Firefox Monitor Has Begun To Track Breached Email Addresses

[nir]

Mozilla has finally launched Firefox Monitor a website that connects to the TroyHun’s Have I Been Pwned? (HIBP) one of the biggest breach notification databases which can be used to check in an email address for known breaches or also can be used to register for a breach notification so that if the address is detected in the future breaches are logged by HIBP.

 

What are the advantages of using the Firefox Monitor?

 

There are many advantages of using the Firefox monitor as the connection of HIBP website brand being used in conjunction with the Firefox name will allow them to grow significantly and therefore will also help to promote the breach checking. This in turn will help the users of HIBP as the increased notifications from many users will increase the chances of the major advanced breach detection as it helps the users know before even the company knows that it has been breached.

 

When the user hears that their email address has been part of a data breach they (should) change it immediately but in the case of HIBP, it could take years to appear in their domain. The Mozilla Foundation has been integrating breach notification into the Firefox browser itself. At present, it is managed by the password management tool called 1Password. Matt Grimes for Firefox advised;

 

"The product we shipped today isn’t the end of the road for Firefox Monitor. This is just an MVP [minimum viable product]. We aren’t done iterating and we probably won’t ever be."

 

There is also some extra hurdles for a service like HIPB and its partners to overcome regarding how the internet users can enter searches for the breached email address or even specific password which is most commonly used all over the world. In theory, the search could be entered as a salted hash but that would greatly improve the computational demands when coping with large numbers of queries. The company is planning to host the service on Cloudflare and the mathematical data is called k-anonymity and the company has also offered a description of how the algorithm works.

 

How does the website work?

 

The website sends a local hash of the given email address using the SHA-1 hashing algorithm to HIPB using its API which returns a list of hashes and they compare these hashes and if there is a hash that has been matching with the existing generated hash on the client side then the website is breached. Cloudflare who host Firefox monitor advises;

 

"Instead of seeking to salt hashes to the point at which they are unique, we instead introduce ambiguity into what the client is requesting."

 

To protect the user’s privacy Firefox doesn’t store any password hashes and it only caches the user’s results in an encrypted session.

 

Source

[straycat19]

Could come in handy, however, in checking an email address it reported it was in 4 breaches however 3 of the 4 sites that it supposedly was breached on I had never heard of.  The fourth was Adobe.  That particular email address uses a whitelist so no emails come thru that aren't in the whitelist.  Had to do that over 15  years ago when it was possible to sign someone up for 1500 various emails just by submitting their email address on a site.  All it took was one friend getting their email box full of junk mail before we started whitelisting email addresses.  It was a great way of getting back at the ex-wife though.