Skip to content

OpenID in Layman’s Terms

Thursday, August 7, 2008

This is for Jake, since he asked about it in an off-topic question on another post :-) Hopefully my explanation will be (mostly) accurate and (mostly) in plain language.

OpenID is supposed to provide a single internet identity for its users so people don’t have to remember 2, 7, or 50 different log in/password combinations. For this to work, you need two parties supporting the system: First, you have an identity provider. This could be anybody - yourself on your own website if you know how to set it up, or a more notable and trusted company, such as Yahoo! or Sun, or what-not. Second, you need to have websites which allow login with OpenID. I have an OpenID through Yahoo!, specifically my Flickr account. This means my login would be “http://flickr.com/photos/ploafmaster” and my password would be whatever I choose.

That sounds simple enough in theory, but in my experience with implementations, it’s not so simple, having potential security pitfalls and human-computer-interaction problems. I’ll use Yahoo! as an example since they’re a pretty big player and I also happen to use them for my OpenID.

Let’s say I go to a friend’s blog, like Alexis’ “Mined Like a Diamond.” If I want to leave a comment, I have several options that identify myself, and one is using OpenID. So I select that choice and enter my login as mentioned above. When I click “Publish Your Comment” the problems begin. I’m redirected to a Yahoo website where I’m supposed to enter my password. If that’s successful, I’m redirected again, back to the blog where I posted my comment.

Why is this a security hazard? I’ll paraphrase Wikipedia… Essentially this creates a vulnerability to phishing attacks. If you visit a site that’s (unknown to you) malicious, you could be redirected to a false login page. Likewise, man-in-the-middle phishing attacks, where a third party intercepts your login attempt, could catch a user without his or her knowledge. And while sites like Yahoo! attempt to allay such fears by suggesting (on their redirected-to login page) that users confirm where they are before entering password info, this puts extra onus on all of us to remember graphical badges, URLs, login rules, et cetera.

How much easier is an online identity system if I have to remember extra stuff? And how is this easier and more secure than a person using the same user name and password for multiple web services? Let’s not forget, also, that having a single set of login information creates a single point of failure if you forget your password or your account is compromised.

Beyond the potential security risks (which, lets face it, isn’t as much an issue for the nerds currently using OpenID), there’s a usability problem here as I see it.

Consider a website with a conventional log in system. You visit the log in page, enter your user name and password on that page, click “Log In” or “OK” or something else, and if you’re successful you’re transferred to the page you were trying to reach. With OpenID, on the other hand, you enter your login, click onward, and you’re sent to a different site with a different look-and-feel, different interface, form fields and text in unexpected places, and somewhere on there is your password field. And if it’s Yahoo!, you also have your security warnings and such. When you enter your password and confirm who you are, you’re taken back to where you were trying to go in the first place - the logged-in version of the website you’re visiting.

I think this visual interruption and feeling of extra steps is a problem. It’s not easier if I have to enter two related pieces of information in two different places that look and feel unrelated. Besides, what happens if there’s a connection problem or other error during one of the steps or in between? Am I guaranteed to be placed back on the site I visited in the first place?

To make a very geeky and long story short, I think the concept and goal of a single set of login credentials is great. OpenID, however, has a long way to go in convincing your average Joe that it’s easier, quicker, and more secure. For my part, I’ll stick to the old-school for now.

Filed in Teh Interwebs | | Comments (2)

Telefon

Wednesday, August 6, 2008

IKEA announced this week that it intends to operate a pay-as-you-go phone service, initially in the United Kingdom. I hope we can expect to see some contemporary handset designs bearing the Scandinavian design aesthetic. I hope they have catchy names, too, like Tala, Telefonsamtal, or Konversation. But mostly, I hope their phones can race.

Filed in Teh Interwebs | | Comments (3)

Just Beat It

Wednesday, August 6, 2008

I was already a huge fan of Isiah Flores‘ short films, but below you can see him assembling beats in real time. I’m guessing many of them, if recorded, were edited later to smooth out the timing and what-not, but either way, I’d bump to these beats.


isiah flores live mpc beat making from Spencer Keeton Cunningham on Vimeo.

Filed in Film, Music, Teh Interwebs | | Comments (1)

Blogging the Class: Week 10

Monday, August 4, 2008

Hey hey hey, last week of the class, and only two of us show up other than the teacher. And there was no developer anywhere to be found. So no darkroom time. Instead, we’ll get vouchers (if the dude remembers) for one free week of the open darkroom during the fall session. What, then, did we do? The three of us took a stroll around The Fan and I finished up my roll of 6×6 Delta 3200. And that was pretty much that…class over.

EPILOGUE:
Okay, so the dude was a pretty dead-beat teacher. I think anyone reading this already has that impression, but whatever his teaching skills, he’s still an artistic photographer and filmmaker, so I want to check out his work at First Fridays Artwalk on September 5th. I can’t let his lack of instruction prevent me from seeing his art, and I’d encourage anybody who’s reading this in Richmond to do the same.

Certainly my own interest in photography (and film photography specifically) hasn’t waned over the last ten weeks. I can still look forward to the spring, when I intend to take an intermediate class - hopefully with Valerie. It’s my intention to start processing my own B&W film later this year, and if things work out for Christmas I’ll even get a decent film scanner. All of that combined ought to keep me crankin’ out negatives for quite some time.

That’s pretty much all there is to say about that.

Filed in Photography | | Comments (0)

Caught on a Petrified Nose

Monday, August 4, 2008

I never expect to find much humor on Flickr discussion threads, but when Mugs contributes, hilarity ensues.

Filed in Family and Friends, Humor | | Comments (1)

The Essence of the Cow

Sunday, August 3, 2008

Tonight I braised a pair of beef shanks for dinner. A pair of dry-aged shanks from a humanely raised cow, to be specific. I used garlic, soy sauce, freshly ground ginger (a first for me), basil, salt, pepper, and water for the braise, and the zest and juice of a lemon to brighten things up a bit. I reduced the braising liquid afterwards to about a cup of intensely flavorful suace and finished it off with a few dashes of toasted sesame oil (WOW). The shanks were quite tasty, and the rice on the side (with several of the same flavors) complemented the meat very well.

The real star of the show, however, wasn’t the meat, the rice, or the sauce. No, the real star was the bone marrow.

After having been seared on both sides and braised for an hour and a half at 225 F, the marrow was soft and gelatinous. I had only to run the tip of my knife around the inner rim of the bone to release the teaspoonful of protein-laden marrow. I tentatively scooped it up with my fork out of the sauce on the plate, and ingested. HOLY CRAP, IT’S LIKE MEAT JELLY…but in the best possible way. I’d seen Anthony Bourdain spread marrow on toast on an episode of No Reservations, and I understand why. Had I more at my disposal I’d have done the same. The flavor was like the most complex essence of beef, as if somebody had distilled all the best flavors from every cut of a cow and amped it up tenfold.

Next time I head to the butcher I’m going to ask more about marrow…I could totally make a dish out of it, like an appetizer or something.

Filed in Food, Unparalleled Awesomeness | | Comments (0)

Love in the Time of Gonorrhea

Sunday, August 3, 2008

Oh sweet mercy.

Last night Valerie watched Love in the Time of Cholera while I was in the room, so while I wasn’t actively participating in the viewing experience, I couldn’t help but observe the ridiculousness.

I really don’t mind spoiling anything here since you probably aren’t planning to see it. If you were, well, I’m saving you the trouble. Here’s the gist: Dude meets girl during late teens or something. Dude falls for girl even though he barely knows her. Girl’s dad doesn’t like it because dude is of little financial means. Dad takes girl away from dude, marries her off to doctor. Dude irrationally clings to memory of girl, plans to save himself for her no matter how long it takes. Until dude is pulled into a dark cabin on a river boat for some anonymous coupling. Now dude decides that sex dulls the pain of pining for this girl he met back in the day. Dude proceeds to nail any willing lady he meets, until one day when he’s in his seventies, girl’s husband dies. He meets her, writes to her, convinces her to be with him like he’s always wanted. Hooray.

While even that shell of a summary is horribly stupid, the details are what makes it worse. The movie attempts to be romantic, but the dude actually keeps score of all his…um…scores. At several points throughout the film we hear him recounting his various adventures in love-making in between throw-away scenes of social/political upheaval and the girl’s domestic life with her doctor husband. It’s hard to take our protagonist’s stories as anything other than comical, so we we’re left with a story that plays at love and romance but fails utterly.

Even Valerie agrees with me in giving this movie a 2 out of 5 stars. It gets two because at least the lead roll was played sorta well by Javier Bardem, but he does little to salvage a ship that seems designed to sink.

Filed in Film | | Comments (1)

Leica à la carte

Saturday, August 2, 2008

custom camera

For the starting price (indeed, it goes much higher) of $4,600.00, you too can have a bespoke Leica rangefinder camera. I mean, a man can dream, right? Right?!

Filed in Photography, Teh Interwebs | | Comments (0)

Feasting on Waves

Thursday, July 31, 2008

Holy Crap!!! Alton Brown has a new show starting on September 7th called Feasting on Waves which follows his trip around the Caribbean investigating island foods.

I know what I’ll be watching on Sunday nights (10pm!) for four weeks :-)

Filed in General | | Comments (0)

A Heart For Cooking

Thursday, July 31, 2008

Michael Ruhlman recounts, in entertaining style, a day of cooking and eating with his former cooking instructor Michael Pardus. The dual sense of serendipity and devotion to a craft make me want to spend a day like theirs…perhaps with some slightly less daring cuts of meat :-)

Filed in General | | Comments (0)