Big Yikes: Microsoft Edge Caught Storing Passwords in Plaintext in Memory

May 5, 20263 min read

Microsoft Edge was just caught storing user passwords in plaintext in RAM. Is it a massive security flaw or just another Tuesday? Let's dive into the drama.

Share this post:

scam, phishing, fraud, email, attack, mail, online, system, cybercrime, information, access, credit, money, hack, hacker, laptop, malware, password, protection, software, steal, orange money, orange laptop, orange online, orange email, orange information, orange software, scam, scam, scam, scam, scam, phishing, phishing, phishing, phishing, fraud, fraud, email, cybercrime, malware

Nguồn gốc: https://coding4food.com/post/microsoft-edge-stores-passwords-plaintext-memory-drama. Nội dung thuộc bản quyền Coding4Food. Original source: https://coding4food.com/post/microsoft-edge-stores-passwords-plaintext-memory-drama. Content is property of Coding4Food. This content was scraped without permission from https://coding4food.com/post/microsoft-edge-stores-passwords-plaintext-memory-dramaNguồn gốc: https://coding4food.com/post/microsoft-edge-stores-passwords-plaintext-memory-drama. Nội dung thuộc bản quyền Coding4Food. Original source: https://coding4food.com/post/microsoft-edge-stores-passwords-plaintext-memory-drama. Content is property of Coding4Food. This content was scraped without permission from https://coding4food.com/post/microsoft-edge-stores-passwords-plaintext-memory-drama

Share this post:

Bình luận

dual screen, programming, coding, preview, html, css, commands, office, work, desktop, developer, startup, editor, editing, script, java, monitor, page, web, layout, code, inkscape, computer, blue computer, blue office, blue laptop, blue work, blue web, blue code, blue coding, blue programming, programming, programming, programming, coding, coding, coding, coding, coding, html, css, editing, java, java, code

IT Drama Technology

VS Code Forcing 'Co-Authored-by Copilot' on Commits: When AI Takes Credit for Your Hard Work!

VS Code is silently injecting 'Co-Authored-by Copilot' into git commits regardless of whether you used it or not. The dev community is losing its mind over this.

May 33 min read

journal, write, blank, pages, notes, notebook, diary, brainstorming, document, education, empty, paper, sheet, workspace, writing, brown laptop, brown education, brown paper, brown writing, brown document, brown note, journal, notebook, notebook, education, education, paper, writing, writing, writing, writing, writing

Dev Life IT Drama

The 'Golden Age' Copium: When Unemployment Drops Because Benefits Ran Out

Politicians boast about a 'Golden Age' of jobs, but the dev community exposes the grim reality behind the cooked unemployment statistics.

May 23 min read

corona, covid-19, coronavirus, virus, quarantine, pandemic, infection, disease, epidemic, covid, matrix, statistics, stats, numbers, code, fire, explosion, war, apocalypse, bomb, armageddon, destruction, flame, disaster, fireball

IT Drama AI & Automation

Dev Gets Booted For Coding By Hand Instead of AI Prompting: Real Tragedy or Reddit Fiction?

A wild Reddit tale of a developer who got fired for refusing to blindly use AI and demanding code reviews. Is management delusional or is it engagement farming?

May 13 min read

brown leather shoes, man, earphones, fashion, male, model, person, smartphone, leisure, sitting, urban, brown city, brown phone, brown fashion, brown mobile, brown model, brown shoes, brown smartphone, brown telephone, earphones, smartphone, smartphone, smartphone, smartphone, smartphone

IT Drama Technology

Your Phone Might Stop Being Yours: Google's Ultimate Bait and Switch?

Google is tightening the Play Integrity API, locking down Android, and killing the custom ROM scene. Are we just renting our hardware now? Let's dive in.

Apr 293 min read

ai generated, data centre, computer, server, rack, technology, digital, processor, server, server, server, server, server

IT Drama Technology

Drama Alert: Ghostty Bails on GitHub, Devs Blame AI Bots for Server Meltdowns

Mitchell Hashimoto's Ghostty is ditching GitHub. Devs are grabbing popcorn as the community blames AI 'agentic coding' for turning the site into a dumpster fire.

Apr 293 min read

rupees, rupee, indian, money, currency, money bag, wallet, deposit, security, security deposit, indian security deposit, indian wallet, paise, paisa, maal, khokha, peti, taka, orange money, orange security, rupees, rupees, rupees, rupee, paise, paisa, paisa, paisa, paisa, paisa

IT Drama Technology

Google's $270B Co-Founder Flees California Over 5% Tax, Screams 'Socialism!'

Google's co-founder dodges a 5% wealth tax by moving out of California, claiming he 'fled socialism'. The internet is brutally calling out the hypocrisy.

Apr 293 min read

What's up fellow keyboard smashers. If you're reading this on Microsoft Edge right now, you might want to pause and check if your accounts haven't been hijacked. The tech community is currently losing its collective mind over a massive security slip-up from Microsoft. Apparently, our fancy browser has been keeping our passwords in RAM, completely naked.

The TL;DR: What the actual f*ck, Microsoft?

The drama started when a security wizard on X (Twitter) named @L1v1ng0ffTh3L4N dropped a bombshell. They discovered that Microsoft Edge stores user passwords in the system's memory (RAM) in clear text.

The wild part? It doesn't just happen when you're actively typing or logging in. Even when those passwords are completely unused, they just chill in your RAM like an uninvited guest. What does this mean in plain English? If your rig gets infected with some basic malware that can dump system memory, congratulations! The hacker just got a free, unencrypted VIP pass to all your online accounts. No brute-forcing required.

Reddit & HN Out for Blood: "Enterprise-grade security, they said"

The thread blasted to the top of Hacker News with over 500 points. The comment section? An absolute warzone. Here's the breakdown from the trenches:

The Firefox Supremacists: The open-source purists are having a field day. "Told you so," "Imagine not using Firefox in 2024," and "Time to nuke Edge" are the main vibes here.
The Pragmatic Cynics: These guys argue the classic security law: "If malware has read access to your machine's memory, you're already screwed anyway." Which is true. If they are dumping your RAM, stealing your saved passwords is just the cherry on top of the disaster sundae.
The Chromium Suspects: Some senior devs are trying to figure out if this is an Edge-specific f*ck up, or an underlying Chromium issue. If it's the latter, Chrome users might be sweating bullets right now.

The C4F Verdict: Clean up your damn memory

From a dev's perspective, this is a solid reminder of a basic principle that we often ignore because we're too lazy.

First off, memory management matters. When you're handling sensitive shit (passwords, tokens, API keys) in your code, zero out the buffers the moment you're done with them. Don't rely on garbage collectors to save your ass. They clear memory when they feel like it, not when you want them to. Secondly, as a user: Stop saving your passwords in your browser. Get a dedicated Password Manager (like Bitwarden). Browsers are built to eat your RAM and render HTML, they are not digital vaults.

Wrap up: Microsoft is probably whipping their devs right now to push a hotfix. Until then, grab some popcorn.

Source of the drama: Hacker News / Twitter

The TL;DR: What the actual f*ck, Microsoft?

Reddit & HN Out for Blood: "Enterprise-grade security, they said"

The thread blasted to the top of Hacker News with over 500 points. The comment section? An absolute warzone. Here's the breakdown from the trenches:

The Firefox Supremacists: The open-source purists are having a field day. "Told you so," "Imagine not using Firefox in 2024," and "Time to nuke Edge" are the main vibes here.

The Pragmatic Cynics: These guys argue the classic security law: "If malware has read access to your machine's memory, you're already screwed anyway." Which is true. If they are dumping your RAM, stealing your saved passwords is just the cherry on top of the disaster sundae.

The Chromium Suspects: Some senior devs are trying to figure out if this is an Edge-specific f*ck up, or an underlying Chromium issue. If it's the latter, Chrome users might be sweating bullets right now.

The C4F Verdict: Clean up your damn memory

From a dev's perspective, this is a solid reminder of a basic principle that we often ignore because we're too lazy.

Wrap up: Microsoft is probably whipping their devs right now to push a hotfix. Until then, grab some popcorn.

Big Yikes: Microsoft Edge Caught Storing Passwords in Plaintext in Memory

Bình luận

Related posts

VS Code Forcing 'Co-Authored-by Copilot' on Commits: When AI Takes Credit for Your Hard Work!

The 'Golden Age' Copium: When Unemployment Drops Because Benefits Ran Out

Dev Gets Booted For Coding By Hand Instead of AI Prompting: Real Tragedy or Reddit Fiction?

Your Phone Might Stop Being Yours: Google's Ultimate Bait and Switch?

Drama Alert: Ghostty Bails on GitHub, Devs Blame AI Bots for Server Meltdowns

Google's $270B Co-Founder Flees California Over 5% Tax, Screams 'Socialism!'

Big Yikes: Microsoft Edge Caught Storing Passwords in Plaintext in Memory

The TL;DR: What the actual f*ck, Microsoft?

Reddit & HN Out for Blood: "Enterprise-grade security, they said"

The C4F Verdict: Clean up your damn memory

Bình luận

Related posts

VS Code Forcing 'Co-Authored-by Copilot' on Commits: When AI Takes Credit for Your Hard Work!

The 'Golden Age' Copium: When Unemployment Drops Because Benefits Ran Out

Dev Gets Booted For Coding By Hand Instead of AI Prompting: Real Tragedy or Reddit Fiction?

Your Phone Might Stop Being Yours: Google's Ultimate Bait and Switch?

Drama Alert: Ghostty Bails on GitHub, Devs Blame AI Bots for Server Meltdowns

Google's $270B Co-Founder Flees California Over 5% Tax, Screams 'Socialism!'

The TL;DR: What the actual f*ck, Microsoft?

Reddit & HN Out for Blood: "Enterprise-grade security, they said"

The C4F Verdict: Clean up your damn memory