Hacker News new | past | comments | ask | show | jobs | submit login

Huh? They just dropped Firefox OS and Persona, their authentication system, and now they want to get into the "Internet of Things"? It would have made more sense if they'd used their authentication technology to allow devices to link up in a mutually mistrustful way.



This is mistaken. Firefox OS wasn't dropped, it was pivoted from phones to connected devices: https://blog.mozilla.org/blog/2015/12/09/firefox-os-pivot-to...

I've also seen rumors that Mozilla is working on a successor to Persona, but absolutely no substantive evidence as of yet.


No. The team was repurposed, not really Firefox OS though. Have got some insider knowledge on this one.

I mean come on. Firefox OS on embedded devices, the thing could barely run on cheap smartphones.


Having used the one of their special SPARC dev phones, the OS is actually very very good. Like every device it had limits but it just cruised along like a champion for 90% of tasks and had freakishly good call quality.


"The team was repurposed". That's one of the better euphemisms I've seen in a while. Could be worse; they could have been recycled.


Sounds strange to hear about Mozilla with language generally used for talking about Yahoo...


Sounds interesting. Do you have any references for approaches and possible benefits that we could look at?


A basic problem with the "internet of things" is who gets to talk to whom. How do devices get introduced to each other?

Living units need an identity. Devices introduced into the living units need to be introduced to that identity to pair with it. Phone-based programs may also need to be paired with the living unit identity. Each pair needs a set of security restrictions.

You want to set this up so that the homeowner can look at the house webcams, but nobody else, including the webcam manufacturer, can. A unified identity and permission system, perhaps built on Persona, lets you set up such connections without every phone having to be paired with every device. Also, with a unified permission system, you can revoke permissions. You might permit a guest access to the house systems but remove that access when they leave, for example.


I think that security will be very discussed thing once IoT will be more spread. I also think that Mozilla could be first to solve it and Persona could help with it. I imagine using it for authentication of connected devices in my home.


What does Persona offer that brings value from an IoT perspective?

The bootstrap primary (which is on life support, with the one hand ready to pull the plug) requires a functional javascript engine to authenticate a user, which is a steep cost of admission. In it's absence you have to implement the entire protocol, and Persona is less feature rich and far less supported than OAuth, and I say this as an ardent defender and promoter of Persona :)


I like the sound of that. Do you think you could come up with a blog post detailing what you have in mind? If so, this would clearly be something to discuss in Project Link (I'm one of the devs).




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: