The biggest problem with "social login" ain't about advertizing companies like FB and Google having all your infos.
The biggest problem has actually nothing to do with social: the problem is security of all these single-sign on / unique ID.
We're in 2013 and hardly a day goes by without a major security exploit found affecting Rails, Java, OAuth, Flash, etc. There are so many botnets out there that sites we rely upon for our daily workflow are getting taken down (GitHub)...
Yet people don't talk about security. They don't even mention it. Not in the TFA. Not in this thread (besides two insightful comments).
As long as people will keep thinking that they can put all their eggs in one basket online and "really really have this basket by hyper-secure" we're gonna be in big trouble.
It doesn't help that several people on HN are selling snake-oils products "put all your passwords in this unbreakable app, we guarantee you nothing bad could ever happen".
> As long as people will keep thinking that they can put all their eggs in one basket online and "really really have this basket by hyper-secure" we're gonna be in big trouble.
That's why Persona is based on a federated protocol: it's designed to spread your eggs across many baskets, and it even lets individuals bring their own basket.
The biggest problem has actually nothing to do with social: the problem is security of all these single-sign on / unique ID.
We're in 2013 and hardly a day goes by without a major security exploit found affecting Rails, Java, OAuth, Flash, etc. There are so many botnets out there that sites we rely upon for our daily workflow are getting taken down (GitHub)...
Yet people don't talk about security. They don't even mention it. Not in the TFA. Not in this thread (besides two insightful comments).
As long as people will keep thinking that they can put all their eggs in one basket online and "really really have this basket by hyper-secure" we're gonna be in big trouble.
It doesn't help that several people on HN are selling snake-oils products "put all your passwords in this unbreakable app, we guarantee you nothing bad could ever happen".