RSS

Blog posts tagged with 'Firefox'

A Cornucopia of Internet Bookmarks

A couple of months ago, I booted up my laptop and opened up my browser. After updating said browser (Firefox), I was presented with the opportunity to synch my browser. I really liked the concept as I have a mishmash of bookmarks strewn across three different computers and sometimes when at home, I want to access a site I know I have a bookmark for on my work PC or I saved the link to an interesting site on one laptop and would love to pull it up on the other—yes, without getting up, getting the laptop, booting it up, etc… 

My first question was, “Is it safe?” I do work for an IT company after all and network security is a priority. So I asked one of our technicians and he did a bit of research for me and said that as long as I used a master password, it would be fine. I don’t save too many passwords in my browser and certainly none that get me into banking and bill payment sites, but I was still leery. It took me another month to finally decide to go for it.

The resulting mess of duplicate bookmarks and organizing folders took some time to sort through, delete dupes, and combine others, but ultimately having all of my bookmarks available no matter what computer I’m using has been very convenient.

Have you taken advantage of this service? If so, were you glad you did? If not, why not?

Jen FitzGerald
Office Manager
StormsEdge Technology

How Safe Is Your Web Browser?

How safe is your browser keeping you? Not something we think about in our day to day activities on the web. Register to a new website and your browser asks you if you would like to save the login information, out of sheer convenience most of us would say sure, go ahead. Not realizing the potential security risk they may have just put themselves in.

In the computer world there are four major browsers that almost everyone uses, we have Chrome, Internet Explorer, Firefox, and Safari. All of these browsers have the ability to save login details for website, and some can even go as far as saving credit card information, for easier shopping. But anyone that has access to your computer can gain access to all of your data. Using password revealers is nothing new to the industry, but if you feel the need to walk away from your computer and leave it up, anyone is able to come up behind you and reveal all of your stored login information from your browser with ease.

Another method that could be used for attackers is by using some types of malware that would be able to use a script to recover the stored passwords database, which if there is no master password stored in the browser for the rest of the password, it will most likely be stored in plain text. These database files resides on the PC in the browsers files structure. If the browser is unpatched or out of date this type of an attack would be common.

One other method that could be used is by an attacker using, what is called an XSS hole. XSS is short for cross-site scripting, and this can be used by an attacker by luring the user to go to a malicious website via email, or by phone, and clicking on a link that sends the XSS code to the browser to retrieve the stored passwords, stored cookies, user data, history, and others.

So as you can see there are multiple ways that attackers are able to retrieve your saved passwords from your browser without you ever really knowing. My recommendation would be to first, do not use the autocomplete or auto-save features in your browser and disable them. If you must use them make sure that the computer, and browser are always updated, and if the browser supports it, set a master password on your saved passwords list.

Tracy Hazelton
System Technologist
StormsEdge Technology

Newsletter