• Welcome to the Internet Infidels Discussion Board.

Hackers speed need for password-free world

 
 
 
ksen

ksen

Contributor
Joined
Jun 10, 2005
Messages
6,540
Location
Florida
Basic Beliefs
Calvinist
http://www.politico.com/story/2014/08/password-hack-web-security-109774.html

NSTIC envisions a future where users can prove their names, ages, Social Security numbers, military service — or any relevant personally identifiable information — through third-party online “identity providers” the identity PayPals of the post-password world.

Users already have basic versions of such services. Every time a website allows you to log in using your Facebook or Twitter account, that social media provider issues a digital credential to the website to validate your identity.

Future versions of these services could use fingerprint swipes, voice or facial recognition, digital certificates stored securely in mobile phones or any number of methods instead of passwords.

Currently, the poor security that passwords provide also limits the scope of services that can be offered online. Government scientists can trot out a long list of possible future identity ecosystem uses, including paying taxes from your smartphone and enrolling in government benefits from your living room.

Under such a password-free system, some critics imagine an Orwellian world in which omniscient identity providers track users’ every move online, eager to transmit the information to federal agencies.

In fact, the opposite of that dystopian prediction is true, supporters of a password-free world say: They argue an identity ecosystem will create a more private Web. For one thing, the number of user accounts each person creates would decrease.
Click to expand...

Looks like we're headed to a password free world. I'd like to think the proponents are right about this leading to a more private web but knowing what I know about how the "free market" operates I have a hard time believing companies that are happily gobbling up our private information would willingly give up their access to that information.
 
In fact, the opposite of that dystopian prediction is true, supporters of a password-free world say: They argue an identity ecosystem will create a more private Web. For one thing, the number of user accounts each person creates would decrease.
Click to expand...

Who in the hell thinks that decreasing the number of user accounts would lead to a more private web? That requires putting on some pretty big blinders. Having accounts scattered all over the place for different services means that no one place has access to all of your private life. Whereas having just a single account which you then use to verify your identity for everything else means that now: 1) at least one organization has pretty much your entire private life on file; 2) every other organization/service that uses this account to verify your identity can indeed now link at least part of your online activity to an actual real-world person whereas before they'd just know that Jims903882091 with password 328973298 logged into their server (yes, they could trace the IP and go to a lot of trouble to try and link that to a real person, but that's quite different from their system just showing that Jim Seville of Blahblahstreet 14, Blahtown just swiped his fingerprint across a scanner) and 3) if the identity server ever gets hacked, a LOT of people are going to be thoroughly *fucked*.

It's a choice between showing a little bit of your private life (which you can easily lie about anyway) to a lot of people; versus showing everything about your private life to a single person (which you *can't* lie about) who hasn't proven they can be trusted with your privacy.

edit: given Paypal's incredibly poor track-record when it comes to (among other things) getting people to identify themselves, the irony of referring to these third-party 'identity providers' as the paypals of the post-passwod world is not lost on me.
 
You must log in or register to reply here.
Back
Top Bottom