An unofficial blog that watches Google's attempts to move your operating system online since 2005. Not affiliated with Google.

Send your tips to gostips@gmail.com.

April 17, 2008

Subscribe to Authenticated Feeds in Google Reader

Google Reader is one of the many online feed readers that don't support authenticated feeds. This special kind of feeds requires a username and a password before displaying the content to protect sensitive information. An example of authenticated feed is Gmail's feed for unread messages, but you'll also find password-protected feeds for internal bug reports, private email distribution lists, etc.

FreeMyFeed wants to solve this problem by creating feeds that don't require authentication. The site acts as a proxy between the original feed and your feed reader, while promising that your credentials are safe. "Usernames and passwords are never stored on the server. The usernames and passwords are only parsed to retrieve your RSS feed and then are discarded." Rob Wilkerson explains that the credentials "are encrypted using a rotating algorithm and included in the new URI."


It's not a good idea to enter your username and password in any other place than the site where you created them, but FreeMyFeed could be useful for feeds that are not tied to important accounts. Make sure you don't share any item from the generated feeds.

15 comments:

  1. Or, of course you could use BlogBridge (http://www.blogbridge.com/look) a free, open source, cross platform that natively supports authenticated feeds, and by the way does a lot of other useful things that Google Reader doesn't do.

    ReplyDelete
  2. @pito personally i wouldn't use it because i'd have to install it & i like to have access to my apps from any computer whenever possible ;)
    - imma

    ReplyDelete
  3. exactly. There is no point in using a desktop application as soon as you start to accumulate devices capable of displaying blogs.

    Even if you find an application that is able to synchronize the read/unread status, as soon as you take plattforms where your app isn't running on into the mix, things break.

    So currently the only option for me is to use a webbased aggragator as I have my mobile phone using opera mini and my iPod Touch using Safari in addition to my desktop for my blog reading needs.

    Sure. Aside of google, there are other webbased readers, some even with desktop applications they can sync state with (newsgator), but the google interface is the most pleasing one.

    And it's a good thing that google doesn't support password protected feeds. Remember: Your feed reader needs to know a cleartext version of the passwort (or at least a decryptable one) to be able to access the feed.

    By not supporting authenticated feeds, google makes sure that you don't shoot yourself in the foot and provide them with a password, because, frankly, very few people actually know what it means to give passwords around like this (erm... facebook... erm...)

    Philip

    ReplyDelete
  4. "Make sure you don't share any item from the generated feeds."

    Even if you don't share it, your authenticated feed will start appearing in search engines.

    DO NOT use this for stuff you want to keep private.

    ReplyDelete
  5. The only way that feed from this service would be indexed by a search engine is if someone posted their alternate URL on the internet.

    This service places the original feed URL, username and an encrypted version of the password in the alternate URL. Absolutely no data is stored on the FreeMyFeed server. Every time the alternate URL is requested the original feed is downloaded and echoed back to the user or reader on the fly.

    ReplyDelete
  6. Hi, some time ago I wrote a script that removes the authentication from a script and republishes it with a privacy indication in the xml that was proposed by bloglines, but that, as far as I can see, is also respected by Google Reader.

    This could be an alternative to services if you're able to self-host php files:

    Get it at http://php.vanhecke.info/2008/01/20/republish-a-feed-or-other-data-protected-by-http-basic-authentication/

    ReplyDelete
  7. @Pito, could you give me more information about how to do that?
    I am interested on using BlogBridge to suscribe to my DokuWiki, which contains private pages, but I have not been able to access this ones (I can see the public pages, but the program does not ask me my username and my password)

    ReplyDelete
  8. So, will greader eventually gain authenticated feeds support?

    ReplyDelete
  9. there are plains to include authenticated support in google reader?

    ReplyDelete
  10. Hello, I considered myself rather computer friendly; however, I don't understand what feeds are???Should I have them or not on my computer?

    ReplyDelete
  11. I would like to ask what is the most 'secure' server/browser? I just read that MSN was the safest...I have Norton antivirus; should I use antiphishing with Norton or let AOL or windows handle it? AND last but not least question? When Norton states: Phishing Protection On vs Norton Authenticated: why? when can I feel safe? I've had a terrible nightmare happen in my bank with fraud and i'm terribly worried and don't know whom to trust or when to put in private information. I have a new MAC and another computer - I have a router..Should I be concerned with either of these? What should I know?

    ReplyDelete
  12. The idea that it discards the password after initially fetching the feed makes little sense - you need the password for every update of the feed. If it doesn't update, it's useless - you may as well just read the feed XML one, in Firefox directly.

    ReplyDelete
  13. I'd love GR to have that functionality. You can provide custom generated username/pwd to GReader and your actual account is still safe. And I'd rather give my pwd to Google then some "someone running this server" :)

    ReplyDelete
  14. Unfortunately, it no longer appears to work. I keep on getting error messages when I try to use it:

    "An error occured at the requested URL but a specific error message is not available."

    ReplyDelete
  15. and how i know unsubscribe from freemyfeed?

    ReplyDelete

Note: Only a member of this blog may post a comment.