Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Google Firefox Data Hole
01-25-2007, 10:27 AM,
#1
Google Firefox Data Hole
As I was beta-testing firefox trunk builds a number of months ago I realized that they started sending out encrypted packets to google. It became clear that the $200 million dollar deal between Mozilla and Google, the terms of which were not publically disclosed, was the beginning of the end for Firefox... now it turns out this google "safe browsing" feature, which was integrated into the firefox browser, has been exposing user information for months.



Google Firefox data hole

p2pnet.net News:- Data for Google's Firefox Safe Browsing extension were, for a period of time, wide open on Google's servers, says a security company.

The story was initially picked up by TechCrunch's Michael Arrington and independently confirmed by Finjan, says ConsumerAffairs.

“Finjan became aware of the problem after examining a publicly available list of URLs provided from Google's servers” says Finjan cto Yuval Ben-Itzhak.

"After examining the data provided in these files, Finjan found that sensitive user information was available on the web with no access protection, including emails, usernames, passwords and session tokens that could be used by hackers to compromise users’ privacy."

The data could have been used to compromise user privacy, "and could even have been used for identity theft or financial profit (as users generally have a single “web” password for most of their online accounts)," says Finjan.

"We have removed this information from URLs in the blacklist and created a process whereby this information is automatically stripped from future URLs submitted by users," ConsumerAffairs has Google saying..

Google's Safe Browsing system was incorporated both into the new Google Toolbar for Firefox, and the newest version of Firefox itself, says the story, adding:

"When Firefox 2.0 was released in October, observers noted the potential privacy risk of sending information about visited sites to Google.

"Some critics said the incident was reminiscent of the massive AOL data breach, where researchers published the private search data of 600,000 subscribers, albeit on a much smaller and less damaging scale."

The current Google antiphishing list, cleaned up, was still online this morning.
&Having raised the earth's temperature 1 degree Fahrenheit in the last three decades, we're facing another increase of 4 degrees over the next century. That would imply changes that constitute practically a different planet. It's not something we can adapt to. We can't let it go on another 10 years like this.& - NASA's Goddard Space Institute Director James Hansen

ConspiracyCentral Tracker Style Mod
Reply
01-25-2007, 12:39 PM,
#2
Google Firefox Data Hole
So is this no longer a problem?
Reply
01-25-2007, 10:31 PM,
#3
Google Firefox Data Hole
Alright cheers, Google can fuck off.
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
Thumbs Down Firefox 29 Trying to Look Like Chrome and Sucks! bristopen 11 700 06-06-2014, 09:02 PM
Last Post: Easy Skanking
  Firefox: Disabling Mixed Content Warnings (v18+), download 17ESR thokling 0 405 01-13-2014, 12:52 PM
Last Post: thokling
  Free Google internet access Orwell63 4 645 12-17-2013, 12:17 AM
Last Post: Watchdog
  Google Chrome 'Fails to Protect Sensitive Personal Data' temp9 5 681 10-14-2013, 06:48 PM
Last Post: temp9
Rainbow Google's DCMA Censored Result Notice CharliePrime 0 300 09-21-2013, 03:26 PM
Last Post: CharliePrime
  Linux Mint: Shipped with "Prism" Firefox profile Doomsticks 6 1,067 07-26-2013, 04:41 AM
Last Post: Doomsticks
  Pale Moon: The Firefox Alternative thokling 9 1,659 04-06-2013, 07:11 PM
Last Post: thokling
  Google blocks MP3 rippers from UTube: YouTube-mp3.com calls for help from pirates... h3rm35 11 2,022 07-01-2012, 01:58 AM
Last Post: h3rm35
  Firefox 'new tab' feature exposes users' secured info: Fix promised h3rm35 0 439 06-23-2012, 01:33 AM
Last Post: h3rm35
  Trojan nicks blueprints as Win Update data, backdoors gov-targeted kit w/Adobe 0-days h3rm35 2 597 02-03-2012, 01:47 AM
Last Post: h3rm35

Forum Jump:


Users browsing this thread: 1 Guest(s)