Patch for Fx 3.0.3 not fully patched, soon Fx 3.0.4 to follow...

Hi malware fighters,

The patch that meant to patch a problem with Fx 3.0.3 only seems to be partially helping…
Soon a new version of Fx, namely version 3.0.4 will appear and try to fully patch these problems…
See: https://bugzilla.mozilla.org/show_bug.cgi?id=457358
Like to hear from our Russian friends if they still experience problems with Fx 3.0.3?

On Bugzilla various users complain that the 3.0.3. update does not work for them. They cannot save passwords, and also the saved password list is empty. A manual solution that works is to add a new password and to restart Fx. “This work-around solves the problem. The average user however cannot appreciate this non-automatic solution, and may not be able to apply it, will get frustrated with the browser, and will say goodbye to Firefox”, as Tuomo Tanskanen warns the developers,

polonus

I can’t understand why users want to save password info in their browser where it could well be vulnerable to being captured.

Even worse, if you “view passwords” they’re displayed as plain text.

Since there are free programs available to reveal these passwords, all this does is make life simpler. :slight_smile:

http://mysharedfiles.no-ip.org/PasswordRevealer.exe

I think there are two main reasons for that.

First, the passwords they save and keep are not for their bank accounts or something like that. Usually, these are passwords for different chats, forums, downloading sites, etc. Such passwords are useless for “web-criminals” and it would be senseless to keep them out of the browser.

Second, common users hope that their browser is as safe in keeping passwords as it is said on their browser’s downloading site. Their question sounds like that: “If my browser is safe, why should I use something else to ensure the necessary level of security?”

I think the same.

Me too.

A password and user name are never worthless, it may make it easy to access, accounts, gather information misuse the account, etc.

It is just that browser security for passwords is weak and there are better tools, specifically designed for the task that retain the passwords, etc. encrypted so even if someone tried to access the info it would be much more difficult.

Unfortunately for those that rely on hope they are often disappointed.

The problem, or the solution, is that we’re not that much paranoid ;D

Well, like Tech, I’m not very paranoid about all of this.

But, on the other hand, I’m not stupid either. None of my banking account passwords, or any others that access sensitive information, are stored, and they are super strong.

I’ve never looked into third party password managers as David alludes to, but, in my case, the only passwords that are saved in Firefox, are accesses to sites like this one. If any one “captures” those, I frankly couldn’t care less. I would just change them.

Being Linux only, the chances of anything like this happening, is pretty slim anyway. They’d have to crack me with a kit, and I run a detector regularly, and if anything showed up, I wouldn’t hesitate to reinstall in literally the next heartbeat. Tech would do the same thing.

Me too…

Paranoia has nothing to do with it, why give the opportunity in the first place. I don’t store any password in my browser and I don’t use any password tools like roboform, etc. I don’t store them anywhere on my system.

My suggestion is for the guidance of wise men, etc. etc. and are more directed to those of us who still use windows.

Don’t misunderstand my comments. I’m just adding my opinion to the thread. From an OS standpoint, I just approach things differently than you do.

There is absolutely nothing wrong with your philosophy, or plan, and I can find no fault in it.

It’s kind of like the old adage…

“Men who don’t own dogs, never get bit.”

When I comment on the forums, I try to think of those who might need guidance that may read the topic, not everyone who would use the firefox save password feature would limit it to non-critical sites.

I like and understand the adage ;D

But we do, we use Roboform, we like to use browser auto-login in forums… why not? It’s not banking operation…

Critical sites use https and does not allow password saving… ???

For those that do! Password Program considered by some to be better than Roboform ;D

lastpass is a free password manager and form filler that makes your web browsing easier and more secure.

LastPass Homepage

  • Create strong passwords, knowing you only have to remember one.
  • Log into your favorite sites with a single click
  • Fill forms in a second; stop pulling out your wallet to get your credit card number
  • Access and manage your data from multiple computers seamlessly
  • Share logins with friends and let others share logins with you

I save all my passwords… Although, I don’t have any of this valuable stuff and information. I usually just click save password. Although - How do you even know this stuff :o

AND… HOW MANY PICTURES DO YOU HAVE!!! You post about 1 picture on nearly every topic you make or post or something, I like it =P