| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <47E686FA.7020300@libero.it> Date: Sun, 23 Mar 2008 17:36:10 +0100 From: fabio <ctrlaltca@...ero.it> To: full-disclosure@...ts.grok.org.uk Subject: Re: OpenID. The future of authentication on the web? There're more complications: who owns/controls the service can track down your movements between different webplaces, profiling your common habits/preferences. How long before banners will follow your navigation trough different websites where you use the same identity token? CtrlAltCa Paul Schmehl wrote: > > In general, I am opposed to anything that encourages people to use the same > id and password across multiple domains. The potential for complete > compromise of everything you have/own/are is too great. > > Paul Schmehl (pauls@...allas.edu) > Senior Information Security Analyst > The University of Texas at Dallas > http://www.utdallas.edu/ir/security/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists