silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,176
Mozilla’s Firefox browser allows users to take screenshots of entire pages or sections of pages and save them to the cloud, but is making them publicly accessible by default, an ethical hacker has discovered.
Introduced in the browser last fall, Firefox Screenshots was meant to make it easy for users to “take, download, collect and share screenshots.” To access it, one would have to click on the Page actions menu in the address bar (or simply right-click on a web page) and select Take a Screenshot.
This allows users to save a screenshot of the entire page, of the visible section of the page, or use a selection tool to save only a region they consider important. Next, they can dismiss the action, copy the screenshot, download it, or click a “Save” button that sends the screenshot to the cloud.
The issue is that all saved screenshots go to Firefox Screenshots, a public subdomain. This is the default setting in the browser and makes everyone’s screenshots available to everyone else. Furthermore, the screenshots could even be discovered using search engines such as Google.
Mozilla issued a fix for the issue yesterday, soon after details on it emerged on Twitter. Apparently, this is not the first time the organization attempts to address this, but the previous implementation was flawed.
Specifically, in its attempt to avoid shot pages being indexed by search engines, Mozilla replaced robots.txt with <meta name=robots value=noindex>, but the fix was “only put in place for expired pages instead of all pages as intended.”
“So this is being deployed and now we're talking to DDG/Google etc to strip the domains,” John Gruen, UX-focused Product Manager at Mozilla, told the ethical hacker who discovered the flaw.
Introduced in the browser last fall, Firefox Screenshots was meant to make it easy for users to “take, download, collect and share screenshots.” To access it, one would have to click on the Page actions menu in the address bar (or simply right-click on a web page) and select Take a Screenshot.
This allows users to save a screenshot of the entire page, of the visible section of the page, or use a selection tool to save only a region they consider important. Next, they can dismiss the action, copy the screenshot, download it, or click a “Save” button that sends the screenshot to the cloud.
The issue is that all saved screenshots go to Firefox Screenshots, a public subdomain. This is the default setting in the browser and makes everyone’s screenshots available to everyone else. Furthermore, the screenshots could even be discovered using search engines such as Google.
Screenshots are sent to the public server only when the user clicks the “Save” button. Many users, however, might have been long doing so without realizing that they were actually sending them to the cloud.
Mozilla issued a fix for the issue yesterday, soon after details on it emerged on Twitter. Apparently, this is not the first time the organization attempts to address this, but the previous implementation was flawed.
Specifically, in its attempt to avoid shot pages being indexed by search engines, Mozilla replaced robots.txt with <meta name=robots value=noindex>, but the fix was “only put in place for expired pages instead of all pages as intended.”
“So this is being deployed and now we're talking to DDG/Google etc to strip the domains,” John Gruen, UX-focused Product Manager at Mozilla, told the ethical hacker who discovered the flaw.
