{"id":433,"date":"2008-12-20T19:25:12","date_gmt":"2008-12-20T22:25:12","guid":{"rendered":"https:\/\/www.talsoft-security.com\/site\/?p=433"},"modified":"2008-12-20T19:25:12","modified_gmt":"2008-12-20T22:25:12","slug":"los-navegadores-entregan-contrasenas-a-sitios-de-intrusos","status":"publish","type":"post","link":"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/","title":{"rendered":"Los navegadores entregan contrase\u00c3\u00b1as a sitios de intrusos"},"content":{"rendered":"

La mayor\u00c3\u00ada de los navegadores m\u00c3\u00a1s populares de Internet se dejan enga\u00c3\u00b1ar f\u00c3\u00a1cilmente. <\/span><\/p>\n

Diario Ti: La mayor\u00c3\u00ada de los navegadores web incorporan una funci\u00c3\u00b3n que permite recordar las claves de acceso de los sitios visitados. Sin embargo, \u00c2\u00bfqu\u00c3\u00a9 garant\u00c3\u00ada hay de que el navegador entregue las contrase\u00c3\u00b1as solo a los sitios seleccionados por el usuario, y no a sitios de intrusos?<\/p>\n

La compa\u00c3\u00b1\u00c3\u00ada de seguridad inform\u00c3\u00a1tica Chapin Information Services ha probado la forma en que los programas Google Chrome, Microsoft Internet Explorer, Apple Safari, Opera y Mozilla Firefox gestionan la seguridad de las contrase\u00c3\u00b1as.<\/p>\n

Seg\u00c3\u00ban la prueba, todos los navegadores, sin excepci\u00c3\u00b3n, hacen un mal trabajo respecto de la protecci\u00c3\u00b3n de las contrase\u00c3\u00b1as de los usuarios. Los navegadores Opera y Firefox obtienen la mejor puntuaci\u00c3\u00b3n, pero a\u00c3\u00ban as\u00c3\u00ad s\u00c3\u00b3lo lograron superar 7 de 21 pruebas. Internet Explorer logr\u00c3\u00b3 superar cinco de las pruebas.<\/p>\n

Los peores resultados fueron conseguidos por los productos Google Chrome y Apple Safari, que s\u00c3\u00b3lo superaron dos de las 21 pruebas.<\/p>\n

Formularios adulterados<\/strong>
\nUno de los problemas de seguridad revelados en la prueba es que algunos de los navegadores pueden ser inducidos a enviar contrase\u00c3\u00b1as correspondientes a distintos servicios, a un sitio \u00c3\u00banico. Precisamente esta t\u00c3\u00a1ctica fue utilizada durante un ataque a MySpace, donde los atacantes usaron un formulario adulterado de inicio de sesi\u00c3\u00b3n. Debido a que tanto el formulario aut\u00c3\u00a9ntico como el adulterado estaban almacenados en el mismo sitio, los intrusos pudieron acceder a la informaci\u00c3\u00b3n de inicio de sesiones, esto es nombre de usuario y clave.<\/p>\n

La vulnerabilidad tambi\u00c3\u00a9n est\u00c3\u00a1 presente en Firefox, pero sus desarrolladores ya habr\u00c3\u00adan solucionado el problema. Chrome y Safari contin\u00c3\u00baan siendo vulnerables ante este tipo de ataques, seg\u00c3\u00ban Chapin Information Services.<\/p>\n

Otro problema es que los navegadores no suelen comprobar a qu\u00c3\u00a9 sitio est\u00c3\u00a1 comunicando las contrase\u00c3\u00b1as. Solo Firefox y Opera pueden evitar que el navegador permita enviar las contrase\u00c3\u00b1as a otro dominio que aqu\u00c3\u00a9l para el que fue inscrita cuando fue almacenada en el gestor de contrase\u00c3\u00b1as.<\/p>\n

De igual modo, formularios invisibles contenidos en algunos servicios tambi\u00c3\u00a9n pueden activar la funci\u00c3\u00b3n de gesti\u00c3\u00b3n de contrase\u00c3\u00b1as de los navegador es. De esa forma, el navegador puede ser inducido a entregar la contrase\u00c3\u00b1a sin que el usuario siquiera se percate.<\/p>\n

Usted mismo puede comprobar la seguridad de la funci\u00c3\u00b3n de contrase\u00c3\u00b1as de su navegador en esta p\u00c3\u00a1gina<\/a>.<\/span><\/p>\n

Fuente: DiarioTi
\n<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

La mayor\u00c3\u00ada de los navegadores m\u00c3\u00a1s populares de Internet se dejan enga\u00c3\u00b1ar f\u00c3\u00a1cilmente. Diario Ti: La mayor\u00c3\u00ada de los navegadores web incorporan una funci\u00c3\u00b3n que permite recordar las claves de acceso de los sitios visitados. Sin embargo, \u00c2\u00bfqu\u00c3\u00a9 garant\u00c3\u00ada hay de que el navegador entregue las contrase\u00c3\u00b1as solo a los sitios seleccionados por el usuario, […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-433","post","type-post","status-publish","format-standard","hentry","category-profesional"],"yoast_head":"\nTalSoft - Seguridad Inform\u00e1tica Empresarial - Los navegadores entregan contrase\u00c3\u00b1as a sitios de intrusos<\/title>\n<meta name=\"description\" content=\"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Leandro Ferrari\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/\"},\"author\":{\"name\":\"Leandro Ferrari\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8\"},\"headline\":\"Los navegadores entregan contrase\u00c3\u00b1as a sitios de intrusos\",\"datePublished\":\"2008-12-20T22:25:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/\"},\"wordCount\":434,\"publisher\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#organization\"},\"articleSection\":[\"Profesional\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/\",\"name\":\"TalSoft - Seguridad Inform\u00e1tica Empresarial - Los navegadores entregan contrase\u00c3\u00b1as a sitios de intrusos\",\"isPartOf\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#website\"},\"datePublished\":\"2008-12-20T22:25:12+00:00\",\"description\":\"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.\",\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/\"]}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#website\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/\",\"name\":\"TalSoft TS - Services IT Security\",\"description\":\"Talsoft is transforming awareness, control and decision-making power so that companies can protect their critical and confidential information from computer attacks.\",\"publisher\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.talsoft-security.com\/site\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#organization\",\"name\":\"Talsoft TS\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png\",\"contentUrl\":\"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png\",\"width\":270,\"height\":125,\"caption\":\"Talsoft TS\"},\"image\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"http:\/\/www.facebook.com\/talsoftsrl\",\"https:\/\/x.com\/talsoft\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8\",\"name\":\"Leandro Ferrari\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g\",\"caption\":\"Leandro Ferrari\"},\"sameAs\":[\"http:\/\/www.talsoft.com.ar\",\"https:\/\/www.facebook.com\/talsoftsrl\/\",\"https:\/\/x.com\/avatar_leandro\"],\"url\":\"https:\/\/www.talsoft-security.com\/site\/author\/leandro\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"TalSoft - Seguridad Inform\u00e1tica Empresarial - Los navegadores entregan contrase\u00c3\u00b1as a sitios de intrusos","description":"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/","twitter_misc":{"Written by":"Leandro Ferrari","Estimated reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/#article","isPartOf":{"@id":"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/"},"author":{"name":"Leandro Ferrari","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8"},"headline":"Los navegadores entregan contrase\u00c3\u00b1as a sitios de intrusos","datePublished":"2008-12-20T22:25:12+00:00","mainEntityOfPage":{"@id":"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/"},"wordCount":434,"publisher":{"@id":"https:\/\/www.talsoft-security.com\/site\/#organization"},"articleSection":["Profesional"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/","url":"https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/","name":"TalSoft - Seguridad Inform\u00e1tica Empresarial - Los navegadores entregan contrase\u00c3\u00b1as a sitios de intrusos","isPartOf":{"@id":"https:\/\/www.talsoft-security.com\/site\/#website"},"datePublished":"2008-12-20T22:25:12+00:00","description":"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.","inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.talsoft-security.com\/site\/los-navegadores-entregan-contrasenas-a-sitios-de-intrusos\/"]}]},{"@type":"WebSite","@id":"https:\/\/www.talsoft-security.com\/site\/#website","url":"https:\/\/www.talsoft-security.com\/site\/","name":"TalSoft TS - Services IT Security","description":"Talsoft is transforming awareness, control and decision-making power so that companies can protect their critical and confidential information from computer attacks.","publisher":{"@id":"https:\/\/www.talsoft-security.com\/site\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.talsoft-security.com\/site\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.talsoft-security.com\/site\/#organization","name":"Talsoft TS","url":"https:\/\/www.talsoft-security.com\/site\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/","url":"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png","contentUrl":"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png","width":270,"height":125,"caption":"Talsoft TS"},"image":{"@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/"},"sameAs":["http:\/\/www.facebook.com\/talsoftsrl","https:\/\/x.com\/talsoft"]},{"@type":"Person","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8","name":"Leandro Ferrari","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g","caption":"Leandro Ferrari"},"sameAs":["http:\/\/www.talsoft.com.ar","https:\/\/www.facebook.com\/talsoftsrl\/","https:\/\/x.com\/avatar_leandro"],"url":"https:\/\/www.talsoft-security.com\/site\/author\/leandro\/"}]}},"_links":{"self":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts\/433","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/comments?post=433"}],"version-history":[{"count":1,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts\/433\/revisions"}],"predecessor-version":[{"id":434,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts\/433\/revisions\/434"}],"wp:attachment":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/media?parent=433"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/categories?post=433"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/tags?post=433"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}