Burtz, your "scummy" line speaks even more badly of you than your lack of understanding of the issues.

I've tried to get through to you. Perhaps time will help.

Hi Burtz

Where do I start? Well, Ann Cavoukian actually referred to me in the videa as being from Microsoft. I thought you had watched the video. Cory Doctorow drove that point home implicitly in his comment about me. Finally, when I read peoples' comments I often check for them in a search engine. I gave my name, and come up in google on the first page whether you type Kim, Kim Cameron, or Cameron, so I'm not actually travelling incognito.

I'd like you to read the Laws of Identity, which I wrote specifically so we could talk about things deeply, before getting into much more detail. If you still want to take the arguments made there apart, even after understanding them, I would find that interesting.

Regarding your suggestion that I shouldn't call your recipe for protection naive, let's look at it.

1) Learn the address bar and status bar! Mouseover and check links in web and email before clicking on them.

---> there are techniques through which the evil site can overwrite the address bar and the status bar, so you have no idea what is going on beneath the pixels.

2) Learn what a URL is, and pay particular attention the domain name and SSL 'lock' status during any sensitive transaction. Is it the domain name that you want to talk with?; Is it spelled correctly?

---> there are all kinds of tricks that can be played with the URL. Even when it is intact, your DNS-to-ip mapping be distorted by an attacker. Client Side Java script can cause all kinds of nice visual effects I will leave to your imagination; cross-site scripting attacks mean even if you use a certificate and land at the right site, buried frames may continue to be able to do nefarious things under your identity, and so on. These are all attacks that are seen regularly. Your recipe would leave you totally vulnerable.

3) Learn what a certificate represents, and how to handle a certificate warning. A locked page that is warning-free cannot be spoofed by a fourth-party.

Burz, the lock symbol can be painted on your screen by a sufficiently cogent attacker. The certificate dialog can be faked - how would you know the difference?

You are passionate and that is great, but you need to look more deeply at these things. I don't say that in a condescending way - I'm inviting you to get more involved.

The user interfaces are still confusing enough that very capable engineers can be tricked into doing things like installing rogue certificates, in which case all bets are off.

Basically, if you look into my Laws paper, you'll see a discussion of the fact that we need to have a clearer and more "noise-free" connection with the thought processes of the user before all the fine security properties of SSL matter one iota - currently we protect the 4000 miles between a computer and a distant server, but don't protect the last two feet between the user and his computer. This requires new ways of thinking, new metaphors. That's what my work is about, with the proviso that nothing we do to solve these problems should diminish user control or decrease the privacy of the user.

Anyway, I've got to go on to other issues, but invite you to look into this further.

Regards,

Kim

Burz, your thinking about "all you need to know" to prevent phishing is really naive. I guarantee there are many attacks which not even the most savvy user can detect.

In terms of your other comments, I hope you'll look further into what we are proposing. There is NO attempt by Microsoft or IBM to control your identity. In my work we are talking about a technology, sort of like http or tcp/ip, which allows you to control YOUR OWN identity - get identity from any place you want, including making it up just as you do when using user names and passwords.

Further, we've put a lot of work into ensuring that "anonymous" identity is used unless there is some compelling reason to reveal anything.

I've described what I'm trying to do here: http://www.identityblog.com in the Laws of Identity at the bottom right of the page. Please read the paper.

I think you have Ann completely wrong, and it's a shame. She's a spunky fighter for your rights - and mine. Take a look at her record - what she's actually accomplished. I really hope you are able to do as much.

On the question of consumer DRM, I'm not a supporter of the type of thing we see today at all.

I've been very frustrated - especially in having my downloads locked in one ghetto or another (e.g. itunes).

I think this technology is just in its earliest phases, and is still pretty goofy.

I think I would accept it if it could model what happens in the physical world better.

For example, if I buy a CD, I can move it around, use it anywhere I want, lend it to my friends, resell it and so on. Any reasonable DRM would have to let us do the same things.

If we could develop this kind of technology, with ZERO risk of invading privacy, I think it would balance out the rights of the artists better than is currently the case, and that they deserve that balance.