Holes Remain Open in Firefox Password Manager 191
juct writes "Although the Mozilla developers have fixed a known hole in the password manager of Firefox & Co, a door remains open for exploitation. According to an article on the heise site, hackers can still use JavaScript to steal passwords from users of the Mozilla, Firefox, and Safari browsers. However, the real problem might not be Firefox' password manager. If users can set up their own pages containing script code on a server, the JavaScript security model breaks. Heise Security demonstrates the possible password theft in a demo. 'From the users' perspective, this means that they should not entrust their passwords to the password manager on web sites that allow other users to create their own pages containing scripts. Otherwise somebody can easily create a page that steals the password as soon as the page is opened ... Users could also disable JavaScript or use add-ons such as NoScript to set up rules to provide additional protection. In the age of Web 2.0 this would, however, mean that many pages would cease to function. On the other hand it is doubtful that by not using a password manager security levels would be raised, since the resultant need to remember passwords often induces users to choose simplistic passwords and use them on multiple sites.'"
Thank goodness... (Score:1, Funny)
Re:Thank goodness... (Score:4, Funny)
Firefox no longer safe? (Score:4, Funny)
Re:Firefox no longer safe? (Score:4, Funny)
Re:There is a patch for this (Score:2, Funny)
You could have gone for insightful instead of trolling by writing something along the lines of "Generally, Opera has a much better safety record (the one we know of, anyway), and I prefer the UI."
I really like Opera, I even have it on my 3 phones and my PDA. Plus my 2 laptops, 4 stationaries, and I'm currently reading a book inspired by Opera [wikipedia.org]. (Sorry, bad pun)
Trolling, however, will only get those who see your post to have a negative association to Opera, just like many have a negative association to Gentoo...
Re:It's evolution baby (Score:3, Funny)