[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Firefox
- To: http://www.state.vt.us/~Flora. (Flora E ), http://profiles.yahoo.com/Flora (Flora E ), http://www.gmail.com/~flora (Flora E ), noelle <http://dummy.us.eu.org/noelleg>, http://www.gmail.com/~christopher1 (Chris), http://www.gmail.com/~drchrisbear (Chris), http://www.picis.com/~Chris (Chris), http://www.optum.com/~Chris (Chris), http://www.gmail.com/~369marnie (Marnie), http://www.engineer.com/~w1few (Richard), http://www.juno.com/~w1few (Richard), http://www.icloud.com/~w1fewa (Richard), http://www.myself.com/~Bhavani (Bhavani), http://www.juno.com/~bhavaniowl (Bhavani), http://www.gmail.com/~bhavaniowl (Bhavani), http://profiles.yahoo.com/Tim (Tim ), http://www.gmail.com/~alex. (Alexander ), http://www.umass.edu/~a (Alexander ), http://www.greenmtn.edu/~nicholas. (Nicholas ), http://profiles.yahoo.com/hagrad (Nicholas )
- Subject: Re: Firefox
- From: robert <http://dummy.us.eu.org/robert>
- Date: Sat, 05 Sep 2015 07:49:23 -0700
- Keywords: ifile: nonspam -1626.55773735 spam -1871.79254150 downloaded -2395.04793549 ---------
> From: Flora <http://www.gmail.com/~flora>
> Date: Sat, 5 Sep 2015 05:39:46 -0400
>
> I heard that Mozilla has been hacked.
I hadn't heard about this.
> It is being suggested that users use two
> step authentication.
http://www.theregister.co.uk/2015/09/04/mozilla_firefox_bugzilla_leak/
Actually, it doesn't specifically say that you should use two-factor
authentication. And, many web sites which you may have visited since
September 2014 may not have two-step authentication as an option. It
would probably be wise to review all the web sites visited since Sept 2014
and decide whether those being compromised are worth the trouble of
changing all those passwords.
I suspect a more detailed analysis will come out soon which will say
exactly what sort of things could have been vulnerable. (Certainly, we
know about the weak 512 bit Diffie key problem, but that's almost entirely
up to the server side, not Firefox per se. Then, there's also the
heartbleed problem which was mostly a server side problem and not a
problem with Firefox.)