Ubiquity is not for me (yet)

I can't remember where I first heard about Ubiquity, but it wasn't until Al blogged about it that I took the plunge and had a quick look.

I love the idea and hope it does well and would love to use it, but it's not for me at this stage. Let me explain why.

I installed the addon and restarted Firefox, but was greeted with an instant crash on startup. To recover I had to restart in FF Safe Mode, disable Ubiquity, restart normally, saved my session, close all my open tabs, reenable Ubiquity, and restart again before all was well.

The privacy and security issues that can arise are putting me off. Take, for example, the first feed they recommend - Herd. The about:ubiquity page says:

"Help us. Subscribe to the Herd, which will add your data to the dashboard—it's completely anonymous and will help us make Ubiquity better and safer."

So I click the link and I'm taken to a page of referrers, one of which is:

https://mail.google.com/mail/?account_id=aoctavio%40gmail.com

Hardly anonymous...

Then there's the comments in the code for the second most popular feed. Comments like:


// TODO: Security hull breach!
return eval( splitString[1] );

// Ugly hack to parse out the event description.


Also, the frightening security warning:

"Since a Ubiquity command can do anything, and it has full access to your web browser, a bad person could write a Ubiquity command to steal your personal information or do malicious things to your computer. You should not install Ubiquity commands unless you are confident that the source is trustworthy."

Finally, I'm wondering whether the addon grabs the latest version of the feed if it's changed, and how I would be notified of that? If I subscribe to one of the user submitted feeds and the user decides to abuse that feed, am I only affected when I accept a new update, or do they have full access from the moment I subscribe? I can check the code when I subscribe, but would I see any changes before they take effect?

So with the comments, the security warning and possibility of malicious feeds I think I'll leave it for now, but do tell me how you get on with it if you use it. I'll certainly be revisiting it once it's a little more fleshed out and I wish the team the best of luck.