Slashdot Mirror
How the Mozilla Sniffer Backdoor Was Discovered
An anonymous reader writes "Mozilla pulled one of their Firefox add-ons earlier this week for containing a backdoor which stole passwords from its users. Netcraft has taken a closer look at how the rogue extension worked, and how it was discovered by chance rather than through any code review process. Mozilla are working on a new security model to stop this kind of backdoor happening again."
there is no way some rogue developer could hide password stealing code in them.
And since Opera is not open source, there is no way to be sure of that.
And Firefox is open source, and there is no way to be sure of it.
"Sacrifice for the good of The State" - The State
[...] Opera comes build-in with all the features I need [...]
FTFY. I prefer Firefox's way of offering a basic browser and moving extended or niche features to optional extensions to monolithic blocks like Opera. Of course there is a risk associated with this model, but in my case the benefits far outweigh that risk.
Rudolf Hess edited Mein Kampf. He was the very first grammar nazi.
Unless you go through all the code yourself, there's no way to be sure of anything. And unless you're uber-bad-ass, its going to be really hard to understand every line in a massive code-base someone else wrote, let alone all they all play together. So, even if you do your own audit, you can't really be sure. Life's a bitch, isn't it?
I'm sure there's some parallel regarding the Android vs Apple's logic in distributing apps.. but I'll likely be moderated a troll on /. for pointing them out..
Do you mean to say that, when I install a Firefox add-on, Firefox won't give a list of requested privileges? Why has it taken 30 years for people who think in Unix security terms to not catch up to the VMS "fine-grained privileges to executables for users" security model?
The whole regular user / root thing is awful. Microsoft is still doing it wrong because, while the NT kernel may approach the right idea, it builds atop it a mess of get-out-of-jail-free paths.
It's not impossible.
(1) By default, allow nothing;
(2) Never allow everything - require software to specify exactly what it needs;
(3) Classify permissions so the user is alerted more violently for more risky permissions - this may depend on the circumstances (e.g. a browser add-on usually shouldn't be asking for the same sort of privileges as backup software);
(4) Software which needs an unusually privileged environment may benefit from auditing and signing, but never make this compulsory because this pisses off everyone;
(5) But, by default, refuse in such circumstances and indicate why. The user needs to make a conscious effort to override a reasonable set of auto-refusal defaults;
(6) Distinguish explicitly between once, occasional, time-limited and forever permissions. To take a particularly insidious example: iPhones ask if you want to give permission for your app to read your GPS location. This isn't permission for the next 15 minuts or day; it's permission forever. That is wrong. Looked at from the other end, don't do a Vista and ask every time. This is worse than not asking at all.
More thoughts, guise?
This is why I love that Opera comes build-in with all the features you need and a lot more
As a geek, I enjoy complexity to an extent. It's cool to have a gadget with lots of nifty features and shiny buttons. But even I'll admit that at some point it can become unwieldy.
I personally prefer a basic browser with a plug-in model that allows me to extend the functionality in whatever way I feel necessary. That way I can add all the shiny buttons I want, without having to deal with the unwieldy stuff that other people want.
Not only are they made using the same quality standards and conventions, there is no way some rogue developer could hide password stealing code in them.
Actually, there is.
One of the Opera developers could go rogue. Or some machine in their development environment could be compromised, which could lead to the distributed software being compromised.
And since Opera is not open source, we'd have to rely on the Opera developers themselves to find the issue. An open source model means that basically anyone with the time/inclination/skills can go in and take a look at the code.
"Work is the curse of the drinking classes." -Oscar Wilde
Unless you go through all the code yourself, there's no way to be sure of anything.
Only thing that can be made about that statement is to point to a nice little presentation by Ken Thompson. Take a look at 'Reflections on Trusting Trust'. Almost certain you haven't seen it given your comment.
This is where the "many eyes" comes into play for open source...
What a fool believes, he sees, no wise man has the power to reason away.
Well, I like most people, run random executables but only if they are retrieved from trusted sources. Any package I install from my distros repository can potentially contain malicious code but I trust that the distro maintainers keep their stuff clean. I used to trust Firefox extensions downloaded from addons.mozilla.org in the same way, but not so anymore. That's why Chrome's and Opera's software models with built-in features over addons are superior to FF. Because you only have to trust one party instead of dozens of plugin authors.
Football Odds
Uhhhmmmm - yeah, I think. I guess I'm a freetard. Now and then, I'll fire up Wireshark, and just watch the traffic. Yeah, I can see that my deviant son is browsing a porn site. I can see that the wife is checking her email and the banking. I can see that the other kid is looking for car parts. And - the other other kid is playing games. But, why on earth does he have packets going to http://xxx.xxx.xxx.xxx/ ??? That isn't a game site - he's not browsing, or there would be a lot more packets. Hmmmmm. A little checking, and I holler at him. "Have you installed anything lately? Have you done a virus scan on your stupid Windows laptop? What is this site?" He looks at it, tells me it's nothing HE ever heard of, goes back to his machine, and does some checking. An hour or so later, he admits that he was testing some stupid schitz that one of his buddies recommended. One of the features happens to be a trojan.
I don't bother making reports - I guess if I did, I might get my name attached to some zero day thingy. Hmmmm. That might not be good either. The better known you are, the harder it is to stay anoynymous when you really WANT to be anonymous!
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
Would it have been so hard to have written "Mozilla pulled one of their Firefox add-ons, Mozilla Sniffer, earlier this week..." in the summary though.? Most of the people here have a hard enough time reading the summary, let alone the actual article linked to.
The addon was called "Mozilla Sniffer", and people still installed it? I would understand if this was some functionallity hidden in a valid sounding addon but its called "Mozilla Sniffer". User FAIL.
Rob
It was portraying itself as a security extension. If you think about it, that makes sense. Most anti-virus packages give you so many false positives flagging all the legitimate network tools, security tools, debugging tools, etc, that you're installing on your machine. You tend to disregard those warnings yourself when you know you're installing a security tool.
History is retarded, I've had it disabled since I first started using browsers with the "feature". Bookmarks should also be an add-on since most home users really don't need it to save their Facebook and Hotmail links.
And since Opera is not open source, there is no way to be sure of that.
So slashdot. So retarded.
When was the last time YOU PERSONALLY read and understood EVERY LINE OF CODE you run?
Did you fabricate your own CPU too?
Shit being open source isn't some magic blanket of security. In fact, just the opposite: People blindly trust open source code thinking "someone else reviewed it". Who? Do you know their name? Do you know their review process? Do you know they're competent, and not just some 19 year old in a dorm room killing time between beer runs and WoW raids?
If Opera maliciously fucks you over, guess what - you have someone who is legally culpable. If your repository gives you a lemon, oh well!
This then should be the contest for you!
I prefer Firefox's way of offering a basic browser and moving extended or niche features to optional extensions to monolithic blocks like Opera
Theoretically, I prefer that too; but somehow opera with more features than the entire mozilla suite is still smaller, faster, and more stable than a barebones firefox :/
I mod down anyone who says "I will be modded down for this", regardless of the rest of their comment
Every line of source code? That's just silly. Who can be sure of anything that way? I inspect every packet going into and out of the computer by hand.