I'll be attending Internet Identity Workshop. I hope Phil and the gang are setup to catch late registrants (I registered today).
It's pretty funny that Google is whining about MSN being the default search engine for IE when both Firefox and Safari ships with Google search box built-in and my addiction to Google is as bad as my addiction to nicotin although search result quality has gotten pretty bad lately.
It seems many people feels that authentication is pretty much a dead space. I thought I should air some of my ideas which I think are new and different.
Very Large Key
This idea was conceived while I was looking at the picture of Rai stones. A Very Large Key is a key that is too big to be stolen or copied. There is nothing keyloggers can do against passwords too long to be captured or takes too long to be sent inconspicuously.
While the idea is kinda crazy, some practical implementations are possible. For example, one can fill a CD or DVD full of random data and use it like a one-time pad to log into protected websites. Instead of typing in a password, pop in a CD or DVD and you are in.
As to key validation, server-side must somehow know what values to expect. Fractal mathematics or evolutionary key technique can be used, for example.
Note that access limitations is what is being leveraged here which means slow access speed can make smaller storage mechanisms effective enough. For example, a really slow USB Flash drive full of random data or a network storage service with access speed/event choke. Parts of the secret (random data) can be stored in pieces, of course.
I just tried IE7 Beta 2 and all I can say is: eeeks!
I don't know if it was my machine or what but when I installed it, desktop froze for about 10 minutes after rebooting. While using it, the UI was rather awkward and links that opened new windows just refused to work, forcing me to open them in tabs. When I tried to close it. The damn thing froze again for another 5 minutes. Needless to say, it was uninstalled right after that.
Where the hell did they get the nerve to release this crap as beta 2?
On the other hand, this gang of open source thugs just makes me shake my head. How ironic that they are leveraging Google, another monopoly-in-the-making, to spit on Microsoft. To me, it's just naked hate and nothing more.
Like an old dog, I knew something was coming. I sniffed the air and smelled a buyout. RSA has been in a buyout mood lately which placed them on the top of the short list of suspects.
Well, the news came Friday and announced Monday which means that, for disclaimer sake, RSA Security is a client of mine and I own RSA stock. Size of the deal was rather disappointing but liquidity is always welcome.
It's funny how Cyota keeps popping up in my professional life. Cyota was the main competitor of PassMark. While I was with Arcot Systems, guess who it's main competitor was? Cyota got bought out by RSA and here we are in the same basket. Like Bill Harris commented this afternoon, authentication business is like a small neighborhood of sort. Desperate Housewives? LOL
Anyway, I am not sure I'll be with RSA for long though because I prefer fast little companies doing interesting things. Although I now prefer mini-vans over sports cars, I guess I am still a thrill seeker.