OpenP2P.com    
 Published on OpenP2P.com (http://www.openp2p.com/)
 See this if you're having trouble printing code examples


Passport is Evil

by Nat Torkington
06/18/2001

Related Articles:

Who Is Microsoft Trying to Control?

Open Standards/Closed Mind

HailStorm: Open Web Services Controlled by Microsoft

Brewing a HailStorm


I hate pundits. I hate their "in the future all work will be done by giant silver robots" futuristic wanking. I've found only two people whose opinions on the future I care about. Neither of them is Nicholas Negroponte :-)

The first is Lawrence Lessig, author of "Code and Other Laws of Cyberspace." His thesis is that technology allows us to build systems that operate differently from the real world, so in many cases we can't blindly apply real-world laws. I'd always written off that line of thinking with "shuddup and pay for your music, ya lazy bum!" But he puts it in a completely different perspective. Computer systems can be built that will cause a massive loss of privacy in ways the real world couldn't dream of, and we should be ever-vigilant against it happening -- code (programs) are the reality of the Net, and if we blithely let evil (my pejorative) code be installed and standardized, then we'll all suffer the consequences. Buy his book -- he does a much better, much more reasoned job than I ever could.

The other is Clay Shirky. Clay's a venture capitalist, so he's putting his money where his mouth is. This week, his mouth is at openp2p.com, talking about Microsoft's HailStorm and Passport technologies. He gives an excellent introduction to the business and the technology behind them.

After reading Shirky's piece, I realized that Passport is one of those evil pieces of software that Lessig describes. Once it's in place, companies will make it hard for you to buy things on eBay, rent cars or book plane tickets unless you use Passport (much harder to forge identities if Big Brother is managing them). If you don't surf with a Passport identity, then you're like a bum on Fifth Avenue -- confined to window shopping. It'll be worse than using Lynx on today's Web sites (" Sorry, you must have Internet Explorer 3+5i or better to use this site").

And don't think government is going to come to the rescue. Hell no, it'll love it. Taxation becomes much easier if the merchant really does know who you are. Microsoft is setting itself up to avoid government complaints about the service, touting parents' ability to lock kids out of porn sites and prevent personal information on their kids being gathered by Web sites.

And don't believe the bollocks about "you decide how much information to reveal about yourself." That doesn't work today! Web sites simply won't let you in unless you give them certain bits of information about yourself.

That's not the worst part, though. That's just how it spreads.

The worst part is that once your identity is locked up in a neat tidy ball and ready to be automatically parcelled out to Web sites, the inefficient tracking by companies such as Double Cclick will be replaced by highly efficient tracking through Passport. No more guessing at unique identifiers and all that bollocks. The last pretense of privacy and anonymity will disappear.

So even if Microsoft's Passport database isn't hacked. Even if they open it up to Linux servers. Hell, even if this was done in a distributed peer-to-peer no-central-Billopoly fashion, it would still be a bad thing. Knowledge is power, and Passport is all about giving Them knowledge about Us.


Nat Torkington is conference planner for the Open Source Convention, OSCON Europe, and other O'Reilly conferences. He was project manager for Perl 6, is on the board of The Perl Foundation, and is a frequent speaker on open source topics. He cowrote the bestselling Perl Cookbook.

Copyright © 2009 O'Reilly Media, Inc.