I was recently piddling around the Firefox 3.0+ preferences, when I came across something that practically made my hair stand on end:
1) Open Preferences
2) Click the Security tab
3) Click Saved Passwords...
4) Click Show Passwords
5) When it asks you if you're sure you want to do this, say Yes
Surprise! All the passwords you've ever asked Firefox to remember are displayed in plain text. Basically this means anyone who ever accesses your computer can see the passwords you typically use to log in. This is a ginormous security hole that is completely unnecessary and rarely useful.
Worse, it's a total violation of trust. When I see passwords being displayed as *** as I type, I take this to indicate that the underlying password will be kept hidden and that the authenticating password will be transmitted with encryption, so no one ever knows my password. If that's not the intention, why bother even hiding what I type on the screen? It creates a false sense of security.
One thing I find particularly scary is that this security hole is by design; it seems to have been conceived as an intentional 'feature', not a programming error. I thought there were enough security holes in software without these sorts of intentionally open backdoors.
Maybe you're lucky and you haven't been entrusting firefox with you bank password. But you're probably entrusting it with your email, social networking, and many other passwords. Maybe your bank password is a variation on your email password so as to make it easier to remember. If that's the case, then you're less important passwords could be used to hack your more important ones: They all fall like dominoes.
Even if they don't get your bank password, exposing someone's email password to anyone who sits down at their computer is a pretty egregious violation of privacy. For instance, it might enable your significant other to spy on your emails communications, or an acquaintance to impersonate you. It's one thing to leave your email open accidentally and have someone see your messages. It another thing entirely if that other person can log in at any later time. I wonder how many geeky boyfriends are using this feature to spy on their girlfriends (sorry for the chauvinism, I guess it could go the other way too).
I've read that chrome has the same vulnerability. Shame on google! I will never look at these browsers in the same way again. Time to turn to ie, safari, or opera?
Update: It doesn't even seem to be possible to turn this tool off. There's a master password, but that only asks for a password at firefox startup, not when you try to show the passwords. The only secure solution is to not have firefox remember your passwords at all.
No comments:
Post a Comment