Skip to main content
  1. Home
  2. Computing
  3. News

Firefox add-ons ‘more difficult’ to hijack, Mozilla claims. But are they?

By
firefox classic theme restorer add negates version 29 features
Image used with permission by copyright holder

As we reported yesterday, Google had to address an issue with Chrome and tainted browser extensions “Add to Feedly” and “Tweet This Page” that began to spit out unwanted ads, prompting a backlash from users and banishment by Google. After such an incident, you might be concerned that other Web browsers, like Mozilla’s ultra-popular Firefox, could be susceptible to similar shenanigans, and perhaps rightly so.

If you ask Mozilla, however, that issue is not likely to crop up for Firefox users. Here whats a Mozilla spokesperson had to say when asked about the possibility of Firefox add-ons getting hijacked with ad-spamming code the way “Add to “Feedly” and “Tweet This Page” were on Chrome.

Recommended Videos

“For add-ons hosted on addons.mozilla.org, all version updates are code reviewed and tested by a member of our review team, and it needs to pass all of our review policies to be pushed to users via auto-update,” Mozilla’s spokesperon said. “One such policy is that all unexpected changes, such as advertising, needs to be explicitly opt-in. This all makes it more difficult for this kind of hijacking to be effective for add-ons listed on Mozilla Add-ons.” 

Related

According to ghacks.net though, Mozilla Firefox isn’t exactly bulletproof when it comes to add-on hijacks. Ghacks.net indicates that one Firefox add-on dubbed Autocopy was developed, then sold to a company called Wips. Once Autocopy was acquired by Wips, it was then re-jiggered to include code containing ad generating instructions, thereby exploiting a Mozilla add-on approval loophole. 

It’ll be interesting to see what Google, Mozilla, and other heavyweight browser makers will do to ensure that tainted, reengineered browser add-ons don’t sully the web surfing experience for their users.

What do you think? Sound off in the comments below.

Update 1/28/14: A Mozilla rep reached out to us, offering this statement regarding Wips and AutoCopy.

“Version 1.0.8 of AutoCopy is not sending all browsing data to Wips. That can be verified by looking at the source code or installing version 1.0.8 and looking at the network traffic. After version 1.0.8, Wips submitted a new version of Autocopy that sent more data, but that version didn’t pass review. Version 1.0.8 is the latest public version available on Mozilla add-ons and is what the majority of users have installed.”

Editors' Recommendations

Topics
Konrad Krawczyk
Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
I finally switched from Chrome to Mozilla Firefox — and you should too
mozilla firefox chrome review comparison 2020 mozillafirefoxcomentillustration

I have been in an on-and-off relationship with Mozilla Firefox for the past five years. Every time I’d get ecstatic over a major new Firefox update -- hoping to, at long last, break free from the hegemony of Google Chrome -- my hopes would be crushed as soon as I began browsing the web like I normally do.

Firefox's performance would fall noticeably short and struggle to keep up with my workflow, sending me scurrying back to Google Chrome after a few minutes of poking around. No matter how compelling the rest of Mozilla’s offerings were, they could never convince me to hit that "Yes" button whenever Firefox asked whether I’d like to set it as my default browser. Catching up to Chrome almost started to seem like a far-fetched goal for Firefox -- until recently.

Read more
Paid browsers are the future, and Firefox might offer a better deal than Chrome
stock photo of Firefox web browser

The future of the internet may lie in premium web-browsing services, and it looks like Mozilla could be handling that shift better than Google.

As we reported earlier, Google’s recent move to block ad-blockers in Chrome, save for G Suite Enterprise subscribers, indicated an overall push for “pay-for-play” web browsing. And while the move was understandable given the fact that ad revenue is a cornerstone source of income for the technology company, the move to eliminate ad-blockers in Chrome is an apparent attempt to encourage free Chrome users to upgrade to the highest level of G Suite premium services. This seems like the wrong way to increase subscription revenue for Google, especially since the move to block ad-blocking in Chrome seems to alienate free Chrome users and non-Enterprise-level paying users.

Read more
The best MacBook to buy in 2024
Apple MacBook Pro 16 downward view showing keyboard and speaker.

With M3 chips outfitted across the entire MacBook range, you might be wondering which is the best MacBook to buy in 2024. Figuring it out isn't always easy, and buying the newest MacBook might not be the right decision based on your needs. Apple has several tiers of performance, as well as various sizes, which can further complicate the matter.

What’s more, you can also still get M1 and M2 MacBooks, some from Apple’s own website and some from third-party retailers. But are they still worth your money? Our guide should help you decide.

Read more