Currently browsing category

Digital Identity

Paradux: a scheme to recover from maximum personal data disaster

[caption id="attachment_4282" align="alignright" width="300"] Credit: U.S. Air Force photo by Staff Sgt. Taylor A. Workman[/caption] The recent California wildfires got me thinking: if my house and my town burned down so quickly that I did not have time to grab even my laptop or document binder, how would I recover my data, my accounts and…

We need to solve Credential Recovery once and for all

[Update: I now have a proposal for how to solve this: Paradux] First we picked a good password, which we reused for many sites all over the web. Some of those sites were broken into, so the bad guys got their hands on our passwords and promptly impersonated us all over the web. Reusing passwords…

Pond’rin’ Sovrin

The Sovrin system for "self-sovereign Identity" the latest kid on the digital identity block. It follows many other initiatives for "solving" digital identity in the almost 20 years since Microsoft Passport, which arguably was the first one, implemented so badly that is spurred a lot of people into action :-) Some of them were Liberty…

Spam or not spam — I cannot tell, dear United Healthcare

Occasionally I get e-mail that looks like this. I cannot tell whether this is spam or a just very badly made actual e-mail from United Health, my health insurer: Here's the evidence: Sender: uhcenews@unitedhealthcare-hmhb.com. Looks very suspicious, as anybody can register a domain like that. Googling the e-mail address produces 18 hits, on mostly strange…

Ten years later, Paypal is already using personal URLs for money transfer

LID turned 10 years a little while ago. Back in the days, the revolutionary idea was: everyone could have one (or several) user-specific URLs they could print that URL on their business card and all sorts of interesting services could be attached to that URL, such as: single-sign-on into any website standardized transfer of personal…