Adventures of an Eternal Optimist

Electronic Arts has just backed into an interesting twist to the TOS story.   They are linking your online terms of service to the physical video games you buy — if you violate their online TOS, your right to run every video game linked to that account will be revoked.

This adds a massive lightning stroke of accountability into the affair, doesn’t it?   Suddenly, the forums aren’t just a “value-add”, they are also a potential “value-take-away”.   I have this picture in my head of Family Member A explaining to Family Members B and C how A lost his/her temper in the EA forums last night, and now the whole family has lost not only their access to their games, but possibly their game statistics & reputations too, depending on what EA does to enforce the ban and the subsequent serial number invalidation.    Ah, it all comes back to Identity mgmt and asset mgmt, doesn’t it?

I suppose you could consider this the Real-time Blackhole List approach to reputation & social networking.

Those of us in OSIS have half-joked about the I4 Interop event being the end of the beginning — but yesterday, the announcement of Geneva ushered in a new beginning.  It is still a long road ahead,  but mark my words, the momentum changes here.

I was recently asked in a rather public forum whether people are really using Information Cards.  The answer was a reluctant no.   There are a few pools of use that are extraordinary, the largest being in Europe.  There are many very interested parties.  There is development happening all over, but not released yet.  I am ok with this however,  because the truth is,  this technology will break out when it is not just cool, but also the obvious choice for the job.

In the past, this technology has been evangelized as the end of passwords, which is, in my mind, a mischaracterization.  It is not the end of the password.  It is the end of the login form.   It is the end of that uncertain little piece of html out there that may or may not be well written, or well protected, and may not actually even be the place you trust.   That may sound like a small little piece of the pie – but when you combine that little piece with the power of the underlying protocols,  and the massive usability problem that confronts us now in the security space,  what we get is a lot closer to the complete picture.

Why is this complete picture necessary?  Ah, well this is the thing, isn’t it?  People keep asking me, why would we ever NEED information cards?  We’re already busy, we don’t want to add something we have to work hard to understand to our Enterprises or to our products, and we’re getting by JUST FINE thank you very much…

Microsoft answered that question yesterday too, with Azure.   As I’ve said before, your provisioning problems can be ignored when removal of network access can act as a master switch for all the nonexistent process in the Enterprise.    Once your Enterprise starts pushing critical business functions outside of the Enterprise, there is no choice but to evolve your Enterprise towards claims-based Identity, federation, SAML, information cards, and this whole next generation of accountability.   In order for Azure to exist,  MS had to find a way to push credentials out into the cloud as well — and here we are.

This is the vision.  And the opportunity,  long awaited.   For those of you who might think that this sounds like a great Microsoft conspiracy here,  remember the protocols that this identity layer rests upon are OPEN, and although MS was involved, so were a huge number of other people and companies. Anyone can play. Instead of simply engineering an Identity layer for themselves,  Microsoft has instead worked within the community to enable something much greater.  I have been lucky enough to see just how much work, time, money, and care has been put into making sure that there are tools, products, and services out there that give people choice in the Identity Infrastructure they use to interact with services such as Azure.

I tip my hat to all you folks on the federated identity team at Microsoft — past and present members.   You have walked and will continue to walk a tough line,  but I hope that now, at least the story gets easier. Thank you.

A friend of mine sent me this link to a report attempting to help improve the quality of communication at conferences, entitled Fifteen Obstacles to Dialogue and written by Mark Gerzon.

I have an obvious bias here, so please take that into account, but I honestly can’t quite believe my eyes:

The gender trap, while much more subtle, is double-edged. On the one hand, a conference with a series of all-male panels undercuts itself, particularly if it is otherwise progressive. When conferences repeat the importance of “participation” or “the role of women in development” but then have less than 10% female participation, charges of hypocrisy are in the air, even if not spoken.

On the other hand, if women are placed on panels or in roles precisely to counteract the male dominance, this can also backfire. A series of panels with a single woman, while perhaps better than all-male ones, begs the question of why the single woman was included. One should either be serious about equitable female representation, or let the chips fall where they may. Better honest male chauvinism than manipulative tokenism.

Let’s start with that last sentence, shall we?  It seems to me that male chauvinism is mentioned in the context of blind partiality for male participants, and tokenism is mentioned in the context of blind partiality for female participants. I love how blind partiality for men is described as honest, while blind partiality for women is described as manipulative.  I suppose that it was too complicated to simply advocate against any kind of partiality based on gender.

I’m sad as well about the statement made by this author that the inclusion of one female on a panel begs the question of why that woman was included.   The implication seems to be that it is better to avoid the appearance of tokenism than to let that lone female participate.  The implication also seems to be that people would naturally assume that a woman is unqualified and a “token” before they would believe that the woman is as qualified as her co-panelists.  Otherwise, presence of a single woman on a panel wouldn’t “beg” anything.

Lastly, it can only be assumed that equitable female representation is an onerous burden.  Given the author’s unstated assumption that people assume tokenism before qualification for women panelists & presenters, I’m not sure why “equitable” female representation would result in a more positive audience impression than representation by one female in a panel.  If anything, according to the author’s logic, the likelihood of attendees accusing organizers of tokenism would grow as the number of women grow – after all, the more women involved, the greater the likelihood that some of them are unqualified, right?

A trap indeed.

Your blog makes it into the pr0n search index:

My mom would be so proud :)

I ran into an interesting phenomenon the first time I used IE protected mode.   I’m documenting it here, in case somebody else gets into this situation.

My test blogs are at http://pamelaproject.com, but my login page and the rest of my administrative pages are protected using HTTPS.   Past use had resulted in my having added https://pamelaproject.com to my trusted sites list in IE.

If you use the default settings for enablement of protected mode in IE,  Internet sites operate with protected mode on, while trusted sites operate with protected mode off.  When I attempted to go to my blog front page,  IE was in protected mode – but by authenticating, I changed from an Internet Site to a Trusted Site, and changed protection mode.  The result was extremely unsatisfactory.

Upon logging in, a separate IE instance started, showing an authenticated WordPress admin page.  I could view my profile or use other admin functionality.  If I tried to visit my main WordPress site blog front page content however,  I was taken to my original IE instance — where I could view my front page, but where I was not authenticated.  It was a lovely catch-22: If I tried to comment, I’d end up in IE window #1, with no user session.  If I tried to authenticate, boom!  I’d end up in the IE window #2, authenticated, but with nothing to comment on.

Fun huh?

To fix this problem, you can simply remove the https url of your site from your trusted sites list, so that everything runs in the same protection mode.  You can also meddle with your protection mode settings per site classification — after all, what’s the point in turning protection mode off for trusted sites, if doing so causes complexity rather than reducing complexity? At least if everything is in protected mode, you don’t have unasked-for windows popping up when you least expect them.  Of course, I haven’t used IE enough recently to know if there are other reasons why you would want protection turned off.   I suppose only time will tell.

Ah, it’s great to see we’re making progress.  To those hardy souls in and around the OASIS IMI TC with the mental fortitude to yet again enter into the great Identity Metasystem Definition Debate on mailing lists near and far, I salute you with a blast from the past, nicely formatted for pleasurable zen-like consumption:

Us Canadians are pretty calm – unless you mess with our few, sacred cultural icons.

This will be the first season in my life that Hockey Night in Canada won’t begin with the usual theme song. The Canadian Broadcasting Corporation chose not to renew the license for the song, and has instituted a reality-TV-style contest to create a new song. This new song, of course, will be fully controlled by CBC — that way, when the network is done with it, they can properly shelve the song, to make sure that a critical piece of company branding doesn’t, for example, end up owned by a competitor like say, CTV.

When I think of the old song, I think of Saturday nights growing up. I think of being allowed to stay up late during playoffs, I think of my Mom admonishing my Dad for yelling when the home team did something stupid, and all of us yelling when they did something well. I think of popcorn made with those old hot air poppers and of us kids rolling around on the family room carpet in pajamas that had the feet sewn right into them.

So – the next generation will grow up associating a different jingle to their family memories. That’s ok. Times change.   What baffles me though,  is that the CBC would let their rights to this song lapse.  It deserves the equivalent of a business Darwin award.  How much do you want to bet that the Coca Cola company still owns the rights to “I’d like to teach the world to sing“?  Even after several decades, I have to imagine that PepsiCo couldn’t get their hands on that song…

Heck, I guess it worked out.  If I feel nostalgic I can just trip on over to TSN.

On facebook, I can munge my birthday in several ways. I can provide good data and configure my settings so that nobody can see it. Alternatively, I can provide bad data and open it up to the world to draw their own conclusions.

The second choice does change my user experience in one way:

free razors for women 50-65