I was reading the blog post entitled The hard side of Mister Softie from Josh Quittner of Fortune magazine which ends with the following excerpt

Hall said that Microsoft’s main concern, and the reason it sent out Big Foot letters in the first place, was security. “If you look at what a number of sites are doing, they’re asking for your Hotmail login info, They’re storing your identity, which is not a best practices [approach] for anyone’s data from a security standpoint. We want to make sure our data is kept between our users and our servers.”

The thrust of the term sheets, he said, was to create a process whereby Hotmail and other Windows Live data could be shared securely with third parties. Added Hall: “There are models for federation where you can trust other services—and that’s what we’re trying to do with our partners.”

Thats what doesn’t make sense to me. If this is such a security problem, why do Google and Yahoo let their users take their contacts with them?

Besides the obvious observation that folks at Google & Yahoo! probably don’t think it’s a good idea for random fly-by-night social networking services to be collecting  usernames and password from users of their services (see posts like Spock sign-up flow demonstrates how to scare users away... from Jeremy Zawodny of Yahoo!), I am amused by the “if the geniuses at Google and Yahoo! think it’s OK, who are the Microsoft morons to think different” sentiment exposed by that statement.

Maybe I’m getting snarky in my old age. Wink

Now playing: Red Hot Chili Peppers - Torture Me


Saturday, January 19, 2008 8:08:52 AM (GMT Standard Time, UTC+00:00)
I think the obvious meaning is: You have three organizations with, at first look, roughly the same behavioral pattern by third parties in relation to them.
Why does one of the organizations think that this pattern of behavior is a big problem and why do the other two not?

Sunday, January 20, 2008 12:52:19 AM (GMT Standard Time, UTC+00:00)
Think you mean "Jumped off a Bridge".
Wednesday, January 23, 2008 5:29:33 PM (GMT Standard Time, UTC+00:00)
A lot of e-mail providers (Google, Yahoo, Hotmail, etc.) have been trying to make things simpler for users by creating easy ways to store and re-use passwords, but security is certainly in question when you start to deal with storage of passwords and secure information, etc. It’s also interesting how all these companies have hooked up with many social networking sites (Facebook, which you mention in a previous blog entry is a good example with its “friend finder” that goes directly into your contacts list using your password). As someone entrenched in computer consulting that has advised so many of my clients (and other computer consultants) on the importance of data protection (and has seen the disastrous results of security breaches first-hand) within companies and businesses, it’s hard for me to feel comfortable with these practices, even if they do make things more convenient for users.
Comments are closed.