Chrome Browser Vulnerability Allow Unrestricted Password AccessAdded: Friday, August 23rd, 2013
Category: About Torrents > Staying Safe And Secure
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, www.extrattorrent.com, 2013
It recently turned out that a serious vulnerability in Google’s Chrome browser allows anyone to access someone’s machine and obtain all the passwords stored for email, social media and other websites, right from the settings panel. The intruder won’t need any password to view the data.
Aside from personal accounts, sensitive corporate login details would also be compromised if an employee using Chrome leaves his PC unattended with the screen active. The security experts found out that you can see the passwords by simply clicking on the Settings icon and choosing “Show advanced settings” and “Manage saved passwords” in the tab “Passwords and forms”. Then you can see a list of obscured passwords for websites, while clicking beside them would reveal the plain text of the password.
In the meantime, the head of Chrome developer team admitted they were aware of the flaw but had no plans to change the system. At the moment, Google Chrome is one of the 3 most popular browsers on desktops, the other two being Microsoft’s IE and Mozilla’s Firefox. The browser has millions of users and is regarded by some as essential to the company’s future efforts to monetize web use, by tying users to their Google accounts and synchronizing between their desktop and mobile systems.
A software developer who revealed the vulnerability pointed out that Chrome’s audience is mainly inexperienced users who don’t realize it works like that and don’t expect it to be so easy to steal their passwords. The security experts remind that other browsers have previously had similar problems with password visibility – and closed them. Three years ago, Firefox was revealed to use the same “plain text” storage that Google’s browser is being criticized for, and ended up with adding a master password option requirement. As for IE, some of its versions also had the same failings. Finally, Safari requires the user to provide a master password before revealing stored passwords.
Google developers claimed that they don’t support a master password because they don’t want to provide users with a false sense of security or encourage risky behavior. Internet users should understand that when they grant someone access to their OS user account, those can get at everything.
August 23rd,2013Posted by:
Friday, August 23rd, 2013
|Loop hole.. and Google need to fix it soonest|
|posted by (2013-08-23 18:44:47)|
|they don't want to make it harder for themselves to get your passwords do they|
|NSA snooping made easy.....|
Why else would they know about the "PROBLEM" but not be concerned enough to address it?
|posted by (2013-08-23 20:06:57)|
|It's exactly the same on any othSparrows.Danceer browser. An example is Firefox. If you do not enable Master Password, anyone can just click options and go and look around.|
|posted by (2013-08-23 21:47:16)|
|well this is not a new problem it been here since chrome was thought of|
just a lazy programmer at google in the begining
|posted by (2013-08-24 06:41:48)|
|I don't see it at all as any flaw. Normally we don't save passwords and personal data on a shared machine or office machine. Now if i use my own machine,use a good anti-virus and modify some registry settings(for Windows),one can consider it a feature. Especially those,who is in habit of forgetting password.|
|posted by (2013-08-24 16:05:56)|
|Thanks to Kaspersky, found same while Vulnerability Scan ...... not yet face same in Chrome Version 29.0.1547.57||
Most Popular Stories