Wednesday, June 08, 2005

Identify without Identity?

Shelley Powers, at Burningbird, has jumped into the InfoCard discussion (see "You Want We Should What?"). She points to Johannes Ernst's description and also includes references to Julian Bond's rant and Kim Cameron's follow-up. But ends up dismissing the bulk of the argument to state that what seems to be overlooked is:
the surprising fact that in all of this discussion, there seems to be an assumption that the average person is willing to input sensitive information, [pointer to types of ID info], into a digital identity–a digital identity which will then be stored on in their internet-enabled personal computer, bits of which to be passed around from site to site

Powers seems to feel that storing any identity information on a PC is simply begging the hackers to attack you. But that's an observation right up there with "don't leave your laptop sitting on the seat in an empty car," or "be sure to lock the door when you go out," or "keep your wallet in an inside pocket."

If you have a PC that's connected to the internet and it isn't protected, then don't put sensitive data on it. Conversely, if you have sensitive data on it, then protect it!

I think she also overstates the security concerns of the "average person," who has been shown on more than one occasion - in both the US and the UK - to be willing to give up their password to a stranger for a candy bar!

Still Powers (and Bond) provided sort of a service by voicing straw-man arguments that others will bring forward as the technology begins to spread. But for a more balanced view of InfoCard, I'd suggest reading Doc Searls' postings which, while encouraging Microsoft do indicate the real problems that might arise.

Comments: Post a Comment

© 2003-2006 The Virtual Quill, All Rights Reserved


[Powered by Blogger]