"So, how did you spend your vacation Steve?" I built a basic system that allows common (i.e., non-technical) people to send truly private e-mails to each other. Yes, even the NSA will have a hard time reading your messages with this system, assuming it's implemented properly. Try it out.

For as long as I can remember, whenever I was in a conversation about cryptographic systems or network security there has always been a caveat[0]. Security has always been relative because there is always someone with more resources than you, "unless you're the NSA". In fact, more often than not, it was probably me reminding everyone that there is always someone with more money, more computing power, more smart people.

The other day it came out that millions of LinkedIn password hashes were leaked. Of course everyone with a LinkedIn account wonders if their password has been compromised. This has led to a bunch of put-your-LinkedIn-password-in-this-form-and-I'll-tell-you-if-it-was-leaked websites. This is a perfect example of the Password Anti-pattern; it's a pattern you want to avoid.


A persona can be defined as a social role, a mask that a person presents to the world. In a federated identity environment should a person be allowed to have multiple personas or just one?

Steve the Christian. Steve the son. Steve the brother. Steve the husband. Steve the father. Steve the Software Architect. Steve the martial artist. Steve the missionary. In the real world we have many different facets, personae if you will.

The "page" feature of Facebook is designed to provide a way for people to become fans of people, organizations, bands, etc. These fan pages are available to people who do not have Facebook accounts and administrators of fan pages have the ability to send updates to fans. Anyone with a Facebook account can create a fan page about anything, even things for which they are not the authority.