July 18, 2005

Secure RSS Syndication

Joe Gregorio comes up with a way to use Greasemonkey scripts to have his browser decrypt the encrypted RSS feed. That way he doesn't have to enter his password directly into any RSS aggregator, such as Bloglines.

    I have a problem. It's actually a pretty common problem. I have data that I want to syndicate to myself, but I don't want you to see it. It's private. Now this could be my credit card balance or internal bug reports for the day job. Either way, I want the information in a form suitable for syndication but not available to everyone.

Even Bruce thinks it's a good idea.

Posted by volubis at July 18, 2005 05:31 PM | TrackBack
Comments

Cool...but do you really want your private info sitting out there in a publicly available fashion with just some javascript and a (potentially poorly chosen) key in front of it? Sure it's blowfish, but like anything the safety of the data is directly proportional to the key chosen to encrypt it.

Although...after re-reading the blurb, it doesn't seem like he wants to store his online banking statements in there, now does he? ;)

Posted by: Damon at July 18, 2005 08:45 PM

Some further interesting commentrary:
http://greaseblog.blogspot.com/2005/07/please-do-not-put-private-keys-in-user.html

And of course...now that greasemonkey's future itself is uncertain...

Posted by: Damon at July 19, 2005 10:19 AM
Post a comment









Remember personal info?