|This article is of interest to the following WikiProjects:|
Change of name
- Support - It appear that they have changed their name, so the article should change too. -- Q Chris (talk) 15:05, 31 July 2012 (UTC)
- neutral - in my understanding Mozilla persona is the new "commercial" name, but browserID remains as the technical name of the protocol. TomT0m (talk) 21:09, 31 July 2012 (UTC)
Not sure that was such a good idea - indeed, BrowserID remains the codename for the protocol and Persona.org is the service ran by Mozilla.org, not the protocol itself. --TheAnarcat (talk) 02:52, 27 June 2013 (UTC)
Just because marketing material says something is secure, that doesn't make it secure. "Secure" is an unachievable perfect state, like "indestructible". We can only talk about the threats that have been anticipated, and the defenses against those threats, and the probability that the defenses will be breached.
For example, Mozilla's demonstration site https://login.persona.org/signin says:
- Complete bollocks - a protocol designed to be secure is a secure protocol whether or not implementations are secure. To say it is not would be like saying there is not a road between Leeds and Manchester because they could be closed occasionally. By your argument you could say that there is no such thing as web security. -- Q Chris (talk) 11:22, 11 February 2013 (UTC)
I am once again removing the unsupported (original research?) claim that this is "secure".
- Nothing "is secure". There are only varying degrees of more secure or less secure.
- The only support for the claim is the vendor's web page, which is not an objective independent encyclopaedic source.
- The burden of proof is on the person making the claim, not the person challenging it.
- I have explained why I consider it inherently insecure, in that the reference implementation forces you to weaken your security, if you have taken appropriate steps to protect your browser and your identity. A road closed is not a good analogy. A better analogy is if you install some software that claims to "be secure" but it requires you to disable your anti-virus. That's what NoScript is -- anti-virus for your browser. Anyone who said their product only works with anti-virus off, but calls it "secure", would be laughed out of any gathering of security professionals.
- In reinstating the "secure" claim, an editor commented "it would be a bit strange if it wan't secure". That's reasoning by incredulity. "It must be true, because I just can't believe it could be false!"
- The argument that anything using JS is inherently insecure because JS can also be used to do insecure things is an extremely tenuous one. There are many vulnerabilities in Windows, which can be avoided by not installing Windows on your PC; it would however be a rather extreme position to say that no software can be secure if it requires Windows. - IMSoP (talk) 00:29, 20 December 2013 (UTC)
Hello fellow Wikipedians,
I have just modified 8 external links on Mozilla Persona. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
- Added archive https://web.archive.org/web/20130811153049/http://identity.mozilla.com/post/57712756801/persona-makes-signing-in-easy-for-gmail-users to http://identity.mozilla.com/post/57712756801/persona-makes-signing-in-easy-for-gmail-users
- Corrected formatting/usage for http://identity.mozilla.com/post/78873831485/transitioning-persona-to-community-ownership
- Added archive https://web.archive.org/web/20140310212307/http://identity.mozilla.com/post/78873831485/transitioning-persona-to-community-ownership to http://identity.mozilla.com/post/78873831485/transitioning-persona-to-community-ownership
- Added archive https://web.archive.org/web/20130128201115/http://identity.mozilla.com/post/7616727542/introducing-browserid-a-better-way-to-sign-in to http://identity.mozilla.com/post/7616727542/introducing-browserid-a-better-way-to-sign-in
- Corrected formatting/usage for http://identity.mozilla.com/post/7669886219/how-browserid-differs-from-openid
- Added archive https://web.archive.org/web/20130308064204/https://login.persona.org/about to https://login.persona.org/about
- Added archive https://web.archive.org/web/20130308064151/https://login.persona.org/ to https://login.persona.org/
- Corrected formatting/usage for https://login.persona.org/
When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.
You may set the
|checked=, on this template, to true or failed to let other editors know you reviewed the change. If you find any errors, please use the tools below to fix them or call an editor by setting
|needhelp= to your help request.
- If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
- If you found an error with any archives or the URLs themselves, you can fix them with this tool.
If you are unable to use these tools, you may set
|needhelp=<your help request> on this template to request help from an experienced user. Please include details about your problem, to help other editors.