

Mozilla adopts plain-vanilla password sign-in for Firefox sync - hiburo
http://news.hitb.org/content/mozilla-adopts-plain-vanilla-password-sign-firefox-sync

======
josteink
I see this as a reaction to the competition they're facing with Google Chrome.

With Google Chrome you log into your Google account. email + password and all
is good. It's _simple_ , but fundamentally insecure. Google, NSA and whoever
else they partner with can poke at all your data without restriction because
it is based on a centralized authentication model.

Firefox always based its sync on a _secure_ model where no data was stored
unencrypted at Mozilla's sync-servers. There was no traditional "account"
which Mozilla had to validate. You could also chose to use your own sync
server. Either way, they can not peek at your data.

You gave Firefox your email and a "password" and from that it generated some
private keys used to encrypt the data sent to Mozilla. Private keys which you
then had to distribute to other Firefox'es one way or another.

They attempted to ease the pain by having some "pair this device" wizards with
3 simple values you could copy from device A to device B, but in the end it
still meant that the superior security came at a cost.

No non-technical people I know use Firefox's sync, but everyone I know who use
Chrome also use its sync feature.

When comparing browser, some people literally list out "sync" as thing Chrome
does and Firefox doesn't. That tells you a lot about how a simple and in your
face implementation can drive adaptation. (I think Chrome's approach is too
in-your-face, but that's another discussion.)

I honestly believe Firefox's original model is superior once you get past the
initial warts, but I can see why they are making the changes they do.

~~~
dochtman
This isn't really accurate.

The problem with Firefox's current/old sync model is recovery. I.e., users
think they're getting their stuff (history, passwords, etc) backed up, but
when they lose their device, their data is gone forever, because almost none
of them will have bothered to write down the long random string that
functioned as their sync key. Also, the pairing was relatively hard to use for
"normal" users.

In the newer Firefox Accounts model, yes, Mozilla will use a username/password
model for users. However, the password is never sent to Mozilla in the clear,
and data is still encrypted with a password-derived key before being sent to
Mozilla. However, users can still recover their data because they know
(something that can be used to generate) the key used to encrypt their data.

See here for more details: [https://github.com/mozilla/fxa-auth-
server/wiki/onepw-protoc...](https://github.com/mozilla/fxa-auth-
server/wiki/onepw-protocol)

I do think Mozilla would have promoted Sync more if it didn't have the
recovery/UX issues I mentioned, so in that sense it might be a response to
Google's model, but Mozilla's model still has a very well thought-out privacy
strategy.

For those who actually liked the previous random key model + pairing, I think
they might reinstate that as an option within the newer
protocol/implementation at some point.

~~~
haakon
I really hate that this new model requires trust, whereas the old one did not.
Even if I trust Mozilla not to peek, I have to accept that all my data,
including all my passwords, now become subpoenable.

I get that the old model is too complicated for most people, but I really like
it and am able to handle it just fine. I don't want to trust the NSA, damnit.

~~~
ordinary
This is incorrect. Both in the new scheme and the old, sensitive data is
encrypted. In the old scheme, this key was randomly generated, while in the
new, it is derived from a password. Either way, you do not need to trust
Mozilla.

The main security concern (as far as I can tell, and I'm far from an expert)
seems to be that the KDF used in the new protocol is not as strong as the one
used in the current Sync protocol.

You should read the link posted in the post you replied to, especially the
security analysis. It is quite readable and might allay some of your fears.

------
blueskin_
Will Mozilla be removing the secure sync option or having this one in
parallel?

I don't use it myself, but it's definitely worrying to see a secure option
being potentially removed in favour of plaintext storage on servers outside
the user's control.

~~~
k_bx
I don't think it's stored in plain text, the post was about standard
login/password signing in instead of too-complex current mechanism.

~~~
blueskin_
If it's a username/password pair, either the data has to be stored in
plaintext, or with a key escrowed using the user password, which are not as
secure as a private key only known to the user.

~~~
icebraining
No, you can use a different system: don't send the password to the server,
instead create a private/public key pair from the password (deterministically)
and send only the public key to the server.

When you want to authenticate, just have the client sign something with the
private key. If you want to encrypt on the client, it can just do PGP-like
encryption (encrypt data with random AES key, encrypt that key with public
key, send all to the server).

~~~
blueskin_
Considering the average user's password choice tendencies, that's still weaker
than a key from a proper source of entropy, then password reuse on top of
that.

That plus IIRC, RSA isn't deterministic even with the same seed. Not sure
about generators for elliptic curve though.

~~~
tga_d
They're using key-stretching to mitigate the use of bad passphrases, though
reuse will still be an issue.

[https://wiki.mozilla.org/Identity/AttachedServices/KeyServer...](https://wiki.mozilla.org/Identity/AttachedServices/KeyServerProtocol#Client-
Side_Key_Stretching)

And RSA is deterministic.

------
tarkin2
Now all my bookmarks, history, passwords and the like will be stored on a
centralized server?

The decentralization, especially in the wake of the NSA/GCHQ revelations, was
one of its main advantages.

Sigh. I may well have to turn Firefox sync off then.

~~~
icebraining
They were already stored in a centralized server. They were just encrypted,
and they'll continue to be.

~~~
tarkin2
Ah, looks like you're correct.
[https://wiki.mozilla.org/Labs/Weave/Developer/FAQ#How_do_use...](https://wiki.mozilla.org/Labs/Weave/Developer/FAQ#How_do_users_know_their_data_is_secure.3F)

I'm still a little unsure if this new system is less secure, however.

~~~
blueskin_
With a password, of course it is.

------
icebraining
The actual announcement from Mozilla:
[https://blog.mozilla.org/futurereleases/2014/02/01/test-
the-...](https://blog.mozilla.org/futurereleases/2014/02/01/test-the-new-
firefox-sync-on-nightly-release-channel/)

------
zokier
Not Mozilla Persona? Why wouldn't it be suitable for this purpose?

~~~
AndrewDucker
They want to encrypt your data on the client-side, so that no data is visible
to Mozilla. The password is used to carry out this encryption.

------
yetfeo
What is the 'Firefox Account' the new sync system uses and how does it differ
from Persona? Will I need a 'Firefox Account' for other Mozilla services? What
about Firefox OS? It seems bizarre to me to have this additional account
system while promoting Persona as the system for other people to use. Is
Persona abandoned?

Edit: the article mentions a Firefox Account is needed to use the Firefox
Marketplace too. That's a webapp which I thought would have suited Persona.

~~~
callahad
Firefox Accounts is a centralized authentication system based on email
addresses and passwords. Persona is a decentralized authentication system
based on proof of email address ownership.

For Sync, Persona isn't the right tool for the job. Specifically, Sync needs a
human-memorable source of entropy (password), and minimal external
dependencies so that recovery meets user expectations. It's possible that
Accounts will eventually use Persona for email verification, but the
centralized password is unlikely to go away.

Marketplace is in a similar situation, and actually uses a centralized,
friendly fork of Persona so that it can proactively force users to re-
authenticate before purchases and allow people to use the site before they
complete their email verification. Those features might make their way into
Persona in the future, but for now it felt better to trim them from Persona
and switch Marketplace over to Firefox Accounts.

------
option_greek
Aah good riddance to the older approach. Its a major fail from UX perspective.
The long sync key was ridiculous to type.

~~~
maaku
Have an attitude like this and you will never have security or privacy.

~~~
blueskin_
Those who would sacrifice privacy for convenience deserve neither.

~~~
mweibel
So you're implying that 99% of humanity will have no privacy nor security?

~~~
zaphoyd
That appears to be where we are headed.

------
ksec
I wonder if they would update Firefox Sync on iOS. Since it is pretty much
dead.

