Feeds

back to article Mozilla snuffs password pilfering Firefox add-on

Mozilla has disabled and block-listed a Firefox add-on containing code that nabs login data sent to any website and reroutes it to a remote server. The add-on — known as, um, Mozilla Sniffer — was uploaded to the Firefox add-on site on June 6, and the malicious code was discovered on Monday, after which the add-on was block- …

COMMENTS

This topic is closed for new posts.
Alert

Good/Bad

The Good thing about Fire Fox is it's Addons...... The bad thing about Fire Fox is it's Addons.

4
0
Silver badge
Thumb Up

Fo' Sho'

Complaints about F/Fox speed may have something to do with add-on addicts. If you add loads of 'helpers' then they need to load up too. Similar to iPhone users who are app-grabbers and don't use most of them.

(see also under windows start-up)

0
0
Silver badge
Paris Hilton

Mozilla Sniffer

What exactly did it purport to be it's intended purpose then?

1800 downloads? What was written on the tin to attract those downloads?

If it was called "Sniffer" it was apparently doing exactly that.

6
0
Silver badge
WTF?

Darwin was right

What were these 1800 people thinking?

1
0
FAIL

How many bad addons will it take

For Firefix owners to realise that add-ons are a REALLY bad idea. Quite alot, as they are still convinced that Firefix is a great browser...

1
7

bad idea?

Not really, providing a bare-bones browser and augmenting it with different features as required on a per user basis sounds great in principle. Sadly Firefox has strayed rather far from this.

I don't think there's any such thing as a "great" browser (at the moment) ... they all exist with varying degrees of tolerability. Extensible browsers such as Firefox rank a little higher due to the wide range of customisation options available, but suffer the downside of badly written and/or malicious add-ons.

To my mind, Firefox would be far improved by returning to its simplistic roots, spinning out much of the bloat to optional, Mozilla sanctioned add-ons. A small subset of the most popular/beneficial 3rd party add-ons could also be brought into the fold with development overseen by Mozilla such that high standards are maintained.

Add to that a decent system for vetting other add-ons for malciousness allowing publication on the site, anything else can be manually installed by the brave from off-site locations.

Lofty ideals; do I think it'll happen? Nah.

3
0
Anonymous Coward

I've got about 4 addons

All of which are useful to me, and none of which slow the browser down any. Add-ons are not a bad idea, any more than high-calorie foods are a bad idea, you just don't want to constantly have more and more of them for no good reason

0
0

If it's such a bad idea...

... why does EVERY other major browser maker do it? Even Chrome.

They might not implement add-ons in the same way but they all have them - so it's the implementation that's flawed rather than the idea ... and oh, what is it that Mozilla are rectifying? Oh, yes, the implementation.

Sheesh.

1
0
Unhappy

Just goes to show...

...that

a) 1800 cleaver people thought they woudl download this and check out that it was safe.

b) 1800 dumbasses download any old shit.

I'd like to belive it was "a"..I really would....but decades experience tells me otherwise.

1
0

This post has been deleted by a moderator

Script kiddie?

The quality of the description might have given a clue:

"View and modify HTTP/HTTPS headers it's base on tamper data but many problems have been solved in this version .

in tamper data u may get empty page and don't get any informations in the addon

this problem have been solved

if you have any advices please tell me,

John"

3
0

Crap spelling or Political Correctness gone mad?

"block-listed"????????

0
1
Anonymous Coward

LOL

Who can tell?

Maybe it's like Johnny the painter?

Black listed. black! Blaaaaaaackkkkk BLLAAAAAACCCKKK!

0
0
Anonymous Coward

It's been added to the list of add-ons that are blocked

Therefore block-listed

Paranoid much?

0
0
Coat

Then...

Just *Blocked* would have done nicely.

0
0
twe

Netcraft give more information

http://news.netcraft.com/archives/2010/07/15/firefox-security-test-add-on-was-backdoored.html

0
0
This topic is closed for new posts.