Skip to main content
  1. Home
  2. Computing
  3. News

Firefox add-ons ‘more difficult’ to hijack, Mozilla claims. But are they?

Konrad Krawczyk
By
firefox classic theme restorer add negates version 29 features
Image used with permission by copyright holder

As we reported yesterday, Google had to address an issue with Chrome and tainted browser extensions “Add to Feedly” and “Tweet This Page” that began to spit out unwanted ads, prompting a backlash from users and banishment by Google. After such an incident, you might be concerned that other Web browsers, like Mozilla’s ultra-popular Firefox, could be susceptible to similar shenanigans, and perhaps rightly so.

If you ask Mozilla, however, that issue is not likely to crop up for Firefox users. Here whats a Mozilla spokesperson had to say when asked about the possibility of Firefox add-ons getting hijacked with ad-spamming code the way “Add to “Feedly” and “Tweet This Page” were on Chrome.

Recommended Videos

“For add-ons hosted on addons.mozilla.org, all version updates are code reviewed and tested by a member of our review team, and it needs to pass all of our review policies to be pushed to users via auto-update,” Mozilla’s spokesperon said. “One such policy is that all unexpected changes, such as advertising, needs to be explicitly opt-in. This all makes it more difficult for this kind of hijacking to be effective for add-ons listed on Mozilla Add-ons.” 

Related

According to ghacks.net though, Mozilla Firefox isn’t exactly bulletproof when it comes to add-on hijacks. Ghacks.net indicates that one Firefox add-on dubbed Autocopy was developed, then sold to a company called Wips. Once Autocopy was acquired by Wips, it was then re-jiggered to include code containing ad generating instructions, thereby exploiting a Mozilla add-on approval loophole. 

It’ll be interesting to see what Google, Mozilla, and other heavyweight browser makers will do to ensure that tainted, reengineered browser add-ons don’t sully the web surfing experience for their users.

What do you think? Sound off in the comments below.

Update 1/28/14: A Mozilla rep reached out to us, offering this statement regarding Wips and AutoCopy.

“Version 1.0.8 of AutoCopy is not sending all browsing data to Wips. That can be verified by looking at the source code or installing version 1.0.8 and looking at the network traffic. After version 1.0.8, Wips submitted a new version of Autocopy that sent more data, but that version didn’t pass review. Version 1.0.8 is the latest public version available on Mozilla add-ons and is what the majority of users have installed.”

Editors' Recommendations

Topics
Konrad Krawczyk
Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
I finally switched from Chrome to Mozilla Firefox — and you should too
mozilla firefox chrome review comparison 2020 mozillafirefoxcomentillustration

I have been in an on-and-off relationship with Mozilla Firefox for the past five years. Every time I’d get ecstatic over a major new Firefox update -- hoping to, at long last, break free from the hegemony of Google Chrome -- my hopes would be crushed as soon as I began browsing the web like I normally do.

Firefox's performance would fall noticeably short and struggle to keep up with my workflow, sending me scurrying back to Google Chrome after a few minutes of poking around. No matter how compelling the rest of Mozilla’s offerings were, they could never convince me to hit that "Yes" button whenever Firefox asked whether I’d like to set it as my default browser. Catching up to Chrome almost started to seem like a far-fetched goal for Firefox -- until recently.

Read more
Paid browsers are the future, and Firefox might offer a better deal than Chrome
stock photo of Firefox web browser

The future of the internet may lie in premium web-browsing services, and it looks like Mozilla could be handling that shift better than Google.

As we reported earlier, Google’s recent move to block ad-blockers in Chrome, save for G Suite Enterprise subscribers, indicated an overall push for “pay-for-play” web browsing. And while the move was understandable given the fact that ad revenue is a cornerstone source of income for the technology company, the move to eliminate ad-blockers in Chrome is an apparent attempt to encourage free Chrome users to upgrade to the highest level of G Suite premium services. This seems like the wrong way to increase subscription revenue for Google, especially since the move to block ad-blocking in Chrome seems to alienate free Chrome users and non-Enterprise-level paying users.

Read more
Save $150 on a lifetime license for Microsoft Office for PC
microsoft office professional 2021 deal stack social april 2024 bundle

For one of the cheapest Office deals today, check out Stack Social which currently has a lifetime license for Microsoft Office Professional 2021 for Windows for just $70. The product normally costs $220 so you’re saving $150 off the regular price, all while gaining a lifetime license for some very useful software. If you’ve been considering getting Office and don’t want to deal with the ongoing nature of Office 365, this is a good opportunity to do so for less. Here’s what you need to know before you click the buy button.

Why you should buy Microsoft Office Professional 2021
If you’ve been reading up on whether to use Microsoft Word or Google Docs and you’ve settled on Word, snapping up Microsoft Office Professional 2021 is a great way to do so for less. Described as everything a pro needs, Microsoft Office Professional 2021 is pretty great.

Read more