Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

1

Firefox gives passwords away

Started by Nvyseal , Nov 22 2006 07:44 PM

Please log in to reply

8 replies to this topic

#1 Nvyseal

Chairman of the Board

Administrator
9,821 posts

Location:From the whatever it is, Pluto
Country:USA

Posted 22 November 2006 - 07:44 PM

THE MOZZARELLA Foundation has issued a security warning on its Firebadger open sauce browser.

Apparently the browser's secure password manager has a nasty habit of telling other people your user name and password.

The problem comes about because Firebadger supplies the username and password stored on one page on a domain to another page on a domain. For example the Username and password input tags on a Myspace user's site will be shared along with the visitor's Myspace.com credentials.

According to Robert Chapin, of Chapin Information Services, who reports the problem on Bugzilla, the flaw means that passwords can be stolen without punters being aware of it.

In the short term, Mozzarella is suggesting avoiding using Password Manager and the Master Password Timeout Firefox extension.

However, an exploit found in the wild mimicked the login.myspace.com site almost perfectly, causing many users to believe they needed to log in.

Source: The Inq

Back to top

#2 Guest_scaramonga_*

Guests

Posted 22 November 2006 - 07:54 PM

Which is why I never let Firefox/IE store any passwords.....period!

Roboform is the way <_<

Back to top

#3 godless

GTA 4 is a ps2 relic with better graphics...

Members
316 posts

Country:Canada

Posted 22 November 2006 - 08:24 PM

wth is fire badger?

Back to top

#4 m.oreilly

rog'er wilco

Admin
8,847 posts

Country:lower uncton

Posted 22 November 2006 - 08:26 PM

thanks for the heads up guys... :unsure:

Back to top

#5 HybridShadow

New Member

New Members
5 posts

Location:Adelaide, South Australia
Country:Australia

Posted 24 November 2006 - 01:10 AM

Maybe someone should tell this site about it: www.killfirefox.com

I usually save my passwords in browsers, but not very important ones - they usually tend not to save those anyway. Like Bank sites and other major personal account online.

Back to top

#6 Tweak

Established Member

Members
674 posts

Country:US

Posted 24 November 2006 - 01:18 AM

Yet another reason I prefer Opera instead.

Back to top

#7 Sphere

The moth next to my brain is Bart, say hi to him if you like

Sponsor
2,355 posts

Location:*tap* Behind ya!
Interests:I'm a Dutchy, that means I'm not a German (which doesn't sound/look the same to me!) also, being a Dutchy means I'm an idiot... sort off!

And I def. need to get a real life again... I'm bored with my current life, ideas can be pm'd to me!
Country:Dutchyland

Posted 24 November 2006 - 02:40 AM

Biggest problem here is imo the user...

I know Firefox enters them in advance, but any IE user without looking closely might enter them as well too... so... entering either the ok button or all the way is a user responsibility...

Back to top

#8 VROSA

Ghost Member

Global Moderator
2,043 posts

Location:Belo Horizonte - Minas Gerais - Brazil
Interests:Hardware, Software, Alphas and Betas, OS Mods, Windows 8.1, Windows 10, Linux, Games, Fun, Friends.
Country:Brazil

Posted 24 November 2006 - 12:43 PM

I have to agree with Sphere, a bad user is in risk with any browser . If it's an important password i never trust any browser. I dont care if i have to type it every time i visit a site.

Back to top

#9 error51

Elite Newsposter

Newsposter
459 posts

Location:127.0.0.1
Country:USA

Posted 25 November 2006 - 11:00 AM

These are my settings. Would never dream of leaving my passwords in this computer. Email, stock accounts, online shopping, my bank accounts... I'm lazy, but not so lazy I can't type in my passwords.