On a smartphone, passwords are even more irritating than ever, especially on a soft keyboard that’s so sure it knows what you want to type that the default is to correct what you actually wrote. That’s only a trimester if the phone has as big a vocabulary as you do.

For instance, when I started writing this on my Samsung Blackjack II with xt9, what I typed in the previous sentence was ‘timesaver’ - before xt9 ‘ corrected’ it… xt9 gives you the option to stick with your actual typing as long as you notice the change and the equally aggressive correction on the iPhone does the same (though I’ve never managed it myself), but it’s one more way that passwords are more likely to trip you up than keep you secure. Let alone that the UK now has the worst information theft figures in Europe, even though the French have the least secure passwords.

Switching to information cards where claims like who I am and whether I’m over 18 are encrypted, hashed and sent on demand to replace simple username and password makes logging on simpler and more secure, and makes it possible to add extra authentication. After complaining about Microsoft not issuing secure ‘managed’ cards I’ve been told to wait a few days for a major announcement; it might be the Equifax over-18 I-card service https://equifaxicards.com/imover/overview.do (only for the US at the moment, but it’s the first major public verified information card and it will soon be followed by cards to prove your credit rating, contact details or membership).

So that leaves getting sites and services to accept information cards - and being able to use them on any computer. They’re built into Vista, Windows 7 and any PC with IE7, plus there are open source plugins for Firefox and Safari.  And now there’s a completely unofficial implementation for the iPhone - which you can’t use.

Developed by Markus Sabadello, who works at Parity, it’s in two parts. The I-Card Manager (http://www.iphoneicards.com/)  shows up as an app in the usual place and lets you access cards you have stored with Parity’s free AZigo online card storage service (www.azigo.com- this is the easiest way to share cards between different PCs that you use) and see what details are on each cards.

There wouldn’t be any problem putting the iPhone I-Card Manager on the AppStore, but it’s no use without the iPhone I-Card Selector. This is a plug-in for Mobile Safari that lets you click the i-card login on a Web page and pick the card you want to submit.

And as Apple hasn’t published an SDK for writing browser plugins and won’t distribute them through the AppStore, you have to jailbreak your phone to install it.

Although there was huge enthusiasm at the Internet Identity Workshop where Markus demonstrated his application (and a petition was set up to send to Apple), the general consensus was that Apple would wait until the standard had actually taken off to integrate it. That’s a shame because, as I say, a phone is where typing a password is the most painful and relieving that pain would be an excellent way of pushing the adoption of information cards.
-Mary

The cloud demands identity. Microsoft has a strong, secure, privacy-friendly identity technology that’s open, easy to federate and will transform the Web and the cloud. So why is Windows Live ignoring CardSpace?

OpenID is a great tool for logging in to a Web site that you want to use but don’t need to trust. You wouldn’t want to use OpenID to get into your banking site because it’s just not secure enough, but it’s great for not having to remember passwords for LiveJournal, Dopplr, Plaxo and the like. You log into one site and tell the others to ask that site who you are. OpenID is getting less vulnerable, but it’s simply not intended to protect really important information.

The information card system is secure; it’s protected by cryptographic keys, it’s got a user interface that makes it very clear when you’re being asked to log in to a site, what the site wants to know about you and it lets you choose from a ‘wallet’ of cards to prove your identity. That gives you security and privacy and ease of use together (which improves security by stopping people using the same password everywhere. Microsoft put it into Vista and Internet Explorer 7 as CardSpace (information cards are the generic system and there are implementations that you can use in Firefox and Safari, on Macs and Linux machines, CardSpace is just the Microsoft implementation).

And since then, I’ve been waiting for Microsoft to deliver the next pieces. A token server that a business can use to issue its own information cards, and to validate them so you can use them for access to internal apps, preferably federated so you can also validate partners. And a public service that issues not just the self-certified cards that anyone can create with their public details but managed cards that have useful information that you want to protect. When you wave your passport or driving licence in an American bar, the bar doesn’t – or shouldn’t take a copy of it; they just need to know you’re old enough to have one. Put your birthday into a managed card and you can prove that you’re over 16 for a shopping site without handing over details that could help someone hack your bank account if the site loses its customer details on a USB stick, because the site only gets the assertion that you’re old enough, not the actual day, month and year.

Issuing cards was going to be a function of ADFS at one point, because it fits wither where enterprises store identity information; for development and resource reasons it went on and off the feature list and now it’s going to be a free component in Windows Server 2008 (and maybe other versions), code-named Project Geneva. Currently in beta at www.microsoft.com/geneva, there will be a feature-complete beta in the first half of 2009 and a final version in the second half. It leverages AD and SAML and x509, it interoperates with a wide range of line of business applications and it makes using secure identities easy in a business.

That just leaves a managed card service for those of us who aren’t in a big business and I’m still waiting. And in the PDC keynote today, Microsoft announced that Windows Live ID would be issuing a new kind of identity – but it’s not information cards.

So why is Windows Live ID proudly announcing that it’s issuing OpenIDs but not CardSpace IDs? Is it because OpenID is accepted by a lot of sites? So are information cards, and if you could get an identity you could trust from Windows Live other sites would be more likely to adopt them – because it’s easy to use Windows Live ID instead of running your own username and password system. Is it because OpenID is, well, open?

CardSpace is the most open project Microsoft has ever done. The architect, Kim Cameron, has almost single-handedly changed the perception of Microsoft in the identity community, which isn’t bad for a company that was so roundly derided for Passport. The open nature of information cards “just isn’t up for discussion” Cameron says (before plunging into a discussion with senior VP Bob Muglia about why you can’t constrain the scope of identity to just in the cloud or just on the server or just on the Web or just on the desktop).

Is it because CardSpace 2 is going to better than CardSpace 1? It will let you transfer information cards from one PC to another, and when you go back to a site you’ve used an information card with before, CardSpace 2 will show you the card you used last – which means that even if a phishing site accepts information cards to try and fool you, you’ll be able to tell (and the phishing site isn’t going to get the details out of your card so scammers can’t steal it). But Microsoft has adopted the first version of plenty of its own technologies even when there has been something new and better just around the corner. And issuing managed cards today, cards that have been verified and are backed by an identity provider, would be a huge step forward.

If it’s because Microsoft wants somebody else to issue managed cards because a supermarket or a post office or a government already has relationships with people and systems for handling information – or because they look like a more natural place to prove your identity because they can prove that you have a loyalty card or a post office box or a passport – then I’d say yes, but you can’t wait for that to happen. Once the first managed identity provider proves its value then banks and services that sell you certificates will join in, but you can’t keep on waiting to go first them to go first.

I wonder if it’s the legacy of Passport. Maybe the Live team wants to be extra sure they don’t rush out with an implementation that could have problems and create another Passport backlash. Or maybe they aren’t comfortable with the way that CardSpace takes the power of identity away from the provider and gives it back to the user; issuing managed information cards would be admitting once and for all that Microsoft is never going to own user identities in the way that Passport envisaged. Everyone I’ve met from the Windows Live team so far is smarter than that, which leaves me confused. Because it’s ludicrous that Microsoft has a far superior identity technology to OpenID that it’s getting ready to offer to businesses and it hasn’t even talked about how to bring it to everyday Web users who need it just as much.

I find it easy to spot most of the phishing messages that hit my inbox, because there’s nearly always an egregious grammatical mistake in there somewhere. Real messages from banks may be full of logical errors (like a regular savings account with a headline rate of 7% that never tells you that actually it averages out nearer 4% because not all of the money gets to earn the high rate for the whole year), but the spelling is spot on.

And spammers are in such a hurry to put up the Web pages they want to earn ad money on, or use for drive-by downloads to increase the size of the botnet they use to spend most of the spam from zombie machines, that they often make stupid mistakes. If you’re checking 100 messages a day in your junk mail filter for anything real that got in there by mistake, I’m not sure if it’s any comfort to remember that spammers are only human. But Google finds it useful.

According to Matt Cutts of Google at Web 2.0, Web spammers often use templates and tools to build their pages. And fairly often they follow the commented-out instruction to ‘type your hidden text in here’ - but never delete that instruction. The tools they use to fill in forms are simplistic too; the captcha you have to complete to leave a comment here is enough to defeat most of them - but so is a box labelled email address with the instruction not to fill it in. When the bot adds whatever email address it’s abusing, you know you can just delete the comment. Simple maths or the instruction to type in a specific word are beyond bots - at least until Jeff Hawkins perfects Hierarchical Temporal Memory.

If you have a site, you need to think of things that raise the blood pressure of the spammers without doing the same to your users. It’s like being chased by any dumb but dangerous pack animal, says Cutts; you only have to run faster than the slowest person you’re willing to sacrifice. If your system is a little different from the default installation of whatever you use, the default attacks are less likely to work and the spammers may move on to slower prey.

Apart from the obvious advice to patch, patch and patch again, Cutts didn’t say much more - because every time you tell spammers how you’re spotting them, they get a chance to stop doing that. A lot of what Google knows about spam comes from the analysis it does of real Web pages, which lets it work out what things go together. If you know that timepiece and chronometer are synonyms for watch, those strangely-worded Rolex spams are easier to stop. You can see this classification in Google Sets and it’s used in Google Spreadsheets. The equivalent of Excel AutoFill does more than days of the week and months of the year, without you having to add the lists by hand; start with red, yellow and blue and Google Sets will add other colours. Start with lion, tiger, bear and you get other animals.

But you might also get wood, tin and cotton. That’s because Google Sets can’t always tell the difference between the list of animal names and the list of animal toys on the Web sites it looks at. It will learn; like spammers it will learn more quickly if someone tells it what it’s got wrong. But at this point, we get into a race between whether the anti-spam tools can learn faster than the spammers…

Security theatre is what security expert Bruce Schneier calls measures designed to make us feel safer that don’t actually make us any safer at all. He discussed the positive effects of this at the RSA conference this week; flying is one of the safest forms of transport and if having to take off your shoes and abandon your bottle of water make you feel that airport security is good enough to catch terrorists and you fly rather than taking a more dangerous method of transport, then the security theatre has made you more secure.

Here’s another paradox. Too much security makes you insecure. If someone in your company is emailing customer information to their Gmail account and copying market forecasts to their laptop and keeping old price lists for months after they’re out of date, it’s more likely that they’re just trying to get their job done on the road than that they’re stealing data to pass to a competitor - and that you didn’t give them a better way to do it. Make it impossible to do my job securely and I’m going to break or bypass your security so I can actually do my job.

The wireless network at the RSA conference was a good example of this. It was secure. Very secure. So secure that without the five pages of instructions I didn’t manage to get connected, and I didn’t meet anyone else at the conference who managed it either. If I’d wanted to hack into the laptops of anyone at the show, I wouldn’t have tried to steal them. I’d have set up an open free wi-fi connection on the show floor and everyone would have connected to that instead, giving me a great opportunity to see anything that didn’t go through a VPN.

Hugh Thompson of People Security has a good grasp of security and security theatre; you’ll have seen him if you watched Hacking Democracy, the documentary about the security problems with voting machines. He closed the conference with a chat show that ranged from a funny song about SQL injection (not a very funny song, but still) to Eric Drew’s tale of having his identity stolen by a lab technician at the hospital where he was being treated for leukemia and tracking the man down himself (a story Drew makes funny in the retelling that would have been a tragedy if he wasn’t in remission).

Thompson had a semi-serious conversation with Bill Cheswick, co-inventor of the firewall. Cheswick jokingly referred to malware as a “denial of spare time attack” that at least means you spend time with the family and friends who ask you to fix their computers. He was also slightly tongue in cheek when he said that he hadn’t used a firewall in a decade because he wants to use a secure computer instead; “it’s that whole crunchy outside, chewy centre thing; now we have much bigger liquid centres and once you’re past the outside you have access to everything.” But Cheswick also had some serious predictions to finish off Thompson’s security cabaret.

• “IPV6 has been three years away for the last 15 years. We’re finally approaching it - so all those firewall rules are going to need redoing. That will be fun…”
• “More attacks are going to come in through the browser so it may not matter so much what that the OS underneath is. You go to the wrong page, or the right page that has the wrong advertising agency - you did the right thing on your site but the other guy got hacked. To deal with that there’s going to be more sandboxes. I want users to be able to do everything online. I want them to run free in a sandbox. I used ASCII email for twenty years. ASCII email is safe but you want to be able click on the pictures.”
• “Computers are going to get better. We’re in the barnstorming era now. We’re going to look back and say ‘remember when you had to be careful about what you clicked on?’”.

On the Internet, nobody knows you’re a dog. You can put up a Facebook page, send spam, pretend to be a bank; as long as you can read distorted characters, you can leave comments on a blog under any name you choose (I’d like to see at least one Mickey Mouse commenting to this post). Passwords are well past their sell-by date but proving your identity securely matters more and more. Identity online covers everything from throwaway accounts on forums to online banking and no one system is every going to ‘win’ - but they can learn to work together.

You can buy a hard drive from any vendor you like; as long as it fits in your PC and uses a standard interface, your operating system will take care of accessing the hardware and loading the drivers, leaving you to enjoy the storage space. The identity metasystem will do the same thing for user information, identity providers and sites that accept user details in the form of information cards. The terminology comes from Microsoft, the impetus comes from a wide range of customers and the technology comes from everybody from Oracle to Sun, IBM to Novell, the Liberty Alliance to the Higgins Project. Does it all work together yet? Not quite - but the Project Concordia interoperability workshop that opened the RSA conference today was a step forward.

Not least because for the first time Sun demonstrated an information card logon that used no Microsoft software at all; Sun’s Pat Patterson showed a system using OpenSSO v1 build 4 - which Sun will ship in the summer as Federated Access Manager 8.0, with an Oracle identity provider and Novell’s identity selector to deliver the same experience of logging in with an information card as a Vista user gets on the system using CardSpace.

Microsoft showed CardSpace sending SAML 1.1 and SAML2 tokens to a WS-Federation system. Ashish Jain of Ping Identity demonstrated a system using an information card from Sun to log into Gmail, running Vista in a virtual machine on a Mac talking to a Linux system. And systems from Ping, SymLabs, FuGen and Shibbloeth talked to each other and to Sun, Oracle and Microsoft systems using WS-Federation and SAML, transferring not just the identity of the user from a managed information card provided by a trusted identity provider rather than one the user had created themselves but also information like whether the user had provided a password or a smartcard rather than just clicked on a link.

Who needs that heterogenous a system? General Motors for a start, which is why Bob Haar, an IT architect at GM was chairing the workshop along with Microsoft’s Mike Jones and Eve Maler from Sun. Jones repeated what Microsoft is hearing from customers; “Some of the more interesting business discussions have been about risk. Certainly in the automotive industry, a decision has been made that there’s both at least cost savings and possibly minimisations of risk by going to federated authentication for collaboration with suppliers. Think about how many companies are involved in building a GM automobile or a Boeing airplane; it’s mind boggling.”

Haar explained that in a little more detail. “We think the federation gives us more control in real time to monitor and control access. There are legal and contractual aspects of setting up the business relationships and supporting for activities about auditing - if there’s a question about who changed this financial data or when it came through the federated environment, we have to have systems and procedures in place to make that happen.”

Sun’s demo didn’t use any Microsoft products at all and Patterson took something of a cheap shot by apologizing to Microsoft for that. Mike Jones smiled back and said actually, Sun had given him two of his three wishes. “I said three years ago we’ll know the metasytem is succeeding when interactions occur that use no Microsoft software, where Microsoft receives no revenue and Microsoft has no idea the interaction is taking place.” Today, the point is for the companies to be talking so they can make this all work. When it does all work, Sun wouldn’t need to tell Microsoft anything to have happy customers who could use CardSpace against a system that uses Oracle to issue identity information to connect through to another system that uses ADFS to do it. Assuming ADFS could issue and understand identity beyond Active Directory…

There isn’t a name for the next version of ADFS, or a shipping date but Microsoft promises, it will issue and consume information cards. This has gone in and out of the feature list for the next version of ADFS as shipping schedules and priorities shifted, but it’s back on the table says Jones - and Visual Studio will get tools for working with identity. “We probably wouldn’t have gotten permission to show SAML2 token support in the next version of our identity server products if we were not going to put tools into deployers hands to easily build and consume these tokens. We get that until it’s easy for developers to do this, a lot won’t. We’re looking at federation and information cards not as separate things but as parts of a spectrum people can deploy as it makes sense for them.”

Standards are good, runs an old joke; that’s why we have so many of them. Whether it’s a proprietary approach that’s become popular enough to document or a philosophical difference in approaches, there’s hardly anything in technology that you can’t do in two completely incompatible ways by following different standards. What’s happening in identity is a remarkably grown-up approach to tackling a problem. When did you last see Microsoft, IBM, Sun, Novell and Oracle playing nice together without government interference? Instead of expecting to own the marketplace, all the major players are putting in the effort to get their systems working with each other and with the standards. Imagine if all the effort spent arguing about whether OOXML and ODF could both be ISO standards had gone into writing translators to move documents between the two.

But once it’s easy for a service to accept identity logons from a variety of information providers, what is the user experience going to look like? The test sites had buttons to log on with every combination of service and they exposed the debug information so you could see what was happening; real sites won’t have that. But they shouldn’t have umpteen buttons to choose which information provider I want to use either; that way madness and another set of chances to get me to do something insecure lie.

Every credit card I have has its own branding, and there are plenty of different card readers in shops, but they all have a slot I put the card into and a keypad where I type in the PIN. I don’t have to press a button saying I want to use a MasterCard or an Amex card before I start - I put in the card and the reader works it out, hides the process and asks me for the important thing, my PIN. Sites using identity should do the same thing. Don’t give me a button for OpenID or SAML or Ping or Oracle or whatever underlying identity system I’m going to use happens to be, and make me click it and then click again to pick an information card. Use the same identity selector I’m going to give you my information card in; that way your Web site doesn’t have to have five otherwise identical pages and CardSpace or the Higgins identity selector or whatever the experience is on my OS and browser can do the hard work. All I have to do is say yes, I do want to use this information card with this site and you can concentrate on building something that works better because you know who I am without either of us having to care about passwords.

Way back when consumer digital maps were new, I went in to see the Dorling Kindersley World Atlas on DVD. We were looking at the California map and I wanted to see where the Apple headquarters were. I said ‘Cupertino’ and the helpful PR said ‘OK but I thought we could finish the demo and then have lunch’. We looked at each other blankly for a little while; they’d heard a rather curt ‘cup of tea now!’ rather than a place name. Even if you know you’re talking about location, there’s room for error. When you put San Jose into Dopplr, you get 25 places, none of them in California.

Fire Eagle - Yahoo’s new location service, which will act as a universal broker between location services like the Loopt system Google Maps uses on mobile phones and services like Dopplr - is trying to be smarter about identifying what you type. It knows that Grand Canyon is a place. And if my GPS has sent one location and I’m typing another in on the Web, it doesn’t just take the latest update.

It knows that my GPS co-ordinates in Campbell are actually inside the better-known San Jose area, so it can pick the most accurate designation. But if the last place my GPS knew I was before the batteries ran out was 60 miles away in Southern San Francisco, Fire Eagle will say I’ve moved on.

As a geek, I’m delighted. I’ll have much more chance of having an interesting conversation if a friend can see I’m not just in California but in San Francisco, not just in San Francisco but at the Moscone Center, not just at Moscone but leaving the press room and heading for the West Hall. I want the friend travelling from New Zealand for the Web 2.0 conference to know exactly where I am. I want my editor to know pretty well where I am, although if I’m interviewing a source in the bar rather than writing up copy in the press room I might want a fudge factor of 50 feet. My sister wants to know which state and maybe which city I’ll be in. The PR person trying to reach me probably only needs to know which timezone I’m in.

But do I want every Facebook user - including the burglar who’s spotted we look at a lot of new smartphones - to even know I’m out of the office? My personal blog is more likely to have a photo of the drawer unit I decoupaged at the weekend than of the drawer unit in place, with two monitors and a scattering of mobiles on it, for much the same reason; or if it has the more revealing image, I’ll be limiting it to ‘friends and family’ via settings on Flickr and LiveJournal.

Actually, of course, I’ll have to do both, as the two sets of identities don’t match up. If LiveJournal users annoyed at the way the new Russian owners of the site have handled introducing adverts on all free accounts migrate to other services, it will be even harder to include the people I want to publish to, because the only cross-site identity that’s really in use is OpenID and it’s not ready for primetime.

For one thing it’s not supported by every site (or even a large proportion of them), and there’s a mix of support for the older, less secure OpenID 1.1 and the newer, stricter OpenID 2. And even with the newer, stricter OpenID 2, OpenID isn’t secure; it’s vulnerable to attacks from either end of the connection, and the middle - that’s because it’s little more than a simple, lightweight way of saying ‘that URL over there? It’s me, that is’.

It doesn’t say what the URL you’re pointing at is, only that it’s some URL that supports OpenID. Mary.WeHackYouForMoney.com is a valid OpenID (well, it would be if I paused to register the domain and set up the OpenID code).

Open ID is good for the simplest of single sign-on systems (for more complex enterprise SSO, take note that IBM just bought Encentuate). It lets me say, without an API, that the me on Facebook is the me on Flickr, LiveJournal, LinkedIn and so on (because I have to tell each site to accept the OpenID request from the next one, so I must have the username and password to get into each previous account).

Anil Dash of Six Apart (former owners of LiveJournal) mentioned to me at Etech 08 that several large customers (for values of large enough to run Oracle)  are using Open ID for employees and partners so they can prove they work for the company in online discussions. Proving identity is a nice idea; but Open ID just proves they have access to a domain that sounds about right. To have an Internet-wide identity system that will let me choose friends  across a mix of sites and services, there’s going to have to be something a little stricter, like SAML, WS-Federation.

Identity systems like Higgins, Bandit and Microsoft CardSpace could all work together to let me pick an information card with the information I want to assert about myself and an identity provider I want to have back it up. Then you’d know that Experian says I’m on the electoral role and IT Pro says I’m a writer here - and when you choose to let me see where you are in the world you’d know who you were showing your itinerary to.

And if you’re still expecting CardSpace to make the same mistakes as Passport and pass your details on from every site using it to Microsoft… About the same time IBM bought Encentuate, Microsoft bought Credentica; not so much for the UProve software as for the maths behind it. This is a provable protocol that lets you outsource information provision without letting the information provided out of your system. Instead of boning up on CardSpace and SAML, you could say to your usual IT consultancy ‘bill me for a CardSpace system that proves my employees work here’. The information provider would assert that your CTO was your CTO, but it would never get his name to pester for a new contract. The information provider wouldn’t see my travel dates or my list of who I count as a friend. Identity, location - and a bit of privacy.

When we landed in Los Angeles this trip, I was relieved and disappointed at the same time. We’d been expecting the new ten-finger sensors instead of the left-index-right-index-photograph dance you currently do, but they weren’t installed yet. I’m keen to see these in action, and I don’t expect to be in Boston, Dulles or Atlanta any time soon (they’ll be in all US airports by the end of the year). The current scanners are optical - rather like a bar code scanner in a supermarket. That’s a little slow and could be fooled by a fake finger (unlikely as the TSA agent would spot it).

Scanning ten fingers is good for security - more chances of a match with fingerprints the FBI has found at crime scenes where you’re as likely to get a thumb print as anything else. And if it’s not going to take five times as long, it must be using an active technology like the AuthenTec scanner in my HP 2710p notebook - and I want to see how well it works in a heavy duty situation.

I like the HP scanner because I don’t have to remember passwords any more, so I can make them longer and harder to break. I wish HP would write a driver to let me use it for scrolling and I can’t wait until the promised update compensates for the way the screen moves a little as I scan my finger so I don’t have to brace it with my other hand any more. This is much more about convenience than security, and I think my fingerprints are safe enough in my PC. I’m less happy about government use of biometrics, because the government has a terrible record on data security and a dubious one on protecting privacy.

Motorola didn’t reassure me after they did a pilot for biometric visas for the UK, Austria, Luxembourg, Portugal and Spain and the UK. “From the pilots we’ve been involved with, it’s clear that the biggest challenge is around working practices,” says Gillian Ormiston, senior solutions consultant for Biometric Identity Management and Security Solutions at Motorola. The biometrics worked fine - but switching from a paper visa process to tapping it all in on computer wasn’t always as smooth, and that’s where security problems - or just mistakes - can happen.

A friend of ours is cabin crew with a major UK airline and that meant he ended up in the pilot for the US visa biometrics some years ago. He and a colleague were scanned, photographed and welcomed to America. Next week he was back at the same airport, but his fingerprints didn’t match; turns out they’d switched the scans for him and his colleague.

It should have been obvious from the photo that our friend was the same person. It was, in fact, but there was no way to easily update the record to deal with the mistake. It took months to sort out and even if the TSA is very polite about secondary interviews, it adds at least an hour of sitting around being checked on before you can get into daylight and start adjusting to the time zone.

Security is a process rather than a state; it’s what you do rather than what you are. But the process of how you get to be secure - as an individual or a country - has to be right too. Just putting biometrics into a system doesn’t make it more secure.

My phone knows where I am, and when I flew to Geneva the other week it knew what time it was; the operator pushed a time signal and Windows Mobile 6 happily picked it up. It confused me when I took the phone out to change the time - but it also meant the appointment with the contact number for the taxi driver was up on screen where I needed it. I connected my PC to the Orange World Wi-Fi in the hotel (at the fifth time of asking; if you’re using a mix of numbers and letters as your username and password, please use a font that allows the user to distinguish 6 and G ). My PC sat there stubbornly believing it was on UK time, even though it had a French IP number.

I’m not expecting every PC to have a GPS in, and it doesn’t need to. Never mind battery life, it’s useless inside anything bigger than a garden shed and even in a city canyon it’s impractical; it took my O2 XDA Stellar 15 minutes to get a GPS fix in Covent Garden this week. What I’m after is a utility that uses the location services like Spotigo, Aruba, Navizon, PlaceSite, Skyhook and all the rest that give you location based on your IP address/what wireless access points you can see and when it gets a location that’s different from the time zone Windows is set to, up pops a prompt asking if you want to change it. If you want to be all social networking about it, the utility could upload my location to services like Facebook - or preferably just my timezone, as I’m sure burglars read Facebook too. I could have a widget in the Sidebar showing who’s in the same timezone as me or get an alert if someone I know is in the next street.

I’ve used Navizon on Windows Mobile for the last year to get locations and I like it but the desktop version is a Java applet and although the API supports time as part of the location info I haven’t found a timezone utility for it.

Skyhook’s Loki will do the locating and publishing bit. It’s pretty good at locating too; this is the service used by Google Maps on Windows Mobile and the iPhone and it knows where we live. Skyhook can use a combination of GPS, IP address, Wi-Fi and cell tower to cope with a range of environments.

Navizon uses user-contributed data for Wi-FI and cell tower and is either very accurate or about 2 miles out; Loki (and Google Maps Mobile) are either very accurate or not working at all.

Loki s obsessed with search; that’s because ads you click on make money. Personally, results in the same town as me may or may not be more relevant to be depending on how far ahead I’m planning and I don’t actually want any more browser plugins, thank you. But digging through the options - yes, it will change my timezone for me, or ask if I want to in case it’s wrong.

This would be a good service for tools like Xobni to use; this handy Outlook plugin shows a ‘heat map’ of the times of day a particular person sends and replies to email. That’s pretty useful already - it tells you that you have a much better chance of getting a reply from me between 10.30 am and 7pm or between 11pm and 1am than at any other time. Assuming I’m in the office; the location timezone service could tell you if I’m in California - and if Xobni was really smart and I said it was OK for you to know where I am (cue my usual call for an identity abstraction layer for the Internet), it could shift the heat map to California time. Or better still, it could calculate a different heat map for when I’m in California, when you’ll reach me between 9am and 11am, 2pm and 6pm and 9pm to midnight most days.

At the moment you can look at my Dopplr trips, or my Facebook status, or my most recent personal blog post or the last photo I posted on flickr to work out where I might be - if I’ve remembered to update them and you remember to check them (a friend assumed I’d be in Barcelona for Mobile World Congress this week, and ended up having a night in instead of coming round for dinner). That’s both of us doing extra work that the computer should be taking care of and I’m sure that’s the wrong way round. 

There’s two halves to this. One is that location is a really useful service (see my 2008 Technology Resolutions), especially as more of us work from home, travel around more and run out of time to arrange meetings with friends. And that’s the really big thing. I want computers to start saving me time and getting more done for me, not by making it faster to get my accounts done or by letting me try 90 versions of my Web site in the time it used to take to write one, but by working out the context and giving me opportunities. If my To Do list says I need to get something from the Lurgashall Winery for a friend and I get a message from a friend in Billingshurst needing help with something and a mail from a client in Horsham wanting to talk about work, having my PC suggest that I’m in Guildford on Monday is handy (and we think it’s why Microsoft wants Yahoo!); having it know I’m actually in Guildford today even though I didn’t update my calendar and give me an itinerary for the afternoon is even more useful. And it’s the computer doing the running around, not me. For that, I’ll put up with another browser plugin.
-Mary

I had to revert to typing in a password on my notebook the other day.

I usually brush my finger over the fingerprint scanner and as I let the security software store passwords and login details for as many sites as possible I don’t have to remember many passwords at all now. Roll on CardSpace - when I can store my details on an InfoCard and present that instead of typing in whatever random selection of information a site demands to let me download trial software or white papers, I shall feel a lot more productive.

I always scan at least two fingers when I set up a biometric system, because the software insists. I usually scan a thumb as well but with a minimum of three scans to do per finger and me in a hurry to try out a new system, that’s usually enough. Perhaps I won’t mention which fingers I usually scan, just in case, but I scan a thumb  so that I can log on in tablet mode without having to twist - a well placed fingerprint scanner is convenient for both modes but you do need different fingers.

But come Boxing Day, none of my fingers or thumbs were getting me in. Turns out this was because they were all on my right hand - and I’d been preparing Christmas lunch with someone else’s knives. It’s not that they’re bad knives, just that they have a different weight and angle and they’re not as sharp as I’m used to. It’s like using a US keyboard - mostly it’s fine but the odd thing trips you up. In this case, slicing the potatoes and carrots and parsnips and sprouts and cutting the onion in half for bread sauce and shoving cloves into it, and cutting the lemon in half to go inside the turkey and even scraping ribbon with a scissor blade to make it curl had left me with very fine cuts on the pads of both fingers and the thumb that were in the system. Not enough for me to notice, certainly not enough to bleed but enough to stop the system recognising my fingerprint.

I hope the fingerprint scanner at US immigration in Las Vegas can cope with the marks better than this notebook!

Mary

I’m not a big Facebook fan. Part of it is that I’ve seen a lot of online communities, from Usenet and the uniquely British CIX to AOL and Web forums and IRC and LiveJournal andLinked in - and the evolution of online behaviour that occurs in all of them is the same. Food fights and virtual flowers replace SIG files and ASCII art but a me-too meme is the same whether it’s plain text or fancy CSS (and don’t get me started on second life because that’s a whole ‘nother rant).

But I’m not an online Luddite. I live in email and IRC. Simon and I met online (in a virtual bar,  when it took a really long time to explain to people what a virtual bar is. Online interactions can be efficient, lightweight and productive or rich and deep. Being able to find and connect to people you know is both fun and useful. Sharing what you do online is all fun and games until someone finds out what you’re buying them for Christmas (or in a Love, Actually manner, what you bought for someone who isn’t them).

Facebook has scaled back its Beacon advertising programme and issued a disingenuous ‘my bad!’ apology that still makes it sound more like a feature for users than a revenue stream for Facebook.  After all, the apology doesn’t say you can opt out of having what you do on partner sites like Blockbuster sent to Facebook in the first place. It says “If you select that you don’t want to share some Beacon actions or if you turn off Beacon, then Facebook won’t store those actions even when partners send them to Facebook.” Facebook could still use the details to optimise the ads you and your friends see, and there’s nothing in the privacy settings to let you turn that off.

I’m not the only one who thinks this is irresponsible. There’s been a lot of complaining going on - from a VP at Microsoft who reports to Ray Ozzie trashing both Facebook and Blockbuster publicly to the sterling efforts of Valleywag -the Silicon Valley equivalent of Private Eye - to find out exactly what information Beacon does and doesn’t store. There’s been some back and forth between Facebook and Harvard’s 02138 magazine over whether it was OK to put court documents about damages to the college house where Facebook was written and Mark Zuckerberg’s response to the Harvard disciplinary committee online or whether that was an infringement of privacy (Facebook took the magazine to court and lost).

But while I’ve been excoriating Facebook for not buying a clue about how to treat information users never gave it permission to publish, it struck me that maybe we should be thanking them. After all, Facebook has done more for public awareness of privacy issues than any number of well-meaning campaigns. A bit like HMRC and data security, Facebook has made sure that people all over the world care a little bit more who knows what about them. It’s an excellent time for Ask to launch its new privacy feature, AskEraser, where you give up the personalisation search engines thing we want in favour of the privacy some of us actually prize.

The option has been in development for a while - it takes time to code these things up - so the timing is just luck for Ask. It’s an opt-in system, so you have to click and turn it on and accept a cookie that says nothing but ‘privacy please’ - and if you try to use a feature that relies on personalisation you’ll get the option to turn it back on. Ask promises that details like your IP address and search terms will be scrubbed off the system swiftly. They’re not expecting enough people to choose the option to cause problems with the analytics they use to tune searches based on how people use the results.

If I was searching for something I really didn’t want anyone to know about, I’d use an anonymising proxy. Ask will still have some information about you that lets them comply with legal demands. But this is an excellent opportunity for people to show that actually, we don’t care if your company thinks using us to market to our friends is just the same as me saying voluntarily that I like to shop with John Lewis for the service, support and never knowingly undersold bit, we’d like to choose who we have those conversations with and when. If what I have to hide is Simon’s Christmas present or just my personal business, why should you get to broadcast it without permission to make money from it?

Facebook has made a lot more people consider what’s personalisation and what’s an invasion of privacy. Head over to Ask.com and you’ve got a chance to have your view counted.

-Mary