[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ::scr tales from the crypto
Those of you for whom this is the second time - sorry about this, folks -
my brane really *is* hurting today.
Owwwwwwwwww. My brane hertz. And my eyes, arms and legs.
on 21/4/02 10:29 am, Simon Wistow at simon@xxxxxxxxxxxxxx wrote:
> On Fri, Apr 19, 2002 at 10:39:46AM -0700, matt jones said:
>> For instance, I've read that one of the main problems with crypto in
>> general is that the concepts of how it works can be tricky to grok. I
>> admit that my grasp of how the key-based system used by P?GPG? actually
>> works is shaky at best
> However it is probably worth explaining especially if we're going to be
> having a discussion on this.
[ snip clearest explanation I've had of how public/private keys work ]
That was an "ahhhhhhhhhh!" moment for me </TMWRNJ>. I get it now.
> Recently I stumbled across this gem.
"He put faith in things like "single sign-on" and directory services"
Ah, I *knew* there was a starting topic I'd forgotten by the end of the
last post: Identity Theft.
Given that a *lot* of people seem to be touting single sign-on services as
the Way of the Future, what with passport and non-MS equivalents, do you
think that this will lead to a greivous rise in Identity theft? After all,
with a single username and password giving you access to your
subscriptions, your shopping, your finances (both credit cards and bak
accounts), email and other communications, it'll be easier than ever for a
cracker to *completely* fleece you rotten.
In short, is single sign-on *really* a good idea? Are we about to see a
golden age for identity theft and online fraud? Give Microsoft's typical
approach to security and the way they're pushing passport as *the* single
sign-on service, are we going to see huge arrays of personal data
regularly compromised by hordes of skr1p7 k1dd13 bugtraq babies? Are we
about to usher in a cracker's golden age and a privacy dark age? And let's
not forget that it's not just script kiddies who might have an interest in
viewing and tracking all your personal data. Consider: which group have
done the most damage to online privacy and the integrity and protection of
personal data? Is it script kiddies, the gubbermint, or business both on-
Who *really* benefits from single sign on? Surely it's juts a way for you
to make ridiculous and unecessary purchases off amazon and ebay when
our conviction is like an arrow already in flight.
your life will only last until it reaches you