Firefox And Opera Are Leaking Sensitive Data

By | February 18, 2013

Firefox And Opera Are Leaking Sensitive DataNow here is an issue you haven’t heard about: as it turns out, both Firefox and Opera (to a lesser extent) are “leaking” your sensitive data, at least according to some reports.

The issue appears to be related to Speed Dial, which generates thumbnails of your favorite or most frequently visited web pages. As web browser takes a screenshot of the site, it does little to protect user’s privacy, especially when data is served over the SSL connection.

While Firefox now uses gray boxes for SSL sites when generating thumbnails, it still takes and saves that site’s screenshot into a local cache, which can be accessed by various individuals. As seen in the screenshot below, you can still tell that this is Google’s Authenticator QR code, which can be processed by today’s smartphones without any issues.

Firefox And Opera Are Leaking Sensitive Data

While this isn’t exactly an urgent matter (considering that only a small percentage of overall users are affected by this), Mozilla as actively working to solve the issue.

[Thanks, Tibor]

About (Author Profile)

Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism career back in 2007 when he founded Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.

Comments (8)

Trackback URL | Comments RSS Feed

  1. Alexander says:

    Showing site logos instead of thumbnails solves this problem

  2. Andylee_Sato says:

    This is _not_ an Opera issue! Opera does not take screenshots, it loads little ‘live’ versions of the websites. therefore one cannot be logged in in a speed dial and therefore no sensitive data is displayed

  3. NoName says:

    It sure is, take a look in %USERPROFILE%AppDataLocalOperaOperathumbnails (Window only, I have no idea where it is on Linux/OS X)

    But at least you choose the sites yourself, unlike Firefox!

  4. Przemysław Lib says:

    Favicons could be nice replacement. If only we could get to svg favicons that is…

  5. Rafael says:

    Who puts a link to a QR Code in Speed Dial?

  6. Rafael says:

    Who puts a link to a QR Code in Speed Dial?

  7. XP1 says:

    Firefox and Chrome “leak” passwords, “which can be accessed by various individuals”.

    Firefox > Options > Security > Saved Passwords… > Show Passwords > Yes.

    Google Chrome > Customize and control Google Chrome > Settings > Show advanced settings… > Passwords and forms: Manage saved passwords > Select entry > Show.