This is Phenwoods's Typepad Profile.
Join Typepad and start following Phenwoods's activity
Join Now!
Already a member? Sign In
Recent Activity
"They don't have a captcha, and I don't see what the purpose of it is either. Why bother having the browser side verify that there's a person at the computer?" I think the point is to stop the cloud sending all your personal details to any website that requests them.
Another question that would need to be addressed is how the browser authenticates the site requesting a login. If this isn't secure it would make it very easy to create an automatic phishing site as the password is being sent without any user input.
"To the security issue, why do your passwords need to be stored in clear text on the cloud, whatever form it takes? Could we not have them stored encrypted with your browser password also being the key that decodes your stored cloud passwords?" Fair point, though it would make it difficult to change your browser password.
"The browser will also automatically select a completely random, cryptographically secure password for the new account." Does that mean that all your passwords are now stored in plaintext on "some form of secure https cloud storage"?
Phenwoods is now following The Typepad Team
Mar 24, 2010