undefined | Better HN

0 points_karie_1mo ago0 comments

Any malware or LLM with user-level filesystem access can attack the outdated KDF [1] and/or wait for Firefox to be running with an unlocked credential store and read the decrypted passwords from Firefox's process memory.

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=973759

0 comments

1 comments · 1 top-level

jcattle1mo ago

Isn't it game over anyway once you have an adversary on your system capable of reading process memory?

1 more reply

j / k navigate · click thread line to collapse