Hacker News new | past | comments | ask | show | jobs | submit login

It's 100% open source! Please feel free to review it.


It doesn't currently do anything with passwords, it's only pulling out cookies from HTTP Response headers. But it would be trivial to also get passwords in non-HTTPS requests for logins with the same method.

Again, not assuming you're evil, but it's possible that the compiled binary (.xpi) was not created from the source posted on the github account :)

Indeed. Sorry if I implied that you were doing evil things.

People should also be aware of the security implications of installing various software on their system. :)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact