Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla Launches Persona Identity Bridge For Gmail

Posted by samzenpus on from the being-yourself dept.

An anonymous reader writes "Mozilla today announced the Persona Identity Bridge for Gmail users. If you have a Google account, this means you can now sign into Persona-powered websites with your existing credentials. The best part is of course Mozilla's pledge to its users. 'Persona remains committed to privacy: Gmail users can sign into sites with Persona, but Google can't track which sites they sign into,' Mozilla Pesrona engineer Dan Callahan promises."

2 of 114 comments (clear)

  1. Re:What about the NSA? by icebike · · Score: 5, Interesting

    They post exactly what they have on you and how they use the data here.

    Basically it keeps Google from snooping, and allows Mozilla still has some records of the sites you access.
    All information is transferred by SSL but its highly likely that Mozilla has already been forced to quietly turn over its SSL keys
    to the government. (At least Snowden claims this has happened).

    So at best you protect yourself from Google, and make the government look in two databases to see where you log in.

    --
    Sig Battery depleted. Reverting to safe mode.
  2. The Problem With Mozilla's Persona by Jherek+Carnelian · · Score: 5, Interesting

    For me, the deal-breaker with Persona is that it is tied to my email address and exposes that unique identifier to every website that does Persona.. The pro-persona types argue that is a benefit, that people are used to using their email address as a relatively constant identifier.

    My argument is that giving the same email address out to every website makes it super-easy for those websites to cross-reference my web usage. Nowadays your email address is the online equivalent of your social-security number for marketers. It is the most useful key in the cyberstalker/marketing databases. All of the cyberstalker companies like BlueKai, Janrain, Scorecard, Doubeclick, etc create phantom profiles of people on the web that just sit dormant until you give one of their partner websites your email address and then they file all that dormant data in with any other data associated with your address.

    Some people say, no problem, just create a different email address for every website you visit. Yeah, right. That's no problem at all. The system isn't designed for that. If there were a way to generate a login credential unique to each website so cross-referencing didn't work and it was easy and automatic, then Persona would be useful. As it is now it is only mis-leading, addressing a privacy problem we had 5 years ago but it does nothing to protect us against the current state of the art in privacy invasion.