Forgot your password?
typodupeerror
Programming IT Technology

Passport vs. Plan 9 339

Posted by michael
from the deus-ex-xml dept.
netphilter writes "LinuxWorld is carrying an article about how Apache and Plan 9 are going to defeat Microsoft's Passport. I hate Passport's integration with XP (although that might be because I hate XP). An Open Source single-sign on would be a real blessing. Will we ever get a good single sign-on solution?"
This discussion has been archived. No new comments can be posted.

Passport vs. Plan 9

Comments Filter:
  • Security (Score:2, Interesting)

    by skubalon (579506)
    Do we really want a single sign on?
    • Re:Security (Score:4, Insightful)

      by RailGunner (554645) on Friday September 20, 2002 @11:09AM (#4297587) Journal
      I was going to ask the same question. Having a single sign on means that security has a single point of failure. Is this what consumers really want? Why is the Open Source community playing "catch-up" to Microsoft when I know we can come up with a better way to do it...

      • How about reversing the idea to some extent? For instance, all of the important information is now stored on your computer (If your running windows, I can understand your uneasiness about this), along with a serial # of some type. Now, the sign on server out in the middle of nowhere has your serial #, and just verifies that your serial # is valid for your computer. So, when you go to buy something, etc, your browser says 'Do you want me to put your info in here?' and you click 'Hell yeah', and it sends that info. Now the server on the other side checks your serial # with the sign on server. Viola.

        I know this type of system would need some serious refining to work. And theirs probably lots of problems associated with making this way work. But then again, isn't the same true about the current system they are pushing?

        I personally don't want to see any type of centralization, I just thought this idea sounded more fun. :-D
    • Re:Security (Score:2, Interesting)

      by Anonymous Coward
      WHo wants singles singn on? I don't. I quite enjoy making up false marketing info whenever I sign up for anything. A single sign-on system, whether an open project or otherwise, still has the possibility of removing anonymity and privacy.
    • Re:Security (Score:2, Informative)

      by broody (171983)
      I want Java Card [sun.com] support everywhere coupled with a single PIN.
    • Re:Security (Score:2, Insightful)

      by Bangback (471080)
      I think everyone is missing the point.

      Single signon allows you to use hard tokens (either the changing number kind, smartcards, etc.). No one site can afford them for their own use (though Bank of America uses them for medium-sized businesses) but they're quite affordable if everyone shares. Most people don't want 20-30 smartcards anyway.

      The cry of single point of failure is really a desire for security through obscurity. Most people I know have a text file with tens to hundreds of passwords (I have 25 or so for work and about 150 for home). They don't change them on a regular basis. (I'm forced to change mine every 60 days -- another reason for the text file) Where's the security?

      If I had one password accompanied by a hard token I'd have it memorized and you'd have to mug me to get the token. A single system also allows proper redundancy, security monitoring, etc. You can also have multiple passwords if desired/required -- what's important is that the same security infrastructure is utilized for compatibility (token type, etc.). Just because Microsoft's passport is awful, doesn't mean the SSO concept isn't sound.
  • by dirvish (574948) <dirvish@nOSPAm.foundnews.com> on Friday September 20, 2002 @11:07AM (#4297569) Homepage Journal
    The question should be: Do we really want a single sign in solution? I don't like passport, or its integration into XP and I probably won't like a Linux version. Single sign in sounds terribly insecure. I suppose the Linux version might be more secure since as Microsoft says, their products aren't made for security.
  • Thank god (Score:5, Funny)

    by Anixamander (448308) on Friday September 20, 2002 @11:07AM (#4297570) Journal
    Here I was worried that a company with billions of dollars would be able to dominate the market with their single sign on technology, but apparently some technology I have never heard of that is named after an Ed Wood movie will defeat it.

    Can we mod the article -1, Presumputous?
    • by 0x0d0a (568518)
      Haven't seen the movie. Plan 9 has been around for some time -- big AT&T research project into distributed systems.

      I believe there was also a Plan 9 video game -- based on the movie, not the operating system.
    • by richieb (3277) <richieb&gmail,com> on Friday September 20, 2002 @01:17PM (#4298746) Homepage Journal
      ... but apparently some technology I have never heard of that is named after an Ed Wood movie will defeat it.

      Apparently the guys that named this technology have a record for coming up with silly names. Just imagine they named their first project "UNIX". That project also faded into obsurity. Didn't it?

    • Re:Thank god (Score:4, Informative)

      by KewlPC (245768) on Friday September 20, 2002 @03:51PM (#4299827) Homepage Journal
      Plan 9 is an operating system.

      To say that you've never heard of it, and because of that it is therefore worthless, is awfully presumptuous.

      You can get Plan 9 from CheapBytes.

      It was supposed to be the next evolution of UNIX, even created by the guys who came up with UNIX in the first place. But UNIX was too popular, and Plan 9 never really caught on.

      But this article seems a bit outdated, or maybe the author has been living in the stone age. Solaris 2.9? 3.0? Unless I'm gravely mistaken, we're at Solaris 9 right now, and I don't see a lot of shops running Plan 9.
  • by discogravy (455376) on Friday September 20, 2002 @11:07AM (#4297573) Homepage
    but isn't the biggest thing against single-sign-on the fact that there's a single point of failure? why would open source change that?
    • by Anonymous Coward on Friday September 20, 2002 @11:16AM (#4297641)
      I certainly don't want a single sign on. Yes, it's a single point of failure. But it's more than that. It's one-stop shopping for anybody who wants to intrude into your life or totally violate your privacy. I don't like passport. I won't like any other system of the same ilk.

      I keep differnt account names on different systems. I use multiple passwords that follow rules for mixing case, special chars, and numerics. I never have any programs remember my passwords. It's a hassle to keep up with but I feel a bit more like no one is watching all of what I do.

      Am I a paranoid tin-foil hat type? No, I'm an honest up-standing citizen type. I don't think I want to give the keys to my life to anyone, though. I don't want some a hacker breaking in and messing up my life. Nor do I want to be perfectly profiled by a bunch of marketing droids.

      Single sign on is great - for a single system. I do not want and will not use single sign on for the internet.
      • Well, that's nice and all, but you're already being tracked with credit cards, your utility bills, and just about everything else you do in real life. If you want to be completely "in control of your information", might I suggest living in a cabin in the woods somewhere with no utilities where you grow your own food? That's about the only way you can be even remotely "private".

        I think that average people know that, and that's why the privacy paranoia is only among geeks. They can't see past their monitors to realize that complete and total privacy doesn't exist any more.

        And beyond that, does it really matter if somebody knows what kind of toilet paper you buy? Does it matter if somebody has your name and telephone number? Unless you're somebody really, really important, you're really just talking through your tinfoil hat. Average Joe user doesn't care (and sure as hell doesn't read Slashdot).
        • by Zathrus (232140) on Friday September 20, 2002 @12:25PM (#4298278) Homepage
          I suggest living in a cabin in the woods somewhere with no utilities where you grow your own food? That's about the only way you can be even remotely "private"

          And even then, They know where you are. Because there's a land deed somewhere with your name on it and you aren't showing up in any of Their databases as consuming goods, so the cabin is the only place you could be!

          And while in the big picture you're correct, it doesn't matter unless you're important, the reality is that there is stuff I don't want getting out willy nilly. Does it matter if someone has my name and telephone number? Only if they're a telemarketer. What about medical records? Should your employer be able to access them and let you go if they believe you're too high a cost? Do you want your neighbors or coworkers knowing how much you make?

          I don't really have an issue with a centralized database of this stuff, simply because I think it'll be a wash if done properly. No, I don't think we'll have an infallible system, but the current system isn't infallible either. And right now most of the data people worry about is already available - go pull your credit report at Equifax, Experian, or TransUnion. You may be amazed at just what they know about you, at least within the last 10 years of your life. And that data is nowhere near as secure as you think it is.

          And the issue about companies selling your information is a red herring. It's already done, it's regulated, and it works fine most of the time. See above for the names of the companies doing this as their main profit center for 50 years now.

          Design a good secure system with limitations on who can access what data and you're already ahead of the game. I know with absolute certainty that it's better than what we have now.
    • by Pauly (382) on Friday September 20, 2002 @11:34AM (#4297781)
      but isn't the biggest thing against single-sign-on the fact that there's a single point of failure? why would open source change that?

      In a word: No.

      For one, this doesn't need to be implemented as a single point, physically. By your faulty assertion, DNS can be considered a "single point of failure" , and while DNS is decidedly vulernable, the internet somehow manages to have worked well for a while now. ;)

      If it were me, I'd look at the architecture of DNS and copy the strengths of its distributed design. Then again, DNS is borne of scientists aiming for an open internet, not corporations looking to lock it down.

    • If I understood the article correctly, Factorium is a way of handling a single sign on in a more distributed way, possibly sharing the signon database and cryptographic information between machines.

      So in theory we could have a single sign on and multiple points of failure.

      That being said, there wasn't enough detail in the article for me to know for sure.

      I would say a single sign-on is fine for reading articles in the NYT and Wall Street Journal while having only one login, but I feel genuinely uncomfortable about using it for financial information, and extremely uncomfortable about giving it to Microsoft.

      I think a lot of people feel the same way, and that's a major reason why Passport failed. Microsoft was unable to sign up any banks or credit card companies for its service, because they didn't want MS's greedy fingers in their customer databases. The mass of everyday consumers may not be sophisticated enough to distrust Microsoft, but banks are not in that position.

      D
    • It makes you wonder why sometimes -- at least in this case -- a low-tech solution might not be the better alternative.

      I mean, cripes, just remember your passwords.

      And if you can't do it, try harder.

      Simple.
    • Agree.

      According to the Passport Single Signon Protocol described in the article, it's probably much easier to break than what executives are made to believe.

      The user has to be authenticated only once, and an authenticated cookie is issued, then the user is automatically authenticated to all Passport partner sites. A hijacked cookie will break the whole thing.

      Attack by hijacking cookies is well known, I really don't understand why people can still buy into this kind of scheme, especially those make decision to adopt it.

  • NDS (Score:2, Interesting)

    by Mournblade (72705)
    "Will we ever get a good single sign-on solution?"

    What about NDS/Single Sign On from Novell? I haven't looked at it in a while, but last I checked, it ran on most server operating systems (including Linux), makes administration a *lot* easier, and is pretty secure. What's not to like? (besides the fact that it's not opensource/freesoftware) I guess I shouldn't be surprised, since Novell's marketing sucks. They have great technology, but have had a lot of trouble turning that into products.
  • "I hate Passport's integration with XP (although that might be because I hate XP)."
    Good to see people forming opinions based on facts and information rather then knee jerk reactionism.

    Oh wait.....

  • by atrowe (209484) on Friday September 20, 2002 @11:11AM (#4297610)
    It seems to me that Microsoft's Passport authentication is a bad idea in the first place, and the free software community should look toward more intelligent alternatives rather than try and emulate Passport's functionality.

    Not only does Passport go against the KISS philosophy embraced by many Unix and Linux developers, but the potential for security breaches is only magnified when a single universal authentication system is developed. It seems to me we'd be better off leaving authentication procedures up to the individual site owner rather than having a universal authentication protocol built-into Apache. This would also be a more practical solution as a single authentication system cannot be tailored to fit all sites. I sure don't want to trust all of my on-line bank transactions to something like Passport, so the need exists for highly encrypted ultra-secure authentication on some sites, while other less secure sites like Slashdot which transmit passwords across the 'net in plain text could probably get by with using a much more basic authentication system.

    • I'll agree with the security criticism, but how does Passport violate KISS? It does simplify things on the user side of things.

      And if you think Unix/Linux devs "embrace" KISS, just try browsing Sourceforge a little... most of the programs are anything but user friendly.
  • Catchy Quote (Score:2, Interesting)

    by QEDog (610238)
    "Money and social skills define the in-crowd, and only nerds kvetch about the importance of better technology."

    Someone should come up with a catchy quote against that.

  • Having 3 plans instead of one defeats the whole purpose of SINGLE sign on.
    What we should have, as with any other Internet succesfull strategy is a single standard and competing implementations. That way we are insured to have compatibility and the added benefit of market competition.

    • But what do we do when a fundamental flaw is found in the one single standard? Then EVERYONE is fucked.
    • Yeah, really! Having a zillion different Grand Unified Logon services is totally going to make them worthless.

      I mean, look at how many different 'Adult Verification Service' (AVS) accounts you need, just to visit more than one or two porn sites! AdultLogin, AgeTicket, AdultCheck, SexSentry, and so on and so on and so on.

      Not that I would need any of those...

  • Will we ever get a good single sign-on solution?

    How about username and password over SSL?
  • by Christopher Thomas (11717) on Friday September 20, 2002 @11:14AM (#4297631)
    Will we ever get a good single sign-on solution?

    Yes; several of them.

    Wait a minute...
  • by autopr0n (534291)
    As a group, the so-called "mainstream press" often appears to favor Microsoft and show an appalling lack of technical depth in its enthusiastic repetition of the latest Microsoft press release. There's been a lot of speculation on why this is and whether it even happens. So far, no definitive research provides answers one way or the other.

    Hrm, is this guy trying to be funny, or is actualy that dry?
  • by pretzel_logic (576231) <andy@shook.gmail@com> on Friday September 20, 2002 @11:16AM (#4297643)
    An open source sign on would have to store passwords and usernames in a database. Where would this data be stored, who would maintain it and whos going to pay for the upkeep. Single Sign in is really just away to capture all the data a site needs in order to sort and display ads that might interest the user. Sometimes its really cool to have personalized web experiences but where do we draw the line. When passport came out I remember saying, "Ill never use that" But as larger sites incorporated it in I found it to be useful. I think that SUN will have the answer with their new N1 plans.
  • Question.... (Score:2, Interesting)

    by DarkWarriorSS (518859)
    I've seen alot about single sign on with Windows. I have liked the stuff that Novell has put in. I do like some parts, and I don't like other parts. I don't like Passport, only because then it give M$ access to all my personal information(which I wouldn't doubt they already...). But, I've seen a lot about the windows front, and MONO and other projects for GNU/Linux And/or Open Source in general. But... Has anything been done to try and combine the two where you have a single sign on for both *nix and Windows, where you can have the same favorites, address book, etc?? This is what I would like to see happen, as I use GNU/Linux (gentoo/slack) at my house, in my room, but Windows at my church/family computer/ and school. I would like to have it where I could get the same stuff on all of these machines, but I haven't seen anything about combining the two of them yet. Does anyone know if there is such a project going on??

  • My plan... (Score:5, Funny)

    by T3kno (51315) on Friday September 20, 2002 @11:19AM (#4297665) Homepage
    Plan 10: Blank Passwords.

    Why Plan 10? Heres why...

    1) No one cares about me
    2) Steal my credit cards they're maxed out anyways
    3) I probably wouldn't mind if you changed my investments you probably would make more money that I do in the stock market
    4) All of my email is mailing lists and spam, I have no friends
    5) You could probably accumulate more karma on /. that I can
    6) Sneak preview of my bank account $0.02 (which I'm giving away here right now)
    7) My social security number has been reused more times than the sayings "going forward" and "at the end of the day" combined
    8) All passwords are hackable by the NSA anyways
    9) At some point all information will be decrypted
    10) You can have my body, but you cant take my mind
    • This comment is definitely humourous, but doesn't it perfectly illustrate one of today's biggest hinderances to information security implementation? "Who would target me, and why should i care anyway? I have nothing to hide."
  • is a great idea. It means you have one name and one password and you don't have to bother remembering different log-ons for every different website and computer you use. However, it does provide one big problem. Someone who is trying to crack you now only has to figure out one name and password to have everything.
    currently I have seperate password for online banking and my credit card and my computer and a random ftp server. If I have a single log-on someone who cracks the ftp server now has access to my bank account and credit card. Joy!
  • no matter who does it, I didnt like passport because I dont want one group/entity holding my data, not because it was Microsoft. That still hasnt changed
  • by kfg (145172) on Friday September 20, 2002 @11:21AM (#4297681)
    I too will question the very advisability of single sign on. There are good reasons I keep multiple banking, credit card and merchant accounts. I specifically * don't want* one single authority to be tracking my every move. I * don't want* all my finacial and personal assets and records piled up in one location. I keep a *diversified* portfolio.

    What good is having your system backed up on removable media if your house burns down and * you don't have a copy off site?*

    When Egghead was hacked I knew for a fact that I had to be concerned about *one* of my credit card accounts. I could watch that *one* like a hawk and the risk didn't steamroll through my whole life. The argument is, of course, that there is less risk with a well protected central account, but that account is an all or nothing sort of deal. You're either safe, or you lose everything.

    I'll take the slightly greater overall risk at sustaining *some* sort of loss against the lower risk of complete and total devestation.

    Do you have sort of financial insurance? Say on your car? Exact same deal. You "lose" your insurance payment against the protection from greater potential loss.

    Obviously others disagree but I think that single access is just plain dumb, and all to save you a rather miniscule risk to save a few minutes of typing a year.

    KFG
    • "Single sign-on" does not mean you have to trust some third party with all your records, or that you cannot have a fallback.

      To solve the first, keep your authentication cookies on your machine (or other secure hardware local to your person). Just pick a single sign-on solution that allows you to use that. You only need to worry about making it secure from interlopers.

      To solve the second, your bank/insurance company/email provider/etc can reissue you an authentication cookie once you prove to them through some other trusted mechanism (say, showing up in person, or answering hard-to-research personal questions over the phone).

      ("Authentication cookie" could be a password, asymmetric key pair, or whatever.)
    • The solution is simple: if they want to store your credit card information, buy from someone else.
    • I too will question the very advisability of single sign on. There are good reasons I keep multiple banking, credit card and merchant accounts. I specifically * don't want* one single authority to be tracking my every move. I * don't want* all my finacial and personal assets and records piled up in one location.

      Well, fortunately for you, there isn't one single authority tracking your every move.

      There's four.

      Equifax [equifax.com].
      Experian [experian.com].
      Trans Union [transunion.com].
      IRS [irs.gov].

      Oh, and if you live outside the US, trust me, the same info is available. Just change the last one to the appropriate regional authority, and maybe change one or two of the first three names to someone else.

      Obviously others disagree but I think that single access is just plain dumb

      Well, oddly, the entities listed above disagree. They very much prefer to track you by a single method of access [ssa.gov].

      And just how secure do you think that is?

      The argument is, of course, that there is less risk with a well protected central account, but that account is an all or nothing sort of deal

      As it is with the current system. And the current system has essentially no safe guards. Once I have the magic number I can get every other account number you have. And through the wonders of Automated Clearing House and Electronic Funds Transfer I don't need any other information to get every penny out of the accounts. Nifty, huh?

      The only thing protecting you from having this happen is that nobody gives a crap about you. Which is pretty much the same thing that will protect you in any future system.
    • When Egghead was hacked I knew for a fact that I had to be concerned about *one* of my credit card accounts. I could watch that *one* like a hawk and the risk didn't steamroll through my whole life.

      We're geeks. We're lazy. I hated reconciling (balancing) my checkbook and visa. So I didn't do it. Then I spent the best $30 I ever spent. I bought something called "pocketmoney" for my palm pilot.

      I have control of my accounts now. I cought immediatly when my credit card number was stolen last year.

      I can't recommend enough investing the time to reconcile things. No computer can replace your own diligence in these security and financial matters.

    • Well, let's think about this. I actually think that the security is far more complicated than you make it out to be.

      I have multiple banking, credit card and merchant accounts. I also have a whole lot of worthless accounts with places like slashdot.org, nytimes.com and so forth. It's these worthless accounts that I think are good solutions for single-signon passport type accounts. In fact this is pretty much what MS has done throughout their support websites.

      As far as having multiple authorities being safer than a single one. Somewhat true, as long as you are using completely different usernames and passwords for each one of those authorities. Oh yeah, and don't write them down because that puts you at risk.

      As far as credit cards, there are three well known authorities that track all of your purchases. They are named MasterCard, Visa and Discover... oh yeah and AmEx. AmEx even sends you a statement at the end of the year telling you everthing you bought.

      But now how many different credit cards do you have? Hopefully you are using a different card for each merchant account you signed up for, otherwise once again you increase your risk because unfortunately these web merchants save the damn credit cards in their databases. For your convenience, of course... (weird how brick and mortar stores never do this, and it's also no coincidence they don't lose lists of thousands of valid credit card numbers either... hmm) So now we've established you've been spreading your credit card number around to dozens of websites, each one with probably questionable security.

      I don't know what the answer is. I only believe Passport is a good idea for all of my less important accounts, for right now. But I also worry about my more important accounts, and I really worry about Amazon.com storing my credit card number for my convenience. It is a complicated thing, and I don't agree that saying a single signon system is dumb, because it ignores the fact that the status-quo, the way things are today is also very incredibly dumb.

      We do need something better, but I'm not sure what that will be. I had some hopes of AmEx's smart card system, but they never really got that working.
  • by af_robot (553885) on Friday September 20, 2002 @11:21AM (#4297683)
    Will we ever get a good single sign-on solution?

    Yeap. This is really easy.
    all you need is just enter "linux single" during lilo startup.
  • Why? (Score:2, Redundant)

    by sdjunky (586961)
    Why do we need a single signon? This is so unsecure as to not be funny.

    E.g. a wife figures out the password to a husbands email account. Now she can

    Read his bank account information
    Read all of his other emails
    Peruse his wishlist on enterbookstore.com here
    etc.

    Sure... most people use the same password for everything so it's a moot point but it still bothers me

    • "Sure... most people use the same password for everything so it's a moot point but it still bothers me"

      I used to have 1 password for everything. But no longer. I started using a great FREE little app:

      http://www.roboform.com/

      No Spyware, No Adware, lets me create/use unique login/passes, fills in all my info on websites, and has a "single login" to unlock the program.

      This, IMHO, is as close to a common login as we should get.

      But it still has a single point of failure, namely the login to the app. But if you don't use the "launch on windows startup" she'll never know to lauch the app BEFORE surfing....Shit, now she does...uhhh honey? Asiababe is an old friend...really!

      - Yo Grark

      Candian Bred with American Buttering
      • by Ctrl-Z (28806)

        You know, Mozilla [mozilla.org] has this nice built in password manager which can store account information for you. You can also set it up so that you need to enter a password before you can access the whole mother lode of them.

        This is pretty much the same thing as you are describing, but you don't need to install yet another app to use it.
        • Yup, but in the corporate world, Mozilla isn't compatible with internal developed apps. I LOVED mozilla, but when push came to shove I couldn't use it at work where I spend most of my time on the PC. :( -YG
  • I don't think that we'll ever get a single sign-on solution. Corporations always want to have there own registration forms.

    There's no doubt that Passport failed for that and so did Sun.

    Sorry but it just won't work. I wish it would but it just wouldn't.
  • by 2Bits (167227) on Friday September 20, 2002 @11:36AM (#4297794)
    Kludges like NIS+ and FNS could be made to work for as long as the sysadmins wore their lucky underwear,...

    Good journalist will provide resource links to where one can buy lucky underwear.

    Please reply if you know of any, please...

  • Oh yeah (Score:2, Insightful)

    by The Bungi (221687)
    I'm really looking forward to this type of technology [bell-labs.com]

    <snicker/>

    And why, oh why must every "open source/free software columnist" being their articles with a potshot to Microsoft as a way to justify Linux's existence? Must they always do that? How about letting the technology stand by itself?

  • It's not like apache and plan9 are looking to make it mandatory. They just want the option available for those instances when it is a useful addition. Like ChiliASP and Tomcat, if you don't need what it provides, just don't add it to your server install. But definately do not gripe that they should do it at all. Such griping is shortsighted and pointless.

    Nonrepudiation and psuedonymic technologies will /have/ to emerge if we want to see real commerce online, while I don't approve of MS having control of that technology, I recognize that MS is in some sense right...for some transactions to occur, nonrepudiation is a must.

    The more people who are willing to act as trust servers in that sense, the better. Right now we have MS Hailstorm, XNS and OneName, Sun and the Liberty Alliance, and I see no reason not to add another to the mix, so long as we are moving toward standardization where players can compete on implementation of the standard.
  • by plcurechax (247883) on Friday September 20, 2002 @11:42AM (#4297839) Homepage
    Single Sign On (SSO) works within a limited realm under the same control, such as within the scope of a government agency, a corporation, or a school. These bodies already exist deal with issues of various policies including privacy policies within the scope of the "realm" (i.e. the laws of the nations a multinational corporation is functioning within).

    Universial SSO, such as this plan and Passport, breaks that and cannot be consistant since different companies want different privacy policies, are governed by different government legistation, yet are suppose to "control" and use the same information (the online identity credientials).

    So the goal of only needing one online identity, whether a username/password, or a PIN and smartcard, within a given controlled realm such as your university does make sense. This is possible through sensible use of existing services like directory services and secure network authentication. The use of directory services such as X.400, RADIUS, and more recently LDAP (and LDAP perversions like Active Directory) can help towards this. As well as secure network authentication like Kerberos [mit.edu].

    Universial SSO does not make sense, because of the shift of power and control is not carefully thought out in the contexts of legal issues (privacy, evidence, children online protection), contractual issues, limited and total revocation, ownership, and other issues.

    Universial identities for an unlimited number of purposes does not make sense, it is a nightmare of management logistics, a total lack of correctness, legal quandary, and telemarketing hell.
  • ... and just read pages 1 and 5. The middle is composed of a longish explanation and history of markup languages and a basic primer on public key encryption. Most /.-type tech-saavy people will already know enough about these topics and the details provided really aren't important to the focus of the article.

  • by Kaz Riprock (590115) on Friday September 20, 2002 @11:49AM (#4297893)
    This day will come. But it will be at the time when we implant chips which contain the code for the single-sign-on. You will wave your hand over a pad and everything will come to life as you need it.

    This will also be The Day for Increased Finger Theft.

  • by mcrbids (148650) on Friday September 20, 2002 @11:52AM (#4297918) Journal
    It's a common misunderstanding what "single signon" actually means. Even in this article that doesn't cover Passport in detail, when indicating the passport authentication process, look at step 3:

    #3 Which redirects it back to its authorized Passport server

    Notice that it's not "the" passport server, it's "its authorized...". The passport server may or may not be at Microsoft!

    I'm busy setting up an LDAP server to allow a rapidly growing (and I do mean RAPIDLY growing, 4x growth in the last year) ISP to scale. We need to allow for future virtual servers, FTP, email, etc. and do so with a single authentication scheme.

    LDAP does all this, and more, in a distributed, secure and encrypted fashion. Why are we bothering with HTTP "web services", when LDAP will do all this and lots more?

    (Scratches head)

    "Single Signon" doesn't mean there's some Microsoft server someplace the whole world logs in to, it means there's ONE server provided by somebody you trust, that authenticates you as YOU and which manages information on your behalf to determine what you should be granted/denied access to. You sign in once, and have immediate access to all the services you have set up.

    There can be any number of authentication servers!

    Passport, Plan 9, Kerberos, LDAP, and to a lesser extent, NIS and a few others give that ability!
    • "Single Signon" doesn't mean there's some Microsoft server someplace the whole world logs in to, it means there's ONE server provided by somebody you trust, that authenticates you as YOU and which manages information on your behalf to determine what you should be granted/denied access to. You sign in once, and have immediate access to all the services you have set up.


      Actually no, it doesn't. Single sign-on means you only sign-on on once to access a variety of distinct systems. What you describe is one way to do that.

      Kerberos is another, you obtain a token from a server, and present that token to each service provider. They examine that, decide whether they trust it, and then decide what services to offer you.

      Another solution would be a network of service providers who all trust each other. You log into one of those, using it's own authentication scheme. If you want to visit another site in the same group, you hit a special link which directs you there along with an ID, the second service provider then implicitly trusts that and skips it's own authentication.

      Yet another solution is one where you have normal accounts with different id's and passwords at different sites, but one agent (could be local, could be remote) holds all those, and doles them out in the background as you surf around.

      There are plenty more :)
  • I agree with the insecurity thing of single point of failure. But I personally think the issue at hand is much greater here: the fact that one single entity (company) has the power to sign you on to anything on earth from Subway cars (a-la retina scan in Minority Report) to your home computer just rings the bells of fascism to me.

    The saying goes: deviate and inch, and lose a thousand miles. If we let this kind of centralization intrude our lives now (early on, while we still have some say over it), we eventually might never be able to break loose of it.

    But that's just me.
  • by Drakonian (518722) on Friday September 20, 2002 @12:04PM (#4298050) Homepage
    Remove Windows Messenger by running this command:

    Start/Run/RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove

    This worked for me. It finally stopped telling me to register my .NET Passport, and doesn't run Messenger all the time.

    Here is a site with more info: http://www.kellys-korner-xp.com/xp_messenger.htm [kellys-korner-xp.com]

    PS: Am I violating the DMCA by posting this? Well I'm not an American citizen, but if I was?

  • by zerofoo (262795) on Friday September 20, 2002 @12:06PM (#4298064)
    right about the same time when Linux gets a single unified desktop/window manager.

    -ted
  • I would consider a single login system if I could physically hold the key in my hand instead of storing it on some ubersever in some datacenter ill never see.. maybe a pda type thing with a bluetooth adapter you could use to login to the bank terminal, mail account, etc
  • Structured Markup (Score:2, Informative)

    by kalidasa (577403)

    On the editorial (or printing) side, SGML got its start the day after Gutenberg's invention of movable type made it necessary to formalize editorial instructions to typesetters. From this perspective, SGML's tags were instructional in nature, as in "start using 42 lines per page here".

    The author of this sentence should not be allowed to write on the subject of structured markup. SGML has NOTHING to do with "start using 42 lines per page here." It is NOT a typesetting language; TeX is. SGML is a language that makes it possible to represent the semantic structure of a document (rather like sentence diagramming, only on a document scale), not the appearance of a document.

    The rest of the discussion of SGML is equally illinformed. Imagine if someone posted an article that described Apache as a method of implementing SSL on a web server. That's how bad his understanding of SGML is.

  • Repeat as many times as possible how much you hate Microsoft and it's products, even if it's not really relevant to the topic (how does hating XP matter here?)
    Slashdot (whether you like it or not) is a semi-commercial enterprise, hence it should (theoretically) try to reach as wide an audience as possible. But it's truly amazing how it keeps shooting itself into foot by posting such inane stuff (here's a newsflash for you: geek's definition is not 'someone who hates Microsoft', there are many geeks who have a positive or at least neutral attitude towards this company), and thus alienating sensible people.
    Yes, I know that this emotional bashing is probably very appealing to Slashdot's younger readers. I used to be like that. But you know what, once you've worked in the industry for a while, your attitude becomes much calmer and more reasonable.
    And who does actually have the purchasing power really keep Slashdot alive by subscriptions or buying goods from sponsoring companies? Not your teenage MS-basher.

    Disclaimer: This was not intended as a flame, just a thought on how Slashdot could ease its financial problems.
  • What we do need is some consitency between the information sites ask for. If sites were consistent about asking for, say, a 10 character mixed case username, a 10 character mixed case alphanumeric password, a 6 digit numeric passcode or whatever (the numbers are arbitary & not intended to represent any ideal of security) then it would be easy to just have a few passwords etc. which are used for different trust levels.

    I guess most people do this already, but I'm always getting thrown by being asked for subtle variants of this information. Now if the sites were kind enough to display a number of my choosing on the login screen(to remind me which password to use) and maybe the date I last changed my password life would be much more simple. There are some sites that I have lost count of how many times I have registered because I can't recall which varient of my username I entered.

    The chief problem would be keeping usernames unique - although I'm not convinced this is a problem so long as the combined credentials are unique(?)

  • In a perfect world, a single login would be great, but in a capitalist economy, it simply means a new opportunity to make money.

    We've all watched as the threat of micro-payments has sat dormant for quite some time. I've felt this is due to the effort required to send the money. If I run across a website that won't let me get past their front page without going through a full-blown registration page needing credit card info and billing address, I'm not going to give it a second thought when I back up and proceed to a FREE site. Now, let's say Plan9 or Passport is full blown and widely used(say optimistically 50% of people/websites are signed up). When you arrive at Pay4MyData.com or some sort of micro-payment site, your only effort to pay them is going to be a Pop-Up asking if you in fact want to send $0.03 to the site. All of the sudden, it becomes a penny-here penny-there issue and people just accept it because hey "bandwidth isn't free, DON'T COMPLAIN" I think everyone knows where this is going, it becomes nearly impossible to do anything without paying some small amount. And people like me who refuse to pay simply for the principle of it will be left with old abandoned pages to look at.

    ...And the guy in the back of the room raises his hand, "but it will get rid of pop-ups and advertisements"...Yea right, we all know how when a company gains a new source of revenue, they always abandon their previous.

    Don't get me wrong, Plan9 is a great idea, I just see a huge opportunity for abuse.
  • I would have expected more from a professional Linux publication then to spend the first 3 paragraphs whining about why Linux is not regarded as the best OS or that Open Source is not getting enough respect. The analogy to behavior learned and retained from high school is not limited to just the public, but the writers of these articles as well.

    Do not complain about the dynamics of what articles a publication is going to write if it happens to get more readers. And do not whine that they are not covering enough about Linux. What has Linux done lately anyway? Has it defined a new communications protocol such as XML-RPC and made it pervasive? Has it provided the home user with an network appliance they do not have to maintain may any more than a toaster? No, there is nto dramatic difference to the general public between Linux, BSD, Solaris or any other OS besides MacOS X and Windows.

    The article should just cover that topic described in the headline and cut all the whining. The Slashdot community has grown up a lot over the last several years, but I hate to think that we are going to fall back into the same old and immature debates about how things should be. We all need to recognize how things are and work towards how things should be. Without a good deal of hard work we will not get anywhere.

    Personally, I prefer MacOS X and FreeBSD. That is what I use at home and I play Warcraft 3 and Starcraft on my Windows 2000 PC. I do not like Windows, but at least I am not running Windows XP.
  • by noelp (524550)
    I like Linux. I like Unix. I use Windows a lot. I have a Passport and, yes, it is integrated into the XP OS. Once you get past the narrow-minded M$ hating notions, it is actually quite handy.

    Do I worry about it leaving me open to hack attacks and marketing invasion? No, not really. Information I really care about is not exposed via my passport. It is all safely locked up elsewhere. Dont dismiss it on principle - if you dont like the idea dont use it. Simple as that.
  • "I hate Passport" "I hate XP" "I want something new"

    Everybody agrees with him.

    What would be if he said:
    "I hate Plan 9" "I hate Linux" "I want something new"
    Flame war time!

    Maybe if some people would concetrate on how to deploy certain products and apply certain solutions, they wouldn't be so narrow minded. Now mod me down as a troll, just because there is no "-1, MS friendly" button.

  • There are plenty of things I want from computing before getting rid of the simple inconvenience of remembering multiple passwords and user names. Let's work on those first. For instance: Encrypted email and instant message traffic. Network daemons without remote security holes in them. More fine-grained access control to resources. Universal unicode support. Support for writing real applications in modern programming languages.
  • There was a similar article recently about "roaming profiles", and I brought up the same idea. Seriously, Jabber is capable of having a single-signon in its current state (no change to clients). And because Jabber is a distributed system where anyone can run a server, basically any problem anyone has mentioned so far in this entire comment board is non-existent.

    Slashdot could easily allow logins via Jabber presence. Passwords aren't even needed, since Jabber presence is authoritative. Then I could log into such websites from wherever there is a Jabber client, all using my own personal server (none of this Microsoft-controlled Passport BS).

    -Justin
  • by rpeppe (198035) on Friday September 20, 2002 @01:33PM (#4298870)
    oh, i wish that at least someone out there would go and read the original article [bell-labs.com] before mouthing off.

    factotum (plan 9's authentication agent) is not a single sign-on solution, although it can be when used in conjunction with secstore [bell-labs.com]. what it does mean is that applications do not have to be burdened with complex and error-prone authentication code, and that there is one, well-verified, point in the system that holds secrets and understands the protocols.

    in the factotum scheme, you can mark certain accounts (e.g. your bank account access) so that they will always require a password to be entered; you can also use the scheme without secstore (which is what i'm doing currently) which just forces you to type in each password the first time it's required. secstore is a means to store all your passwords in one place securely, which you can then use to prime factotum.

    this is the essence of the plan 9 approach - choose an abstraction and write it in a simple, modular way so that it's applicable to a wide range of previously unanticipated scenarios. it's a wonderful system, and one that carries forward the true unix tradition, something that UNIX lost long ago.

  • by guttentag (313541) on Friday September 20, 2002 @02:59PM (#4299450) Journal
    SSO is like "The Ruling Ring" in Lord of the Rings. Anyone who wears it will be overcome by its evil power and will ultimately be driven to enslave the End Users (a people closely related to humans).

    I once joined a startup that was based on a good idea that incorporated SSO, but the VP of Engineering swore to me the company would never abuse that power. Within months, marketing managers were telling me that end users "wanted" us to abuse SSO "for their own good." For legal reasons, I won't go into more detail, but the company I left was not the company I joined -- all because of the temptation SSO brings.

    End Users believe that SSO is a gift from heaven because it allows them to mindlessly go through the "troublesome" task of authenticating themselves. This has several implications:

    • Authentication is designed to require you to use your brain. It's like the roughed-up pavement that precedes many toll booths, saying, "you're going to need to wake up now."

    • Authentication is designed to require you to use your brain. It helps ensure that you are the only one who has access to certain data. You should not be entrusting this to a conscience-free multinational who has no qualms about "sharing" your access with all its employees, partners and anyone who pays them enough money.

    • One of the places most consumers often see authentication forms are on shopping sites. When you are going to buy something, you have to go through the steps of entering your username and password, entering your credit card number, your address, etc. It's a protective speed bump that makes you think before you purchase. With SSO (or One-Click), you have no way of knowing when you've "authorized" a charge to your credit card. You assume that it's only when you click a button, but the fact is you've authorized the company to charge your card whenever it claims you want to buy something.

    • Single point of failure. Enough said.

    • Memory decay. When you use SSO, you tend to forget your user names and passwords because you don't need them. Then when your SSO provider does something you don't like and you decide to leave, you feel like you can't. You're trapped because you can't remember that data -- you think you need that service to continue accessing your other services. Even if the SSO service provides a method of retrieving your passwords, most users are unaware of it.

    • Then, of course, there are the tracking issues. The SSO provider will track all the sites you visit, sell that data and market appropriately. Common sense, yet commonly ignored by the common End User.

    A wise wizard would do well to distance himself and everyone he can from this evil.
  • by Xtifr (1323) on Friday September 20, 2002 @04:33PM (#4300097) Homepage
    Paul Murphy (the LW author of the article) seems to have been fooled by the Plan9 folk's self-proclaimed status as "Open Source". However, neither the OSI nor the FSF agrees. The FSF has even posted a detailed analysis [gnu.org] of the problems with the Plan9 license.

    Now, depending on your own philosophy (or lack thereof), you may or may not care personally whether this code is truly free/OSS/whatever, but in practical terms, what it means is that neither Red Hat nor Debian is going to buy into this solution, which pretty much means that it's probably dead in the water. Oh, I suppose it might be accepted by the UnitedLinux folks, but I'm not holding my breath on that.

Maybe Computer Science should be in the College of Theology. -- R. S. Barton

Working...