The SE Isis uses is on the SIM, the SE GoogleWallet uses is Embedded on chip. Two different types, chosen primarily around distribution mechanisms each could protect. Google felt if it were embedded, its relationships with OEM's would primarily help its case. Carriers went the SIM route primarily due to them being the only distribution channel that matters in the US for phones.
Google Wallet can potentially work off of a SIM based SE. But this would mean that Google will have to work with in the parameters of Carrier's Isis framework. Isis framework is different in that it has no visibility in to the transaction data. Google will have to opt in to this approach (Banks require it because they fear Google). Google wants data and will never agree. Yada Yada Yada.
Verizon did block Google because of its stake in Isis. And because Banks would have explicitly sought out Carriers to block GoogleWallet on Carrier phones. Google could work with Isis with in its own framework, but it never will. Competing interests, revenue models and goals.
That still doesn't make it right, though, and it's still anti-competitive. I mean who is Verizon to say that a company can't run a certain type of app on "their" phones, because they are not even their phones. They are their customers' phones.
It's especially troublesome when Verizon is creating a competing app, and they are just giving a more or less "reasonable" excuse to completely take out their competitor from the market, much like Apple is doing with the browsers on iOS. The difference here is that these carriers almost completely own the US market, and them joining together like this to stop Google from putting the app on their phones is kind of a cartel movement, isn't it?
At the very least, I think this is worth an investigation from FCC and FTC.
Udemy is one of the spammiest services I have ever come across. Despite, hitting unsubscribe and going through the motions over 10 times, emailing them half a dozen times and finally deleting my account - I still get spammed.
Udemy is the bottom of the barrel when it comes to Spam for me.
The main feudal lords map to the Four internet giants - Apple, Google, Facebook and Amazon. Each has a dislocated jaw and a growing appetite to consume entire industries.
As they grow, our implicit trust in our Feudal lords, without any kind of Transparency in return is a dangerous thing.
With the release of the iPhone. One example of this was that Apple was able to use their clout to successfully sideline flash in favor of HTML5. That's not to say the technology industry was in love with flash prior to the iPhone, but the iPhone gave apple the sufficient stature to dictate what happens in the mobile technology arena.
Issue with disrupting existing payment modalities is that you need scale, which is really hard to do when you are a startup and there is not much differentiating you from the rest.
Which is of course a catch-22, though people like Facebook and Foursquare solved this by launching in small geographic areas first to get ubiquitus in those areas.
Oh look, Droplet is targetting Birmingham UK, first - looks like they know this.
This comment reflects a lack of understanding of how non-IT folks deal with passwords. As the number of services we consume on the web have exponentially increased, the difficulty in remembering all those passwords have led the majority of us in keeping 2 or 3 passwords for the whole lot- leading to what the author of the Wired article was guilty for.
That's not stupid, that's just how folks who have other stuff to worry about in their lives, do with a technology they hardly understand. Security frameworks even for banking systems primarily depend on passwords and little else. It's similar to "getting past the gatekeeper to the fort, and then having access to the Armory, Queens Chamber and the Royal Safe". Access should not be granted because you could recite 10 characters in the right order. It should be granted after having fully understood the context of your attempt, the history of the account and the account holder, and doing KBA (knowledge based auth) commensurate with the damage that could happen if the wrong person accessed that account.
Passwords should die a horrible death. They are a mere fallacy. An illusion of security.
> This comment reflects a lack of understanding of how non-IT folks deal with passwords.
If that is so relevant, we should also kill online (and offline) banking, selling used cars and insurances etc. ... Because clueless people will get owned and scammed everywhere.
What the article neglects is pointing out the total failure of Amazon, AT&T and Apple to protect their customers. It's complete nonsense to allow identity theft on the basis of information that is easily obtainable (credit card and social security numbers - they've been exposed hundreds of times and are no secrets). Class action suits might fix that in the long run, but at least don't blame passwords when they weren't the weakest link.
Yes! This is the problem, most people are non-techies (believe it or not) and have one password: 123456. Passwords are a slight inconvenience to them and that is why we have to design for the weakest link. The publicly available databases of passwords makes them irrelevant for the vast majority of people.[2]
We are using the same method of authorization that was going on 1,000 years ago. "Sentries would challenge those wishing to enter an area or approaching it to supply a password or watchword, and would only allow a person or group to pass if they knew the password."[2]
This method has no context in a world bursting at the seams with sharing, connection and relevance. Who are you, where did you come from, who is with you, what is your purpose and how did you get here?
It should be contextual like: What is the speed of a swallow? (African or European?)[3]
"Passwords should die a horrible death. They are a mere fallacy. An illusion of security."
Wrong. Passwords have worked well for decades. They are, by far, the best balance between convenience and security. Service providers need to do a better job of taking into account other factors (IP addresses, cookies, recovery techniques) to mitigate breaches.
"Passwords are here to stay. They provide reasonable security."
Words.
Since the premise of the article (and the person to which you've replied) is that your statement is false, you're going to need to provide more than the above to refute it.
I agree with your core points: Passwords are not enough for accounts that need to be secure.
But one thing that a lot of this glosses over is that different accounts need different levels of protection. I really want things like my bank account to offer stronger protection than a password. On the other hand for things like my hackernews account and my dragongoserver account they are probably plenty and its not worth additional inconvenience to have more.
It would be like saying your average bike chains are dead because they can be defeated by bolt cutters. Bike chains are plenty of protection for an average bicycle, but I want something more protecting a safe deposit box.
> that's just how folks who have other stuff to worry about in their lives, do with a technology they hardly understand
If they have 'other stuff' why they spend so much time posting about memes, or TV shows or other meaningless stuff?
When I was in high school only nerds would know what's a hard drive, or what's an email address. Now everyone seems to know something about computers, everyone has emails and twitters and other things (even if they don't know what a MFM encoding is).
The same can be true for password security.
Honestly, computer security is important, and therefore should NEVER be dismissed with the 'other stuff to worry' hand-wave. If someone doesn't know about it, they should learn.
If passwords are to be changed for a better technology, nothing changes about my point: people should learn to use it correctly, whatever that is.
Great news for Google, except the hardware quality doth suffer. I had to RMA my first one, as the audio jack was spotty and only outputted one channel. The second one arrived with exactly the same issue and a screen that wobbled. RMA'd that one to get a third one, and saw that it was one of the early batches that had a ton of issues and I didn't bother keeping it to find out what was wrong with it.
So Google, if it has any hopes for displacing iPad, needs to clamp down on quality issues with its suppliers and make sure that these products match up to the incumbents they are hell bent on displacing.
Over a year ago, I wrote up an early product requirements doc for how law enforcement investigations will function if investigators could follow cases, evidence, firearms, events, suspects, persons of interest, locations similar to how we follow people on Twitter or Facebook. It would make it incredibly easier for them to be notified when something changes, instead of having to manually be alerted about something of relevance.
Your preferred credit card issuer already knows this - if you have a propensity to eat out during the week. It can look at where you are eating most of the days during the week, aggregated over time, to guess which part of town do you work, vs your home (it knows your home address). It can also look at your spend at gas stations over time to see if you own an SUV vs a Car, or whether its a fuel efficient vehicle or not.
Aggregated data from a number of different sources can give a near-complete picture on a customer.
