Liudvikas Bukys

TechRepublic:
Planning basics: What to consider when estimating the cost of deploying firewalls

Craig Burton weighs in on Microsoft’s Hailstorm.

Key quote: The bad news about this is that we have to live with all this Microsoft FUD while they try to own what can’t be owned and control what can’t be controlled. The good news about this is that it leaves lots of room for the Internet OS to happen — with, or without Microsoft.
[via cluetrain News]

Shawn Bayern at Yale:
“Secure Single Sign-on: Principles, Goals, and Compromises“.

See also: Yale’s “Central Authentication Service“.

Amazoning The News
by Ellen Kampinsky, Shayne Bowman, Chris Willis

Adapted from a presentation by Ellen Kampinsky at The Editor & Publisher Interactive Newspaper Conference, Feb. 21, 2001

What if we told stories on the web the way Amazon sells books? Storytelling on the web demands its own vocabulary and strategies — indeed a whole new way of thinking. The web site that does the best job of telling stories in a web-appropriate way is also the most successful: Amazon. So blow up your old notion of “story.” See what happens when you apply Amazon’s user-savvy approach to typical news events.
[via Evhead via Scripting News]

Joel Spolsky on Passport. “If you really trust any Internet company to protect your privacy, I’ve got a bridge to sell ya.” Joel is an ex-softie from the Excel team. [Scripting News]

Jacob Levy’s explanation of HailStorm, from the pov of independent developers. [via Scripting News]

Quoted in its entirety so you don’t have to join a Yahoo group to read it:

From: jyljyljyl@yahoo.com [email-via-yahoo]

Date: Tue Mar 20, 2001 0:44am

Subject: Microsoft Passport & HailStorm

It’s wonderful how some good food enables you to think again. Having
had dinner and having reread everything I could find about HailStorm
and Passport, here’s what I believe to be the situation:

• developers will be able to provide services that fit into the
  HailStorm service.

• some payment services will be supported, most likely the big three –
  American Express, Visa and Mastercard. We saw American Express in the
  press show.

• there will be no way to compete on the back end, to provide services
  such as identity management, authentication and such.

• service providers such as stores (ebay, amazon, the gap, lands end,
  etc.) will have to sign a contract with Microsoft to get access to the
  customers.

This is a very bold move on Microsoft’s part, a total morphing of the
company from a software vendor to a service vendor. Any possible
outcome of the current antitrust resulting in restrictions on how they
do business is already totally irrelevant.

I have to say, it makes total sense and is a stroke of masterful
tenacity on the part of Microsoft. They hope to achieve a snowball
effect so that

• All users of the various Win32 OSes will automatically plug in to
  their HailStorm scheme. Scoble said something about WinMX users not
  being able to get on the ‘net without first signing in. Of course as a
  side benefit this will also stop software piracy cold.. Great!

• All Internet software developers will want to plug into their
  platform to get access to these users.

• All Internet B2C commerce vendors will want to plug into their
  platform to get access to these users.

• All payment schemes (Visa, etc., and your favorite Internet bank)
  will want to plug in.

• As a result of all this, Microsoft is sitting pretty in the middle
  of this spider web collecting a nonce on each transaction.

The most telling part of this is that none of the protocols are
currently open. Of course they’ve sprinkled some magic fairy dust on
the whole business by repeatedly saying the XML and SOAP buzzwords.
I’m not going to hold my breath waiting for Microsoft to publish the
protocol they’re implementing between the PassPort server and the
American Express payment clearance server, for example. Doesn’t matter
what its written in, XML and SOAP or ancient greek on papyrus, it’s
not going to be open.

Methinks its time to move on beyond this venting and think what we’re
going to do about this. As I said in the start of this thread today,
we don’t need Microsoft to implement any of this.

Microsoft: “All your data is belong to us”.

–Jacob Levy

Hailstorm:
Transcript of the Microsoft press conference today. [Scripting News]

Canonical XML now official. Canonical XML, a technology particulary important for
implementation of XML-based digital signatures, has been
released as an official W3C Recommendation. [xmlhack]

Useit.Com: From June 25, 2000; Jakob Nielsen:
The Network is the User Experience [Tomalak’s Realm]

See also:
July 23, 2000:End of Web Design

White paper: Microsoft HailStorm. “Support will also be included for integration between Windows authentication and Passport authentication of users, so that a user logged onto Windows XP will also be logged onto Passport and therefore able to receive their HailStorm services.” [Scripting News]