The fact that Mozilla let the security bug for master passwords languish for 9!!! years is maddening. It makes you wonder which other ridiculous security bugs are outstanding.
If you're really interested, it's worth reading the actual bug reports and ensuing discussion. It's a little more nuanced than the "Mozilla hatez security!!" headline the story ran with.
-
-
I'm glad there's discussion. I can't seem to find it with Google search or Bugzilla search.
-
All of it is linked in the original blog post by Wladimir. The story he tells, and the threat model and relative risk, is a reasonable take. https://palant.de/2018/03/10/master-password-in-firefox-or-thunderbird-do-not-bother …
End of conversation
New conversation -
-
-
I see this thread with 5 years of no discussion: https://bugzilla.mozilla.org/show_bug.cgi?id=524403 … Is the short story that devs thought it was fixed because both bug numbers were marked as duplicates?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.