Is It Safe Because They Say So?
Java sys-con reports that Serendipity Enterprises is introducing the ‘world’s first secure RSS reader’ called Enterprise Web 2.0.
Here is what they say, “…consumers will be able to securely receive customer-specific information from stores, banks, utilities and other organizations.”
David Lavenda, VP of marketing and product strategy at Serendipity Technologies further said, “This unique Web 2.0 tool was created to demonstrate how workers will soon be able to receive protected enterprise application information, right on their desktops or personal web pages”.
My question is, how do we know it will be secure? I think I’ll log in to each of my personal banking and credit card accounts with my password and the yellow lock on the page for quite some time.
Will you use this or something like this?
Related Stories
POSTED IN: Fresh feeding
5 opinions for Is It Safe Because They Say So?
Paul M. Watson
Jan 27, 2007 at 7:12 am
I don’t know the details but thinking about it it seems to be a good idea. Take RSS feeds of personal, valuable and private information and wrap them in standard internet security layers.
I wish my online banking provided an RSS feed of my accounts. Right now they offer SMS updates (unencrypted) and a website (usual SSL security measures.) RSS wouldn’t be any more or less secure than the website.
Cathy
Jan 28, 2007 at 8:17 am
I guess my problem is not totally with whether it will be safe, encryped information. It’s that with an RSS feed, the information will always be sitting there. At least with my bank, I log in, do whatever I’m there for and log out. It gives people less time to do nefarious things with my information!
Of course, the information is still available from the bank, credit card, mortgage company, etc. but at least I know that I’m not contributing to thieves.
David Lavenda
Jan 28, 2007 at 7:49 pm
I was suprised to read your opinion about our announcement without even reaching out to us. While skepticism is healthy - cynicism is not.
A press release does not lend itself to offer much technical detail. It does however, offer a way to initiate a discussion. I welcome the opportunity to explain what we have done here, include having the gadget evaluated by outside security experts.
Just to give you some highlights of what we have done:
web-based gadgets cache their information on 3rd parties servers (like Google and Yahoo) - we create direct links to the back-end system and store NO information on the 3rd party server. Nor do we pass any data through a 3rd party server.
once we do create the connection to the back-end system, we use the native security mechanisms - whether it be username/password, token, single sign on or something else. We DO NOT rely on some authentication scheme we invented, nor do we store credentials anywhere in our system.
all communications can use SSL end-to-end
we have taken all necessary steps to prevent cross site or cross gadget scripting.
In short, I would be happy to explain what we have done here and why this is secure. The responses so far show that the way this works is not understood. Otherwise financial institutions would not be talking to us about providing feeds to customers.
david
Cathy
Jan 29, 2007 at 8:09 am
Thank you for the clarification, David. I simply gave my opinion according to the information that was out there and asked my readers for their opinion.
I’m sure the responses so far do indicate that people don’t understand how it works. You are really breaking some new ground here and I applaud you for it. On the other hand, can’t you see why people want to know for sure that it’s safe?
Cathy
A Feed Is Born » Serendipity Responds! - RSS, Webfeeds and Information Overload!
Jan 30, 2007 at 7:48 am
[…] The other day I posted about Serendipity and their new offering, Enterprise Web 2.0. Dave Leandra, VP of marketing and product strategy at Serendipity was kind enough to offer a comment: […]
Have an opinion? Leave a comment: