X
Tap here to go to the mobile version of the site.

منتدى الدعم

Does Firefox overwrite the master password on exiting to prevent a cold boot attack?

Posted

If on the current Firefox instance the master password was typed in does Firefox overwrite the related memory area on exiting? If not it would be maybe possible to do a cold boot attack here.

If on the current Firefox instance the master password was typed in does Firefox overwrite the related memory area on exiting? If not it would be maybe possible to do a cold boot attack here.

Modified by Sworddragon

Additional System Details

Installed Plug-ins

  • Shockwave Flash 11.2 r202

Application

  • User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:25.0) Gecko/20100101 Firefox/25.0

More Information

philipp
  • Top 25 Contributor
  • Moderator
5315 solutions 23470 answers

hello Sworddragon, this is a rather specialised subject - and since most of us helpers here are volunteers and normal users like you, we probably won't know the answer to that. you might be better off posting that question/feature request to the mozilla.dev.tech.crypto forum, where it will reach the right people familiar with such a subject.
thank you!

hello Sworddragon, this is a rather specialised subject - and since most of us helpers here are volunteers and normal users like you, we probably won't know the answer to that. you might be better off posting that question/feature request to the [http://www.mozilla.org/about/forums/#dev-tech-crypto mozilla.dev.tech.crypto] forum, where it will reach the right people familiar with such a subject. <br>thank you!
cor-el
  • Top 10 Contributor
  • Moderator
17537 solutions 158573 answers

Note that a secure connection is used to connect (login) to the software security device, so it wouldn't be easy to misuse this connection and have access to the passwords.

  • Edit > Preferences > Advanced > Encryption: Certificates > Security Devices: Software Security Device
Note that a secure connection is used to connect (login) to the software security device, so it wouldn't be easy to misuse this connection and have access to the passwords. *Edit > Preferences > Advanced > Encryption: Certificates > Security Devices: Software Security Device