Mozilla says 'minimal risk' after leaving addons database on public server

By News_Editor
December 29, 2010 in IT and Computers

https://aseannow.com/topic/429725-mozilla-says-minimal-risk-after-leaving-addons-database-on-public-server/

Followers 0

Recommended Posts

News_Editor

Posted December 29, 2010

Mozilla says 'minimal risk' after leaving addons database on public server

2010-12-29 15:17:40 GMT+7 (ICT)

MOUNTAIN VIEW, CALIFORNIA (BNO NEWS) -- Mozilla on Tuesday admitted to have accidentally left a partial database of addons.mozilla.org user accounts on its public server earlier this month.

Mozilla was notified by a security researcher about the incident on December 17, reporting the issue via its web bounty program. However, the company said the incident has a "minimal risk."

"We were able to account for every download of the database," Chris Lyon, Director of Infrastructure Security, said. "This issue posed minimal risk to users, however as a precaution we felt we should disclose this issue to people affected and err on the side of disclosure."

The database included 44,000 inactive accounts using older, md5-based password hashes, Mozilla explained, saying that they erased all the md5-passwords, rendering the accounts disabled.

Lyon explained that all current addons.mozilla.org accounts use a more secure SHA-512 password hash with per-user salts. SHA-512 and per user salts has been the standard storage method of password hashes for all active users since April 9th, 2009.

"It is important to note that current addons.mozilla.org users and accounts are not at risk. Additionally, this incident did not impact any of Mozilla's infrastructure," Lyon added. "This information was also sent to impacted users by email on December 27th."

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign in

Already have an account? Sign in here.

https://aseannow.com/topic/429725-mozilla-says-minimal-risk-after-leaving-addons-database-on-public-server/

Followers 0

Go to topic listing

Recently Browsing 0 members
- No registered users viewing this page.

Topics
- 58
  
  Musk: Kiss Your Social Security Goodbye, Grandma!
  
  SiSePuede419 · Started 19 hours ago
- 105
  
  Ukraine Backs U.S. Ceasefire Proposal, Awaiting Russian Response
  
  Social Media · Started 8 hours ago
- 10
  
  Super Pussy Prank Steals Show at Thai Football Event
  
  webfact · Started 2 hours ago
- 25
  
  Thai MP Allegedly Caught Vaping in Parliament Sparks Outrage
  
  webfact · Started 5 hours ago
- 57
  
  She has started asking for money
  
  Magpiefan1892 · Started 16 hours ago
- 7
  
  Elon Musk Claims X Was Targeted in a ‘Massive Cyberattack’ from the ‘Ukraine Area’
  
  Social Media · Started 6 hours ago
- 16
  
  Elon Musk Claims He Challenged Putin to a One-on-One Fight Over Ukraine
  
  Social Media · Started 6 hours ago
- 183
  
  Could Trump's plan fail in a spectacular fashion?
  
  spidermike007 · Started Yesterday at 04:17 AM
Popular Contributors
- Week
- Month
- Year
- All Time
1. 1
  
  Harrisfan
  1,226
2. 2
  
  spidermike007
  571
3. 3
  
  thaibeachlovers
  569
4. 4
  
  Lacessit
  565
5. 5
  
  transam
  536
Show More
Latest posts...
1. 58
  
  Musk: Kiss Your Social Security Goodbye, Grandma!
  
  Call me a meanie, but I'm in favor of cutting Medicaid benefits to people over 150 years old.
  
  1 minute ago in US & Canada Topics and Events
2. 105
  Ukraine Backs U.S. Ceasefire Proposal, Awaiting Russian Response
  
  That would have been Minsk and Minsk-2. This little public relations attempt at Minsk-3 won't succeed. But it will serve its intended purpose, becoming a talking point for posters to like, link and share.
  
  2 minutes ago in World News
  
  BREAKING NEWS
3. 10
  
  Super Pussy Prank Steals Show at Thai Football Event
  
  Because The Lounge is in a hang-out area. We don't want the smell of squid in the place where we go to have a chill.
  
  2 minutes ago in ASEAN NOW Community Pub
4. 31
  
  250% tariff on Canadian diary
  
  Almost forgot, the Western Standard link: https://www.westernstandard.news/news/alberta-lawyer-leading-delegation-to-washington-in-hopes-of-joining-us/62741 And enjoy this too: “Trudeau could start funding our NATO commitment to the full amount required. Instead of committing $20 billion to Canadian national defense, he's committing $40 billion to an electric train.” Rath says Ottawa’s gross failure to meet NATO’s 2% of GDP defence spending targets “undercuts any claims that we have to international sovereignty.” “When you think about it, we’re incapable of defending ourselves. We refuse to even meet our international defense commitments, because we hide underneath the US umbrella.” “We just can't do it anymore as a people and as a province, we either need to be independent or we need to join the United States, because Canada is no longer viable as a country.”
  
  3 minutes ago in Political Soapbox
5. 105
  Ukraine Backs U.S. Ceasefire Proposal, Awaiting Russian Response
  
  Satire - hopefully people will learn from history.
  
  3 minutes ago in World News
  
  BREAKING NEWS
6. 25
  
  Thai MP Allegedly Caught Vaping in Parliament Sparks Outrage
  
  "This is not so worse than the lying Prawit about his millions THB worth watches" Not even in the same class! Perhaps he could say that he borrowed the vaping machine from a friend who is now dead so he can't give it back ?
  
  3 minutes ago in Thailand News
Popular in The Pub
- 10
  
  Super Pussy Prank Steals Show at Thai Football Event
  
  webfact · Started 2 hours ago
- 19
  
  Is it better to do good in this world....or not?
  
  GammaGlobulin · Started 15 hours ago
- 57
  
  She has started asking for money
  
  Magpiefan1892 · Started 16 hours ago