Slashdot Mirror

← Back to Stories (view on slashdot.org)

How the Mozilla Sniffer Backdoor Was Discovered

Posted by CmdrTaco on Thursday July 15, 2010 @01:13AM from the hate-when-that-happens dept.

An anonymous reader writes "Mozilla pulled one of their Firefox add-ons earlier this week for containing a backdoor which stole passwords from its users. Netcraft has taken a closer look at how the rogue extension worked, and how it was discovered by chance rather than through any code review process. Mozilla are working on a new security model to stop this kind of backdoor happening again."

1 of 201 comments (clear)

Min score:

Reason:

Sort:

Native features in browser by SquarePixel · 2010-07-15 01:13 · Score: 1, Flamebait

I mean seriously, the addons give access to everything you do in the browser. A lot of people here on slashdot know not to run random executables from the Internet, but do nothing to check if their browser addons are secure and not malware.
This is why I love that Opera comes build-in with all the features you need and a lot more. Not only are they made using the same quality standards and conventions, there is no way some rogue developer could hide password stealing code in them.