eRacks Systems Tech Blog
Open Source Experts Since 1999
A Sad Day – the Demise of Persona / BrowserID
A Sad Day – Mozille BrowserID / Persona Dies
It’s a sad day – the best of the federated Authentication Providers, without its own agenda or privacy issues, has shut down, due to the public’s apparent lack of interest and / or awareness.
Mozilla Persona, which started life several years ago as BrowserID, was the only one of the OpenAuth-based Authentication providers that didn’t insist on being logged in to a commercial site in order to be authenticated by proxy at the time – with all the privacy issues that entails.
Although it’s no secret that The Public is notorious for not caring about (or not even being aware of) privacy (or at least sacrificing it in favor of convenience), it’s unfortunate that the Mozilla Foundation has chosen not to spend the time, effort, and money to educate the public, as it has chosen to do with its other products.
Here are some relevant excerpts from the shutdown page:
FAQs
A website I use requires Persona for login, what should I do?
You will need to contact the site owner and ask about their plans for migrating away from Persona.
Mozilla staff can find more information about the progress of migrating internal sites on this mana page.
Why is persona.org being shut down?
Our metrics show that usage of persona.org is low, and has not grown over the last two years.
Hosting using vps hosting plans at the level of security and availability required for an authentication system is no small undertaking, and Mozilla can no longer justify dedicating limited resources to this project. We will do everything we can to shut it down in a graceful and responsible manner.
What will happen in the meantime?
Between now and November 30th, 2016, Mozilla will continue to support the Persona service at a maintenance level: Security issues will be resolved in a timely manner and the services will be kept online, but we do not expect to develop or deploy any new features. Support will continue to be available on the dev-identity mailing list and in the #services-dev IRC channel.
All websites that rely on Persona will need to migrate to another means of authentication during this time.
What happens after that?
On or after November 30th, 2016, the services hosted by Mozilla on persona.org will be taken offline. This includes the persona.org website, the javascript shim, the fallback IdP and identity bridges, and the hosted verifier.
Mozilla will retain control of the persona.org domain and will not transfer it to a third party. This is a security measure to protect websites that have not completed their migration away from the service.
All user data stored on the persona.org services will be destroyed, including registered email addresses and password hashes. Since the privacy of user data is of utmost importance to Mozilla, we will not transfer it to any third parties.
What about the code?
All of Persona’s code — core, bridges, shims, and more — is open source and remains available on github. Though this marks the end of Mozilla’s direct involvement in Persona, we encourage others to continue learning from and building upon our work.
Migration Suggestions and Guidelines
The following alternative login options are available for sites migrating away from Persona. We will continue to update this page throughout the year.
We intentionally designed Persona to expose email addresses rather than opaque identifiers, which should ease the transition to other systems that provide verified email addresses.
Mozilla-hosted sites may find additional, staff-login-specific migration options on the internal mana page.
Delegated Authentication Providers
Many large email and service providers offer delegated login for third-party applications, including Google, Facebook and GitHub. Indeed, we have found that many sites currently using Persona also offer login via one or more of these services. While these services do not offer equivalently-strong privacy guarantees to Persona, they are a convenient and secure choice for users since they avoid the creation of a site-specific password.
We plan to offer delegated authentication with Firefox Accounts some time in 2016. If you’re interested in adding Firefox Accounts as a login option to your site, please reach out to us on the dev-fxacct mailing list.
Site-Specific Accounts
Many web frameworks offer password-based user accounts functionality out-of-the-box. Although it requires users to create and remember yet another password, it can be a good choice for users who do not have (or do not wish to share) an account with a delegated authentication provider.
For existing users who previously authenticated with Persona, you could consider authenticating them through Persona again to confirm their email address, then prompting them to create a site-specific password.
Passwordless Email Login
As an alternative to setting a site-specific password, you can allow users to login directly via email link, as described in this article and implemented by libraries like passwordless. This can avoid the security implications of users having to create and manage another password, and may be a good fallback option when used in combination with delegated authentication providers.
Self-hosting Persona
Since the code for Persona is open-source, it would be possible for reliers to self-host an instance of the service that is dedicated to their own use.
This approach is not recommended most reliers. Persona has a large and complex codebase that has not seen significant development in several years, and Mozilla will not provide security or maintenance updates after 30th November 2016.
More?
We encourage affected reliers to document any alternative solutions here and to discuss them on the dev-identity mailing list, so that others can benefit from their experience.
- The Portier open source project attempts to replicate much of Persona’s user experience, while being easy to self-host, even on the free tier of PaaS providers like Heroku. Similar to Persona, Portier supports identity-bridging to Gmail. It falls back to passwordless-style login links for everyone else.
Taken from:
https://wiki.mozilla.org/Identity/Persona_Shutdown_Guidelines_for_Reliers
We at eRacks wil be looking into Portier for our own usage, as well.
j
joe January 9th, 2017
Posted In: authentication, News, Open Source
Tags: Firefox, Mozilla, Privacy, Software Freedom
Mint 18 is here!
Linux Mint 18 is now available!
Based on Ubuntu 16.04, which was made available in April, this release of Mint is based on the LTS release of Ubuntu, rather than following the twice-yearly updates – and will have only incremental changes and updates over the next 2 years – thus being more stable and predictable, and avoiding any potential instabilities introduced by the biannual Ubuntu upgrades.
So Mint 18 should now be available in all the eRacks product dropdowns – if you don’t see it on the model you want, please contact us and we’ll fix it or give you a custom quote with Mint 18.
As always, contact us at info@eracks.com for any inquiries or questions regarding the Mint 18 release, or any of our products, and what release we recommend for you and your unique needs.
j
admin August 3rd, 2016
Posted In: Linux, Mint, News, ubuntu, Upgrades
eRacks/ZENBOOK15.UHD With Open Source: Powerful And Elegant
Introducing eRacks/ZENBOOK15.UHD 4D resolution, high power Ultrabook with Linux or BSD operating system
We wanted to start the month in style. So, we thought what better way there is than introducing a great looking Ultrabook with powerful specification?  Then the light bulb went on: “eRacks/ZENBOOK15.UHDâ€.
This really stylish and elegant eRacks/ZENBOOK15.UHD laptop that comes with a screen resolution of 3840 by 2160 — four times FHD (full high-definition) resolution – really started looking mighty good.
This Ultrabook by Asus can be delivered by eRacks with up to 24 Gigabytes of RAM and up to 1 or even 2 Terabytes of SSD hard disk space. As a matter of fact this ultrabook has been ranked the number one among all of ultrabooks that you can find online, this is according to gadget reviews, which is a good indication that it will really serve it’s purpose and will cope up with your expectation. With its 15.6 inch 4K Ultra High Definition IPS screen and a view angle of about 170 degrees, eRacks/ZENBOOK15.UHD is really a great looking and powerful Ultrabook.
As with all eRacks Systems products, this elegant looking Ultrabook will be delivered with your choice of Open Source operating system & software pre-installed and pre-configured. The operating system can be any flavor of Linux or BSD (We can even do other OSes like Haiku, etc on request). We will install and configure the OS fully before packaging your Ultrabook and sending it off your way.
In fact, you can be sure that with your Ultrabook ordered through us, you will receive a powerful open source system, configured to the highest specifications according to your requirements. And you can also be sure that no one else can or will offer anything close to the laptop you will get from us.
So, why not expand your laptop computing power to the next level with us. Contact us and ask about eRacks/ZENBOOK15.UHD. We’ll be happy to hear from you.
info@eracks.com
Ron October 8th, 2015
Posted In: FreeBSD, Laptop cookbooks, New products, News, Products, Upgrades, Zenbook
Tags: 4K, BSD, FLOSS, laptop, linux, Open Source Computing, Powerbook, UHD, Ultrabook, Zenbook
Heads-Up for Half Petabyte Cloud-Ready Storage Servers
eRacks/NAS50 Half Petabytes of Data Storage Server / Cloud Storage
We were extremely excited to announce the forthcoming release of 500 Terabyte (half Petabyte) storage space upgrade on our flagship product eRacks/NAS50 cloud data storage servers last week. The new model, to be released shortly, will incorporate 50 HGST 10 Terabyte HelioSeal™ hard drives. While the new model is not released yet, we are accepting pre-orders from customers. The current capacity, now available, of the eRacks/NAS50 is 400Terabytes in total, with currently-available 8Terabyte drives. The Azure devops security for data protection purposes as that must be a priority.
The new unit is rackmount and holds 50 removable drive bays. The 9U unit is suitable for any cloud storage application as well as NAS/Local LAN, since cloud services are really used now a days, you can learn how connecting to clouds directly can help businesses from this link. eRacks/NAS50™ is also a great solution for media libraries and other applications which require massive amounts of data storage capacity, you just have to make you are also backed up by the best data management services. Visit https://blog.couchbase.com/fuzzy-matching/ and get more information!
Our new servers are truly a remarkable Petascale solution. The HGST 10 Terabyte HelioSeal™ drives that come with eRacks/NAS50 use two technologies that greatly add to the value that this server carries with it, including other server services from sites as https://www.servermania.com/kb/articles/what-are-the-requirements-for-ubuntu-server/ for ubuntu projects.
The first is referred to as the HelioSeal™ technology.  The HGST hard drives using this technology replace the air inside of the drive with helium. This would make the drive much lighter as well as allowing the disks to be much thinner.  Due to the helium inside, the thinness of disks will not cause any disruptive turbulence effects. This will allow us to have more disks inside each drive which in turn means more data space. Additionally, helium drives have much lower power consumption, as much as 27%, making our NAS50 models truly a green product.
The new drives in the eRacks/NAS50 servers also make use of a technology called SMR. That is short for Shingled Magnetic Recording. This technology by itself adds another 25 to 100 percent storage capacity to HGST hard drives.
We are proud of our new eRacks/NAS50 and are ready to take pre-orders. We are prepared to customize the unit per your instructions with all Open-Source software necessary so your order will reach you completely pre-installed.
Please contact us for pre-orders or any questions you may have.
eRacks Open Source Systems
Phone: (714) 758-5423
Fax: (631) 392-9842
http://www.eRacks.com
eMail: info@eracks.com
Ron September 12th, 2015
Posted In: NAS50, New products, News, Open Source, servers, Upgrades
Tags: 500TB-class, 8TB, Archive Drives, Cloud Computing, Cloud Storage Server, HDD, HelioSeal. HGST, Hybrid Cloud, Internet, linux, NAS50, Open Source, Private Cloud, Rackmount, seagate, SMR, Storage Server