Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

20 years of security:

sqlite3 cookies.sqlite 'SELECT name, value FROM moz_cookies WHERE isSecure AND isHttpOnly'

And that's a supposedly a master password protected browser. They can't even bother encrypting cookies. Don't be ridiculous.

 help



If the attacker can already execute code as you unrestricted, then you've kinda already lost.

Local storage isn't any better in this regard

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: