Does Firefox overwrite the master password on exiting to prevent a cold boot attack?
If on the current Firefox instance the master password was typed in does Firefox overwrite the related memory area on exiting? If not it would be maybe possible to do a cold boot attack here.
Okulungisiwe ngu Sworddragon
Eminye Imininingwane Yohlelo
- Shockwave Flash 11.2 r202
- I-ejenti Engumsebenzisi: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:25.0) Gecko/20100101 Firefox/25.0
hello Sworddragon, this is a rather specialised subject - and since most of us helpers here are volunteers and normal users like you, we probably won't know the answer to that. you might be better off posting that question/feature request to the mozilla.dev.tech.crypto forum, where it will reach the right people familiar with such a subject.
Note that a secure connection is used to connect (login) to the software security device, so it wouldn't be easy to misuse this connection and have access to the passwords.
- Edit > Preferences > Advanced > Encryption: Certificates > Security Devices: Software Security Device