Getting deep with identity

I was about to write an email to someone I respect deeply about how my thinking on information security had changed since we last met in the summer of 2013. Then I wondered if I'd actually written a blog post on this? I searched and found nothing, so surprised that it is not here. It … Continue reading Getting deep with identity

Krafttag krävs mot id-kapning I Sverige

The rapid increase in identity fraud in Sweden is gaining some media attention (http://www.svd.se/opinion/brannpunkt/krafttag-kravs-mot-id-kapning_3767990.svd). However they are missing the point. The solution is not to purely simplify the 'clean-up process, but to change the law. And changing the law is not purely about criminalizing the crime but to enforce an individual's basic fundamental right to … Continue reading Krafttag krävs mot id-kapning I Sverige

Identity Management is DEAD!

It's all about CONTROL.... You CONTROL your identity Organisations CONTROL their identity Countries CONTROL their identity This is the future of 'identity management' or 'IDM' or 'IAM'. Scalability comes from bottom-up, not top-down. You CONTROL what is yours, your identity. Nothing else will work in this highly connected, growing and verbose world that we are … Continue reading Identity Management is DEAD!

Glad födelsdag – Happy Birthday – for your Swedish ID#

Reblog from post in 2009. Very relevant to the Tracey series.

Virtual Shadows

I was surprised when taking a coffee with one of my colleagues in the office. She received an SMS thanks from another of our colleagues her for the birthday greeting. When I asked her, how did she know, she said she found it online at http://www.birthday.se/kontakta-oss/Default.aspx. She then told me when my birthday was and even a map to where I lived (although they did get this wrong). Nevertheless surprise became horror. I had already removed my details from www.hitta.se only to find myself at another site. So I checked with a previous colleague of mine (Martin Da Fonseca) that studied security law in Sweden if this was in fact legal? And this was his response.

“It is legal. The service provided by Upplysning.se is regulated in Kreditupplysningslagen (credit information legislation) (1973:1173).

I believe the service provided by birthday.se is using (or exploiting) the fact that this information is…

View original post 419 more words

I want my identity back NOW

I am on a crusade. I am fed-up of finding my personal information being spread all over Sweden by government authorities. There are laws concerning the protection of personal privacy that are not being enforced. I plan to fix this. I have written a letter to the Datainspektion, and started posting on this thread (Tracey). … Continue reading I want my identity back NOW

So when is a digital interaction not a digital interaction?

When the identity and associated roles -that trigger and consume- the digital interaction are not an integral part of the process. This means that participating parties cannot be legally held accountable for their actions. Principle consequence is a lack of absolute traceability in your organisation, and if there is some legal requirements, a need for … Continue reading So when is a digital interaction not a digital interaction?

Identity = Reputation?

So does identity equal reputation? After all this is the claim made by some identity practitioners such as Dick Hardt (Hardt, 2006). The simple answer is no. Does it matter? And the answer is yes, it matters a lot. Today in our digitised society your digital identity is quite simply an entry in a database, … Continue reading Identity = Reputation?

Turning the identity thing upside down

Haven't you thought it as strange that your digital identity becomes weaker the more it is exposed? In fact is it an identity at all? After all it is only a record in a database, or an object comprised of attributes in an X.500 tree, or something written on a plastic 'id card'. It is … Continue reading Turning the identity thing upside down

2 million account credentials stolen!

More than 2 million passwords have been stolen from popular web services such as Facebook, Google, Yahoo, Twitter, LinkedIn, etc. All the popular press are reporting on this (here is something in English and Swedish). Now what is interesting is the analysis on the stolen passwords by Trustwave. Trustwave did a similar study over 6 … Continue reading 2 million account credentials stolen!