Slashdot Mirror

← Back to Stories (view on slashdot.org)

How the Mozilla Sniffer Backdoor Was Discovered

Posted by CmdrTaco on from the hate-when-that-happens dept.

An anonymous reader writes "Mozilla pulled one of their Firefox add-ons earlier this week for containing a backdoor which stole passwords from its users. Netcraft has taken a closer look at how the rogue extension worked, and how it was discovered by chance rather than through any code review process. Mozilla are working on a new security model to stop this kind of backdoor happening again."

7 of 201 comments (clear)

  1. Simples by Chrisq · · Score: 2, Funny

    This guy is a native English speaker with a good education and almost surely a security professional trying to see how far he can get. The typos he has NOT made give it away, among other clues: (1) "it's" is always correctly used (2) looks like he deliberately added plurals making it look as though his English is poor (3) John "Devid" (4) "check it out" (5) "don't" is correct (6) no other spelling characteristic Eastern European mistakes

    Just my opinion, I could be wrong.

    Simples

  2. Re:It was experimental, warnings were there by mdm-adph · · Score: 3, Funny

    I think you're missing the point that there's probably quite a few people on the Internet today who read that description and -- at least to them -- there wasn't anything grammatically wrong with it.

    --
    It is by my will alone my thoughts acquire motion; it is by the juice of the coffee bean that the thoughts acquire speed
  3. Re:It was experimental, warnings were there by Anonymous Coward · · Score: 1, Funny

    I think you're missing the point that there's probably quite a few people on the Internet today who read that description and -- at least to them -- there wasn't anything grammatically wrong with it.

    What u are talking about? u're english is not perfect either u no.

  4. Stupid tax by HBI · · Score: 2, Funny

    Obviously, their grammatical misconceptions cost them something, this time.

    --
    HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
  5. Re:Informative article by Monkeedude1212 · · Score: 2, Funny

    “Mozilla Sniffer”

    Seriously?

    With the evil and nefarious scheme of stealing login info, this was their best attempt at hiding the true nature of the add-on?

  6. Re:Native features in browser by Anonymous Coward · · Score: 2, Funny

    Source is ok ... but can you trust your compiler?

    Yes, that's what we're talking about. Thanks for being the retard who points out the obvious.

  7. What I don't get: by Hurricane78 · · Score: 1, Funny

    An add-on called "Mozilla Sniffer" was uploaded on June 6th to addons.mozilla.org.

    That’s like uploading a add-on called “Windows Virus”. Who the hell would install that?
    I mean even Joe DontKnowShit would think twice before installing something that reminds him of a TLA agent or spy trying to get a look at his privates.

    --
    Any sufficiently advanced intelligence is indistinguishable from stupidity.