Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Google Businesses The Internet Software

Google Open Sources Browser Sync 113

Dan Berlin writes "After announcing that Browser Sync was being discontinued, a lot of people asked for Google to open source the code so development could continue. Well, they've done just that. The code for browser sync is now available on code.google.com, and a blog post about the release can be found on the Google open source blog"
This discussion has been archived. No new comments can be posted.

Google Open Sources Browser Sync

Comments Filter:
  • dupe (Score:4, Informative)

    by stiller ( 451878 ) on Thursday July 10, 2008 @04:15AM (#24130919) Homepage Journal
  • Server (Score:5, Insightful)

    by Anonymous Coward on Thursday July 10, 2008 @04:16AM (#24130929)

    What server will you trust?

    • Re: (Score:3, Interesting)

      by Chrisq ( 894406 )
      Thats a good point. With Google you knew where you stood. They might use your info to to target advertising. They might reveal it to the government if ordered to do so. They would not be likely to sell it to spammers or pass on lists of people who bookmark anti-Islamic sites to an Al-Qaeda operative.

      Without google hosting it you need to host your own or find someone you can trust.
      • Re:Server (Score:5, Informative)

        by hansraj ( 458504 ) * on Thursday July 10, 2008 @04:58AM (#24131125)

        But with your data encrypted, why do you need to trust anyone? For you it is the state of your browser, passwords etc, but for anyone else it is random bits.

        Doesn't Browser sync already supports encrypting your data? Even if it doesn't I am sure this capability can be added now that it is open-source.

        • by Chrisq ( 894406 )
          Good point - I hadn't thought of that!
        • Doesn't Browser sync already supports encrypting your data? Even if it doesn't I am sure this capability can be added now that it is open-source.

          The functionality ought to be super-easy to borrow from firegpg.

          • No need to borrow. (Score:3, Informative)

            by Chyeld ( 713439 )

            They all ready had it. You had two 'passwords' that you had to enter to use GBS. One was your account password and the other was a passphase used to encrypt what you uploaded to them.

            It works the same way Mozilla's Weave project works. The only those with your passphrase can use your data.

            • How strong is the encryption? All google seems to say about it [google.com] is that google can't read your data without your pin. But I might say the same thing and use rot13 for your data, for all you know.
              • by Chyeld ( 713439 )
                You tell me:crypter2.js [google.com]

                /**
                * Encrypt or decrypt a string. In Clobber, strings are encrypted with
                * AES-CBC-256. The IV is an HMAC of the original value, along with any
                * additional data we can scrape together that will be known and stable at
                * both encryption and decryption time.
                *
                * This class relies on bits of CLB_Crypter. Once all clients are upgraded, we
                * can remove CLB_Crypter and move those bits into this class.
                */

                Doesn't look like ROT13 to me.

        • by tsadi ( 576706 )
          I am wondering, do you download the encrypted data from the server before decrypting locally using your pass phrase, or will the server ask for the pass phrase and decrypt it for you? The latter is a stupid solution and beats the purpose of encrypting anything because those who operate the server can still see your decrypted data - but if a service provider is to offer such service, most users may not care much which among the 2 solutions above the provider is using.
      • Re:Server (Score:5, Insightful)

        by KlaymenDK ( 713149 ) on Thursday July 10, 2008 @05:43AM (#24131345) Journal

        You know, some of us would rather host our data ourselves than trust Google with it...

        • Re:Server (Score:5, Interesting)

          by Xiph ( 723935 ) on Thursday July 10, 2008 @06:26AM (#24131497)

          Might it be part of the reason they're shutting down and releasing source?
          They don't want a judge to release the data to Corporation X.

          Besides i can easily host my own browsersettings on my home computer, in fact, i'll be setting it up (or trying to) when i come home

          • by mitgib ( 1156957 )

            Besides i can easily host my own browsersettings on my home computer, in fact, i'll be setting it up (or trying to) when i come home

            My thoughts pretty much. Host your own server for your own use. I can see this as a fantastic OpenVZ Template [openvz.org] to easily deploy a server for anyone wanting one. You can get a VPS for around $10/mo if you really wish to keep it in your own hands, I know I would, and I bet many others would opt if that option was available.

          • The data is encrypted before it leaves your computer. It doesn't matter who they give it to, it is only readable with your passphrase.
            • by syphax ( 189065 )

              This is true, but I don't think it would be *that* hard for e.g. Google to brute-force the key for the 90+% of users who use a weakish password.

              I used Google sync and really liked it (I move between my work computer and 2-3 home computers all the time), but I was somewhat concerned that Google had all the keys to my kingdom (e.g. passwords for financial sites). So while I am usually too lazy for long, strong passwords, my one exception was my Google Sync key.

        • Re:Server (Score:5, Interesting)

          by Alarash ( 746254 ) on Thursday July 10, 2008 @07:27AM (#24131735)
          I don't understand people. You could send your sync data to _any_ server, even your own, it will *never* be totally safe. Just *_don't_* send data that can potentially harm you if it's intercepted. Personally, I sync only my bookmarks, and I don't give a damn if anyone ever gets access to them.
          • by syphax ( 189065 )

            Driving is never totally safe, etc.

            Me, I value using different passwords for different online accounts, but suck at memorizing them, so I used Google Sync with a really strong master password.

            I recognize that this is a security risk, but I value the convenience of only having to remember 1 really good password over the potential security risk, which I judge to be small (b/c I'm probably more secure than the next guy).

            That said, I look forward to hosting this info on my home server.

            • Re: (Score:3, Informative)

              Have a look at Passhash [wijjo.com] add-on for firefox. You only need to remember a single strong master password; the add-on generates different passwords for each site, according to their URL (or site tag).
              In cases where the add-on is not locally available, there is a static html page with javascript with the same functionality, that you can host on your home server.
          • Just *_don't_* send data that can potentially harm you if it's intercepted.

            Given that any data on your future p0wned or stolen computer can be intercepted, perhaps you should revise this upwards to "don't create data that can potentially harm you."

            Good luck with that, tho.

            • by Alarash ( 746254 )

              I'm sure that the hundred of people who agreed on the fact that the weakest link in encrypted data transmission is the key exchange never thought of that. They only had to invent a protocol, IPSec, just for this, and even with an encrypted key exchange in Phase 2 some of them felt it wasn't safe enough, so they invented Client Certificates, Certificate Authority Servers with Revocation Lists, and decided the safest way to transmit these certificates and lists was to physically transport these keys in encryp

        • That's the beauty of FOSS. If you want to host the data yourself, just add that capability to the software.
      • by ady1 ( 873490 ) *

        >>They would not be likely to sell it to spammers or pass on lists of people who bookmark anti-Islamic sites to an Al-Qaeda operative.

        Someone has been watching too much fox news.

    • If you don't want to run your own server, I am sure someone can modify this code such that the saved settings are either saved in your GMail account or your Google Pages account or elsewhere in the Google mesh.

    • by redxxx ( 1194349 )

      Any special reason I can't use the one at my house?

    • Re:Server (Score:5, Insightful)

      by dissy ( 172727 ) on Thursday July 10, 2008 @10:24AM (#24133751)

      What server will you trust?

      One that I own and administer.

      The real question is, will I be able to get their server back end installed and working...

  • by pacroon ( 846604 ) on Thursday July 10, 2008 @04:18AM (#24130937)
    I can't imagine a company that actually does what the public asks? They must have a secret agenda!
    • Re: (Score:1, Funny)

      by Anonymous Coward

      We're not evil!
      We actually do open source stuff! See?

      • Re: (Score:2, Interesting)

        by jacquesm ( 154384 )

        yes, but only when we decide it's either bad business (as in we just dropped it) or when it makes us look good. If it should in any way shape or form be a 'key' item (GFS, linux kernel improvements) then forget about it.

        • If we all stopped using google until they delivered those items, they would do so. However, since we won't (most literates wouldn't bother to try to do so, let alone the masses) then they won't be giving us that code. (And since they're not redistributing it, they're not violating any licenses, either.)
        • Re: (Score:3, Informative)

          by chrisd ( 1457 ) *
          We actually do push back kernel improvements, and funded work on disk traceability, xorp routing and more...

          There was a neat study [kernel.org] that Greg KH did about corporate contributions to the kernel, which has us at a not-too-shabby 13th.

          • hi Chris, thank you for answering,

            It's my understanding (possibly wrongly so) that there is a special version of the linux kernel that google has created that has a large number of changes to improve scaleability and facilitates the managing of a large number of machines in a cluster. Those are the improvements that I meant. The existence of this kernel has been hinted at in several google publications. It is also my understanding tha these modifications have not been given back to the community.

            As for GFS,

            • by chrisd ( 1457 ) * <chrisd@dibona.com> on Thursday July 10, 2008 @06:21PM (#24144413) Homepage

              Well, I'd disagree, I think we're doing fine from a kernel release perspective. We could do more, and in time, we will, but we only really started a concerted effort to release changes 3 years ago, so...not so shabby. Red Hat has been more important than Google or any linux -user- in the development of the kernel.

              Your comments about manipulation are weirdly paranoid. The original list that Greg posted was 20+ companies long, and originally didn't include us, as he didn't count Andrew to us. He fixed that, and the post I sent to you was from his talk at Google. It's part of his presentation to call out the company he visits, which is one of the reasons we invited him out.

              Google is built on software, some of which comes from the world of open soruce, and most of which was written here. To give back, we both release code from the company (a significant amount >1m lines per year), fund external code (uncountable, really) and through the summer of code, create new developers and even more code still (2.1m+ last year, at least 3m this).

              That's not too shabby, in my book. I also would point out that it is disingenuous to equate linux use with some license fee savings. If linux had initially charged a license fee, then the world of linux users would be using bsd. Linux is successful because it is free of charge and free to use and free to modify. I think it is important that we give back and the rest, and we do that, but to multiply the number of machines running linux on the internet and consider that money as having been stolen is antithetical to the whole idea behind free software and open source.

              Chris

              • Then you probably should have posted the original list or you should have given an explanation regarding the weird format up front, this one looks as if google got added in on purpose or at a later date, which you more or less confirm in your posting.

                You seem to fail to address any of the points regarding the specific pieces of code I've raised in a concrete way (GFS + the indicated mods to the kernel, not the 'regular' fixes).

                The reason I mentioned the licensing fees is because google deploys an enormous n

  • by Rik Sweeney ( 471717 ) on Thursday July 10, 2008 @04:31AM (#24131001) Homepage

    If they're not going to develop it any further, they might as well let someone else have a go. Now all we have to do is convince Microsoft to release the source code to Windows ME.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      If they're not going to develop it any further, they might as well let someone else have a go. Now all we have to do is convince Microsoft to release the source code to Windows ME.

      the difference is that nobody wants Windows ME.

      • This shows they're a little kinder than MS, or at least have better PR.

        Yous guys remember MS and SenderID [zdnet.com]? If it doesn't benefit them directly, they'd rather it not benefit anyone else. Brats. /sigh

    • by Syrente ( 990349 ) on Thursday July 10, 2008 @05:02AM (#24131145)
      Whereas Browser Sync is in the interest of technology/simplicity, I'd see the source code of Windows ME being released in the interest of tragic comedy more than anything...
      • Re: (Score:2, Funny)

        by hvm2hvm ( 1208954 )
        You could feed thedailywtf.com for years with it...
        • by Syrente ( 990349 )
          Assuming the code doesn't compromise the stability of the site and cause frequent, intermittant downtimes...

          Cursed code... *shudder*
    • by Godji ( 957148 )
      Do you really think none of the Windows ME code is in Vista? I'd guess you'd be wrong.
      • by Firehed ( 942385 )

        Check out the Add Font dialog... that hasn't changed since Win3.11. Big surprise that most designers use Macs :p

    • Source code to Windows ME revealed:

      /*
      * Windows ME
      * Copyright 1981-1999 Microsoft Corp.
      * All rights reserved.
      */

      # include <windows98.h>
      # include <windows2000_new_ui.h>
      # include <bsod.h>
      # include <random.h>

      main() {
      shell=start_windows2000_new_ui();
      start_windows98(*ui);
      while 1 {
      seed=new_seed();
      randomness=

  • I really liked it. (Score:4, Insightful)

    by XB-70 ( 812342 ) on Thursday July 10, 2008 @04:57AM (#24131121)
    I use a bunch of machines all over the place (mostly for development/personal interest). I use old machines, dial-up, new machines, servers - having browser sync was a god-send. It was great to be able to reference everything regardless of architecture and O/S. I agree that there are concerns about what Google would/could reveal to legislative bodies, but that's only because they are so huge that other factors come into play. Maybe this is their way of extricating themselves (somewhat) from the liabilities associated with having that much info about a person's real interests. That said, I feel that I was never 'targeted' as a result of their handling of my data, nor was there ever any 'push' marketing as a result. I think that's where you draw the line between good corporate citizen and spammer. I hope that someone who has the time can re-incorporate it into FireFox 3.x
  • by pgillan ( 1043668 ) on Thursday July 10, 2008 @04:58AM (#24131127)
    There's no clear reason given as to why it's being discontinued, but if it's due to lack of interest, it was probably lack of advertising; I wasn't even slightly aware of this project, and it sounds like something I would have been very interested in. I use Foxmarks religiously and have trouble functioning without it.
  • When google (Score:1, Insightful)

    by Anonymous Coward

    stops obfuscating the FLV url in complex SWF binaries that can be run only with the latest version of Adobe Flash, for YouTube, then we'll talk about google being "open".

    Thank you.

  • Wow (Score:5, Informative)

    by Cloud K ( 125581 ) on Thursday July 10, 2008 @05:03AM (#24131161)

    I'm sure there have been other examples, but this is the first and possibly only example I can think of of a company *actually responding* to requests for a discontinued product to be open-sourced. Let alone actually going ahead and doing it.

    Bravo Google :)

    • Isn't this what happened to Blender? (Although I think that one required some monetary persuasion)

    • Re:Wow (Score:5, Interesting)

      by neokushan ( 932374 ) on Thursday July 10, 2008 @05:46AM (#24131351)

      I'm sure there's better examples, but off the top of my head I know that a few years ago, there was a petition started to release the source code to Warzone 2100 [wikipedia.org], an old (yet brilliant) 3D RTS game that still stands out amongst the crowd today. After a few months (possibly a couple of years), Eidos scrambled together the source code and released it to the community.
      Since then, the Warzone resurrection project has come leaps and bounds - fixing bugs, improving what platforms the game runs at, allowing higher resolutions, improving the AI, etc.
      The only slight catch (that I'm aware of) is that the Video CODEC used in the original game was proprietary, so Eidos couldn't release the source to that and the company that owns the CODEC wouldn't allow it to be distributed any more.

      • Another example I like is Blender [blender.org] (the open-source 3D modeling platform). Blender was originally [wikipedia.org] a closed-source commercial product. When the company went bankrupt, the creditors agreed to release the code under the GPL for a one-time payment of $100,000. A donation campaign was started and raised the required funds. So now Blender is open-source, and has been extended and enhanced remarkably in the years since its release.

        The reason I like this example is it shows that you can get paid to write code tha
        • by Daengbo ( 523424 )
          I think that's actually most of the business model that RMS had in mind when he started the GPL. Get paid for your work once, then set the code free.
      • There's a few more open-sourced games out there. Ones that come up off the top of my head are Quake, Allegiance, Freespace 2, and Star Control 2 (as The Ur-Quan Masters). Not sure if Allegiance has gone much of anywhere since release.
        • Yup, it's good to see so many as well. However, the example I picked was because it came from a petition from the community to have the source, rather than the developers releasing it of their own free will (Ala ID and Quake)

      • by RichiH ( 749257 )
        The videos are available. No idea what codec Eidos used to release them, though. But now that the data is there, this should be a minor matter. I myself watched the intro video with mplayer, so it is out there in a usable format.
      • Far better than Valve, who last I asked (~6 months ago) still won't give up the sourcecode to Counterstrike 1.6, yet also refuses to actually improve or update it. Unless you count ingame ads as an improvement.

        • That's probably because if you had the source to 1.6, you could probably improve it beyond that of CSS (perhaps not graphically, mind you) which Valve still sells.

          Cynical? Naaaaaw...

    • by iwein ( 561027 )
      Wasn't the source to some browser once open sourced and developed into Firefox?

      http://en.wikipedia.org/wiki/Mozilla [wikipedia.org]

      • First came the Netscape suite. Then came Mozilla. Then came Firefox, and Seamonkey proceeded from Mozilla shortly after.

  • by houghi ( 78078 ) on Thursday July 10, 2008 @06:40AM (#24131553)

    I run 2 instances of Firefox (not Windows, two seperate processes) and I am forced to use different profiles. However I want them to have the same bookmarks and addons. Now I just symlink it from one profile to another what is needs. I would be much nicer to have something that could do that on my own machine, without telling anybody else what my Pr0n preferences are.

  • by smartin ( 942 ) on Thursday July 10, 2008 @07:16AM (#24131691)

    And I have to say that it works much better than browsersync ever did, with the added bonus that I can host my own data.

    • by AusIV ( 950840 )
      How do you host your own data? I use foxmarks, and was unaware of this option.
      • Re: (Score:3, Informative)

        by smartin ( 942 )

        You need to set up apache running webdav

        http://wiki.foxmarks.com/wiki/Foxmarks:_Frequently_Asked_Questions#Using_Other_Servers

  • no server code. (Score:1, Informative)

    by Anonymous Coward
    It's only the client code (the xul & javascript code, which can already be found in the xpi file). There is no sever code (yet ?).
  • by zmjjmz ( 1264856 ) on Thursday July 10, 2008 @08:11AM (#24131993)
    Open source their abandonware. The world would be a much better place, and the companies wouldn't get hurt.
    • by iwein ( 561027 )
      Some things are better left untouched.
    • Re: (Score:3, Informative)

      by X0563511 ( 793323 )

      You can't opensource abandonware that has other companies IP in it, or active patents. You could opensource the other components, but... it's abandonware! For some reason or another, they are no longer working with the code (and filtering the code may be impractical or impossible).

  • Rather than "trust" some third-party with our data, someone should mod the extension to work with S3 so all you provide is an S3 account and then synching stuff with S3.
  • by Anonymous Coward

    Another way to use your google data is to access it trough MS Outlook.

    We just launched KiGoo, a free tool that allows Google users to fully manage (create, read, update and delete) their Calendar and Contacts from MS Outlook.

    Also KiGoo manage the Free Busy information of your Gmail contacts for appointments if they shared their FB status.

    Currently we support Windows XP and office 2007.

    You could download it from http://www.getkigoo.com

"No, no, I don't mind being called the smartest man in the world. I just wish it wasn't this one." -- Adrian Veidt/Ozymandias, WATCHMEN

Working...