Forgot your password?
typodupeerror
Firefox Social Networks Communications Mozilla Privacy The Internet News Technology

Mozilla Labs To Bring Address Book To Firefox 80

Posted by timothy
from the are-belong-to-us dept.
suraj.sun writes with this excerpt from Ars Technica: "Mozilla has announced the availability of an experimental new add-on for Firefox that is designed to import information about the user's contacts from a variety of Web services and other sources. The add-on makes contact details easily accessible to the user and can also selectively supply it to remote Web applications. ... After the add-on has imported and indexed the user's contact data, it becomes available to the user through an integrated contact management tool that functions like an address book. One of Mozilla's first experiments is an autocompletion feature that allows users to select a contact when they are typing an e-mail address into a Web form. ... To make the browser's contact database accessible to Web applications, the add-on uses the W3C Contacts API specification."
This discussion has been archived. No new comments can be posted.

Mozilla Labs To Bring Address Book To Firefox

Comments Filter:
  • by LostCluster (625375) * on Saturday March 20, 2010 @05:57PM (#31552500)

    There's a reason why we don't keep address books in openly-readable unencrypted XML files.

    Mix an easily-read address book with a small bit of untrusted code, and you've got a worm with the capability of sending victim-specific e-mail. Upload that list to a server, and you've just given your favorite people the gift of spam. Microsoft learned this the hard way when most users were using Outlook Express and Windows Address Book and both of them had wide-open for scripting interfaces, so that lead to a mess. We don't use those things anymore.

    Please... let's make sure this requires a stored-password check so that we're sure only apps the user trusts to read the address book. All of the cool web apps are doing it.

    • While a very good point, it would be nice when I'm at a form trying to send someone an email from a web page (say for an article I want to share).

      If they did a password check on the add-on, or had a list of trusted sites (with an unalterable block on untrusted sites), that would be even better.

      • Re: (Score:3, Insightful)

        by Darkness404 (1287218)
        ...And how often does the average person do that? For me and most people the answer is... never. If I want to share a link, I copy and paste the address into where I want to share it. It takes, what, 2 seconds more? With all the privacy issues (after all the browser is the number one attack point of the average system) I'm not seeing the benefit.
        • Re: (Score:3, Insightful)

          by Thinboy00 (1190815)

          As evidenced by Facebook, Joe Sixpack doesn't give a damn about privacy.

          • by causality (777677)

            As evidenced by Facebook, Joe Sixpack doesn't give a damn about privacy.

            I think that's only because Joe Sixpack has never taken a hard look at datamining techniques, the relative ease with which they can be implemented, and how this information can be misused. "I don't care about privacy at all" is like many other positions; it does not typically fare well among educated users who are equipped to make a factual cost-benefit analysis.

            • Re: (Score:1, Insightful)

              by Anonymous Coward

              As evidenced by Facebook, Joe Sixpack doesn't give a damn about privacy.

              I think that's only because Joe Sixpack has never taken a hard look at datamining techniques, the relative ease with which they can be implemented, and how this information can be misused. "I don't care about privacy at all" is like many other positions; it does not typically fare well among educated users who are equipped to make a factual cost-benefit analysis.

              True. But educated users who take a hard look at datamining techniques in order to make factual cost-benefit analysis of their daily activities are not, by definition, Joe Sixpack.

          • Yeah, but there is a big difference between being spammed via e-mail (which is generally work related) and Facebook which is home related.

            Most people don't really care having what would normally be exposed in a conversation when compared to an e-mail address.
          • by poetmatt (793785)

            it's hard to say people don't care about privacy when the sites are deliberately misleading about what privacy you have. Facebook made the argument you did and it's a crock.

      • Re: (Score:3, Interesting)

        by geminidomino (614729)

        File->Send link

        Opens your mail client, badda-bing. This is just more mozilla Kitchen-Sinking.

        • "What's this 'mail client' you keep talking about? I just use Yahoo!"

        • Why open the mail client when the page already has a built in "send page via email" function?

          Either way, I'm giving this plugin a test spin to see how it works.

          • Why open the mail client when the page already has a built in "send page via email" function?

            Either way, I'm giving this plugin a test spin to see how it works.

            Because the former method doesnt require "making the browser's contact database accessible to Web applications".

            I'd have thought the last 15 years would have been sufficient to teach us not to trust the web.

            • Does it really make the contact list available to the application or just the user? Your auto-complete information isn't available via client-side JS, and I don't believe this is either... it's simply a more advanced auto-complete for certain types of form fields.
    • There's a reason why we don't keep address books in openly-readable unencrypted XML files.

      smithm@michael:~/.sylpheed-2.0$ cat addrbook-000001.xml

    • by coaxial (28297)

      Given that spam has been around for 32 years now [templetons.com], and with state of the art classifiers, spam really isn't that much of a problem for users. Most "spam" that gets delivered is actually from sites that the user has dealt with. Buy baseball tickets, and it seems like MLB emails you every two weeks. Buy concert tickets online, and you're autosubscribed to a marketing mailing.

      While spam may be problem for network administrators, as a user, I simply don't care. It's literally not my problem.

      Honestly. Even m

      • by scdeimos (632778)

        Most "spam" that gets delivered is actually from sites that the user has dealt with. *

        * Citation needed.

        Whenever I'm required to register an e-mail address for access to a web site I use [their domain name]@[my domain name], since I have my own domain. I've only ever had two of those addresses attract spam, and that's because both sites involved had their (fairly crappy) user databases compromised.

        The majority of spam I see comes from addresses I've shared with groups of friends and relatives, and those "friends" have had their address books harvested by worms and trojans. Every couple of

    • Good news: web pages do require approval (through a permission dialog) to access address books. The extension's author says [mozillalabs.com]:

      [T]here are two APIs. The internal “importer” API, which can only be accessed by [Firefox] extensions, allows you to perform arbitrary network and OS-level operations to get information into the system. The external “content” API, which can be accessed by any web page, allows you to request access to contact data (and then starts the “permission” dia

  • by rimcrazy (146022) on Saturday March 20, 2010 @06:17PM (#31552658)

    You know that is all I need... yet another address book that screws up all my contact lists when it does a sync with the 17 other address books I have......

    • Re: (Score:3, Interesting)

      by Dr. Evil (3501)

      'Sync'ing is the wrong solution for calendars, email and contacts. The right solution is to read all sources and present them simultaneously.

  • Do you get a free purple pony on facebook too..... along with exclusive offers.....and a new credit report too?
  • Um, why? (Score:5, Interesting)

    by thePowerOfGrayskull (905905) <.marc.paradise. .at. .gmail.com.> on Saturday March 20, 2010 @06:28PM (#31552736) Homepage Journal
    First of all, when I'm filling out a web form I'm *never* putting somebody else's information into it -- it's always my own. Second of all... actually, there is no second of all. When I'm using Firefox for email, it's just my front-end to GMail or other webmail which already has an address book. I'm not a big fan of the "well, I don't see a need therefore nobody should" school of thought; so I'd love to hear about use cases where this functionality is actually meeting some need not already handled more appropriately elsewhere.
    • Re: (Score:3, Interesting)

      by Thinboy00 (1190815)

      A lot of "social networking" websites ask for your password to your email so they can import your contacts. If the browser could (semi-)automagically give it that info, you'd close a huge security gap...

      • P.S.: see e.g. tagged [snopes.com] for an example of such security issues (they take your contacts and spam them without your consent (or at least in a very sketchy way anyway)).

      • Re:Um, why? (Score:4, Interesting)

        by ucblockhead (63650) on Saturday March 20, 2010 @07:08PM (#31553132) Homepage Journal

        Given that I always say NO GODDAMNIT NO NO NO NO! to those requests because I don't want some idiot social networking fuckhead marketer spamming all my contacts, saying "we'll just do it automagically" fills me with terror.

      • by causality (777677)

        A lot of "social networking" websites ask for your password to your email so they can import your contacts. If the browser could (semi-)automagically give it that info, you'd close a huge security gap...

        I'm assuming you refer to Web-based e-mail services like Gmail. I have no e-mail accounts like this, but I otherwise don't know what you mean. For example, the password to my POP3 e-mail account would not contain any of my contacts. Those are stored in my local e-mail client. I'm not so sure about IMAP, but POP3 remains much more common in either case.

        I also don't use any social networking sites like Facebook or Myspace, so I am wondering if it is common for them to function as HTTP-to-SMTP gateways.

        • by maxume (22995)

          Good for you, you have correctly identified that you are not the target of this feature.

          The sites import the contact list in order to simplify the process of 'connecting' with your contacts on that service (and I guess to invite them to use the service). A users page on the social site will have a list of their friends, with links to their pages. People find this easier than bookmarks.

          The social site is not attempting to insinuate itself into your existing email system (but it will encourage you to use thei

      • by maxume (22995)

        That hole is being closed elsewhere (this feature depends on websites providing a Portable Contacts API, consuming websites can use that same API to obtain contacts, rather than asking users for credentials).

      • True, but that doesn't seem like what this is used for? As I read it, it's more for populating forms with other people's addresses from your address book.
    • by causality (777677)

      I'm not a big fan of the "well, I don't see a need therefore nobody should"

      I take it you are not a government employee.

  • This is all well and good, but I want good export options too.
    I use Mozilla and Thunderbird at home, but I would love an easy option to export it to an Outlook format that I could problemlessly import in Outlook in a good format.
    The place where I work (and probably the next place where I work) demands this kind of data interoperability.

  • I don't personally see the need for this. I've been using Firefox on OS X for several years, and can't think of a single time when I've thought "gee, it'd be nice if only (use case mentioned in the article)". It did mention giving Gmail access to my OS X address book, but hey - I've been able to do that already for quite some time now, with no web browser intermediary required.

    Additionally, given (what I perceive as) Mozilla's bad track record for finishing what they start when it comes to "added value" fun

  • Seamonkey (Score:4, Insightful)

    by mister_playboy (1474163) on Saturday March 20, 2010 @06:51PM (#31552936)

    It seems you would be using Seamonkey instead of FIrefox if this sort of all-in-one approach was appealing to you. I don't see the point.

    • Re: (Score:3, Informative)

      by Zarel (900479)

      Mozilla has announced the availability of an experimental new add-on

      Emphasis on "add-on". That's the whole point of Firefox - it's not an all-in-one approach, and users who don't want it simply won't install it.

      • by owlnation (858981)

        Emphasis on "add-on". That's the whole point of Firefox - it's not an all-in-one approach, and users who don't want it simply won't install it.

        In this case, yes. And I do welcome that this is, in fact, an add-on. If only they had done that for some previous "features" too -- the awesome bar, in particular.

        As a few have pointed out here already, up to now Mozilla appears to have learned little from the past, and seemed determined to turn Firefox into the bloated mess that was the Netscape Navigator suit

    • by MacDork (560499)
      Agreed. Netscape Communicator died for a reason. It was a slow, bloated, 'all-in-one' package of crap. I'd prefer to see them working on more important things, like SVG animation. They're way behind webkit and presto on that one. HTML5 != address books. Firefox team needs to maintain focus on their core product... their rendering engine.
      • Netscape Communicator died for a reason. It was a slow, bloated...

        Ironically, this is exactly why I recently dropped Firefox and went BACK. While Seamonkey has a larger memory footprint than Firefox on initial load, it doesn't leak memory like a sieve... after a hour's use on my machine, it's still under 100MB whereas Firefox takes up 300+MB (both using essentially the same list of plugins). Also, Seamonkey's start-up time is a FRACTION of either Firefox's or Thunderbird's.

        Firefox has completely forgotten it's original mission statement, and fallen victim to scope creep

  • Ok, I love Firefox’s add-ons and all. It’s great for web development.

    But Firefox now officially has jumped the shark.

    I’ll check out Opera. I’ve head they support user-supplied extensions too.

  • by ucblockhead (63650) on Saturday March 20, 2010 @07:05PM (#31553104) Homepage Journal

    Why on Earth are they trying to turn Firefox into the Mozilla Application Suite!? There's a reason that failed, and Firefox, originally just an afterthought to quiet those complaining about Mozilla's bloat, won out.

    What is wrong with "do one thing and do it well?"

    In any case, I look forward to the next project, which spins off a browser from the Firefox project for people who just want a browser.

    • Re: (Score:3, Informative)

      by hkmwbz (531650)
      Seriously, did you not notice the fact that this is not only an optional extension, but it is also experimental? You know, like Ubiquity.
    • by causality (777677)

      What is wrong with "do one thing and do it well?"

      Absolutely nothing. That's an integral part of the philosophy behind the design of Unix and Unix-like operating systems. I believe it to be a very sound idea, which is why I use a Unix-like OS. Additionally, I think the KISS principle is especially important in a Web browser, as browsers are one of the main attack vectors for compromised computers.

    • Re: (Score:2, Informative)

      by maxume (22995)

      Actually, Phoenix was mostly about cleaning up the XPFE mess:

      http://home.kairo.at/blog/2007-05/old_xpfe_may_die_soon [kairo.at]

      They also thought that a user focused browser would be a more successful product than a developer driven internet application suite. And then we found out they were right. It certainly wasn't an afterthought to the people doing it.

    • I know, I know! They can call it Phoenix, like it's rising from the ashes of Firefox!
  • If it's better than Gmail, I'll try it. I know, I sleep with the devil. But she's a pretty woman, does the things I like, doesn't seem to gossip and is quite taciturn.
  • Even with minimal addons, FF 3.6 on my Windows machine takes upto a gig of memory after about 30mins of usage/being left idle especially with flash based sites. I don't have this problem on my trust Ubuntu netbook but the version of FF on that machine is 3.8. In the last one week, I've had to recommend 4 Firefox users to switch to Chrome (they've never even heard of Chrome). What's happening Mozilla labs? (Do an internet search for "firefox 3.6 memory hog"). So, umm, before introducing new addons - why don
    • Wrong forum. If you're serious about having FireFox issues, post in one of their forums where you might make some progress. Here you'll get nothing but scorn. Well, derision and scorn. Anger, derision and scorn... wait, let me start over...
  • I can't think of any reason to include this into a web browser. System-wide, I use Address Book (I'm on a Mac). For those on Windows, Thunderbird has an integrated address book.

    Am I missing something?

    Oh, and Mozilla, DON'T SCREW UP THIS BROWSER kthksbye
    • Re: (Score:2, Interesting)

      I don't use Thunderbird, I use Yahoo and Gmail. And while I don't generally trust websites with my contacts book, I am more than happy to let them search my Twitter to see if I have friends on the site, this experiment is simply an extension/road to that.
  • Seriously? Mozilla, what flavour crack are you guys smoking this month?

    There's already plenty of address book add-ons for Firefox and Mozilla, we don't need you guys adding another one to Firefox that will allow web sites to harvest contact info. If you want to do something address book-like, why don't you fix-up your LDAP support in Thunderbird so that it can actually create and update LDAP contacts - like you were supposed to have done in Thunderbird 2!

  • by rshol (746340) on Sunday March 21, 2010 @08:58AM (#31556942)
    That's stupid. But, give us an address book in Thunderbird that will sync seamlessly with Gmail and I'd be deliriously happy.

"It's curtains for you, Mighty Mouse! This gun is so futuristic that even *I* don't know how it works!" -- from Ralph Bakshi's Mighty Mouse

Working...