Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Any plans to move the bug re. low cipher strength in Firefox' master password forward one day?
59 views
Skip to first unread message
Jörg Knobloch
Oct 3, 2018, 1:40:02 PM10/3/18
to dev-platform
Hi all,
an unrelated discussion made me aware that the master password cipher
strength bug[1] is still open. Any plans to tackle that?
Other software uses strong AES algorithms for their "password
collections". Would it be hard to follow?
Jörg.
[1] https://bugzilla.mozilla.org/show_bug.cgi?id=524403
Plenty of bad press here:
https://nakedsecurity.sophos.com/2018/03/20/nine-years-on-firefoxs-master-password-is-still-insecure/
https://fossbytes.com/firefox-master-password-weak-encryption-brute-force-one-minute/
an unrelated discussion made me aware that the master password cipher
strength bug[1] is still open. Any plans to tackle that?
Other software uses strong AES algorithms for their "password
collections". Would it be hard to follow?
Jörg.
[1] https://bugzilla.mozilla.org/show_bug.cgi?id=524403
Plenty of bad press here:
https://nakedsecurity.sophos.com/2018/03/20/nine-years-on-firefoxs-master-password-is-still-insecure/
https://fossbytes.com/firefox-master-password-weak-encryption-brute-force-one-minute/
Justin Dolske
Oct 3, 2018, 1:56:32 PM10/3/18
to jo...@jorgk.com, dev-platform
Yes, we're looking at it, but don't have a detailed plan or schedule to
share yet.
Justin
> _______________________________________________
> dev-platform mailing list
> dev-pl...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-platform
>
share yet.
Justin
> dev-platform mailing list
> dev-pl...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-platform
>
0 new messages