“Warning: It’s possible you may be sharing more information than you think when you use AutoFill in your Web browser, unless of course you know what to look for,” Jonny Evans writes for Apple Must.
“Finnish web developer and hacker Viljami Kuosmanen has found that some web browsers, especially Google’s Chrome, can be tricked into giving more of your personal information than you think you are sharing when you use AutoFill,” Evans writes. “That’s particularly bad when it comes to confidential information like phone numbers, email addresses, home address details or even credit card data.”
“Chrome users are most impacted because the browser’s autofill system is left on by default,” Evans writes. “Safari users should also beware to check what it is autofill is filing on their behalf, so here is what to do pending a fix.”
Read more in the full article here.
MacDailyNews Take: Always make sure that AutoFill is only sharing what you want to share. See Evans’ full article for details.
What a stupid headline! Why not fix it, MDN?
“…Google’s Chrome, can be tricked into giving more of your personal information than you think you are sharing when you use AutoFill…Chrome users are most impacted because the browser’s autofill system is left on by default.”
Because that is the stupid headline from the actual article!
I have autofill turned off. I think it’s a bad idea to have PII in a browser, to begin with. Regularly review your browsers settings and remove information you don’t wish to be there.
Also the title is bate.
Jonny Evans’ article points out that so long as you read the dialogue box that pops up when Safari is about to auto-fill, you need have nothing to worry about.
You may have already noticed that Safari sometimes comes up with a small dialogue box when it is only offering to fill in a single item like an e-mail address, or a more comprehensive dialogue box if it’s about to provide detailed information. All you need to do is to briefly check that the information which Safari is proposing to give is appropriate for the page that you are on and only then to click to authorise it.
Democrats still blame Putin for Podesta falling for the phishing scam. I guess it’s easier to blame Russians rather than admit Podesta was a dumba$$.