From my perspective, there is no source code to review so we have to trust you to have made sensible security decisions, which at least I don't.
UX isn't a big win. KeyPassX is good enough i.e. works with keyboards entirely, is open source, is reviewed, goes to extra lengths not to leave stuff floating around in RAM as well. Oh and works across all platforms I use.
Good question. Actually we have a technology that analyses semantically the webpage and determines the meaning of each elements.
Basically it's a bottom-up approach, we first try to guess the meaning of an element; then we take one step back and try to find contextual information that helps us refine the meaning.
We thought about the crowdsourcing approach, but it requires that the few first users have a shitty experience (because Dashlane isn't working as expected on these sites). That's why we prefered a more generic approach.
Yes we thought of that too, but the list of the most popular websites can be long, and the frequency at which these websites changes can also be high. So it's nearly a fulltime job.
We prefer to rely on our semantic backend, but if we implement a crowdsourced method, I think it would be more to spare computing power than for the quality of our results (which are already quite impressive).
It's a possibility, but it could be complex to put in place (client and server side). You have to find a way to aggregate the data in a smart way, to avoid getting your system messed with and minimize false positives.
Just imagine the case where a site changes drastically, all the crowdsourced results would be out of date, how do you detect that ?
Because a user signaled it ? What if it has been incorreclty signaled ? Sure you could set a sort of treshold, but that means that a bunch of users will have a poor user experience in the meantime.
We never ever store, or transmit over the network the user's master password nor any of its derivatives, therefore we don't nee to encrypt it.
The user's master password is not encrypted, it is used to create the key to encrypt and decrypt user's data, and the encryption key created from the master password, as a derivative of the master password, is never stored or transmitted.
This way, we can assure our users that even us cannot ever access their data.
Some more information here http://goo.gl/YlFkQ but no, each data-key (master) is unique to each user and stored outside of the application and network in an encrypted store, also all PID is encrypted and non-associative. Of course, I would prefer if users didn't want a restore option, however, usability sometimes trumps security :) Lost your password == lost all your data, just doesn't cut it with users IRL (I found).
1. I used the Delicious plug-in for Firefox. It no longer worked with the "social" part of social bookmarking: I got no suggestions when I clicked on a link.
2. The tagging was completely broken in the plug-in; the plug-in, unlike the new interface, still accepted spaces to separate tags. The new site considered EVERY set of tags to be one big unique tag, so several MONTHS of tagging had to be fixed by hand. There are TONS of complaints about this change, and Avos has ignored them all.
3. The secure RSS feeds were limited to 10 items. I use these as feeds for common links (news, comics, what have you) and several of my link folders were truncated by the arbitrary limit. They kept trying to fix this, but seemed to be incapable. When I realized I'd missed nearly a month of one of my favorite comics, I was quite annoyed.
4. Links were just lost several times; I would bookmark something, and two days later look for the bookmark and it would be gone.
I rarely went to the site, so the design changes were irrelevant to me. It looked like they were trying to make it into a Reddit or Digg or equivalent, though, and having the site move further in that direction and away from how I wanted to use it just seemed like a terrible idea.
But the core problem was that they broke their own API and the core functionality that caused me to want to be there to begin with.
Now in Pinboard I don't get to use the Delicious plug-in any more, but everything else Just Works. The site is clean and easy to use. Pinboard also offers an "archive everything" option that's awesome; so many old links eventually go bad, and having an archive of everything you care enough about to link is just cool.
the whole usability of tagging [completely unnecessarily] changed. their own bookmarklet (and functionality on their site) changed so that when you press the save button it saves right away, and then you have a option to add tags.
i'd find my self quickly adding and then having to find my link and editing it.
what is the benefit of these changes? why would you do that to all your users?