Microsoft Defends Passport To Privacy Group

securitas writes: "CNET reports that Microsoft is defending Passport as safe and secure in a presentation to the Center for Democracy and Technology. Other organizations such as the Electronic Privacy Information Center, Junkbusters and even the U.S. government may be lobbied by MS this week to fend off a Federal Trade Commission complaint filed by 15 consumer and privacy groups that charges unfair and deceptive practices."

Re:security and privacy a difficult issue

[Magila]

The problem with placing all your information in one place is that it provides a very lucrative target for script kiddies and the like. How much effort is someone going to put into cracking JRV's user DB as opposed to MS Passport? The presence of such a high profile single point of failure is going to attract crackers like moths to a lamp.

some sites _refuse_ passport users...

[bergeron76]

Like this one. [gridforge.com] They won't allow users to use Passport authentication to buy thier goods, and they posted info about why. What better way to prevent users from using MSPassport, than to send consumers mixed signals about being able to use it.

Aggregation is a bigger concern

[coyote-san]

Information leaking from one site is annoying, esp. if it's something like a credit card number, but it's nothing compared to aggregated information being leaked.

As a silly example, let's say you buy rat poison. No big thing, people buy it all the time.

Let's say you buy a book about "perfect murders... and how they were caught." No big deal, people buy true crime books all the time.

Now let's say you recently bought a bunch of lingerie. And had it delivered. But not to your home address. You're having an affair, sleazy, but not unheard of.

Now finally let's toss in the fact that you just consulted a lawyer. A divorce lawyer. One who specializes in breaking prenuptial agreements.

Suddenly things are much more interesting.

Most of us aren't planning to murder our spouse, or even to look like we're thinking about it. But it's certainly possible for mindless data aggregation to cause people to jump to the wrong conclusion. E.g., you bought a couple books on alcoholism, and a few cases of wine? You obviously have a problem, don't you. (Nope, the wnie is a gift to newlyweds and the book is to help me understand if my nephew needs help.) Etc and so forth.

Even with all of this information centralized with Microsoft (and make no mistake that the Passport/Hailstorm system will not collect this information), my biggest concern isn't that it will be leaked. My concern is that it will have bogus information feed into it. There's a nice market opportunity for nasty companies to put bad information into these records, then offer to clean it up for you. For a modest price, of course. All of the potential damage of a credit report, but with none of the legal safeguards.

Of course, that same problem exists today with the aggregated data provided by from credit card companies, but again it isn't a *single* point of failure. Even if you crack Citibank (still the largest CC issuer?), it does nothing about the hundreds of millions of people who don't have Citibank cards. But crack Hailstorm and you'll have information on almost everyone online.

Re:security and privacy a difficult issue

[kilgore_47]

To be completely fair, neither has anyone else.

I already replied to your post, but I forgot to address the above sentence.
Yahoo has already done it! A "Yahoo ID" can be used in as many places as a M$ passport, if not more.

For instance, if you setup a "Yahoo Wallet" with your yahoo id, that info (name, creditcard, and billing info) can be used on any of the thousands of independent e-stores that run their backend through store.yahoo.com. The same login/pass also works on any of the yahoo sites (stocks, chat, mail, myYahoo portal, travel, the list goes on).

I still don't think this is a good idea, but I'd rather give my info to Yahoo than M$. And no, I'm not just saying that because I hate bill gates; I've dealt with Yahoo Inc quite a bit (namely from running one of said store sites) and rather like the company.

Re:One password, multiple accounts, low security

[vsync64]

Keyring for PalmOS [sourceforge.net]. This thing is perfect. Set up an account, generate a new random password. Then I look up the password the first few times I need to access the account (it helps that my Visor is always either on the desk or clipped to my belt). After that, it's burned into my brain.

The funny thing is, I don't know if it uses some kind of mnemonic algorithm like VMS's password generator does, but I find the generated passwords to be very rhythmic and easy to remember. I'd give an example of my favorite, but then I'd have to change my credit card password :P. Of course, it may just be something peculiar about how my mind works; I've always found it very easy to remember arbitrary number sequences when they are used frequently in my daily life (phone numbers, IBM PC color codes, &c)

Re:Maryland...

[kilgore_47]

The reasons are complicated, and IANAL.

Its explained here [newsforge.com] to some extent. That story claims its because Maryland has a law (that microsoft helped to pass) which is incompatible with the passport legal B.S.

Re:Passport does NOT aggregate transactional data

[jonnosan]

Actually I changed my mind - Passport does change things slightly.

The problem with aggregagating user transactions across multiple sites is matching up user accounts on one site with user accounts on another. DoubleClick solved this by using cookies, but (at least on single user Win9x boxen) identify a machine only, not a user, i.e. they can't detect multiple users of one machine or someone who uses lots of machines.

What passport does is make people use the same account ID at all sites (i.e. their email address).

Passport sites aren't the only sites that do this, e.g. safari.oreilly.com uses your email address as the login, as does amazon. So if Oreilly and Amazon wanted to match up the userbase to see what other books safari users purchased, they could quite easily. It would be a bit harder for Oreilly and SlashDot to match users however, since the login on slashdot is NOT your email address. But slashdot, like most sites, does still collect an email so matching would still be possible.

They way passport changes things a little is that people with multiple emails are more likely to use the same address on all sites, and less likely to give bodgey email addresses. So matching will be (a little bit) more reliable.

Just a little PassPort note...

[Anonymous Coward]

On this computer, I have MSN Messenger installed (Win98), and the default setting start it at boot up. Now, in order to change the default settings, You have to sign on, which means you have to have a passport account. And deleting it isnt an option, as the owner of this computer uses it.

Passport problems

[Anonymous Coward]

I have a Passport account that is rarely used, but I noticed three problems with the service recently.

1. I can't change the associated email address.
2. Sign-in is not encrypted w/ SSL
3. Member Services is basically unaccessable from Mozilla. I don't know what other user agents are rejected.

4. Can anyone confirm or deny these problems?

Re:Passport - Great idea, iffy implementation.

[Anonymous Coward]

Its not just a world wide identification system... passport is the first installment of Hailstorm [microsoft.com] its not just a common identification service its the first step towards common data storage that may be shared between web sites...

This is a good idea... all of you who contend otherwise are speaking purely out of emotion.

It's very clear that one of the biggest reasons for the success of windows desktop platform has been the interopability of windows applications.

It's very clear why this is a good thing for the user, what is not clear is how it might be implemented on the web whilst safe guarding peoples very basic human rights such as liberty and privacy.

I agree that this would be a huge step forward for the web, and is a step towards its ultimate evolution. Accordingly this should not be seen as something that should be crushed at all costs... it should be seen as something that needs to be debated, fleshed out and evolved. Taking a hostile approach against this is only going to see less public input put into it than might otherwise be acheived.

[OT?]Beware of who has your info

[TotallyUseless]

I work for a company, that among other things, buys computer equipment from failing companies to resell it. As a bonus for moving a bunch of equipment one day, my boss let me take home a dat tape drive, and about 80 2 gigabytes tapes from the site we were on, which happened to be an accountant. Well, turns out those dat tapes i got werent new, but were the financial records for every single one of their clients starting in 1996. I had complete records of all client data for a good 4 years just because they were lazy once the hammer fell on them. My point? You trust your stockbroker? Don't. You trust your accountant? Don't. You trust anyone with info you dont want others to see? Don't. It is a harsh world, and when a company goes belly up, whether it is a magazine, a stockbroker, or an accountant, there is a good chance your data could wind up in the hands of someone less scrupulous than me. btw, those dat tapes, I pulled the tape out of the cassettes and destroyed them. it may sound like overkill, but if anything happens to one of these companies down the line, I have no interest in owning a copy of their financial information.

Moral to the story? Basically, watch your back. If you employ an accounting firm, and they go belly up, be sure you get your records back from them. This is just one shining example I gained from experience.

Re:Selective paranoids

[TheMidget]

Although the companies may be out of business, their founders and owners are not yet dead. You can always sue them if they leak your personal info when they sell the dotcom assets.

Is this actually true? I always assumed that liquidation of assets (which unfortunately include "customer" lists) was handled by a bankruptcy court appointed "repo-man", and that the (former) owners of the company couldn't do anything at this point to decide which assets got sold to whom.

Re:security and privacy a difficult issue

[grahamm]

If all the information has to be held in one place (as in Passport), why not store it on the local computer? Mozilla will remember passwords and certificates for you, all being protected by the master password. Is it not better to have all the information stored on your system and for you (the user) to decide who is allowed to access what information? So that in order for a site to acccess any particular information, a dialog box could be displayed which allows the user to select one of

• Always reject the request (for this site)
• Reject it this time but ask me again next time
• Always grant the (particular) request
• Grant it this time but ask me again next time.

Also users could choose what information they want to store in their local (encrypted) database. This could include, usernames/passwords, credit card numbers, (snail mail) address details etc.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Multiple passwords are *not* more secure

[Anonymous Coward]

>Unfortunately, that's just not true. Usability research has shown certain facts
>about passwords again and again. In particular, as soon as you start forcing users
>to remember several passwords, they immediately start using obvious and easy to
>remember passwords, or writing them down in a readily accessible location. Clearly,
>this does not improve security.

Ah yes. Usability research, the great curse of the 21st century rears it's ugly head again.

And why pray tell,should we take anything that involves people stupid enough to dump hot coffee or tea in their laps seriously?

Re:Aggregation is a bigger concern

[Rogerborg]

• But crack Hailstorm and you'll have information on almost everyone online.

But not on me or thee, I assume. So, why do we care? Let the Microserfs sign up and get raped, let M$ take the flak, then once the principle is in place, we develop an open source (security through transparency) alternative and (here's the good bit) lobby for a consortium of Big Businesses to get together and themselves lobby for the gubmint (any gubmint, heck, pick a sensible one that everybody likes like New Zealand) to take it and administrate it.