Comments on: Save your passwords with Mozilla’s Weave /blog/save-your-passwords-with-mozillas-weave/ Information Security Think Tank Thu, 21 Aug 2008 20:21:20 +0000 http://wordpress.org/?v=2.6.1 By: Atul Varma /blog/save-your-passwords-with-mozillas-weave/#comment-122892 Atul Varma Tue, 08 Jul 2008 22:53:23 +0000 http://www.gnucitizen.org/?p=889#comment-122892 Robert is correct; everything on the server is encrypted with your passphrase, so that even Mozilla's server admins don't know what you're storing, and this is in addition to yet another password that protects access to the encrypted data. You can learn more about the technology behind it here: http://www.toolness.com/wp/?p=41 Robert is correct; everything on the server is encrypted with your passphrase, so that even Mozilla’s server admins don’t know what you’re storing, and this is in addition to yet another password that protects access to the encrypted data.

You can learn more about the technology behind it here:

http://www.toolness.com/wp/?p=41

]]> By: Robert Helmer /blog/save-your-passwords-with-mozillas-weave/#comment-122884 Robert Helmer Tue, 08 Jul 2008 08:14:52 +0000 http://www.gnucitizen.org/?p=889#comment-122884 Er, doesn't Weave store everything encrypted on the server? Not to say that the user's machine could not be compromised and the key discovered, but if that happens then local data is compromised too. This does open up the possibility for mass compromise if there is some kind of weakness in the encryption algorithm, key strength, etc. though I suppose. Er, doesn’t Weave store everything encrypted on the server?

Not to say that the user’s machine could not be compromised and the key discovered, but if that happens then local data is compromised too.

This does open up the possibility for mass compromise if there is some kind of weakness in the encryption algorithm, key strength, etc. though I suppose.

]]> By: GNUCitizen: Another Mozilla Attack Vector? | Infosecurity.US /blog/save-your-passwords-with-mozillas-weave/#comment-122873 GNUCitizen: Another Mozilla Attack Vector? | Infosecurity.US Mon, 07 Jul 2008 06:58:33 +0000 http://www.gnucitizen.org/?p=889#comment-122873 [...] comments on the new Mozilla Weave product, yet another cloud computing initiative, gone awry? Is it really a good idea to save your passwords, and other personally identifiable data in the Cloud? Especially given today’s rather sorry record of protecting that data….you decide. Sphere: Related Content [...] [...] comments on the new Mozilla Weave product, yet another cloud computing initiative, gone awry? Is it really a good idea to save your passwords, and other personally identifiable data in the Cloud? Especially given today’s rather sorry record of protecting that data….you decide. Sphere: Related Content [...]

]]> By: Jipe /blog/save-your-passwords-with-mozillas-weave/#comment-122797 Jipe Wed, 02 Jul 2008 21:02:52 +0000 http://www.gnucitizen.org/?p=889#comment-122797 What a nice single point of compromission for dummy users... and others ;-D What a nice single point of compromission for dummy users… and others ;-D

]]> By: LordNykon /blog/save-your-passwords-with-mozillas-weave/#comment-122789 LordNykon Wed, 02 Jul 2008 09:55:55 +0000 http://www.gnucitizen.org/?p=889#comment-122789 you have no idea ;) this is not to underestimate. i.e. students using VPN to connect to their university which is pretty common nowadays etc etc you have no idea ;) this is not to underestimate.
i.e. students using VPN to connect to their university which is pretty common nowadays

etc etc

]]> By: ronald /blog/save-your-passwords-with-mozillas-weave/#comment-122778 ronald Tue, 01 Jul 2008 22:30:52 +0000 http://www.gnucitizen.org/?p=889#comment-122778 word! word!

]]> By: Mark /blog/save-your-passwords-with-mozillas-weave/#comment-122776 Mark Tue, 01 Jul 2008 20:43:19 +0000 http://www.gnucitizen.org/?p=889#comment-122776 Wouldn't surprise me if many do! Wouldn’t surprise me if many do!

]]> By: pdp /blog/save-your-passwords-with-mozillas-weave/#comment-122773 pdp Tue, 01 Jul 2008 18:44:06 +0000 http://www.gnucitizen.org/?p=889#comment-122773 I hope not. :) I was speaking figuratively... I hope not. :) I was speaking figuratively…

]]> By: Mark /blog/save-your-passwords-with-mozillas-weave/#comment-122770 Mark Tue, 01 Jul 2008 17:36:35 +0000 http://www.gnucitizen.org/?p=889#comment-122770 Pshaw, no one uses the same password for their social networking account as their VPN account ;-) Pshaw, no one uses the same password for their social networking account as their VPN account ;-)

]]>