×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

488 comments

hard and soft (4, Interesting)

mirko (198274) | more than 9 years ago | (#10829086)

So, years ago, Bill Gates proclaimed the software was better, now he gets back to some hardware key...
But what about biometrics ?

Re:hard and soft (5, Insightful)

judmarc (649183) | more than 9 years ago | (#10829162)

Think about this before assuming biometrics is the answer:

  • If someone steals an impression or picture of your fingerprint
  • If someone hacks the database linking your fingerprint or eyescan to your access authorizations for bank accounts, work, etc.

- then how do you get your identity back?

Re:hard and soft (1)

mirko (198274) | more than 9 years ago | (#10829200)

The same applies for a smartcard, doesn't it ?
And I thinka fingerprint could withstand the consequences of the EMP effect (if not, this means the user has been terminated so it's not a tragedy either... erm... ok, this is).

Re:hard and soft (1)

judmarc (649183) | more than 9 years ago | (#10829261)

The same applies for a smartcard, doesn't it ?

Heh, absolutely. :-)

Until they learn to read your mind (or find that paper where you've written them all down), at least passwords force someone to take minor electronic trouble to crack your security.

Um... no? (5, Insightful)

warrax_666 (144623) | more than 9 years ago | (#10829262)

The same applies for a smartcard, doesn't it ?

You can always get a new smartcard, you can't get new fingerprints (or retinas, or whatever).

Re:hard and soft (5, Funny)

darth_linux (778182) | more than 9 years ago | (#10829177)

Bill's right, though. He knows if you use M$ products you don't need passwords. You'll still get 0wn3d.

Re:hard and soft (2, Interesting)

lukewarmfusion (726141) | more than 9 years ago | (#10829189)

This has been discussed many times. Biometrics are not a reliable way of handling security. Once compromised (and they can be compromised!) you're left with a "password" you cannot change.

When used in conjunction with other security mechanisms, such as hardware smartcards, passwords, etc. then you've got a much better chance. For the basic user, biometric identification is probably OK. But you wouldn't want to rely on that for anything "secure."

Bill Gates Proclaims End of Passwords? (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10829087)

Nothing to see here, move along. I *really* fucking hate that message. Why post a damn story, and have it return that?!

Re:Bill Gates Proclaims End of Passwords? (-1, Offtopic)

irc.goatse.cx troll (593289) | more than 9 years ago | (#10829120)

Its what happens when the story goes live but isnt on all of the slashdot servers (theres an array of machines)

Much easier to FP when most people are stuck with that message, though.

Hmmmm.... (5, Interesting)

keeleysam (792221) | more than 9 years ago | (#10829092)

This has been in Mac OS for awhile... as Keychains... mine is on my USB thumb drive...

Re:Hmmmm.... (0)

Anonymous Coward | more than 9 years ago | (#10829239)

Smart cards have been everywhere for a while. And a thumb drive is a pretty dumb smart card.

What they seem to be talking about that makes this special, or news, is the degree of abstraction possible. Where eventually you can apply security policies to physical objects as easily as you can apply them to objects in a network.

ALL YOUR PASSWORDS ARE BELONG TO US (-1, Troll)

Anonymous Coward | more than 9 years ago | (#10829096)

FP!!

Fi rse t P o st

Ha aha ah a a a aa a a

Axalto rocks!
M$ SUCKS!!

Re:ALL YOUR PASSWORDS ARE BELONG TO US (-1)

Anonymous Coward | more than 9 years ago | (#10829211)

Congratulations, you failed on every point.

I'm so happy! (1)

beaststwo (806402) | more than 9 years ago | (#10829098)

I always had trouble remembering the damn thing anyway. Now that I don't have to type it anymore, my life is complete.

Re:I'm so happy! (1, Funny)

beaststwo (806402) | more than 9 years ago | (#10829137)

Another point: Since the smart card will obviously be able to absolutely identify my as myself, and since obviously nobody else could impersonate me, I'll always be myself.

What a relief! I'm always concerned about whether or not I'm myself on any given day.

So now instead of torturing me... (4, Insightful)

SoTuA (683507) | more than 9 years ago | (#10829099)

... to get me to confess my password, all they have to do is get my wallet?

Nice!

Re:So now instead of torturing me... (4, Funny)

Trurl's Machine (651488) | more than 9 years ago | (#10829152)

... to get me to confess my password, all they have to do is get my wallet?

Enjoy before you upgrade to biometricks. Then all they have to do is to cut your finger or your eyeballs.

Re:So now instead of torturing me... (-1)

Anonymous Coward | more than 9 years ago | (#10829228)

Ha! I'll use something nonobvious...like penis length. Oh wait, then they'd cut of....NOOOOO...

Re:So now instead of torturing me... (2, Funny)

Xpilot (117961) | more than 9 years ago | (#10829263)

Ha! I'll use something nonobvious...like penis length. Oh wait, then they'd cut of....NOOOOO...

That's brilliant. It doesn't work when cut off :)

That's a myth (0)

Anonymous Coward | more than 9 years ago | (#10829274)

One of the things such sensors check for is blood flow. So naturally they'll just have to kill you afterwards, but you won't be needlessly mutilated.

Re:So now instead of torturing me... (2, Informative)

spuke4000 (587845) | more than 9 years ago | (#10829224)

I don't know about this implementation, but typically the key on the smart card is password protected. Thus you have to have the card AND know the password. This is why they call it two-factor authentication.

wooo (0)

Anonymous Coward | more than 9 years ago | (#10829109)

Smart cards aren't new

News? (5, Interesting)

tuomasr (721846) | more than 9 years ago | (#10829115)

This doesn't sound like anything really new to me, I remember logging on to my W2K workstation with a smart card in 2001 if I remember correctly, what's new here (the techworld article didn't want to respond to me so I can't RTFA)?

Re:News? (1)

tb3 (313150) | more than 9 years ago | (#10829325)

That's nothing. I had to use a smartcard to get into my place of work in 1987! The damn things have been around for years, They're a solution in search of a problem.

Re:News? (5, Interesting)

bgat (123664) | more than 9 years ago | (#10829327)

The "new" bit is that the smart card has a .NET interpreter, rather than an 8051/PIC/AVR/? microprocessor running a documented, proprietary, standards-based, stable OS or even Java. Embrace and extend.

end of passwords - not (5, Informative)

martin (1336) | more than 9 years ago | (#10829118)

So how do you 'unlock' the smart card to prove its you (and still you) at the keyboard...???

an PIN number...
a fingerprint...

Authentication is based around something you have (userid/smartcard/finger...) and something you know (password/PIN/....)

No change since the Secuure Single Sign On days of the mid 1990's. All they are doing is bringing it upto date using .NET to quickly build applications.

Re:end of passwords - not (1)

AndroidCat (229562) | more than 9 years ago | (#10829249)

In terms of security, a card is something you have, a biometric like a fingerprint is something you are. (Unless you have fashion accessories that I don't want to know about! :)

Re:end of passwords - not (0)

Anonymous Coward | more than 9 years ago | (#10829316)

Actually, it's 1) something you have (a "token"), or 2) something you know (e.g., pass{word,phrase}, pin), or 3) something you are (biometrics).

In general, strong authentication requires two of the above.

How long before we can get an open-source version? (2, Insightful)

beders (245558) | more than 9 years ago | (#10829121)

Depends on how many patents Microsoft have quietly filed on the technology behind it

Re:How long before we can get an open-source versi (2, Informative)

Fallen Kell (165468) | more than 9 years ago | (#10829186)

None. Or if they did, Sun Microsystems has been using a similar system for years. Smart card readers are standard equipment on all currently available Sun workstations, and have been for the last 3-4 generations of workstations as well. Sun "deployed" this system at least 4 years ago when it introduced "Sun Rays" back in 2000-2001 timeframe. If MS tried to patent this, Sun is clearly prior art, and if it isn't, it should be construed as simply a logical progression of Sun's system, which means it should not be patentable, but then again, we are talking about people who have let though patents on the wheel in recent years...

The first words that come to mind (0)

Anonymous Coward | more than 9 years ago | (#10829122)

Being "technology's ultimate triumph over both itself and common sense".

So we are meant to trust ALL of our security-- on any system that would have previously required a password-- to a single point of failure which
1. Is maintained by Microsoft
2. Can be stolen
Riiiight.

ok Bill (0)

Anonymous Coward | more than 9 years ago | (#10829123)

#passwd
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully
#

The beast wants to place a mark on each of us (0)

Anonymous Coward | more than 9 years ago | (#10829128)

Next thing you know, he is going to want to only allow access if we have a chip in our hand or our forhead. Hmmm, it's almost biblical...

cue the memory joke (0)

Anonymous Coward | more than 9 years ago | (#10829130)

Bill Gates Proclaims that 650k will be enough for anyone.

yeah i know its not true.

How long till open source.... Read... (2, Funny)

Fallen Kell (165468) | more than 9 years ago | (#10829135)

Well, considering Sun has been using smart cards for user identification for YEARS, when Solaris 10's source is released under an open source license, open source will have the same capability (well, no need for .NET though).

Re:How long till open source.... Read... (1)

CortoMaltese (828267) | more than 9 years ago | (#10829231)

There's also the MUSCLE project at http://www.linuxnet.com/index.html [linuxnet.com]. MUSCLE stands for Movement for the Use of Smart Cards in a Linux Environment.

Haven't tried it, but there's at least work in progress towards being able to login using a smart card - among a lot of other components.

A better question would be (2, Insightful)

Rogerborg (306625) | more than 9 years ago | (#10829139)

How come there isn't an open source solution already?

Re:A better question would be (1)

JohnFluxx (413620) | more than 9 years ago | (#10829232)

KDE's Kwallet is pretty close. It stores all your passwords (web page, msn/icq, irc and so on) in a single file. Then on websites when they want a password, you just type in any giberish, and let kwallet store it.

Then put the kwallet file on a usb stick, and you're all set!

It's best, of course, to have a password for the kwallet file, but you just type that in once when you log in, and it stays open until you log out again.

Re:A better question would be (2, Insightful)

jrumney (197329) | more than 9 years ago | (#10829298)

How come there isn't an open source solution already?

There is. It is perfectly possible to use an SSH or kerberos key with no password to go with it. Its not a good idea though, and having the key stored on a smartcard does not make it one.

.NET? (1)

w.p.richardson (218394) | more than 9 years ago | (#10829140)

Nah, biometrics would be more likely to end passwords.

Tough to hax0r a retinal scan, or a thumbprint.

Re:.NET? (1)

Yaa 101 (664725) | more than 9 years ago | (#10829179)

You just cut off the finger and tear out the eyeball...

This is just a proclamation towards harder violence in this world...

Re:.NET? (3, Insightful)

rokzy (687636) | more than 9 years ago | (#10829329)

you, like many others, assume that all criminals are psychos and will stop at nothing to commit a crime.

that is bullshit. a large ammount of crime is opprtunistic. if you leave your window open, they'll climb in. if you close it, they might smash it IF the house is empty and secluded. but it's not an arms race. if you install CCTV and alarms, they don't come back dressed in black with night vision goggles and a set of expensive tools to disable your security, they just go next door to the guy who HAS left his window open.

Re:.NET? (0)

Anonymous Coward | more than 9 years ago | (#10829259)

Actually, so far all biometrics have proven to be easily fooled when you remove the external human control. The computer can't tell if you're wearing special gloves or contact lenses.

On the other hand MICROS~1 can probably afford to include a human controller with every copy of longhorn.

Actually... (1)

boodaman (791877) | more than 9 years ago | (#10829288)

...it's pretty easy, all things considered. Unless the tech has gotten better in the last year or so.

http://www.extremetech.com/article2/0,1558,13919,0 0.asp [extremetech.com]Here's one article that's 2 years old.

Even simple breathing will do the trick of outwitting a capacitive fingerprint scanner.

There are more resources available via Google.

Mass market, affordable biometric systems are far from being foolproof.

In Related News... (1)

Spencerian (465343) | more than 9 years ago | (#10829145)

Orville Redenbacher, speaking through an interpreter for the dead, announces an end to those pesky husks that end up between your teeth after a movie at the theater.

Announcing: Seedless corn.

Sony gave me a Smart Card (2, Interesting)

Moonlapse (802617) | more than 9 years ago | (#10829146)

Being a member of MySony, they sent me an email and had me take a short survey, then decided to give me a free "wavecard" which is a Smart card with Felica technology. This is the contactless tech mentioned in the article. It requires software provided by Sony, and since I had the .NET runtimes installed already, I can't tell if .NET is really needed , I can say MS wasn't the first.

BSOD (1)

dauthur (828910) | more than 9 years ago | (#10829148)

This, coming from Captain BSOD? I'll stick with my superduper random passwords.

I wonder how long it would take to crack these "smart cards", proving their worthlessness, just as the $20 bills were when those were rolled out?

get an open-source version of this? (1)

D4MO (78537) | more than 9 years ago | (#10829149)

"Secure and reliable cryptographic operations, such as symmetric (DES, AES) and asymmetric (RSA) algorithms are accessible via an implementation of the standard Cryptographic Services architecture of the .NET Framework. This empowers existing solutions that use .NET cryptographic services to be easily modified to use smart cards"

Thanks to Mono, you can implement it now. http://www.go-mono.com/crypto.html [go-mono.com]

a bunch of marketing speak (1)

geighaus (670864) | more than 9 years ago | (#10829153)

and no details about its security. have they not learnt anything from pay-TV industry, which opted for security by obscurity in their smart card design and as results suffered from consequences? I have a feeling this whole thing will go terribly wrong.

Re:a bunch of marketing speak (2, Insightful)

harriet nyborg (656409) | more than 9 years ago | (#10829218)

1 billion GSM subscribers are using smart cards.

Re:a bunch of marketing speak (1)

geighaus (670864) | more than 9 years ago | (#10829236)

they are from secure though. secure enough for casual end-user, but hardly for mission critical operations. two-tier security sounds fine, but getting rid of passwords completely would be a bad move.

-1, Troll for Bill (-1)

Anonymous Coward | more than 9 years ago | (#10829156)

Nice try, Nostradamus.

Richard Stallman n Hackers already saw this dream! (1)

Jimmy The Tulip (770323) | more than 9 years ago | (#10829157)

I think BillG recently saw the movie Revolution OS http://www.imdb.com/title/tt0308808/ [imdb.com] *ing Richard Stallman.

Long Ago Hackers in MIT saw this dream of havinf no passwords with the philosophy that they didnt want to be in control of any admin assigned.

It worked for sometime, RMS used to have no password of his unix account. All other too!, they had to just press the enter to login! but later they had to change themselves...

BillG will *not* succeed in his dream plan! Amen!

Passwords? What for ? (3, Insightful)

yogikoudou (806237) | more than 9 years ago | (#10829158)

Seriously, who cares about passwords when you can exploit all the flaws MS systems have ?
They'd better fix their software first.

Linux is missing an opportunity (2, Insightful)

PrvtBurrito (557287) | more than 9 years ago | (#10829159)

Linux is missing an opportunity. Instead of writing software that insists that passwords be uncrackable, they should be innovating new technologies that make machines insensitive to dictionary attacks, or new technologies like the one described here that does away with the need for having passwords everywhere. Hmm, maybe Bill has some innovation in him afterall....

Re:Linux is missing an opportunity (1, Informative)

Anonymous Coward | more than 9 years ago | (#10829244)

Linux has had this for OVER 5 years now.

Cripes. just because gates says it's new certianly does not mean it is true.

http://www.strongsec.com/smartcards/howto/html/S ma rtCard-Login-HOWTO-1.html

start here you clueless fool

Not a password replacement (4, Informative)

Albanach (527650) | more than 9 years ago | (#10829166)

Reading the Axalto press release they talk about their cards as an additional form of security, not a password replacement. I've used smart cards for a few things and each of them has been protected by a password too. You enter the smart card and are then asked for a PIN to ensure you have the right to be using that smart card. As another poster said, if there's no password all they have to do is get to your wallet if they want to Get Root. Hopefully if we do see an open source implimentation it won't be passwordless!

Correct me if I'm wrong, but. . . (3, Insightful)

UFNinja (726662) | more than 9 years ago | (#10829172)

Isn't the best way to secure data *both* something you have (e.g. key) and something you know (e.g. password)? Something I know is also less likely to get stolen, so long as noone has a keylogger installed on my computer. Last time I checked, it's also a whole lot easier to change my password than it is to change the locks on my doors.

back to windows 98? (1)

y86 (111726) | more than 9 years ago | (#10829182)

i know on windows 98 that if you just clicked cancel you didnt need a password to log on..... high security

End of passwords (-1, Troll)

northcat (827059) | more than 9 years ago | (#10829183)

Bill Gates has just proclaimed the end of passwords.

In the future we will be using smartcards and our computers will have 64k of memory.

No passwords (0)

Anonymous Coward | more than 9 years ago | (#10829184)

No passwords. Sure beats clicking on cancel to get in!

I think this is the wrong approach (3, Insightful)

auzy (680819) | more than 9 years ago | (#10829196)

Its similar to the national identity card.. What if your card gets stolen. Any idiot can probably use it to connect to all of your accounts, without effort. Even worse, its a very poor idea to base your systems on a completely centralised system like passport authentication. It only takes 1 person at microsoft to trip on a cable then for all of your logins to fail.

Finally, it offers no protection still. Bill gates is assuming you cant capture the password in memory. It is in fact even easier with .net because unlike a keylogger, the answer wont be obfuscated, you can just monitor the smartcard port, capture all the details sent, and you dont even need the smartcard.. You just emulate the smartcard hardware and fake the connection to the card, easy.

This system offers much less security then now, and the last few drops of respect I had for .NET are now mostly gone. This is nothing more then a publicity act that only stops people who tell others their passwords, and even then, they will just be able to borrow the smartcard.

Smartcards and MS passport also make a great way of tracking people. No one can tell me that Microsoft wont abuse this to improve their search engine

It will take only 1 more DNS mess-up for everything to fall apart, and is nothing more then a marketting Act. I beg of the mono people to offer a proper decentralised authentication system instead, like one based on jabber where any login method is possible anyway if the server supports the authentication type. PLEASE.. Do not use .NET authentication, or you are putting yourself in a terrible position (it costs money anyway, so I think its time us as a programming community should get together and get jabber up to the point the same thing is possible in a decentralised way).

Re:I think this is the wrong approach (1)

Peyna (14792) | more than 9 years ago | (#10829275)

Its similar to the national identity card..

Or a credit card, bank card, driver's license, passport, etc.

Obviously there will be fail-safes in case you lose your card.

It is no more like a "national identity card" than anything else I listed, because the government won't be running it, and they won't be able to demand to see it from everyone walking down the street.

First spam, now this! (2, Funny)

AndroidCat (229562) | more than 9 years ago | (#10829198)

Is there no limit to Bill's powers of proclaimations of endings? (Okay, he still has a year to go on the spam, but it'll be ending any moment .. now. Now. Now! Any moment...)

Re:First spam, now this! (1)

imr (106517) | more than 9 years ago | (#10829295)

spam will be over when his prediction that the internet wont get popular comme into reality.

LOL (1, Funny)

JediTrainer (314273) | more than 9 years ago | (#10829201)

In other words, Bill Gates gives up on security. "You win. You hackers always seem to find a way to break into our OS, well fine. From now on, we're taking the ball back. NO SECURITY FOR YOU!". Or, perhaps "In the interest of customer service and ease of use, we will now automatically grant administrator access to anyone who can turn the machine on. Down with restrictions!"

In all seriousness, is anyone stupid enough to trust any security initiative put forth by Microsoft after the last few years have been so disastrous for them on that front?

Re:LOL (0)

Anonymous Coward | more than 9 years ago | (#10829237)

In all seriousness, is anyone stupid enough to trust any security initiative put forth by Microsoft after the last few years have been so disastrous for them on that front?

It worked for George Bush.

640 should be enough... (1)

Progman3K (515744) | more than 9 years ago | (#10829210)

I can't wait for the inevitable exploits and bugs that will cause cracker to be able to amass the personal information of everyone who is dumb enough to believe this man.

Can I get indemnisation from Microsoft for the problems this scheme will bring? No?

A little black book containing all your passwords that you keep on your person is the ONLY way to be safe.

Great another card to lose. (5, Interesting)

LabRat007 (765435) | more than 9 years ago | (#10829213)

I actually like my password encrusted life. If I lose it all I have to do request another be emailed. If I forget my email password I just call my provider and anwser a slew of questions to prove my identity. Things are quick. Now, if my wife gets hold of a password "key" of any kind she will just lose it like she loses her ATM card 2-3 times per year. No thanks.

Just In From Heaven (1)

Spencerian (465343) | more than 9 years ago | (#10829216)

After the 40th day where the D.A.M.N. Windows-based soul tracking system was offline due to spyware, God, CIO/CEO/Ruler of All You Know, has proclaimed the end of Bill Gates.

From the company that brought you BOB and Win ME (-1, Redundant)

eyegor (148503) | more than 9 years ago | (#10829225)

Uhm... yeah.... right.

I wonder what Bruce Schneier thinks about this?

HA! RMS was there first! (2, Insightful)

dbIII (701233) | more than 9 years ago | (#10829240)

You may recall that RMS was strongly against passwords. We don't have to agree with everything he say or does - just the good stuff.

Re:HA! RMS was there first! (2, Insightful)

AndroidCat (229562) | more than 9 years ago | (#10829315)

So? I still think he was an idiot about no passwords. (In fact, he was a jerk by insisting that other people shouldn't use passwords.) That was not some of his "good stuff".

The answer (1)

CastrTroy (595695) | more than 9 years ago | (#10829255)

The answer, although everybody is recommending it is not biometrics. Lets say company A has your thumbprint/iris print on file for access to their system. Now, company B uses the same method. What's to stop company A from using that print to get information from company A. What if they use some iris scanning thing to get a key to encrypt your data. What if your eye gets messed up. Is your data lost, because it's going to take 5000 years to decrypt by some other hacking it? Compared the the alternative, passwords are nice. It's nice to be able to have different passwords for different companies, and to be able to choose passwords of differing levels of security for different things which require more or less security. I like to be in control of my own security. I'd rather not have one central organization, Microsoft or not, that's in control of my access to everything.

C# is an ISO Open Standard (1)

Mohammed Al-Sahaf (665285) | more than 9 years ago | (#10829256)

Smart cards based around Sun's proprietary Java technology have been around for a while. Its good to see smart cards being made now based around the open standard (ISO/IEC 23270, 23271, 23272) .NET techonlogy.

How is this better than the Java iButton? (3, Informative)

WillerZ (814133) | more than 9 years ago | (#10829269)

See this page:

http://www.ibutton.com/ibuttons/java.html [ibutton.com]

I've had one of these Java-powered iButtons since 2001. If you have the PKI in place it's a very easy technology to use. If you don't, it just gives you bragging rights in the my-computer-is-smaller wars.

Both good.

Phil

Java Card and Liberty Alliance (0)

Anonymous Coward | more than 9 years ago | (#10829271)

Er, um, isn't this what Java Card and Libery Alliance are about? Nice one Bill, you've "invented" something new again about 5 years after the competition.

Microsoft. Double-plus good chocolate ration increases for Party Members.

Didn't Sun do this 5 years ago? (2, Informative)

the_skywise (189793) | more than 9 years ago | (#10829272)

And it was called the "Java Ring"?

Re:Didn't Sun do this 5 years ago? (0)

Anonymous Coward | more than 9 years ago | (#10829323)

Yes, and if you don't like the ring you can have a card. I have one.

The obvious question (3, Insightful)

Black Noise (683584) | more than 9 years ago | (#10829276)


End of passwords? Umm, so, what is the other factor then?
Axalto's new .NET-based smart card is both a great solution to bring strong,
two-factor authentication to the enterprise as well as yet another way for .NET developers to take advantage of their skills and code.

US Military has been using this for years. (2, Informative)

RandoX (828285) | more than 9 years ago | (#10829283)

Newer US Military ID cards (~last 2 years)have a 'chip' in them that allow instant login to DOD computer systems. It also stores the user's medical records.

... iButtons Java API... JavaCard API's.... RFid.. (-1, Troll)

tod_miller (792541) | more than 9 years ago | (#10829284)

End of passwords...

You have to use .Net...

To coin a phrase: LOL!

This is typical PHB marketting by Microsoft. This has been around for millions of years. PHB's never remember thier passwords, especially to the pr0n sites they peruse.

Bingo, keep PHB's in your palm by letting them not worry about passwords...

What a loser company... In other news Microsoft invent the internal combustion engine, wheels and leather seats, so we now all don't have to walk around without shoes!

".Net isn't shit, look, you don't even need passwords! You need passwords for linux, but not Wind0wz because it is so l33t!"

Do youself a favour and ignore that story! Oh and for those looking for enterprise level physical authentication measures, try JavaCard, many banks use this technology for thier low end workstation locks, in addition to passwords though - although the password at my local branch is 'sunny1'...

the one fingered typist almost asked my to help her tpye it, thinking the security was some feature to stop her looking at a complicated computer screen, not to keep me out of a lovely inviting way of cancelling out all my uni debt! muahahahahahhahahahahah *cough*

I wouldn't...

One more thing to lose (1)

nurb432 (527695) | more than 9 years ago | (#10829293)

"honey, where is my smart card.. i want to check email"

Doubt that 'yet another external device' is the future of anything..

I rarely use passwords now... (2, Insightful)

djmurdoch (306849) | more than 9 years ago | (#10829296)

I can't RTFA (it's been slashdotted), but this makes lots of sense, and there *are* open source solutions to this, like public/private key pairs in OpenSSH. I do need to know a passphrase to unlock my key, but then I can log in to a number of different machines with it. In fact, I have my machines set up to not accept password logins except at the console, remote users *must* use key pairs.

Currently I keep a key on my desktop machine and another one on my laptop, but if I was worried that those would be stolen I could switch to a USB key.

Perhaps he advocates no-factor authentication (0)

Anonymous Coward | more than 9 years ago | (#10829303)

Authentication is potentially based on three factors: Something you have, something you know, and something you are (biometric).

Passwords are the "something you know." That gets us down to two factors. Gates probably also has reasons the others should be eliminated.

Perhaps Gates is ultimately advocating "no-factor" authentication. What are the implications of that?

Certain to change Microsoft's image (1)

amichalo (132545) | more than 9 years ago | (#10829306)

Yes, without those pesky "passwords", security on Windows boxes will once again rival that of Linux, et al.

No news is big news... (1)

supabeast! (84658) | more than 9 years ago | (#10829312)

Sun has been pushing smart-card signon systems for years -- along with plenty of little security vendors -- not to mention smart rings, smart money clips, hell, smart anything that can take on a key. Has anyone in the mainstream picked it up? No.

Of course, MSFT has a hell of a lot more clout than Sun, but I just don't see this as being technology that anyone other than a nerd who gets off on RFID actually wanting to bother with.

Uh huh (0)

Anonymous Coward | more than 9 years ago | (#10829317)

Isn't this the same guy that said we would never need more than 640k of memory?

Thats stupid (1)

JustNiz (692889) | more than 9 years ago | (#10829319)

Why would I want to have to carry a piece of plastic around just so I can log into my PC?

Also what about the increased security risk because now you have something someone can steal an use?

Passwords are more convenient and more secure because no one can see or steal whats in my head (I hope!).

proclaiming the end (1)

khrtt (701691) | more than 9 years ago | (#10829328)

And passwords can proclaim the end of Bill Gates - with about the same net effect:-) The nifty idea is really nothing more than putting the password on a physical medium so you don't have to remember it. It's an old idea; the problems with it are - you need to carry the damn thing, you need to not loose the damn thing, and you need to get the damn thing out every time you are logging in. The reason your bank's web site offers you to store your credit card number in a cookie is that people object to having to mess around with physical objects when they need to get access...
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...