Firefox And Opera Are Leaking Sensitive Data

By | February 18, 2013 | 8 Comments


Firefox And Opera Are Leaking Sensitive DataNow here is an issue you haven’t heard about: as it turns out, both Firefox and Opera (to a lesser extent) are “leaking” your sensitive data, at least according to some reports.

The issue appears to be related to Speed Dial, which generates thumbnails of your favorite or most frequently visited web pages. As web browser takes a screenshot of the site, it does little to protect user’s privacy, especially when data is served over the SSL connection.

While Firefox now uses gray boxes for SSL sites when generating thumbnails, it still takes and saves that site’s screenshot into a local cache, which can be accessed by various individuals. As seen in the screenshot below, you can still tell that this is Google’s Authenticator QR code, which can be processed by today’s smartphones without any issues.

Firefox And Opera Are Leaking Sensitive Data

While this isn’t exactly an urgent matter (considering that only a small percentage of overall users are affected by this), Mozilla as actively working to solve the issue.

[Thanks, Tibor]


About (Author Profile)


Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism career back in 2007 when he founded FavBrowser.com. Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.

  • Alexander

    Showing site logos instead of thumbnails solves this problem

  • http://twitter.com/Andylee_Sato Andylee_Sato

    This is _not_ an Opera issue! Opera does not take screenshots, it loads little ‘live’ versions of the websites. therefore one cannot be logged in in a speed dial and therefore no sensitive data is displayed

  • NoName

    It sure is, take a look in %USERPROFILE%AppDataLocalOperaOperathumbnails (Window only, I have no idea where it is on Linux/OS X)

    But at least you choose the sites yourself, unlike Firefox!

  • Przemysław Lib

    Favicons could be nice replacement. If only we could get to svg favicons that is…

  • http://my.opera.com/rafaelluik Rafael

    Wut?
    Who puts a link to a QR Code in Speed Dial?

  • http://my.opera.com/rafaelluik Rafael

    Wut?
    Who puts a link to a QR Code in Speed Dial?

  • XP1

    Firefox and Chrome “leak” passwords, “which can be accessed by various individuals”.

    Firefox > Options > Security > Saved Passwords… > Show Passwords > Yes.

    Google Chrome > Customize and control Google Chrome > Settings > Show advanced settings… > Passwords and forms: Manage saved passwords > Select entry > Show.

    • Mehran

      I use lastpass plugins and the first it does is disabling insecure built-in password managers