0003320: Privacy at risk - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0003320	Kali Linux	General Bug	public	2016-05-29 07:56	2025-07-14 09:14

Reporter	rewanth	Assigned To	muts
Priority	normal	Severity	major	Reproducibility	N/A
Status	closed	Resolution	no change required
Product Version	kali-dev

Summary	0003320: Privacy at risk
Description	The user saves his password on his PC on Kali. If you are using mozilla/iceweasel you can go to Preferences > Security > Saved Logins and see the passwords easily. They are neither in encrypted form nor the browser is prompting for a password. But in windows if you try the same you have to enter the login password of the system to view the saved passwords in text format whereas in Kali Linux its not present. So the attacker can take some other persons/friends laptop/pc and cam view the passwords easily even if he don't know the password of the system.
Additional Information	The users privacy is at 100% risk in Kali Linux whereas in Windows its very secure. As every attacker knows that social engineering is the best technique to steal the users passwords or hack a system and this flaw provides a very good platform to steal the users passwords.

Date Modified	Username	Field	Change
2016-05-29 07:56	rewanth	New Issue
2016-05-30 07:19	muts	Note Added: 0005296
2016-05-30 07:19	muts	Status	new => closed
2016-05-30 07:19	muts	Assigned To	=> muts
2016-05-30 07:19	muts	Resolution	open => no change required
2025-07-14 09:14	g0tmi1k	Priority	immediate => normal

muts 2016-05-30 07:19 reporter ~0005296	This is not a Kali bug, but expected browser behaviour. If an attacker can access your graphical, logged in session, you have bigger troubles than browser passwords being exposed.