Last Comment Bug 330884 - When different users on one system choose to save or not save passwords for sites, any other user can see sites they not only saved passwords for but can also see what other users have been saving/never saving passwords for.
: When different users on one system choose to save or not save passwords for s...
Status: RESOLVED DUPLICATE of bug 234680
: privacy
Product: Toolkit
Classification: Components
Component: Password Manager (show other bugs)
: unspecified
: x86 Windows XP
: -- major with 1 vote (vote)
: ---
Assigned To: Nobody; OK to take it and work on it
:
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-03-17 15:48 PST by naomirocks
Modified: 2014-02-21 07:39 PST (History)
28 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments

Description naomirocks 2006-03-17 15:48:21 PST
User-Agent:       Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1

This privacy flaw has caused my fiancé and I to break-up after having dated for 5 years.

Basically, we share one computer but under separate Windows XP user accounts.  We both use Mozilla Firefox -- well, he used to use it more than I do but now we don't really use it.  The privacy flaw is this: when he went to log-in under his dating sites (jdate.com, swinglifestyle.com, adultfriendfinder.com, etc.), Mozilla promptly asks whether or not he'd like Firefox to save the passwords for him.  He chose never, obviously.  However, when he logged off his user account, and I logged onto my Windows XP account X amount of days later, I decided to use Firefox because hey -- it loaded everything much more efficiently, was better to work on with website designs and is a lot more stable than IE7beta2.

Firefox prompted whether or not I'd like it to save my password for logging into my website.  I chose never and changed my mind.  I went into the Password Manager to change the saved password option from Never to Always and that's when I saw all these other sites that had been selected as "Never Save Password."  Of course, those were sites I had never visited or could ever dream of visiting.

Then I realized who, how and what...  and sh*t hit the fan.  Your browser does not efficiently respect the privacy of different users for one system.

Reproducible: Always

Steps to Reproduce:
1. Create 2 unique user accounts (for steps sake, let's call the two accounts Joe and Mary) in Windows XP Home.
2. Logout and sign-in under Joe.
3. Open Firefox and go to an e-mail site or to jdate.com or wherever.
4. Attempt to log-in to the site so that Firefox will ask whether or not you want your password saved.
5. Choose not to save the password.
6. After successfully logging in and having selected the "never save password" option, logout.
7. Log-in as Mary and open Firefox.
8. Browse, browse, browse... but you don't really have to.  Just go to "View Saved Passwords," click on the tab that will show you sites to never save passwords for, and you'll see whatever painful site Joe denied to save a password for.
9. Break-up with fiancé.



Firefox should be respecting every single area of privacy per user on one system.  It's not doing that...  I'm going to submit this as Major because not everyone shares one computer, but it should really be considered Critical.
Comment 1 Jesse Ruderman 2006-03-17 17:40:31 PST
I don't know if you still have access to the computer you and your ex-fiancé shared, but it sounds like Firefox was sharing a profile between the two Windows XP user accounts.  How is that possible -- were both users administrators or something?  Were bookmarks separate?
Comment 2 Jesse Ruderman 2006-03-17 18:13:34 PST
Or, as sp3000 points out, maybe he accidentally logged into one of those sites while you were logged into Windows XP.
Comment 3 naomirocks 2006-03-21 11:14:51 PST
All right, I think it's been figured out.

When we decided to have separate user accounts just a short time ago,
since the computer is mine and the log-in we used to share was mine,
we just ended up creating a separate user account for him.  However,
before that, he had installed and uninstalled another version of
Firefox in his own personal directory.  The first time this happened,
he was trying to hide this stuff from me by using Firefox and
participating on the sites in there.  I found out he had been using
another browser by one time accidentally sneaking up on him in the
middle of the night and he uninstalled it.  Later, after we had
separate user accounts, I installed Mozilla because it was great in
testing browser compatibility for websites in progress and it must
have picked up certain things from his previous profile.  He swears up
and down he never did it while logged-in to my account and I can't see
him messing up like that.  This is the only explanation I can think
of.

Regardless, even if the sites in the "Never Save Password" list were
from weeks ago, the sites show he's been logging in regularly and is
an active member.  So whatever...  I guess when he uninstalled Firefox
originally, it wasn't a completely clean uninstall.  That's the only
explanation since we couldn't duplicate my reported bug as easily as
we thought.

Also, I'm going to put this bug as dependent on that uninstallation of profile data bug that Jesse Ruderman sent me.  It seems new users will risk seeing old data on a new installation of the browser (after a complete uninstallation had been done).  I can't confirm that by replicating it, but I can just confirm it from this one time occurance at the moment.
Comment 4 Jesse Ruderman 2006-03-21 17:19:29 PST
Marking as a dup of bug 234680 per comment 3.

*** This bug has been marked as a duplicate of 234680 ***
Comment 5 Majken Connor [:Kensie] 2006-03-21 19:07:21 PST
Reporter - where firefox is installed doesn't affect where the profiles are.  If he installed it while logged in under your windows account it doesn't matter what folder he installed it to. This in itself isn't a flaw, but a feature. Anyway, that's why you experienced the behaviour you did.

And ok, bugzilla isn't the place for this, but I can't help it.  Honey, I would think you would be the LAST person to be bothered by this. Not only did was he using your computer to be unfaithful, he wasn't smart enough to cover his tracks, and you got to know about it BEFORE buying the goods. If you're really THAT upset about finding out, take him back and pretend you never knew, or hold it over his head and use it to keep him in line.
Comment 6 lovelivelife12345 2006-03-21 23:39:12 PST
I would also like to add that this seems more like a 'feature' at this point.  There is a button under Tools > Options > Privacy > History.  On the History tab, I believe, you will see a button for 'Erase My Relationship', underwhich, there are check boxes for '..because he is a cheating bastard', '..because he is a sneaky bastard who demeans me by thinking he can go behind my back', and '..because he jerked is insultingly stupid, so stupid, he deserved to be snared and he would have been a liability to have in your life, long-term'.

Check all that apply..

Ian

ps:  in all fairness, and not to sound like a two-dimensional bore, it's possible he was a habitual browser -- along with the being a liar -- where he just BROWSED the sites and looked at profiles, etc..   There's no telling whether he ever DID or would have had the cahones to really get out there and do something...   Maybe he just fantasized.  Maybe he just made-believe..  If that helps.  It's a difficult thing to bridle the male sex drive.  

Nevertheless, the problem is still that he lied..  he concealed.. 

Maybe this was a huge wake-up call after 5 years... maybe he's not the guy you thought he was... maybe its been 5 years of deception... Or, maybe it was just minor 'reveal' and not evidence of deep, serious transgression...just a 'white lie' where he was covering up some fantasy needs...and the 'white lie' need only be a bump in a long, long road and you can see if you can turn it into a growing experience..a call for a whole new level of openness in your relationship..  

If the relationship is otherwise a complete wash, what is there to lose?  Get it all out on the table.. Tell him he might as well say what he REALLY wants in his life.. what would his 'fantasy perfect male existence' be?  Get it stated, honestly and openly for once..  And then see whats what.. 

Best of luck..

Oh, and I WOULD double-check the credit card / phone records while you are at it...



Comment 7 nullmailbox 2006-03-22 07:08:06 PST
The fact is, she is 100% correct, after reading the article I went to my
Windows 2000 Pro machine and went to tools > Options > Passwords > View Saved
Passwords > Passwords Never Saved and there were a list of sites that I did not
want passwords saved for. I then chose Clear Private Data and went back into
the password manager. The list was still there. Lastly, I created a new user
account, went into Password manager; guess what…the list was still there. Not
only is the list not cleared with private data, it is also shared between user
accounts on the same machine.
Comment 8 RedSaber 2006-03-22 08:46:21 PST
I think the only solution for now is very simple:

Never share your computer with your girlfriend.

Comment 9 RedSaber 2006-03-22 08:46:53 PST
I think the only solution for now is very simple:

Never share your computer with your girlfriend.

Comment 10 Dave Townsend [:mossop] 2006-03-22 09:01:38 PST
I'm somewhat confused as to how this can happen. I have tried creating both a second profile in my normal user account, and using a separate windows account. None of them had the same list of passwords not to save, as expected the two new accounts had empty lists.

Does that list get imported from IE settings or something like that?
Comment 11 Frank Fridlund 2006-03-22 10:52:51 PST
I second what comment #10 said.  I have a guest account on my computer just for the purpose of making Firefox the default, and there isn't anything listed in password manager either.  
Comment 12 john 2006-03-22 12:16:00 PST
i was able to recreate this by going to the password-never-saved list under a second user account on my Windows 2000 pro computer.  Yikes! Although i only use opera for my porn-and-personal sites because of fears of the gf finding something in IE or Firefox.... There are other reasons this could be a big problem. Not just for cheating boyfriends, but, roommates who use one computer and maybe save or dont save info for shopping, school sites, etc.
Comment 13 Mister Spork 2006-03-22 12:16:30 PST
I gotta say, I think lovelivelife12345@yahoo.com is right, it's possible that he just continued to browse those sites. They don't keep track of anything other than access, and it's possible that user activity is exaggerated to make the site appear more busy and worth subscribing to than it is. A relationship of 5 years is a big deal, and it'd be worth it to talk it out. Of course, he did lie, but when faced with a difficult to explain situation, one in which me may be completely innocent, the first and strongest urge is to lie. Just shows he wants to preserve the relationship really. I know, from being married for several years, that a misunderstanding can lead to some pretty big conflicts and there are thigns that, for the sake of simply avoiding a misunderstanding, I wouldn't want my wife to know, especially without a carefully thought out explanation prepared in advance. If he's unprepared to answer a charge his reaction will likely be to lie about it, even if he hasn't, really especially if he hasn't actually cheated on you.
Comment 14 skyrock123 2006-03-22 16:27:16 PST
Are people who watch the Sopranos mob-style criminals?

Are people who watch SpongeBob interested in living in a pineapple under the sea?

Are women who watch Sex In The City as horny as the ones on the show?

There is some entertainment value to these websites.  While you can use them to engage in unfaithful acts, they also could be used just to get a little chuckle, titilation, or self-satisfaction.  

Who knows what your fiance was getting out of it.
Comment 15 jerry asher 2006-03-22 18:52:23 PST
Visiting those sites indicate that your fiance was guilty of thoughtcrime!
Comment 16 Majken Connor [:Kensie] 2006-03-22 19:30:33 PST
Mossop - as per comment #3 what *actually* happened was that he installed firefox *before* they were using seperate windows profiles, so what really happened is this.

1. They're still using the same windows profile, 

2. He installs firefox in his director on her computer in her profile i.e. he installs it to c:\fiance\Mozilla Firefox\ instead of to c:\Program Files\Mozilla Firefox

3. He uninstalls firefox after she sees him using it

4. They create him his own Windows profile, she keeps using the one they were sharing

5. She installs firefox in a different directory than he did (eg c:/Program Files/Mozilla Firefox/)

6. As expected, firefox detects the already existing profile on her windows account.
Comment 17 thehijjt 2006-03-22 21:13:03 PST
So the real solution is to first make sure you are using a strict multi-user environment before you trust the separation of accounts. On top of that linux has the coolest text editors for progrmming websites, and the nicest implimentation of a web server for testing those sites.
Comment 18 JoeCanuck 2006-03-23 05:13:14 PST
I checked my "passwords never saved" screen, and found only 2.  I think they were saved before I unchecked the "remember passwords" box.  Since then, I have never had the popup box come up.  I think if the "remember passwords" box is left unchecked, (I think it defaults checked), you won't have anything saved.  
Comment 19 N. Becker 2006-03-23 08:19:50 PST
You have heard it said by them of old time, thou shalt not commit adultery.  But I say unto you, That whosoever looks on a woman to lust after her has committed adultery with her already in his heart.  And if your right eye offend you, pluck it out, and cast it from you.  For it is profitable for you that one of your members should perish, and not that your whole body should be cast into hell.
  - Lord Jesus Christ of Nazareth (God's son)
Comment 20 balsalm9 2006-03-23 08:54:35 PST
I don't quite understand your report. It appears to be not reproducible (at least with that guy). Congrats!

Obquote:
Let her grow pale at the proof of your infidelity.
     --Ovid
Comment 21 GreenT 2006-03-23 21:32:00 PST
He has got to be the luckiest guy in the world at this moment in time!  


Now he will have HIS world and knows she is just after money, seed and control over both!  

Oh and she becomes the next, of a few million and growing single forever women!
Comment 22 xmltechnologist 2006-03-27 12:35:12 PST
I think firefox should provide password protection for read and delete access to list of sites for which password is never saved. The user may not be prompted for password when the list is being appended. If this is the case, you are privacy is protected even if your profile is accidently shared. However, you may have to come up with an excuse if someone asks you for the password or reason for having password on that list. :D
Comment 23 Alexandre Luis Vignado 2006-03-27 16:03:37 PST
(In reply to comment #0)

Acess:

Tools

Options

Open the tab "Saved Passwords" and uncheck the option

Open the tab Passwords and uncheck the option (remember passwords)


Clique the button "Settings" and Check all


Open the tab History and change to 0 days


:)

Now, your firefox will free :)

this is not a bug.


Alexandre Luis
alexandrevls@uol.com.br

Comment 24 Mihai Bazon 2006-03-28 11:18:09 PST
My 2¢: perhaps you should consider not using Windows if you want privacy :p  I'm pretty sure this would never happen in a true multiuser system (read: any Unix derivative, including MacOSX).  >-)
Comment 25 Alexandre Luis Vignado 2006-03-28 15:48:25 PST
Negative. 

If you use the BEST of the best System Operation, with artifical inteligence and alien tech, but you R a newbie or dont think about privacy, dont change anything.

You can use Windows, Linux, MAC, DOS. If you dont 'think'....
Comment 26 Frank Sands 2006-03-29 03:44:47 PST
In reply to comment #22: There is a way to protect your saved passwords with a master password. To do this, go to Tools>Options>Privacy>Passwords and click in the "Set Master Password" button.After doing this, the only way to see the saved passwords is by providing the master password.

As I did the above, to see how it worked, I noticed two things:
1)After setting the master password, if you press "View Saved
Passwords", a dialog will appear asking the master password (this is
ok), but if you press cancel on the dialog, a new one appears, insisting
that you enter the master password. I think the dialog should just close
if you doesn't want to see the saved passwords anymore.
2)If you press the cancel on the dialog 5 times, the window with the
saved passwords appear with no saved passwords (this is ok), but in the
"Passwords Never Saved" still shows the sites you chose to never save
the password. If the operation is aborted when the user press cancel on
the dialog, this would be avoided. Is this already registered as a bug?
Comment 27 jason 2006-03-29 14:19:14 PST
Use VMWare, boot your OS & Browser, and browse your illicit sites in that. Revert to snapshot when done. 
Comment 28 Mgeronimoi9 2006-03-30 06:03:13 PST
Use .NET Isolated Storeage.  
Comment 29 Lance Gurlukovich 2006-04-08 12:45:44 PDT
Really it's not that big of a deal that firefox saves the list of not saved passowrds. Browers are supposed to do this kind of thing. Anyway it would be the cheating boyfriend's job to run a cleaner to clean the history and cache. Seriously if you value your privacy run a history cleaner it's not that complicated. 

Comment 30 Charlles(The Male) 2006-07-31 06:10:55 PDT
(In reply to comment #6)
> I would also like to add that this seems more like a 'feature' at this point. 
> There is a button under Tools > Options > Privacy > History.  On the History
> tab, I believe, you will see a button for 'Erase My Relationship', underwhich,
> there are check boxes for '..because he is a cheating bastard', '..because he
> is a sneaky bastard who demeans me by thinking he can go behind my back', and
> '..because he jerked is insultingly stupid, so stupid, he deserved to be snared
> and he would have been a liability to have in your life, long-term'.
> 
> Check all that apply..
> 
> Ian
> 
> ps:  in all fairness, and not to sound like a two-dimensional bore, it's
> possible he was a habitual browser -- along with the being a liar -- where he
> just BROWSED the sites and looked at profiles, etc..   There's no telling
> whether he ever DID or would have had the cahones to really get out there and
> do something...   Maybe he just fantasized.  Maybe he just made-believe..  If
> that helps.  It's a difficult thing to bridle the male sex drive.  
> 
> Nevertheless, the problem is still that he lied..  he concealed.. 
> 
> Maybe this was a huge wake-up call after 5 years... maybe he's not the guy you
> thought he was... maybe its been 5 years of deception... Or, maybe it was just
> minor 'reveal' and not evidence of deep, serious transgression...just a 'white
> lie' where he was covering up some fantasy needs...and the 'white lie' need
> only be a bump in a long, long road and you can see if you can turn it into a
> growing experience..a call for a whole new level of openness in your
> relationship..  
> 
> If the relationship is otherwise a complete wash, what is there to lose?  Get
> it all out on the table.. Tell him he might as well say what he REALLY wants in
> his life.. what would his 'fantasy perfect male existence' be?  Get it stated,
> honestly and openly for once..  And then see whats what.. 
> 
> Best of luck..
> 
> Oh, and I WOULD double-check the credit card / phone records while you are at
> it...
> 

  I feel sorry for you both and much for for him that couldn't to express his needs and fantasies.I think someone should to have introduced to him CCleaner,it's a small free tool that can delete cookies,passwords and pages visited on internet.So just have a look on www.filehippo.com and look for CCcleaner it may make your lifes a bit easier.
  P.S.I'm on 5 relationship,we got a child and doesn't mean we can't get honey sometimes or want some spice on your relationship.
Comment 31 Martin Andersen 2006-09-18 08:14:21 PDT
I can't tell if this is some sort of a parody, or if it's only some of the commenters who think it is. Some comments either don't take it seriously or post innane or offensive remarks and relationship advice. Some tried to deride her use of Windows and tried to suggest Linux (who cares if Linux has nice text editors for making web sites, it doesn't have Dreamweaver or Photoshop. Nvu and the Gimp suck in comparison). One religious nut even spammed bible quotes (I suppose spouting Linux propaganda could count as religious zealotry, too. RMS can be their Jesus, he's got the beard for it).
Sure the original poster related unnecesssary personal details which has piqued a few people's salacious curiosity, but that's no reason to turn this into a personal advice column, and some dubvious advice at that. Surprisingly they all seem to try and defend the fellow. Frankly he sounds like a cad who has tried to cover up his tracks, albeit unsuccessfully, and she may be better off for it. But the concern is genuine. Although you may like prying on other people's personal information, the sword cuts both ways. You shouldn't have to be a computer expert to protect your privacy. True, I myself have acounts on such sites out of curiosity more than anything else, not because I've actually ever cheated on anyone or ever would, but because I'm single and curious. That doesn't mean I want other users of my computer finding this out. Someone living with parents or relatives etc, or living with a partner, are entitled to privacy, even if they are using someone else's computer and account. A lot of marriage or relationship troubles stem from the husband's liking for surfing porn without intent of cheating, though some women consider it a form of cheating. Certainly the Bible Boy poster thinks so. I'll leave him to gouge out his right eye. A stressful job and screaming 2-year-olds waiting at home and maybe a nagging wife may be the cause. It may be symptomatic of deeper trouble. It doesn't matter.  We are entitled to privacy, and if Firefox doesn't properly remove private information upon removal of the program itself, that is a problem.
It has been marked a duplicate of the 2-year-old bug #234680 which basically complains that when you uninstall and click "Yes" to completely removing everything, it in fact doesn't. The user profile, buried deep inside a hidden system folder, remains with bookmarks and other privacy details like visited sites and passwords. Surely this is a genuine privacy concern for a browser that likes to poke fun at IE.
It is currently inexplicably marked as "WontFix".
Comment 32 Majken Connor [:Kensie] 2006-09-18 12:19:34 PDT
Neither the browser, nor Mozilla employees "like to poke fun of IE."  You'll find that attitude more from the users.  As for the status of bug 234680, you'd need to ask the devs as someone already asked in the bug why it's wontfix (no need for bugspam)

Can we close this bug now that it's resolved?
Comment 33 J. Kanowitz 2007-03-19 14:29:38 PDT
Rather than storing a list of domains, why not store a one-way hash of same?

Comparison has to occur either way.  The 'invisibility' problem can be mitigated by displaying a notification pane to the effect of "Passwords entered on this page will not be saved.  To remove this site from the list, [click here]."

Really, this has been boneheaded behavior for years, though a source of endless amusement for fiancees and repair technicians.
Comment 34 Emilie D 2008-10-17 11:16:53 PDT
Hey naomirocks,

I felt compelled to post on here since I have been through something really similar to your story...I had been with my fiance for 8 years (we were engaged for 6 months) when I found proof infidelity. It tore me to pieces...the most awful experience of my life. It's more than a year later and I am living a much better life now. And have started to date a guy who is sincere. It's been even longer for you and I hope you have found a better life too. 

To all those women out there who experience infidelity, please please please know if he does it once, he will do it again. You deserve someone who will to be faithful to you, not just someone who says they want to be.
Comment 35 Laxminarayan G Kamath A 2008-10-18 11:37:27 PDT
I am really surprised nobody mentioned portable firefox.
Comment 36 Nicky Mares 2008-10-18 16:36:32 PDT Comment hidden (spam)
Comment 37 TheOneScd 2010-01-10 02:48:01 PST
(In reply to comment #0)
I dont know about your fiance but I never save passwords for anything so the list of websites is substantial. And needless to say after I click Never I am Never asked again so its not that big of a deal to me that he has sites listed as Never. Also from all I can see it only tells you the site not the number of times he visited that site so if he is like me and clicked never once 7 months ago and never returned to that site...it would still be listed in the list and it would look bad but if I only got on that site once 7 months ago to check a message I got or something pointless it would surely be taken out of context. I mean how can you convict him on the list of sites when you dont know how often he frequented the sites and for what purpose. What if it was a once and done deal

Note You need to log in before you can comment on or make changes to this bug.