by Carla Schroder
Managing Editor
For all that the tech industry in the U.S. likes to boast of
innovation, it’s pretty hidebound and short-sighted. The prevailing
mentality is central control: DRM, never actually owning anything
but only “licensing” it, crazed invasive EULAs and terms of use
that restrict what we can do with our own property, but oh wait,
it’s not really ours, we just pay a lot of money for the privilege
of non-ownership, and the vendor is not responsible for
anything.High on my list of obvious solutions to common problems is
smart-card password management. Industry, when it ponders the issue
at all, keeps offering centralized authentication schemes that they
control. Nice user-controlled smart cards to use as password safes
are apparently too user-friendly for the titans of tech. I was
originally thinking of two types of smart cards: the traditional
credit-card magnetic-stripe type that requires a scanner, and a
little USB device. Embed scanners into keyboards, USB goes
everywhere, make a nice user management interface application that
incorporates encryption and a one-button “print everything all
nicely-formatted” because hard copies are still best for backups–
easy peasey. I don’t think that adopting a standard protocol to
automatically enter logins and passwords is a good idea because
that would be a tempting malware target. So why not a simple
click-n-drag to enter passwords and logins, or something similar?
Then the user is in control, there are no central servers or
tollgates, and the malware bots can’t do a thing. At the least
having everything in a nicely-organized software application is a
convenience.But the more I think about it, the more a plain and simple USB
stick is the way to go. Then there is no need for a scanner, and it
plugs into anything with a USB port. Just write the software, and
it’s like any classic FOSS project. Maybe it could even be a
moneymaker by selling preloaded USB sticks.In conversations I’ve had with various vendors over the past few
years about this there seem to be two main obstacles to getting
them interested: one-time sales with no prospect of subscription
income, and no way to collect gobs ofcustomer data. It seems that
anymore selling an actual product is secondary to data-mining us
for everything they can get, because that is more valuable and
lower-overhead.This little scenario also highlights the weakness of Free
Software– Free hardware. Not free of cost, but open, hackable, and
unencumbered by junk patents, silly licenses, and sneaky stuff.
Yesterday
I wrote about the new official exFAT filesystem for SDXC
storage media. To the SD Card Association exFAT, which is FAT64,
probably seemed like a natural evolution from FAT32 and FAT16. To
me it looks like a chummy industry consortium all propping each
other up and helping each other extract excess money for the
privilege of using their products.It takes a lot more money to launch and maintain hardware, so
there are few Free Hardware projects. Next week I’m going to follow
up with a roundup of Free Hardware projects, and naturally you are
invited to chime in with your own suggestions.