Slashdot Mirror
Weave... Mozilla Is Trying To Be More Social
Cassanova writes "Weave is the newest Mozilla Labs project. It allows the user to save browser settings on Mozilla servers (Favorites, sessions, passwords, etc.) and load them from anywhere. With this project, Mozilla is trying to be an online services provider, which is an important step. But can Mozilla labs get over the privacy issues?"
Have it off by default. Done.
Sometimes it doesn't take a genius to figure these things out.
anyone can get over the privacy issues, Mozilla just needs to encrypt the user's settings with a strong key and store the encrypted data to the server. Only the user can decrypt it (assuming he remembers his passphrase) and you're done.
If you make this a non-optional feature then it can be touted as a big privacy win and people will surely be happier wit it. If you allow the passphrase to be stored locally then ease of use is solved too (obviously you'd still need to enter it if you used a browser not on your home PC, but that's ok).
After all, this is a magnificent opportunity to build the greatest list of porn links the world has ever seen!
I understand that all this online frenzy hit all major players in the IT field, but I still think that the Internet as it is now is not ready for this, and, in parallel, a lot of people don't feel ready for this.
By the way, good luck to Mozilla; it is always good to have more than one player.
Pumbaa! I don't wonder; I know.
Browser sync already does this. I've often felt the implementation was a bit cumbersome though. It's good to see competition in the field.
I dislike the sexist nature of this article.
I think it depends on personal preference. If it was opt-in and encrypted on your end before it was stored on Mozilla servers then they send you the (encrypted) data on local load of Firefox then you enter your secret password/phrase (or have it come out of the wallet or equivalent) to decrypt it, again, locally then there wouldn't be *any* privacy issues. And if you chose to use it it would definately come in handy for those instances where the OS unexpectedly borks itself on you and you have to reinstall. Then install firefox, enter your access code and at least that part it back to pre-bork settings.
Shh.
What they're planning to do will probably be done by google in a few more days. They already save bookmarks.
And it makes a hell of a lot more sense for Opera too since they are involved with the mobile/console market. But for firefox there are already plugins that do this, so i don't see any urgent dedicate brand new to this functionality.
lol.
I wouldn't use this. After all, the bookmarks I have at home are different from the ones I have at work. :)
I can't envisage a time when I'd need this. Plus it's very easy to SCP my bookmarks.html from my PC at home if I need them - or a simple SSH and grep to find the precise one I want. A solution in search of a problem?
Get your own free personal location tracker
Tried to install it on FF 2.0.11 and it told me it only works on FF 3.0B2pre and 3.0.*? How far is FF 3.0 off? A few months or so?
If you haven't looked at Firefox 3 beta, there are some crazy new bookmark features, including "smart" bookmarks generated from frequently-visited sites and such. There's also bookmark tagging. This must fit in very nicely with the "weave" strategy.
I'd be worried if I were del.icio.us. Not panicked, just worried. :)
The World Wide Web is dying. Soon, we shall have only the Internet.
Anyone remember those vanity websites hosted at the university that included a few paragraphs of eclectic ego tripping and a link to someone's Netscape bookmarks?
a way to save bookmarks, etc on *MY* server. (By "My server", I mean my personally owned and operated FreeBSD box I have colo'ed', not what the average moron might mean where they confuse 'server' with 'service provider' and use 'my server' to refer to their ISP)
So privacy and security concerns go away (or at least, would be under my control rather than someone else's), but all the same functionality is there.
A geek browser trying to be social? Will the irony never cease?
and someone should already have done it already?
If you don't want to use it, don't download the extension. To use it, you have to:
- Go to a site
- Create an account
- Download an extension (on every single computer you use)
- Put in your username and password (again)
- Put in a private encryption passphrase
- Manually click the 'Sync' button.
Only then will it start automatically updating your bookmarks. If you have privacy issues about uploading your bookmarks to Mozilla's servers, then you can quite easily back out at any of these points, or not bother at all. If the fear is that they will share your bookmarks, then simply don't give them any to share. This is not a feature that is on by default, and the blog linked to even specifies that, if you're that paranoid about giving them your data, there will be a way to set up your own Weave server, so no-one but you will be able to know you visit PissMidgets.com
Slightly sensationalist article methinks.
Dealing with lawyers would be a lot less tedious if they all looked like Casey Novak.
This makes me cringe, too, but technically, according to Webster, "he" can be used in the "generic sense or when the sex of the person is unspecified".
I can't call the language non-biased, but the bias exists in the English language itself.
That being said, the author should have followed basic writing etiquette and replaced the pronouns with him/her, he/she, etc... or, get rid of the gender-biased pronouns altogether and restructured the sentences to use words like "oneself".
There are a lot of new features in Firefox 3. But there has also been a serious neglect of the maintenance aspect of software development.
I know maintenance is not as glorious as adding new features, but it's still very important with each new release to fix the problems that were found with previous versions (or at least verify that such problems no longer exist).
While some small number of people might like these new bookmarking capabilities, I think they should have spent more time on fixing some of the issues plaguing the core of their browser: excessive memory usage, memory fragmentation, excessive CPU utilization, and segfaults. Fixing those would help every user.
IIRC this is called social bookmarking and we've already got plenty of implementations, thanks very much. seems to me like a lame-ish pitch for some Web2.0 pie. if someone wanted to write an extension that said "auto-save my bookmarks to del.ico.us" then fine. but do we need moz to do that?
From the debugging logs, it seems like the information is just stored on a server via HTTPS+WebDAV. So if you control a web site (and you trust it more than you trust Mozilla), just change the Server Location (in Advanced Settings) from "https://services.mozilla.com/" to your own server. You will have to create a directory underneath that is the sha1sum of your account name, and it is up to you to set the permissions on the directory properly so that no one else can access it. Of course, this is all just an educated guess, but... "The rest is left as an exercise to the reader." :)
Great to have another choice of vendor to store my browser profile at. I've been asking Mozilla for a roaming feature for years. I've seen the plugins that do this, but they host my data either at a company that's unknown to me, or that I don't trust.
I have suggested the option of entering login info for an FTP server that you own (or have access to), so you don't have to rely on someone else, but it's no surprise that it's not going to happen unless Mozilla themselves go after it (or I write it myself, except my C fu is weak).
If Mozilla finally brings this into the main trunk, then it should be a small(er) step to enable user-provided hosting, too.
"Good news, everyone!"
Google Browser Sync
And it's about as secure as your Google account already is. Whatever that means.
But can Mozilla labs get over the privacy issues?
... and then hope that nobody sues them anyway.
Encrypt, encrypt, encrypt
The higher the technology, the sharper that two-edged sword.
Why does this remind me of Opera Sync?
I'm suprised at the lack of mention that Opera has had this feature since September.
Please, Mozilla people ... document and publish the protocol! We would like to be able to save our bookmarks/passwords/sessions on our own servers, not yours (or Google's). We would like to have our browsers talking to back end systems that can do something useful with that data. Please make this useful!
Tired of FB/Google censorship? Visit UNCENSORED!
I was hoping the feature was part of the Mozilla browser suite, not the derivative Firefox project. The only indication that it's a Firefox feature comes from the diagram in the article. A real shame, since Firefox has been missing a lot of the more advanced history/favorites/contacts features present in the original Mozilla suite since day one.
any sort of server side vulnerability means your passwords and destinations can be acquired by law enforcement with a court order (you cannot otherwise be compelled to give them). However, the fact that they are saying _all_ client data gets encrypted is important, because it means they cant issue subpoenas to other sites based on link information stored on the server.
not that i'm paranoid, but that information request could become a trivial law enforcement action in the near future...and we already have enough ways to easily add on to charges and intimidate people into plea-bargaing or pleaing guilty.
And no i'm not paranoid, I just know that it is already perfectly legal and regular practice for law enforcement to lie to suspects to get them to confess (even innocent ones)--so a widely-known, secure system is essential for peace of mind _and_ sound legal advice from techno-averse public defenders. Lying about evidence works great with small time crooks and emotionally traumatized people, but it would also work great with folks browsing the interwebs.
anyway, undercover work is fine but as long as dishonesty is a sanctioned component of the legal process, no one should regularly think the police have a better memory of your daily events than you do. and yeah, martin tankleff (the kid jailed for 17 years for killing his parents) is an extreme example, but power available is power abused.
Why has this been tagged "kissramgoodby"? Presumably regardless of which model for storing favorites/passwords/sessions, when the browser is actually opened it goes in the RAM anyway? I don't see the meaning of that...
No kitty, this is my pot pie!
Put portable Firefox on a USB stick. It can be used anywhere and the user is always in control of the bookmarks, passwords, etc.
I installeed portable Firefox, Thunderbird, OpenOffice on a USB stick and use it whenever I'm travelling. I can take my working environment anywhere.
The downside is that if I lose the USB stick in my travels I'm screwed.
Link to the actual Mozilla Labs project page instead of to some blog: http://labs.mozilla.com/2007/12/introducing-weave/
PC police, coming in! In Spanish, every word has a masculine and feminine form. When there is a mix of males and females, the masculine form is used. When it's ambiguous, the masculine form is used. Replacing pronouns with he/she, him/her, etc is simply redundant. You're not accomplishing anything with it other than pacifying some overzealous feminazis.
"he/she, him/her, males and females, masculine and feminine"? Not she/he, her/him, females and males, feminine and masculine? So you're saying men should always come first are you?
/. and get back to beating your wife?
Why don't you just get off
// MD_Update(&m,buf,j);
I should sue them for profiting from my good name, damaging my reputation and causing confusion among the masses.
This is really useful. At the moment there is the Foxmarks plugin for bookmarks, which is excellent, but it would be nice to have a sync for Firefox / Thunderbird / Sunbird with all my preferences. I could reformat a machine and be mostly operational within seconds (especially if I took the time to create my own custom Ubuntu). Then I would just need to import my Pidgin preferences.
Other than passwords, there aren't any privacy issues for me. If someone hacks my account and discovers my bookmarks or which cookies I reject it's not a problem. With passwords there are some I would like stored, others stored encrypted, and others not at all. Highly confidential passwords should not leave my machine. Generally passwords should be stored encrypted with a key to import. For other lightweight personal email accounts the inconvenience of a hacker obtaining the password are outweighed by not being able to access that account from a remote location through losing or not having the key. So the three options would be good.
Phillip.
Property for sale in Nice, France
No point in beating a dead horse.
It has been done with plugins. Mine stores 2GB and I keep it on my keychain.
Or they could let you choose which server you want to store the data on, maybe you would have your own server setup and you want to use that instead of theirs.
Only 'flamers' flame!
Does slashdot hate my posts?
You can get a Firefox >1.5 addon http://www.foxmarks.com/ that saves your bookmarks and preferences on Foxmark servers already.
I've been sensitized to the issue of builtin gender bias for a few years. English, like many other modern European languages, has an inherent gender bias that I don't like. I don't like it, because I think in English, and I'm quite aware that this bias can limit my ability to frame certain ideas. I don't like to have any constraints on my reasoning abilities, and I certainly don't like these kinds of hidden constraints that operate on my thinking at such a low level that I grew up unaware of their influence.
An ideal solution would be to add some new gender-neutral third person pronouns to English (English is already good with first and second person gender neutrality). While "they" and "theirs" are a good set of gender-neutral pronouns for third person plurals, there are no equivalents for singulars: "it" and "its" are too depersonalizing. But if we could only make up some new pronouns and add them to English, many of the problems would go away.
Of course this ideal isn't practical. A practical approach involves looking around, seeing if there are any existing corner cases that could also work in a more general way, and that could be dragged into the mainstream, so to speak.
And, in fact, there are such corner cases within easy reach. There are pocket dialects of English that use "they" and "theirs" for the singular as well as the plural, and there are pidgin, creole, or tradespeek variants of English that do the same thing. These practices could be more widely adopted.
This would mean that the user would have to be more careful about the choice of their words for a while (but note that this very sentence has just used the technique, yet the sentence still parses easily; the semantics are clear despite the minor infraction of syntax). Someone looking at an email written in this manner might think that the writer was using a casual style, or they might think that the writer might have learned English as a second language (read this sentence over and see that once again the semantics are perfectly clear despite the minor break in syntax).
At times this can seem a little jarring, especially when it comes to noun - verb agreement over number. There will always be someone who objects to certain ways of bending English. They is likely to object to this sentence, for instance. Yet the meaning is clear; nothing is lost at the semantic level, and the intentional ambiguity of gender is preserved.
English is undergoing a more rapid evolution right now than probably any natural language has ever been put through before. With the internet, there are suddenly more people who are using English daily as a second language than there are native speakers of English. When you look at places like the Blender forums, you find that a huge amount of technical work is being conducted between people who have different native languages and use English as a common tongue. When you have a Finn, a Brazilian, a Mexican, and a Ukranian collaborating on how to fix a buffer overflow in OOo, they will undoubtedly communicate with each other in English. This kind of thing is what causes languages to grow.
With English undergoing this kind of growth spurt, it looks like this would be a good time to try to incorporate this change into the language. It would mean that "he", "she", "his", and "hers" would be retired from some of their current usages, similar to the way that "thee", "thou", and "thy" were retired from active use a couple of hundred years ago. It wouldn't really be such a big deal; the change might sweep through internet activities in just a decade.
Since Slashdot is one of the growing margins of English, this would be a good place to inject the change. It will be interesting to see if others pick up on it.
I used to run a batch file to back this stuff up and compress it, then sent it to another computer on the network.
You will be baked, and there will be cake.
Nothing for 6-digit uids?
Technically, according to Webster, The use of they, their, them, and themselves as pronouns of indefinite gender and indefinite number is well established in speech and writing, even in literary and formal contexts.
I can't call the language non-biased, but in this instance the bias does not exist in the English language itself.
That being said, the author followed well established usage.
Nothing for 6-digit uids?
Opera's got all this in it's 9.5 beta. Mozilla is just trying to ride on Opera's creativity, just like they've been doing in the last 5 years.
They should use an open "dumb" api that just stores blobs of data. If possible with licensing even the same API as Amazon Simple Storage Service. Otherwise an open API that is not smart at all but just stores blobs. Then some people that don't want to maintain their own server can use a paid service if they want some high level of reliability. If we don't have too many API's we can see more competition. Ofcourse we geeks can still run our own (redundant) server setup.
No effing way I'd ever use something like that. It's bad enough that I allow myself to store email addresses of people I know online.
It's called latest-weave.xpi Only works with ff3. The fools don't know about directory permissions, apparently.
http://www.opera.com/products/desktop/next/ Although I will give Mozilla points for the session sync, that's something that Opera isn't doing(though to be honest, I generally wouldn't want my home session synced at work...)
... Opera's new features are being copied:
http://www.opera.com/products/link/