It’s the latest example of a technology company trying to reduce users’ blind reliance on passwords.
The main selling point seems to be convenience: Firefox Lockbox is directly tied to whatever an Android user saves all day within their browser.
The second day of Pwn2Own 2019 featured more successful attacks from the "Flouroacetate" team of Amat Cama and Richard Zhu.
Chinese contestants from major companies had been dominating the contest in recent years, but new regulations from Beijing prohibited them from joining this year's fray.
EV certificates — the files that tell a browser to show the little green lock — are supposed to make crystal clear who owns a website. There's a way around it, though.
The report comes as White House cybersecurity czar Rob Joyce says he is reviewing the Vulnerability Equities Process — the policy structure that decides whether zero-days found by U.S. agencies should be disclosed to the manufacturer.