back to article Have I been pwned, Firefox? OK, let's ask its Have I Been Pwned tool

Mozilla on Tuesday debuted a service called Firefox Monitor that it has been testing to help people see whether their email addresses have been compromised. "We’ll let you know if your email address and/or personal info was involved in a publicly known past data breach," said Nick Nguyen, Mozilla's VP of Firefox Product, in a …

  1. elDog

    One fox to rule them all

    I do think this is a good step forward. Of course I worry about putting all my hens in one basket since there are several avenues of attacks on ffx installations.

    Somewhat aside, I feel that my reliance on the google architecture (chrome, gmail, search) is more of a privacy threat than other players. Should I go back to IE7?

    1. DJV Silver badge

      Re: One fox to rule them all

      I do think this is a good step forward. Of course I worry about putting all my hens in one basket since there are several avenues of attacks on ffx installations.

      The same could be said for any other browser.

      Somewhat aside, I feel that my reliance on the google architecture (chrome, gmail, search) is more of a privacy threat than other players.

      Oh, absolutely!

      Should I go back to IE7?

      OMG, NO!

      1. elDog

        Re: One fox to rule them all

        Hoping against hope that my tongue firmly implanted in right cheek would be noted.

        Oh well, I'll try to be a bit more circumspect next time.

  2. Anonymous Coward
    Anonymous Coward

    Hold on... How does this work exactly

    ....."One difference for now is that sensitive sites will only be sent to you after you've verified your email to help keep you safe. There are future plans to integrate it more deeply into the Firefox and future products that are underway.".....

    Wait, is this in itself another attack vector?

    How are you supposed to verify your email...

    Plus is it stored somewhere to be hacked?

  3. Christoph

    "This may seem like a quaint concern when looking into whether one's email address and password have already been exposed online. But it may matter to some."

    Surely the idea is to avoid exposing your email address if it hasn't already been exposed?

    The HIBP site is presumably OK since so many people will have checked it, but the extra security doesn't hurt and just may avoid letting a previously clean address out into the wild.

    As a for instance, I use different emails for each company I buy from, so if it escapes I can be sure it's that company as nobody else knows it - but can I still be sure if I've also sent it to other sites? And I certainly don't want to expose the very complex address I use for banking, which any phisher would first have to guess.

    1. veti Silver badge

      You use an email address for banking? Why?

      1. User McUser
        Meh

        You use an email address for banking? Why?

        Probably because their bank required them to provide an email address when creating a login? I know mine did...

    2. Robert Helpmann??
      Childcatcher

      Default to Secure

      ...the extra security doesn't hurt and just may avoid letting a previously clean address out into the wild.

      If instead of treating security as a optional bolt-on component it was the default for applications to secure as much as they reasonably could, the world would be a better place. How much effort is it to send encrypted information instead of clear text? How much trouble would that save if encryption was the default?

  4. Herby

    The answer is obvious...

    YES.

  5. WilliamBurke
    Headmaster

    zoology

    An article that could tenuously be connected to foxes is headed by a picture with a caption about tiger cubs, showing a red panda? You frgot to include birds, fish, and small furry creatures from Alpha Centauri.

    1. onefang

      Re: zoology

      You forgot to mention the last couple of words in the caption, which at the time I read it said -

      "This cute tiger cub is perfect for illustrating this article on Internet Explorer"

      Though it doesn't look like a panda to me.

      The small furry creatures from Alpha Centauri should still be upset.

      1. veti Silver badge

        Re: zoology

        Looks exactly like a red panda to me. For comparison.

        And I don't get the joke, either.

        1. onefang

          Re: zoology

          OK, that's a red panda then. In my defense, I had never seen nor heard about red pandas before, I was expecting something that looked more like the big black and white pandas, only red.

          I expect the small furry creatures from Alpha Centauri might get the joke.

    2. Spazturtle Silver badge

      Re: zoology

      The Chinese name of the Red Panda 火狐 translates to Firefox. So Firefox's name does not mean a fox that is on fire, but in fact means a red panda.

      1. Anonymous Coward
        Anonymous Coward

        Re: zoology

        The Chinese name of the Red Panda 小熊猫 translates as little bear cat.

        Wikipedia claims that "English names used in the past include fire fox..."

        1. Anonymous Coward
          Anonymous Coward

          Re: zoology

          Not sure if its true but I've heard that "panda" is to some extent a generic name for "animal that eats bamboo"

        2. Anonymous Coward
          Anonymous Coward

          Re: zoology

          Red Panda Chinese name is 小熊猫 (Source: Chinese Zoo). Direct translation is small (小) bear (熊) cat (猫). Implied translation is small (小) panda (熊猫) or little panda.

  6. Brush

    Tiger cub?

    Nope, definitely a Red Panda, back to Zoology 101 reg hacks!

  7. Aodhhan

    Oh no.

    Just another product to monitor us and collect data, which can then be stolen and given to the entire word--and then used against us.

    Only the foolish trust Google.

    1. EnviableOne

      Re: Oh no.

      K-annonymity to the rescue

      https://www.troyhunt.com/were-baking-have-i-been-pwned-into-firefox-and-1password/

      and the only data being collected is email X has been in breach Y (and Z and A ...)

  8. Anonymous Coward
    Anonymous Coward

    "Our first step is to bring the data in HIBP and surface it to users through our website and in-product notifications for Firefox users," Mozilla's spokesperson said.

    Mozilla's spokesperson needs to derectum his head.

  9. earl grey
    Paris Hilton

    I refuse to bank online

    I looked into it once for one of my banks. Only 82 pages of fine print lawyerese to wade through and i decided not to do business that way. FU bank.

    I'll have the red panda for breakfast. Was that a firefox or firecrotch? Only she knows.

  10. Registered Register Registrant

    The caption

    > This cute tiger cub is perfect for illustrating this article on Internet Explorer

    I am literally dying over here.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like