No boundaries for user identities: Web trackers exploit browser login managers
Other urls found in this thread:
flipboard.com
twitter.com
luckily I dont use them
>2018
>still not blocking all js by default
Not sure which browser did this, but I remember there was one where you had to click on something to fill in the form. The browser wouldn't just fill it in for you.
Chrome, FF, Opera, anything with a password manager
Pretty sure Chrome and Firefox will fill in the form automatically by default.
What happens when I disable this:
signon.autofillForms
that's why you don't use third party login managers. use what's built into chrome, or what's built into your OS (iCloud). don't trust anyone else.
flipboard.com
>Ad targeters are pulling data from your browser’s password manager
>The scripts work by injecting invisible login forms in the background of the webpage and scooping up whatever the browsers autofill into the available slots. That information can then be used as a persistent ID to track users from page to page, a potentially valuable tool in targeting advertising.
Good luck getting my passwords :^)
This affects the built-in ones you fucking idiot.
>We show how third-party scripts exploit browsers’ BUILT-IN LOGIN MANAGERS (also called password managers) to retrieve and exfiltrate user identifiers without user awareness.
>[2] We tested the following browsers: Firefox, CHROME, Internet Explorer, Edge, Safari.
chrome does not
pretty sure that in firefox you'll get an option with pre-filled login and password, but you have to click on it and click log-in manually. Maybe that's just the firefox sync thing, no idea.
okay then
My 2018 Apple Macintosh Pro Deluxe does not have this problem
This is why we can't have nice things.
signon.autofillForms is set to true by default. On Fedora at least. Set it to false, and Firefox no longer fills in username and passwords automatically. You have to choose your username and password from a list to fill in.
Note that this is basically identity theft. There's nothing keeping them from just outright stealing your login credentials and using them to perform malicious actions on your behalf.
What the fuck is this world coming to?
Are you retarded?
It's ok when corporations do it. Nobdoy goes to jail, nobody gets fined.
Corporations and their money-fueled power can go suck my dick. This is completely unacceptable and EXACTLY the kind of bullshit the FSF and Stallman are warning us about.
No, if I were then random websites would be able to get my login information :^)
Also third-party managers with the auto fill turned on.
its more like this is why marketing and advertising people need to be strung up from lampposts.
I asked because the issue at hand isn't trying to get your password, but your email address that you sign in with. They use it to tie your browsing habits to an online identification. Encrypting your data on the hard drive does nothing when they ask your browser for the email and it gives it to them.
Good job, though. I am sure the added inconvenience you cause yourself is well worth the peace of mind, Mr. President.
How can they not go to jail for this?