Security

You are currently browsing the archive for the Security category.

Privacy Controls on the Open Web?

January 18, 2009 in Open Web, Security by Carsten Pötter

privacy
by rpongsaj

Yesterday Sebastian Küpers had a really great and thoughtful post about privacy and the context in which we are saying and writing things on the web. Who are we addressing? Just our friends, our co-workers, or the general public? He muses if real world examples of context and (supposed) privacy can be transferred to the internet. Sebastian gives a really descriptive example:

If you are an average Twitter user, who has his tweets public and a few dozen friends, you absolutely are able to overlook who is listening to you and this will have an impact on what you say on Twitter. If you compare it with the real world, it’s maybe like being on a private party with an “open-door-policy”, where theoretically everybody could show up, if he knows that the party is taking place.

You know what kind of people will be at this party, this will impact on what you might say or how you behave (or how much you will drink ;) ) in this context – you will show the people who are there a “persona” of you – and even if it’s possbile that for example your boss or your mother could show up – because it has open doors and let’s eveybody in, this will not affect you, because the probability is way to low.

So this “natural” barrier, that it is quite unlikely that your boss or your mom will know about this party – and even if they would, that they would spend the time and the effort to actually go there. is such high that it protects you and your privacy in this special context.

So is this metaphor really tranferable to the internet?

This is really a difficult question. There are aggregators like Friendfeed and, of course, search engines which make almost everything public we publish on the web. We have not much control about who can see and read what we write and say. So the easy answer is: Don’t publish anything you don’t want Google to find.

However this could restrict us in our actions if we always had to consider who might read our blog posts and tweets. In the end we were not authentic anymore. In the comments of Sebastian’s post I outlined a possible solution. It’s very hypothetical and I have no idea if it could work or not:

Of course, we could establish a standard for feeds which includes some kind of license policy. Basically, feeds would be encrypted or made unusable by other methods unless someone else had a key, token, whatever to make it readable. It would also (or only, without encryption) include a Creative Commons kind of license which declares if the feed is shareable. The token for decryption would be given by users to their friends, websites,… Probably, it was also possible to do some kind of whitelisting of OpenIDs who would be granted access to the feed. This whitelist could be hosted by my OpenID provider. The feed would also include something like robots.txt for search engines.

It is just a rough sketch. Though, quite honestly, I am not really sure if the problem can be solved. This approach would require much discipline by all parties involved. But maybe this is also a use case the EULA & ToS Task Force of the DataPortability project can focus on. Do we need such a solution or should we accept that privacy standards are changing and we will all become public individuals?

Tags: , , , , , , , , ,

OAuth on Twitter Won’t Replace Your Brain

January 6, 2009 in Open Standards, Security by Carsten Pötter

oauth-_-logo

Twitter has problems. Or Twitter users have problems. It depends on how you see things. Not only passwords were sold together with a Twitter application (see my recent post on the topic) but also users got phished and accounts of some celebrities got hacked. Really bad news!

Now people think Twitter needs some better authorization methods of third party applications and demand OAuth implementation. Even a website was launched: Please, Twitter, Implement OAuth Now!. Indeed OAuth is a solution and it’s great that more people feel the need for safer authorization. While it is a noble initiative, I feel a little bit uncomfortable when seeing some blind retweets of the message on Twitter. Basically, there are two reasons:

  1. OAuth didn’t prevent the recent phishing and hacking attacks. To quote Twitter co-founder Biz Stone:

    We plan to release a closed beta of the open authentication protocol, OAuth this month but it’s important to note that this would not have prevented a Phishing scam nor would it have prevented these accounts from being compromised. OAuth is something we can provide so that folks who use third party applications built on the Twitter API can access their data while protecting their account credentials.

  2. While you could argue that Twitter somehow encouraged users to give away their passwords to third party sites, we should not forget that the users themselves helped their accounts being compromised. For convenience’s sake or a tiny feature (by the way, did any of those people request those features from Twitter?) some self-proclaimed internet elite was happily passing their passwords to other sites. Not just once, but many times.

I am 100% pro-OAuth on Twitter but users have to think about what they do on the web and who they trust. OAuth on Twitter is just a small relief for users. There are other sites and other risks as well. Think!

Tags: , , , , , , ,

Your Passwords Are Sold. And Plaxo?

January 2, 2009 in Open Web, Security by Carsten Pötter | View Comments

It had to happen sooner or later and it’s just surprising that it did not happen earlier: Yesterday Twitter passwords were sold! Well, actually Twply was sold just after one day of operation for the ridiculous tiny sum of $1,200. Twply was a service sending @replies via email to Twitter users. And to do just this it demanded people’s Twitter usernames and passwords.

However Twply is not the only “service” that demanded people’s usernames and passwords. Services that extend Twitter’s functionality are especially notorious in that aspect. Other services want people’s Gmail passwords which might cause even more damage to users considering their AdSense data, emails, calendars, and what not are at stake. Users have to be educated that it’s definitely not in their best interest to give away their passwords to other web based services. There are alternatives available: Portable Contacts and OAuth. With those open standards services can access e.g. contacts data from other services without demanding passwords. Users are in full control of what’s happening and are able to revoke access at any time. This will be the end of the password anti-pattern described by Jeremy Keith.

Plaxo and the password anti-pattern

Plaxo has been championing open standards for a long time now. Its engineer Joseph Smarr is one of the driving forces behind Portable Contacts and other related standards and he is a really smart guy. Though what’s really disappointing about Plaxo is, that it continues to collect passwords for webmail clients:

password anti-pattern

password anti-pattern

Plaxo knows better but still demands passwords. Maybe Plaxo doesn’t store passwords but how many services claim the same? Users can’t control it. Though recently Plaxo’s head of marketing, John McCrea, sent an interesting tweet:

John McCrea on webmail clients

John McCrea on webmail clients

Well, this sounds cool. At first. But what he is really saying here is: Hey, as long as those big guys [he means Google, Yahoo!,...] don’t support the standard we want them to support, you have to give us your passwords.
Shouldn’t Plaxo explain to its most valuable asset, its users, that it no longer supports the password anti-pattern? One day Plaxo might switch to Portable Contacts and OAuth to import contacts but in the meantime it has educated its users to give away their passwords. Will it re-educate them? Wasn’t it easier to say that currently there is no convenient and secure way to import contacts but that Plaxo will work on it?

I singled out Plaxo here not because I hate the service but because I really like it. I want it to do better. But John McCrea’s statement is at least a little bit hypocritical.

Tags: , , , , , , , , , , , , , ,

OpenID and Password Managers

June 14, 2007 in Applications, OpenID, Security by Carsten Pötter | View Comments

Yesterday Richard MacManus has started an interesting discussion about online password managers like PassPack and Clipperz on his Read/Write Web blog. He asks:

But is managing your passwords enough of a ‘value add’ service, given that browsers do much of it already and OpenID is also solving some of those issues in the web 2.0 world?

It’s certainly very pleasing to note that he thinks OpenID will be able to compete with the well known method of signing in to websites – user names and passwords – soon. However the number of Relying Parties is still very small (see David Recordon’s and Brian Ellin’s slides of the Web2Expo). While OpenID has gained momentum this number has to grow significantly to make more users aware that a different and comfortable way of signing in already exists.

I also think that no one can force users to embrace and use any new technology; they have to join voluntarily. There will always be people who think OpenID was insecure, complicated, lightweight, uncomfortable or unnecessary. Those people will hopefully use a comfortable password manager which generates strong passwords and maybe even has an auto-logon feature. Usually password managers are also able to store other important data; just think of notes or even complete documents. OpenID can’t do that because it serves a different purpose.

OpenID and password managers will coexist – PassPack is even thinking about OpenID implementation – at long sight.

Tags: , , , , ,

« Older entries

Page optimized by WP Minify WordPress Plugin