Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

Firefox Sync is completely insecure

  • 3 답장
  • 2 이 문제를 만남
  • 10 보기
  • 최종 답변자: mr_gou

more options

After my Android mobile phone was stolen, I was stunned when I read this: https://support.mozilla.org/en-US/kb/disable-firefox-sync-lost-phone-or-tablet. It simply is an admission that Firefox sync is completely insecure. Any other similar services allow to dissociate a specific device so that the data cannot be accessed. However, with Firefox, the so-called most secure browser, all passwords can be accessed on a stolen device, even in clear with the password manager extension, and there is nothing you can do about it! That's just incredible!

After my Android mobile phone was stolen, I was stunned when I read this: https://support.mozilla.org/en-US/kb/disable-firefox-sync-lost-phone-or-tablet. It simply is an admission that Firefox sync is completely insecure. Any other similar services allow to dissociate a specific device so that the data cannot be accessed. However, with Firefox, the so-called most secure browser, all passwords can be accessed on a stolen device, even in clear with the password manager extension, and there is nothing you can do about it! That's just incredible!

모든 댓글 (3)

more options
with Firefox, the so-called most secure browser, all passwords can be accessed on a stolen device

This is only true if you don't take any precautions. If you're so security conscious as it sounds, why didn't you think about that before your device got stolen?

and there is nothing you can do about it!

Not true. https://support.mozilla.org/en-US/kb/using-master-password-firefox-android

Did you bother to set a master password?

Whether it's a good idea to make sensitive passwords available on a mobile device in the first place is a different story.

more options

to add to the prior reply: as it is built now, firefox sync is not a separate data source that you can plug in & out of a device. it is a service that brings the local data of multiple devices to the same level (so data that arrives on your device via sync is no different than data you manually enter on a device which isn't connected to an account).

more options

I understand your point, but what I'm questioning is that you can't dissociate a connected device, which is a pretty standard feature of many synchronized data services, such as Google, Evernote, Facebook, Dropbox and others. For a feature that stores data such as password, this is a huge gap.