Moving Passwords From Firefox (Lockwise) to KeePassXC

Go to about:logins in Firefox.

Click on the three dots in the top right corner, select “Export Logins…” and save your passwords info a CSV file (e.g. exported_firefox_logins.csv).

There’s one complication: Firefox will save dates as Unix timestamps (with millisecond resolution) which KeePassXC doesn’t understand, so we’ll have to help it out.

Save the following script into a file (e.g. firefox_csv_date_fix.py).

#!/usr/bin/env python3
#
# Author: Riyad Preukschas <riyad@informatik.uni-bremen.de>
# License: Mozilla Public License 2.0
# SPDX-License-Identifier: MPL-2.0


import csv
import sys

from datetime import datetime


def main():
    if len(sys.argv) != 2:
        print("Usage: {} <exported_firefox_logins.csv>".format(sys.argv[0]), file=sys.stderr)
        exit(1)

    csv_file_name = sys.argv[1]

    with open(csv_file_name, 'rt') as f:
        # field names will be determined from first row
        csv_reader = csv.DictReader(f)
        # read all rows in one go
        rows = list(csv_reader)

    # add new columns with Iso-formatted dates
    for row in rows:
        row['timeCreatedIso'] = datetime.fromtimestamp(int(row['timeCreated'])/1000).isoformat()
        row['timeLastUsedIso'] = datetime.fromtimestamp(int(row['timeLastUsed'])/1000).isoformat()
        row['timePasswordChangedIso'] = datetime.fromtimestamp(int(row['timePasswordChanged'])/1000).isoformat()

    # write out the updated rows
    csv_writer = csv.DictWriter(sys.stdout, fieldnames=rows[0].keys())
    csv_writer.writeheader()
    csv_writer.writerows(rows)


if __name__ == '__main__':
    main()

Call it giving it the path of the exported_firefox_logins.csv file and redirect the output into a new file:

python3 ./firefox_csv_date_fix.py ./exported_firefox_logins.csv > ./fixed_firefox_logins.csv

It will add new columns (named: old column name + “Iso”) with the dates converted to the ISO 8601 format KeePassXC wants.

We can now use the fixed_firefox_logins.csv file to import the logins into KeePassXC.

Select Database -> Import -> CSV File... from the menu.

It will ask you to create a new database. Just do it you can get the data into your default database later (e.g. call it firefox_logins.kdbx for now).

In the import form select “First line has field names” and match up KeePassXC’s fields with the columns from the CSV:

KeePassXC FieldFirefox CSV ColumnNotes
GroupNot Present
TitleurlFirefox doesn’t have a title field so we use the URL for it.
Usernameusername
Passwordpassword
URLurl
NoteshttpRealmI’m not sure how KeePassXC deals with HTTP authentication. There’s no special field for it, so I decided to keep it in the Notes field.
TOTPNot Present
IconNot Present
Last ModifiedtimePasswordChangedIsothe “Iso” part is important!
CreatedtimeCreatedIsothe “Iso” part is important!

Have a look at the preview at the bottom. Does the data look sane? 🤨

Sadly KeePassXC doesn’t let us import Firefox’s timeLastUsedIso field into its Accessed field. 😑

All your imported Logins will be inside the “Root” group. I’d suggest creating a new group (e.g. “Firefox Import”) and moving all imported Logins into it.

You can now open your default database and use the Database -> Merge From Database ... menu item, select the firefox_logins.kdbx file to include it’s contents into the current database. You’ll see a new “Firefox Imports” group show up.

You can now move the single entries into the appropriate groups if you want (e.g. “KeePassXC-Browser Passwords” if you use the browser extension).

“Grown-up” Chinese Jedi Elsa

Holy moly … CellSpex has the best, most eloquent (scathing) review of Disney’s live-action Mulan. Period. It starts with a hilariously satirical summary and goes on to dissect the maelstrom of bad decisions the film displays with its story adaptation (both from the folk tale as well as the Disney animated movie), characters, themes, style and production. I agree with each and every point.

Aktivieren Sie JavaScript um das Video zu sehen.
https://www.youtube.com/watch?v=ONVyLTBPz8E

iFlame 6S

I was mildly asleep as around 6am in the morning “someone” turned on a very bright light. There was a weird hissing sound. I woke up quite annoyed after around 10 seconds. But what I saw was beyond belief.

There was a roughly 30cm flame burning on my wife’s nightstand. I immediately went over and saw her iPhone on fire. I tried slapping it a few times which made the flames smaller so that I could disconnect the charging cable. I tried picking up the phone, but the case around was melting which burned my fingers. I then knocked it onto the ground (maybe not the smartest move), but I wanted to get the flames away from the lamp shade, plants and wall paper.

It seems the combination of disconnecting the charger and hitting the floor temporarily extinguished the flames. I immediately grabbed the phone at a point that seemed like it was not melted, ran to the kitchen and threw it into the sink. I let the water run over the phone for around a minute. I then filled a bowl with water and put the phone into it to make sure it doesn’t flare up again.

ٱلْحَمْدُ لِلَّٰهِ رَبِّ ٱلْعَالَمِينَ we got off lightly 😅 … the whole situation could have turned into a huge disaster. ☠

Tony Abbott and Tap Water

What could go wrong if-as a joke-your being asked if you could hack the former prime minister of Australia Tony Abbott? Well Alex Hope has documented it. Finding pictures of boarding pass he could log into the booking system of the airline (without additional authentication). Then he found out that the systems leaked sensitive information (passport number, telephone number, airline-internal comments about the passenger). He then went through the whole charade of finding someone in government responsible for concrete data security issues. 😵

There’s even an interesting section on when he finally gets through to Tony Abbot and they talk on a very personal level. Given the reason they were talking in the first place it also revolved about how complicated technology seems to be and how you learn how it works.

This lead Alex to reflect about how he started learning things and how you have to change your thinking when you are “hacking.” He gives a great example which he summarizes with:

In conclusion, to be a hacker u ask for tap water.

😂

We Really Are Engineers 🎉

Hillel Wayne interviewed people who have worked professionally both as a software and a traditional engineer (from a diverse set of engineering disciplines) to determine if “software engineers” are really engineers … and, yes we are.

He also analyzes myths from and about software engineering and tries to find out if there’s actually something that makes software engineering unique among the other engineering disciplines.

Aktivieren Sie JavaScript um das Video zu sehen.
https://youtu.be/3018ABlET1Y

Scaffolding for fetching and parsing emails from IMAP with Python

A friend asked me if I could help him write a Python script for fetching and processing data from emails in his mailbox … Well, the thing with emails is that they’re a pain to work with (in any form). So, I tried to help him out with a little scaffolding (also available as a Gist).