The White House made a big statement about (digital) identity theft on Friday, with U.S. Secretary of Commerce Gary Locke announcing a public-private sector effort, National Strategy for Trusted Identities in Cyberspace (NSTIC). “The administration hopes to see a robust trusted ID market in the U.S. in three to five years,” according to PC World.
The trusted ID technologies described in NSTIC would allow online users to dump passwords in favor of credentials that can be used on multiple websites. The Obama administration hopes that multiple trusted ID technologies will emerge, officials said.
In order to justify this initiative, the Commerce Department presented faulty “logic” which was regurgitated by PC World:
From Gizmodo: AT&T’s online ordering system collapsed today, with Apple and AT&T sales folks reverting to tried-and-true technology: paper. They had to write down pre-order requests.
I corroborated the collapse of the online ordering system, by logging in to my AT&T account and attempting to negotiate the pre-order option. Note that AT&T is providing a telephone number for “non iPhone related upgrades” but gives no number for iPhone-related upgrades. This snafu affects all upgrades, not just iPhone4 pre-orders.
Update: AT&T Collapses On iPhone4 Debut
I was annoyed at the headlines last week that blamed Apple for AT&T’s lax web security regarding iPad owner emails.
I was even more annoyed Sunday when I read AT&T’s “explanation” to customers, where it not only disavowed responsibility for the exploit, reported Wednesday, but said that the really bad guys were the people who identified their security hole. Here’s what AT&T wrote (emphasis added):
… unauthorized computer “hackers” maliciously exploited a function designed to make your iPad log-in process faster … deliberately went to great efforts … Now, the authentication page log-in screen requires the user to enter both their email address and their password.
A malicious exploit would not have been reported. It would have just been used.
A malicious exploiter wouldn’t advise companies of security issues. They’d simply use them.
Class action suit against AT&T, anyone? I can’t imagine the stockholders or board of directors demanding that the company get its act together. Hit ‘em where it hurts: the pocketbook. It’s the only thing they care about.
Tech news sources report that AT&T is about to settle a class action suit regarding unlocking cellphones, with Apple iPhones exempted. Engadget writes that AT&T would be required “to provide an unlock code for just about any phone it has sold since March 12, 1999.”
What I don’t understand is why a law suit was necessary. In 2006 the Copyright Office ruled that cell phone companies had to allow customers to unlock their phones when it authorized an exemption to the DCMA regarding “cell phone firmware that ties a phone to a specific wireless network.” PC World reported at the time that cell phone companies had been arguing that their software should be considered a copyrighted work. The Copyright Office disagreed: Continue reading