A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Windows 10 » Windows 10 Help Forum
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Firefox SECRETLY storing your login credentials?



 
 
Thread Tools Rate Thread Display Modes
  #91  
Old December 12th 18, 04:59 PM posted to alt.comp.os.windows-10,comp.sys.mac.apps,comp.sys.mac.system
nospam
external usenet poster
 
Posts: 4,718
Default Firefox SECRETLY storing your login credentials?

In article , SilverSlimer
wrote:


You seem to have no comprehension that spyware/malware may actually be
'built in' to these devices during the manufacturing process, not
afterwards by hacking.

they aren't.

It's IMPOSSIBLE for you to know that, 'nospam'.


out of the billions of phones out there, nobody has found any evidence
of malware from the manufacturer. certainly *someone* would have found
*something* by now.


Liar:
https://www.techworm.net/2015/09/malware-found-pre-installed-on-xiaomi-huawei-lenovo-smartphones.html


Christian Lueg, the spokesperson for G Data said that the malware was
injected by a middleman

in other words, not during the manufacturing process.
Ads
  #92  
Old December 12th 18, 05:00 PM posted to alt.comp.os.windows-10
Panthera Tigris Altaica
external usenet poster
 
Posts: 102
Default Firefox SECRETLY storing your login credentials?

On 2018-12-11 04:17, default wrote:
On Tue, 11 Dec 2018 09:41:23 -0500, nospam
wrote:

In article , Mayayana
wrote:

"David B." "David wrote
| Even if you/we THINK that a device is 'off' it COULD still be in
| communication with an outside entity.
|

I know my Tracphone is off when I turn it
off because the charge will last for months and
it can't get calls. It could certainly have some
kind of beacon in it, but that seems very unlikely.
It only cost $10.


exactly.

if your phone was transmitting to some outside entity, the battery
would be dead within hours.



That's only true if the phone is fully functioning. It could still
record audio with just a tiny smidgen of the power it takes to receive
and transmit. Compress the audio and transmit in a burst and you'd
never know it by the battery capacity.


I had my iPhone fully powered down for _three days_. It was still at
100%. I did it again a few days later. It was still at 100%. Three days.
Even a small amount of power over three days will be noticed.


you would definitely notice a dead battery when you turned it on, or
tried to.

if it received a call or text while 'off', you'd definitely know
something unusual was going on.


You wouldn't know if a background program was running.


Yes, I would. I check every now and again.

? The uP is
always on. In a well designed secure system it is only supposed to be
checking the power button every few milliseconds. But off and
hibernate are not the same thing. The little controllers I like to
use have: sleep, nap, rest, and hibernate. They all save the battery
life, but there is no such thing as off. The different sleep states
are just there because some functions can be programmed to run while
the thing is sleeping...

It only shuts down when the battery drops below a certain level,
that's an automatic function designed to prolong battery life, but I
can tell it to ignore that feature and let it run until it hasn't got
enough energy to function. Not a good practice with rechargeable
batteries but acceptable for disposable batteries or super capacitors
- the chip only does what it was programmed to do.


and there's still the question how a phone that's off can be remotely
turned on by some magical signal that is received by a radio that's
off.

I don't know about Android and iPhone, but I'm
guessing that people think off means the screen
is black because few people actually turn them
off.


you guess wrong.

people are well aware of the difference between sleep versus fully off.

people don't turn off their phones because if they did, they would not
be able to receive calls, texts and push notifications. it would also
take a minute or two to boot if they wanted to use an app or call/text
someone.


It can be on and still act as if it is off. You have no way of
telling without some pretty sophisticated test equipment, and even
then, if I thought it may be monitored I'd find a way for it to hide
all activity until the threat passed.


I find this difficult to believe. For one thing, if this is true, then
why has no-one ever seen this magical spy equipment when they take a
phone apart?


they also might be listening to music, podcasts or internet radio with
the phone in their pocket, screen off.


The condition of the screen doesn't indicate what the phone is doing,
it is just there so the operator can tell what it wants you to know or
allow you to do.


  #93  
Old December 12th 18, 05:04 PM posted to alt.comp.os.windows-10
nospam
external usenet poster
 
Posts: 4,718
Default Firefox SECRETLY storing your login credentials?

In article , Panthera Tigris Altaica
wrote:


It can be on and still act as if it is off. You have no way of
telling without some pretty sophisticated test equipment, and even
then, if I thought it may be monitored I'd find a way for it to hide
all activity until the threat passed.


I find this difficult to believe. For one thing, if this is true, then
why has no-one ever seen this magical spy equipment when they take a
phone apart?


exactly.
  #94  
Old December 12th 18, 05:18 PM posted to alt.comp.os.windows-10
default[_2_]
external usenet poster
 
Posts: 201
Default Firefox SECRETLY storing your login credentials?

On Wed, 12 Dec 2018 11:00:31 -0500, Panthera Tigris Altaica
wrote:

On 2018-12-11 04:17, default wrote:
On Tue, 11 Dec 2018 09:41:23 -0500, nospam
wrote:

In article , Mayayana
wrote:

"David B." "David wrote
| Even if you/we THINK that a device is 'off' it COULD still be in
| communication with an outside entity.
|

I know my Tracphone is off when I turn it
off because the charge will last for months and
it can't get calls. It could certainly have some
kind of beacon in it, but that seems very unlikely.
It only cost $10.

exactly.

if your phone was transmitting to some outside entity, the battery
would be dead within hours.



That's only true if the phone is fully functioning. It could still
record audio with just a tiny smidgen of the power it takes to receive
and transmit. Compress the audio and transmit in a burst and you'd
never know it by the battery capacity.


I had my iPhone fully powered down for _three days_. It was still at
100%. I did it again a few days later. It was still at 100%. Three days.
Even a small amount of power over three days will be noticed.


You aren't sneaky enough. You are going to trust the battery level
the phone is telling you about? The same phone that someone has
hacked and presumably put in some ways to convince you it isn't
hacked?

A more clever approach, for those folks that watch the battery level
might be to report 100% then just ramp down to the correct capacity
while the phone is in use and you expect it to go down...

Spy versus Spy.


you would definitely notice a dead battery when you turned it on, or
tried to.

if it received a call or text while 'off', you'd definitely know
something unusual was going on.


You wouldn't know if a background program was running.


Yes, I would. I check every now and again.


You check what the phone is telling you... by definition a background
program does not announce itself - it wouldn't be in the background if
it did, it would be in the foreground.

? The uP is
always on. In a well designed secure system it is only supposed to be
checking the power button every few milliseconds. But off and
hibernate are not the same thing. The little controllers I like to
use have: sleep, nap, rest, and hibernate. They all save the battery
life, but there is no such thing as off. The different sleep states
are just there because some functions can be programmed to run while
the thing is sleeping...

It only shuts down when the battery drops below a certain level,
that's an automatic function designed to prolong battery life, but I
can tell it to ignore that feature and let it run until it hasn't got
enough energy to function. Not a good practice with rechargeable
batteries but acceptable for disposable batteries or super capacitors
- the chip only does what it was programmed to do.


and there's still the question how a phone that's off can be remotely
turned on by some magical signal that is received by a radio that's
off.

I don't know about Android and iPhone, but I'm
guessing that people think off means the screen
is black because few people actually turn them
off.

you guess wrong.

people are well aware of the difference between sleep versus fully off.

people don't turn off their phones because if they did, they would not
be able to receive calls, texts and push notifications. it would also
take a minute or two to boot if they wanted to use an app or call/text
someone.


It can be on and still act as if it is off. You have no way of
telling without some pretty sophisticated test equipment, and even
then, if I thought it may be monitored I'd find a way for it to hide
all activity until the threat passed.


I find this difficult to believe. For one thing, if this is true, then
why has no-one ever seen this magical spy equipment when they take a
phone apart?


You own a surveillance device that happens to make phone calls, take
videos, record audio etc.. There isn't special hardware needed to do
this it can be done with software alone, the camera, microphone etc.
is already there.


they also might be listening to music, podcasts or internet radio with
the phone in their pocket, screen off.


The condition of the screen doesn't indicate what the phone is doing,
it is just there so the operator can tell what it wants you to know or
allow you to do.



When you think about it, if this was/is a conspiracy to invade
people's privacy it is very cleverly done.

If you had told people beforehand that you wanted to keep a device
with them that would watch their every move 1984 style, they'd be up
in arms! But here they've done exactly that, and gotten people to pay
for it willingly.

No, I don't believe in some great conspiracy, but I have to say this
walks like a duck, quacks like a duck, and there's duck **** all
around... This is just the result of corporations chasing profits,
that coincidentally destroys privacy.
  #95  
Old December 12th 18, 05:24 PM posted to alt.comp.os.windows-10
default[_2_]
external usenet poster
 
Posts: 201
Default Firefox SECRETLY storing your login credentials?

On Wed, 12 Dec 2018 13:41:11 +0000, Stephen Wolstenholme
wrote:

On Tue, 11 Dec 2018 14:31:34 -0500, default
wrote:

On Tue, 11 Dec 2018 12:12:34 -0500, nospam
wrote:

In article , Paul
wrote:

and there's still the question how a phone that's off can be remotely
turned on by some magical signal that is received by a radio that's
off.

RFID-like schemes transmit enough power to run
circuitry. You could do it that way.

no you couldn't. the range of rfid is *very* short and it requires the
device to be powered on


It is indeed very short, a few feet as a rule. But RFID does not
require self-power it rectifies energy inductively coupled into it via
a loop antenna then uses that energy to transmit its data.


A few feet is a bit on the generous side. I can call my mobile phone
when it's switched off from a cordless calling phone is about an inch
away! It must be induced power on the mobile. When I was in the
electronics trade that sort of induced power was considered to be a
noise fault.

Steve

As someone already pointed out there are several different
technologies and they serve different purposes.

I've been following the retail chain stores desire for RFID and they'd
like to be able to read from a few feet away for marketing advertising
purposes.

  #96  
Old December 12th 18, 06:38 PM posted to alt.comp.os.windows-10,comp.sys.mac.apps,comp.sys.mac.system
David B.[_10_]
external usenet poster
 
Posts: 286
Default Firefox SECRETLY storing your login credentials?

On 12/12/2018 15:58, nospam wrote:
In article , David B.
wrote:

You seem to have no comprehension that spyware/malware may actually be
'built in' to these devices during the manufacturing process, not
afterwards by hacking.

they aren't.

It's IMPOSSIBLE for you to know that, 'nospam'.

out of the billions of phones out there, nobody has found any evidence
of malware from the manufacturer. certainly *someone* would have found
*something* by now.


That ain't necessarily so! [song]


it is so. there is *no* evidence that manufacturers are installing spy
chips on phones or anything else. zero.


*Absence of evidence is not evidence of absence*!

and even if that were to happen (which it has not), there's no way to
force a particular suspect to use a tainted phone.


*YOU* have absolutely *NO IDEA* of the true situation.

https://blogs.bmj.com/bmj/2012/03/19...ce-of-absence/

bloomberg recently ran story about spy chips in servers, which was
questioned from the start and has been shown to be completely false.


I'm always pleased when such matters are investigated.


bull****. you deliberately *ignore* facts solely so you can troll.


Not so! As I said, I'm always pleased when such matters are investigated.

Such an answer renders unreliable EVERY answer you provide in any Usenet
group.

also false.


Not at all. You have provided absolutely *NO* credentials so have
absolutely no credence at all. Sorry.


not only is that completely false, but you're not one to talk about
credentials. you have *none* and are not in a position to decide that
for others.


REALLY? I have a signed letter from our queen thanking me for my
service. What have *YOU* got 'nospam'?

and why did you crosspost this thread? that makes *you* even a bigger
troll than you already are.


I simply wanted fellow Apple device users to be made aware of your
fallibility.


in other words, it's yet another attack (it's all you do), which
confirms that you're trolling.


There's absolutely *NO* attack on anyone.

--
Regards,
David B.

https://vxer.home.blog/2018/12/08/vxer-a-profile/
  #97  
Old December 12th 18, 06:40 PM posted to alt.comp.os.windows-10,comp.sys.mac.apps,comp.sys.mac.system
David B.[_10_]
external usenet poster
 
Posts: 286
Default Firefox SECRETLY storing your login credentials?

On 12/12/2018 15:59, nospam wrote:
In article , SilverSlimer
wrote:


You seem to have no comprehension that spyware/malware may actually be
'built in' to these devices during the manufacturing process, not
afterwards by hacking.

they aren't.

It's IMPOSSIBLE for you to know that, 'nospam'.

out of the billions of phones out there, nobody has found any evidence
of malware from the manufacturer. certainly *someone* would have found
*something* by now.


Liar:
https://www.techworm.net/2015/09/malware-found-pre-installed-on-xiaomi-huawei-lenovo-smartphones.html


Christian Lueg, the spokesperson for G Data said that the malware was
injected by a middleman

in other words, not during the manufacturing process.


So what about possible hidden malware which may *NOT* have (yet) been found?

--
Regards,
David B.

https://vxer.home.blog/2018/12/08/vxer-a-profile/
  #98  
Old December 12th 18, 06:45 PM posted to alt.comp.os.windows-10
David B.[_10_]
external usenet poster
 
Posts: 286
Default Firefox SECRETLY storing your login credentials?

On 12/12/2018 16:04, nospam wrote:
In article , Panthera Tigris Altaica
wrote:


It can be on and still act as if it is off. You have no way of
telling without some pretty sophisticated test equipment, and even
then, if I thought it may be monitored I'd find a way for it to hide
all activity until the threat passed.


I find this difficult to believe. For one thing, if this is true, then
why has no-one ever seen this magical spy equipment when they take a
phone apart?


exactly.



No one can see what is *INSIDE* a COMPONENT i.e. within the circuitry of
a 'chip'.

--
Regards,
David B.
  #99  
Old December 12th 18, 06:56 PM posted to alt.comp.os.windows-10,comp.sys.mac.apps,comp.sys.mac.system
nospam
external usenet poster
 
Posts: 4,718
Default Firefox SECRETLY storing your login credentials?

In article , David B.
wrote:

So what about possible hidden malware which may *NOT* have (yet) been found?


what about it?

assuming you obtain hardware and software from reputable sources, it's
a non-issue.

on the other hand, if you get a phone from someone at defcon, all bets
are off.

and your obsession over malware and anti-virus utilities is not normal.
  #100  
Old December 12th 18, 06:56 PM posted to alt.comp.os.windows-10
nospam
external usenet poster
 
Posts: 4,718
Default Firefox SECRETLY storing your login credentials?

In article , David B.
wrote:

No one can see what is *INSIDE* a COMPONENT i.e. within the circuitry of
a 'chip'.


actually, they can, as well as paper trail of its manufacture.
  #101  
Old December 12th 18, 08:54 PM posted to alt.comp.os.windows-10,comp.sys.mac.apps,comp.sys.mac.system
David B.[_10_]
external usenet poster
 
Posts: 286
Default Firefox SECRETLY storing your login credentials?

On 12/12/2018 17:56, nospam wrote:
In article , David B.
wrote:

So what about possible hidden malware which may *NOT* have (yet) been found?


what about it?


I know nothing about it. Nor do you!

assuming you obtain hardware and software from reputable sources, it's
a non-issue.


Hopefully so.

on the other hand, if you get a phone from someone at defcon, all bets
are off.


I 'm no longer in the armed services, so that's unlikely.

and your obsession over malware and anti-virus utilities is not normal.


That's absolutely right. Nowadays, hardly anyone cares.

Hrebs does, though! :-)

"Is it fair to judge an organization’s information security posture
simply by looking at its Internet-facing assets for weaknesses commonly
sought after and exploited by attackers, such as outdated software or
accidentally exposed data and devices? Fair or not, a number of nascent
efforts are using just such an approach to derive security scores for
companies and entire industries. What’s remarkable is how many
organizations don’t make an effort to view their public online assets as
the rest of the world sees them — until it’s too late."

https://krebsonsecurity.com/2018/12/...-for-security/

Read the article and educate yourself!

--
Regards,
David B.
New post today: https://vxer.home.blog/2018/12/08/vxer-a-profile/


  #102  
Old December 12th 18, 09:09 PM posted to alt.comp.os.windows-10,comp.sys.mac.apps,comp.sys.mac.system
nospam
external usenet poster
 
Posts: 4,718
Default Firefox SECRETLY storing your login credentials?

In article , David B.
wrote:

So what about possible hidden malware which may *NOT* have (yet) been
found?


what about it?


I know nothing about it.


yep, you sure don't.

Nor do you!


false.

assuming you obtain hardware and software from reputable sources, it's
a non-issue.


Hopefully so.


it is so.

on the other hand, if you get a phone from someone at defcon, all bets
are off.


I 'm no longer in the armed services, so that's unlikely.


further confirming that you know *nothing* about security.

and your obsession over malware and anti-virus utilities is not normal.


That's absolutely right. Nowadays, hardly anyone cares.


false.
  #103  
Old December 12th 18, 10:36 PM posted to alt.comp.os.windows-10
nospam
external usenet poster
 
Posts: 4,718
Default Firefox SECRETLY storing your login credentials?

In article , default
wrote:

I've been following the retail chain stores desire for RFID and they'd
like to be able to read from a few feet away for marketing advertising
purposes.


not using rfid.
  #104  
Old December 12th 18, 10:36 PM posted to alt.comp.os.windows-10
nospam
external usenet poster
 
Posts: 4,718
Default Firefox SECRETLY storing your login credentials?

In article , default
wrote:

I had my iPhone fully powered down for _three days_. It was still at
100%. I did it again a few days later. It was still at 100%. Three days.
Even a small amount of power over three days will be noticed.


You aren't sneaky enough. You are going to trust the battery level
the phone is telling you about? The same phone that someone has
hacked and presumably put in some ways to convince you it isn't
hacked?

A more clever approach, for those folks that watch the battery level
might be to report 100% then just ramp down to the correct capacity
while the phone is in use and you expect it to go down...


that won't work for a variety of reasons.



You wouldn't know if a background program was running.


Yes, I would. I check every now and again.


You check what the phone is telling you... by definition a background
program does not announce itself - it wouldn't be in the background if
it did, it would be in the foreground.


yet another thing you don't understand.
  #105  
Old December 12th 18, 10:51 PM posted to alt.comp.os.windows-10,comp.sys.mac.apps,comp.sys.mac.system
Panthera Tigris Altaica
external usenet poster
 
Posts: 102
Default Firefox SECRETLY storing your login credentials?

On 2018-12-12 15:09, nospam wrote:
In article , David B.
wrote:

So what about possible hidden malware which may *NOT* have (yet) been
found?

what about it?


I know nothing about it.


yep, you sure don't.

Nor do you!


false.

assuming you obtain hardware and software from reputable sources, it's
a non-issue.


Hopefully so.


it is so.

on the other hand, if you get a phone from someone at defcon, all bets
are off.


I 'm no longer in the armed services, so that's unlikely.


further confirming that you know *nothing* about security.


He knows so little about security that he doesn't know what defcon, in
this context, is. That says all that needs be said.


and your obsession over malware and anti-virus utilities is not normal.


That's absolutely right. Nowadays, hardly anyone cares.


false.


 




Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off






All times are GMT +1. The time now is 01:04 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.