I’ve just made a big change, joining Forrester Research as a Principal Analyst, and this new adventure is sure to be exciting. It’s an honor to join this stellar organization and work with so many talented folks. I’ll be serving security and risk professionals and will focus primarily on identity and access management, so this move feels like a natural outgrowth of work I’ve been involved in for more than ten years now.
My tenure at PayPal was a […]
Read more
The new book from (The Great) Gary Taubes is finally out: Why We Get Fat: And What to Do About It.
Taubes is obviously a man on a mission, nearly bursting with frustration at the anti-scientific and near-religious wishful thinking that has been passing for diet, nutrition, and public health advice for the last few decades. Near-religious? Yes — really. Why else would we be told this by “experts” for so long, even though their theories can readily […]
Read more
In discussions of economics, a predictive statement is often accompanied by the qualifier ceteris paribus, or, roughly, “other things being equal”, in order to compare apples fairly to apples. In discussions of Internet security, more and more I hear, and have occasion to use, a qualifier like “assuming DNS holds”. For a while, I used a stock formulation that went like “assuming DNSSEC or no cache poisoning”.
An awful lot rides on getting to the domain you think you’re getting […]
Read more
Thanks to Domenico Catalano (@DomCat) for putting together this lovely and geeky holiday message! And thanks to all the UMAnitarians for their contributions of passion, business problem-solving, and technical know-how to the User-Managed Access work.
The end of 2010 has brought new progress on several fronts. The UMA-friendly Java-based OAuth leeloo implementation was released as open source; we’ve begun solving some hard problems in defining interoperable interfaces between OAuth authorization servers and resource servers; […]
Read more
I’ve been thinking lately that websites should display a pie chart showing what you’re really paying for “free” online services, just to show that it really does always add up to 100%. Something like this:
Now Drummond points us to the world’s first truly honest privacy policy. A taste:
Remember, when you visit our Web site, our Web site is also visiting you. And we’ve brought a dozen or more friends with us, depending on how many
[…]
Read more
The recent Google-Facebook flap demonstrates that the hottest battleground for users’ control of the data they pump into these online services is the sites’ Terms of Service. Why? Because when you’re not a paying customer, you’re not in a hugely strong bargaining position. As I put it to ReadWriteWeb in their piece on data portability implications of the debate: Facebook’s end-users are not its customers; they’re the product. (Or as my Data Without Borders pal Steve Greenberg […]
Read more
Are you a software developer or tester? You might be interested in the new $4000 bounty program just announced by the Kantara Initiative for:
Develop[ing] material that assists in validating the compliance of implemented authorization manager, host, requester, and authorizing user/user agent endpoints to the UMA draft specifications (and their referenced external specifications).
The first deadline, to express submission interest, is November 1 — which happens to be the day we’re hosting a F2F meeting just ahead […]
Read more
Thanks to Phil and Kaliya and the gang, I’m happy to say we’re holding an UMA face-to-face meeting at the Computer History Museum on the Monday just prior to IIW XI (pronounced “yewksie”?).
This follows close on the heels of a face-to-face in Paris at the Kantara conference, so I hope we’ll be able to crank through a lot of work in the next few weeks. What work, you ask? We’re shooting for draft completion of […]
Read more
Earlier this week, W3C held a workshop on privacy and data usage control. Among the submitted position papers are quite a few interesting thoughts, and though I couldn’t attend the workshop, it will be good to see the eventual report from it.
I did manage to submit a paper that explores the contributions of User-Managed Access (UMA) to letting people control the usage of their personal data. It was a chance to capture an important part […]
Read more
It’s nearly time for the second annual PayPal X Innovate conference — October 26 and 27 at Moscone Center in SF. The PayPal X developer network has not only the coolest domain known to humankind, but it also hosts the Innovate conference, which is all about making the future of money happen.
Praveen Alavilli has slipped me a great discount code for y’all to use: “LETSINNOVATE” will get you $100 off the registration fee.
Ashish Jain and I will […]
Read more
I’m your host, Eve Maler. I craft new ways to let people share their information conveniently and selectively on their own terms. Here you’ll find commentary on digital identity, data portability, meaningful privacy, online trust, nutrition, music, knitting, and assorted other topics. Also check out my blog on the Forrester Research site.
© 2012
Powered by WordPress. Design by 