Click on "same browser-based encryption". It's a link to an earlier blog post where they explain the encryption methods used in Firefox Sync. It mentions end-to-end encryption, too.
As Mozilla is a US-based organization, is anyone afraid of the NSA/USG commandeering Mozilla to setup pen-register/password-interception a la Lavabit?
Only a couple of months ago comments like mine would have been passed off as tin-foil conspiracy. Now, I think everyone's sense of normal is now tightly wrapped in tin-foil, encased in lead.
Opposite to Lavabit, Mozilla can't decrypt your data, so I can't see this happening, unless they change the open source client code without anyone noticing.
