Wednesday, January 02, 2008

Mozilla Weave... Mozilla is trying to be more social


The newest Project of Mozilla labs was "Weave". It allows the user to save his browser settings on Mozilla servers (Favorites, sessions ,passwords...etc..) and be able to load it wherever he is.

What are they preparing ?
Mozilla labs are trying to make some Mozilla-hosted online services which means that Mozilla is trying to be more social. Weave project still a prototype and Mozilla labs are planning for the future. Early in 2008, Mozilla Labs will try to offer some initial Web service APIs for developers to build on and will enable sharing on applicable interfaces.

Privacy : The biggest challenge
Many visitors asked about Privacy in Mozilla Labs Blog. Developers were very conscious of this issue because putting such important individual data on the web is risky. Weave developers answered these questions:

  • We currently encrypt on the client all data that gets placed on the server, with an encryption passphrase that only the user knows.
  • We kept the server intentionally dumb and standards-based, so that anyone can set up a server for themselves and/or their friends or company.
How to use it?
First you have to create an account in this website https://services.mozilla.com/ then you download Weave extention. Once you sign in you can install the extension then you need to save your settings on you hard disk. You risk loosing them. It's still a prototype!
Second, The software will ask you to put your email and password. Then will ask you to put a passphrase to encrypte all your data.
Finally, you make your first synchronisation then it will be automatically done every 30 minuts.

Related Links
Create a Mozilla Weave account
Introducing Weave

5 comments:

Anonymous said...

There is no such thing as "favorites" in mozilla browsers

Anonymous said...

This feature sounds just like the google/firefox browser sync plugin. On that plugin I tested the password replication feature for security and it took about 2 days before a someone tried to login to a test account I had in a honeypot.

Anyone that lets there passwords out of their direct control is taking a big risk.

Allan "Goldfish" Clark said...

Actually, this feature sounds like the Netscape-4.76 ability to store a profile on a server, but with perhaps more server-side usage of that data. I loved it then. Now I sync with mac.com.

Anonymous said...

They are working in lines of Google now. Trying to steal your secret information and nothing else.

Allan "Goldfish" Clark said...

@WebDesign: I'm not sure you read the details; you're PJing it, I think.

Check above, where content is encrypted at the client side with a secret-to-the-user passphrase or key. I studied crypto, but you don't have to in order to understand what it means.

See my comments over two months ago: it looks very much like the profile upload/download from old netscape -- have you used that? This is resurrecting the past in an opaque containership whereas it used to be an HTTP upload/download with a server-side extension. I relied heavily on this.

I don't see where the conspiracy-theory of stealing your personal information comes in. You don't have to use it, but your short post is either "Feeding the Troll", or merely unsupported.

BTW, OP, good post, even two months later. Thanks for publicizing!