Is Password Manager safe on portable firefox 2.0
http://it.slashdot.org/article.pl?sid=06/11/21/2319243&from=rss
for that matter, was it safe on 1.5?
New: DesktopSnowOK (Jan 6, 2025), Platform 29.5.3 (Jun 27, 2024)
1,100+ portable packages, 1.1 billion downloads
No Ads Nov/Dec/Jan!, Please donate today
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
Follow us on Twitter
Every copy of Firefox in existence is vulnerable to this. Other browsers are to a certain extent, too, but in different ways. Keep in mind that this only applies when a hostile page that makes use of forms and javascript is hosted on the same domain as a non-hostile page where you'd enter your username and password to log in (and have saved said username and login). And even then, they could only get access to your password for that particular site.
A website which allows users to post anything they'd like unchecked is actually a huge security risk in and of itself. Allowing users to post hostile forms and javascript is just insanely dumb... but that's what some sites like MySpace are doing. That's why there are multiple attacks on MySpace right now... including one that runs JavaScript within Quicktime movies to spread nasty links in MySpace profiles.
In essence, this is thanks to poor security (make that a complete lack of security) at MySpace. Your best off not letting your browser remember your password for sites like that. Mozilla will make a fix, of course. Just like Apple is being forced to... to clean up MySpace's mess for them.
Sometimes, the impossible can become possible, if you're awesome!
Thanks for the thoughtful reply.
I felt the same, but wanted some reassurance.
I guess dumb people have had fire to play with, now they have the internet with myspace.