Read It Later? No thank you. I don’t need such an insecure extension
Read It Later is a (who knows what type) award winning firefox extension that’s supposed to make the process of bookmarking pages for later reading as quick as a click of a tick(mark) icon in the address bar. Like foxmarks, it also lets you sync your list with other computers. so you know, usual scenario would be like find a bunch of cool links to read up on at workplace but you certainly don’t have the time to get into them. You sync the list with your home computer and you can continue there. So where lies the problem?
The extension is simply awesome in what it does, but for one serious blunder that anyone concerned with a bit of security and privacy would be really worked up about. As I installed it on the computer assigned to me at the workplace (and this ain’t a machine that’s exclusively mine, the browser can be accessed by anyone and everyone in the organization), I checked out the RSS Sync feature which being the first time led into the Options dialog to adjust the RSS/Syncing settings. The feed password is shown in plain text. In bold!!. What’s worse is that if you turn off syncing, the section showing the password is greyed out but the password is still easily readable. This extension isn’t supposed to be a social “read it later” list. Its for one person’s purpose. There isn’t a way to not save the password and have a ‘ask for password’ prompt. This particularly I find is the case with most extensions in firefox that connect to some password protected account, though I haven’t seen others that just display your password out there for all to see. Is XUL/chrome/Gecko, so retarded that there isn’t even a password (asterisks only) field that can be put in extensions?
I changed the password online and it started showing up in the extension in plain text and that was it. I got rid of the extension before anything else. Now I gotta try and see if re-installing creates a new list feed or the same feed with my password.