Showing questions tagged: Show all questions

Passwords that aren't mine

Hi I was just scrolling through passwords on my Firefox password manager and found 2 passwords that didn't belong to me I deleted them but am now concerned as to how the… (read more)

Hi

I was just scrolling through passwords on my Firefox password manager and found 2 passwords that didn't belong to me I deleted them but am now concerned as to how they got there. One was for 'piano vx' (https://auth.piano.io/u/login identifierstate=hKFo2SAwOXdxTTVPWVcxU0tOc25oUWVWWTNnMTBHRFRiY2NCRaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIF9YUG5IRDNmaTFLRnJSd0hlTHpTNE9jWmJ3YzZucEE0o2NpZNkgTmJJZVZxMkJ6ZkpzSjlQR1RxZTdqTmRxeVRvaGUyWjQ) I have scrolled down through my Firefox history and the only 'Piano vx' entries are from today when I was checking what the password was for. I have never visited that site before so could not have saved a password.

I cannot remember the other spurious one I deleted (as have had a general tidy up whilst I was there) but it gave my user name as 'scottish' which is something I would not use as I am not!

Can anyone shed any light on how these passwords which have not been generated by me are showing in my Firefox password manager please? I have run Microsoft Defender and Eset but neither showing any issues.

I have changed my Firefox password.

Many thanks Gill

Asked by gilliandmayes 7 hours ago

Protecting passwords during hardware upgrade

I use FF on a 2012 PC running Windows10. I was going to replace the computer, but a tech shop nearby has recommended (without seeing my computer) updating the hardware w… (read more)

I use FF on a 2012 PC running Windows10. I was going to replace the computer, but a tech shop nearby has recommended (without seeing my computer) updating the hardware within. I have a lot of passwords stored in FF, and I should like some advice regarding protecting privacy by saving them and reusing them on the refurbished computer. Any other comments about refurbishing as opposed to replacing would be welcome.

Asked by Bill_Patterson 8 hours ago

Last reply by markwarner22 6 hours ago

Cannot clear history

Cannot clear browsing history. Delete page does not work. Clear recent history does not work. I tried uninstalling and reinstalling but I think it automatically importe… (read more)

Cannot clear browsing history. Delete page does not work. Clear recent history does not work.

I tried uninstalling and reinstalling but I think it automatically imported everything which was not desirable in this case.

Do not have account or sync so it is not pulling from either of those places

Asked by tr4vis414 1 day ago

Last reply by Alice Morgan 14 hours ago

New Chatbot AI recording copy and keylogs: can't uncheck it.

AI chatbot: Does the text I write and highlight in Firefox automatically get recorded even if the AI it is turned off? I noticed that even if the AI is turned off, the c… (read more)

AI chatbot: Does the text I write and highlight in Firefox automatically get recorded even if the AI it is turned off?

I noticed that even if the AI is turned off, the check box for  "Show prompts on text select

Displays a shortcut to prompts when you select text. Firefox sends the text, page title, and prompt to the chatbot." is always checked and greyed out.

What gives Firefox folks of knowledge?

Asked by 4portswitch 1 day ago

Last reply by TyDraniu 21 hours ago

  • Solved

Firefox Privacy Enhanced Mode inadvertently blocking OneTrust privacy software domains

We use a privacy technology vendor named OneTrust to power much of our privacy infrastructure. This morning, two websites reported Firefox users are encountering site fu… (read more)

We use a privacy technology vendor named OneTrust to power much of our privacy infrastructure.

This morning, two websites reported Firefox users are encountering site functionality problems when trying to exercise their privacy rights, such as opting out of sharing data and targeted advertising. My team investigated and was able to reproduce the reported bug.

We discovered the cause of the bug is that Firefox's Privacy Enhanced Mode is by default blocking two domains from our privacy vendor OneTrust which are critical to the functioning of our CMP (Consent Management Platform): - cookielaw.org - onetrust.com

These two domains are used solely for the essential services needed to run our privacy software. They're not used for marketing, sales, or advertising. Blocking them not only causes site functionality issues it keeps our users from being able to exercise their privacy rights.

I've attached two screenshots here showing the network calls and domains.

Can Mozilla please quickly review this bug and remove these two domains from the blocklist powering Privacy Enhanced Mode?

Asked by brandons 1 day ago

Answered by TyDraniu 1 day ago

Zero Day

Does MacOS requires the version 131.0.2 Firefox update to address the recent zero-day active exploit? The reason I ask is Tanium Deploy Software Gallery only includes … (read more)

Does MacOS requires the version 131.0.2 Firefox update to address the recent zero-day active exploit?

The reason I ask is Tanium Deploy Software Gallery only includes updates to Windows Firefox versions to address this zero-day.

Description: Mozilla 0-day. CVE-2024-9680 is a use after free vulnerability in the Animation timelines component of Mozilla. Animation timelines are a part of Firefox’s Web Animations API, which controls and synchronizes animations on the web pages. An attacker may exploit the vulnerability to achieve code execution in the content process. Use-after-free vulnerability occurs when the memory that has been freed is still used by the program. The vulnerability may allow attackers to add their malicious data to the memory region for code execution. *Affected Versions* * Firefox versions before 131.0.2 * Firefox ESR versions before 128.3.1 * Firefox ESR versions before 115.16.1. *Mitigation* Customers can upgrade to the following versions to mitigate the vulnerability: * Firefox 131.0.2 * Firefox ESR 128.3.1 * Firefox ESR 115.16.1 For more information, please refer to the [Mozilla security advisory|https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/].

Asked by Robert Bogan 1 day ago

Have to keep denying cookies every few hours

Hey all firefox doesnt save the preferences for long and every site I go back to I have to keep denying cookies etc. This started recently but my settings are as before w… (read more)

Hey all firefox doesnt save the preferences for long and every site I go back to I have to keep denying cookies etc. This started recently but my settings are as before whats up with this? I think its the total cookie protection but i cannot turn it off I'm fed up of denying over and over again. cheers

Asked by Elvas K 1 day ago

Autofill credit cards isn't filling?

For a credit card field, my card options show up. When I choose one it fills, but when I hit enter or tab, the filled info disappears. It appears to be this (2nd) proble… (read more)

For a credit card field, my card options show up. When I choose one it fills, but when I hit enter or tab, the filled info disappears.

It appears to be this (2nd) problem and known fixed bug. But it was fixed in v118, and I'm using v125.03 and it's still happening. https://support.mozilla.org/questions/1416148 https://bugzilla.mozilla.org/show_bug.cgi?id=1817926

(I whited out the card numbers.)

Asked by curls3 3 weeks ago

  • Solved

manage cookie exceptions

I want to create a list of allowed web sites in settings/cookies&data/manage exceptions, but it seems I have to enter each site MANUALLY. I would like to do this mor… (read more)

I want to create a list of allowed web sites in settings/cookies&data/manage exceptions, but it seems I have to enter each site MANUALLY. I would like to do this more quickly and easily by just selecting sites in the "manage cookies" list and designating them as exceptions. Or is there already some other way to do this that I haven't found? Also, after I have made exceptions for all my important sites, by whatever means, can I assume that I can press "delete all" in the "manage cookies" list and the allowed sites will not have cookies removed? What happens to exceptions if I select "delete cookies and site data when Firefox is closed?" If there is no way to make exceptions other than manually, I respectively request that some convenient method be added to the program. Thanks for any response.

Asked by deedj 3 days ago

Answered by cor-el 3 days ago

Hiding IP Address

When i search something on Google it shows the results based on my IP address. Towards the bottom of the search results at the bottom of the webpage the location of the I… (read more)

When i search something on Google it shows the results based on my IP address. Towards the bottom of the search results at the bottom of the webpage the location of the IP address mentions the city I live in.

I frequently share my screen and don't want to share that information with others. How can I remove that information from appearing when I search for something on Google?

Asked by Thomas Maalouf 2 days ago

Turning off autofill of user IDs and passwords

I followed your instructions but they did not work. Specifically, I clicked on "Exceptions" after "Ask to save passwords," next to which I had clicked the box. Under ex… (read more)

I followed your instructions but they did not work. Specifically, I clicked on "Exceptions" after "Ask to save passwords," next to which I had clicked the box. Under exceptions, I put the URL for my bank. I clicked on "Block" and "Save Changes." Nevertheless whenever I go to my bank's log in page, it still autofills my user ID and password. (Yesterday I accidentally clicked the box when signing in to my bank's web page "Save User ID." Even though it only referred to my User ID, it now autofills both that and my password.

Also, even though there is a (non-working) Exceptions page for Saved Passwords, there is no such page for Saved User IDs.

Btw, when I used another browser to sign in to my bank's website, it did not autofill, so it's not the bank's software that is autofilling.

Thanks, Joe

Asked by joescanlon14 2 days ago

Last reply by cor-el 2 days ago

Error code: MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE

I cannot open the Mozilla download page. It seems not to download anything, as I m taken to the error page (see image). I read a support thread on the issue but I could … (read more)

I cannot open the Mozilla download page. It seems not to download anything, as I m taken to the error page (see image).

I read a support thread on the issue but I could not understand, it seems like an issue that requires previous knowledge, and I think it should be easy for old, loyal users of Mozilla to have a simple solutions for access to Mozilla site, with... Mozilla browser!

It started to happen yesterday, so far I never had such difficulty.

Thanks,

NFB

Asked by NFB 2020 2 days ago

Last reply by cor-el 2 days ago

adding an extension

Kaspersky has been changed to UltraAV so I need to add or change this extension in my settings. Also will Kaspersky need to be deleted? thx . THe reason for this is becau… (read more)

Kaspersky has been changed to UltraAV so I need to add or change this extension in my settings. Also will Kaspersky need to be deleted? thx . THe reason for this is because Firefox will not restart after an updated has been downloaded.

Asked by Kathy Seymour 2 days ago

Macafee antivrius virus.

Upon launching Firefox I noticed a notification from Macafee antivirus, I don't really care how to spell their "company" name. But when clicking on the popup it brought m… (read more)

Upon launching Firefox I noticed a notification from Macafee antivirus, I don't really care how to spell their "company" name. But when clicking on the popup it brought me to a firefox addon for macafee. I assume that this is a virus created by the aforementioned company and not a partnership between the two of you. Just wanted to create awareness of this virus as its targeting your browser.

Asked by Timothy Wheeler 2 days ago

PG&E, a Norther CA utility, has redone their user site, but will not allow FireFox to be used as a browser. I thought you should be made aware of this.

I want you to be aware a Northern Calif. Utility, PGE, has rebuilt their website so FireFox cannot be used. I do not know if this is legal. I can no longer pay my bill … (read more)

I want you to be aware a Northern Calif. Utility, PGE, has rebuilt their website so FireFox cannot be used. I do not know if this is legal. I can no longer pay my bill using their website, and by phone, I am charged a fee. I don't know if this is legal, but you should not want this happening to the only safe browser.

Asked by cmasson2 4 days ago

Last reply by Agent virtuel 3 days ago

Protections against Tracking via HTTP/3 QUIC - Privacy

Hello Mozilla Community, I hope I am right with you guys to ask this question though it is a rather technical question. Please let me clarify that I am not a programmer … (read more)

Hello Mozilla Community,

I hope I am right with you guys to ask this question though it is a rather technical question. Please let me clarify that I am not a programmer myself or a network engineer but rather a hobbyist who is especially interested in privacy.

As I was reading about HTTP/3 and QUIC, I came across an academic paper called ""A QUIC Look at Web Tracking".

According to this paper QUIC gives web servers and third parties a good way to track users via the "source-address token" and the "server config" which are both stored on the client('s browser/machine). Now I know that this paper is from 2019 and concerns an older version of QUIC. However, in RFC 9000 "source address tokens" aka "address validation tokens" still exist and are especially used to establish future connections with 0-RTT instead of 1-RTT (see section 8.1 of RFC 9000). Though "server config" is not mentioned in RFC 9000, "transport parameters" is mentioned in section 7.4 and 18 of RFC 9000, which are also used for 0-RTT and are also stored on the client.

Neither RFC 9000 nor RFC 9114, which concerns HTTP3, address these privacy risks in more detail. Both seem to take only MITM attackers into account (see 9.5 in RFC 9000 and 10.11 in RC 9114) [as is done in a newer paper from 2022 Evaluating QUIC for Privacy Improvements Over Its Predecessors which however at least addresses the possibility of third party tracking under 5.1 3)].

I would also like to point towards RFC 9250 of May 2022, which concerns DNS over QUIC ("DoQ"). In Section 7 of RFC 9250 many privacy concerns regarding "0-RTT", "Session Resumption (Token)", "Address Validation Token" and "Long Duration Sessions due to QUIC's connection migration feature" are elaborated in more detail.

To sum up my understanding: - Using HTTP/3 or QUIC's "connection ID" for tracking should not be that viable, even if its function is to migrate connections in case of Layer-3/4 (IP address or Port) changes, because a connections life time is at least in firefox limited to 30 seconds (see Github neqo) so that a user should not be trackable for a longer period via the "connection ID". - However, longer tracking may be possible via "Session Resumption Tokens" and "Address Validation Tokens" (see Section 7.2 and 7.3 of RFC 9250; though I myself don't know the difference between these two) as well as via "transport parameters" (see "A QUIC Look at Web Tracking").

As mentioned in "A QUIC Look at Web Tracking", though a restart of the Browser seems to clear the cached state of prior QUIC connections (to my understanding the stored "tokens" and "transport parameters"), tracking via the above mentioned features of QUIC seems not unreasonable as many users today will not restart their browser, especially on mobile devices but also on desktops (3.7 and 5.1.2 of the paper).

As I was not able to find further information on this topic, I would be very happy to get some assurance that firefox is effectively preventing or at least impeding the tracking possibilities mentioned in RFC 9250 and the paper "A QUIC Look at Web Tracking".

Thank you very much for any reply or pointing me into the right direction (other sources on this topic or a more appropriate page to ask this question).

Asked by radi99 2 days ago