Posted by Wicher 
Topic: Firefox’s password store is something you’d like to share between computers, isn’t it? Save some site’s password on your laptop and have it become available on your desktop, or in your profile on a friend’s machine (don’t forget to set a master password!) . Same with bookmarks. Even if you’re not sharing, it’s nice to have a backup.
There are some issues that need to be resolved if you want to be able to do this:
- You need central storage — storage reachable anytime, from anywhere.
- You need intelligent synchronisation software.
Fits right into the cloud meme. Now, who do you trust to store your highly sensitive data? I’d trust no one, really, unless the data is completely useless to them and I have the opportunity to run the ’server side’ of the synchronisation software myself.
And that’s exactly how Weave, Mozilla Lab’s extension for Firefox functions. Your data is being encrypted, not just on the transport level, but more importantly: on the data level and it’s happening on your side of the link. Data is stored on Mozilla’s servers but to anyone but me — the one with the decryption key — it’s just gibberish. If anyone cracks these sync servers my passwords and bookmarks are still safe.
A side effect of the data being useless to anyone but me is that the data itself cannot be ‘monetized’. It cannot be mined. My collection of applepie recipe bookmarks cannot be sold to PieMogul®, Inc.
Equally, a search warrant to get the sync server operator to hand over all account info on users who bookmarked a certain bomb (or pie) recipe site is useless.
I do not have to go through or monitor a ‘Terms of Service’ to establish the fact that my data is safe. It just is, and it is a function of the technical mechanism, not one of competence, contract enforcement and relying on the justice-apparatus-du-jour. No amount of legal wording can change that fact. Paranoia? No! This is sidestepping paranoia. Take the encryption route and the very notion of paranoia becomes null and void — you simply don’t have to care.
Another interesting property is the possibility of running your own sync server because all software involved is free and open source. If for some reason Mozilla would fall into disfavour with me, or the other way around, I can just pack up and simply leave without losing my precious syncing functionality. That’s pretty much in compliance with the autonomo.us Franklin Street Statement — good stuff, check it out.
So what’s the catch? Nothing, for now. And I don’t expect there will be one in the future because of the inherent and self-evident guarantees described above.
Get this Firefox (3.5+) extension now, walk out on the street, and give three cheers to the great (nonprofit!) Mozilla Foundation.
Further reading:
Tags: bookmarks, cloud, encryption, en_GB, privacy, weave —
I’ve always been using Xmarks (formerly named foxmarks), which does the job at forms and bookmarks syncronizing. Lately they’ve added some anoying features (bloat) though and I’m very interested in weave, since I expect it to do very well.
The catch is in the details.
You still have to trust Weave code and its repository. Are you inspecting the source? Do you trust the binary from repository?
Actually Google was offering a similar tool, but they simply discontinued a year or so ago.
I was waiting for Weave to come out, but it tooks them so long that Xmarks took over the market.
So the catch is that the owner of the server might discontinue the service, and to be frank, I don’t see a business model here.
I think Xmarks is feeding on mining the bookmark data, perhaps they mine browsing history a bit too (they provide additional info about visited sites on demand) and making this as a kind of social networking.
I haven’t seen anything annoying from Xmarks yet, it is silent and I barely notice its work.
1) The either-trust-someone-or-read-the-source argument is often made. There are chains of trust everywhere, and they can be broken. For instance, I’ll just have to trust the SSL CA’s, but I don’t inspect their security procedures personally.
In this case, I trust the Weave code and repository since their Mozilla’s (and they are already making my browser anyway). But even if I read the Firefox and Weave source, my compiler could’ve been compromised.
Your point is valid though. It is a matter of how far one’s paranoia takes one, and to be completely sure you’ll have to establish the integrity of your compiler (and kernel, and hardware) before actually compiling anything, including the compiler itself, so there’s a bit of a chicken-and-egg problem here ;-)
2) You’re right about the discontinuation catch. It’s a matter of migration costs. For many home users with simple needs and setups, those costs may be minimal.
3) I’m hoping on some interesting Weave developments. Wouldn’t it be nice if I could share/sync some of my saved passwords with you by encrypting them with your public key? Or how about if I could selectively ‘push’ bookmarks to peers, right from my ‘add bookmark’ interface? Social bookmarking on steroids.
Weave hit 1.0. There’s a rather good article on LWN.net.