Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Editor's Note: FOSS Smart Cards and Free Hardware

Aug 29, 2009, 00:04 (6 Talkback[s])
(Other stories by Carla Schroder)

by Carla Schroder
Managing Editor

For all that the tech industry in the U.S. likes to boast of innovation, it's pretty hidebound and short-sighted. The prevailing mentality is central control: DRM, never actually owning anything but only "licensing" it, crazed invasive EULAs and terms of use that restrict what we can do with our own property, but oh wait, it's not really ours, we just pay a lot of money for the privilege of non-ownership, and the vendor is not responsible for anything.

High on my list of obvious solutions to common problems is smart-card password management. Industry, when it ponders the issue at all, keeps offering centralized authentication schemes that they control. Nice user-controlled smart cards to use as password safes are apparently too user-friendly for the titans of tech. I was originally thinking of two types of smart cards: the traditional credit-card magnetic-stripe type that requires a scanner, and a little USB device. Embed scanners into keyboards, USB goes everywhere, make a nice user management interface application that incorporates encryption and a one-button "print everything all nicely-formatted" because hard copies are still best for backups-- easy peasey. I don't think that adopting a standard protocol to automatically enter logins and passwords is a good idea because that would be a tempting malware target. So why not a simple click-n-drag to enter passwords and logins, or something similar? Then the user is in control, there are no central servers or tollgates, and the malware bots can't do a thing. At the least having everything in a nicely-organized software application is a convenience.

But the more I think about it, the more a plain and simple USB stick is the way to go. Then there is no need for a scanner, and it plugs into anything with a USB port. Just write the software, and it's like any classic FOSS project. Maybe it could even be a moneymaker by selling preloaded USB sticks.

In conversations I've had with various vendors over the past few years about this there seem to be two main obstacles to getting them interested: one-time sales with no prospect of subscription income, and no way to collect gobs ofcustomer data. It seems that anymore selling an actual product is secondary to data-mining us for everything they can get, because that is more valuable and lower-overhead.

This little scenario also highlights the weakness of Free Software-- Free hardware. Not free of cost, but open, hackable, and unencumbered by junk patents, silly licenses, and sneaky stuff. Yesterday I wrote about the new official exFAT filesystem for SDXC storage media. To the SD Card Association exFAT, which is FAT64, probably seemed like a natural evolution from FAT32 and FAT16. To me it looks like a chummy industry consortium all propping each other up and helping each other extract excess money for the privilege of using their products.

It takes a lot more money to launch and maintain hardware, so there are few Free Hardware projects. Next week I'm going to follow up with a roundup of Free Hardware projects, and naturally you are invited to chime in with your own suggestions.