Friday, February 08, 2008

OpenID = Open Season for Thieves and Gov't Snoops

Tech heavyweights join OpenID Foundation board

Putting all my ID eggs in one basket is reason enough to shun OpenID.

Putting all my ID eggs in a basket shared by YahooSoft (MicroHoo?) is worse.

But, far worse is the presence of VeriSign. FOIA documents obtained by the Electronic Freedom Foundation show that Verisign is a major contractor to the FBI and its pervasive wiretapping and eavesdropping system.

Whether you're prone to paranoia attacks or not, putting everything in one place makes for a goldmine for ID thieves and for government snoops.

The "open" in OpenID means it's open season on your information. If it can be cracked, it will be. No reason to think OpenID is immune.

Look at it in an ecosystem way: diverse genetic populations resist pathogens better because only a small percentage will be susceptible at any one time. Conversely, every member of a monoculture ecosystem can be wiped out at once with the correct virus/pest.

I'll stick with a diversity of username / password combinations and rely on PGP encryption (using a 1,024-bit algorithm) and a lengthy pass-sentence of my own choosing to keep my data safe on my computer. I am free to change my encryption method any time I want. I want, not a bunch of Dilbert-run corporations whose record on security and lack of respect for users is well documented.

0 Comments:

Post a Comment

<< Home