Mozilla snuffs password pilfering Firefox add-on
Mozilla has disabled and block-listed a Firefox add-on containing code that nabs login data sent to any website and reroutes it to a remote server. The add-on — known as, um, Mozilla Sniffer — was uploaded to the Firefox add-on site on June 6, and the malicious code was discovered on Monday, after which the add-on was block- …
This topic is closed for new posts.
Good/Bad
The Good thing about Fire Fox is it's Addons...... The bad thing about Fire Fox is it's Addons.
Fo' Sho'
Complaints about F/Fox speed may have something to do with add-on addicts. If you add loads of 'helpers' then they need to load up too. Similar to iPhone users who are app-grabbers and don't use most of them.
(see also under windows start-up)
Mozilla Sniffer
What exactly did it purport to be it's intended purpose then?
1800 downloads? What was written on the tin to attract those downloads?
If it was called "Sniffer" it was apparently doing exactly that.
How many bad addons will it take
For Firefix owners to realise that add-ons are a REALLY bad idea. Quite alot, as they are still convinced that Firefix is a great browser...
bad idea?
Not really, providing a bare-bones browser and augmenting it with different features as required on a per user basis sounds great in principle. Sadly Firefox has strayed rather far from this.
I don't think there's any such thing as a "great" browser (at the moment) ... they all exist with varying degrees of tolerability. Extensible browsers such as Firefox rank a little higher due to the wide range of customisation options available, but suffer the downside of badly written and/or malicious add-ons.
To my mind, Firefox would be far improved by returning to its simplistic roots, spinning out much of the bloat to optional, Mozilla sanctioned add-ons. A small subset of the most popular/beneficial 3rd party add-ons could also be brought into the fold with development overseen by Mozilla such that high standards are maintained.
Add to that a decent system for vetting other add-ons for malciousness allowing publication on the site, anything else can be manually installed by the brave from off-site locations.
Lofty ideals; do I think it'll happen? Nah.
I've got about 4 addons
All of which are useful to me, and none of which slow the browser down any. Add-ons are not a bad idea, any more than high-calorie foods are a bad idea, you just don't want to constantly have more and more of them for no good reason
If it's such a bad idea...
... why does EVERY other major browser maker do it? Even Chrome.
They might not implement add-ons in the same way but they all have them - so it's the implementation that's flawed rather than the idea ... and oh, what is it that Mozilla are rectifying? Oh, yes, the implementation.
Sheesh.
Just goes to show...
...that
a) 1800 cleaver people thought they woudl download this and check out that it was safe.
b) 1800 dumbasses download any old shit.
I'd like to belive it was "a"..I really would....but decades experience tells me otherwise.
Script kiddie?
The quality of the description might have given a clue:
"View and modify HTTP/HTTPS headers it's base on tamper data but many problems have been solved in this version .
in tamper data u may get empty page and don't get any informations in the addon
this problem have been solved
if you have any advices please tell me,
John"
Crap spelling or Political Correctness gone mad?
"block-listed"????????
LOL
Who can tell?
Maybe it's like Johnny the painter?
Black listed. black! Blaaaaaaackkkkk BLLAAAAAACCCKKK!
It's been added to the list of add-ons that are blocked
Therefore block-listed
Paranoid much?
Netcraft give more information
http://news.netcraft.com/archives/2010/07/15/firefox-security-test-add-on-was-backdoored.html
This topic is closed for new posts.
