Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Firefox Extension Allows Anyone to Steal Logins over Insecure Networks

15 Nov 2010   #21

Windows 7 Ultimate x86 SP1

Why everyone is stuck with the idea that it only affects public wifi?

It can affect anything from public wifi, your home network and even to your VPN.

Of course maybe "Firesheep" cant do it, but it is really really easy to create sniffer which can do it. Hell As far as I know it has been created about 5-10 years ago?

Quote   Quote: Originally Posted by swarfega View Post
So is there an extension you can install to counter this? Can other extension based browsers suffer from this as well?

Firefox is getting more and more insurecure.
How is it getting insecure?
It is nothing to do with firefox. It is even nothing to do with OS.
It is all about Internet and how we "almost always" send plain http....

Quote   Quote: Originally Posted by jimbo45 View Post
Quote   Quote: Originally Posted by slam View Post
Yup, I heard about this, but there's also a counter firefox entension that prevents this. It's generally not a good idea to go on sites that require login through public unsecure networks anyway.

How then do you login to an Online Bank via the Internet.

Most Banks have decent security but to reach their sites you still have to use the public internet -- so I'm confused as to what you actually mean here about logging in via public unsecure networks -- after all isn't the Internet just one gigantic public Network.

Yes, that the thing I was talking about.
It is nothing to do with open wifi.

I maybe the guy who works on your ISP.
And I may know that there is a some bank which does not use encryption to his login or session cookie. (I can't imagine if there is... )
I will just set up my sniffer to look for packets from and to that bank's site.
See, you can use super encrypted network at your home, but if site doesn't use encryption it is useless.

For years it has been said that sending sensitive or private information in plain http is insane.
It is not a news...

5-10 years and all Internet will move to encryption... (this is along with user education is THE solution to most of our privacy problems)

My System SpecsSystem Spec
20 Nov 2010   #22

Win 7 Ultimate 32bit

Actually,, I have a feeling (And you read it here first, dated and time stamped for future reference)

Some countries are not allowed to use above certain levels of Encryption for what I can guess they would say is National Security?

it's coming here soon too. If your local spook can't read your encrypted info, then it will be illegal.
My System SpecsSystem Spec

 Firefox Extension Allows Anyone to Steal Logins over Insecure Networks

Thread Tools

Similar help and support threads
Thread Forum
I can't get .url extension to associate with Firefox
Brink, Need a little help with Firefox which is my default browser, I can't get the .url extension to associate with it. HTM & HTML I was able to change but for .url Firefox is not a choice. When I browse to the ff.exe to change program, it won't add so I can't complete the change. All my...
Browsers & Mail
Malware aimed at social networks may steal your reality
Malware aimed at social networks may steal your reality - Computerworld Blogs Does this bother anyone else?
Chillout Room
Looking for a Firefox extension .......
....... that opens a balloon when a word or words are highlighted. The balloon contains icons for Google, Bing and 2 or 3 other search engines. Had this installed but lost it and can't find it when searching for Add-ons. Anyone recognise it and know its name? Found another one that copies...
Browsers & Mail
Mozilla/Foxfire - Insecure Java Plugin in Firefox
Mozilla is disabling older versions of the Java Deployment Toolkit plugin for Firefox users, in a bid to block attacks against a newly-discovered Java security hole that attackers have been exploiting of late to install malicious code. Please read the rest of the story Mozilla Disables Insecure...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:13.
Twitter Facebook Google+