httpwebwitch - 6:01 pm on Jan 27, 2009 (gmt 0)

What do you guys think about Clipperz

I'm not even going there. In theory, I hate it. Just the idea that my pwds are "out there" in someone else's control is a liability.

If Google leaks my AdWords creds (an arbitrary example - it's never happened AFAIK), that's a trust issue between me and Google. That account could be compromised at any time, but the breach will be limited to my Google accounts, and won't affect my other online accounts (like banking, twitter, amazon, facebook, etc). Not only am I resistant to add a 3rd player into any trust relationship, but I don't want multiple passwords sitting in a central repository out there on the WWW with which a hacker (or insider) could destroy my online identity and empty out my life savings.

Rule #1:
ANY site can be compromised. It's not a suspicion, it's the truth. These things aren't always the work of hackers, sometimes it's insiders at the host, evil ISPs, network trollers, scammers picking up your creds via social engineering, phishers, or a virus silently keylogging on your own PC.

Plus... any decryption that happens in your browser is insecure. End of story.