MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
MyBB Internal: One or more warnings occurred. Please contact your administrator for assistance.
Google Firefox Data Hole - Printable Version
ConCen
Google Firefox Data Hole - Printable Version

+- ConCen (https://concen.org/oldforum)
+-- Forum: Main (https://concen.org/oldforum/forum-4.html)
+--- Forum: Nerds & Geeks (https://concen.org/oldforum/forum-27.html)
+--- Thread: Google Firefox Data Hole (/thread-23613.html)



Google Firefox Data Hole - freeon - 01-25-2007

As I was beta-testing firefox trunk builds a number of months ago I realized that they started sending out encrypted packets to google. It became clear that the $200 million dollar deal between Mozilla and Google, the terms of which were not publically disclosed, was the beginning of the end for Firefox... now it turns out this google "safe browsing" feature, which was integrated into the firefox browser, has been exposing user information for months.



Google Firefox data hole

p2pnet.net News:- Data for Google's Firefox Safe Browsing extension were, for a period of time, wide open on Google's servers, says a security company.

The story was initially picked up by TechCrunch's Michael Arrington and independently confirmed by Finjan, says ConsumerAffairs.

“Finjan became aware of the problem after examining a publicly available list of URLs provided from Google's servers” says Finjan cto Yuval Ben-Itzhak.

"After examining the data provided in these files, Finjan found that sensitive user information was available on the web with no access protection, including emails, usernames, passwords and session tokens that could be used by hackers to compromise users’ privacy."

The data could have been used to compromise user privacy, "and could even have been used for identity theft or financial profit (as users generally have a single “web” password for most of their online accounts)," says Finjan.

"We have removed this information from URLs in the blacklist and created a process whereby this information is automatically stripped from future URLs submitted by users," ConsumerAffairs has Google saying..

Google's Safe Browsing system was incorporated both into the new Google Toolbar for Firefox, and the newest version of Firefox itself, says the story, adding:

"When Firefox 2.0 was released in October, observers noted the potential privacy risk of sending information about visited sites to Google.

"Some critics said the incident was reminiscent of the massive AOL data breach, where researchers published the private search data of 600,000 subscribers, albeit on a much smaller and less damaging scale."

The current Google antiphishing list, cleaned up, was still online this morning.


Google Firefox Data Hole - Echo - 01-25-2007

So is this no longer a problem?


Google Firefox Data Hole - Echo - 01-25-2007

Alright cheers, Google can fuck off.