Closed
Bug 1431634
Opened 8 years ago
Closed 4 years ago
Add option to remotely clear all browser data(on disconnecting device)when disconnecting a divice(other than current) using firefoxsync(accounts.firefox.com/settings)
Categories
(Cloud Services :: Server: Firefox Accounts, enhancement)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: combettaworld, Unassigned)
Details
(Keywords: privacy)
If one's device is stolen or password is leaked
It is hard and time consuming to change password for all sites
If the victim is late they can be damaged
|
||
Updated•8 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
(In reply to :Gijs from comment #1)
> This bug report doesn't need to be kept hidden.
I meant to add option remotely clear browser data of connected devices to prevent privacy issues.
Status: RESOLVED → UNCONFIRMED
Flags: needinfo?(gijskruitbosch+bugs)
Resolution: DUPLICATE → ---
|
||
Updated•8 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago → 8 years ago
Flags: needinfo?(gijskruitbosch+bugs)
Resolution: --- → FIXED
|
|
||
Updated•8 years ago
|
Status: RESOLVED → UNCONFIRMED
Resolution: FIXED → ---
|
||
Comment 4•8 years ago
|
||
Thanks! We're working on a plan for this in bug 1409208, and you can also follow the meta bug 1325271.
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago → 8 years ago
Resolution: --- → DUPLICATE
|
|
||
Comment 5•8 years ago
|
||
Actually, I'm sorry; this is different: you're asking for a "remote wipe" option in the device manager. Alex, CCing you because I know you've been thinking about this.
Status: RESOLVED → REOPENED
Component: Sync → Server: Firefox Accounts
Ever confirmed: true
Product: Firefox → Cloud Services
Resolution: DUPLICATE → ---
Keywords: privacy
Summary: Add option to clear all browser data whene disconnecting from firefoxsync(https://accounts.firefox.com/settings) → Add option to remotely clear all browser data(on disconnecting device)when disconnecting from firefoxsync(https://accounts.firefox.com/settings)
Version: 57 Branch → 58 Branch
|
||
Comment 6•8 years ago
|
||
We are investigating the engineering work required for this but please note that:
- For lost or stolen devices, we recommend to use the remote wiping of your OS provider after disconnecting a remote device from your account settings. This is much more important because you will likely have more than just Firefox at risk on you lost or stolen device. For Firefox to remote wipe the browser data, the malicious user will need to login to the device OS and open Firefox whereas you can prevent them from getting this far at an OS level.
- Remote wiping via Firefox is a very limited solution if you LEAKED your master password. You should consider that all your passwords are compromised and are now backed up by the malicious user outside of Firefox. We recommend that you
1) Change your Firefox Account password
2) Disconnect lost or suspicious devices
3) Change your email password
4) Then change all of your other passwords that were saved in Firefox
This will prevent your password changes from propagating to any compromised devices.
When disconnecting from sync "password should be asked to keep data on disconnecting device" to this feature to work completely.
To prevent this feature being used against victim there has be SMS verification.
|
|
||
Comment 9•8 years ago
|
||
(In reply to In from comment #7)
> When disconnecting from sync "password should be asked to keep data on
> disconnecting device" to this feature to work completely.
This won't help much, sadly, for the reason that we don't currently use your FxA password to encrypt anything in the profile directory. If your device is lost or stolen, an attacker could disconnect from the network, open your profile directory, and copy your passwords and autofill data out before Sync runs. It's easy to circumvent...and, unfortunately, gives the wrong the impression that "I disconnected and cleared everything, so I should be fine," when you're as much at risk. :-(
That's why building this in is more of a convenience than a security measure. Unless you're using OS-level encryption, you'll have to assume that *all* your passwords (and, as Alex says, everything else on that computer) are compromised.
Summary: Add option to remotely clear all browser data(on disconnecting device)when disconnecting from firefoxsync(https://accounts.firefox.com/settings) → Add option to remotely clear all browser data(on disconnecting device)when disconnecting a divice(other than current) using firefoxsync(accounts.firefox.com/settings)
|
|
Reporter | |
Comment 10•8 years ago
|
||
(In reply to Kit Cambridge (they/them) [:kitcambridge] from comment #9)
> (In reply to In from comment #7)
> > When disconnecting from sync "password should be asked to keep data on
> > disconnecting device" to this feature to work completely.
>
> This won't help much, sadly, for the reason that we don't currently use your
> FxA password to encrypt anything in the profile directory. If your device is
> lost or stolen, an attacker could disconnect from the network, open your
> profile directory, and copy your passwords and autofill data out before Sync
> runs. It's easy to circumvent...and, unfortunately, gives the wrong the
> impression that "I disconnected and cleared everything, so I should be
> fine," when you're as much at risk. :-(
>
> That's why building this in is more of a convenience than a security
> measure. Unless you're using OS-level encryption, you'll have to assume that
> *all* your passwords (and, as Alex says, everything else on that computer)
> are compromised.
Why assume the bad is clever?
|
||
Comment 11•4 years ago
|
||
Thank you for filing this issue. This is not currently on our roadmap, and in an effort to focus our work, we are closing old issues that we are unlikely to be closed in the future. Thanks again.
Status: REOPENED → RESOLVED
Closed: 8 years ago → 4 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•