Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla Slipped a 'Mr. Robot'-Promo Plugin Into Firefox and Users Are Pissed (gizmodo.com)

Posted by BeauHD on from the gotta-pay-the-bills-somehow dept.

MarcAuslander shares a report from Gizmodo: Mozilla sneaked a browser plugin that promotes Mr. Robot into Firefox -- and managed to piss off a bunch of its privacy-conscious users in the process. The extension, called Looking Glass, is intended to promote an augmented reality game to "further your immersion into the Mr. Robot universe," according to Mozilla. It was automatically added to Firefox users' browsers this week with no explanation except the cryptic message, "MY REALITY IS JUST DIFFERENT THAN YOURS," prompting users to worry on Reddit that they'd been hit with spyware. Without an explanation included with the extension, users were left digging around in the code for Looking Glass to find answers. Looking Glass was updated for some users today with a description that explains the connection to Mr. Robot and lets users know that the extension won't activate without explicit opt-in.

Mozilla justified its decision to include the extension because Mr. Robot promotes user privacy. "The Mr. Robot series centers around the theme of online privacy and security," the company said in an explanation of the mysterious extension. "One of the 10 guiding principles of Mozilla's mission is that individuals' security and privacy on the internet are fundamental and must not be treated as optional. The more people know about what information they are sharing online, the more they can protect their privacy."

15 of 307 comments (clear)

  1. One step forward, two back by grasshoppa · · Score: 4, Insightful

    If they were trying to win back Chrome users, this is a pretty effective way to sabotage their efforts.

    I hope they were paid a shitload of cash for this little stun, because it's gonna cost them.

    --
    Mod me down with all of your hatred and your journey towards the dark side will be complete!
    1. Re:One step forward, two back by Dutch+Gun · · Score: 5, Insightful

      “Firefox worked with the Mr. Robot team to create a custom experience that would surprise and delight fans of the show and our users. It’s especially important to call out that this collaboration does not compromise our principles or values regarding privacy. The experience does not collect or share any data,” Jascha Kaykas-Wolff, chief marketing officer of Mozilla, said in a statement to Gizmodo. “The experience was kept under wraps to be introduced at the conclusion of the season of Mr. Robot. We gave Mr. Robot fans a unique mystery to solve to deepen their connection and engagement with the show and is only available in Firefox.”

      So, no apologies for those of us who spotted it, freaked out, and spent a bunch of time trying to figure out WTF this was, and if it was malicious or not.

      Seriously, on what planet do you essentially prank all your users with a stunt like this? I was actually pretty happy with Firefox after the Quantum update, as it went better than I was expecting. After that, I immediately turned off telemetry and experiments, because they've now abused my trust with this stunt.

      And now comes this statement, doubling down on their incredibly poor judgment. This is the last straw for me. If Mozilla had been the least bit contrite, I might have forgiven this. I've been using Firefox almost since it's inception 15 years ago. That ends today.

      --
      Irony: Agile development has too much intertia to be abandoned now.
  2. Re:When browsers jump the shark by Lisandro · · Score: 5, Funny

    "The Mr. Robot series centers around the theme of online privacy and security. One of the 10 guiding principles of Mozilla’s mission is that individuals’ security and privacy on the internet are fundamental and must not be treated as optional."

    So yeah, let surreptitiously install plugins on everyone's browsers.

  3. Does the plugin actually *do* anything? by gman003 · · Score: 4, Interesting

    So I disabled the addon as soon as I read the article, and I am legit mad that Mozilla would do this, but... what does the addon actually do? I didn't notice any difference before disabling it, and I've dug through all the links and nobody seems to be saying what it does.

    Even if it was just a blank addon, no effect other than putting what's essentially an ad into my addon list (pun unintended), that would be bad, but it would be less bad than if it actually disrupted the browser in some way.

    Mozilla's half-assed apology seems to indicate the addon only starts doing things once you "opt-in", with no mention of how or where one would do that. Which is probably the least evil way you could do this, I'll admit.

    1. Re:Does the plugin actually *do* anything? by bigdavex · · Score: 5, Funny

      The plugin downloads U2 albums.

      --
      -Dave
    2. Re:Does the plugin actually *do* anything? by Mal-2 · · Score: 4, Funny

      The plugin downloads U2 albums.

      With or without you.

      --
      How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
  4. What Config Key Do I Disable/Delete? by ewhac · · Score: 4, Interesting
    So if Mozilla can remotely jam new extensions in to my browser without so much as a dialog, that means malicious actors with even fewer scruples will be able to do it in about a week. Short of firewalling all of mozilla.org, how do I turn this shit off?

    (I wonder if this has anything to do with the weird XSS blocking dialog NoScript threw three times earlier today. It was blocking an XSS attempt between two domains, neither of which was open in any browser tab at the time.)

    --
    Editor, A1-AAA AmeriCaptions
    1. Re:What Config Key Do I Disable/Delete? by Dutch+Gun · · Score: 4, Informative

      Presumably only Mozilla has access to this sort of system. But then again, that's just an assumption of mine.

      You can turn this off in the Privacy section: "Allow Firefox to send technical and interaction data to Mozilla", and under that "Allow Firefox to install and run studies".

      It's the latter one that allows those experimental add-ons to be added and run. I had those both enabled, because I thought that Mozilla would be responsible in how it used them. Obviously, I was mistaken. So, at the very least disable the latter if you don't want more mysterious add-ons showing up. As soon as you uncheck that box, the add-on disappears.

      --
      Irony: Agile development has too much intertia to be abandoned now.
  5. Re:When browsers jump the shark by KiloByte · · Score: 5, Informative

    Don't forget disabling all existing privacy extensions. Oh, and mails you get from Mozilla are pure gold: "Keep trackers off your trail" blah blah "evade tracking technology" blah blah "https://click.e.mozilla.org/?qs=e7bb0dcf14b1013fca3820..."

    --
    The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  6. Re: When browsers jump the shark by Anonymous Coward · · Score: 5, Insightful

    Mozilla has no business installing add-ons without user consent, especially when it's done quietly in the background. This is the type of behavior that one would expect from malware, and it may well be illegal. I am seriously considering filing a lawsuit against the Mozilla Foundation under the Computer Fraud and Abuse Act.

  7. Re:Never seen it... by Dutch+Gun · · Score: 4, Informative

    If you hadn't enabled telemetry and studies, you wouldn't see it. Also, given that it's some sort of marketing tie-in to Mr. Robot, it might very well be US only.

    --
    Irony: Agile development has too much intertia to be abandoned now.
  8. Firefox Studies by zenbi · · Score: 5, Informative

    The extension was able to be installed if you had the "Firefox Studies" checkbox selected. To prevent Firefox Studies from installing extensions on your behalf:

    • Navigate to: "about:preferences#privacy"
    • Scroll down to the "Firefox Data Collection and Use" section
    • Uncheck the "Allow Firefox to install and run studies" checkbox (and the others, if you wish)
  9. Re: When browsers jump the shark by mikael · · Score: 4, Informative

    It seems to be a trend. I installed Chrome on a Linux partition and almost immediately, Yahoo tried to install their plugin into that browser.

    Not forgetting Canonical's spyware which sent your local search queries for command options to their servers. It's anonymized they claim - well it isn't if your ISP decides to do a man-in-the-middle attack and deep packet inspection with your data.

    http://www.omgubuntu.co.uk/201...

    --
    Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
  10. Re:When browsers jump the shark by jellomizer · · Score: 4, Insightful

    I want a browser to be fast, secure and protect my privacy. I don’t want it to tell me what I should watch or think.
    I may want Firefox for reasons different then the organization goals. I don’t appreciate getting stuff pushed on me.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  11. Re:"privacy-conscious users" by Anonymous+Brave+Guy · · Score: 4, Insightful

    Things are changing so fast and so broadly that the only way to keep up is to make that trade off.

    What an odd thing to write. We used to compensate people who provided new things we liked to have by paying them.

    The reason privacy is dying is because invading privacy has become profitable, and that in turn is because it provided a way to monetize people using a service or enjoying some digital content online without them having to do anything or even necessarily realising what was going on.

    Google and Facebook, with their culture of spying-for-ads, and Apple, with its app store culture of software-costing-$3-is-expensive, have much to answer for.

    --
    If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.