Firefox wants to warn users when they visit a site that has been breached and the data stored there stolen. However, it has not yet figured out how to do it – without potentially compromising data in the process, as well.
There's a new repository on GitHub called “Breach Alerts Prototype”, which revolves around “a vehicle for prototyping basic UI and interaction flow for an upcoming feature in Firefox that notifies users when their credentials have possibly been leaked or stolen in a data breach.”
Mozilla developer Nihanth Subramanya explained what it’s all about, saying they’re teaming up with HaveIBeenPwned.com to pull data that warns visitors. According to The Register, here’s the outline:
· Inform users about data breaches through the Firefox UI - for example, a notification when they visit a site (or maybe when they focus a form on a login page) known to have recently been breached.
· Expose documentation/educational information about data breaches in the Firefox UI - for example, a "Learn more" link in the notification mentioned above leading to a support page
· Offer a way for interested users to learn about and opt into a service that notifies them (e.g. via email) when they may be affected by breaches in the future.
But it’s still a long way from being a finished product, and there are roadblocks along the way. First, Subramanya is using the structure of a legacy add-on which Firefox 57 trashed, so that will have to change.
Also, the concept itself needs work, because there are privacy concerns. Users would need to supply their email address, so who will take care of that data?
More details about the project can be found on this link.
Image Credit: David M G / Shutterstock