Broadband Scandal – heading towards 3rd world connectivity

$200 Billion Broadband Scandal was posted to a list I am on today.

New investigative ebook offers micro-history of Verizon, SBC, Qwest, and BellSouth’s (the Bell companies) fiber optic broadband promises and the consequence harms to America’s economic growth because they never delivered and kept most of the money, about $200 billion.

New York: This is one of the largest scandals in American history. America is 16th in the world in broadband and the US DSL current offerings are 100 times slower than other countries such has Japan and Korea. How did we go from Number 1 in the web to 16th in broadband and falling?

* Are customers owed $2000 for a fiber optic service they paid for but never received? Did towns and cities, libraries and schools, government agencies, and every residential and business customer subsidize new networks that never showed up?
* Did America lose $5 trillion in economic growth, $500 billion annually, because of these missing networks?

Conferences…issues

Scoble just did this long… post on conferences and the issues around creating them. Adding to Jeff Jarvis’ post here.

I left this comment….

Hey Scoble,
We in the identity community are trying to figure out the venue thing too. 1st key is a place that lets you bring in outside catoring.
We are also doing 75% open space at our next conference – so no planning for ’sessions’ the attendees create them based on what is alive in the room that day. This is how you have a discussion with 2000 folks – not trying to have it all in one big room. You can also use process like Appreciative Inquiry where a whole room of over 5000 folks can have a meaningful conversatino ‘together’. I think we should have a conference for conference organizers to mull on options and issues faced by our crowd. Innvation is needed in this space and market needs are largely unmet.

The breakdown on the Identity Workshop was a fee of $75 for a two day conference that included lunch.
Those of us who organized it did it volunteer and we broke even. Everyone loved us bucking the trend of the ‘expensive’ conference. We are hoping to pull it off again this year in May.

The details – We had about 70 paying attendees. 80 people attended. Lunch was $800 a day -$10 a head (and people liked the food)
We paid the venue about $800 a day (but the wifi was iffy and chairs not super comfy). We got someone to help with refreshments for about $400. A neutral sponsor came through and sponsored dinner for everyone the first (and only) evening of the conference.

analog-digital Clash – HIGH transaction costs

Today I have had two analogue-digital clashes. Or perhaps digital loops that had to pass through an analogue phase

I went to the bank to get a print out of all the transactions on my account recently – so I could notify them of the fraudulent ones. You would think that i could tell a bank employee which ones are fraudulent and they would ‘mark them’ on my account electronically and then investigate. Nooo… I get a form that I must fill with a pen writing out each fraudulent transaction.

Then I have to come back tomorrow when the guy who can notarize them is there to mail the documents into the bank. It will then take them 15 days to even look at my claim – more time to investigate and no money is returned until they complete investigating…potentially a month or more away. Meanwhile I am out $2800.

Second clash. I did some work for PR company. They call me last week and leave a message that says…call us back. I really don’t like voicemails like that you have to write the number down. Then punch it back in to call them. I figured it was about my SSN for taxes. I changed my voicemail message that said if you really want me to call you back you have to e-mail me and left my e-mail address. So today I get this e-mail that is a W9 that i have to fill out and sign and fax back to her. Shouldn’t you be able to submit this to the company in some electronic way and then be assured they destroy this information (revocation) so it is not floating around forever in there accounting system. Not yet apparently. So first I fill out the PDF boxes then print it out to sign it. I don’t have a fax machine. So Then I scan in back into my computer and send her the JPEG.

Ross Mayfield said at an event last year that 50% of the economy was transaction costs. These experiences both have a lot of cost associated with just doing the transactions. We as a digital identity community need to address real costs baked into the system that are not working for people or organizations.

Identity Woman has Identity Stolen

This really happened believe it or not. It is not ElastaGirl pretending to be me or someone named Identity Chick emerging on the scene. I had my one bank/credit card counterfited used for transactions and draining my bank account to well below zero.

I knew something was wrong when on friday I got a call from Visa’s fraud center asking me to call them about some suspicious activities. I had gone through this before – it was when i had bought domain names from a france based seller and they had called to check with me that indeed I had bought something from france. I was not worried and figured this time would be something similar.

I waited a day to get back to them and called on Saturday night. They wanted to review about 30 transactions on my card…many were things I remembered. One was for sure not me $321 from Macys in Pleasanton (a suburb over the Oakland Hills) on Jan 26th the day I was at etel (in Burlingame that day). They said my card was turned off after this transaction. So I am thinking that I have only $321 of fraud to deal with.

That day I had $1300 in my bank account (I know cause I withdrew $100 that morning).

Monday morning I had negative 1300 in my account.

It is emotionally awful. Who could have gotten it where. Is it ‘just my VISA number’? What if they know more about me – my birth date (is that anywhere on the internet publicly I wonder?)

Do I have to close my account cause the know how to access it? If I do that am I really safe? Who to trust now? is a question arising in me.

Kim Cameron’s Panel about Identity @ SD Forum

This is from the SD Forum on Interoperability January 31, 2006.

Prateek Mishra – Oracle
What is the identity problem?
It is stuck in a few places at employwer, bank and you want to
how does your identity get from your identity provider – the places were you have defined your identity to all these business processes and services.

We want to do this across the internet. There is the protocol piece – we know how to transmit identity from point a to point b this is solved…

Governence models how to transfer identity in trusted ways from point a to point b. Folks like Liberty Alliance have white papers and frameworks for this. This is a non-trivial problem. How you maintain and create governance?

How do you have normal folks sitting at their computers manage their identities in intuitive ways. How do they have a tool

Identity is stuck it wants to be free.
Protocol – Token Representaiton – solved
Governence and Infrastructure – somewhat solved
How does a person leverage these multiple identities?

Kim Cameron – fan of SAML and Liberty
As we move to more interconnected set of systems we need an identity layer. When you have an architectural whole of this magnitude you have a huge number of kludges.

Meta System

Users have no way of predicting how they should work – knowing when they are in danger.

old days fighting over token rings vs. ethernet – we got TCP/IP that encapsulated both.

We need a metasystem (I got a tiny bit distracted here, sorry. So the transcription is not perfect)

Karen Wendel, Identrus
Metasystem – single interface from an identity perspective.
Everyone has a visa card – that folks each having a card for each store. The industry would be stuck without interoperable.
Rules used consistently throughout the world.
VISA would take responsibility for legal, technical and policy issues.

Identrus was owned by the banks. Your identity will be given to you. It takes responsibility around the policy stuff. Legal aspects of your identity – dispute resolution. Liability of relying party who maintains it and lifecycle. We run this network and commonality on global basis.

(from there website) Identrus provides the global standard for identity authentication.
As communications expand and the world shrinks, knowing who’s who in the electronic universe becomes vital.
Identrus offers a full range of technology and services that support every aspect of safe eTransactions.

Rena Mears, Deloitte
Access – from a privacy point of view is different from access from a security point of view
Assertions and Claims are different

Kim Cameron..
Claims are assertions which are in doubt
everything being claimed has to be doubted so we can establish trust.

They considered using Claims but it would have become SCML (scammel)

It is to the benefit to the SAML make things secure in the browser. Shibboleth the hardest thing is home site discovery – infocards visual representation and

pick one of the 5000 higher education institutions…
or pick ‘your’ university identity.

Identrus: This is what we would call an identity provider.

Kim:
SAML is the transport language
SAML is used between a portal and services to the portal.

I propose we have new ways of the user authenticating to the portal.
The systems still exist.

Karen:
What constitutes and identity and the needs for security.
How does language play in this space – there are a lot of different models – identity is not the same as authentication or security.

problem blending identity and security – PKI
you get these people

Kim:
anyone who works with a protocol they get infected by the protocol and their vision blurs and and narrows.
We need more fanatics about protocols

Identrus:
one of the challenges for us as a community – identity does more then authenticate – sign things and create legal contracts – engage in business transactions, incur liability and regulatory transactions.

you can’t look at the papers and not see an inherent relationship between identity and security.

Rena:
Who has stepped up to be the binder of identity to the individual.

Prateek:
there is not such thing as single monlithic identity
there are multiple notions of identity useful for different contexts
Shibolith context higher education
Identrus is a context and a governance model

We like Infocards if we could use it when we get to the line in the spec it says Identity provider discovery – out of band
authentication is out of band for SAML

Karen:
everyone is bound by
the bank that issues the identity to the person
the bank binds to the person – labile to up to 10 million dollars
issued within all the legal requirements

there all these pockets of identity – the level of binding – between issuer and relying party – it does not transfer through the bridge structure.

A lot of the federated model you don’t have that level of binding between the parties.

We will work with the bridges and it is a different element.

Kim:
The government – thinking of itself as the ‘binding’ authority – reasons for relative autonomy.

Belgium a national identity card – but no card readers
One group was the association of mayors – they were now being asked to sign their legal documents with their individual citizen identity – they used to sign their documents with a stamp of their office – we must think of roles.

Kim:
The issue is PRIVACY.
the characteristics that really respects privacy are the characteristics of a system that really is difficult to penetrate.

All of the identity issues – any initiative that takes this forward we should all applaud.