Save your passwords with Mozilla’s Weave

Save all your passwords and session identifiers in the cloud with Mozilla’s Weave. What do you think about that?

$Mozilla\'s Weave$

Now this is not entirely unique feature to Mozilla only. We’ve seen the same trend with Microsoft’s Live Mesh and I suspect that Adobe and Yahoo are currently working on their own clones. These types of technologies totally change the rules of the game. Now picture this: what if your corporate employee uses the same password for their flickr account as their VPN/Email logon? Hack the cloud, get the goodies!

Comments

Mark responds:

Pshaw, no one uses the same password for their social networking account as their VPN account ;-)

pdp responds:

I hope not. :) I was speaking figuratively…

Mark responds:

Wouldn’t surprise me if many do!

ronald responds:

word!

LordNykon responds:

you have no idea ;) this is not to underestimate.
i.e. students using VPN to connect to their university which is pretty common nowadays

etc etc

Jipe responds:

What a nice single point of compromission for dummy users… and others ;-D

Robert Helmer responds:

Er, doesn’t Weave store everything encrypted on the server?

Not to say that the user’s machine could not be compromised and the key discovered, but if that happens then local data is compromised too.

This does open up the possibility for mass compromise if there is some kind of weakness in the encryption algorithm, key strength, etc. though I suppose.

Atul Varma responds:

Robert is correct; everything on the server is encrypted with your passphrase, so that even Mozilla’s server admins don’t know what you’re storing, and this is in addition to yet another password that protects access to the encrypted data.

You can learn more about the technology behind it here:

http://www.toolness.com/wp/?p=41

GNUCITIZEN

Navigation

Save your passwords with Mozilla’s Weave

Comments

Respond

The Others

External Projects

Recent Posts

Random Posts

From The Cutting-edge Network