23 comments

[ 3.1 ms ] story [ 69.5 ms ] thread
tangibly related: What ever happened to Mozilla Persona?

I had integrated it into my site and it was really slick, all I had to know was an email address and the system verified the rest. It was federated too. :/

I don’t get it. You still need to load all kinds of attributes into an online account, which is perfectly centralized, right?
No. Your credentials/attributes are stored (encrypted) on your device.
But the IRMA QR code generator server is decentralized too?
Yes. An IRMA server can be ran by any person or organization that requests and/or provides attributes.
Hopefully there are popular services which can allow anonymous comments, posts without creating accounts.

I find it harder and harder to see such things. Today majority of the sites don't even work in privacy mode forget about anonymous.

I believe Google, Facebook, Amazon, Microsoft or any other company whose business depends on customer personal information will have incentive to promote it really. Yes they might have efforts towards some privacy which does not affect their profit. But anonymity will never be supported by then. Try using any of their services over Tor network and see the issues.

FYI Facebook has actually taken steps to support access over Tor (https://m.facebook.com/notes/facebook-over-tor/1-million-peo...).

That said, they're of course still enforcing their real name policy and so your general point still stands.

> That said, they're of course still enforcing their real name policy and so your general point still stands.

Last time I checked (2013?), not in Germany. Germans are allowed to use any (nick)name.

Verifying your login by asking for mobile phone in many cases. Put captcha before login are all means to identify a person indirectly.

I have not yet tried it in EU, but for rest of the world, Facebook and other services do it very often. They precisely want to know your location by some means and when they cannot a dreaded verification process starts.

This is what real decentralized identity should look like. The user stores their own identity, and no-one gets to see how and where it is used.
While I do appreciate the efforts of the foundation, a true privacy by design foundation should be promoting the PbD principles in general instead of simply building a decentralized identity app.
Building something that implements the principles you support can be a highly effective way of promoting them. E.g. Mozilla and Firefox.
The point of my post is IRMA, their decentralized, attributed-based identity project. The mods changed the title I gave to that of the foundation website.

PS: I learned about it via a talk from the Royal Institution:

https://www.youtube.com/watch?v=vINtD58nLPQ

Thanks.

If anyone from Privacy by Design is reading, an explainer article with a headline clearly stating the tool and intent would be very useful collateral to share.

HN, and numerous other sites, insist on sticking strictly to original titles in many cases, to avoid amplification or distortion by submitters. As original authors, getting your own headlines appropriately focused is a huge benefit.

The site itself is a bit of a hot mess (as are many these days) and could use some focus on orienting and familiarising readers with the project, goals, action items, and tools & resources.

It was open-source, MIT/BSD-licensed reference implementations of X11, email and Web servers which helped hugely to promote the adoption of these protocols.

It was the mere hinting by the University of Minnesota that it might consider proprietary licencing of the gopher protocol that killed it dead. Numerous other protocols have been pitched but as proprietary solutions, never to see widespread acceptance. Sun's NEWS display system, and numerous HTML also-rans particularly come to mind.

Even the FSF, which strongly encourages GPL and APL licencing to spread the concept and use of Free Software acknowledges and encourages the use of "permissive" licencing -- MIT, BSD, and LGPL -- to encourage adoption of open protocols and infrastructure (glibc and other libraries).

First, thanks for all the work on the right direction. I have some questions.

Why won't we fall on the same problems we had with SSL certificate issuers until Let's Encrypt truly made HTTPS viable to everyone?

What will prevent requestors from requesting all or most users attributes like most apps do with permissions on Android platform?

Edit: add "with permissions"

Anyone else unable to load the app after install? I’m on a VPN so maybe that’s the problem. Kinda desirable attribute to be able to access from less personally identifiable network locations.
re: IRMA

I've been thinking about negotiated disclosure since the mid 90s. Back then we called it faceted personas. In an effort to protect oneself from aggregators of demographic data.

I've gotten nowhere.

TLDR: 99% certain deanonymization will always prevail.

Not saying I'm right. I'm not particularly smart or insightful. I just try to apply ideas foraged from academia to real world problems. Alas, the times I've slogged thru the maths and algos, I'm always left befuddled. I'm just not clever enough to figure out all the attack vectors. (I'd make a terrible criminal.)

--

re: Privacy by Design

That means Translucent Databases. Where all data at rest is encrypted. Just like you salt and hash password files.

This book details clever applications of that strategy to real world problems:

https://www.amazon.com/Translucent-Databases-Peter-Wayner/dp...

Mea culpa: I'm still unclear how GDPR's tokenization of PII in transit works in practice. Anyone have some sample code? And I still don't see how it protects data at rest.

--

Source: Design, implemented, supported some of the first electronic medical records exchanges (BHIX, NYCLIX, others). Worked on election integrity for a decade, including protecting voter privacy (secret ballot).

--

Prediction: Accepting de-anon will always win in the long run, we'll eventually also accept that privacy has a half-life. To adjust, we'll adapt differential privacy algos to become temporal privacy.