@still surprised somebody made the effort for passwords 🙃 not that it is effective against infostealers
There's no easy solution - see Chrome's efforts (for Windows) from the last weeks that were defeated within days
Each platform needs an OS-secured method for storing/retrieving including not being able to grab from memory, or modify the browser itself, etc
Or each platform needs to not allow every program, script or commands pasted off the internet the user runs unfettered access to all of their data
https://bugzilla.mozilla.org/show_bug.cgi?id=56788 and related are what you're looking for
It's a little sad to see how 24 years ago the threat model brought up was totally wrong. Though if anyone had brought up "user runs unsafe program" they'd have probably been shut down with blaming the user...
=> More informations about this toot | View the thread | More toots from synotna@infosec.exchange
=> View still@infosec.exchange profile
text/geminiThis content has been proxied by September (3851b).