An unofficial blog that watches Google's attempts to move your operating system online since 2005. Not affiliated with Google.

Send your tips to

March 23, 2006

Firefox Bug Causes Break-up

"This privacy flaw has caused my fiancé and I to break-up after having dated for 5 years."
Bugzilla Bug 330884:

Summary: When different users on one system choose to save or not save passwords for sites, any other user can see sites they not only saved passwords for but can also see what other users have been saving/never saving passwords for.

Reproducible: Always

Steps to Reproduce:

1. Create 2 unique user accounts (for steps sake, let's call the two accounts Joe and Mary) in Windows XP Home.

2. Logout and sign-in under Joe.

3. Open Firefox and go to an e-mail site or to or wherever.

4. Attempt to log-in to the site so that Firefox will ask whether or not you want your password saved.

5. Choose not to save the password.

6. After successfully logging in and having selected the "never save password" option, logout.

7. Log-in as Mary and open Firefox.

8. Browse, browse, browse ... but you don't really have to. Just go to "View Saved Passwords," click on the tab that will show you sites to never save passwords for, and you'll see whatever painful site Joe denied to save a password for.

9. Break-up with fiancé.

More at Bugzilla [ via Digg ].

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.