Stories
Slash Boxes
Comments

News for nerds, stuff that matters

Authentication is the Key

Posted by michael on Wed Jun 20, 2001 07:10 PM
from the are-you-the-Keymaster dept.
jeffwolfe writes: "In his latest column in InfoWorld, Nicholas Petreley claims that Microsoft's attack on the GPL is merely a diversionary tactic to distract the Open Source community from Microsoft's real goal: authentication services."
This discussion has been archived. No new comments can be posted.
Authentication is the Key | Log In/Create an Account | Top | 330 comments (Spill at 50!) | Index Only | Search Discussion
Display Options Threshold:
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1) | 2 | 3 | 4 | 5
  • This guy.... by Anonymous Coward (Score:1) Wednesday June 20 2001, @03:17PM
  • Not quite by Anonymous Coward (Score:1) Wednesday June 20 2001, @03:40PM
  • Re:Remember Ghandi by Anonymous Coward (Score:1) Wednesday June 20 2001, @04:14PM
  • Re:Why I'm Not Using Windows Anymore by Anonymous Coward (Score:1) Wednesday June 20 2001, @04:24PM
  • Petreley's by Anonymous Coward (Score:1) Wednesday June 20 2001, @05:25PM
  • Re:Renamed: Or, just say the truth... by Anonymous Coward (Score:1) Wednesday June 20 2001, @11:48PM
  • Missing the point (Score:3)

    by Anonymous Coward on Wednesday June 20 2001, @05:18PM (#136506)

    Unified authentication is not a piece of software. Certainly the software exists, but the information must be shared among different groups for it to be worthwhile.

    As far as sensitive transactions on the internet goes, I use eBay, ING (for banking), Paypal, Chapters.ca, Amazon.com etc. I would like to be able to login to my personal computer or to my computer at work and have instant access to any of these services without remembering a password for each one. If I gave these companies permission to share my personal information I would not consider this an invasion of my privacy.

    If, on the other hand, Microsoft took control of my personal information implicitly when I signed up for these services I would consider that an invasion of my privacy. Microsoft would, in effect, be saying "if you want to perform sensitive transaction on the internet you deal with me." I don't want to deal with MS.

    What is needed is not a piece of software, what is needed is a standard format for sharing sensitive information and a standard legal contract by which you give a company to share your information with whichever companies you want the information shared with. A legal open standard similar to the GPL which would also include instructions on encoding and transmitting sensitive information would make universal authentication practical, with or without NC. We can make a contract that we're comfortable with and boycott companies that don't subscribe to it. This is how we'll beat Microsoft.

  • Passport (Score:3)

    by Anonymous Coward on Wednesday June 20 2001, @11:45PM (#136507)
    I think it's interesting that Peterley didn't mention Passport once in his article. The headline screams out how authentication is key and yet fails to address Microsoft's stategy for actually making authentication happen.

    Guess what? Microsoft has already mined MSN and Hotmail and has it combined with Passport to create a ridiculously huge user base. Take a look at the Open Source sites (like any of those owned by VA in its OSDN sites). I think at last count there were something like 16 different sites each with a different name and password. How can a supposedly backward thinking company like Microsoft figure out how to leverage it's online websites and yet a company like VA Linux can't? Why is it that you can buy advertising across the entire OSDN network and yet you have to potentially use a different username and password for each of these sites? Why isn't VA doing a service like Passport that would not only tie OSDN sites together, but could potentially use a PAM module to tie your Linux login back into each of those sites?

    It seems like the open source community is only going to 'get it' when people fire up Windows XP the first time and realise that they can login with their Passport/MSN/Hotmail accounts.
  • Re:Unfortunately there is no resistance... by farrellj (Score:1) Wednesday June 20 2001, @06:14PM
  • How to really sink Microsoft! by farrellj (Score:1) Wednesday June 20 2001, @06:24PM
  • *hehehehehe* by Chris Johnson (Score:2) Wednesday June 20 2001, @05:41PM
  • Sunrays work right by Tony (Score:2) Wednesday June 20 2001, @04:06PM
  • Gates is the new Sarnoff by Wansu (Score:2) Thursday June 21 2001, @06:40AM
  • Re:Forget the privacy implications by pohl (Score:1) Thursday June 21 2001, @09:42AM
  • Re:Forget the privacy implications by pohl (Score:1) Thursday June 21 2001, @09:53AM
  • NC World Magazine archive still exists! by rickmoen (Score:2) Wednesday June 20 2001, @10:53PM
  • Re:the appeal of a single sign on by tzanger (Score:1) Wednesday June 20 2001, @05:40PM
  • Re:Renamed: Or, just say the truth... by IvoryRing (Score:1) Thursday June 21 2001, @06:32AM
  • Re:Other conclusions possible... by Jason Earl (Score:2) Wednesday June 20 2001, @04:24PM
  • Re:the appeal of a single sign on by Jason Earl (Score:2) Thursday June 21 2001, @07:39AM
  • Re:the appeal of a single sign on by Jason Earl (Score:2) Thursday June 21 2001, @07:50AM
  • by Jason Earl (1894) on Wednesday June 20 2001, @08:48PM (#136521) Homepage

    I can at least back up my hard drive. What happens to my passport credentials when Microsoft decides that I can't use them without paying for an "upgrade," and what happens when Microsoft gets hacked?

    Heck, what happens when Microsoft "loses" my passport storage file. Microsoft doesn't guarantee that their site will be up, that they won't lose data, or that they won't be hacked. They don't guarantee that their prices won't go up, or that their service will even be available a year from now.

    And if Passport becomes ubiquitous what is to stop Microsoft from using it to spam the lot of us? You think the EULA which specifically states that they can change ther terms of service is going to save us. To be honest, I don't even see Hailstorm as being all that useful. As a developer I personally am not really that interested in having my customers data on Microsoft's servers. I want to control my customers information myself. I want to have their email addresses, and mailing addresses in my database.

    I imagine that Microsoft's competitors feel the same way, and now that Microsoft is a full-on media company they have a lot of competitors.

  • by Jason Earl (1894) on Wednesday June 20 2001, @04:11PM (#136522) Homepage

    It's already been done. Mozilla will happily remember your usernames and passwords for as many sites as you like. If you wish you can password protect this information store (I believe that IE does something similar as well). This is a much better solution than putting all of the information about everyone in one huge database. Sure, some people will probably lose their passwords when their hard drives crash, and some will have their master password stolen by thieves. But I can guarantee you that if everyone's information was in one net connected database eventually someone would learn to steal that information from everyone (the only trick would be to steal the information slowly enough so that Microsoft wouldn't notice).

    Of course, if you put me in charge of the database that would be a different thing altogether. I would never use it for nefarious purposes, and I would be very careful to make sure it never was stolen :).

    The funny thing is that this could really work, but not if Microsoft insists on charging money for it. Heck, they should be giving away Windows XP and then hold everyone's data hostage.

  • by iabervon (1971) on Thursday June 21 2001, @07:39AM (#136523) Homepage Journal
    The idea is that users can use any computer anywhere, and they access a central location, where their information is stored.

    What this will really mean, though, is: people don't buy PCs to put their data on. They buy servers to put their data on. They've finally gotten their 24x7 connection, and they're going to stick a box in the basement next to the other utilities. Then they can go anywhere and get their desktop from their computer at home.

    For the first iterations, the box will also be the PC they use, but it will act exactly the same as if it were storing things remotely. Of course, it will act as a thin client for other people who want to use other home machines, and it will be a server for when they're at their friends' houses.

    Later, of course, they'll want more places to connect from than they want central stores, and they'll want to upgrade their client capabilities (graphics, raw processing, etc) at a different time from when they upgrade their server (long-term hard drive space), and the server will fall out of use as a client.

    All this will be possible in... 1996. At least, that's when I started doing it, at least as far as ssh, and then screen, which covers most of the things I actually want to do with a centralized configuration. MicroSoft will probably end up with a similar model (using proprietary parts, of course, so MS client with MS server does things that either doesn't otherwise do). Being the server is probably a stopgap for people who aren't yet set up to run the servers themselves; after all, serving files for people isn't all that exciting, especially if they get people to use software subscriptions and pay to run the file servers on their own machines.
  • by sheldon (2322) on Wednesday June 20 2001, @07:09PM (#136524)
    I find it interesting the various attacks I see upon Microsoft's .Net initiative. Perhaps it is a clever strategy of Microsoft's, but .Net encompasses so many things that these attacks lack focus.

    Petrely attacks the Passport services piece of .Net. This is just one small piece, and probably the weakest point of the whole .Net initiative.

    Most of us Microsofties are really more interested in the .Net programming framework. ASP.NET, VB.NET, C#, Web services, etc.

    I do think there is a want for a single signon for internet websites. I have to keep track of some 90 or so names and passwords for various web sites that I have used. It kind of sucks.

    I guess the chief complaint I have with Passport is the stupid hotmail.com account. I really don't see why I need or want a free email account, especially since all I get is spam from it.

    So if they could develop a system which was interoperable with my email address that I already have, well then. That'd be cool.

    I don't know, I guess in a sense I suspect this Passport thing will have some limited success. I don't think it will become all encompassing though mainly because it's not totally desirable.

    Similarly with some of the Hailstorm stuff. Truth is, I think these ideas are good, but I think they need to be decentralized, not centralized. I want to be able to access all my email, various files, whatever from anywhere. But I think that I could do that just as easily myself with the right software, or perhaps as a service from my ISP.

    In that sense, I think Microsoft should sell the software, not the service.
  • Re:Forget the privacy implications by WWWWolf (Score:1) Thursday June 21 2001, @07:53AM
  • Riight... by Svartalf (Score:2) Thursday June 21 2001, @04:52AM
  • Change the font size or the screen resolution... by Svartalf (Score:2) Thursday June 21 2001, @05:01AM
  • Re:Forget the privacy implications by richieb (Score:1) Thursday June 21 2001, @02:52AM
  • by Bookwyrm (3535) on Wednesday June 20 2001, @04:43PM (#136529) Homepage
    I think the article is close to the target, but it's not quite there. It's not that authentication by itself is the key, it's the directory services that's part of the authentication which is the key.

    Any one remember archie? The difference it made in using FTP? The key part of the phrase "You can find anything on the Internet" is *find*, it's not that any thing and every thing is on the Internet, it's that you can *find* it. (In some way, this is may be what Sun's CEO meant about not having any privacy -- there have always been records kept on people in all sorts of places, just now it is possible to find the records, index them, use them to *find* what you like, or *find* people that like certain things.)

    File transfers have been around for a while now. Napster was interesting because it let people, tada, find the files they were looking for that other people have. eBay lets sellers find buyers. Social communities have formed up on the Interent because people have found other people who share similiar interests.

    This probably seems all terribly boring, but think about it for a moment. If Microsoft does create a single sign-on authentication system, they will (potentially) have one of (if not the) largest online directory of people (competing with AOL.)

    Authentication is just part of it. If Microsoft controls the directory services, they can control who (or what -- i.e. smart tags , etc.) can be found ... or not found. Heck, even forget the authentication bit -- anyone serious will have their own level of authentication and authorization, probably -- the first step in authentication of a person is *finding* their record.

    Just look at the whole DNS root server mess, Network Solutions and such making money off of basically directory services. The battle over whether or not AOL will have an icon on the Windows desktop. Instant messaging -- which is basically the idea of presence (which appears to be one of the big buzzwords coming up), or rather, making it easier to be found.

    Take a look at how much money is made from the sale of .com domains, etc. Now suppose Microsoft had the equivalent of the root DNS servers, but for a directory of identities rather than domain names. How much would someone pay to have an identity of "John Doe" rather than "jdoe@someplace.onthe.net"... just type "John Doe" in your MS email program... Windows Messenger... goodness, maybe even your web browser. Now, wouldn't that be something? MS could let you type in 'identities' or keywords (i.e. "John Doe" "Amy Smith" "Microsoft Corporation" "Plumber" "Sun Microsystem") into your browser/Windows Messenger (off-topic, SIP blows chunks) and pop up perhaps their web page, a phone call, an instant message, or what not. Mmm. Do away with all that messy 'domain name' bit, or rather replace it with the Microsoft authenticated identities. Hmm. Interesting idea, isn't it?

    Look, if you want to change the face of the network, the killer app is directory services. Online the map is literally the terrain -- the domain name system is the map we use to find things! That is, if you replaced the current DNS system with something new, that could change web browsing, email, all the services that depend on it to find people, places, and things.
  • Why, yes there is. by bill_mcgonigle (Score:1) Thursday June 21 2001, @03:58AM
  • Re:the appeal of a single sign on by unitron (Score:2) Thursday June 21 2001, @08:03PM
  • Re:Likelihood of .NET and hailstorm success is low by garcia (Score:2) Wednesday June 20 2001, @03:51PM
  • Re:Old stuff (Score:3)

    by garcia (6573) on Wednesday June 20 2001, @03:22PM (#136533) Homepage
    it will only be monopolized if we continue to let them create this positive spin on the control of our lives!

    people are alowly accepting large organizations as the maintainers of databases w/all of our personal information. Do you really want MS to control EVERY single facet of your computer connection? I am scared enough of centralized databases of credit info that companies sell to each other for mass marketing, but I would be ESPECIALLY afraid of MS controlling 90% of every computer remotely...

    Bill of Borg is really starting to get closer to reality :(
  • you can get that by Archfeld (Score:2) Wednesday June 20 2001, @03:57PM
  • small form factor PC's by Archfeld (Score:2) Wednesday June 20 2001, @04:04PM
  • by Archfeld (6757) <archfeld@hotmail.com> on Wednesday June 20 2001, @03:51PM (#136536) Homepage Journal
    I work for the 2nd largest M$ exchange implementation worldwide, and our management along with several other fortune 50 companies told M$ to stick .net where it was safe...Ballmer's deep dark hole. Data security is PARAMOUNT and M$ would not pony up the $$$'s for insurance and bonding nor would they provide ANY sort of IRON CLAD uptime/access agreement. With VPN and broadband so prevalent these days we are going the exact opposite, to the hardware vendors' delight, and deploying PC's everywhere with VPN clients to access our data on our OWN SAFE and SECURE machines. If I were a sales business or some such heavy travel industry I MIGHT be able to see 'some' value in a .net structure but otherwise...NOT.
    Can someone present an argument PRO .net beyond M$'s security and uptime smokescreen ?
  • Re:Why government is NOT a *Good Thing* by Big Boss (Score:1) Thursday June 21 2001, @06:27AM
  • Re:Why government is NOT a *Good Thing* by Big Boss (Score:1) Thursday June 21 2001, @01:43PM
  • Re:Sun is as bad as M$ by Nessak (Score:1) Wednesday June 20 2001, @03:40PM
  • reworded in another domain... by battjt (Score:1) Thursday June 21 2001, @02:27AM
  • Re:Which means... (Score:4)

    by landley (9786) on Wednesday June 20 2001, @03:40PM (#136541) Homepage
    > Or, alternately, move in with Stallman

    Nah, I've been in his office. There's no room.

    And now that he's dating again, he might be more inclined to insist on a bit of privacy. (The collective response of the FSF people to Stallman's acquisition of a significant other after all these years was, basically, "Thank God!". This info is a good four months out of date now, though. Dunno how things are going in Boston...)
  • Re:not true (Score:3)

    by nebby (11637) on Wednesday June 20 2001, @06:02PM (#136542) Homepage
    Sun and IBM don't have a monopoly on the desktop. Think Netscape, but if IE had come out before it did.
  • What on earth needs 350 meg!!! by Sangui5 (Score:1) Wednesday June 20 2001, @04:53PM
  • Yes, NIS and kerberos are useful by Sangui5 (Score:1) Wednesday June 20 2001, @04:58PM
  • I get 354K. by Sangui5 (Score:1) Wednesday June 20 2001, @05:06PM
  • Umm, well. by Sangui5 (Score:1) Wednesday June 20 2001, @05:10PM
  • by Sangui5 (12317) on Wednesday June 20 2001, @04:19PM (#136547)

    Here is a little anectdote relating to executable size

    I recently recompiled my kernel, and put in the MagicSysRq support. I had been playing with fork, and the killall/nukem-now support it offers was attractive. However, can be dangerous, and as such you have to put a '1' into /proc/sys/kernel/sysrq before it will work. Putting a '0' in instead will also work.

    Now, I wanted to be able to turn this on/off from my user account w/out going to root. A script wouldn't do it as /proc isn't world writable, and you can't suid a script safely. Therefore I needed a very simple binary program. Being the lazy person that I am, I wrote it in C++:

    int main(){
    ofstream out;
    out.open("/proc/sys/kernel/sysrq");
    out << "1";
    return 0;
    }

    Now, when I compiled it, I noticed that the filesize was a whopping 354K. 354K just to write a single character!!! That is way too much. So I decided to put it on a diet. First step: strip. Strip removes all of the debugging information from a file, which can really shrink it's size. It did, but still left a whopping 71K.

    I then realized that the problem was using C++. So I switched to C, using file pointers, fopen, putc, and so on. This brought things down to a mere 12K. Stripping this brought a final size reduction to 3276 bytes. A very very slight reduction could be achieved by using the more raw calls to open() write() and close(), but only a couple of bytes.

    Now, what is the moral of the story? It was a little harder to write the small version. I had to look up the exact semantics for fopen (I don't use C very often). I had to know about the existence of strip (or the -s flag for gcc will do the same). And I had to have the will to cut the size down. As a result I cut the binary to less than 1% of it's original size.

    Now how many end-user apps:

    • have been written with absolutely no attemt to keep the size of the binary down?
    • haven't had their debugging symbols stripped?
    • statically link to common libraries rather than dynamically link?
    • statically link multiple times to the same library, and then dynamically link once or twice more just for good measure (hint: MS Office).
    • have lots and lots of extra features that only a small percentage of people use?
    • have totally unnecessary things (a whole flight sim in Excel!!)?
    • are written in "big" languages like C++ (especially for GUI work), or are written by people who would rather save themselves 5 minutes coding rather than slim something down, even a large amount?

    The answer is "a lot"

    Network computing is perfectly possible. It just takes a small amount of effort

  • by Sangui5 (12317) on Wednesday June 20 2001, @03:38PM (#136548)

    Just consider for a moment the security implications.

    You must remember that this is MS running the servers. Now, last I checked, they didn't exactly have a very good track record on security. Just think of what bad things could happen the first time somebody breaks into the Hailstorm servers and steals millions of people's login info at once. Or credit card info too, as there is talk about using Hailstorm to handle online purchasing too.

    The very idea of a centralized single signon is moronic. I would hope that most people on /. realize that by now.

  • Re:not true by Bongo (Score:1) Thursday June 21 2001, @01:13AM
  • Re:the appeal of a single sign on by dennism (Score:1) Thursday June 21 2001, @05:14AM
  • Re:What on earth needs 350 meg!!! by ethereal (Score:1) Wednesday June 20 2001, @07:32PM
  • Re:Is Sun as bad as M$ ? by swb (Score:1) Thursday June 21 2001, @09:24AM
  • Re:Another novel concept Notepad.exe by Chelloveck (Score:2) Thursday June 21 2001, @07:02AM
  • Re:So name the open source alternatives by scav (Score:1) Thursday June 21 2001, @01:11AM
  • They allready does this... by Dowser (Score:1) Thursday June 21 2001, @12:25AM
  • MY money is one SOMEONE ELSE's safe. by ABEND (Score:1) Thursday June 21 2001, @04:14AM
  • Re:Two .NETs at issue here by haapi (Score:1) Thursday June 21 2001, @05:14AM
  • Re:Is Sun as bad as M$ ? by Petrus (Score:2) Thursday June 21 2001, @03:12AM
  • OT: Miranda Case by Anm (Score:1) Wednesday June 20 2001, @06:14PM
  • Re:OT: Miranda Case by Anm (Score:1) Thursday June 21 2001, @05:52AM
  • NET is retrogressive by B.D.Mills (Score:2) Wednesday June 20 2001, @10:22PM
  • "Smithers, use the amnesia ray..." by FatSean (Score:2) Wednesday June 20 2001, @07:32PM
  • Re:As always, Cosmo said it best... by Gabey (Score:1) Wednesday June 20 2001, @06:38PM
  • MY data is one SOMEONE ELSE's machine.

    The problem is that while you're comfortable with data being on your machine, 99% of people (joe consumer) would rather it wasn't. They have no idea how to do backups, are uncomfortable with the idea of disk crashes, and (ironically) are used to the idea that computers just do go wrong even if they have no idea that it's our friends in Redmond that cause it.

    So they want someone else to look after their data.

    Hmmmm.
    Dave :(
  • Re:How to crush .net by double_h (Score:2) Thursday June 21 2001, @04:29AM
  • Re:MicroSquish for authentication? by Kaa (Score:1) Thursday June 21 2001, @05:03AM
  • Re:M$ has done a better job than the competition by r2ravens (Score:2) Wednesday June 20 2001, @11:14PM
  • Re:I see two possible outcomes... by MindStalker (Score:2) Thursday June 21 2001, @07:39AM
  • Re:So name the open source alternatives by pangloss (Score:1) Wednesday June 20 2001, @03:45PM
  • Re:As always, Cosmo said it best... by asland (Score:1) Wednesday June 20 2001, @07:51PM
  • Re:NC? by Rupert (Score:2) Thursday June 21 2001, @05:57AM
  • Re:Scary - but it may be Microsoft's downfall by JMax (Score:1) Wednesday June 20 2001, @04:26PM
  • Re:Forget the privacy implications by MrNixon (Score:1) Thursday June 21 2001, @03:00AM
  • Re:How to remember 3,000 passwords! by MrNixon (Score:1) Thursday June 21 2001, @12:48PM
  • Use an affiliated .edu/.org for your CA by lazzaro (Score:2) Wednesday June 20 2001, @04:10PM
  • But ... by Tony-A (Score:1) Wednesday June 20 2001, @08:04PM
  • Re:Makes perfect sense, really. by Tony-A (Score:1) Wednesday June 20 2001, @08:44PM
  • Red Hat Professional Server by Tony-A (Score:1) Wednesday June 20 2001, @08:54PM
  • History Repeats Itself by gbr (Score:1) Thursday June 21 2001, @04:55AM
  • The long and short of it is, MicroSquish knows precisely *squat* about multi-user computing, data security, and crypto.

    That's alright. Remember when they knew precisely squat about the Internet?

    In two to three years, Microsoft will have invented those technologies.

  • Other conclusions possible... by dead_penguin (Score:2) Wednesday June 20 2001, @03:32PM
  • Re:Smaller isn't impossible, just more difficult. by ademko (Score:1) Wednesday June 20 2001, @06:16PM
  • PAM, Pluggable Authentication Modules.

    Note that it is not solely for logging your UNIX box. Check out http://pam.sourceforge.net/mod_auth_pam/ [sourceforge.net] for an Apache module.

    It's really a pretty cool solution and you can authenticate to almost anything: LDAP, RADIUS, even SMB.

    Of course, there's still the problem of centralised control. What I would really like to see is a PGP or PGP-like solution where the user has control over their private key and each site grabs the public key when they sign up (with this, a signing up process could be transparent to the user). That way, you get the common authentication method and there's no need to store complete data about you anywhere but on your computer. Imagine getting a popup: "Whatever site has requested the following information:...." Each piece could be accompanied by a checkbox so the user can accept/deny specific pieces of information.

    This is probably doable such that it will easily integrate into current systems, too.

    Of course, I could be totally wrong, and I'd expect someone to point that out. :-)*
  • Re:.NET by lgraba (Score:1) Thursday June 21 2001, @03:47AM
  • Re:the appeal of a single sign on by Necron69 (Score:1) Thursday June 21 2001, @07:15AM
  • Re:Smaller isn't impossible, just more difficult. by ttfkam (Score:1) Wednesday June 20 2001, @06:35PM
  • Re:Which means... (Score:3)

    by Snafoo (38566) on Wednesday June 20 2001, @05:41PM (#136587)
    Smaller means quicker?

    No, no no nooo. This is just another piece of pseudo-physics. In business, smaller does *not* mean 'quicker' -- in either the 'ability-to-change-focus-suddenly' or the 'ability-to-fully-exploit-an-opportunity-before-an yone-else' senses. *Bigger* is faster. *Bigger* has less inertia.

    Small companies necessarily have homogenous portfolios -- they focus on one wee lil corner of the market, because they lack the resources to cover more. Any change of direction (or market) jeopardizes the company; hence, alterations in course are 'expensive', probablistically speaking. OTOH big companies can follow a zillion different speculative trails to their logical conclusions *simultaneously*. Think of quantum computing. Now, if 99% of those trails end in failure, so be it; the company naturally 'collapses' its waveform onto the remaining one percent and be extremely successful.

    The reason why small companies appear to be quick is the same reason that dust motes seem to be 'everywhere' when you wave a flashlight around in a darkened room: The sheer number of small businesses make it very probable that a handful will be at the right place at the right time for any given opportunity, never mind the hundreds of unlucky failures, floating in the dark!

    Now how's that for pseudo-physics? :)

  • Re:Why government is NOT a *Good Thing* by alecto (Score:1) Thursday June 21 2001, @01:39PM
  • Re:Why government is NOT a *Good Thing* by alecto (Score:1) Thursday June 21 2001, @06:39PM
  • Which means... (Score:4)

    by brianvan (42539) on Wednesday June 20 2001, @03:16PM (#136590)
    While we were all vigorously arguing on Slashdot, they snuck in the room and put little black boxes between our network interfaces that record a micropayment for every TCP/IP packet.

    Nice diversion!

    Sarcasm aside, Microsoft is still a big corporation... and smaller means quicker. So it's not really about Microsoft sneaking anything past us... it's about the quality of our decisions and actions, and how effective they are to counter moves by Microsoft.

    But hey, the best solution is to just give in, buy their stock, and move to a remote Pacific island to live off the profits. Or, alternately, move in with Stallman and start amassing the GPL cult that will eventually take over the world like... Pac Man...
  • Open Source Alternative... maybe? by metacosm (Score:1) Wednesday June 20 2001, @03:59PM
  • Re:As always, Cosmo said it best... by QuantumG (Score:1) Wednesday June 20 2001, @05:40PM
  • Re:As always, Cosmo said it best... by QuantumG (Score:1) Wednesday June 20 2001, @10:07PM
  • The problem? (Score:3)

    by interiot (50685) on Wednesday June 20 2001, @04:22PM (#136594) Homepage
    I don't see the problem with this. Well, there's the ever-present plans of MS to take over the world, but that's nothing new.

    What microsoft has always been good for is successfully implementing the grandiose ideas that nobody else could. Do you remember the Windows 3.1 days? If you had a new graphics card or new printer, what was the only thing that could talk to it? That's right, MS Windows. And MS shared the love by allowing any program running within it to talk to those devices as well.

    And now there's network computing, with its related monstrosities, central directory and PKI infrastructure. Many big heads have tried to tackle these; none has come close to success. These are ideas that would expand the usefulness of computers beyond belief, but they can only be pulled off if there's a strong center to hold everything together.

    In case you're worrying that "center" means monopoly, think again. The center is shrinking! MS is no longer trying to have a stranglehold on the Apps or the OS, just the authentication and the basic protocol which can be run on any hardware. We should rejoice!

    Unlike visa or doubleclick, they're not trying to put themselves in a position to snoop on you. They're trying to give us something that no one else can.
    --

  • Re:Forget the privacy implications by stroppy (Score:1) Wednesday June 20 2001, @04:43PM
  • EMACS by jcr (Score:2) Thursday June 21 2001, @02:28PM
  • by jcr (53032) <jcr AT idiom DOT com> on Wednesday June 20 2001, @03:35PM (#136597) Journal
    Yeah, right. Like I'm going to trust an outfit that puts a Turing-complete interpreter in a MAIL CLIENT, and gives it full access to both the filesystem and the outgoing mail queue for ANYTHING related to security.

    The long and short of it is, MicroSquish knows precisely *squat* about multi-user computing, data security, and crypto.

    When Hugh Daniel went up to Redmond to do interoperability testing between FreeS/WAN and their half-assed IPSEC, he asked them which crypto algorithms they'd implemented, and they told him "40-bit DES". Nothing else.

    Hugh just left. I would have, too.

    -jcr
  • Re:Why I'm Not Using Windows Anymore by Old Wolf (Score:1) Wednesday June 20 2001, @04:30PM
  • Re:Why I'm Not Using Windows Anymore by Old Wolf (Score:1) Wednesday June 20 2001, @07:02PM
  • How did he lose his old articles? by dccase (Score:1) Wednesday June 20 2001, @05:09PM
  • Re:Renamed: Or, just say the truth... by colmore (Score:1) Thursday June 21 2001, @07:31AM
  • Re:NC? by bnenning (Score:2) Wednesday June 20 2001, @05:49PM
  • I am not sure about this... by clump (Score:1) Wednesday June 20 2001, @04:12PM
  • Re:Makes perfect sense, really. by clump (Score:2) Wednesday June 20 2001, @04:29PM
  • Re:Forget the privacy implications by Asgard (Score:1) Thursday June 21 2001, @06:38AM
  • by Bilestoad (60385) on Wednesday June 20 2001, @03:19PM (#136606)
    They still haven't addressed the biggest problem with the model -

    MY data is one SOMEONE ELSE's machine.

    Even if you have a local backup that introduces issues with consistency. And just who is reading your work? Why will people suddenly trust a third party to provide their environment? It didn't work for Sun in the 90s (which although Petreley mentions MS fought, was not a failure because of MS opposition) and it won't work for MS now - in fact this could be the undoing of Microsoft. We have huge, cheap hard drives, great technology like IMAP, and software that works. I can't see the compelling advantage.
  • How to crush .net by gregm (Score:1) Wednesday June 20 2001, @09:55PM
  • Hesiod, anyone ? by shall555 (Score:1) Wednesday June 20 2001, @04:53PM
  • (To misquote the 'Wizard of Oz [rr.com]'):

    "Pay no attention to that man behind the curtain!"

  • Re:not true by quartz (Score:1) Wednesday June 20 2001, @05:05PM
  • This "microsoft conspiracy" thing is getting old by quartz (Score:2) Wednesday June 20 2001, @04:37PM
  • Re:OT: Miranda Case by aonifer (Score:2) Thursday June 21 2001, @06:41AM
  • Re:Likelihood of .NET and hailstorm success is low by samantha (Score:1) Wednesday June 20 2001, @04:23PM
  • don't get it by samantha (Score:2) Wednesday June 20 2001, @04:14PM
  • Re:Makes perfect sense, really. by binner (Score:1) Wednesday June 20 2001, @04:43PM
  • Re:Yes, NIS and kerberos are useful by matman (Score:2) Wednesday June 20 2001, @06:28PM
  • Re:the appeal of a single sign on by plague3106 (Score:1) Thursday June 21 2001, @08:27AM
  • Re:So name the open source alternatives by technos (Score:2) Wednesday June 20 2001, @03:41PM
  • Re:Forget the privacy implications by technos (Score:2) Wednesday June 20 2001, @03:44PM
  • Re:Who has MS convinced ?? by technos (Score:2) Wednesday June 20 2001, @06:16PM
  • Re:Smaller isn't impossible, just more difficult. by rkent (Score:1) Thursday June 21 2001, @07:48AM
  • Re:As always, Cosmo said it best... by jhoffoss (Score:1) Thursday June 21 2001, @07:34AM
  • Re:NC? by pete-classic (Score:1) Thursday June 21 2001, @06:55AM
  • Re:NC? Diskless workstations + buzzword by pete-classic (Score:1) Thursday June 21 2001, @12:57PM
  • Re:NC? by pete-classic (Score:2) Wednesday June 20 2001, @03:45PM
  • Re:small form factor PC's by pete-classic (Score:2) Wednesday June 20 2001, @05:55PM
  • Re:Other conclusions possible... by Moooo Cow (Score:1) Wednesday June 20 2001, @05:40PM
  • Authentication Services by guenth (Score:1) Thursday June 21 2001, @06:27AM
  • Re:Close, but not quite by ChaosMt (Score:1) Thursday June 21 2001, @11:23AM
  • Re:Likelihood of .NET and hailstorm success is low by kimihia (Score:1) Thursday June 21 2001, @02:54PM
  • My ideal computing platform... by mrogers (Score:2) Thursday June 21 2001, @04:22AM
  • Re:Likelihood of .NET and hailstorm success is low by Trekologer (Score:1) Thursday June 21 2001, @08:50AM
  • Re:Who is Microsoft trying to sell .NET to? by Trekologer (Score:1) Thursday June 21 2001, @09:06AM
  • Re:Who is Microsoft trying to sell .NET to? by Trekologer (Score:1) Thursday June 21 2001, @09:08AM
  • Re:Smaller isn't impossible, just more difficult. by nihilogos (Score:2) Wednesday June 20 2001, @04:48PM
  • Re:I get 354K. by nihilogos (Score:2) Wednesday June 20 2001, @07:32PM
  • by Ukab the Great (87152) on Thursday June 21 2001, @12:12AM (#136637)
    They put a certificate of authenticity in every windows box. Hey, it works for the franklin mint.
  • by Alpha State (89105) on Wednesday June 20 2001, @05:30PM (#136638) Homepage

    A piece of software is not enough so just having an open source alternatvie is not the issue. We are talking about a user's data here and what is going to be done with it. Sure, you could do it with open source tools, but who is going to actually store the info and handle the authentication?

    I can see a private company (or more than one) coming forward to accept user's details and provide authentication to web sites, but they are likely to be just as bad or worse than MS.

    The other problem is trust - you can build it, but why would users register their important info with someone they've never heard of before. You and I may not trust MS, but plenty of people will (and do).

    What is needed is a large, recognised group which can provide authentication, funded by micropayments, advertising or contributions and backed by names that people will come to trust. I think this would be a perfect service for the government to provide, although I imagine many people here will be pretty dirty on that idea. But what the hell, they already have all your info and at least they wont play silly buggers with preferred partners and closed standards.

    The only other possibility is an open consortium or perhaps financial companies (someone like paypal), but the possibility will still be there for abuse.

    Unless someone can come up with a way of using a decentralised system like freenet to provide secure authentication, but I can't see people trusting that either.

  • Re:you can get that by smokinburt (Score:1) Wednesday June 20 2001, @09:22PM
  • alternative: AuthXML project by mehu (Score:1) Thursday June 21 2001, @09:35AM
  • Re:Likelihood of .NET and hailstorm success is low by grumling (Score:1) Thursday June 21 2001, @01:37AM
  • Re:Red Hat Professional Server by DrCode (Score:2) Thursday June 21 2001, @08:07AM
  • Re:Why I'm Not Using Windows Anymore by Jaborandy (Score:1) Wednesday June 20 2001, @04:52PM
  • Re:the appeal of a single sign on by 4of12 (Score:2) Thursday June 21 2001, @06:42AM
  • Re:So name the open source alternatives by 4of12 (Score:2) Thursday June 21 2001, @07:48AM
  • Re:Likelihood of .NET and hailstorm success is low by Crixus (Score:2) Wednesday June 20 2001, @05:35PM
  • You don't need to "sign on" to anything by dingbat_hp (Score:1) Thursday June 21 2001, @03:25AM
  • Wrong! The post is clueful, no troll by JPMH (Score:2) Thursday June 21 2001, @12:20AM
  • He's right you know by Korgan (Score:1) Wednesday June 20 2001, @03:47PM
  • Re:Who else can control this chaos by Korgan (Score:1) Wednesday June 20 2001, @04:19PM
  • NC? (Score:4)

    by cadfael (103180) on Wednesday June 20 2001, @03:18PM (#136651) Homepage Journal
    I honestly doubt that NC's are the future that the author of the article does. Many of the app's that people cannot work without are rather large (and perhaps bloated). These often include Big Bad Bill's homegrown programs. I do not see a lot of development for the PC (I speak specifically of the Windows environment here) for the public that is smaller, tighter, faster code.

    Until NC's can deliver the same punch as a PC continuously (in terms of performance and customizability), people will continue to purchase PC's.


    -- The Hollow Man

  • Re:NC? by bockman (Score:2) Wednesday June 20 2001, @10:38PM
  • Essential service by infinite8s (Score:1) Thursday June 21 2001, @03:16AM
  • Re:As always, Cosmo said it best... by dciman (Score:1) Wednesday June 20 2001, @03:34PM
  • Re:MY money is one SOMEONE ELSE's safe. by Erik Fish (Score:1) Thursday June 21 2001, @07:44AM
  • Old stuff by aralin (Score:1) Wednesday June 20 2001, @03:19PM
  • These types of actions on Microsoft's behalf is exactly the reason why I bought an Apple iBook with OS X recently, learned how to use Unix over the last four years, and put a LINUX firewall between my Microsoft machines and the Internet--I don't trust M$ products enough to hang a Winbox's bare ass off the network like I would Linux or OpenBSD.

    I don't mean to sound like a Slashdot M$ basher. I have my reasons...

    I can't find the link right now, but Microsoft and the NSA have backdoors into your system. Microsoft doesn't deny NSA involvement, either.

    Given their past history, anyone who uses .NET is either ignorant, foolish, or just doesn't care.

    Where do you want to be violated today?

  • Re:Which means... by blue trane (Score:2) Wednesday June 20 2001, @11:39PM
  • Re:As always, Cosmo said it best... by SpookComix (Score:1) Wednesday June 20 2001, @06:32PM
  • Re:Other conclusions possible... by DarkProphet (Score:1) Wednesday June 20 2001, @04:09PM
  • Re:the appeal of a single sign on by p0et (Score:1) Wednesday June 20 2001, @05:19PM
  • Re:Forget the privacy implications by malfunct (Score:1) Wednesday June 20 2001, @04:42PM
  • Re:So name the open source alternatives by susano_otter (Score:2) Wednesday June 20 2001, @03:44PM
  • Re:Likelihood of .NET and hailstorm success is low by gengee (Score:2) Wednesday June 20 2001, @04:30PM
  • Moving house is not cheap. by yerricde (Score:1) Thursday June 21 2001, @06:10AM
  • Home users' data on remote servers? No. Thin pipe. by yerricde (Score:2) Thursday June 21 2001, @06:00AM
  • Identity Pods by szpak (Score:1) Thursday June 21 2001, @04:13AM
  • by DrXym (126579) on Wednesday June 20 2001, @03:25PM (#136668)
    If MS is selling authentication services, what are the open source equivalents?

    Surely someone somewhere in GPL land has written some code that let's you do what their passport software does. If so let's hear about it!

  • Re:the appeal of a single sign on by aswartz (Score:1) Thursday June 21 2001, @05:46AM
  • very, very humorous by small_dick (Score:2) Wednesday June 20 2001, @10:23PM
  • Re:not true by _Bean_ (Score:1) Wednesday June 20 2001, @07:00PM
  • So when you buy stock you also look at the past? by Otis_INF (Score:1) Wednesday June 20 2001, @11:43PM
  • Re:Smaller isn't impossible, just more difficult. by eMilkshake (Score:2) Thursday June 21 2001, @02:42AM
  • Re:Likelihood of .NET and hailstorm success is low by rgmoore (Score:2) Wednesday June 20 2001, @04:27PM
  • by abde (136025) <apoonawa-blog @ y a h oo.com> on Wednesday June 20 2001, @03:25PM (#136675) Homepage

    while I appreciate raising the alarm - this is an insightful piece - I couldn't help but wonder why he thinks NC would have been good under Sun's control. Clearly .NET will be a nightmare under the monopolistic control of M$ - but Sun is just as hungry for monopoly as Microsoft, and would hardly have shepherded the concept any more benevolently than M$ would. The NC *was* a failed concept and for good reason!

  • not true (Score:5)

    by Karrade (137360) on Wednesday June 20 2001, @04:14PM (#136676)
    I think MS has a good chance of making this happen. Its not a certainty but it is very possible. IMHO it all starts from the desktop monopoly.

    The key is that when Hailstorm gets integrated into applications (instead of being "on the web") people won't feel as uncomfortable with it. They won't even notice its happening.

    Imagine that some music distribution company offers a jukebox like system where you pay a small amount of money to instantly play a song. If they teamed up with MS, they could install this ability in MS Media Player to log you into Hailstorm so you could "securely" transmit finaical information neccesary to get the song. And the normal user barely even notices becasue all the info gets typed into regular windows dialog boxes that don't look anything like the "scary, unsafe" web. For the music industry its great because they don't have to worry about keeping user accounts and the security. For MS its great becasue they get money even though they have nothing to do with music. Hell, that might even make it easy for artists to directly charge for music. Easy distribution, and easy money collection. It works with anything. Like the MLB's plan to charge people for the game broadcasts.

    Its all perception. People get scared only when they take out their credit card and type it into the computer. Imagine MLB get you to type in your credit card just once into Hailstorm. From then on all you'll see is a dialog box that pops up saying "Do you want to buy this? YES NO" Peopel will just hit yes and barely think about. Since all the info is already in Hailstorm, you won't need to retype your cc.

    Once people are in the system and comfortable with it other companies will dive in. Make the same modification to Internet Explorer and then companies can sell you stuff over the internet using Hailstorm as the payment scheme (a la PayPal)Companies probably won't even give you any option other than paying via Hailstorm since its a lot easier for them.

    And this is exactly what the article is getting to. MS suddenly becomes the doorway to a whole host of services. In other words _everyone_ is dependant on MS. MS can raise prices however they see fit since comapanies would need the MS user db to conduct transactions.
  • the anti-UNIX by characterZer0 (Score:1) Wednesday June 20 2001, @03:48PM
  • by Wesley Felter (138342) <wesley@felter.org> on Thursday June 21 2001, @06:10PM (#136678) Homepage
    Yeah, but all that cool auto-managing software that NCs used could have run even better if it was installed on a real PC instead of an underpowered NC. Management is a software problem, so solve it with software, not hardware.
  • Can this be used..... by BiggestPOS (Score:1) Wednesday June 20 2001, @05:10PM
  • Re:As always, Cosmo said it best... by pyite (Score:1) Wednesday June 20 2001, @05:21PM
  • Re:I get 354K. by BetaJim (Score:1) Wednesday June 20 2001, @05:29PM
  • A really good point ... by Aceticon (Score:2) Thursday June 21 2001, @03:37AM
  • by fetta (141344) on Wednesday June 20 2001, @03:17PM (#136683) Homepage
    Having a single sign-on has real benefits from the point of view of a non-technical user. End users want the experience that Hailstorm theoretically offers (at least some of the time). They are tired of remembering dozens of separate password. Unfortunately, lots of people don't worry that much about the privacy implications.

    Is there a good open source alternative that can provide the same experience?
  • Re:.NET by Salsaman (Score:1) Thursday June 21 2001, @12:02AM
  • by Salsaman (141471) on Wednesday June 20 2001, @11:50PM (#136685) Homepage
    Let me introduce you to a novel concept - it's called 'paper and pen'.

    What you do is, whenever you register with a site, you write down your username and password in a little notebook.

    Don't actually write your password, just something to remind you what the password is.

    Amazing eh ?

    I think I'm going to patent the idea.

  • www.xns.org by sandgroper (Score:1) Thursday June 21 2001, @03:03AM
  • Re:Likelihood of .NET and hailstorm success is low by sparkane (Score:1) Wednesday June 20 2001, @05:34PM
  • Re:Likelihood of .NET and hailstorm success is low by sparkane (Score:1) Wednesday June 20 2001, @05:44PM
  • I see two possible outcomes... by nick_danger (Score:1) Thursday June 21 2001, @07:03AM
  • Who is Microsoft trying to sell .NET to? by Rhinobird (Score:1) Wednesday June 20 2001, @05:24PM
  • Not so! MSFT *is* going after open source by revbob (Score:2) Wednesday June 20 2001, @06:49PM
  • Re:As always, Cosmo said it best... by gilroy (Score:2) Thursday June 21 2001, @04:34AM
  • by gilroy (155262) on Wednesday June 20 2001, @03:16PM (#136693) Homepage Journal
    There's a war out there, old friend. A world war. And it's not about who's got the most bullets. It's about who controls the information. What we see and hear, how we work, what we think... it's all about the information!
    (from Sneakers [imdb.com]

    The film was about 10 years too early, but it amazes me how much it captured.

  • Re:Makes perfect sense, really. by Morbid Curiosity (Score:2) Wednesday June 20 2001, @04:41PM
  • by Morbid Curiosity (156888) on Wednesday June 20 2001, @03:21PM (#136695)

    If you can keep the appropriate people focussing their attention on trying to justify themselves, even against rather pointless and ineffectual attacks, they don't get quite as many people thinking "what are they up to?" as they would if they were just getting on with quietly rolling out their .NET plans - they're quite obviously whinging lamely about open source, right?

    By giving the more zealous and vocal open source advocates a giant red "Kick Me!" sign to fire at (and fire they will; the target's too good to pass up), then commentary on the other things they're doing might just get lost in the noise.

    Welcome to the Machiavellian world of PR. It's a lot more difficult to meta-moderate out there, and Microsoft is trolling.

  • Re:the appeal of a single sign on by the_olo (Score:1) Wednesday June 20 2001, @10:37PM
  • by Pinball Wizard (161942) on Wednesday June 20 2001, @03:43PM (#136697) Homepage Journal
    So, according to Petreley, NC's have withered on the vine because of a massive and insidious FUD campaign by Microsoft to spur everyone not to buy one.

    I'm sure the fact that you can buy a complete PC for what a NC cost had nothing to do with their demise.

    As far as .NET is concerned the issue of authentication is overblown a little. People seem to focus on the evil-looking parts of .NET like authentication services and ASP software, and forget about what .NET really is. It is a runtime, like Java, that can run code written in several different languages. That part of it will succeed. The authentication stuff however will go down the tubes just like the ASPs are doing now.

    There is not a widespread need for third-party authentication. Certainly not enough for there to be widespread services that everyone uses. The ASP model has failed to a large degree as well. If the 3rd party goes down(as MS has often done) or tanks as a business you are hosed. Most people won't risk this.

    The part of .NET that will succeed is the programming model, because it does solve a need for a lot of programmers.

    So what we have really is 2 .NET's, one which will succeed, and one which will not do so well.

  • Re:Likelihood of .NET and hailstorm success is low by elliotw (Score:1) Wednesday June 20 2001, @04:23PM
  • Re:Likelihood of .NET and hailstorm success is low by elliotw (Score:2) Wednesday June 20 2001, @04:21PM
  • Re:Do NOT follow fuckmicrosoft's advice... by loraksus (Score:1) Wednesday June 20 2001, @09:47PM
  • Lessons Learned by Bluesee (Score:2) Wednesday June 20 2001, @06:54PM
  • Need I even point this out... by cascadefx (Score:2) Thursday June 21 2001, @05:31AM
  • Re:Renamed: Or, just say the truth... by jaga~ (Score:1) Thursday June 21 2001, @07:33AM
  • Re:the appeal of a single sign on by ibirman (Score:1) Thursday June 21 2001, @04:32AM
  • Re:Why government is a *Good Thing* by danheskett (Score:1) Wednesday June 20 2001, @05:25PM
  • Keeping power local by wytcld (Score:1) Wednesday June 20 2001, @05:06PM
  • This is shameful by PyRoNeRd (Score:1) Thursday June 21 2001, @12:42AM
  • Re:This is shameful by PyRoNeRd (Score:1) Friday June 22 2001, @05:45AM
  • Re:NC? Diskless workstations + buzzword by JCCyC (Score:2) Thursday June 21 2001, @07:19AM
  • A different view of MS tactics by chompz (Score:1) Wednesday June 20 2001, @06:32PM
  • Re:Wrong! The post is clueful, no troll by CornfedPig (Score:1) Thursday June 21 2001, @05:50AM
  • What value is free speech if not found (heard)? by justin sane (Score:1) Thursday June 21 2001, @09:42AM
  • Re:Why I'm Not Using Windows Anymore by krystal_blade (Score:2) Wednesday June 20 2001, @06:50PM
  • Re:As always, Cosmo said it best... by Jim the Bad (Score:1) Thursday June 21 2001, @01:33AM
  • Um...FYI... by TheOutlawTorn (Score:1) Thursday June 21 2001, @03:17AM
  • Re:Likelihood of .NET and hailstorm success is low by sulli (Score:2) Wednesday June 20 2001, @04:49PM
  • Re:Sun is as bad as M$ by sulli (Score:2) Wednesday June 20 2001, @04:51PM
  • Re:Renamed: Or, just say the truth... by linzeal (Score:1) Thursday June 21 2001, @11:32AM
  • Re:the appeal of a single sign on by linzeal (Score:1) Thursday June 21 2001, @11:38AM
  • Power "needed" by jawtheshark (Score:1) Thursday June 21 2001, @12:21AM
  • Re:Power "needed" by jawtheshark (Score:1) Thursday June 21 2001, @11:59AM
  • Oh you whiner! by jawtheshark (Score:2) Thursday June 21 2001, @12:08AM
  • Re:blather by jchristopher (Score:1) Wednesday June 20 2001, @04:16PM
  • Monopolistic Integrity? by SuperBug (Score:1) Wednesday June 20 2001, @06:07PM
  • Bitter by Hagmonk (Score:1) Wednesday June 20 2001, @05:18PM
  • Re:Smaller isn't impossible, just more difficult. by groomed (Score:1) Wednesday June 20 2001, @04:37PM
  • Re:What on earth needs 350 meg!!! by groomed (Score:1) Thursday June 21 2001, @02:15AM
  • Re:Likelihood of .NET and hailstorm success is low by K45 (Score:1) Wednesday June 20 2001, @07:27PM
  • Re:blather by K45 (Score:1) Wednesday June 20 2001, @07:43PM
  • Re:NC? by Wildfire Darkstar (Score:1) Thursday June 21 2001, @04:10AM
  • Re:No, really, I insist. by GunFodder (Score:2) Wednesday June 20 2001, @04:37PM
  • Re:NC? (Score:3)

    by GunFodder (208805) on Wednesday June 20 2001, @04:00PM (#136732)
    The apps that I use the most are a browser, a media player, a text editor, an email client and a terminal. Only the text editor isn't specifically network-centric, although most of the files I edit are scattered across many computers.

    The NC isn't necessarily a terminal with no hard drive and a crummy processor. The central premise is that your data lives in a central location that you can access from anywhere. I would love to be able to access my MP3s from my car or edit code while kicking back at the beach. That is the power of the NC.

  • timing by evocate (Score:1) Wednesday June 20 2001, @03:52PM
  • Re:Which means... by evocate (Score:2) Thursday June 21 2001, @04:32AM
  • Re:How to crush .net by MrDBCooper (Score:1) Thursday June 21 2001, @02:36AM
  • mind-control ray by scum-e-bag (Score:1) Wednesday June 20 2001, @03:22PM
  • Re:OT: Miranda Case by update() (Score:1) Wednesday June 20 2001, @07:01PM
  • Re:Forget the privacy implications by update() (Score:2) Thursday June 21 2001, @05:32AM
  • by update() (217397) on Wednesday June 20 2001, @06:50PM (#136739) Homepage
    The very idea of a centralized single signon is moronic. I would hope that most people on /. realize that by now.

    Problem is that it's also moronic that next spring when I buy new seeds from Burpee, I'll have to either remember the password that I created in 1999 (and can't have sent to me because I'm at a new email address) or spend 10 minutes creating a new account and lose my history. Or that I find myself registering on sites as "jsngr8" or something like that because I've already created and lost 8 accounts there.

    I don't know what the answer is, and I sure hope it's not putting Microsoft in charge of a single unified login -- but the methods that made sense in 1996 just aren't going to cut it any more.

    Unsettling MOTD at my ISP.

  • Re:Forget the privacy implications by Auckerman (Score:2) Wednesday June 20 2001, @07:35PM
  • by charvolant (224858) on Wednesday June 20 2001, @03:58PM (#136741) Homepage
    There's a similar article called Why Microsoft is Wary of Open Source [cnet.com] by Joe Wilcox and Stephen Shankland on CNET [cnet.com].
  • ownership. by saintlupus (Score:2) Thursday June 21 2001, @06:06AM
  • Re:How to really sink Microsoft! by SpaceLifeForm (Score:1) Thursday June 21 2001, @11:01AM
  • Bill Gates going to meet his Waterloo? by StarTux (Score:1) Wednesday June 20 2001, @05:18PM
  • Re:Why government is a *Good Thing* by acceleriter (Score:1) Wednesday June 20 2001, @06:51PM
  • Do NOT follow fuckmicrosoft's advice... by Kasreyn (Score:2) Wednesday June 20 2001, @04:27PM
  • Re:Other conclusions possible... by quasar0 (Score:1) Wednesday June 20 2001, @07:22PM
  • Re:MicroSquish for authentication? by quasar0 (Score:1) Wednesday June 20 2001, @07:26PM
  • Re:Do NOT follow fuckmicrosoft's advice... by ffsnjb (Score:1) Thursday June 21 2001, @02:38AM
  • X-Box, PSII, etc... they're all NC! by nofud (Score:2) Wednesday June 20 2001, @11:59PM
  • Re:MicroSquish for authentication? by grammar fascist (Score:1) Wednesday June 20 2001, @08:59PM
  • .NET (Score:3)

    by corky6921 (240602) on Wednesday June 20 2001, @03:51PM (#136752) Homepage

    Funny, I was just reading an article by Bill Gates [microsoft.com] on .NET. The article explains .NET quite elegantly: "A company offering an online electronic-payment service can expose its service to partners, so that they can deliver it as part of their own offering -- regardless of what platform they are using."

    Of course, Microsoft will always push their platform as the "best" one to build Web services on. But I think we should applaud the fact that two major proprietary behemoths have finally started pushing "open standards" -- IBM and Microsoft. Don't forget how unrealistic this would have been only a few years ago.

    I think it's time to take a step back from all of this Microsoft-bashing and realize that at least we finally pushed them into a corner. They can't push a Windows-only solution anymore. Sun has cornered the market on "open standards" with Java. Microsoft HAS to counter -- as long as they keep pushing something Windows-only, they will lose customers.

    What we are seeing here is what we have been asking for all along -- "Microsoft, will you finally support standards?" Why is it that when they agree to support XML and SOAP, and at least do lip-service to the "open standards" idea, we continue to bash them and whine about how Sun did this 10 years ago?

  • Re:True Confession/Rant of Ex Microsoft User! by wizardguy (Score:1) Wednesday June 20 2001, @05:25PM
  • My data is already on a server at work... by SkimTony (Score:1) Thursday June 21 2001, @07:06AM
  • I'm not gonna do XP by DaHat (Score:1) Wednesday June 20 2001, @04:56PM
  • Re:don't get it by Lonath (Score:1) Thursday June 21 2001, @01:46AM
  • Why not start an open source verson? by bike_head (Score:1) Thursday June 21 2001, @09:14AM
  • History Repeating by Vortran (Score:1) Thursday June 21 2001, @05:10AM
  • Re:Which means... by jsse (Score:1) Wednesday June 20 2001, @04:59PM
  • Re:Two .NETs at issue here by jsse (Score:1) Wednesday June 20 2001, @05:17PM
  • Re:Who has MS convinced ?? by jsse (Score:1) Wednesday June 20 2001, @05:20PM
  • Re:Cluelessness abounds by jsse (Score:2) Wednesday June 20 2001, @08:07PM
  • by rfsayre (255559) on Wednesday June 20 2001, @03:52PM (#136763) Homepage
    I think this cat is overlooking how much M$ has done make the idea of NC-type operations palatable to consumers. I'm not a big fan, but they've done a couple useful things.

    1.) They make great web browsers. Sure, they've got privacy issues and they're closed, but they work pretty damn well. I type this from IE5 mac, which is a pleasure to use. Making web pages look as good as MS Word documents gives consumers confidence.

    2.) They run Hotmail. Everybody's used this at least once. It's a great example of data accessibility. Another great examlpe is Corbis.

    Another factor here is connectivity. There's much better and faster Net access now than there used to be. People couldn't see the benefit of NCs when all they had was 10base-T at work and modem everywhere else. At that time, NCs offered little benefit over carrying a floppy over to your co-worker's desk. With the spread of broadband, 802.11b, and faster ethernet, NCs are a much more practical idea.

    M$ is also launching services, rather than trying sell you what appears to be a shitty computer. I think this is pretty key. The problem with previous NC initiatives is that they were hardware based. A guiding principle of NC thought should be that "hardware matters little". So why in the world would Sun be interested?

    Art At Home [artathome.org]

  • Re:Scary - but it may be Microsoft's downfall by baptiste (Score:2) Thursday June 21 2001, @03:16AM
  • Lets be realistic here, is this really going to happen? Microsoft sure thinks so but maybe they're going to have another massive project blow up in their face (remember Bob?)

    The money is NOT with personal PCs - hell half are using pirated software anyway! Its the business customers. Well, do you think any IT Director with half a brain is going to suggest letting Microsoft a) handle authentication to their sensitive data nad b) allow that data to be stored @ microsoft? I didn't think so. Plus can you imagine the strain on the already overloaded internet pipes of most major companies? Same goes for personal users - till that last mile is fiber - well .NET will just be too slow.

    Now MS may make $$$ selling a .NET type package that runs on internal corporate PCs, but ala samba, we'll just emulate it was necessary while adhering to whatever standard comes out of all this.

    Personally, I agree with teh author one one point - the NC got shafted. From a corporate view it was an AWESOME idea. Having maanged PC deployments and disk images, etc it was awful. Being able to toss a cokie cutter box onto the network, hit power and it boots up based on serial # and user config - what a dream - too bad nobody could make it work right :(

  • Re:Why I'm Not Using Windows Anymore by BCGlorfindel (Score:1) Thursday June 21 2001, @04:55AM
  • Re:You know.. by Fuzion (Score:1) Wednesday June 20 2001, @04:58PM
  • Sun card readers by zerofoo (Score:1) Thursday June 21 2001, @04:42AM
  • Re:Cluelessness abounds by Zeinfeld (Score:2) Thursday June 21 2001, @08:30AM
  • by Zeinfeld (263942) on Wednesday June 20 2001, @05:36PM (#136770) Homepage
    The author of the article does not appear to know anything about .NET, authentication services or much else.

    Contrary to the discussions on this board .NET has nothing much in common with Sun's failled Network Computer. The Network Computer was nothing more than a new name for an X-Terminal that can run java apps and a browser locally. That Sun tried it as a bet-the-business strategy was the best corporate joke since the Sinclair C5.

    The Network computer concept was for desktop apps. It was an MIS manager's wet dream - take away the employees PCs and give them dumb terminals wired to the nice shiny mainframe. Back to the 1960s.

    Network Computers failed for the very good reason that MIS managers looking to torture their victims could do the same job much more cheaply with Citrix without buying Scott McNealy and Larry Ellison more fuel for their corporate jets.

    .NET is about information service access. It is the way to hook together e-commerce applications. It has zero to do with Suns clueless hardware platform.

    The only intersection between .NET and Sun's effort is that Microsoft has rolled out the JIT compiler technology and Java alternative as part of the package. Neither is core to the .NET idea, or for that matter Sun. C# is merely a logical cleanup of C++, there are some points of comparison to Java but all the ideas have been arround long before Sun used them. If Sun hadn't got all proprietary closed and legal Microsoft might not have created their own, but nobody can really blame them for not being beholden to a standard Sun police ownership of with lawyers.

    Hailstorm is only one small part of dotNET, getting all wound up about it is to miss the plot entirely. Gates is looking to take Oracle and SAP to the cleaners, Hailstorm is the smokescreen for that agenda.

    As for the GPL bashing being to divert attention from anything, the covert agenda there is more likely to ram home to the analysts the fact that Linux is putting Sun and Solaris out of business and the poor performance of Sun the past few quarters is probably reflecting that dynamic rather than an overall slowdown.

  • Re:Who is Microsoft trying to sell .NET to? by phpAbUser (Score:1) Wednesday June 20 2001, @11:24PM
  • Re:.NET by Zalbik (Score:1) Wednesday June 20 2001, @08:14PM
  • Re:Who has MS convinced ?? by Zalbik (Score:1) Wednesday June 20 2001, @08:18PM
  • dont u all see what his master plan is here?!?!?!? by the anti-MS guy (Score:1) Wednesday June 20 2001, @06:17PM
  • Re:Which means... by Ayende Rahien (Score:2) Thursday June 21 2001, @02:05AM
  • Re:Likelihood of .NET and hailstorm success is low by Ayende Rahien (Score:2) Thursday June 21 2001, @04:35AM
  • Re:the appeal of a single sign on by inbox (Score:1) Wednesday June 20 2001, @05:50PM
  • Re:NC? by inbox (Score:1) Wednesday June 20 2001, @05:57PM
  • Re:Which means... by inbox (Score:2) Wednesday June 20 2001, @05:44PM
  • Re:Likelihood of .NET and hailstorm success is low by kanayo (Score:1) Wednesday June 20 2001, @05:04PM
  • Re:Which means... (Score:3)

    by alcmena (312085) on Wednesday June 20 2001, @03:32PM (#136781) Journal
    Agreed, Microsoft is a big company. That's why when they enter new areas they're like a huge elephant: they go slow, but there isn't much that can stop 'em once they start moving.

    Smaller doesn't mean quicker though. Sticking to the same analogy, the smaller companies are more like mice. They can quickly dart back and forth, but obstacles can really slow them down.

    I firmly believe that Microsoft can be beaten. It's just important to remember that just because they're big and slow does not make them an easy target at all.
  • Re:the appeal of a single sign on by tb3 (Score:2) Thursday June 21 2001, @03:35AM
  • The NC isn't really a failed concept by hal9000(jr) (Score:1) Wednesday June 20 2001, @03:39PM
  • Re:*hehehehehe* by Lord Hugh Toppingham (Score:1) Thursday June 21 2001, @08:06AM
  • Re:Likelihood of .NET and hailstorm success is low by slashdot.org (Score:2) Wednesday June 20 2001, @03:37PM
  • Re:the appeal of a single sign on by Yorrike (Score:1) Wednesday June 20 2001, @05:11PM
  • Re:the appeal of a single sign on by kernalklink (Score:1) Thursday June 21 2001, @09:58AM
  • No, really, I insist. by CoachS (Score:1) Thursday June 21 2001, @01:39AM
  • by CoachS (324092) on Wednesday June 20 2001, @04:00PM (#136789) Homepage Journal
    The thing I didn't like about network computing and the thing I don't like about application service providers and the thing I won't like about .NET or other plans for centralized computing is...

    ...I don't want vendors deciding who will host the customer's (MY) data. I want to host my data. And my applications. I don't want to be wholly dependant upon the bandwidth provided by an outside vendor just to access my basic applications and data.

    Currently our enterprise provides applications and data to our users via a 100Mbit, switched, LAN with all of our cabling and physical plant under our direct control. No ISP can provide me with that kind of bandwidth on a cost-effective basis. If a switch goes down we know about it and can repair/replace it immediately. If it's too congested we can upgrade it when we're ready to -- we don't have to beg our provider and wait for them to call us back.

    I am very uneasy about allowing other organizations to completely control access to the data and applications we depend upon for our business. What happens when they goof up the billing and cut us off for 3 days because they think we didn't pay the bill? What happens when they misallocate our IP address and we get dropped off the network? I won't leave our company at the mercy of somebody else's clerical error any more than absolutely necessary.

    No. We'll keep our essential applications and data in-house. Thanks anyhow.

    -Coach-

  • Re:So name the open source alternatives by pa_jones (Score:1) Wednesday June 20 2001, @04:39PM
  • Re:The problem? by underpaidISPtech (Score:1) Wednesday June 20 2001, @05:07PM
  • blather (Score:5)

    by underpaidISPtech (409395) on Wednesday June 20 2001, @03:33PM (#136792) Homepage
    .Net is tasty and palatable because it has the MS marketing machine behind it. Pointy-heads and suits like to identify with products, and campaigns. .NET is just the thing. They will be much happier purchasing a complete solution is a snazzy, glossy box, with a snazzy, glossy label like ".NET IIAS Server 2002", than cobbling together gnusnorf 0.13beta and gnufroop-2.73 into a custom built app, that performs as well on hardware they already own.

    People like to shop, and companies like to drop down bucks on new hardware and shiny new CD's. Tarballs aren't sexy.

    As for blind-siding Open Source, pfft. That was just a headline-grabber, nothing more. Online news has discovered that to increase revenues, they need to get posted on /. Just mention the words Microsift and Linux in the same sentence. C'mon, a full third of this clown's article was devoted to touting his awesome prophetic powers from back in the day.

  • The security problem of centralized NC by The Milky Bar Kid (Score:1) Wednesday June 20 2001, @04:48PM
  • Re:More government control...? by Thurn und Taxis (Score:1) Thursday June 21 2001, @08:09PM
  • by Thurn und Taxis (411165) on Wednesday June 20 2001, @04:43PM (#136795) Homepage
    There's an easy way to prevent Microsoft from controlling our identities. Let the government(s) control them instead. They control our identities now, by issuing licenses and passports. When was the last time you tried to buy a bottle of single-malt scotch with your MSCE certificate as ID? The way to stop Microsoft from controlling our identities is to convince at least one US state government to legislate the online identification of its citizens. Once digital identification is claimed as a right of the states in the US, it's taken out of the hands of M$. That's gotta be a step up, right?

    You ARE the Missing Link. Goodbye!
  • Brazil by foobar2222 (Score:1) Friday June 22 2001, @02:06PM
  • Re:NC? by slaida1 (Score:1) Wednesday June 20 2001, @11:35PM
  • Re:NC? (Score:4)

    by Professor J Frink (412307) on Wednesday June 20 2001, @03:51PM (#136798) Homepage
    Until NC's can deliver the same punch as a PC continuously (in terms of performance and customizability), people will continue to purchase PC's.

    Erm, wouldn't a powerful customizable NC just be a PC anyway?

    Think how many people just want to read email, use a web browser and maybe write something in a word processor or let the kids draw pictures etc, at most. Make something cheap and powerful to do that and it should meet those people's needs.

    The problem is education as always. People seem to be of the idea (maybe through the much greater advertising) that you need a huge, powerful PC to get the best out of the "web" or "multimedia". Rubbish, people were doing both very well indeed on the PCs of yesterday, which are likely to be about the same power as a modern NC. Plus with NCs being more limited in scope (which has to be stressed isn't a bad thing, your video only records and plays things for example but it does them well) they can be set up and coded tighter than the general, allpurpose PC.

    NCs. They should be an ideal, cheap addition to any home, but PC arrogance and ignorance is kinda getting in the way...

    And don't ask me if I'd buy one because of course I wouldn't. I'm an intelligent geek and therefore represent a very small minority of the world population. Why try to force people to become geeks to use our hardware when they can stay as they are and use something designed for them?

  • Re:NC? by rudy_wayne (Score:1) Wednesday June 20 2001, @04:19PM
  • Re:Renamed: Or, just say the truth... by Tech187 (Score:1) Thursday June 21 2001, @05:03AM
  • Re:Petreley's by Tech187 (Score:1) Thursday June 21 2001, @05:14AM
  • Re:Forget the privacy implications by Tech187 (Score:1) Thursday June 21 2001, @05:19AM
  • Re:Say it enough, they'll listen by haruharaharu (Score:1) Wednesday June 20 2001, @03:55PM
  • Re:Sun is as bad as M$ by haruharaharu (Score:1) Wednesday June 20 2001, @03:58PM
  • Hang on.... by bullitB (Score:1) Wednesday June 20 2001, @07:17PM
  • I wonder... by factor-C (Score:1) Wednesday June 20 2001, @10:42PM
  • not quite NC by decathexis (Score:1) Wednesday June 20 2001, @08:16PM
  • If this were true by hyehye (Score:1) Wednesday June 20 2001, @05:26PM
  • Weird by Ubi_UK (Score:2) Friday June 22 2001, @02:06AM
  • by james(honest) (452503) on Thursday June 21 2001, @03:53AM (#136810)

    Absolutely Authentication is the key to everything.

    Most computer users do not want to remember a bunch of passwords.

    Most users will use an easy system despite rumoured risks.

    Most computer users do not understand nor care about the security risks

    Most computer users, when it comes to privacy, trust big corporations more than they trust their own government and certainly more than "evil hackers".

    "There is not a widespread need for third-party authentication." There is.

    The article was dead on about Authentication, but all /. can focus on was how it is wrong about NCs. What an irony.

    Most web developers are troubled by finding good solutions to authenticating users, and will use a drop-in solution if it is available, especially if it makes Microsoft liable for errors (or if users have given up all rights by using Passport because of the EULA).

    I'd like to respond to various postings I've read here. Whatever your opinions on Network Computing, the article is dead on about Authentication. First, it is the key to monopoly. Second, we are all incredibly easily diverted. We are all failing to get the message about the GPL attack being a diversion because we are all diverted by the NC message in the very article calling our attention to the divertion!

    I use the computer a lot. I use it for online banking on all my bank accounts. I use it for bying all my hardware, my CDs, and my books. I am sick sick sick of remembering passwords and I will embrace any technology where the relative risk of putting my credit card details online offsets the day-to-day drudgery of typing in my details every day. Since all my credit cards have online fraud protection, I dont see any problem putting my details into hailstorm. Or rather, I dont see any more problem with it than I do with my Ralphs grocery store card recording what I buy to eat. And neither will most people.

    On security, the average user doesnt share our concerns because they literally do not understand what you are saying. jcr says, "Like I'm going to trust an outfit that puts a Turing-complete interpreter in a MAIL CLIENT, and gives it full access to both the filesystem and the outgoing mail queue for ANYTHING related to security." My Dad does not know what you are talking about. My Dad does, however, use online banking.

    Now, as a web developer, I have the problem of logging in users and managing sensitive personal data. If I make it to easy for someone who has forgotten their password to get back in, then I run the risk of letting in the wrong person and giving out (in our case) very personal details. If I make it to hard, those same valuable details will suddenly be lost to the legitimate owner, negating their time and investment. One solution is to have a very thorough and very expensive customer support team. A second solution is give up authentication to Microsoft, thereby making Microsoft liable for any breaches. As a business, the ability to give up accountability and hence responsibility is far more valuable than the time and effort I save on development.

    So, what is the alternative?

    An alternative to Microsoft's hailstorm is one that does basically the same thing but allows for more than one service provider. The service providers then agree to trust each other or not. Just like my local grocery store doesnt take American Express, sure Amazon's IAA server might not take one of my credentials, but I do have another.

    Who do you trust with these details? Who has servers to host these services? Where is the software? ISPs and banks. Whether banks would agree to store logons to other banks is a question for them, but they'd soon see the value when faced with competition. Just like my Wells Fargo VISA payment system will accept cards from Mastercard and other VISA banks, similarly my Wells Fargo IAA server will accept authentications from Union Bank.

    The question is what software will this be running on, and will it be open source/gpl? It makes sense to be, since open source is much more secure. Plus, it would be nice if people could start their own servers. They might not be trusted by mainstream servers, but they would be trusted by each other.

    Jamie

  • Attack? by SilentChris (Score:1) Wednesday June 20 2001, @06:54PM
  • Say it enough, they'll listen by jeffy124 (Score:1) Wednesday June 20 2001, @03:15PM
  • Re:the appeal of a single sign on by jeffy124 (Score:1) Wednesday June 20 2001, @03:27PM
  • Re:the appeal of a single sign on by jeffy124 (Score:1) Wednesday June 20 2001, @03:48PM
  • Re:So name the open source alternatives by jeffy124 (Score:1) Wednesday June 20 2001, @03:55PM
  • Re:So name the open source alternatives by jeffy124 (Score:2) Wednesday June 20 2001, @03:41PM
  • Re:Scary - but it may be Microsoft's downfall by banshee2000 (Score:1) Wednesday June 20 2001, @05:29PM
  • A lie repeated often enough... by then, it was nigh (Score:1) Thursday June 21 2001, @05:30AM
  • Re:A lie repeated often enough... by then, it was nigh (Score:1) Friday June 29 2001, @05:29AM
  • Re:the appeal of a single sign on by Anomolous Cow Herd (Score:1) Wednesday June 20 2001, @05:02PM
  • Re:Forget the privacy implications by Anomolous Cow Herd (Score:1) Wednesday June 20 2001, @05:06PM
  • Re:I get 354K. by klui (Score:1) Wednesday June 20 2001, @05:50PM
  • Re:not true by klui (Score:1) Wednesday June 20 2001, @05:56PM
  • Same old, same old by return 42 (Score:1) Wednesday June 20 2001, @05:21PM
  • Re:the appeal of a single sign on by baumanj (Score:2) Wednesday June 20 2001, @06:59PM
  • More government control...? by norcal (Score:1) Wednesday June 20 2001, @05:29PM
  • why? by thejustice (Score:1) Wednesday June 20 2001, @09:45PM
  • True Confession/Rant of Ex Microsoft User! by exMicrosoftJunkie (Score:2) Wednesday June 20 2001, @04:36PM
  • Re:A lie repeated often enough... by saintsfanbrian (Score:1) Thursday June 28 2001, @06:43AM
(1) | 2 | 3 | 4 | 5