NoOp wrote:
On 12/15/2008 02:58 PM, NoOp wrote:
On 12/13/2008 08:34 PM, Justin Wood (Callek) wrote:
Of note to everyone here is that Mozilla (SeaMonkey, Firefox etc.)
report EVERY security bug once fixed and what it was. Some companies
like IE, Apple, and possibly even Google (for chrome -- no data), if a
security bug is only ever found and reported internally, they won't make
it even known that it _ever_ existed. Where we do and fix it anyway. It
is a very open community, therefore the potential for others to
accurately gauge what bugs are fixed on our side is high, whereas on
Microsoft or Apple's side is relatively low.
Agree.
Along these lines, this might be of interest to try with SeaMonkey...
http://www.info-svc.com/news/2008/12-12/
[Google Chrome Receives Lowest Password Security Score]
http://www.info-svc.com/news/2008/12-12/pm-evaluator/
[Password Manager Evaluator v2.0]
If I get some time later I'll try it with SM 1.1.14 and 2.0a3pre to see
what the results are.
1.1.14:
Report
Test Performed Result
Action Authority Checked on Retrieval FAILED
Action Authority Checked on Save FAILED
Action Authority Raises Warnings FAILED
Action Path Checked on Retrieval FAILED
Action Path Checked on Save FAILED
Action Scheme Checked on Retrieval FAILED
Action Scheme Checked on Save FAILED
Action Scheme Raises Warnings FAILED
Action Scheme Prevented if Unsafe FAILED
Autocomplete=Off Prevents Form Fills FAILED
Invisiblility Prevents Form Fills PASSED
Method Checked on Retrieval FAILED
Method Raises Warnings FAILED
Multiple Paths Per User Per Authority FAILED
Multiple Ports Per User Per Host FAILED
Multi. Schemes Per User Per Authority FAILED
Page Path Checked on Retrieval FAILED
Random Name Attr. Prevents Form Fills PASSED
User Required for PW Retrieval FAILED
User Required for PW Save FAILED
Valid URIs Don't Break Anything PASSED
I reckon I'll run the test again to make sure that I did everything
correct.
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1b3pre) Gecko/20081215
Lightning/1.0pre SeaMonkey/2.0a3pre ID:20081215000501
Report
Action Authority Checked on Retrieval FAILED
Action Authority Checked on Save FAILED
Action Authority Raises Warnings FAILED
Action Path Checked on Retrieval FAILED
Action Path Checked on Save FAILED
Action Scheme Checked on Retrieval FAILED
Action Scheme Checked on Save FAILED
Action Scheme Raises Warnings FAILED
Action Scheme Prevented if Unsafe PASSED
Autocomplete=Off Prevents Form Fills FAILED
Invisiblility Prevents Form Fills PASSED
Method Checked on Retrieval FAILED
Method Raises Warnings FAILED
Multiple Paths Per User Per Authority FAILED
Multiple Ports Per User Per Host FAILED
Multi. Schemes Per User Per Authority FAILED
Page Path Checked on Retrieval FAILED
Random Name Attr. Prevents Form Fills PASSED
User Required for PW Retrieval FAILED
User Required for PW Save FAILED
Valid URIs Don't Break Anything PASSED
_______________________________________________
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey