Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
The botnet world is booming
What’s driving this university to IPv6? Going green
Google takes direct aim at Microsoft
Microsoft promises to stymie hackers next week with new patches
Chrome OS spotlights rapidly changing mobile Web environment
IT pros continue to lose jobs
How ending exclusivity agreements would change the telecom industry
How to use electrical outlets and cheap lasers to steal data
EMC distances rival NetApp
Crime lab saves energy costs by turning up heat in the data center
IBM security software masks confidential info
Google Native Client provides hints on Chrome OS gambit
Ericsson signs deal to run Sprint wireless, wireline networks
Verizon helping companies assess application vulnerabilities
Internet's biggest issue? IPv6 transition, new ARIN CEO says
Security /

Juggling eggs

Bradner archive By Scott Bradner
Network World, 11/12/01

Microsoft said it would shut down part of its Passport single-logon system, at least for a while. This shutdown was not to mollify the many people who are concerned about the privacy implications of letting a single company, particularly one with the mixed reputation that Microsoft has, hold the keys to so many kingdoms. And this column is not about trusting, or not trusting, Microsoft. It's about eggs and baskets.

It was a software bug that caused Microsoft to disable the e-wallet part of Passport. A bug that could, at least in theory, be exploited to get the Passport servers to send the contents of someone's e-wallet to someone else. Microsoft says it does not think that the bug was actually exploited to expose information that should not have been exposed, but shut down the service - inconveniencing its 2 million or so users - to fix the bug.

Passport is quite a success. Of course, some of the success comes from Microsoft requiring computer owners to enroll in Passport to even install some Microsoft software, but the company has claimed that as many as 200 million people have enrolled. No matter how you cut it, that's a lot of people. In Microsoft's vision, Passport will make it easier for people to be identified to multiple Web sites. That's a feature that, to me at least, is at best a mixed blessing.

Advertisement:

The vision also has just about everyone on the Internet, or at least in the U.S. and maybe Europe, within the Passport embrace. Passport is an almost perfect example of the kind of attractant Larry Lessig talks about in his book Code. Lessig followers would embrace a potentially threatening system if it offered something that the user wanted.

But Passport is a perfect example of something else. It is an example of a vast number of people and systems dependent on something designed and run by people. If a bug pops up, it potentially could affect 200 million people.

Or, if one of the people operating Passport is bribed, millions of people suddenly become vulnerable. Passport is not alone in having this potential impact; see how successful the various e-mail-borne viruses have been in the current Outlook-rich Internet environment.

From many points of view it makes sense to standardize on one vendor's systems and applications. Support is easier, and with scale can come efficiency and maybe even lower costs. But dependence on a single vendor brings the same kind of threat that a farmer faces if he plants all his fields with the same strain of corn. If the wrong bug comes along, everything can be lost.

As a Mac user, I'm doing my part to ensure some genetic diversity, but I have no idea how to deal with the trends in the real world other than pray that Microsoft only employs incorruptible people who write perfect code.

Disclaimer: Perfection and Harvard are related, at least in Harvard's mind, but the above lament is mine alone.

RELATED LINKS

Bradner is a consultant with Harvard University's University Information Systems. He can be reached at sob@sobco.com

More 'Net Insider columns

Get Bradner in your inbox via our

Gibbs & Bradner weekly e-mail newsletter.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.