Friday, 7 July 2017

Bearer bond

I have been investigating the sharing possibilities of the OneDrive cloud offering from Microsoft. An offering I have been using now for some years - and apart from the odd glitch with synchronising between my various devices, it has been fine. A great convenience even. But now I want to try a bit of sharing, something the marketing men from Microsoft are very hot on. Share here, collaborate there, leverage everywhere. Amid a certain amount of geeky grumbling on various product forums, some of it about how this or that feature from Dropbox or Gdrive seems to be missing.

So, yesterday I tried sharing my public folder. With the result that a long text string of computer generated code was pasted to my clipboard. The idea being that if you paste this string into the address box of a browser, you get taken to a place in the OneDrive world where you are offered read access to my public folder.

A couple of elementary tests went OK. One to a party with no connection to my computer or my accounts. The other at Epsom library where I pasted the string into the browser on one of their public access computers via a USB data stick. I don't think that it even knew my email address, at least not at the time of the test. I even went so far as to change one of the letters of the long string, which resulted in my being taken to the Microsoft account login page, which seemed fair enough.

So the story seems to be that anyone armed with the right string is given access to the data, no further questions asked. You could find it in the street and still use it. You would not need to know what data was being made available or by whom - but you might guess that it was something interesting. You certainly would not need an account with them to verify, at least in some small part, your bona fides. Could you trust the person to whom you sent the string not to be careless or worse with it? Maybe not suitable for really private stuff. But easy to use; much less bother with messing around giving this or that access to this or that person.

Let's hope that the Microsoft security people have put enough work into these long strings to keep at bay the many bad people that seem to be knocking around the world.

PS: interestingly, out of the 20 or so public access computers at this library, only about three or four were in use at around 1530 this afternoon. Is it the heat? Have all the students gone home? Or has the number of people without a proper connection of their own fallen right off, in the ten years or so that these computers have been available? A product, I believe, of the profligate Blair & Brown era. Not so long ago, one often had to queue. A product, I might say, which includes access to a range of periodicals and research which one might otherwise have to pay for.

No comments:

Post a Comment