back to article Browsers nix add-on after Web of Trust is caught selling users' browsing histories

A browser extension which was found to be harvesting users' browsing histories and selling them to third parties has had its availability pulled from a number of web browsers' add-on repositories. Last week, an investigative report by journalists at the Hamburg-based German television broadcaster, Norddeutscher Rundfunk (NDR …

  1. Mage Silver badge
    Coat

    Naming

    DDR = German Democratic Republic. (Stasi ridden Communist East Germany)

    Democratic People's Republic of Korea (North Korea)

    "Do No Evil" former motto of Google

    National Socialism

    etc.

    Why would I trust an addon called "Web of Trust"?

    1. Destroy All Monsters Silver badge
      Paris Hilton

      Re: Naming

      > National Socialism

      But this naming is actually correct!

      It is german-nationalistic, plus a fascistic style of socialism. The state looks out for you, from gradle to grave. Not exactly defender of pre-Bismarckian german liberalism.

      Yes, these would have had to sit on the left in the Reichstag. Unfortunately that side was occupied by the internationalists and people making eyes at Stalin, which was anathema.

      1. Anonymous Coward
        Anonymous Coward

        Re: Naming

        So you're saying that all the other parties were so far left, that the left-wing Nazi Party seemed almost centrist by comparison?

        1. Michael Hoffmann
          Facepalm

          Re: Naming

          Why am I not surprised, going by your comment history, that you would spout that "the Nazis were left-wing" rubbish?

          1. Anonymous Coward
            Anonymous Coward

            Re: Naming

            This 'rubbish' is my response to hearing the Left constantly attempt to lay the crimes of Hitler at the feet of the Right. It's a standard political tactic, and if not opposed it wins by default. So put on your big boy pants and try to prove me wrong, okay? I'm willing to fight it out if you are.

            See, I have an edge. It's called truth. You got nothing but 75 years of revisionist propaganda. Oh, and also personal insults, the preferred weapon of the Left.

            1. nichomach
              1. toughluck

                Re: Naming

                @nichomach: Let's go by that link you gave:

                Many conservatives accuse Hitler of being a leftist, on the grounds that his party was named "National Socialist." But socialism requires worker ownership and control of the means of production. In Nazi Germany, private capitalist individuals owned the means of production, and they in turn were frequently controlled by the Nazi party and state. True socialism does not advocate such economic dictatorship -- it can only be democratic.

                That definition is contradictory -- either the party is the will of the people or it's a separate non-democratic entity. Going by that definition, Communist Russia was in fact right wing because control of the means of production was in the hands of the party.

                Hitler's other political beliefs place him almost always on the far right. He advocated racism over racial tolerance, eugenics over freedom of reproduction

                Racism/racial tolerance is not a question of political affiliation or even ideology, it's foolish to assume that it is in any way a right wing view. At its 20th century apex, Ku Klux Klan was an avid supporter of the Democratic Party.

                And eugenics over freedom of reproduction? It seems like it's the domain of left-wing parties these days (how many countries have laws that allow eugenic abortion, for example?)

                (...)even held friendly relations with the Church, even though he was an atheist.

                If by "friendly relations" you mean putting priests in concentration camps, and/or executing them, I shudder to think what "unfriendly relations" would have been.

                Nationalism doesn't tell left from right. Note that the Soviet Union was nationalist (despite the propagandist internationalist stance). Soviet Union invested huge amounts into nationalist propaganda, such as sports, national pride, etc., and this carried on to socialist states within the Comecon. Furthermore, if it was internationalist, borders would not matter. However, Soviet Union did form a federation of Soviet Republics where internal borders were still controlled and where the Russian Federation had overbearing majority vote over all theoretically sovereign states.

                Now, was Soviet Union left wing or right wing?

            2. Bob Fuego
              IT Angle

              Re: Naming

              "the left"....."big boy pants".....

      2. Cem Ayin

        Re: Naming

        "Yes, these [the Nazis] would have had to sit on the left in the Reichstag. Unfortunately that side was occupied by the internationalists and people making eyes at Stalin, which was anathema."

        You got it completely backwards. In the first half of the 20th centry, the demarcation line between "left" and "right" was marked, next to the social question, above all by the stance on two hallmark political positions: militarism and antisemitism.

        While is true that in 1914, the leadership of the SPD caved in on the question of financing the war (Kriegskredite) it was not least this decision which eventually lead to the splitting off of the party's left wing and the formation of the USPD and ultimately the KPD. But at the time even the most depraved and corrupt Social Democrats would not sink as low as shouting antisemitic slogans, the rejection of antisemitism being regarded on the left as a sort of litmus test for political sanity. (The saying "Der Antisemitismus ist der Sozialismus der dummen Kerle" [antisemitism is the socialism of fools], often but maybe falsely attributed to August Bebel, which was in common use among Social Democrats in Germany at the time, sums it up pretty neatly.)

        In short: in Germany in the first half of the 20th century, political people knew where they stood, knew their enemies too, and a party overtly adovcating antisemitism and imperial expansionism had no business sitting on the left in any parliamentary body. In other words: your comment is tosh, top to bottom.

        That will be an F-grade in German history for you then. "Geschichte: 6. Setzen."

        1. Anonymous Coward
          Anonymous Coward

          Re: Naming

          The Right believes government should be small. How does this conform to Hitler's total takeover of Germany? That sounds more like what Mao and Stalin did. You can argue all day about the minutiae of early 20th century German politics, but that's what had the real impact, the dictatorship, and to me it looks just like any other murderous leftist totalitarian regime. Maybe Hitler did use nationalism to get his start, but leftists often cloak their true aims in whatever's convenient at the time. Useful idiots gonna be useful idiots.

  2. BoldMan

    What was the add on supposed to be doing?

    1. frank ly

      It's still available

      It's still available on cnet if you want to try it.

      Short version: It's a sort of indicator that tells you the trustiness of a website that you're visiting. The trustiness is somehow determined by a form of selective crowdsourcing.

      Coming soon: A browser addon that tells you the trustiness of other addons.

      1. Michael Thibault

        Re: It's still available

        >Coming soon: A browser addon that tells you the trustiness of other addons.

        And what if a second such appears? Will there be complete agreement between their respective assessments? Will the first blacklist the second, or will the second make that move right out of the gate, in a pre-emptive strike? Could be a head-spinner.

        Silliness aside, I'm hoping there's a PHB involved in this WoTTF affair to receive the spit.

    2. Necronomnomnomicon

      Protecting users from dodgy sites, ironically

      It's frustrating as it's one of the things I used to recommend.

      The idea was that users of the add-on could rate a site's trustworthiness, so if you came across a domain used for phishing or such, then you could warn other users about it. Given a suitably poor rating, the add-on would flag dodgy links with a red traffic light icon, advising you that a click was risky without having to click on it.

      It's not a bad concept, the fact the developers couldn't be trusted not to sell your data is disappointing. Maybe it'd work well as a not-for-profit or some kind of open organisation instead.

      1. Wade Burchette Silver badge

        Re: Protecting users from dodgy sites, ironically

        I stopped using it several years ago because I found several legitimate sites were being flagged as bad just because they expressed an opinion that was not popular with some. I always like to investigate all sides of an issue and I did not like getting warnings about a website being unsafe for children, or some other nonsense. Even if the person's opinion is wrong or crazy, that does not give anyone license to silence it. I always viewed freedom of speech as the freedom to say something people do not like.

        I still go to mywot.com to figure out if a strange cookie on my computer is used by a web advertiser. But that is it.

        1. earl grey Silver badge
          Trollface

          Re: Protecting users from dodgy sites, ironically

          "I always like to investigate all sides of an issue"

          Yeah, porn is like that.

        2. Stoneshop Silver badge
          WTF?

          Re: Protecting users from dodgy sites, ironically

          to figure out if a strange cookie on my computer is used by a web advertiser

          Why are there strange cookies on your computer in the first place?

          1. Mage Silver badge

            Re: Protecting users from dodgy sites, ironically

            Indeed, why is the setting on Firefox to block 3rd party cookies off by default? There is no reason EVER to allow 3rd party cookies.

      2. Just Enough

        Re: Protecting users from dodgy sites, ironically

        So really, this add-on relies on the unreliable feedback of anyone on the internet? And with the size of the internet being what it is, the feedback on a website may actually only amount to the opinion of one single person?

        Crowdsourcing can be very useful, but it unfortunately can also be used to censor anything that's not mainstream or is unpopular. So while the opinion of the great unwashed might be of interest, I certainly wouldn't trust it to determine whether I should access a website.

      3. anonymous boring coward Silver badge

        Re: Protecting users from dodgy sites, ironically

        "The idea was that users of the add-on could rate a site's trustworthiness"

        Found the fault, right there!

        How on earth could a user judge that?

        Meaningless plugin. Even if they hadn't sold your data.

    3. This post has been deleted by its author

    4. Anonymous Coward
      Anonymous Coward

      Worse than useless

      It just displays a (highly questionable) trustiness color code in the address bar.

      Never used the addon myself, but NoScript used to show a link to a WoT site rating page if you middle-clicked on a blockable URL. I didn't bother after seeing several sketchy sites rated 'green'.

      > The trustiness is somehow determined by a form of selective crowdsourcing.

      Presumably, malware miscreants selected themselves to give the lion's share of ratings. As usual in a world where rating sites/services are all scumbags.

    5. Adam 1

      Crowdsourced rating of domains for trustworthiness and child safety. It's a pity. As per others I have recommended it in the past for my less technically adept friends and family. It gives a traffic light style indicator next to Google results etc so you don't have to deal with the otherwise inevitable "I downloaded the latest version of Photoshop from myfreeverygoodsoftwarebestfree.cn (it had a padlock icon) and now my computer is slow". Uninstalling now, sigh...

  3. Anonymous Coward
    Anonymous Coward

    Can those browsers not block the add-on at the next browser update? They seem to be able to invalidate perfectly good running add-ons who have not gone through the new approval process.

    1. John Brown (no body) Silver badge

      ...or place an "update" version of the add-on to let the user know something has changed so when the click on the "update" link it tells them what's changed and why, giving the option to carry on as normal or to uninstall it.

  4. Anonymous Coward
    Anonymous Coward

    IMO the whole concept was flawed from the getgo...

    There have been so many attempts like this and the problems with these kind of things can bring are numerous. For example: what if companyA wants to give companyB a bad reputation? Well, then apply a botnet of some sort and lets all down vote companyB. Using plugins for ratings is a bad idea per definition I think.

    Another thing: personal preference anyone? Just because some people think a website is bad doesn't automatically make it bad. Everyone has a right to their opinion, but opinions usually heavily differ. What such plugin tries to do is to label websites and to invoke some kind of global opinion on 'm. But.. that doesn't work all the time and I can't help wonder that it does more damage than good.

    And finally: warning for exploits and such. Puhlease: how many websites and options do we already have? It would help if people would try to re-invent the wheel each and every time and instead try to support some of the already existing solutions out there. Fragmentation can lead to insecurity too.

    (edit) Still, one thing: it's not as if they made a secret out of it. It's all right there in their privacy policy. I don't get it why anyone would want to use this after reading that. Or maybe... yeah, who reads all that huh?

  5. Anonymous Coward
    Anonymous Coward

    all I need at least

    Good thing I can get by with only privoxy (proxy), Noscript/Scriptsafe, and the EFF addons (Privacy badger and Https everywhere) on all my browsers. Good to reduce the addon attack surface as much as possible with open source route.

  6. 101

    Web of Distrust

    Oh, what a tangled web we weave

    When first we practise to deceive!

    ~Walter Scott

    And, there is SO MUCH of it these days!

    1. Christoph

      Re: Web of Distrust

      But when we've practised quite a bit

      We find we get quite good at it!

  7. Anonymous Coward
    Anonymous Coward

    As several others have already said, WoT is a very flawed concept, it's all in the ey of the beholder. Far better to use something such as McAfee web/site adviser which just checks for malware and risks, or else something like Netcraft.

    1. Roj Blake

      You know something is really bad when McAfee is a better option.

      1. Charles 9 Silver badge

        And why should we trust McAfee to get it right.

        In fact, why should we trust ANYONE?

    2. Charles 9 Silver badge

      "As several others have already said, WoT is a very flawed concept,"

      Well, can you think of anything better? Because from where I sit, if WoT doesn't work, then NOTHING works because EVERYTHING here relies to some degree on trust that can all-too-easily be betrayed.

  8. Doctor Syntax Silver badge

    Getting rid of the difficult bit in the title. Sir Humphrey would have approved.

  9. Carl D

    Update

    "We are now preparing to relaunch an updated version of WoT which will include the appropriate measures to regain the trust of our users."

    Too late. WoT is permanently gone from Firefox (Linux Mint) on my systems. And, many other peoples' systems too, I suspect.

    Seems like its a race to the bottom these days with everyone jumping on the data collection bandwagon "everyone else does it so why can't we?"

    Even the latest version of Samsung Magician (4.9.7) for SSD's is now collecting information on users' systems. At least that one doesn't worry me - they can collect as much information as they like but it won't be going anywhere from my permanently offline Windows 7 installation.

  10. heyrick Silver badge
    FAIL

    the appropriate measures to regain the trust of our users

    A big friendly "Delete me" button?

    You had trust. You sold yourself on trust. You cocked it up. The end. Except, maybe, for the sort of people who are still with TalkTalk.

    I tried WoT several years ago and I found its "trust" to be somewhat erratic. Much better online to simply have no trust! run as few scripts as possible! and assume everybody is out to pilfer your information....a point that this story kind of proves.

    1. heyrick Silver badge

      Re: the appropriate measures to regain the trust of our users

      Apologies for the !s. Weird quirk in iOS that often changes , to ! and was not noticed until this morning when it was way too late to change it...

    2. Christoph

      Re: the appropriate measures to regain the trust of our users

      The appropriate measures?

      Here is your service revolver, we'll leave you alone with it.

    3. Anonymous Coward
      Anonymous Coward

      Re: the appropriate measures to regain the trust of our users

      "I tried WoT several years ago and I found its "trust" to be somewhat erratic. Much better online to simply have no trust! run as few scripts as possible! and assume everybody is out to pilfer your information....a point that this story kind of proves."

      If you REALLY had no trust, you'd abandon your computer and go back to the Sears catalog since ANYTHING electrical could be spying on your without your knowledge.

  11. ma1010 Silver badge
    Pirate

    Trust is like Sincerity

    And once you can fake that...

    -- the BOFH (slightly paraphrased)

  12. William 3 Bronze badge

    So what is El Reg doing with all it's tracking data?

    Are they being altruistic and just giving it away to God knows who?

    1. Francis Boyle Silver badge

      That would explain a lot

      considering that I only read the articles about the weird sex criminals in Bootnotes.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020