back to article Former General Electric boss explains how he got the internet wrong

In San Francisco this week, Cloudflare held its fourth Internet Summit to discuss the state of the industry, in keeping with the norms of navel gazing and self-fascination that afflicts Silicon Valley. The topics of concern recalled other events with the words "internet" and "summit" that have occurred over the past two …

  1. SonOfDilbert
    Meh

    Password managers

    <quote>Felt pitched password managers. "For the longest time, I was too prideful to use a password manager," she said. "Then I got locked out of basically every account."</quote>

    Honestly, I think that password managers are a horrible single point of failure. Personally, I think a reasonable password along with 2FA and/or biometrics is a better approach than inventing unmemorable passwords all stored in a single place.

    1. Anonymous Coward
      Anonymous Coward

      Re: Password managers

      Honestly, I think that password managers are a horrible single point of failure.

      Agree, but...

      Personally, I think a reasonable password along with 2FA and/or biometrics is a better approach than inventing unmemorable passwords all stored in a single place.

      2FA is only available on a handful of services. Just thinking for a couple of minutes, I made a list of 20 different passwords I remember. Probably the only reason I can remember them at all is that I reuse passwords for unimportant sites. And there's a lot more passwords that I would never remember, like my frequent flyer account, or my cell phone provider social network; those I pretty much need to reset every single time.

      Which means essentially, rather than a password manager, I manage my passwords by reset emails sent to my email account... Which is also a single point of failure, though at least it does have 2FA...

      1. Dan 55 Silver badge

        Re: Password managers

        2FA is only available on a handful of services.

        More than you'd think:

        - https://twofactorauth.org/

        - https://www.eff.org/deeplinks/2016/12/12-days-2fa-how-enable-two-factor-authentication-your-online-accounts

        PayPal's is particularly annoying though, you need a link they don't have on the new version of the website to use proper 2FA instead of text message and run a python script to make it work on something like FreeOTP+.

    2. Pascal Monett Silver badge

      Re: Password managers

      I have a password manager for my home PC - it's a text file. It is there for my convenience, given that nobody but me uses my PC.

      Because it is a text file, I think it will fly under the radar if ever my machine is hacked. I imagine hackers are looking for programs in memory, not all the text files on disk (besides, this one is on the NAS, so if I'm not connected, it's game over for finding that).

      1. Anonymous Coward
        Anonymous Coward

        Re: Password managers

        well I have a system, and I'm not sure I will recommend it, but it works for me. I too have a mistrust of password managers, because it means I have to have a device available at all times to logon.

        So i store all my passwords on my cloud email account. However they are not stored in clear text, but using a hints and algorithm that only mean something to me. So to get the password I only have to remember my email login. Filter my password emails, and then apply the algorithm and hints.

        This means that I can store my information in public, but only in a manner that means anything to me.

        Not sure whether this is more/less secure than a password manager, but works for me

        1. Anonymous Coward
          Anonymous Coward

          Re: Password managers

          they are not stored in clear text, but using a hints and algorithm that only mean something to me

          There are advantages to the file-of-hints approach. It does leak some information, but it's difficult to see how to put that information to use without an extensive world model (where the "world" is your experiences).

          It suffers from some significant failure modes, though, such as survivability. I handle most of our financial stuff, so my wife doesn't have the login credentials for many of our accounts. Years ago I made a long list of them on paper and put them in our fire safe, but I haven't kept it up to date - they change too fast. (Same problem with just telling her when I have to set a new password or create a new account.)

          I'm probably going to have to switch to using a multiple-device synced password manager just for this use case.

      2. Martin Gregorie Silver badge

        Re: Password managers

        I have a password manager for my home PC - it's a text file.

        Substitute a set of HTML pages for 'a textfile' and so do I, but my pages are on a password protected encrypted partition on a server, so inaccessible to anybody who nicks either my laptop or that server. In addition, a username and password is needed as well as the usual Linux login to access the password collection from either machine.

  2. hammarbtyp Silver badge

    Jeff Immelt never really understood digital strategy

    Jeff Immelt never really understood digital strategy , and it highlighted by the problems that traditional HW companies have embracing the cloud etc.

    While he is right in that system connectivity and large data analytics are big drivers in the future, companies like GE, Siemens etc have over the years ensured that their systems are mutually incompatible. You only have to look at the plethora of competing industrial protocols that are out there, each with a industry champion. Therefore they make poor industry aggregators. If you compare them with a company like google, who basically whole existence is based around data integration, its not hard to see where the driving force will be.

    There is also the question of who owns the data. Its all very well suggesting that a company puts its system data in the cloud. The bigger question is who has access to it and who owns it. This is especially difficult if the hosting service wants to profit from analysis of it. (Something which google has been doing for years, but companies generally value their data more highly than individuals)

    There is also a culture clash. Traditional industrial equipment are conservative devices, generally self contained. Digital services are fast moving,agile and interconnected. At some some point there is a clash and trade off, usually with security

    The final issue is that GE approach was we will build these services and they will come (field of dreams principle). However they spent little time thinking making it easy for companies wanted to connect to the services, what cost model to use. Again this is industry process thinking. Configuring a industrial system generally involves editing 30 unrelated config files and then not touching anything in the hope it does not break. If Apple had designed a industrial system it would consist of one button which said connect. Guess which approach GE went for. Cloud also means that costs become far less transparent. You can be charged by the MB stored, CPU time, bandwidth or a plethora of other metrics. Again it makes it difficult to monitor and control costs. Fine in the high margin digital world, but industry margins tend to be low margin

    Finally the issue was over estimating your size and strength. While GE has a huge captilisation, it like many other nuts and bolt operations are quickly become dwarfed by digital power houses. Also because they tend to have less investment in infrastructure, they can quickly capitilise large projects. GE found quickly it could not afford to setup its own server farm, and now relies on AWS. This shows where the power now lies in the new world order

  3. Doctor Syntax Silver badge

    "To be a smart buyer of technology, he said, you have good practitioners. And that requires talent."

    Tell that to all those buying outsourcing, especially HMG.

    It's good to know somebody gets it at last.

  4. Peter 39

    Immelt was only the most recent in a long line of GE managers who got it wrong.

    GE was running trans-Atlantic time-sharing in the late 1960's. It was worldwide in the early 70's (meaning US, western Europe, Australia, Japan and probably a couple of others I've forgotten). The "Information Services Business Division" used email for its daily business from the early 70's - long before it was legally permitted to offer it as a service to others.

    Some observant folks might have noticed that GE's class A (in old-speak) IP block is 3.xxx.xxx.xxx. That's right - the first one allocated (0, 1 and 2 were reserved). By contrast, Apple's is "17" and Microsoft is "92".

    We GE folks were there in the early days and helped build it all. Then crass, stupid management pissed it all away. Immelt was not the worst, just the most recent.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019