Loading
Missing Code Challenge
Online identity management and single sign-on still doesn't work. Not well enough, anyway. OpenID is a good step forward. So are a bunch of other less familiar approaches. But we still haven't arrived.
For example, I've been a member of Blogger for the duration. That is, since long before Google bought the company. In the old days, making a comment on a Blogger blog was fairly easy. Now it's a lot more complicated. I'm sure that's mostly because comment spam is a gigantic problem, especially for a gigantic company like Google.
But still, from the human visitor's perspective, it's a mess. Here's a screen shot I took after failing for the Nth time to successfully post a comment on a Blogger blog:
For what it's (not) worth, I have a Blogger ID, a Google ID, several OpenIDs, some number of i-names, maybe some information cards (I'm not sure I actually have any yet, but I do think they're good to have), plus cookies from countless sites in my browser's jar, none of which seems to help with this.
I shouldn't complain, because I've been involved in the user-centric identity development community for many years, and have played an active role in helping various efforts (both competing and complementary) to move forward and get along with each other in the process.
But still, we ain't there. And I don't believe we'll get there until each of is known and/or trusted automatically by those with which (or whom) we have relationships. You know, like in the Real World.
For that to happen, we need to hack a way for the individual to drive the interaction. It isn't enough for identity to be "user-centric". In fact, it isn't enough to focus just on identity. After all, I don't need to identify myself when I walk into a grocery store and pay cash to buy stuff. In fact, the stores' "loyalty cards" are terrible systems that not only fail as identity cards, but require dual pricing for every item they "discount", while also slowing down the checkout line. It's as if some kind of digital identity disease has infected ordinary brick & mortar stores as well.
Real engagement needs to be user-driven. That means the individual should be fully empowered to engage with any person or service in the digital world on his or her own terms, in easy, consistent and well-understood ways that may or may not require identifying one's self.
We each need to be independent variables, not dependent ones. What makes me trustworthy to a service like Blogger shouldn't be code that lives entirely on Blogger's side, while all I've got is one among a zillion ID/password combinations, most of which I don't remember. I need to be trusted when I show up. Automatically.
Maybe the means for making this happen will live out in the cloud somewhere. Or in many places. (I can see a lot of potential business here, actually.) But none of it will work unless it starts with the individual. Each of us operating in the digital world needs tools for engagement that belong to us, are operated by us, and give us autonomy, capability and control.
If we get that, we can say goodbye to ugly stuff like the interface above — plus the massive market friction that comes from every vendor having its own silo'd ways of dealing with customers, including CRM (customer relationship management) systems that are controlling and inhuman beyond endurance.
Can we do that? Can we build tools that make individuals both independent of vendor control yet better able to engage with vendors? Can we fix the silo'd authentication problems that have plagued online markets from the beginning? I think we can. That's one reason why I started ProjectVRM at Harvard's Berkman Center.
But I don't know the answer yet, because we don't have the code. Some of us are working on it. You might see evidence by peeking through windows here, here, here, here, here and here — as well as in various corners of the identity community and via links in the blogroll here.
But it's still early. The challenge is still out there.
Is this an itch any of you programming folks feel like scratching — for your own good as well as the rest of the world's? If so, say so below. Or follow what we're doing at the VRM Workshop on Monday and Tuesday.
______________________
Doc Searls is Senior Editor of Linux Journal
Webcast
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Sponsored by AMD
White Paper
Private PaaS for the Agile Enterprise
If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.
Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.
Sponsored by ActiveState
- Speed Up Your Web Site with Varnish
- Containers—Not Virtual Machines—Are the Future Cloud
- Linux Systems Administrator
- Lock-Free Multi-Producer Multi-Consumer Queue on Ring Buffer
- RSS Feeds
- Senior Perl Developer
- Technical Support Rep
- Non-Linux FOSS: libnotify, OS X Style
- UX Designer
- Web & UI Developer (JavaScript & j Query)
- So when they found it hard to
12 min 17 sec ago - yea
34 min 28 sec ago - Reply to comment | Linux Journal
56 min 47 sec ago - Android has been dominating
1 hour 1 min ago - It is quiet helping
3 hours 47 min ago - Technology
4 hours 4 min ago - Reachli - Amplifying your
5 hours 20 min ago - excellent
6 hours 9 min ago - good point!
6 hours 12 min ago - Varnish works!
6 hours 21 min ago
Featured Jobs
| Linux Systems Administrator | Houston and Austin, Texas | Host Gator |
| Senior Perl Developer | Austin, Texas | Host Gator |
| Technical Support Rep | Houston and Austin, Texas | Host Gator |
| UX Designer | Austin, Texas | Host Gator |
| Web & UI Developer (JavaScript & j Query) | Austin, Texas | Host Gator |
Free Webinar: Hadoop
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Some of key questions to be discussed are:
- What is the “typical” Hadoop cluster and what should be installed on the different machine types?
- Why should you consider the typical workload patterns when making your hardware decisions?
- Are all microservers created equal for Hadoop deployments?
- How do I plan for expansion if I require more compute, memory, storage or networking?
Developer Poll
Comments
There is no (reasonably
There is no (reasonably permanent) software solution to raising lousy human beings - i.e. the kind that make necessary the likes of passwords, spy/mal-ware detectors, encryption, spam-guards, etc., etc., etc. (not to mention locks, walls, barbed-wired, prisons, weapons, police, armies....)
Human interaction
Even in human interaction an automatic recgoniation doesn't occur. At the very least I must look at a person to identify who that person is. You always have to have a sort of sign-in or verification process to know who someone is or isn't. I just don't see that going away.
Passphrase
Why do I need anything more than a complex passphrase? Or perhaps I could have an application that I sign into on my computer that provides recognition services to websites that need to know about me?
Say I sign into this hypothetical program and I go to buy something from an e-commerce site that I don't have an account with. When I go to this site, it requests my name and basic demographic information from the program that resides on my computer and I can choose to allow or deny this. Then I spend some time choosing some things that I'd like to buy, and proceed to the checkout. When I click some button that finalizes my order (yes, I'm really sure I want that frobbitz) the site requests my billing and shipping information, again I can allow or deny this request.
Alternatively, some sites just want to make sure you're you so they know how to store the information you give them. For example, del.icio.us might just want a cookie loaded into your browser session. Del.icio.us could make a request to this program that it present certain information when visiting the site, minimizing the amount of pain they'd have to undergo to support this sort of program.
This really wouldn't be prohibitively difficult to build.