Firefox search form history

Completing an online order? Filling out another registration form? These are just some of the online tasks we’re happy to have autofill complete the information for us. Recently however, web developer Viljami Kuosmanen discovered a vulnerability that can expose your stored data to a malicious person via phishing.

In this attack, a phishing email would be sent asking the target to complete a form on a web page. Once the target fills out one of the (visible) fields, the browser then auto populates multiple invisible fields on the page (drawing from the stored autofill data).

Related Post:  GPT disk partitioning guide for Ubuntu 13.10 on a PC with UEFI firmware

Prevention against the attack

One of the most reliable is turning autofill off on your browser. It is easy to do, and if you’re using Chrome you can just follow these steps: Those steps for disabling auto-complete on Chrome are available here.

However, if you’re using Firefox, here are the steps you need to take to perform the same operation:

  • From the menu, select Edit > Preferences or click on the settings icon and select Preferences
  • Click on the Privacy panel, then from the drop-down menu next to Firefox will:, select Use custom settings for history
    Firefox search form history
    Figure 1: Disable saving search and form history on Firefox
  • Uncheck, or disable Remember search and form history
  • Close the settings tab
Related Post:  How to replace Shorewall with FirewallD on ROSA Desktop Fresh R4

Another feature that I highly recommend that you disable is saving login information. To disable it, take the following steps:

  • From the menu, select Edit > Preferences or click on the settings icon and select Preferences
  • Click on the Security panel, then under Logins, disable Remember logins for sites.
    disable auto-complete on Firefox
    Figure 2: How to disable auto-complete on Firefox

If you find saving login information an indispensable feature, at the very least use a master password to protect saved information.

Share:

Share on facebook
Facebook
Share on twitter
Twitter
Share on pinterest
Pinterest
Share on linkedin
LinkedIn

Hola! Did you notice that LinuxBSDos.com no longer runs network ads?  Yep, no more ads from the usual suspects that track you across the Internet.  But since  I still need to pay to keep the site running, feel free to make a small donation by PayPal.

Subscribe for updates. Trust me, no spam!

Mailchimp Signup Form

Sponsored links

1. Attend Algorithm Conference, a top AI and ML event for 2020.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.

Leave a Reply

Your email address will not be published. Required fields are marked *

Get the latest

On social media
Via my newsletter
Mailchimp Signup Form

Partner links

1. Attend Algorithm Conference, a top AI and ML event for 2021.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.
Hacking, pentesting distributions

Linux Distributions for Hacking

Experts use these Linux distributions for hacking, digital forensics, and pentesting.

Categories
Archives

The authors of these books are confirmed to speak during

Algorithm Conference

T-minus AI

Author was the first chairperson of AI for the U.S. Air Force.

The case for killer robots

Author is the Director of the Center for Natural and Artificial Intelligence.

Why greatness cannot be planned

Author works on AI safety as a Senior Research Scientist at Uber AI Labs.

Anastasia Marchenkova

An invitation from Anastasia Marchenkova

Hya, after stints as a quantum researcher at Georgia Tech Quantum Optics & Quantum Telecom Lab, and the University of Maryland Joint Quantum Institute, I’m now working on superconducting qubit quantum processors at Bleximo. I’ll be speaking during Algorithm Conference in Austin, Texas, July 16 – 18, 2020. Meet me there and let’s chat about progress and hype in quantum computing.