搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

Privacy bugs in Firefox 88 on Linux

more options

Hi,

The privacy and security settings don't work on Firefox 88 on Linux (Ubuntu 18.04.5 LTS). Many sites will offer the option to 'Login with google/facebook/whatever' rather than creating a new account for that specific site. One really annoying (and dangerous) consequence of 'logging in with google' is that it remains logged in. So for example if I log in to non-google siteX using my google credentials and then hours later open gmail in a different tab I get straight through to my gmail inbox without having to supply any credentials (and indeed any other user of the same machine could do the same). Obviously this highly insecure and dangerous policy of keeping me logged in indefinitely is implemented by Google for their own agenda and has nothing to do with Firefox. The bug in Firefox is that when I clear all data to work around this google problem FIREFOX does not work as advertised. So to try to 'force' a logout from my Google account I go to Firefox -> Preferences -> Privacy & Security -> Cookies & Site Data -> Clear Data, after a few minutes of churning away at my harddrive Firefox informs me that 'Your stored cookies, site data, and cache are currently using 0 bytes of disk space.' For good measure I then hit the 'Clear History' button. After this I open a fresh tab and go to gmail and I get straight into my inbox, no credentials required, so clearly Firfox is NOT deleting all cookies etc and is mis-reporting that 0 bytes are being used. So, does anyone know where/how I should report this dangerous privacy bug ?

Thanks MH

Hi, The privacy and security settings don't work on Firefox 88 on Linux (Ubuntu 18.04.5 LTS). Many sites will offer the option to 'Login with google/facebook/whatever' rather than creating a new account for that specific site. One really annoying (and dangerous) consequence of 'logging in with google' is that it remains logged in. So for example if I log in to non-google siteX using my google credentials and then hours later open gmail in a different tab I get straight through to my gmail inbox without having to supply any credentials (and indeed any other user of the same machine could do the same). Obviously this highly insecure and dangerous policy of keeping me logged in indefinitely is implemented by Google for their own agenda and has nothing to do with Firefox. The bug in Firefox is that when I clear all data to work around this google problem FIREFOX does not work as advertised. So to try to 'force' a logout from my Google account I go to Firefox -> Preferences -> Privacy & Security -> Cookies & Site Data -> Clear Data, after a few minutes of churning away at my harddrive Firefox informs me that 'Your stored cookies, site data, and cache are currently using 0 bytes of disk space.' For good measure I then hit the 'Clear History' button. After this I open a fresh tab and go to gmail and I get straight into my inbox, no credentials required, so clearly Firfox is NOT deleting all cookies etc and is mis-reporting that 0 bytes are being used. So, does anyone know where/how I should report this dangerous privacy bug ? Thanks MH

所有回覆 (3)

more options

This is the place to report a bug: https://bugzilla.mozilla.org/ Another option is to open history (which, I realise, you have deleted) and right-click the location then select "Forget About This Site". That will log you out. I never use the options to log in with google, facebook or any such site.

more options

Thanks for the link Terry, as for the workaround of selecting the site manually from from the History and then "Forget About This Site", this isn't an option as I have the History preference set to 'Never remember History' so my History tab shows no entries, although given the behaviour I'm seeing when trying to clear data it wouldn't surprise me at all to learn that the History isn't properly deleted either :)

more options

mharpes1 said

So to try to 'force' a logout from my Google account I go to Firefox -> Preferences -> Privacy & Security -> Cookies & Site Data -> Clear Data, after a few minutes of churning away at my harddrive Firefox informs me that 'Your stored cookies, site data, and cache are currently using 0 bytes of disk space.' For good measure I then hit the 'Clear History' button. After this I open a fresh tab and go to gmail and I get straight into my inbox, no credentials required, so clearly Firfox is NOT deleting all cookies etc and is mis-reporting that 0 bytes are being used.

mharpes1 said

I have the History preference set to 'Never remember History' so my History tab shows no entries

"Never remember history" triggers Firefox's automatic private browsing mode. So it's puzzling what was getting cleared from disk when private browsing doesn't save anything to disk. We need to figure out whther there's a feature to bulk-clear the memory-based cookie jar used in private windows, or whether it's necessary to go to the site and use site-specific features.