{"id":1034,"date":"2011-03-24T18:09:14","date_gmt":"2011-03-24T22:09:14","guid":{"rendered":"http:\/\/www.braindeadprojects.com\/blog\/?p=1034"},"modified":"2011-03-24T14:52:48","modified_gmt":"2011-03-24T18:52:48","slug":"quit-googling-your-passwords","status":"publish","type":"post","link":"http:\/\/www.braindeadprojects.com\/blog\/what\/quit-googling-your-passwords\/","title":{"rendered":"Quit Googling your Passwords"},"content":{"rendered":"

Recently, I noticed someone using one of the QuickSearch toolbars included in Firefox<\/a> as a place to temporarily paste something while working on their desktop.<\/p>\n

\"\"<\/a>
Put it here temporarily?<\/figcaption><\/figure>\n

It makes sense, you need to place to hold something for a moment – it’s right there and readily available. And since you’re not pressing the Enter key, it’s not going to be sent anywhere right?<\/p>\n

Well, actually it is. After you stop typing, it immediately sends an HTTP POST <\/a>request to it’s target (Google<\/a> in this case). And while the search does takes place, it doesn’t update your browser (so you might not realize it even happens). Here’s a copy of the content in the packet:<\/p>\n

 <\/p>\n

GET \/complete\/search?output=firefox&client=firefox&hl=en-US&q=mysuperleetpassword <\/strong>HTTP\/1.1
\nHost: suggestqueries.google.com
\nUser-Agent: <omitted>
\nAccept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8<\/p><\/blockquote>\n

 <\/p>\n

Does this matter? That depends on what you put there. You probably wouldn’t pick up the phone and call Google (or Yahoo!<\/a>, or BING<\/a>, etc) and tell the receptionist “Hey, my Facebook<\/a> username is … and my password is …”, but you can very easily do this by simply pasting ANYTHING in that handy little search bar.<\/p>\n

Here’s a quick video of me running a packet capture and typing something into the search area. Again, I only moved my cursor – never did I press Enter (View it fullscreen for better detail).<\/p>\n

 <\/p>\n

<\/embed><\/object><\/p>\n

I wonder how much garbage accidentally falls into search engine pits like this. I’m also curious as to how many sites log mistyped passwords (think of it this way – you accidentally type your webmail password into Facebook or vice versa).<\/p>\n

All the misguided traffic reminds me of\u00a0 the pollution problem of 1.0.0.0\/8<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Recently, I noticed someone using one of the QuickSearch toolbars included in Firefox as a place to temporarily paste something while working on their desktop. It makes sense, you need to place to hold something for a moment – it’s right there and readily available. And since you’re not pressing the Enter key, it’s not … Continue reading Quit Googling your Passwords<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14,1],"tags":[],"class_list":["post-1034","post","type-post","status-publish","format-standard","hentry","category-braindeadtip","category-what"],"_links":{"self":[{"href":"http:\/\/www.braindeadprojects.com\/blog\/wp-json\/wp\/v2\/posts\/1034"}],"collection":[{"href":"http:\/\/www.braindeadprojects.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.braindeadprojects.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.braindeadprojects.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.braindeadprojects.com\/blog\/wp-json\/wp\/v2\/comments?post=1034"}],"version-history":[{"count":18,"href":"http:\/\/www.braindeadprojects.com\/blog\/wp-json\/wp\/v2\/posts\/1034\/revisions"}],"predecessor-version":[{"id":1053,"href":"http:\/\/www.braindeadprojects.com\/blog\/wp-json\/wp\/v2\/posts\/1034\/revisions\/1053"}],"wp:attachment":[{"href":"http:\/\/www.braindeadprojects.com\/blog\/wp-json\/wp\/v2\/media?parent=1034"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.braindeadprojects.com\/blog\/wp-json\/wp\/v2\/categories?post=1034"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.braindeadprojects.com\/blog\/wp-json\/wp\/v2\/tags?post=1034"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}