|
I reckon it could work both ways; data can be bound either at the client machine or at the server. The site I mention here obviously had access to the system files on my PC, extracted saved login information which was not encrypted, and then if they so desired could easily upload to their server.
|
|
|
|
|
You misunderstand how browsers work. Login and password data may be saved by the browser, under your direction. That information is encrypted and stored in the browser database on your client system. There is no way the browser can pass that back to the server unless you write some code to do it. If you also tell the browser to make that information available through other devices then it will transmit it securely via your account with the browser provider.
|
|
|
|
|
This.
I challenge OP to put together a web page that'll surface my browser's credentials as claimed.
|
|
|
|
|
That is the point. If I can write some code to send login data back to the server then the particular site I mentioned can do it and others could do it as well. As I pointed out it gives you a list of sites you have saved logins for along with login IDs and passwords, not encrypted.
|
|
|
|
|
Member 10798832 wrote: saved logins for along with login IDs and passwords, not encrypted. On the contrary they are encrypted, and stored on your PC. And the only time a web page can get access to these details is when you select them to login. So if you go to www.Istealyourdata.com, and it asks for your login details, what are you going to do?
|
|
|
|
|
Yes! You are correct! A couple of weeks ago, I had the occasion to clean my system's drive using Diskpart, Then I did a complete clean install of Windows 11. As soon as Windows was up and running, it synched with Microsoft's servers and everything was back: All my desktop icons, browser shortcuts AND all my old login information for dozens of websites - user names and passwords. This information must have been stored on Microsoft's servers. How else could it magically re-appear in my system?
Ok, I have had my coffee, so you can all come out now!
modified 17-Oct-23 8:59am.
|
|
|
|
|
Log into Chrome on Linux. Then log into Chrome on, say, an Android phone. All your Chrome config data is brought back in the way you've just described.
Oh noes, now both Linux and Android have a "major breech" too! M$'s bad software design truly has no bounds!
[Edit]
I have no idea whether you're being sarcastic.
|
|
|
|
|
Cp-Coder wrote: This information must have been stored on Microsoft's servers. Yes, it is stored in your Microsoft account in the cloud.
|
|
|
|
|
Interesting discussion.
Browsers definitely can store user/password information as associated in a URL on the local machine.
Far as I know this is the default.
Edge
https://learn.microsoft.com/en-us/deployedge/microsoft-edge-security-password-manager-security
Chrome
Manage passwords - Computer - Google Chrome Help[^]
As noted another post those stay on the machine. The information (the list) is not sent to the site. Rather the browser is smart enough to fill it in. I have used browser dev tools enough that I would have seen this if it was the case. I have been using browser dev tools for years (more than a decade.)
Now whether it can happen across devices is different. But it is possible. Far as I know however it is not on by default. Someone needs to have checked a box somewhere before this happens.
Edge
https://stackoverflow.com/questions/75677133/clear-cloud-saved-passwords-microsoft-edge[^]
Chrome
Use passwords across your devices - Computer - Google Account Help[^]
That said however I kind of doubt that the browser is what is sharing this data. Rather it is something else. And the browser just is able to use it after it happens.
|
|
|
|
|
I hope you are right. Nonetheless freaks me out.
|
|
|
|
|
If you don't trust your browser then switch the feature off. Just tell your browser never to save password details and you can stop worrying.
|
|
|
|
|
It looks like WinAmp finally has all of their properties in order, and is being properly developed: Winamp. That took a while!
|
|
|
|
|
It took a long time, but I got the new version about 2 months or so ago and like it.
Although the appearance hasn't changed much.
I don't think before I open my mouth, I like to be as surprised a everyone else.
PartsBin an Electronics Part Organizer - Release Version 1.3.0 JaxCoder.com
Latest Article: SimpleWizardUpdate
|
|
|
|
|
Mike Hankey wrote: Although the appearance hasn't changed much.
Extra points to them for doing exactly that.
One of the big features of Winamp at the time was its extensive reskinning capabilities. So, it only makes sense that they wouldn't spend much resources on changing the default UI.
|
|
|
|
|
Hmm, don't know about that I was expecting the new telepathic UI?
I don't think before I open my mouth, I like to be as surprised a everyone else.
PartsBin an Electronics Part Organizer - Release Version 1.3.0 JaxCoder.com
Latest Article: SimpleWizardUpdate
|
|
|
|
|
That poor llama had finally just recovered from all that ass-whipping...
|
|
|
|
|
Winamp's been asking me to install the new version for months now and so far I've declined.
I like this version that I've used for the last 22 years or so
|
|
|
|
|
That's got to be annoying. Is there no option to tell it not to look for updates? Failing that, can you block (with your hosts file, or whatever) the site it's connecting to so it cannot determine whether there's an update available and thus keep it quiet?
I'm reminded of the Winzip trial nagware splashscreen asking a buddy of mine to register his version for 3,000+ days...he just got used to it.
|
|
|
|
|
You're right, it is annoying.
Just googled if it can be turned off and apparently it's simply a checkbox in settings (together with "send anonymous usage statistics").
Why didn't I think of that before?
dandy72 wrote: I'm reminded of the Winzip trial nagware That's a bit unfair.
It's a good product and it's free.
I start nagging too when my customers don't pay (and after 3,000+ days I'm not as friendly as Winzip about it)
|
|
|
|
|
One of my old bosses met Justin Frankel, said he was a real quiet guy, reserved guy. Just goes to show, you never know what people can do based on first impressions alone.
Jeremy Falcon
|
|
|
|
|
Here is the most interesting entertaining C++ talk I've seen since Corona. It aint short, but was worth it for me.
*(char*)0 = 0; - YouTube[^]
"If we don't change direction, we'll end up where we're going"
|
|
|
|
|
Have them write it up and I might give it a read. (I probably won't.)
|
|
|
|
|
I guess YouTube has gone to all commercials...f*** em!
I don't think before I open my mouth, I like to be as surprised a everyone else.
PartsBin an Electronics Part Organizer - Release Version 1.3.0 JaxCoder.com
Latest Article: SimpleWizardUpdate
|
|
|
|
|
We're not in a recession.
Inflation is good for you.
That's what the media tells us. What's worse is that the public will soon forget to and go back to believing what they see on TV.
Jeremy Falcon
|
|
|
|
|
Pay no attention to the man behind the curtain.
If you tell people something enough times they will eventually believe it.
And as far as media there is no longer a source for real news, It's all either right or left and the news people just spit out what they're told.
I don't think before I open my mouth, I like to be as surprised a everyone else.
PartsBin an Electronics Part Organizer - Release Version 1.3.0 JaxCoder.com
Latest Article: SimpleWizardUpdate
|
|
|
|