This article is a copy of a reply to a blogpost on Second Thoughts crucifying OpenID as found here. To read it without this in context will probably be like attacking George W. Bush with only one shoe, so I think, yes, you should read the original post first. As always, constructive positive/negative comments will be welcomed, trolls will be shot out of a cannon containing the contents of my piggy bank. (Look how it jingles.)
1. OpenID is hard to use and misleading in its claims.
I'll be the first to admit that until recently, OpenID was a closed book to me, but they have done a reasonable job in recent weeks of remedying these issues. In fact, if you log right into http://openid.net, the homepage has reconcentrated more on blogged news about the system, as well as the three main issues: What and why OpenID, Where to get OpenIDed and Where it can be used. The main issue is poor design that doesn't draw attention to these three places:
Externally, both Google and Yahoo! have also thrown their weight behind providing OpenIDs linked to people's accounts with them, although their efforts to reduce confusion by renaming them as "Yahoo! IDs" or "Google Accounts" could just as easily worsen matters.
But if nobody cares, and nobody does anything, nothing changes. Or worse.
2. OpenID is decentralized and therefore not the same everywhere.
OpenID is merely an identity and authentication scheme. You'll find that in actual fact, a lot of accounts in many places use a lot of other data besides just your login data and passwords.
Forums need to track your timezone to help you keep a perspective of when other people post and comment in relation to your local time, as well as what posts you haven't read and might want to read. - Your OpenID provider shouldn't need to keep that info that unless it's the same service.
To-do lists need to track your specified chores and how you're doing with them, whether you're early, whether you're late, what you need to do them et al. Your OpenID provider shouldn't need to keep that info unless it's the same service in question.
Blogging services may want to link the comments you've made to date together to allow you a clearer view of how you've said things previously. Your OpenID provider shouldn't blah blah blah ditto.
The only thing they seriously need to keep is enough info to identify you if subpoenaed for legally valid reasons. They should not be handing it to anyone else, and their policies should reflect that. the only thing a OpenID provider should say is "yes/no, the guy who claims to be this OpenID is indeed/not the person he claims to be."
Would you rather open yourself to compromise by setting only one policy and openly sharing your personal data willy nilly after OpenID login, rather than offering only what you believe to be acceptable for public consumption whenever you log in?
I thought not.
3. OpenID accepts other services' log-ons, but would I give my email password to everybody?!
Best practice is already laid down on this matter: if a site gets a OpenID-based request, it should redirect to the OpenID provider you chose, allowing it to handle the authentication on its own side, and handling the matter of confirming your identity with the requesting server on its own.
Obviously, unless the OpenID provider is insane, it should be able to say this according to the schema laid out by OpenID WITHOUT involving your password in any manner, only confirming that your OpenID is being used legitimately.
This kind of makes OpenID provider servers the weakest link in the system, but OpenID also provides repudiation services to reject OpenIDs issued from select places where the server has clearly been compromised beyond the reasonable standards of the a server, and this is not system-wide, only based on the judgement of the administrator of each service relying on OpenIDs.
4. OpenID has a reputation system, with all the awfulness that implies.
Only to the extent that any form of id has a reputation built up around it. As a wag once put it to me - a troll under any userid and auth scheme, is just another guy to wield the banhammer on.
Also: remember what I mentioned about OpenID's ability to stop accepting an OpenID from a provider - it is enforced only on per-administrator level, and never on the entire network of logins and providers on OpenID. that means that if your OpenID gets turned down at the door and errors are not involved, you (or your choice of provider) are just not welcomed by the admins. Whether this is a good or bad thing really depends on circumstances beyond this discussion's bounds...
5. OpenID makes it impossible to make multiple accounts with similar names, or alts.
Far from it - I used three separate OpenIDs to date: one off of Edith Cowan University servers that certifies users as staff and students of the colleges it runs, one off of SLOpenID.net that confirms I am indeed THE blue wooly wildcat with THAT NAME, one off of gov.sg servers that confirms that I am indeed working on governmental issues on an irregular basis... but I only run that last one when I'm really working seriously.
OpenID does not preclude the use of multiple accounts or identities, Prok - in fact, it can just as easily be one way of clarifying the distinction about something said in mere jest, and something said in an official capacity.
Your current woes with your current OpenID provider are specific to provider, rather than the actual schema itself. Do NOT incinerate the entire flock simply because one sheep is black. (Though I understand the end result of doing so is that every sheep is equally black and charred to bits xD)
6. OpenID *is* centralized, in fact, really.
But of COURSE some aspects of it must be centralized, as a standard - the prompting and reply methods for authentication have to remain standard. The server requesting proof that an OpenID is indeed being used properly has to expect a certain reply back from the provider. Computers are dumb and only understand "yes" in the ways "yes" has been defined, and we have to unfortunately live with that limitation in terms of being less-than-ambiguous with computer-based replies.
But OpenID doesn't exactly conjure up nightmares of Python's benevolent dictator for life. far from it.
7. OpenID is impossible to troubleshoot.
There are three main points of failure: the user's browser, the requesting server, and the OpenID provider's server. (We're simplifying things by ignoring failures in network media or routers here, now). If you're getting the same failure to login across multiple sites, your OpenID provider may be experiencing issues. If you're getting it on only one specific or handful of sites, it means that they may most likely have out-of-date handling for OpenID or errors of some other sort... It also doesn't help that some sites seem to rely on browser-side Javascript for the redirects involved in a proper OpenID login request. (I'm looking at you, Google)
My suggestion? Email your OpenID provider first and note to them that your OpenID is not working properly, step with them through the possibilities. The unfortunate fact is that with all these extra moving parts, OpenID is inevitably more prone to disruptions than a system run entirely under one roof by one company - like Microsoft Live ID, anyone?
One thing I could suggest: your membership as a TypePad blogger entitles you to an OpenID as "http://(username).typepad.com" ( being the same username that brings up your personal profile). I would suggest trying to type it in as an OpenID in that form the next time you're logged into TypePad, and seeing if the server you're doing it at redirects to TypePad. If implemented properly, TypePad should prompt you at least once to confirm that you indeed want to confirm your identity, and then redirect back if all goes well.
Not everyone can implement an idea well. But it does not mean the idea itself sucks.
Looking forward to reasonable reply,
Patchouli Woollahra
02 March 2009
01 January 2009
17 December 2008
7 Things
I see epredator Potato's tagged me on one of those crazy SL blogger memes about revealing seven mysteeerious facts.
I'm frankly not the least bit interested in this sort of thing, but I suppose I should get it out of the way.
Later.
I'm frankly not the least bit interested in this sort of thing, but I suppose I should get it out of the way.
- I'm not a troll, but I play one on Forumwarz. It's getting a bit stale, but as simple browser and AJAX-based gaming goes, I would put it right up there, barring the propensity for pretty disgusting ideas. (at some points, the game has hints of ageplay, nuclear terrorism and shooting R. Kelly in the nuts. and the walnuts. And extremely fattening recipes involving copious amounts of duck fat.)
- I'm mildly autistic. I've had a couple of head injuries in my childhood years, and it's probably only good fortune that I'm not totally retarded... although I have a habit of being able to devote my attention in only two ways: not at all, or sharply spiked.
- I have a weakness for lemon lime and bitters IRL. It's a bit of an old biddie's drink, not really something a late 20s folk should be enjoying, but there you go.
- I first used a pirated Photoshop 4 waay back in 1995 to get images for a fast-foodie website done up during Web 0.9's heady days. Ten years later, I flitted back from GIMP and splurged on a legitimate copy as part of Creative Suite 1. I've never really looked back. much.
- I'm not a fan of SL's default avatar face mesh. It's always the same to me no matter how badly I contort it, and i wind up doing all sorts of things to avoid having to look back at it when I'm inworld. I've been furry, I've been anime-ish, I've even bought licensing to reuse Ichigo Mayo's Unreal prim head. anything to stave off my phobia. You will never see me looking like a regular SL barbie. ever and ever.
- I'm diabetic. I take my metaformins and my glucomets everyday, and I watch my diet six days a week, but have a weakness for lapsing into delicious meat and veg on Fridays. In SL, I eat so much prim food that would induce a coma IRL, I'm often found poking my way around SL's catering and restaurants. (this is despite the fact that food in SL is purely psychological)
- I have a weakness for good music regardless of origin, genre and taste. At one point, I had Rammenstein, pre-war Shanghai jazz chartreuses and David Bowie on the same MP3 player. and it was a 64mb flash player - none of this 4Gb/8Gb bullshit we folks seem to have these days.
Later.
23 October 2008
Interesting bug issue
http://jira.secondlife.com/browse/MISC-1728 notes an unusual occurrence in SL:
Ever since the release of 1.21 many prims in SL now are round and orange with faces on them. They were not there before. Many places I know well now have some prims like this. Seems like maybe one in ten prims in SL are now suffering from this bug.
I am furious that Linden Labs can release a viewer with such an obvious rendering bug.
.... I LOLed. xD
22 July 2008
Flower Tower Power - Eshi Otawara Does It Again...
Yet another one hour build by Eshi Otawara... blossom themed... and IT IS AWESOME.
it is 512m of flowers, flowers flowers meditation and flowers.... and the kudos have been pouring in at a rate not normally seen in SL these days. We may be looking at SL's newest celebrity artist as I type this, and pardon me for messing up my punctuation and speling now, I'm all choked up at the awesome.
SLURL to build (link expired)
10 April 2008
Spotted while running Artrage
As a avid artist and painter, I find ArtRage2 to be a awesome digital analogue to fresh oil arcylics and canvas (partily due to my inability to cope with the itching that comes from working with the real stuff.
This just popped up in my app today while I was firing it up for design work:
Shades of Pre-CS Photoshop... =^.^=
This just popped up in my app today while I was firing it up for design work:
Shades of Pre-CS Photoshop... =^.^=
03 April 2008
Kewlage: Second Life's New Automated System Requirements Test!
As a Second Life Volunteer for almost two years, I've come across my fair share of technological cluelessness. For many people, a computer is something that you plonk out of a box, plug in and push your needs around with. If the PC has a 'Dual Hamster Wheels' CPU and two blackboards manned by tiny radioactive weevils, who cares as long as it works?
For many applications these days, provided you spend a not-unreasonable amount (and it is not a very big amount either), that is exactly what you get: a box that will service your spreadsheets and help you keep track of your media collection (legitimate or otherwise), and run most ordinary applications.
Unfortunately, some applications are a bit more fincky. Second Life is one of them.
Despite using a relatively modest generic graphics engine (even with recent upgrades considered), standard full-service Second Life viewers demand a higher level of grunt from the PCs they run on. It's a world where the only things that are 2D in nature remain so because abstracting them to a 3D metaphor is inefficient or sheer stupidity - script editing or menus, for instance.
It's a world where your view changes with alarming regularity and broadness in a way that is rarely seen in your garden-variety MMO. That places serious demands on your Internet connection in a way that recommends against most connections below a certain level of speed, latency and potential for forced retransmissions, especially if you teleport regularly through the world.
There have been times when I have met residents in world who are experiencing issues that are more often than not the product of running Second Life on a rig that either fails to meet minimum requirements or just barely glides over the limit.
When faced with a lack of hardware hindering the ability to use Second Life, the best thing that a Resident can have is another person who is at least conversant with reading system requirements and/or arranging for the necessary upgrades to get their PC up to speed. That is not always a possibility. Sometimes, that leads to wasted money as someone buys a new PC to enter Second Life, only to be told either by a passing Resident or (worse) actual bizzare visual or connectivity issues that whatever they bought isn't going to cut it.
For the less technically inclined who run Windows PCs and lack such close-range technical support, Linden Lab recently introduced a browser-based test that allows users to check that their PC can run Second Life properly @
http://secondlife.com/support/systest.php which is provided by a company called System Requirements Lab (Apparently a company with more technical bones than imagination...) .
Currently, Linux and MacOSX users are SOL, still stuck with the old 'look up yon system config and system requirements' schtick that has existed ever since someone decided how nice it would be to start diversifying what you could put into a computer all those years ago, but in theory there's no technical reason why the same tools could not grab the same details from such computers as well, so here's hoping that's exactly what happens.
Setting that slight niggle aside, I don't have to tell you just how much this eases entry into Second Life for potential newcomers on Windows-powered PCs.
What the test does in absolute terms is check your Windows PC for certain hardware details, such as CPU speeds , memory availability and video cards, and compare them against what Linden Lab believes to be minimum and recommended requirements for accessing Second Life.
(Disclosure: pitting my standard RL working laptop, a earlier model Inspiron 5150, against this test put me almost halfway to having a recommended rig for Second Life. As noted on so many technical forums and blogs dedicated to laptops, the GeForce FX5200 2 Go is a dog, and this alone blew away my ability to meet recommended system requirements. But I'm still happy. And no, this is not a reason for me to be so 'shiny' about this new test.)
What the test does, in plain English, is tell you as well as it can whether Second Life will run properly, well, or at all on your rig.
Like many browsers and other forms of media viewer, however, even a system that meets recommended system requirements for Second Life access may not necessarily be a panacea for all issues.
For one thing, Second Life's biggest cause of lag beyond what you can control, is pretty much the entire world: Grid glitches (as regularly experienced), poor internet connectivity, abusive script use in a sim, the presence of large numbers of people, even poor in-world design decisions (spraying a truckload of 1k x 1k textures on everything you own is being a poor neighbour and a major cause of lag, people!). And with Linden Lab continually developing and improving the grid and the way it operates, system requirements will inevitably change. Your world beater of today will eventually start gagging on Second Life several years later, I can practically guarantee that.
In the end, maybe all that anyone really needs (aside from a computer that meets or barely exceeds the minimum sysreqs) is an open mind and a sense of personal rightness to have fun in Second Life. Just ask the thousands of people who dance in nightclubs every night to framerates that nobody in their right mind would accept in supposedly more 'visceral' things like first-person shooters...
Subscribe to:
Posts (Atom)