I think this is a really, really bad idea. It's been known to cause trouble for other companies before when the Lybian administration doesn't like what you're doing.
> Once adopted by other websites, Tru.ly could replace the OpenID, oAuth or Facebook Connect as the next evolution of an official login.
Once it's widely adopted, it'll be widely adopted! Once my startup makes it big, it'll be big!
And I just don't understand claims like this from a security standpoint:
> With Tru.ly, you can even use a QR reader on your phone to validate a Tru.ly user on the spot as everyone who signs up gets their own QR code.
Do people think that previous attempts to verify your "real id" have failed because the proponents were stupid, or because it is an incredibly difficult problem, verging on intractable?
A .ly domain? Really? The website seems to deal with highly confidential data, and they're basing it on a top-level domain from a dictatorship (Libya) whose leader is currently bombing peaceful demonstrators? (That's right, they're using fighter planes against demonstrators!)
Even before the current Libyan revolution there were problems with using .ly domains. E.g., Gadhafi recently made it illegal to use .ly domains for things deemed against Islam.
I'm genuinely unable to believe they'd launch with that domain this week, irrespective of how much they'd financially and emotionally invested in the cute domain hack.
It would be amazing even for the beta launch of a service that didn't depend on your trust in their security and ability to maintain uptime.
I signed up because I think this is a good idea that has a place on the Internet. However, in order to link to my facebook and twitter accounts it wants permission to post to my wall and send out tweets. I'm tired of apps requesting more permissions than necessary, so that's where I stopped using it. Also, .ly is a bad idea.
20 comments
[ 2.6 ms ] story [ 55.9 ms ] thread> Once adopted by other websites, Tru.ly could replace the OpenID, oAuth or Facebook Connect as the next evolution of an official login.
Once it's widely adopted, it'll be widely adopted! Once my startup makes it big, it'll be big!
And I just don't understand claims like this from a security standpoint:
> With Tru.ly, you can even use a QR reader on your phone to validate a Tru.ly user on the spot as everyone who signs up gets their own QR code.
Do people think that previous attempts to verify your "real id" have failed because the proponents were stupid, or because it is an incredibly difficult problem, verging on intractable?
EDIT: to the downvoters, it's difficult to even verify the identity of a website, much less humans: http://www.schneier.com/blog/archives/2008/12/forging_ssl_ce...
Will joining affect my credit rating? In other words, will this service be validating my identity based on information in my credit report?
I'd rather stay off the grid until the government threatens to fine me if I don't sign up. (sarcasm)
Even before the current Libyan revolution there were problems with using .ly domains. E.g., Gadhafi recently made it illegal to use .ly domains for things deemed against Islam.
It would be amazing even for the beta launch of a service that didn't depend on your trust in their security and ability to maintain uptime.
I've worked in USA, so I have social-security, but don't have permanent US address. World is a little bigger than USA afterall.
Scroll bar fail.