Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Facebook Security The Internet

Will Facebook Become the Net's SSO? 314

Posted by CmdrTaco from the how-about-no dept.
lordDallan writes "Simson Garfinkel at MIT Technology Review muses on the idea of your Facebook account becoming an 'Internet Driver's License', ruminating on the idea of an individual's Facebook login becoming their single sign on for the web. I say NO THANKS!!"
This discussion has been archived. No new comments can be posted.

Will Facebook Become the Net's SSO? More

Will Facebook Become the Net's SSO?

Comments Filter:

  • Re:I never understood the mark of the beast folks, (Score:5, Informative)

    by dreamchaser ( 49529 ) on Wednesday January 05, 2011 @03:48PM (#34768486) Homepage Journal

    So the mark of the beast is Mark Zuckerberg?

    No he's the Antichrist. Try to keep up. The Mark of the Beast is having a Facefuck account.

  • Re:Mark of the Beast! Mark of the Beast! (Score:5, Informative)

    by Caerdwyn ( 829058 ) on Wednesday January 05, 2011 @06:30PM (#34770652) Journal

    Yup. With most browser default settings, if you have a Facebook account that you've logged into even once since you last completely cleared your cookies and cache, and you see a Facebook icon on any website you visit, Facebook records that you visited that website (regardless of whether you're currently logged into Facebook or not, it's going by cookie-tracking not login). If the website owner has a deal with Facebook to buy your profile info, your account information (name, location, friends list depending upon the most recent violation of Facebook's privacy policy or security stance, demographic information) are then sent to the website so they can greet you by name and present you with targeted ads.

    And then that website visit, added to your history, helps to further refine Facebook's profile on you, and increases its cash value to advertisers. That's a lot of value, and is why Facebook is valued at 50 billion dollars. Each user is worth about 100 dollars to Facebook's valuation. Given the fractions-of-a-penny cost per exposure that bulk advertising costs, you can work out the math to figure out how many times they have to sell you to others to justify that price. You're getting sold more often than a Senator in an election year.

  • Re:I never understood the mark of the beast folks, (Score:4, Informative)

    by fyngyrz ( 762201 ) on Wednesday January 05, 2011 @06:58PM (#34770990) Homepage Journal

    You do realize that there are far better places on the net to archive your images, given that you can't be bothered to do it yourself?

    Also, that when you get caught peeing on a bush, drunk, or "interface" with a girl an hour the wrong way over an arbitrary age line, or just get too many spam emails with Unsavory Images in them, and consequently receive your highly coveted "sexual offender" listing, facebook will toss you out and your pictures in the trash, right?

    Oh... and there's always that whole feature when "facebook goes away" due to hardware failure, natural cat-ass-trophy, EMP, solar flare, etc... that your photos will also be the first to not get restored, because they weren't, and aren't, important to facebook in any way, shape or form? Another reason to use a photo-centric site which *depends* upon keeping your photos.

  • Re:If FB does become the SSO, at least do it right (Score:4, Informative)

    by icebraining ( 1313345 ) on Wednesday January 05, 2011 @07:38PM (#34771426) Homepage

    It's one entity. "Entity" is a flexible word, you know.

    The problem is that you are ambiguous by changing the type of entity you're talking about in the middle of the sentence. First you give MS and FB as examples, therefore I think it's not my fault that I infer that you're talking about single providers, which OpenID has none, instead of "a single set of credentials".

    Somebody compromises that and you're done with no ability to perform damage control.

    If you run your own provider and/or entry point you can shut it down. In my case, I can physically pull the plug and cut their access - the server runs in my home.

    You can sing the merits of OpenID all you like. If they have a marketing team maybe you can join up with them.

    FFS, just because I said what I said, doesn't mean I consider it the best authentication solution ever. In fact, I agree that long, random passwords for each website are more secure than any of these SSO solutions, and I wouldn't use OpenID for any important login.

    Having said that, I think SSO is a convenient solution for the hundreds of websites that ask me to register, and force me to have a password manager which is annoying when I'm accessing the web from different devices, including public computers.
    And from all the SSO solutions, OpenID is the only I like, since it's not tied up to a single company or authentication system and I have more control over it than using Google's, for example.

    You have still failed to address the core problem with it as a scheme just as you have failed to comprehend what the issue is about.

    I understand the issue. You're right, by reading your first line I didn't think that was the issue you were referring to - but I don't agree that it was my fault alone.

    This isn't the first post I've seen from you that demonstrates your inability to read a post and reply to what it was actually talking about.

    Maybe if you bothered to login I could say the same.

Slashdot Top Deals

Heisenberg may have been here.

Close