Satire? You decide: Bugzilla Bug 330884

["Fergie" <fergdawg () netzero net>]

Props to John Murrell over on GMSV. Enjoy. ;-)

[snip]

Bugzilla Bug 330884: 

Summary: When different users on one system choose to save or not save passwords for sites, any other user can see 
sites they not only saved passwords for but can also see what other users have been saving/never saving passwords for.

Reproducible: Always

Steps to Reproduce:
1. Create 2 unique user accounts (for steps sake, let's call the two accounts Joe and Mary) in Windows XP Home.

2. Logout and sign-in under Joe.

3. Open Firefox and go to an e-mail site or to jdate.com or wherever.

4. Attempt to log-in to the site so that Firefox will ask whether or not you want your password saved.

5. Choose not to save the password.

6. After successfully logging in and having selected the "never save password" option, logout.

7. Log-in as Mary and open Firefox.

8. Browse, browse, browse ... but you don't really have to. Just go to "View Saved Passwords," click on the tab that 
will show you sites to never save passwords for, and you'll see whatever painful site Joe denied to save a password for.

9. Break-up with fiancé."


--A Firefox user who now has the free time to follow up on browser privacy issues

[snip]

http://blogs.siliconvalley.com/gmsv/2006/03/quoted_17.html

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.