Kiss Internet Security Good Bye: Unified Password Proposed By US Commerce Dept. Puts All Your Eggs In One Basket

The US Commerce Department is backing a new unified login system protected by biometric or smart card technology.  So far there has not been a consumer bio or smart card technology I couldn’t beat.  I’m not a super hacker.  I’m a pretty normal guy.  So the idea of putting all the eggs of my identity and banking in one “Cart” scare the $h1T out of me herunterladen.

The systems would use a single sign-in each time a browser capable device connects to the Internet, a “secure” authentication would happen using biometrics or smart card, and once logged in, users could access site that has signed up for the program filme von prime video downloaden.

John Clippinger co-director of the Law Lab at Harvard’s Berkman Center for Internet & Society  who is spearheading the plan (and who is an idiot) says "You are your password in this system pc games free download full version windows 7. It will be far more efficient and you’ll control it much more." Unless someone gets your smart card, or clones it, or breaks the authentication… Then they have access to everything, not just your amazon, or your banking, or your Facebook.  Absolutely everything…

Imagine this scenario… I get your smartcard, login, go to your Cell phone provider, turn it off, or forward it to my cellphone (even better).  I log in to your bank account, empty it, log in to Amazon order a bunch of stuff, and in 3 days, you notice no one has called you,  then you try to get ahold of your bank, but your cell phone doesn’t work, so you can’t easily call, and during this time I have robbed you blind changed all your information so you can’t easily get it back, and I didn’t have to hope your passwords were all the same, because well they all are, because that is the point herunterladen.

The first thing anyone with half a brain in the security space will tell you is that you shouldn’t use the same password everywhere.  Well just because you have a stronger lock doesn’t mean you should key everything you own the same audible audio herunterladen.Kiss Internet Security Good Bye: Unified Password Proposed By US Commerce Dept Puts All Your Eggs In One Basket John Clippinger is an Idiot

John Clippinger is not a technologist, he works in Law.  Instantly that makes him an idiot.  Maybe not about everything, but about technology herunterladen. Ok maybe that is too harsh, but this is like the security in AACS (Blu-ray) which was OK encryption, but relied on the DMCA (a law) to keep it from being hacked, not an actual super encryption algorithm that was unbeatable herunterladen. It was claimed when Blu-ray was introduced that AACS would be uncrackable for a decade.  It took less than a year. HDCP took longer, but still only took 3 years, and mostly because it required special hardware to try and defeat it herunterladen.

No matter how strong the lock it will be broken, and the more monetary incentive the faster it will be broken, and if every site uses the same authentication, and every user uses it, there will be a lot of incentive herunterladen.