Torrent Invites! Buy, Trade, Sell Or Find Free Invites, For EVERY Private Tracker! HDBits.org, BTN, PTP, MTV, Empornium, Orpheus, Bibliotik, RED, IPT, TL, PHD etc!



Results 1 to 6 of 6
Like Tree6Likes
  • 5 Post By Yokel
  • 1 Post By Amenda

Thread: How Google Chrome Lets Anybody See Your Passwords

  1. #1
    Admin
    Yokel's Avatar
    Reputation Points
    105622
    Reputation Power
    100
    Join Date
    Jun 2012
    Posts
    5,797
    Time Online
    78 d 9 h 15 m
    Avg. Time Online
    28 m
    Mentioned
    1562 Post(s)
    Quoted
    175 Post(s)
    Liked
    5445 times
    Feedbacks
    233 (100%)

    How Google Chrome Lets Anybody See Your Passwords

    Google’s Chrome browser and operating system may be revealing your secret passwords to everyone from coworkers to absolute strangers.

    One of the most popular features of Chrome is its ability to store passwords. That way they pop up automatically when you go to a function like email or Facebook. Elliot Kember, a software developer, discovered that anybody who clicks on the Chrome settings icon can see all of the passwords on that computer if he or she goes to the show advanced settings and passwords and forms sections.

    The passwords are obscured, but clicking next to them causes them to appear in plain text. The text can be easily copied and emailed or seen by anybody that uses the computer. That means it would be easy for a hacker or malicious stranger that opened a computer with Chrome on it to see all of your passwords.

    What’s really disturbing is that the head of Chrome development at Google, Justin Schuh, told The Guardian that he knows all about the flaw. Worse, Schuh said that there are no plans to correct it. In a piece he wrote on the website ‘Hacker News’, Schuh explained:

    “…we don’t want to provide users with a false sense of security, and encourage risky behavior. We want to be very clear that when you grant someone access to your OS user account, that they can get at everything.”
    One has to wonder why this flaw has not been fixed. It would certainly make a hacker’s job easier, let alone the job of the NSA or spy agency. If the source computer used Chrome, all the hacker would have to do is go to the settings icon to get the user’s email passwords. One security expert told The Guardian:

    “The fact you can view the passwords means they are stored in reversible form which means that the dark coders out there will be writing a Trojan to steal that password store as we speak.”
    It has been revealed that large Internet companies such as Google and Microsoft have worked closely with the National Security Agency. There is even evidence that Skype (now part of Microsoft) helped the NSA get easy access to customer data. Therefore we need to ask, is this flaw actually helping these companies access your data even easier than before?

    The surveillance state might be making it easier than ever for hackers to steal our personal information. The quest for national security appears to be endangering the security of the private individual.

    Check out some examples

    Installation-ID

    A copy of Google Chrome includes a generated installation number which will be sent to Google after the installation and the first usage. It gets deleted when Chrome checks first time for updates.If Chrome is received as part of a promotional campaign, it may generate a unique promotion number which is sent to Google on the first run and first use of Google Chrome.

    Suggest

    Depending on the configuration, each time you put something in the address line,this information is sent to Google to provide suggestions.

    Alternate Error Pages

    Depending on the configuration, if you have typed a false address in the adress bar, this is sent to Google and you get an error message from Google's servers.

    Error Reporting

    Depending on the configuration, details about crashes or failures are sent Google's servers.

    RLZ-Tracking

    This Chrome-function transmits information in encoded form to Google, for example, when and where Chrome has been downloaded.

    Google Updater

    Chrome installs a updater, which loads at every Windows in background.

    URL-Tracker

    Calls depending on the configuration five seconds after launch the Google homepage opens in background
    Last edited by YokelStaff Icon; 12-18-2013 at 04:52 PM. Reason: Examples

  2. #2
    Trusted member Amenda's Avatar
    Reputation Points
    760
    Reputation Power
    51
    Join Date
    Mar 2013
    Posts
    378
    Time Online
    9 d 2 h 12 m
    Avg. Time Online
    3 m
    Mentioned
    13 Post(s)
    Quoted
    33 Post(s)
    Liked
    108 times
    Feedbacks
    12 (100%)
    what should we do to not being a prey for them is there any other browser will be stay away from hackers ?
    TheBlackLion likes this.

    Successful investing is anticipating the anticipations of others


  3. #3
    Extreme User
    LoGaN's Avatar
    Reputation Points
    1639
    Reputation Power
    62
    Join Date
    Jul 2013
    Posts
    684
    Time Online
    7 d 21 h 16 m
    Avg. Time Online
    2 m
    Mentioned
    10 Post(s)
    Quoted
    26 Post(s)
    Liked
    229 times
    Feedbacks
    13 (100%)
    How about using the " incognito " mode by default?

  4. #4
    New user afelix's Avatar
    Reputation Points
    10
    Reputation Power
    0
    Join Date
    Dec 2013
    Posts
    2
    Time Online
    1 h 30 m
    Avg. Time Online
    N/A
    Mentioned
    0 Post(s)
    Quoted
    1 Post(s)
    Feedbacks
    0
    Quote Originally Posted by Harish75 View Post
    How about using the " incognito " mode by default?
    How about simply disabling the option to store passwords?

  5. #5
    Admin
    Yokel's Avatar
    Reputation Points
    105622
    Reputation Power
    100
    Join Date
    Jun 2012
    Posts
    5,797
    Time Online
    78 d 9 h 15 m
    Avg. Time Online
    28 m
    Mentioned
    1562 Post(s)
    Quoted
    175 Post(s)
    Liked
    5445 times
    Feedbacks
    233 (100%)
    Quote Originally Posted by sonicbanana View Post
    How about simply disabling the option to store passwords?
    This is a good option but it is tedious to write again the usernames and the codes..
    I've heard good things about this browser: http://www.srware.net/en/software_srware_iron.php but I have not used it yet..

  6. #6
    Senior Member kyomitsiro's Avatar
    Reputation Points
    885
    Reputation Power
    50
    Join Date
    Dec 2013
    Posts
    422
    Time Online
    2 d 18 h 35 m
    Avg. Time Online
    1 m
    Mentioned
    16 Post(s)
    Quoted
    44 Post(s)
    Liked
    98 times
    Feedbacks
    10 (100%)
    ouch, never came to my mind about this thing o.O
    must find another browser "again" i guess ._.
    thanks for the information anyway


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •