[Discuss] 19,000 person company passwords stolen via HTTPS

Tue Oct 6 19:55:18 EDT 2015

On 10/6/2015 7:30 PM, Anthony Gabrielson wrote:
> No…

Yes. It's a monolithic data store with every user's identifying 
credentials in it. It doesn't matter how that data is stored. It doesn't 
matter what transformations are performed on that data. It's still in 
one place and the whole thing can be taken in one swoop.

> It sounds like you’re asking for: - Secure Comms - Anonymity

No, not anonymity. If I do business with Amazon for example there is no 
anonymity or else they couldn't charge my credit card and I wouldn't 
receive my stuff. What I'm asking for is a mechanism where rather than 
me authenticating myself with Amazon, it is Amazon's services which 
authenticate themselves with me.

No, I don't know how to make it work. I wish I did. I wish someone did.

-- 
Rich P.