Friday, September 12, 2008

And now, ScribeFire!

I've tried ScribeFire before and I was not impressed by the idea of blogging from Firefox. If had to use the browser, why not connect to wp-admin directly? Well, with my new quest for "Blogging clients" that can use my xmlrpc SSL-protected URL I end up by trying it again. Here I am, trying ScribeFire. It accepted well the https URL, so it seems to be a good option for "secure blogging" on Wordpress blogs.

You may wonder, if you saw my last post, why I didn't stay with Zoundry. Well, for two main reasons. One is that Zoundry seems to be a bit bloated, being too slow to run from a Portable Apps environment (anothet of my requirements). But the death blow on that tool came when I was checking if it was using the HTTPS xmlrpc properly by putting it behind a Paros Proxy. It used the HTTPS URL and it didn't mention the fact that the ssl certificate was not valid for that site! Yes, Zoundry Raven is vulnerable to a simple SSL man-in-the-middle attack.

So, until now, ScribeFire seems to be the choice.


No comments:

Post a Comment