Home > Windows > Microsoft to flash Windows ID cards Microsoft to flash Windows ID cards Eugenia Loli 2005-05-18 Windows 19 Comments Microsoft is getting ready to provide an early peek at new Windows software that aims to help consumers deal with the plethora of Internet logins. Also, more on Windows XP “Eiger”, the lean Windows client. About The Author Eugenia Loli Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker. Follow me on Twitter @EugeniaLoli 19 Comments 2005-05-18 7:38 pm I maybe a bit ignorant in not really investigating this any further; but how is this different from Passport? 2005-05-18 7:40 pm Microsoft has been pushing this under various guises since the early 1990s. There was a big push a few years before Passport which went out in a fizzle. This is more about being a new attempt to get consumers and corporations to adopt their reworked SSO products than it is about them delivering new products. 2005-05-18 7:55 pm Other point releases include Eaguar and the current SP2 release Eanther. Its just a point release. 2005-05-18 8:03 pm Apple has this already in keychain. Any app can use it and if they wanted to pull a microsoft, they could add proprietary html tags or something into WebCore to have websites access it. Am I wrong? 2005-05-18 8:10 pm Gee, i would install this thing in hyper-turbo-advanced new hardware too No need for nLite anymore 2005-05-18 8:48 pm Is this like Gnome keyring manager? 2005-05-18 9:17 pm If all you wanted to do was browse the internet and listen to music, you could. But what apps can be installed is very limited (you can’t even install something like Outlook on it). Basically, as it is right now, what it comes with is what you get, which is very unfortunate. Nerds/Geeks would love to have this. Or at least a way to build their own install of XP Embedded. 2005-05-18 9:29 pm You’ve got to give them Microsoft credit – they don’t give up, and they always succeed in taking their rivals on a magical mystery tour they don’t even know they’re taking. This is just Passport re-hashed under another guise (and before that with MSN, the Microsoft Internet etc. etc.), which is the guise of making things easier for users. However, many companies have already tried, and are trying, smart card access and it simply just doesn’t work. It simply doesn’t make things any easier at all. The main crux is that you’ve still got to buy into one all-encompassing log-in system to make it work, or at least have interoperable systems. This is where Microsoft’s recent co-operation with Sun, and other activities, on identity management makes sense. Microsoft have cleverly realised that they cannot do this alone, and need to get the Unix world in on it in some way. It would be interesting to see if Microsoft are contributing to neutral standards between the two companies, or whether Sun is simply licensing and adopting Microsoft technology. I’m betting the latter. Wonderful. Sun servers using Microsoft technology making sure that the Windows desktop monopoly is strengthened further, and in turn, ensuring Sun still dies as their servers are gradually replaced with Windows through Microsoft controlling the very technology, and relationship that Sun believes will be their saviour. You can’t make up a better script than that, but it has to be said that a lot of Microsoft’s rivals, like Nokia, are buying into it. I would imagine that was what Steve Ballmer was talking about with Red Hat’s CEO, Matthew Szulik, about in that restaurant – namely the licensing of and collaboration on such technology, and possibly the licensing of Windows Media formats. Szulik would have had no option but to tell him which stop to get off at. 2005-05-18 10:29 pm PCs are not secure, and the information stored on them isn’t secure. All it takes is one hole in Internet Explorer or an E-Mail worm to transmit files from PCs to whoever wants the data. If the InfoCard data were stored in a known location, worm programs could easily steal identities at will. This is why I don’t keep account numbers or passwords recorded in any file on my computer, unless it is well encrypted. At first, I thought Microsoft might be coming out with real cards that require card readers, like Java Card, but I guess that would be asking too much. Another problem mentioned in the article (same problem as Passport, BTW): “For InfoCard to work well, commerce Web sites will need to adopt the technology, as will other businesses, such as credit card companies and banks, Microsoft said.” Only a handful of sites like EBay ever supported Passport logins. No other on-line vendor I came accross ever used it. 2005-05-18 11:05 pm Another problem mentioned in the article (same problem as Passport, BTW): “For InfoCard to work well, commerce Web sites will need to adopt the technology, as will other businesses, such as credit card companies and banks, Microsoft said.” Only a handful of sites like EBay ever supported Passport logins. No other on-line vendor I came accross ever used it. Passport didn’t receive very wide adoption because, however small their role, MS was basically a middleman between service providers and their customers. This (basically the product of the TrustBridge initiative)is different because it’s federated, based on standards that will allow businesses to pick what technology they want to use on their end and interoperate with Passport or other similar technologies the user chooses to use. Information control is more granular, allowing the user to control what data and how much data is transferred to a service provider for whatever service is offered. Microsoft’s only role would be one of many possible software vendors on the server/client. Whatever platform/software the service provider or user chooses, as long as it conforms to the standard in some way (transforming native identity to standard identity), Passport, Liberty, or whatever other conforming tech will interoperate. 2005-05-18 11:52 pm Eiger? As in riding the coat-tails of Tiger? Weird. 2005-05-19 12:18 am I just hope this errr… InfoCard will be as successful as its predecessor. 2005-05-19 1:08 am is that this solves the “MS central DB of info” problem. the company can have the person check in and out the keys when they get to work and then the worker simply plugs it in and begins working with all the privileges they have. as computers get smaller, perhaps adding electronic fingerprint reading tech to these key devices will make ti even more secure, so only the user it is registered to and the site manager can access the key to use on the computers. 2005-05-19 2:39 am If at once you don’t succeed, try, try again… http://www.microsoft.com/presspass/features/2001/mar01/03-19hailsto… 2005-05-19 8:18 am It encourages people to install it as an upgrade replacement for full versions of Windows 98/NT4 but it won’t run most applications…. basically it runs IE locally but not outlook (or firefox or thunderbird!!!!!) but forces you to use remote desktop into a Windows terminal server (or XP Pro PC) to run other stuff. It can only entrnch their monopoly. Ironically, Windows XP installed using the winnt.sif setup script ability can easily be stripped down enough to run well on anything from a P2-333mhz up, as long as you have enough RAM (say 256mb or more, to account for the overhead of AV and firewall), and you disable unused services and the theme engine and effects. 2005-05-19 9:10 am Start > Run > “control userpasswords2” > Advanced > Managed Passwords. Works quite well, though annoyingly Outlook 2003 doesn’t store Exchange credentials In our desktop environment, we’re having to develop our own SSO model to alleviate the pains of users having to log on to various different systems every day. It’s a shame there isn’t more support of the aforementioned credenital storage in XP applications. 2005-05-19 1:13 pm Eiger? As in riding the coat-tails of Tiger? A Swiss moutanin is riding on the coat-tails of an Apple OS? Jeez, not everything is about Apple, you know. 2005-05-19 2:14 pm Eiger is the name of a famous mountain in Switzerland. What a shame for me and Switzerland that microsoft tears down our image. I guess the next release will be called Mönch (Monk) or Jungfrau (Virgin), these are the names of the two other mountains of the chain. a nice picture of Eiger, the mountain (i guess it doesn’t crash as easily as microsoft’s) http://www.about.ch/cantons/bern/eiger_moench_jungfrau.html 2005-05-21 3:05 am The cardinal problem with single signon systems is that they provide a single point of compromise. If the InfoCard system on your machine is compromised, ALL confidential information is lost. The utility of such systems also depends on consumer information usage. Say, for example, if I use my credit card twice or thrice a week online, I would be inclined to enter the information myself, rather than trusting a piece of software. What’s good is that Microsoft is first releasing the product to software developers.