Comment 12 for bug 2038875

I don't think this is an exact dupe but it's pretty damn close. That issue is about passwords; this one cookies. That issue is being mega distracted by whether or not passwords are stored clear, or through symmetric encryption. This one acknowledges that it's stored with symmetric encryption.

I'll follow up with that one though, after I extend xbrowser to demonstrate the exploitation of the password side.