Mozilla & Security, Heh.

Talk about internet security, computer security, personal security, your social security number...
Post Reply
User avatar
therube
Ambassador
Posts: 7924
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Mozilla & Security, Heh.

Post by therube »

Mozilla & Security, Heh.
Mozilla & Webextensions, Heh.
Mozilla, Heh.

https://www.reddit.com/r/firefox/commen ... r/e465wqw/
https://www.reddit.com/r/firefox/commen ... ends_your/

Before (from my cache): https://s25.postimg.cc/gq0vfzjwv/Make_y ... extens.png

After: https://blog.mozilla.org/firefox/make-y ... xtensions/

Mozilla-endorsed security plug-in accused of tracking users
"Web Security says there's nothing nefarious to its URL collection"

---
Posted Sun Aug 12, 2018 6:35 am
So not only has AMO been gutted, they are so wanting to have anything there, that is what they accept, anything, including malware.
So not only has AMO spurned all the legitimate extension developers, they are so wanting to have anyone create anything, that is what they accept, everyone, including big.spy.on.you.com.

Take "Allen", an "education".
Here he is, a dozen or so extensions. His "websites", each using the same limited one page template, & that's it.

Why?

Given these times, given what is now "allowed", given what can be "gotten", is "Allen" Allen, or is he only a stooge for big.spy.on.you.com?

Maybe that is not the case, maybe he is simply a guy who in order to "education" has come up with these extensions for his own use, & thought he'd share them with the world. :-).


Isn't it wonderful that you cannot have any sort of trust in the majority of the extensions that one might install these days.
Isn't it wonderful that even your browser maker does dubious things for your benefit.
http://forums.mozillazine.org/viewtopic ... #p14806594


PS: No mention of NoScript. Conspicuously absent from this "reporter" (cough) when promoting their browser & "security".
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 5.1; rv:52.0) Gecko/20100101 SeaMonkey/2.49.4
User avatar
therube
Ambassador
Posts: 7924
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Re: Mozilla & Security, Heh.

Post by therube »

Oh, & look at this one, https://www.browser-safety.org/, which says it works in Mozilla too.
But Mozilla says, We're sorry, but we can't find what you're looking for..

Wonder if that is on their blocklist?

Blocked Add-ons
Wonder if that is part of "Aug 16, 2018: Web Security and others".
And of course, Mozilla, in its openness is, shall we say, rather vague.
Odd, isn't it. Block list reads "Web Security" (and others) & yet the very thing posted above is... drum roll... "Web Security", which is still available on AMO - if you dare.

(How much do you want to bet that that "Web Security" is the very same as "Browser Safety".)


Oh looky here, Web Security now as in now, now, says, This add-on has been disabled by an administrator.
(Got to give Mozilla for promptness - once the crap hits the fan.)

Anyhow, this is what "Web Security" looked like (moments before being pulled):

https://s25.postimg.cc/lfqt4xy67/Web_Se ... sion-1.png
https://s25.postimg.cc/m59lhb6fj/Web_Se ... sion-2.png

221 t-h-o-u-s-a-n-d users.
70 reviews. (But the reviews page only shows 20? You figure that one out.)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 5.1; rv:52.0) Gecko/20100101 SeaMonkey/2.49.4
barbaz
Senior Member
Posts: 10841
Joined: Sat Aug 03, 2013 5:45 pm

Re: Mozilla & Security, Heh.

Post by barbaz »

Did you intend to link to addons.thunderbird.net instead of AMO?
*Always* check the changelogs BEFORE updating that important software!
-
User avatar
therube
Ambassador
Posts: 7924
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Re: Mozilla & Security, Heh.

Post by therube »

I just followed the download link (https://addons.mozilla.org/addon/browser-safety/) from the "browser-safety.org" website & Mozilla, with me using SeaMonkey, "redirected" me to "TB".

Imagine that a FF user would get, https://addons.mozilla.org/en-US/firefo ... er-safety/.


(I bet this is yet another winner, https://addons.mozilla.org/en-US/firefo ... febrowser/.)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.5
barbaz
Senior Member
Posts: 10841
Joined: Sat Aug 03, 2013 5:45 pm

Re: Mozilla & Security, Heh.

Post by barbaz »

therube wrote:(I bet this is yet another winner, https://addons.mozilla.org/en-US/firefo ... febrowser/.)
Since it's MPL license, I took a quick look at the code. It's written in the legacy addon SDK, and AFAICT the connections to their server are only on user interaction. Doesn't seem malicious to me.

In my experience the legacy addons on AMO are generally way better reviewed than the WebExtensions on AMO. Before I install a new WebExtension, I always manually review it for myself (unless I have specific reason to trust a particular WebExtension or its author). This has saved me from installing malware on more than one occasion.
*Always* check the changelogs BEFORE updating that important software!
-
barbaz
Senior Member
Posts: 10841
Joined: Sat Aug 03, 2013 5:45 pm

Re: Mozilla & Security, Heh.

Post by barbaz »

*Always* check the changelogs BEFORE updating that important software!
-
Post Reply