EYEdentityOnline.com

I jumped off a simple question from a friend about IronKey into how I accomplish securing my portable data over at my personal blog WhoIsHahleq.com:

Post tiled A friend asked me about IronKey

As Michael Arrington at Techcrunch says, it’s hard to have too much sympathy when people give up their passwords to sites holding sensitive data, but wait… people are doing this every day on Web 2.0 sites all over the web! This site pulls in That site’s content and you need to provide your password to a page, applet, plugin, etc. to accomplish this. How many places are users entering their passwords? How many of those passwords match at how many other sites? Given how much data I can get from an aggregation site, how many sites do I need to compromise to seriously damage any given user? G-Archiver had way more than e-mail access. For some accounts there would be Google Payment information, Google Apps and all related content. Yikes!

So once again we come back to the sad state of authentication in the broader internet world. Sure banks may or may not have done something meaningful when pushed, but stop and think about all the sensitive data you have scattered around on sites that daily are getting “hooked up”. So what about the rest of the sites where we increasingly investing our time, our money, our data about our time and data… you get the idea. Whether you realize it or not, your online world is increasingly a federated world. Federation is great so long as there is solid authentication underpinning the master login. If not, federation is a terribly scary, easily and devastatingly compromisable thing.

There’s lots of noise around identity, some of it even touching on authentication, but not much. Microsoft buys Credentica. Cardspace plays with OpenID. Everyone is turning their logins into OpenIDs even though they aren’t accepting OpenIDs (does that mean they really adopted it or not?). Ping acquires Sxip. 47 new OpenID IPs launched while I was writing this article (ok, that’s an exaggeration).

However, I’m still managing my online security with Roboform in an encrypted volume protected by 2-factor authentication. Last count, I’m managing nearly 300 logins through that method most of which do not have matching passwords. Am I paranoid? Yes, clearly. Am I bulletproof? Nope. Do I want something better? Yup. TriCipher recently announced myOneLogin which has as part of its mission to bring strong authentication and reduced sign-on together. You can read more straight from them via Jon Brody’s interview about myOneLogin with IT Business Edge. Jon is TriCipher’s VP Marketing.

I’ve had this as a partially written topic in my blog list for nearly two weeks and am just now getting around to finishing it. So it’s not as topically timely as I’d have liked, but what the heck. Also not in any way security related. This one falls under the “digital lifestyle” category mentioned in my Obligatory First Post Introduction. Brace for incoming rant…

Yes, I have an iPod. Yes, I use iTunes. No, I don’t like either of them particularly well. I am on the constant look out for anything better. As a matter of fact, I preferred my Dell Jukebox and if I hadn’t made the mistake of buying a 60GB Video iPod and could rationalize just throwing the thing away, I’d probably go get another Jukebox or… gasp… Zune.

Blasphemy! Heresy! Careful, you’re about to make one of my points for me. I dislike the iPod for the following reasons:

1. $350 for a product clearly built to be disposable. You think I’m down on iPods, you should speak with my wife who’s crazily on her 4th iPod. Only 1 failed in the first year so it could get replaced under warranty. Needless to say, she’s purchased her last. Me? Mine won’t turn off at periodic intervals until its been allowed to drain its battery completely. Not good when you’re trying to eak out every minute on a long day’s travel schedule. Would an actual power switch really screw up the legendary Apple design aesthetic? Microsoft actually extended their warranty to 3 years from 1 for putting out a substandard Xbox 360. Why is no such pressure being brought to bear on iPod? I know many folks with the same experience, so mine is not a lone case.
2. No songlist management on the actual device. Want to set up a list and name it while sitting killing time on a plane? Sorry, no go. Sure you can create one of those “on the go” things, but set the order or name it for use later, nope. Forget even trying to manage the names of songs or information on the device. Sorry, but this was something I was used to on my Jukebox that seemed like a feature that would of course be on the “superior” iPod. Imagine my dismay when I found out otherwise.
3. iTunes bites as badly as every other music management software application out there. I’m not sure what makes this piece of junk such a cornerstone of wonderment when the topic of iPod comes up. Its a system pig, it doesn’t really offer anything special in regard to system, song or content management. Is it the iTunes store that is the big deal? Read on..
4. iTunes Store. Pay to have someone mess with where, when, how I want to play my music? No dice. My wife again blazed trails here and has a large block of legally purchased music she can’t access and even Apple hasn’t been able to figure out why or bother to fix it. Consequently, I use a 3rd party application to manage my music on my iPod and my music comes from any other source than iTunes.
5. I have always had, even when much younger, an anti-cool attitude. The iPod craze definitely fits into the painfully cool category. Its more of a fashion craze than a product. Are $200 basketball shoes really that much better than $75 off-brand shoes? Nope, but apparently in the wrong neighborhoods or cliques, they really matter to some folks. Ahem… shallow folks.

As you can imagine then, I’m not real keen to rush out and buy a v.1.0 iPhone. I suspect a fair amount of quality problems. I’m not wishing that for anyone, mind you. I’ve just been taught a hard lesson by Apple’s iPod history.

I’ve also got a real problem with what appears to be a pretty closed platform approach by Apple. I’ve encountered this in my professional life as a vendor trying to use standards that work everywhere else except on Apple controlled bits and it really rubs me the wrong way. I always thought Microsoft was the big, bad bully. (Don’t get my anti-cool dander up over those offensively cute Apple vs. MS TV commercials.)

My phone / PDA is a serious tool that I depend on for business and personal communications and handheld computing utilities. I already can surf, look at pictures, watch video and yes, listen to music on my Treo and I’ve had it for over a year without a hint of it needing replaced (and it turns off quite readily when I ask it to). Of course, given that I can do all this, I really have never even had any real need to do so. I’ve listened to a few podcasts, a little music and even watched some game trailer .wmv’s on it, but not enough to warrant $600 swapping out for another touchscreen only device. Heck, I’m shelling out $600? I’ll go pick up a PS3. Funny that folks scream long and loud about how rediculously high-priced the PS3 is, but will go stand in line for days to spend the same money on something significantly less powerful or useful and far more vulnerable to loss or breakage. Consumers? Who can figure ‘em out, eh?

So what’s my plan?

• Stand back and see what the reality of the iPhone’s quality, usability and openness over the next year turns out to be while I continue to drive ROI out of my Treo.
• Increasingly use my iPod as a nice portable backup device. Currently 60% of my iPod is storing backup data, 30% has music, 5% has podcasts (accounts for about 98% of my listening time) with 5% free space.
• I use Urge to mess with my music on my PC and consequently, suspect my next hardware purchase will be a Zune or iRiver device though I continue to research what’s new. I really think that these music devices are all hideously overpriced and that there’s a huge sweetspot for someone to come out with a 50GB+ device for $199 and with some actually decent software, really grab the market’s attention. Of course, not the attention of the really cool kids though.

Rant… OFF.