Engaged for five years? Just how long were you going to "try it"?
Just as well you broke up. Neither one of you is very good at decision making.
Posted on 04/17/2006 5:58:28 AM PDT by antiRepublicrat
Something nobody thought of: Sure, Mozilla deletes various sensitive information at the click of a button, but where you've been browsing is hidden elsewhere in a useful feature. Here's the bug:
-------------------------------------
This privacy flaw has caused my fiancé and I to break-up after having dated for 5 years.
Basically, we share one computer but under separate Windows XP user accounts. We both use Mozilla Firefox -- well, he used to use it more than I do but now we don't really use it. The privacy flaw is this: when he went to log-in under his dating sites (jdate.com, swinglifestyle.com, adultfriendfinder.com, etc.), Mozilla promptly asks whether or not he'd like Firefox to save the passwords for him. He chose never, obviously. However, when he logged off his user account, and I logged onto my Windows XP account X amount of days later, I decided to use Firefox because hey -- it loaded everything much more efficiently, was better to work on with website designs and is a lot more stable than IE7beta2.
Firefox prompted whether or not I'd like it to save my password for logging into my website. I chose never and changed my mind. I went into the Password Manager to change the saved password option from Never to Always and that's when I saw all these other sites that had been selected as "Never Save Password." Of course, those were sites I had never visited or could ever dream of visiting.
Then I realized who, how and what... and sh*t hit the fan. Your browser does not efficiently respect the privacy of different users for one system.
Reproducible: Always
(Excerpt) Read more at bugzilla.mozilla.org ...
Hmmmm .... this is just dumb, ofcourse Firefox ( or any other programs ) must save somewhere it's preferences. This is what this is, it's not a privacy issue.
Somehow, I think there a much deeper reason for the breakup.
As someone posted there, the solution is clear: Never share your computer with your girlfriend. ;^)
Honey, take me back!
She should be thanking Firefox for alerting her to the possibility of being married to a jerk...........
The privacy flaw is this: when he went to log-in under his dating sites (jdate.com, swinglifestyle.com, adultfriendfinder.com, etc.),
lol!
Sure it is. Windows has completely separate folders for each user, capable of holding their settings. These folders can be password protected, although Windows doesn't require this.
Programs have the choice of whether to save settings in the program folder or in the user folder.
If I read this right, there is a privacy issue in that a user logged in under one account is able to view information of a user under another account. That should not happen on a secure system. Whether that's a problem with how XP handles accounts or an issue with Firefox is not clear from this amount of info though.
Hey it could have been worse, your fiance' could have been visiting sites like "hotguys.com", "hotgayandproud.com", etc. and then you would have even more to worry about, depending upon the intimacy of your previous relationship. ;)
Thanks to Firefox this couple won't be visiting Dear Abby, a Psychologist/Psychiatrist, or divorce (defense?) attorneys. I think I'll stick with Firefox.
Engaged for five years? Just how long were you going to "try it"?
Just as well you broke up. Neither one of you is very good at decision making.
You can simply delete them.
It's documented, it just has implications nobody thought of.
Going into geek mode for a moment. The software settings unique to a specific user is typically stored in their profile (Legacy 16 bit apps, or poorly written ones excluded ). A users profile in XP is stored by default in the C:\Documents and Settings\XXXX\ntuser.dat file (where XXXX= the persons userid). By default this folder and file have their security permissions set to allow only that user to be able to access it. In practice of course, everyone tends to be made an administrator of their home PC and could reset the permissions on anything they want to. Although not impossible, it is highly improbable and very unlikely that Firefox was written to scan other ntuser.dat files during its' startup in order to pull it's settings for the current user. Instead, they are either caching the information in the actual program folder Firefox was installed in or what is more likely are storing it in the registry under the HKEY Local Machine.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.