User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; GTB5; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.30618; .NET CLR 3.5.30729; InfoPath.2; .NET CLR 1.1.4322) Build Identifier: ver 3.0.11 --> SECURITY FLAWS!!!! EMERGENCY SECURITY FLAWS MAJOR ISSUES!!!!!!!!! Deleted cookies, and Password DO NOT get DELETED!!! I recently installed SIW to run all my Computer History and CPU Performance. All the secret passwords stored in the MOZILLA do not get deleted. Mozilla: --> Under Tools , ---> Clear Private Data ---> Delete the Following ... I checked everything there is to be deleted (Browsing History, Cache,Offline Website, password, cookies... all of them are checked). But when I ran SWI all the previous stored password on the Browser still shows up. Here is the example: SECURITY FLAWS!!!!!! EMERGENCY !!!! --------------------------------------------------------------------------------- Resource Type Resource Name User Name Password Company Name FireFox Password https://my.screenname.aol.com dantrpnics HelloThere FireFox Password https://my.screenname.aol.com Dantronics HelloThere FireFox Password http://www.c-sharpcorner.com danman2 lifeisgood FireFox Password https://www.yousendit.com email@example.com HelloThere FireFox Password http://www.friendorama.com firstname.lastname@example.org hellothere Reproducible: Always Steps to Reproduce: 1.Install SIW 2. Run SIW ("Secrets" Option) 3. RUN Mozilla (Clear Private Data) "Remebered to checked everything " 4. Rerun SIW ("Secrets" Option) Actual Results: Resource Type Resource Name User Name Password Company Name FireFox Password https://my.screenname.aol.com dantrpnics HelloThere FireFox Password https://my.screenname.aol.com Dantronics HelloThere FireFox Password http://www.c-sharpcorner.com danman2 lifeisgood FireFox Password https://www.yousendit.com email@example.com HelloThere FireFox Password http://www.friendorama.com firstname.lastname@example.org hellothere Expected Results: nothing .... here The browser should clear all password and history of websites that have been visited.
Was Firefox running when you did this?
Please give bugs an actual descriptive title and don't just add whatever you want to the fields. Please also stop panicking. Also, why on Earth are you posting a list of any IDs and passwords?... I do hope those few above aren't important. I'm not entirely sure what the issue is you're trying to describe. Not clearing passwords locally wouldn't really be much of a security issue. A real security issue would be if they were somehow able to be stolen remotely. You're simply not having them cleared on your system. I'm also not sure what "SIW" is, as you don't actually say. I'm guessing it's "System Information for Windows", which is what Google tells me. My guess is that maybe you're wiping Firefox 3's passwords and there's an old passwords file from Firefox 2 that this program is picking up? Are your passwords actually cleared when you try to view them in Firefox? Please provide more information.
Please don't reply to bugs via email. The whole reason we have this system is so that people can collaborate to investigate bugs, so please only post here. In regards to a couple of the things you mentioned: 1) No one should be saving passwords to a public computer. I think we can all agree that's just a horrible idea. 2) A good starting point for Mozilla source is here: https://developer.mozilla.org/En/Developer_Guide/Source_Code Please answer my question at the end of comment 2 and tell me if Firefox still shows your supposedly cleared passwords in its passwords manager. If you'd like us to help you here we'll info on what's going on.
User directly emailed me as well. Firefox was running while the program was run. This will result in problems like this. Firefox reads data into ram while running. If the files are removed while Firefox is running Firefox will write whatever it has in ram back to the files that were removed. This is invalid. Contact the developer of the 'security' program it should not try to remove files from Firefox's profile when Firefox is running.