Installation, updates, general problem solving and assistance.
Steven W
VIP
Posts: 2599
Joined: 2013-08-10 22:40

2022-12-08 05:49 »

https://www.otto-js.com/news/article/ch ... -passwords
Chrome's enhanced spellcheck & Edge's MS Editor are sending data you enter into form fields like username, email, DOB, SSN, basically anything in the fields, to sites you're logging into from either of those browsers when the features are enabled. Furthermore, if you click on "show password," the enhanced spellcheck even sends your password, essentially Spell-Jacking your data.
I *don't think* this is enabled by default in Chrome. At work today, I fired up Edge (I occasionally NEED a second browser for certain things) and noticed that it WAS on. Now, I'm not in charge of setting up and/or administering those machines, but I *suspect* that this is likely due to a recent update to Edge. Luckily, it was one of the settings that the powers-that-be let me control. Even if there were a fix that didn't allow PII to be transmitted, I wouldn't want this on.

User avatar
!
30%
Posts: 3173
Joined: 2013-02-25 18:36

2022-12-08 21:49 »

Creepy.

Steven W
VIP
Posts: 2599
Joined: 2013-08-10 22:40

2022-12-09 03:28 »

Yeah, it's creepy.

Mozilla, deserves some credit for joining up with Project Bergamot:

https://blog.mozilla.org/en/mozilla/loc ... -bergamot/

Hell, I guess the E.U deserves some credit for funding it too. Wouldn't it be nice to have advanced spelling and grammar checks that operated that way too?

Post Reply