Hi Raggie!
It is very nice to see you back here... I have missed you as I don't usually go to the dark side of CPF.
Regarding FireFox giving away passwords... I was almost ready to dismiss this as a hoax or parody site (came up first in Google search):
Firefox gives up passwords:
The bug is real and reported
here:
It is behavior I have seen before and accepted as normal for FireFox's password manager. However, when you think about it, there is a huge problem for some website to get a UID and Password for
one host domain (at a time).
Basically, as I understand, Password Manager in FireFox only looks at the first part of any URL--the Host Domain part ("www.Iamhere.com,
www.myspace.com, etc.)...
So, if you have a login remembered for myspace.com, if some user under myspace.com also has a password and UID field, password manager will automatically fill in the saved UID and password you used for myspace.com--and they now can go to your myspace.com account, or try other common places like hotmail, yahoo,
www.bankofme.com, etc. and see if it works there too... This can also be an issue for places like store.yahoo.com and other places too...
At this point, again from what I understand, the bug is still not addressed/fixed and the subject to debate. This is also, apparently, a problem with trusted Java scripts/programs too (only uses
www.domain.com for security considerations).
The last got-you in the Password Manager/FireFox bug is that the UID and Password fields can be hidden (and maybe auto submitted?) so that you cannot even see the passwords being populated or even stop their transmission.
Other browsers (like IE) appear not to have this problem for various reasons (FireFox attempted to make Password Manager easy to use so that people can use long and unique passwords).
So--the problem is real and can be bad if you use the same UID and Password for Amazon and Myspace (as an example). Changing your UID/Password for each site (that at least has your personal information like address, banking info, and credit cards) is a first step.
When I first read this, I was pretty upset and ready to stop using Password Manager--but as I read the issues, I am pretty OK with using it as is for now--because I have different UIDs and Passwords for different sites--although, I will probably go out their now and randomize the passwords a bit more to make sure.
Regarding the AdBlock question, there is a newer version out there (the old AdBlock is a "long" (in computer software terms) discontinued supported software):
Adblock Plus
They also have some auto-updating filters too (go to their website and read about them--and old one.
Filterset.G I used before is now not recommended anymore). I use the two popular versions of "EasyList" myself now.
-Bill