X
Bakstelėkite čia, kad pereitumėte į mobiliąją šios svetainės versiją.

Pagalbos forumas

Does Firefox overwrite the master password on exiting to prevent a cold boot attack?

Paskelbta

If on the current Firefox instance the master password was typed in does Firefox overwrite the related memory area on exiting? If not it would be maybe possible to do a cold boot attack here.

If on the current Firefox instance the master password was typed in does Firefox overwrite the related memory area on exiting? If not it would be maybe possible to do a cold boot attack here.

Modified by Sworddragon

Papildomi duomenys apie sistemą

Įdiegti papildiniai

  • Shockwave Flash 11.2 r202

Application

  • User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:25.0) Gecko/20100101 Firefox/25.0

More Information

philipp
  • Top 25 Contributor
  • Moderator
Sprendimų: 5346 Atsakymų: 23603

hello Sworddragon, this is a rather specialised subject - and since most of us helpers here are volunteers and normal users like you, we probably won't know the answer to that. you might be better off posting that question/feature request to the mozilla.dev.tech.crypto forum, where it will reach the right people familiar with such a subject.
thank you!

hello Sworddragon, this is a rather specialised subject - and since most of us helpers here are volunteers and normal users like you, we probably won't know the answer to that. you might be better off posting that question/feature request to the [http://www.mozilla.org/about/forums/#dev-tech-crypto mozilla.dev.tech.crypto] forum, where it will reach the right people familiar with such a subject. <br>thank you!
cor-el
  • Top 10 Contributor
  • Moderator
Sprendimų: 17774 Atsakymų: 160751

Note that a secure connection is used to connect (login) to the software security device, so it wouldn't be easy to misuse this connection and have access to the passwords.

  • Edit > Preferences > Advanced > Encryption: Certificates > Security Devices: Software Security Device
Note that a secure connection is used to connect (login) to the software security device, so it wouldn't be easy to misuse this connection and have access to the passwords. *Edit > Preferences > Advanced > Encryption: Certificates > Security Devices: Software Security Device