As many of you are aware, recently a major security flaw known as the Heartbleed bug was discovered in OpenSSL, a low-level cryptographic library used by Internet web servers for securing web traffic. The flaw affected a majority of websites, including Xmarks.
Our servers were patched shortly after learning of the vulnerability on the morning of 8 April, 2014. Also as of 16:00 EDT on that day, we deployed new SSL certificates.
Although we have no evidence that the flaw was exploited during the time the vulnerability was in place, it is possible that bookmarks, usernames, and hashed login passwords may have been exposed to attackers. Passwords synced with Xmarks password sync are stored and received in encrypted form with a PIN that is never sent to the Xmarks server. Security of these passwords will depend on the PIN used.
As a precaution, we are recommending that if you have not already changed your password, please do so now. Once logged in at Xmarks.com you can click "My Account" and select the "Change Password" option (https://login.xmarks.com/account/change_password).
If you use Xmarks password sync and a weak encryption PIN, please also consider changing the passwords stored in your browser vault.
We also recommend using a password manager like LastPass to store your logins and update your passwords to stronger, generated ones, including your Xmarks login. In the LastPass Security Check, you can also find out which of your stored accounts were impacted by Heartbleed and what actions you should take at this time.
Our team continues to monitor the situation and will update the Xmarks and LastPass community as needed.
Monday, April 21, 2014
Friday, December 6, 2013
Announcing Xmarks for Mac OS X 10.9 Mavericks
The new version of Xmarks for Safari can be downloaded at https://download.xmarks.com/download/macosx_10_5 and provides support for the newest versions of Mac OS X, but should be compatible with previous Mac versions back to 10.5.
What about syncing Xmarks with iCloud?
We will continue to explore a direct iCloud sync option, so that you could sync Xmarks to iCloud, and let iCloud sync to Safari, iPad, and other Mac and iOS devices. While this feature has many inherent challenges, we’re considering our options and hope to support iCloud sync in the future.
Can I keep running Xmarks 1.4.3?
If the previous version of Xmarks is working for you, you can continue to run it. A direct link to the old download is here: https://static.xmarks.com/clients/safari/xmarks_for_safari_1.4.3.dmg - however, we do not plan to continue to develop this version and it will not work with OS X 10.9.
We continue to work hard to improve the service overall. Over the last year, we’ve been focused on strengthening the underlying sync architecture and scaling the product. Moving forward, we’ll be focused on building new features for both the free and Premium service.
Best,
The LastPass & Xmarks Team
Monday, December 17, 2012
Xmarks Scheduled Maintenance
At Xmarks, we are working to make the bookmarking service more resilient in the face of unforeseen disasters, such as this summer's widespread power outages and extreme weather events like Hurricane Sandy. To that end, we are upgrading the distributed database behind the Xmarks service, with a goal of achieving zero downtime failover between data centers and zero downtime maintenance. Unfortunately, we are not quite there and must incur some service downtime to make these changes.
The Xmarks bookmarking service will be unavailable on Tuesday, December 18 from 22:00 to 23:59 EST (Wednesday 03:00-05:00 UTC) as we perform the first phase of this process.
During this time, any attempts to update your bookmarks or retrieve them through the plugin or on http://my.xmarks.com/ will result in temporary errors; these may show up as error icons in the Xmarks plugins. Bookmarks already in your browser can be accessed as normal. At the close of the maintenance window, normal bookmark syncing can resume and Xmarks will resolve the temporary errors on the next sync.
If you have any questions or concerns, either leading up to or during the scheduled maintenance, please direct them to our support team by opening a ticket: https://buy.xmarks.com/supportticket.php
Thank you for your understanding and patience.
Best,
The Xmarks Team
The Xmarks bookmarking service will be unavailable on Tuesday, December 18 from 22:00 to 23:59 EST (Wednesday 03:00-05:00 UTC) as we perform the first phase of this process.
During this time, any attempts to update your bookmarks or retrieve them through the plugin or on http://my.xmarks.com/ will result in temporary errors; these may show up as error icons in the Xmarks plugins. Bookmarks already in your browser can be accessed as normal. At the close of the maintenance window, normal bookmark syncing can resume and Xmarks will resolve the temporary errors on the next sync.
If you have any questions or concerns, either leading up to or during the scheduled maintenance, please direct them to our support team by opening a ticket: https://buy.xmarks.com/supportticket.php
Thank you for your understanding and patience.
Best,
The Xmarks Team
Tuesday, November 6, 2012
Xmarks for Windows Store Is Here!
Xmarks is officially ready for Windows 8 and Windows RT, with the Xmarks app now available in the Windows Store!
Xmarks for Windows Store is a standalone app, similar to our other mobile apps. Since the modern IE 10 browser does not support plug-ins, Xmarks is not directly integrated into IE. Xmarks can launch sites from your bookmarks, but can not sync with IE favorites.
Available features:
More improvements to come!
This is the first Xmarks release for Windows Store, so let us know what you think in the comments below!
Xmarks for Windows Store is a standalone app, similar to our other mobile apps. Since the modern IE 10 browser does not support plug-ins, Xmarks is not directly integrated into IE. Xmarks can launch sites from your bookmarks, but can not sync with IE favorites.
Available features:
- Supports Windows 8 and Windows RT.
- Syncs with your Xmarks account, so you have all your favorites with you.
- Use full screen to see all your favorites, and browse by folder.
- Handy snapped mode lets you run Xmarks side-by-side with IE or another browser
- Search charm support (and built-in search box in snapped mode) for quick bookmark searches.
- Open remote tabs from your other browsers.
- Share URLs from IE or other apps into Xmarks using the Share charm, which then syncs with your Xmarks account.
More improvements to come!
This is the first Xmarks release for Windows Store, so let us know what you think in the comments below!
Sunday, July 1, 2012
Xmarks bookmark sync unscheduled downtime
Xmarks bookmark sync has experienced unscheduled downtime over the last 20 hours. This morning the decision was made to disable syncing to facilitate recovery.
Xmarks has gone to backups to restore the service for impacted Xmarks bookmark sync users. If you use Xmarks bookmark sync please double check any bookmarks you've made over the previous 48 hours from 7/1/2012.
At this stage all users should be back in working order from the server, if you're having issues we'd recommend trying Xmarks Settings -> Advanced -> Repair first. You may want to consider simply using Upload instead to push your local set up to the server if you notice inconsistencies.
If you use Firefox you can reference the bookmarks backups that Firefox automatically creates: http://kb.mozillazine.org/Backing_up_and_restoring_bookmarks_-_Firefox
A number of issues came together causing Xmarks to experience this problem:
- While our datacenters were not impacted, our staff was impacted by the storms that hit the Washington DC area - leaving many of our employees without power, without Internet, and without working phones.
- Our offices are also without power impacted by the storms so using them was not a possibility either.
- Nearly all of our servers were impacted by the bug detailed by Mozilla here: https://bugzilla.mozilla.org/show_bug.cgi?id=769972
- We found that rebooting machines fixed the issue before we found out the true cause (and the above bug report). Rebooting worked but a number of machines failed to shutdown gracefully causing issues bringing back up the cluster cleanly.
We apologize for this issue and thank you for your patience. We will be looking into ways we can further mitigate our risks against threats like these in the future.
Xmarks has gone to backups to restore the service for impacted Xmarks bookmark sync users. If you use Xmarks bookmark sync please double check any bookmarks you've made over the previous 48 hours from 7/1/2012.
At this stage all users should be back in working order from the server, if you're having issues we'd recommend trying Xmarks Settings -> Advanced -> Repair first. You may want to consider simply using Upload instead to push your local set up to the server if you notice inconsistencies.
If you use Firefox you can reference the bookmarks backups that Firefox automatically creates: http://kb.mozillazine.org/Backing_up_and_restoring_bookmarks_-_Firefox
A number of issues came together causing Xmarks to experience this problem:
- While our datacenters were not impacted, our staff was impacted by the storms that hit the Washington DC area - leaving many of our employees without power, without Internet, and without working phones.
- Our offices are also without power impacted by the storms so using them was not a possibility either.
- Nearly all of our servers were impacted by the bug detailed by Mozilla here: https://bugzilla.mozilla.org/show_bug.cgi?id=769972
- We found that rebooting machines fixed the issue before we found out the true cause (and the above bug report). Rebooting worked but a number of machines failed to shutdown gracefully causing issues bringing back up the cluster cleanly.
We apologize for this issue and thank you for your patience. We will be looking into ways we can further mitigate our risks against threats like these in the future.
Wednesday, April 4, 2012
Xmarks for iOS Update: Reverse Bookmark Order Added
The latest version of Xmarks for iPhone and Xmarks for iPad has been published! Part of our Premium offering, the update can now be found on the App Store. In addition to general functionality improvements, our new release includes updated graphics for retina display, the ability to reverse the bookmark order, and a couple of bug fixes.
To reverse your mobile bookmark order, check Reverse Bookmark Order under Bookmarks in your Mobile Settings. Then, perform a sync.
For more details on our iOS apps, read our help articles on Xmarks for iPhone and Xmarks for iPad.
The Xmarks Team
To reverse your mobile bookmark order, check Reverse Bookmark Order under Bookmarks in your Mobile Settings. Then, perform a sync.
For more details on our iOS apps, read our help articles on Xmarks for iPhone and Xmarks for iPad.
The Xmarks Team
Monday, March 12, 2012
New: Xmarks for Windows Phone 7 is Here!
The Xmarks app is now available in the Windows Phone 7 marketplace! The app is the latest addition to our suite of Premium features in our ongoing quest to expand access to your bookmarks. You can trial the app for 2 weeks to test out features before deciding to upgrade to Premium (which operates on a per-account, rather than a per-device, basis).
View Bookmarks in Folders
After installing the app and logging in with your username and password, you'll see your folders and subfolders displayed in A-Z alphabetical order. The number of bookmarks stored in each folder and subfolder is indicated in parenthesis to the right of the folder's name.
You can swipe up the screen to quickly scan your folders. Tapping on the name of a folder or subfolder loads a list of that folders bookmarks, where you can swipe up or down to search for a specific bookmark.
The title of the bookmark is visible in white, with the URL listed below, in red. Tapping on the bookmark's name or URL launches it in the stock browser.
To navigate back to the main view of your folders, simply tap the device's back button.
Search for a Bookmark
When you need to search for a specific bookmark, you simply tap the "search" option. Tapping the search field allows you to start typing a relevant keyword or site name. The bookmarks auto-sort to display matching sites as you narrow your search.
Again, simply tap the bookmark's name to launch it in the stock browser.
Sync Open Tabs
If you have enabled "Open Tab Sync" for your account, tap the "tabs" view to see a list of your devices and number of open tabs. If this feature isn't currently enabled for your account, you can go to your Xmarks icon on your desktop browser, select "Xmarks Settings", choose the "Sync" tab, and check "Open Tabs". You'll need to select this option on every Xmarks browser addon you have installed; you can name the device, and individual browsers, so they are easily identifiable in other locations.
Tapping the name of the device allows you to view the tabs that are currently open. Again, simply tapping the name of the tab allows you to launch the URL in the stock browser.
Force a Refresh to Sync Your Data
Although polling happens automatically to keep your data up-to-date across your devices, you can refresh your data at any time by selecting the sync option. The icon appears at the bottom of your screen throughout the app, represented by the image of the two arrows circling back on each other.
More on the way!
We're continuing to develop and improve Xmarks, stay tuned for updates in the near future.
Best,
The Xmarks Team
View Bookmarks in FoldersAfter installing the app and logging in with your username and password, you'll see your folders and subfolders displayed in A-Z alphabetical order. The number of bookmarks stored in each folder and subfolder is indicated in parenthesis to the right of the folder's name.
You can swipe up the screen to quickly scan your folders. Tapping on the name of a folder or subfolder loads a list of that folders bookmarks, where you can swipe up or down to search for a specific bookmark.
The title of the bookmark is visible in white, with the URL listed below, in red. Tapping on the bookmark's name or URL launches it in the stock browser.To navigate back to the main view of your folders, simply tap the device's back button.
Search for a Bookmark
When you need to search for a specific bookmark, you simply tap the "search" option. Tapping the search field allows you to start typing a relevant keyword or site name. The bookmarks auto-sort to display matching sites as you narrow your search.
Again, simply tap the bookmark's name to launch it in the stock browser.Sync Open Tabs
If you have enabled "Open Tab Sync" for your account, tap the "tabs" view to see a list of your devices and number of open tabs. If this feature isn't currently enabled for your account, you can go to your Xmarks icon on your desktop browser, select "Xmarks Settings", choose the "Sync" tab, and check "Open Tabs". You'll need to select this option on every Xmarks browser addon you have installed; you can name the device, and individual browsers, so they are easily identifiable in other locations.
Tapping the name of the device allows you to view the tabs that are currently open. Again, simply tapping the name of the tab allows you to launch the URL in the stock browser.Force a Refresh to Sync Your Data
Although polling happens automatically to keep your data up-to-date across your devices, you can refresh your data at any time by selecting the sync option. The icon appears at the bottom of your screen throughout the app, represented by the image of the two arrows circling back on each other.
More on the way!
We're continuing to develop and improve Xmarks, stay tuned for updates in the near future.
Best,
The Xmarks Team
Subscribe to:
Posts (Atom)