested in travel, slow food, blues music, comfortable clothing, and other topics whose ads I'll gladly read and often click on. Occasionally I'll even make the purchase. I don't feel they intrude on my time (certainly not as much as PR types who call me early in the AM) nor do I feel that my "privacy" has been violated.

The article I pointed to above includes the usual diatribe about Google and Gmail: "Gmail scans your personal communication for keywords - there is no opt-out, and using a secure tunnel is no protection." But of course there's an opt-out: DON'T USE GMAIL! (and, I must ask, protection from what?) Use some other "free" service, or pay for one. Google has no obligation to provide you with free email, photoposting (Picassa), newspapers (Google News), telephone accessories (Google Voice) or any of the other ad-supported services from the Mountain View search giant.

I like my Gmail. If you don't, that's fine. Just leave me alone to enjoy it and I'll leave you alone to enjoy whichever mail service you choose.

Labels: privacy

Posted 3:39 PM (0) comments

Lookin' for a date honey?

Ever use an escort service in Vegas? Or think about it? Better read Matt Flynn's blog entry for today :)

Labels: security

Posted 10:23 AM (0) comments

Half empty?

Although the city of Bozeman, MT has now dropped it's requirement that job seekers, to be considered for a job, must provide login information and passwords for social network sites in which they participate, the story notes: "...the passwords already given by previous applicants will remain the confidential property of the City. "

Why?

They admit that it was poor policy to collect them. The ethical thing to do would be to immediately discard them - safely. Until you do that, Bozeman, you're still going to be at the top of the anti-privacy list.

Just one more reason to drop the use of passwords in favor of a biometric authentication. Even Bozeman, I'd hope, wouldn't ask you to leave your finger on file!

Labels: passwords, privacy, rant

Posted 10:12 AM (0) comments

Is "fact" analog or digital?

In a recent posting about Kim Cameron's latest effort ("Proposal for a Common Identity Framework"), Radovan Semancik picks a number of nits, including this:

"It also seems to assume a binary view of trust: something is either "in doubt" (in claims) or becomes a "fact". I consider this binary view to be one of the worst fallacies of most current identity architectures and systems."

Now it could be that he means there's actually 3 possibilities: "in doubt", "fact" or "false." But, somehow, I get the sense that he refers to some analog function of factuality which I simply cannot fathom. He later adds: "No information is absolutely reliable and all the information (at least in cyberspace) is subjective," which appears to be positively Luddite in finding cyberspace to be somehow less reliable than, say, print media.

In any event, Cameron's latest effort, the 30-page (sometimes dense reading) paper written in conjunction with Dr. Kai Rannenberg (who holds the T-Mobile Chair for Mobile Business and Multilateral Security at Goethe University Frankfurt) and Dr. Reinhard Posch (Federal CIO for the Austrian government) deserves your attention. Read it this weekend.

Labels: metasystem

Posted 9:39 AM (0) comments

verification: All a Twitter

Twitter news is usually well below my radar, but today's post on the Twitter Blog does deserve some comment.

It seems that Twitter will be rolling out a "verification service" this summer as a way to combat celebrity (and other) impersonators. Why the impersonations should be a problem (since most that I've heard of are patently obvious fakes), I don't know. Except, of course, that Twitter could be sued (and has been) for allowing them.

While the verification service is being rolled out, Twitter advises: "Another way to determine authenticity is to check the official web site of the person for a link back to their Twitter account." That's provided, of course, that the "official" web site has been properly verified!

Not everyone will get the "Verified by Twitter" mark, though, as "...due to the resources required, verification will begin only with a small set." But we are assured that "The experiment will begin with public officials, public agencies, famous artists, athletes, and other well known individuals at risk of impersonation." I'll be waiting for my invitation...

Labels: humor, reputation, social networks, verification

Posted 10:41 AM (0) comments

Pre-selecting (is that like pre-boarding?)

Labels: cardspace, ICF, infocards, openid