Posted by John Patrick on Dec 29, 2003 in
Gadgets Feedback about the Body Fat Scale has ranged from "why bother" to "wow, didn’t know about that". There was also constructive feedback from Tony, who endorsed the need to monitor both weight and body-fat. "I’m 46, with a family history of heart disease. I have mild hypertension, Type II diabetes and I’m slightly overweight and over-fat", he said. Tony cautioned that one thing to be aware of is the reliability of body fat impedance measurements. (read more)
Tags: bia, Bioelectrical Impedance Analysis, body fat, Gadgets, obesity, scale, tanita
Posted by John Patrick on Dec 28, 2003 in
Gadgets 
I can’t say that I am in the best possible physical condition, but I do work hard at staying fit. When I received a Tanita Body Fat Monitor/Scale as a gift this week, I hope it was more about my love of gadgets than a different implication. The theory behind having a way to measure how much body fat you have is that it is an important element of your fitness. Weight alone is not a clear indicator of good health because it does not distinguish between pounds that come from body fat and those that come from lean body mass or muscle. Too much fat is often called obesity, and most health experts would agree that obesity puts a person at risk for many serious medical conditions. (read more)
Tags: bia, Bioelectrical Impedance Analysis, body fat, Gadgets, obesity, scale, tanita
Posted by John Patrick on Dec 26, 2003 in
PKI 
Another dimension of Trust has to do with standards. Because of standards, the Internet is the only thing I know of that works the same everywhere. Most things work differently in different parts of the world. The side of the road we drive on, the side of the car we drive from, the width of the railroad tracks, the plugs that we put in the wall; all work differently around the world. But not the Internet; it works exactly the same in every corner of the world. There are a lot of debates during the process while Internet standards are being developed but once published as a standard every vendor has an obligation to implement the standard. Most do. (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, PKI, privacy, security, smart card, trust, usb
Posted by John Patrick on Dec 24, 2003 in
PKI
In “Too Secure?”, I described how a financial services company insisted that I use the fax machine to send them a document. Let’s contrast that process with how it might have worked using a public key infrastructure approach with the five security functions described in the last part of the Privacy And Trust series. We’ll look at each of the five elements. (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, PKI, privacy, security, smart card, trust, usb
Posted by John Patrick on Dec 23, 2003 in
PKI
The most important benefit of a digital ID is authentication. Once digital IDs are more commonplace, you will no longer have to send your login ID and password over the Internet. Your password, passphrase, or biometric will go no further than your smart card, token, or your PC. Once you are authenticated, you will be able to authorize an encrypted exchange of digital data between your PC (or phone or other information appliance) and the other party. The result of the exchange is that both parties will be able to confirm that the other party is indeed who they say they are. If you provided biometric data the person will know not only that it was your ID but that it was actually you and not someone who may have ?borrowed? your login/password. (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, PKI, privacy, security, smart card, trust, usb
Posted by John Patrick on Dec 22, 2003 in
PKI
In the near future most people will have a digital ID along with an accompanying biometric link such as a fingerprint, face print, voiceprint, iris or retina scan. The combination of digital ID and biometric will enable you to establish yourself as a completely unique person. At last you have the ability in the digital world to establish that you are who you say you are just as you can in the physical world! Step one is to get a digital ID from someone that knows for sure who you are and who is trusted by others as a reliable source for authenticating you. And who would this someone be? (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, privacy, security, smart card, trust, usb
Posted by John Patrick on Dec 21, 2003 in
Favorites 
My book, Net Attitude, has been for sale on Amazon since it was published and there is a link to purchase it directly from the book image on the patrickWeb homepage. (the commissions from Amazon are modest and I contribute them to charity). The new news is that there is now an interesting way to not only get to Amazon to buy the book but also to find and read part of the book content through Google’s new book searching site. Here is a link to the Google beta test. (read more)
Tags: amazon, books, google, Net Attitude, search, searching, text
Posted by John Patrick on Dec 20, 2003 in
PKI,
Public Policy
There was a cartoon by Peter Steiner in the July 5, 1993 issue of The New Yorker showing a dog at a PC speaking to another dog watching from the floor. The caption was, ?On the Internet nobody knows you’re a dog.? Very true and in fact nobody really knows for sure just who you are. Nor do you know who is at the other end of a chat session or e-commerce transaction either. Assuming success of the numerous technologies at the Inside ID conference in Washington, D.C. this week, we will soon have Digital IDs that will change this. There are many issues but has become urgent that we get digital ID’s in place for all of us (and for our servers and eventually for everything. (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, PKI, privacy, security, smart card, trust, usb
Posted by John Patrick on Dec 18, 2003 in
PKI 
Before I continue with the Privacy and Trust series, Ins I wanted to summarize what I learned at the Inside ID conference in Washington. In my presentation I tried to set the stage for the conference by speaking about how the evolution of the networked world presents a staggering necessity and opportunity for organizations of all types to provide the means to establish who they are and who they are dealing with, whether it is across the counter or across the Internet. The Inside ID conference then drilled down in great depth as nearly 100 speakers and more than 60 vendors discussed the systems and technologies that facilitate identification — ranging from digital identity to identity management. There were a lot of detailed things I learned but what I want to share is the big picture of what I learned. (read more)
Posted by John Patrick on Dec 16, 2003 in
PKI 
A number of readers were surprised to learn about phishing, and more than one suggested that I send the example to eBay. Actually, I am quite confident that eBay is on top of this issue. I suspect they scan continuously to find eBay fraud of all kinds — including phishing emails. eBay is an incredibly large and successful community for buyers and sellers and they have thought through all the aspects of the buying and selling processes. Any inhibitor to the growth of the community is something they are responsive too. Unfortunately, it is a constant battle to stay ahead of the fraudsters. Bob Safier shared with me an amazing fraudulent email that he received. (read more)
Tags: fraud, phishing, security, spam
