back to article Mozilla snuffs password pilfering Firefox add-on

Mozilla has disabled and block-listed a Firefox add-on containing code that nabs login data sent to any website and reroutes it to a remote server. The add-on — known as, um, Mozilla Sniffer — was uploaded to the Firefox add-on site on June 6, and the malicious code was discovered on Monday, after which the add-on was block- …

COMMENTS

This topic is closed for new posts.
  1. karl 15
    Alert

    Good/Bad

    The Good thing about Fire Fox is it's Addons...... The bad thing about Fire Fox is it's Addons.

    1. Elmer Phud
      Thumb Up

      Fo' Sho'

      Complaints about F/Fox speed may have something to do with add-on addicts. If you add loads of 'helpers' then they need to load up too. Similar to iPhone users who are app-grabbers and don't use most of them.

      (see also under windows start-up)

  2. Goat Jam
    Paris Hilton

    Mozilla Sniffer

    What exactly did it purport to be it's intended purpose then?

    1800 downloads? What was written on the tin to attract those downloads?

    If it was called "Sniffer" it was apparently doing exactly that.

    1. Anonymous Coward
      WTF?

      Darwin was right

      What were these 1800 people thinking?

  3. Anonymous Coward
    FAIL

    How many bad addons will it take

    For Firefix owners to realise that add-ons are a REALLY bad idea. Quite alot, as they are still convinced that Firefix is a great browser...

    1. bluesxman

      bad idea?

      Not really, providing a bare-bones browser and augmenting it with different features as required on a per user basis sounds great in principle. Sadly Firefox has strayed rather far from this.

      I don't think there's any such thing as a "great" browser (at the moment) ... they all exist with varying degrees of tolerability. Extensible browsers such as Firefox rank a little higher due to the wide range of customisation options available, but suffer the downside of badly written and/or malicious add-ons.

      To my mind, Firefox would be far improved by returning to its simplistic roots, spinning out much of the bloat to optional, Mozilla sanctioned add-ons. A small subset of the most popular/beneficial 3rd party add-ons could also be brought into the fold with development overseen by Mozilla such that high standards are maintained.

      Add to that a decent system for vetting other add-ons for malciousness allowing publication on the site, anything else can be manually installed by the brave from off-site locations.

      Lofty ideals; do I think it'll happen? Nah.

    2. Anonymous Coward
      Anonymous Coward

      I've got about 4 addons

      All of which are useful to me, and none of which slow the browser down any. Add-ons are not a bad idea, any more than high-calorie foods are a bad idea, you just don't want to constantly have more and more of them for no good reason

    3. CD001

      If it's such a bad idea...

      ... why does EVERY other major browser maker do it? Even Chrome.

      They might not implement add-ons in the same way but they all have them - so it's the implementation that's flawed rather than the idea ... and oh, what is it that Mozilla are rectifying? Oh, yes, the implementation.

      Sheesh.

  4. Anonymous Coward
    Unhappy

    Just goes to show...

    ...that

    a) 1800 cleaver people thought they woudl download this and check out that it was safe.

    b) 1800 dumbasses download any old shit.

    I'd like to belive it was "a"..I really would....but decades experience tells me otherwise.

  5. Anonymous Coward
    Anonymous Coward

    Script kiddie?

    The quality of the description might have given a clue:

    "View and modify HTTP/HTTPS headers it's base on tamper data but many problems have been solved in this version .

    in tamper data u may get empty page and don't get any informations in the addon

    this problem have been solved

    if you have any advices please tell me,

    John"

  6. Andy Livingstone

    Crap spelling or Political Correctness gone mad?

    "block-listed"????????

    1. Anonymous Coward
      Anonymous Coward

      LOL

      Who can tell?

      Maybe it's like Johnny the painter?

      Black listed. black! Blaaaaaaackkkkk BLLAAAAAACCCKKK!

    2. Anonymous Coward
      Anonymous Coward

      It's been added to the list of add-ons that are blocked

      Therefore block-listed

      Paranoid much?

      1. Anonymous Coward
        Coat

        Then...

        Just *Blocked* would have done nicely.

  7. twe

    Netcraft give more information

    http://news.netcraft.com/archives/2010/07/15/firefox-security-test-add-on-was-backdoored.html

This topic is closed for new posts.

Other stories you might like