So apparently to some in the identity community having someone use your debit/credit card number is not “really” identity theft.
This is how I see it. The Bank ‘issues’ me an identifier – or an identity.
It is the card that i get from them – when I present it and enter in my pin they know I am me. This is my identity in relationship to them. (every time I go see a teller I must swipe my card and enter my PIN).
So when someone takes that identity given to me by my bank (and uses it fraudulently) THIS IS IDENTITY THEFT.
It turns out the bank had me fill out the wrong forms and today I had to fill out different ones (another 30 min later). Apparently with debit card fraud I will get a response within 10 days about the situation.
I am off to Portland tomorrow for recent changes camp with a giant wad of travelers cheques to get by sans card that works in machine.
ID Topics
Kim Cameron's Panel about Identity @ SD Forum
This is from the SD Forum on Interoperability January 31, 2006.
Prateek Mishra – Oracle
What is the identity problem?
It is stuck in a few places at employwer, bank and you want to
how does your identity get from your identity provider – the places were you have defined your identity to all these business processes and services.
We want to do this across the internet. There is the protocol piece – we know how to transmit identity from point a to point b this is solved…
Governence models how to transfer identity in trusted ways from point a to point b. Folks like Liberty Alliance have white papers and frameworks for this. This is a non-trivial problem. How you maintain and create governance?
How do you have normal folks sitting at their computers manage their identities in intuitive ways. How do they have a tool
Identity is stuck it wants to be free.
Protocol – Token Representaiton – solved
Governence and Infrastructure – somewhat solved
How does a person leverage these multiple identities?
Kim Cameron – fan of SAML and Liberty
As we move to more interconnected set of systems we need an identity layer. When you have an architectural whole of this magnitude you have a huge number of kludges.
Meta System
Users have no way of predicting how they should work – knowing when they are in danger.
old days fighting over token rings vs. ethernet – we got TCP/IP that encapsulated both.
We need a metasystem (I got a tiny bit distracted here, sorry. So the transcription is not perfect)
Karen Wendel, Identrus
Metasystem – single interface from an identity perspective.
Everyone has a visa card – that folks each having a card for each store. The industry would be stuck without interoperable.
Rules used consistently throughout the world.
VISA would take responsibility for legal, technical and policy issues.
Identrus was owned by the banks. Your identity will be given to you. It takes responsibility around the policy stuff. Legal aspects of your identity – dispute resolution. Liability of relying party who maintains it and lifecycle. We run this network and commonality on global basis.
(from there website) Identrus provides the global standard for identity authentication.
As communications expand and the world shrinks, knowing who’s who in the electronic universe becomes vital.
Identrus offers a full range of technology and services that support every aspect of safe eTransactions.
Rena Mears, Deloitte
Access – from a privacy point of view is different from access from a security point of view
Assertions and Claims are different
Kim Cameron..
Claims are assertions which are in doubt
everything being claimed has to be doubted so we can establish trust.
They considered using Claims but it would have become SCML (scammel)
It is to the benefit to the SAML make things secure in the browser. Shibboleth the hardest thing is home site discovery – infocards visual representation and
pick one of the 5000 higher education institutions…
or pick ‘your’ university identity.
Identrus: This is what we would call an identity provider.
Kim:
SAML is the transport language
SAML is used between a portal and services to the portal.
I propose we have new ways of the user authenticating to the portal.
The systems still exist.
Karen:
What constitutes and identity and the needs for security.
How does language play in this space – there are a lot of different models – identity is not the same as authentication or security.
problem blending identity and security – PKI
you get these people
Kim:
anyone who works with a protocol they get infected by the protocol and their vision blurs and and narrows.
We need more fanatics about protocols
Identrus:
one of the challenges for us as a community – identity does more then authenticate – sign things and create legal contracts – engage in business transactions, incur liability and regulatory transactions.
you can’t look at the papers and not see an inherent relationship between identity and security.
Rena:
Who has stepped up to be the binder of identity to the individual.
Prateek:
there is not such thing as single monlithic identity
there are multiple notions of identity useful for different contexts
Shibolith context higher education
Identrus is a context and a governance model
We like Infocards if we could use it when we get to the line in the spec it says Identity provider discovery – out of band
authentication is out of band for SAML
Karen:
everyone is bound by
the bank that issues the identity to the person
the bank binds to the person – labile to up to 10 million dollars
issued within all the legal requirements
there all these pockets of identity – the level of binding – between issuer and relying party – it does not transfer through the bridge structure.
A lot of the federated model you don’t have that level of binding between the parties.
We will work with the bridges and it is a different element.
Kim:
The government – thinking of itself as the ‘binding’ authority – reasons for relative autonomy.
Belgium a national identity card – but no card readers
One group was the association of mayors – they were now being asked to sign their legal documents with their individual citizen identity – they used to sign their documents with a stamp of their office – we must think of roles.
Kim:
The issue is PRIVACY.
the characteristics that really respects privacy are the characteristics of a system that really is difficult to penetrate.
All of the identity issues – any initiative that takes this forward we should all applaud.
Down with Buddy lists….
Jazz, an application that provides audio messaging to yet another circle of friends. More invites….more buddy lists….
There were so many identity silos at the etel.
Each phone handset has one for address books –
- Motorola,
- Nokia
Telecom Incumbents
- Orange(france telecom),
- British Telecom
Cool “apps”
- YackPack
Jazz
The Incumbent internet players
- ebay/Paypal/skype [PESk]
- Yahoo!
- Google (using Jabber)
- Microsoft
Who is that Person? Firefox extension
I just found out about this Firefox extension by Ted Rheingold of Dogster Fame called who is that person.
I posted my first Firefox extension. It’s called ‘Whois This Person’ and it’s a simple little right-click menu item which will query any name you’ve highlighted against LinkedIn, Wikipedia, Technorati, GoogleNews, Yahoo Person Search, TailRank as well as some family and address sites. It’s not gonna change the world, but it may save some seconds here and there.
After you confirm who you are, you may log in.
This is the message that I got today when I logged into a new collaborative atlas site Platial.
Thank you, we have sent you an email to confirm you are you. After you confirm who you are, you may log in.
All sending you an e-mail and clicking on a link does is prove that you own that e-mail address.
User-centric services have for UUID’s (universally Unique identifier) linked to real people. I had a conversation with one of the lead technical people on this project and they are in a bit of a bind without being able to access third party identity servers. They don’t want to ask people for their login to Yahoo, MSN, Flickr etc. but services like Mobido do this and (young) people give them to use.
There now doubt in my mind there is a market need for these services.
Technorati Tags: identity, geolocation, UUID
Interent 2.0 – deep cultural consequences
I have been reading Sherry Turkles book Life on the Screen: Identity in the Age of the Internet. The ironic thing is that it was written in 1995 before the Web really took off and became mainstream. I am going to finish it over my retreat. So far she has gotten me to reflect on the nature of our relationship to machines and how children growing up relate to machines. She has been studying their interaction with them over several decades and in different cultural contexts. I am reminded her work when reading Internet 2.0: the economic, social and cultural consequences of the new Internet
There are 4 levels to this model.
Disintermediation, Long Tail – which are concepts in wide circulation already. When it gets interesting is around Reformation and Continuous Presence.
The Internet is a reformation machine. It will create new fundamentals of and for our world. It change the units of analysis and the relationships between them
I think it does a good job of articulating the challenge to the ‘shape’ of our cultural dynamic.
The reformation model says fundamental categories of our culture (particularly the self and the group and the terms with which we think about them) are changing…. This is a change in the basic terms of reference, the very internal blue print with which we understand and construct the world.
Continuous Presence
One way to assess innovations is to make a guess about where we are headed. I think our economic, social and cultural destination might be this: we will be continuously connected to all knowledge and all people with a minimum of friction, and priviledge will be measured, in part, by how good are the filters with which we make contact with all but only the people and knowledge we care about.
Corporate Brand Identity GAP
Ed Batista posted this link to a GAP ad that was not widely distributed. The staff and customers destroy the store. It is quite entertaining.
The GAP Identity today:
The Gap has become the transparent background music of fashion–the aesthetic you never see because it’s everywhere (and thus effortless to imitate, undercut or adapt.) I like expansive, dramatic gestures–even when they fail, you have a lot more fun making the attempt–and I’d love to see The Gap destroy its increasingly-meaningless brand in order to save it–but I’m hard-pressed trying to think of a big retailer that’s pulled off a similar trick.
Ed reflects on the evolution of GAP’s identity:
At 38, I’m old enough to remember The Gap’s two-stage transformation, first from off-brand denim outlet to cooler-than-Levi’s, and then on to world domination via sort-of-preppy, sort-of-hip GeneriClothes. But a fundamental problem they face now is that the market’s fragmented out from under them, and fewer people want to wear GeneriClothes these days–we’re all pursuing our individual style muses.
USAToday reports: possible regulation of data collection
“Google could easily become the poster child for a national public movement to regulate data collection,” says Jeff Chester, head of the Center for Digital Democracy, a privacy advocate.
Unbeknownst to many users, privacy advocates like Chester say, Google’s technology gives it enormous power to collect data on the interests and online habits of millions of Web surfers.
Google stores every user’s searches in its growing database and index of websites, maps, photographs and other documents. Its free e-mail program, Gmail, stores all user messages — including deleted ones — forever.
Type someone’s name or phone number into Google’s search box and you’ll likely turn up a home address, allowing you to see an aerial photo of their house from the Google Earth satellite photo service, started last year.
Daniel Brandt in San Antonio, creator of the Google-Watch.org website, worries that law enforcement authorities or repressive foreign governments could demand access to Google’s database to examine users’ surfing habits.
“Google will become bigger and bigger, and they will be a massive problem in terms of Internet privacy,” Brandt says.
The Senate Judiciary Committee last month passed a data privacy bill that goes to the full Senate. The bill, whose sponsors include Arlen Specter, R-Pa., and Dianne Feinstein, D-Calif., would regulate data brokers, force more security and increase penalties for identity theft.
A breach of Google’s database could be a catalyst for more lawmaker attention. “That would be the Tylenol scare to end all Tylenol scares at Google,” Battelle says.
My Data, My Identity, My bookmarks, My pictures
This news just out.
Yahoo Bought Delicious.
Now I am not sure how I feel about this. Now they own two of the major tagging sites.
These are my tags on my photos and my bookmarks. How can we get out of pattern giant identity silos buying up other services? I want an integrated Identity on the web that I manage weaving together tools and services that are useful to me not just handy cause they are in one of the mega silos.
Hopefully they will avoid the major faux-pas that happened with Flickr where they asked users to to enter a yahoo ID instead of their existing Flickr account.
Open CMS Summit
The guys at Bryght (they are really bright) are organizing an Open CMS Summit in February. It is a great idea. (They have on their list of things to talk about ‘identity and authentication – in fact it is on the top of their list. RIGHT ON)
I would like to ad and expand on the list. These communities coming together are diverse and have a range of needs. It is not just ‘developers’ coming together to code together.
- Small business owners who are building businesses based on these platforms. This community has needs to address real client needs that can sometimes be overlooked by the ‘core’ developers – I hope we can create a space for these real issues to be surfaced and action to be taken.
- Individual developers who work on contract for a range of projects.
- designers who have a skill set to build sites.
- User experience people who have an enourmous amount to contribute (the FLOSS Usability sprints have gone a long way to addressing the wide gap between open source and usability.)
- Project managers that pull teams together with a whole variety of skill sets.
- Folks developing platform in specific niches that have real gifts to bring the community – remember that the margins are where the really interesting things.
Face time amongst this diverse groups needs to be used to
- Develop vision about the platform – this will help the community develop consensus and confidence in the platforms survival
- Listening to emerging needs that end users and communities using those platforms and weaving those into development roadmaps
- Learning about usability and how to meet weave this into development roadmaps
- Business models for businesses? how do we make money to eat, feed those who work for us and better yet THRIVE?
- How do we share information about development we are working on? (a new module or feature that others might also need to develop)
- What are the collaborative flows that really support the core development and meet their business goals.
Technorati Tags: Bryght, Drupal, identity, nptech, Opensource, usability
R0ml is up on IT Conversations!!!
Ever since OSCON I have been waiting for his talk The Semasiology of Open Source (Part 2) to be posted. R0ml is one of those presentation as performance art guys I have mentioned in my blog before. This is a three part presentation it seems happening over three years. Part 1 is here.
Here is the blurb from IT Conversations it is VERY Philisophical.
Computer source code has words and sentence structure like actual prose or even poetry. Writing code for the computer is like writing an essay. It should be written for other people to read, understand and modify. These are some of the thoughts behind literate programming proposed by Donald Knuth. This is also one of the ideas behind Open Source.
“Open Source” is a phrase like “Object Oriented” – weird at first, but when it became popular, the meaning began to depend on the context of the speaker or listener. “Object Oriented” meant that PERL, C++, Java, Smalltalk, Basic and the newest version of Cobol are all “Object Oriented” – for some specific definition of “Object Oriented”. Similar is the case of the phrase “Open Source”.
In Part 1, Lefkowitz talked about the shift of the meaning of “Open Source” away from any reference to the actual “source code,” and more towards other phases of the software development life cycle. In Part II, he returns to the consideration of the relationship between “open source” and the actual “source code,” and reflects upon both the way forward and the road behind, drawing inspiration from Charlemagne, King Louis XIV, Donald Knuth, and others.
on a business panel
In about an hour I will be up on stage at the Symposium on Social Architecture talking about the future of business and social software. In a way I am a perfect example of how these new tools have shaped a work life. I have had limited experience working in offices – those I did work in were tiny dysfunctional nonprofits. I got into social software to address the challenges these organizations have supporting their members staying connected after they met in person. Researching what I needed to know to build tools for my community I read the Augmented Social Network: Building Trust and Identity into the Next Generation Internet. It was hugely influential on my thinking and totally inspired me. I have been working since reading it to share its ideas and work for its manifestation.
I have been working “virtually” for three years using social software tools – basically via e-mail, wiki’s, conference calls, in person meetings and showing up at events/conferences. Both on behalf of Planetwork and as Identity Woman working for the ecology of folks using eXtensible Resource Identifiers [XRI] (i-names) and and XRI Data Interchange [XDI] to really build the Augmented Social Network.
The ASN paper has a focus on civil society uses of the internet. The principles of user controlled identity are at its core and have implications for business and how trusted deep relationships between buyers and sellers, costumers and companies can open up new opportunities. Here are some critical excerpts
Four main elements of ASNPersistent Identity
Enabling individuals online to maintain a persistent identity as they move between different Internet communities, and to have personal control over that identity. This identity should be multifarious and ambiguous (as identity is in life itself), capable of reflecting an endless variety of interests, needs, desires, and relationships. It should not be reduced to a recitation of our purchase preferences, since who we are can not be reduced to what we buy.
Interoperability Between Online Communities
People should be able to cross easily between online communities under narrowly defined circumstances, just as in life we can move from one social network to another. Protocols and standards need to be developed and adopted to enable this interoperability. This interoperability should include the ability to identify and contact others with shared affinities or complementary capabilities, and to share digital media with them, enabling valuable information to pass from one online community to the next in an efficient manner. To support ASN-type activity, modularized enhancements to the technical infrastructures of separate online communities will need to be developed and adopted.
Brokered Relationships
Using databased information, online brokers (both automated and “live”) should be able to facilitate the introduction between people who share affinities and/or complementary capabilities and are seeking to make connections. In this manner, the proverbial “six degrees of separation” can be collapsed to one, two or three degrees — in a way that is both effective and that respects privacy. Such a system of brokered relationships should also enable people to find information or media that is of interest to them, through the recommendations of trusted third parties.
Public Interest Matching Technologies
The Semantic Web is perhaps the best known effort to create a global “dictionary” of shared terms to facilitate finding information online that is of interest to you. Within the ASN, a public interest initiative around matching technologies, including ontologies and taxonomies, will enable you to find other people with whom you share affinities — no matter which online communities they belong to. These matching technologies need to be broad and robust enough to include the full range of political discussion about issues of public interest. They should not be confined to commercial or narrowly academic topics; NGOs and other public interest entities need to be represented in the process that determines these matching technologies.
__________________
Building your online identity
Underlying this report is the assumption that every individual ought to have the right to control his or her own online identity. You should be able to decide what information about yourself is collected as part of your digital profile, and of that information, who has access to different aspects of it. Certainly, you should be able to read the complete contents of your own digital profile at any time. An online identity should be maintained as a capability that gives the user many forms of control. Without flexible access and control, trust in the system of federated network identity will be minimal.
To date, online identity is treated the same way as an individual’s credit history — as information that exists as a result of commercial transactions, and so is the proprietary data of the company that captures it. These companies then have the legal right to do with this data as they see fit, including making it available to massive databases that centralize this information for resale. At the same time, your rights as a citizen to access and effect this same information are limited — as anyone who has ever had to sort out errors in his official credit history can attest.
A digital profile is not treated as the formal extension of the person it represents. But if this crucial data about you is not owned by you, what right do you have to manage its use? At the moment, it seems, this right would have to be granted by the corporations that have captured your data for their own purposes. They may perhaps choose to give you a measure of control over what they do with it. But as long it is their choice to grant you control, rather than your right as a citizen to assert control, the potential for abuse is of grave concern. Just as overly burdensome intellectual property laws threaten to dampen innovation on the Internet, as Lawrence Lessig has described, legacy twentieth century laws regarding proprietary information about “customers” could undermine efforts to create a civil society-oriented persistent identity. This could, in turn, strictly limit the forms of trusted relationships that might take place online.
The digital profiles that Internet stores like Amazon have developed of their customers follow a common pattern. Have you ever seen the information about your sales history that Amazon bases its personal recommendations on? Not to suggest that Amazon is a nefarious organization, or that it uses what it learns about customers in an improper way. But you cannot gain access to your Amazon profile, even if you wanted to. Nor do you even have the right to ask for it. Today, for most people, this does not pose a problem. Most of us are glad to get Amazon’s recommendations (sometimes they are even useful). But a decade hence, as the tools for creating online profiles become far more sophisticated, and stores like Amazon cross-reference their proprietary customer information with that of thousands of other companies, we will be in a very different territory.
Let’s take a moment to consider the ways that data about you can be gathered and entered into a digital profile. There are basically three:
First, as with the Amazon example, your online decisions can be traced, entered into a database, and interpreted according to a pre-determined algorithm. This form of automated information gathering, by compiling a database of significant actions, is the most unobtrusive way to build a profile. At the same time, you — the profile subject — may be unaware that your actions are being followed and interpreted in this way. It is important that ethical standards are established so that you know when your behavior is being tracked, and when it isn’t. Moreover, you should be aware who is tracking your behavior, and what they will do with that information. Most importantly, you should always be given the option to not have your behavior tracked — this option should be a fundamental right in a free society. By tracked we mean the recording and retention of activity that is retained beyond a certain time limit, transferred to others, and/or retained for future use.
Secondly, you can deliberately enter information about yourself into a digital profile. For example, some online communities have complex registration forms that each new member must fill out in order to participate. Once a member makes clear that she prefers Bob Dylan and Tom Waits to N’Synch and Britiney Spears, she is then led into an online discussion area with others who expressed similar interests. The advantage to profiles compiled like this is that you know exactly what you have chosen to express about yourself, and what you have not. The downside, however, is that filling out forms is cumbersome; most of us prefer to avoid doing it.
The third method is perhaps the most traditional form of information gathering, and least preferred: Having others report on your actions without your knowledge. Depending on who controls your digital profile, and how it is used, this method might play a minimal role in federated network identity, or it might be central to it. The more control each individual has over his or her own profile, however, the less likely it is that undesirable or unnecessary reports by others will be a key element. A user should have some ability to determine under what circumstances other people’s opinions about his actions might precede him when he enters new situations.
Again, ethical standards need to be agreed to that protect citizens against abuses of this kind, which the technology could easily facilitate.
Technorati Tags: corantessa
Web Wariness is real
Web Users Increasingly Wary. This article articulates the challenge we face.
THE PROSPECT OF IDENTITY THEFT has led the majority of online users–53 percent–to stop giving out personal information online, according to a study released Wednesday by Consumer Reports WebWatch. Additionally, 30 percent of consumers report reducing their overall use of the Web, while 25 percent say they no longer make online purchases, according to WebWatch. The report, “Leap of Faith: Using the Internet Despite the Dangers,” was based on a survey of 1,501 online adults, conducted earlier this year.
The insecure keys to our castles SSNs
This was on Slashdot today and highlighted again the main problem the identifier SSN and the password to access accounts and other critical information in our lives is THE SAME. This is a structural problem created by our ubiquitous use of SSN. This needs to be addressed by government, employers and the commercial sector.
“Many of us that work in the financial sector are bombarded with daily security threats. One of the biggest these days is Identity Theft. My fellow comrades and I have been really grilling each other on differing scenarios on what could be done with what information. However, it all seems to come back the the Social Security Number. Financial companies have other controls in place (customer service verification checking, account passwords, etc) to ensure identification. But in order to be of any use, a bad guy would really need someone’s SSN. Absent of that, other information would be useless. Right? That’s what I would like to ask Slashdot folks. What could be realistically done with customer information without a SSN? Account numbers, address, maybe a phone or payment amount. Is that really dangerous to the customer if only those get compromised?”
identity of the dead – digital afterlife experiences
Dana Boyde posted this about events unfolding surrounding the death of Christine Dao a Junior at Berkeley this week.
There is no good way to mourn the loss of someone young, but what fascinates me about these messages on Christine’s Profiles is that they are all written to her but visible for everyone to see. A persistent, public signal of mourning. Her friends are speaking _to_ her, not about her…What does it mean to write persistent comments for the dead? Is it a sign of respect, of public remembrance? I hope so. Rest in peace Christine.
I wonder how our mourning rituals will change as we become more ‘presence on the web? How will our digital identities live on.
My mother passed away almost 11 years ago now (the year before I was a freshman at Cal [Berkeley]). If you google for her she does not exist in that medium. I have thought several times over the years about making an online memorial to her and the work that she did. Inviting those who knew her to perhaps reflect publicly on her life and the impact that she had on them.
Riya – face recongnizing Flickr
One of the cool apps that was shared for the first time at Tagcamp was Riya. It does face recognition in your photos an saves you the trouble of tagging them. They do import and export of metadata on photos.
I am a bit worried about the privacy implications.
Marco Barulli thinks the face recongnition part should be used to support SSO.
Web 2.0 round up …
Web 2.0 was fun. The acoustics sucked (we had to yell to talk to each other at breaks the venue was sooo maxed out). The coolest things were:
Zimbra – The open source collaboration suite.
Transparensee – Discovery Search Engine that sorts results as you move little sliders.
Wink – The social search engine.
zvents – Discover events in your neighborhood.
Attention Trust – You Own: Yourself; Your data; Your attention.
Your Rights: When you give your attention to sites that adhere to the AttentionTrust, these rights are guaranteed.
Property: You own your attention and can store it wherever you wish. You have CONTROL.
Mobility: You can securely move your attention wherever you want whenever you want to. You have the ability to TRANSFER your attention.
Economy: You can pay attention to whomever you wish and receive value in return. Your attention has WORTH.
Transparency: You can see exactly how your attention is being used. You can DECIDE who you trust.
Dumbest thing said on the stage:
Bary Diller dismissed the idea that citizens with blogs and video editing software were major threats to the entertainment industry. “There is not that much talent in the world,” Diller said. “There are very few people in very few closets in very few rooms that are really talented and can’t get out.” “People with talent and expertise at making entertainment products are not going to be displaced by 1,800 people coming up with their videos that they think are going to have an appeal.” (this is excerted from Andreas Duss)
To top it off it was Echoed by Vinod Khosla the next day. I guess the big boys don’t really get it – it is like . The cool kids do so…watch out.
Reminds me of this story about denial that I just read in FAST COMPANY (one of my FAVORITE magazines)
Jon Wilkins had just finished telling a room of 100 or so of his peers that their industry is institutionally incapable of giving clients the smartest ideas. How ad agencies and media agencies that decide where ads run are built like factories, focused on one output (and that output is their handcuff). How a new model needs to emerge, one that can provide unbiased advice to marketers.
“You’re saying everything’s changing and it’s not.”
Before Wilkins could respond, one of his clients intercepted the challenge. “I used to kid myself I wasn’t going bald,” said Mark Finney, the clearly hairless head of media for Orange, Europe’s third-largest wireless carrier. “I’d pull my hair forward, I’d cover it over this way, I’d look in the mirror and think, It’s never going to happen to me. Then suddenly I started realizing I looked really stupid. . . . I hate to say it, but Jon’s right and you’re wrong. You’re covering your baldness, and at a certain point, you’re going to look stupid.”
Future Assertion of Note:
Mary Meeker talked about the future of looking for stuff.
Search, Find, and Obtain so that there will be little difference between Marketing, Advertising and Selling.
Her presentation is full of numbers worth checking out.
Acquisitions of Note:
Weblogs Inc was bought by AOL (the deal closed in July just announced though)
Upcoming.org was bought by Yahoo
Alliance of Note:
Sun – Google (comments by Johnathan CEO of Sun)
Rumor of note:
Microsoft buying AOL
Notably Absent:
Discussion of the open source platforms like Drupal that are major parts of Web 2.0 (the people collaborating) and the communities of developers and small businesses around them. I guess cause they are open source and they don’t have thousands to shell out the Tim and John they don’t rate. Hopefully we can do a conference with the cool kids building open source ecologies.
O'Reilly's thoughts on Identity in the context of Web 2.0
I just read through Tim’s five pager on Web 2.0 and found the highlights that relate to Identity.
Meanwhile, startups like Sxip are exploring the potential of federated identity, in quest of a kind of “distributed 1-click” that will provide a seamless Web 2.0 identity subsystem…While the jury’s still out on the success of any particular startup or approach, it’s clear that standards and solutions in these areas, effectively turning certain classes of data into reliable subsystems of the “internet operating system”, will enable the next generation of applications.
A further point must be noted with regard to data, and that is user concerns about privacy and their rights to their own data. In many of the early web applications, copyright is only loosely enforced. For example, Amazon lays claim to any reviews submitted to the site, but in the absence of enforcement, people may repost the same review elsewhere. However, as companies begin to realize that control over data may be their chief source of competitive advantage, we may see heightened attempts at control.
Much as the rise of proprietary software led to the Free Software movement, we expect the rise of proprietary databases to result in a Free Data movement within the next decade. One can see early signs of this countervailing trend in open data projects such as Wikipedia, the Creative Commons, and in software projects like Greasemonkey, which allow users to take control of how data is displayed on their computer.
I hope that Identity Common’s who’s founding principles assert this Freedom loud and clear can lead the way on this.
Users must be treated as co-developers, in a reflection of open source development practices (even if the software in question is unlikely to be released under an open source license.) The open source dictum, “release early and release often” in fact has morphed into an even more radical position, “the perpetual beta,” in which the product is developed in the open, with new features slipstreamed in on a monthly, weekly, or even daily basis.
Lightweight Programming Models
There are several significant lessons here:
Think syndication, not coordination. Simple web services, like RSS and REST-based web services, are about syndicating data outwards, not controlling what happens when it gets to the other end of the connection. This idea is fundamental to the internet itself, a reflection of what is known as the end-to-end principle.
It’s easy to see how Web 2.0 will also remake the address book. A Web 2.0-style address book would treat the local address book on the PC or phone merely as a cache of the contacts you’ve explicitly asked the system to remember. Meanwhile, a web-based synchronization agent, Gmail-style, would remember every message sent or received, every email address and every phone number used, and build social networking heuristics to decide which ones to offer up as alternatives when an answer wasn’t found in the local cache.
New protocols … New Terms
Eric Hall just pointed me to a great post by dizzyd of Passel about the challenges of doing a new from the ground up protocol/technology and how you communicate to the rest of the world what it does. Some learnings in there for all of us in this identity space. Hopefully during the Internet Identity Workshop we can have a big list of terms and their definitions posted on the walls for us to collectively discern with greater clarity their meaning so we can all communicate with one another better.
Beyond Identity Theft – Location Theft
Ross Mayfield posits at barcamp there could be a phenomena called location theft.
When talking about this and he shared that this would apparently this already happens with DodgeBall in NYC. The founders of the company would do that so that they would not get swarmed
Poking around I found reference to it but with a different meaning.
Identity Theft Protection from ReliaCredit.
One of the best ways to protect against identity theft is to monitor your protection report. By signing up with a credit monitoring service you will be advised whenever anyone obtains access to you protection report or when new accounts are opened, this provides substantial location theft protection. Any unusual activity or the opening of new accounts or other unauthorized protection inquiries will, raise a red flag and allow you to contact a creditor or other law enforcement agency to stop or prevent any ongoing fraud. Identity theft is a criminal act punishable under federal or state law.
Hunting for the Glory of God
Hunting unto the glory of God also demands that we must have a high measure of ethics. Ethics goes beyond the written hunting regulations. It may be legal, but is it ethical? Hunting on public land gives you the legal right to set your hunting stand wherever you desire. Is it ethical to set your stand at a location you have heard about, where another hunter claims he has seen deer? Unfortunately, I have witnessed what I would call location theft. If we are going to hunt unto the glory of God, we must ask God to grant us a greater understanding of ethical conduct and to practice His ethics.
Technorati Tags: identitytheft, locationtheft, barcamp, RossMayfield
People like Gnomdex so there is BAR Camp
From Marc Canter
Doc and I are doing a panel on the ‘OpenWeb’ so I hope folks come or at least tune-in via webcast or IRC. But the AO conference WILL be propogated by VCs and rich people – and I prefer hanging out with normal people the best.
That’s why I love Gnomedex. I sure hope there’s another one – soon – like at the end of September.
I found this in my list of saved but not posted blog posts. Seems like Marc’s wish is going to come true – BAR Camp is this weekend. I just found out about it from Eugene Kim’s blog (he has been posting some great stuff this past week about wikimania and collaboration patterns). Likely I will go down with Mary and share the demo of i-names sso working on wordpress that I did at DrupalCon in Porland two weeks ago.