Thread replies: 32
Thread images: 4
Thread images: 4
File: Chrome-autofill-demo.gif (383KB, 770x669px) Image search:
[Google]
383KB, 770x669px
>Chrome form autofill leaks data you never meant to share
What the fuck, seriously.
Does Firefox do this shit too?
>>
EXPOSED
BOTNET
>>
>>58488975
No, but other webkit trash does
>>
File: 1389421338085.png (82KB, 594x595px) Image search:
[Google]
82KB, 594x595px
>>58488975
It's an add-on or plugin leaking information.
>>
Didn't you make this same thread last night?
>>
No, Firefox isn't that stupid and insecure.
>>
>>58488975
HTML Source?
Looks more like the website fills itself in with junk data to line itself up with a database
>>
>>58489064
No. You can try this yourself with a vanilla chrome installation.
>>
Gee. It's a good thing I don't use Chrome's autofill nor its password manager.
>>
Test URL:
https://a.pomf.cat/znwsoo.html
>>
>implying I ever submit the autofill
I just retype each piece of information.
>>
Firefox autofills one field at a time, so no.
>>
>>58489449
It's filling hidden elements in the form, which are inaccessible nor presented to the user.
At least based on op.
>>
>this thread again
im all for chrom* bashing and even i think this is pathetic
every one already knows chrom* sucks @ not-being-a-botnet
>>
>>58488975
Could this happen with credit card info too?
>>
>Using autofill
>>
Autofill is a security nightmare designed for lazy people.
>>
>>58488975
Daily reminder
>>
>>58489439
Don't use this one, he's trying to phish you.
The actual demo is linked in https://www.theguardian.com/technology/2017/jan/10/browser-autofill-used-to-steal-personal-details-in-new-phising-attack-chrome-safari
>>
>>58489558
>Correct Response
>No Replies
>>
>>58489558
well, chrome shouldn't fill out hidden elements. The browser can detect if the element is visible or not you know..
>>
Chromecucks btfod once again
>>
>>58493401
yeah, but won't any browser soon be a chromium port??
...except safari and microsoft explorer
>>
>>58493382
what's to stop someone from making the field 1x1 pixel and 99% transparent tho?
>>
>>58493482
what's to stop the browser to check if it's 1x1 px and transparent before it fills out the field?
>>
>>58493382
no.
going beyond checking if the style is hidden is a lot different than putting form fields behind other objects
>>
>>58488975
If you put your info in autofill then you clearly meant to share it at some point.
>>
>>58493559
well, at least I didn't put my creditcard in autofill..
>>
>>58493525
how is the browser to know if the user can see it or not, dumbfuck? obviously 1x1 px and 99% transparent is likely not visible, but where does it draw the line?
or if the elements are visible, but currently off-screen, what's to stop the page from grabbing the values via javascript, then hiding the elements and sending the data back using ajax?
you make it sound like this is an easy thing to fix, it certainly doesn't seem that way.
>>
>>58493725
>easy thing to fix
Sure it is. It's called disabling autofill from browsers and making lazy fucking shitcunt casual garbage lusers use their goddamn computers once in their goddamn lives.
>>
>>58493725
>how can a browser know how it renders an element
lol, your retarded
>>
>>58493796
>I literally cant read yet call others retards
Thread posts: 32
Thread images: 4
Thread images: 4