Mozilla Wrongly Accused Sothink Addon of Malware

eldavojohn writes "Mozilla has admitted to wrongly accusing Sothink of distributing a video downloader with a trojan virus as a Firefox addon. From their official blog: 'We've worked with security experts and add-on developers to determine that the suspected trojan in Version 4.0 of Sothink Video Downloader was a false positive and the extension does not include malware.' Before you go download that addon, however, keep in mind that Sothink has come under fire before for GPL violations and dishonesty."

Trojan Virus?

[Anarke_Incarnate]

Not more of this shit again.... A Trojan Horse is NOT a virus. It IS malware, but a virus tends to replicate and trojan horses do not, on their own. A trojan horse is just a program is the infection (In that it does something other than wanted or specified, and does so intentionally)

Re:Trojan Virus?

[mamer-retrogamer]

You are waging a losing battle my friend. Just as the distinction between the terms "hacker" and "cracker" has been lost upon wider usage, "virus" has now come to mean any type of malware.

Re:Trojan Virus?

[multisync]

And "computer" is the monitor, and "hard drive" is the box on the floor, and "download" is anything you do on the computer (as in "I downloaded my printer to my hard drive but I still couldn't make a program").

Pointing out that malware can be a trojan or a virus but normally isn't both seems like a fair enough comment to make on Slashdot. I'm frankly surprised eldavojohn would use that phrase; maybe he hadn't had his coffee yet ;)

Re:Trojan Virus?

[HungryHobo]

combined with the fact that trojans can be just a layer.
Simple trojan infects a machine, on it's own it does nothing but execute arbitrary code on the target.
Trojan downloads code from it's controller which is an actual virus or code for a botnet etc etc...

it's not really an important distinction since the lines have become more blured as virus writers have tended towards hybrids or outsourced different parts of the infection process to others.

Re:Trojan Virus?

[Alwin+Henseler]

a virus tends to replicate and trojan horses do not, on their own.

How weird... I recently dealt with an infected system where a trojan (2 different ones, in fact) copied itself onto an USB stick, without user intervention.

IIRC a virus usually tries to replicate itself without user action, or the user noticing. A trojan OTOH 'rides along' with another program that is intentionally run by a user. So the virus may come in on its own, the trojan arrives in 'useful' program+trojan packages. After infection, the trojaned program may place executables on the system that behave like a virus (further blurring the distinction). Isn't a program like this called a dropper or something?

Re:Trojan Virus?

[Spad]

These days you've got malware that is a trojan (to get onto your machine) and a virus (to spread itself to all your facebook friends, email contacts & embed itself on your USB key) and a worm (to spread itself around your LAN), which will zombie your machine to send spam and conduct DDoS attacks, keylog to steal your bank and WoW credentials and try to get you to buy fake AV software to get both your cash and personal info.

To say the lines between trojans, viruses, worms and spyware are blurry is a serious understatement.

Re:Trojan Virus?

[Ihmhi]

In my day, a trojan horse was a goddamned wooden tank full of angry ninja soldiers.

Re:Trojan Virus?

[Low+Ranked+Craig]

All I know is the Internet is that little blue roundish e thing on my desktop.

Re:Trojan Virus?

[Hurricane78]

What gave you the idea, that we care what the general public thinks about our area of expertise?
Are you so weak, that you bow to a stream of loud idiots saying that 2+2=5?

We define what a virus is. We define what a cracker and a hacker is. Like professionals in any other profession.
There is no battle, so we can’t lose. I’m still calling anyone calling a cracker a hacker somebody who got no fuckin’ clue. Including you, if you do so. Period.

Re:Trojan Virus?

At the risk of sounding like a Linux/Apple fanboy, "I couldn't care less".

At the risk of sounding like the voice of reason, "It's still possible to get rooted by a worm on a Linux/OSX box"

Re:Trojan Virus?

[Idiomatick]

True, but if you use words properly whilst knowing the people you are addressing will completely misunderstand you then you are being plain stubborn. ie. I doubt you'd put that you do lots of linux hacking in your spare time on a resume...

Re:Trojan Virus?

Perhaps but when I talk to my family guess what THEY DONT CARE about the distinction. They know their computer is screwed up and that a 'virus' did it. Because after the fact the results are the same to them. Their computer is messed up. They do not care that they did it or someone other program did it automatically. I then tell them if they did it to themselves or not and how to avoid it in the future. It is my job to make the distinction. You need to talk their lingo to figure out what happened if you dont you just come off as arrogant and rude. The end users realllllllllly do not care. Much like I do not care what plastic the moldings on my car door are made out of. I know they keep the water out.

Re:Trojan Virus?

[commodoresloat]

that little blue roundish e thing on my desktop.

That's an ecstasy tab, dude! Paaaarty at Low Ranked Craig's place!!!!

Re:Trojan Virus?

[Mister+Whirly]

Yes, pretending nothing could possibly happen to your machine is the very best security model I have ever heard. Run, don't walk, to the patent office and patent your idea immediately. I suggest calling it the "Ostrich Method of Securing a Computer System".

Keep your head buried down in that sand man! Ignorance is bliss!

Re:Trojan Virus?

[thetoadwarrior]

I don't care what people call it just as long as they start taking better care to protect themselves from any vulnerability.

Re:Trojan Virus?

[AmberBlackCat]

I think it helps to call them all viruses. Having a thousand different names just makes things inefficient and confusing. It also helps antivirus makers sell you an antivirus and an antispyware, when there should just be one product.

Re:Trojan Virus?

[HellYeahAutomaton]

Whoa whoa whoa. Stealing WoW credentials is enough to get even the most complacent geek to take notice.

Re:Nice apology... sort of.

The qualifier was added only in the summary. The quoted part is just: 'We've worked with security experts and add-on developers to determine that the suspected trojan in Version 4.0 of Sothink Video Downloader was a false positive and the extension does not include malware.'

Re:Nice apology... sort of.

[Ardx]

It's all well and nice to apologize, but adding the qualifier makes it sound very insincere. While the company may be guilty of GPL violations, maybe it might be a smidge more tactful and graceful to remind that on a different day.

Missed the nested quotes, my bad. Thank god I don't code at this time of the morning anymore. :D

Re:ie *

[The+MAZZTer]

Intentionally misleading and making a mistake are two different things.

Bad news is bad news.

[geekmux]

It's all well and nice to apologize, but adding the qualifier makes it sound very insincere. While the company may be guilty of GPL violations, maybe it might be a smidge more tactful and graceful to remind that on a different day.

Yes, I'm certain the tactic of half-truth would work well on the showroom floor at Toyota dealerships.

"Hey, this guy wants to buy a new Camry. Should we tell him about the recall?"

"Nah. Wait until next week, after we get the sale and he's put enough miles on the car. Hopefully he won't have a problem with the pedals."

Sorry, but I'd rather have ALL the information up front to make a fully educated decision.

Re:Bad news is bad news.

[Linuxmonger]

Sorry, but I'd rather have ALL the information up front to make a fully educated decision.

Bullshit

If you had ALL of the information to make an educated decision, you'd spend years reading the tracking information on the product, then the product wouldn't be available anymore.

I bought an EMC Clarion once, it came with hundreds of pages of documentation, which I skimmed. Two years later, we lost a couple drives, EMC replaced them, problem solved, turns out that one of the chips on the drives had a known failure, but it wasn't known at the time of manufacture.

There are hundreds of chips in your PC, do you want to pay the expense of tracking every one? Do you have any idea what that would cost? I buy hundred dollar motherboards, for me to research every product of every sub-company that has a component on that MB would take hundreds of hours of work, it isn't worth it for a product that isn't directly involved with life support

Re:Bad news is bad news.

No, not every chip, but it might be worth it to check that your computer doesn't have the components that are most likely to fail. I currently warn customers against the following components: -known defective nvidia chipsets (especially on laptops since they are on the motherboard) -seagate hard-drives that have the perpendicular writing tech (extremely high failure rate) -list of motherboards with known bad capacitors -hp home products (office are fine, but the home products are such crud that they inevitably break a week after the 1 year warranty) -dell (except servers) proprietary drivers make re-installation more difficult for end users and they don't notify customers about products that have known defects. Case in point: nvidia video cards above. While apple, hp and others extended warranties by 3 years on affected GPUs and posted technical documents dell's only acknowledgment is in a couple buried blog posts, and when a customer with an affected unit called they said it was the operating system (vista) to avoid having to honor the extended warranty. The video has since failed completely and is no longer covered by their measly 1 year extension despite him having called to complain while it was still in effect

Re:Nice apology... sort of.

[RebelWebmaster]

The qualifier was put in by the submitter, not TFA.

Re:Nice apology... sort of.

[Eraesr]

Yes, let's make a special case for GPL, because we have no moral issue at all with stealing software from people who earn money working on proprietary (closed) software and feed themselves and their families with it. Damn them for earning money with writing software!

Re:Nice apology... sort of.

[Lunix+Nutcase]

Many people voluntarily contribute to GPL'd projects without receiving anything in return.

That might be true for many of the irrelevant apps. But things like the kernel, GCC, libc, KDe, GNOME, etc are all mostly developed and maintained by people who are receiving something in return for doing so — a paycheck.

Re:Nice apology... sort of.

[BhaKi]

I understand your point about piracy. Pirates are committing a crime by not paying for the software they use. GPL violators, OTOH, are making money without writing code and without giving anything in return. They neither negotiate development sponsorships like RedHat nor pay royalties nor give credit. Which is a more serious crime?

Re:Nice apology... sort of.

[BhaKi]

No, Linus is the reason why we have Linux. It could've been any other license.

Then it would have died a quick death. See the answer to second question in this Linus Torvalds interview.

Re:Nice apology... sort of.

[canajin56]

This is the USA, son. Committing copyright violation and selling a million illegal copies of somebody else's software is good for the economy! Pirating even one thing is you refusing your duty as a consumer! Easily 1000x as serious.

Still might be Malware!

[canajin56]

Whenever you use the downloader, it goes to their website to display a "Download Started" page, and passes the URL you downloaded as a parameter. Do they have logs enabled on their webserver? I dunno. Better safe than sorry though. Just use FlashGot, the GPL plugin they stole all their code from.

Re:stop using links to previous slashdot articles

[Shoe+Puppet]

New? He's got a 0-digit ID -- as do you!

Re:Nice apology... sort of.

[Sancho]

GPL violators may not be making money. Pirates may make money. The whole thing is a class of violations called "copyright infringement." While making money off of the infringement may increase its severity, it's all pretty well under the same umbrella.

Within copyright infringement is the idea of the value of a work. That is, the amount that it costs to purchase or otherwise legally acquire the software. Penalties are usually assessed keeping the value of the work in mind. Proprietary software usually has a non-zero cost to acquire. GPL software usually has a zero cost to acquire.

So when you ask

Which is a more serious crime?

the courts would probably answer "Illegally copying non-free software."

Re:Offtopic, but regarding the tagline at the bott

[Mister+Whirly]

The Nazis hauled away her "e" in the middle of the night. Nobody has heard from it since.

Re:Offtopic, but regarding the tagline at the bott

[arth1]

Her name is Anne Frank.

Still offtopic, but her name was Annelies Frank.
Ann Frank and Anne Frank are both valid spellings of her pet name, although we know her by the latter.

Re:Offtopic, but regarding the tagline at the bott

[clone53421]

Ann Frank and Anne Frank are both valid spellings of her pet name, although we know her by the latter.

Jonathon can be “Jon” or “John”. Brooklyn can be either “Brook” or “Brooke”. Annelies can be “Ann”, “Anne”, or “Annie”.

Having multiple ways to spell a nickname doesn’t make all of them correct. As far as I know, Anne Frank spelled it with the e at the end.

The False Positive problem

[ElmoGonzo]

It's even worse when a major anti-virus/internet protection application named after a pioneer of MS-DOS utilities throws a false positive and declares your CSS to be malware.

Re:Nice apology... sort of.

[vadim_t]

It depends on how you see things.

One position is all about money. Depriving people of money is bad, if they're not earning money it's not a big deal. I strongly disagree with this one.

Another is if you see it as that copyright gives authors the ability to dictate how their work should be used, and any terms they come up with are equally valid, then all violations are bad, and both regular copyright infringement and GPL infringement are equally serious. It's not about money, it's about doing what the author wishes.

But if you see the GPL as what should exist instead of copyright, then regular infringement isn't a big deal, and GPL infringement is serious.

I should note people make money writing GPL licensed software too. I do.