The Firefox password manager vulnerability
Posted Dec 3, 2006 4:34 UTC (Sun) by bluefoxicy
Parent article: The Firefox password manager vulnerability
I've been meaning to implement this hack for months; gather a hundred or so passwords; devise a fix; and ship the whole shebang to MySpace and (sans-passwords) BugTraq. Never got around to it though...
Good show. I'm glad to see the first real-world occurrence was benign; it'd be just awful if someone had gathered user ID/password pairs and used the unattributed but often correct assumption that they're going to be the same for Amazon/Ebay/etc.
to post comments)