Mozilla Removes 23 Firefox Add-Ons That Snooped On Users

An anonymous reader writes: Mozilla has removed 23 Firefox add-ons from its add-on store that snooped on users and sent data to remote servers, a Mozilla engineer told Bleeping Computer Friday. The list of blocked add-ons includes "Web Security," a security-centric Firefox add-on with over 220,000 users, which was at the center of a controversy this week after it was caught sending users' browsing histories to a server located in Germany. "The mentioned add-on has been taken down, together with others after I conducted a thorough audit of [the] add-ons," Rob Wu, a Mozilla Browser Engineer and Add-on review, told Bleeping Computer via email. "These add-ons are no longer available at AMO and [have been] disabled in the browsers of users who installed them," Wu said.

Hey lets remove the old addons.

[DarkRookie]

Cuz, you know, the new stuff is definitely secure and this is just an illusion,

Re:Hey lets remove the old addons.

[slack_justyb]

Cuz, you know, the new stuff is definitely secure and this is just an illusion,

The old system was removed because:

One, the old system no one wanted to maintain it. Hard to keep a system secure when literally zero people want to work on it, Palemoon has some of the relics from the old system which means a lot of your addons should work there, but be warned that even they haven't kept 100% the old ways because...

Two, the old system sucked really bad. The old addon system is crap because it required way more tightly coupled pieces then should ever be needed. Yes, it was bad code, that should be said, Mozilla in the early days shipped bad code. By the time FF24 ESR came around, folks saw it as a good time to start breaking away from the old bad code because...

Three, you couldn't please everyone and new features took forever. All that super tightly coupled code meant that as soon as you changed that over there, person C's addon would break, fix it, and now person R over there has a broken issue related to feature ABC, fix that an now person Q is complaining about devs breaking feature XYZ. This was literally the norm with addons all of the time Bad code meant that the entire base was fragile and making sure addons worked between versions was becoming a nightmare, not only for FF devs but also for addon devs. Addon devs would just ask FF devs to just fix things and that led to...

Four, at some point the FF devs said screw fixing this crap. Palemoon devs I guess are more apt to fix old code than the FF devs were, but basically the FF devs looked at the task at hand and just said screw it. With no one else wanting to jump on board, they began putting together what would become the next version of FF.

Now here's the thing. These plugins were sipping data under the old system and they went undetected because the FF devs are busy trying to fix ABC that multitab dev over there is crying about. Now that the FF devs don't have to worry about that crap, yeah, they've got more time to carefully look at addons to see what's going on within. Addon security is indeed there, but only to a point. Addons aren't going to start grabbing files outside the sandbox and sending them to remote host, at least as far as anyone knows at the moment but bugs happen all the time. But all addons, even the old system, allowed your current URL request to be sent to remote host. If you use Palemoon, Chrome, Edge, or whatever, pretty much all addon systems allow to some degree the ability to ship your current URL to the addon for additional processing. The only way they can be made secure is to have eyeballs on the addons or if you just don't use addons at all, but you will not ever have an addon system that doesn't give the URL to the addon and trust them to not be malicious with it, unless you/yourself write said system. At some point, the end user needs to educate themselves about what the heck they're doing on their system. All addon systems are leaks of your data within your browser's sandbox. Using addons opens you up to a lot. If that's not kosher with you, then you ought not to use addons.

Re:Hey lets remove the old addons.

That's a long comment to say "things have changed at FF and not for the better". Every (and I mean every) change that has come out of Mozilla lately has been horrible. The browser is larger than before, slower than before, has less useful extenstions, and has less configuration options exposed. Definitely not on the right track anymore.

Re:Hey lets remove the old addons.

Got to wonder why this AC is so interested in others sexual activity?

Re: Hey lets remove the old addons.

Yeah, I do the same and patrol those churches and religious centers where those evil people prey.

Re:Hey lets remove the old addons.

That's a short comment to say "I didn't read GP, Mozilla is bad, everything new is bad!"

Re:Hey lets remove the old addons.

Newer is bad when it is larger, slower, and less useful than what came before.

Re:Hey lets remove the old addons.

So if I replace your keyboard with something less functional, then it’s better because it’s new?

Re:Hey lets remove the old addons.

[EzInKy]

Okay, but the main thing I want is a status bar on my desktop computer, the ability to easily add bookmarks with just a click or two, and I certainly don't need a "pocket" connecting to websites I want nothing to do with.

Re:Hey lets remove the old addons.

[slack_justyb]

That's a long comment to say "things have changed at FF and not for the better".

Depends on your definition of better. The code base is a lot cleaner and a lot of the underlying components no longer have crazy interactions with each other. They aren't quite to the point of easily being replaced in and out (loosely coupled) but they are a whole hell of a lot simpler to make changes in one without completely breaking the others. I'll side step multiple threads and what not. But compared to where the code base was, the browser's code is a whole hell of a lot better.

The browser is larger than before, slower than before

I don't know what you mean in size, pure size, RAM usage?? I'm going to go with RAM since that usually what most people point a finger to. Memory usage is an issue in all browsers, and that's not an excuse. However, memory issues have plagued Firefox for quite some time now, here's one example for starters. RAM usage in browsers is a complex topic that's not just a "Mozilla, Google, Microsoft" changed something and now everything breaks. Browsers are being asked very complex things by JavaScript frameworks, video decoding, complex style sheets, web fonts, and so on. I'll say, I don't have a clear answer for you on that. The web is increasing in complexity and pretty much a Browsers is being asked to be a small self contained VM. Firefox specifically has had to make shifts in what to prioritize for what goes on in the browser. So at one point there was a massive outcry of freezing and slowness, trade off for dealing with that to some extent is more RAM usage. There's a balance to be struck for sure, but even all high and mighty Google engineers have yet to really tackle that well. I will say this, that Palemoon has off and on change with this. Some releases will focus on CPU enhancements and other will focus on RAM enhancements and you can tell which one is which by looking at htop. The web is astoundingly complex and perhaps it shouldn't be that way, or maybe it should be that way and browser devs have just yet to crack a meaningful balance between CPU/memory. As for the slower than before, I've not noticed that, but it really depends on your setup. Again, that has a lot to do with, "can the browser offload tasks to something else?" Which it's still insane to me that we've gotten to a point where webpages are so complex that we need to have offloading workers, but I guess I'm just an old fart.

has less useful extenstions[sic]

Yeah, you might want to read the article you are posting to for that. Devs can do one of two things. One, go ahead hack together an API for that and watch as it is slowly abused to death and we go right back to bad code in the code base. Two, actually put together a well thought out API and stress test it over time to develop a model that is one that will work well without a million hacks. By all means, if there's some contribution you'd like to add, the devs are all ears. But by no means, should the devs hack something together, just so your purple hug bear bar multi-tab manager addon will work. Want to speed that process up? Feel free to send anyone worth their salt who won't duct-tape their API up to make it work over.

has less configuration options exposed

Fun thing, Chrome has a ton of options exposed. Number one complaint I hear from that team is the fact they had to implement a search bar for the configuration since there are so many dang options. Is there a balance? Oh you betcha! No arguments there, but it's literally, "you will always be burned by someone" type thing. about:config and just deal. If there's something you really, really want to see. Put it up on Bugzilla, make a strong argument for it. I'm not saying you are wrong on this, but it's just a such a touchy thing that devs really want a strong argument for

Re:Hey lets remove the old addons.

If the old keyboard happens to have a lot of security issues, do you still want to use the old keyboard?

Re:Hey lets remove the old addons.

I don't like not being able to use NoScript and Tab Mix Plus nor the paring down of configuration options, but saying the new stuff from Quantum onward is "larger" and "slower" puts you firmly in the "immensely full of horseshit" arena. Stop that shit. The performance boost on weak systems with multiprocess set to 1 or 2 is quite significant.

What are the addons?

I got a 404 from the link.

List

[bill_mcgonigle]

read TFA for methods and BMO link.

Popup-Blocker
Facebook Bookmark Manager
Facebook Video Downloader
YouTube MP3 Converter & Download
Simply Search
Smarttube - Extreme
Self Destroying Cookies
Popup Blocker Pro
YouTube - Adblock
Auto Destroy Cookies
Amazon Quick Search
YouTube Adblocker
Video Downloader
Google NoTrack
Quick AMZ

Re: List

That's not the whole list. What's your game?

Re: List

He copy-pasted that directly from TFA, but didn't read where it said that wasn't the complete list. In fact, some of the addons weren't identified by name at all.

Re:List

[kaizendojo]

Wow, absolutely no surprises in that list. Except for maybe that FB only appears twice.

Re:List

Wow, absolutely no surprises in that list. Except for maybe that FB only appears twice.

Well except neither the Facebook nor Google add-ons are actually from those companies. They are from, for example, third party companies based in the Seychelles with email addresses in Russia.

list

YouTube Download & Adblocker Smarttube
Popup-Blocker
Facebook Bookmark Manager
Facebook Video Downloader
YouTube MP3 Converter & Download
Simply Search
Smarttube - Extreme
Self Destroying Cookies
Popup Blocker Pro
YouTube - Adblock
Auto Destroy Cookies
Amazon Quick Search
YouTube Adblocker
Video Downloader
Google NoTrack
Quick AMZ

lol@ Smarttube - Extreme, Google NoTrack

OPTIONAL

What if the users dont care? Or consciously chose? Dont disable peoples software remotely without asking, Mozilla.

Re:OPTIONAL

[Desler]

How would they have been able to choose when the behavior was purposefully hidden from the users?

Re:OPTIONAL

These add-ons are no longer available at AMO and [have been] disabled in the browsers of users who installed them," Wu said.

This is worse than the spyware!

Re:OPTIONAL

[Desler]

Pretty sure most users disagree and are perfectly fine with malware being disabled on their computers.

Re:OPTIONAL

[JackieBrown]

Are they not able to enable it again? The summary said the addons were disabled not removed.

Re:OPTIONAL

[Desler]

And probably none will once the true purpose of the add-on has been exposed.

Re: OPTIONAL

Remember weatherbug?

Is one of the addons Pocket?

[xack]

pocket, amazon and systemd, ruining your linuxperience.

Re:Is one of the addons Pocket?

[EzInKy]

I was totally flabbergasted to find my default page connected to sites I had no interest in after my last system upgrade. What brainiac thought this one up?

Implications

[Artem+S.+Tashkinov]

What has become quite obvious recently is that add-ons for Firefox and Google Chrome web browsers (not sure about web browsers) should never be be trusted and if you really care about your security you should either give up on add-ons altogether or only use the ones which have a large enough user base (and this is not really a warranty of its safety).

For myself I've been using this workaround: I have a Firefox profile with all sorts of add-ons for my daily life and a I have a separate profile for banking which only has uBlock Origin installed - nothing else.

Re:Implications

[jbmartin6]

I use separate instances of Portable Firefox for the same purpose. Also true, browser extensions have to be treated like any untrusted program these days given how much we do from within the browser.

Re:Implications

[JackieBrown]

And only pay with cash instead of credit if it's not your credit card reader!

Re:Implications

[mangastudent]

What has become quite obvious recently is that add-ons for Firefox and Google Chrome web browsers (not sure about web browsers) should never be be trusted

For myself I've been using this workaround: I have a Firefox profile with all sorts of add-ons for my daily life and a I have a separate profile for banking which only has uBlock Origin installed - nothing else.

I do the same sort of thing, but I don't even trust uBlock Origin for my profile for all financial transactions, including ordering stuff. Sure, I generally trust it (plus uMatrix), but so do so many other people, and it's a very big target as a result. I don't see a great need for it, as I only launch that profile for a single site's interaction, and then exit before going to another site. But I do grant your implicit point that some financial sites out there are badly constructed and uBlock Origin might prevent a problem.

Complete list

Per the article:

Web Security
Browser Security
Browser Privacy
Browser Safety
YouTube Download & Adblocker Smarttube
Popup-Blocker
Facebook Bookmark Manager
Facebook Video Downloader
YouTube MP3 Converter & Download
Simply Search
Smarttube - Extreme
Self Destroying Cookies
Popup Blocker Pro
YouTube - Adblock
Auto Destroy Cookies
Amazon Quick Search
YouTube Adblocker
Video Downloader
Google NoTrack
Quick AMZ

Only 20 are listed in the article, not 23. 23 is the number of Illuminati, so maybe that's why Q listed 23?

OK But What About Going Forward?

[theshowmecanuck]

What's to stop snooping add-ons going forward? Is there a mechanism in place to ensure no malware makes it into Firefox add-ons that are published on the Mozilla site? If not, who cares.

Re:OK But What About Going Forward?

[slack_justyb]

Is there a mechanism in place to ensure no malware makes it into Firefox add-ons that are published on the Mozilla site?

I think that's akin to asking the question, is there a mechanism in place to ensure that some random source tree on GitHub isn't just malware? Other than having people look over the code, the answer is no. Mozilla switched up dev priorities and theres a handful of extra devs now that can review addons. However, I would suggest that if you are going to install an addon, to review the source of it. Outside that, YMMV between 0% stopped and 99% stopped. Addons aren't good in a security context, if you place a high value on security, then you might not want to use addons for any browser/randomly clone some branch of code from GitHub/randomly install some piece of a software on your system.

Re:OK But What About Going Forward?

All I know is that I have reported multiple addons, INCLUDING SOME ON THAT LIST, multiple times over the past few months and nothing happened. In fact, there are other addons (in both the AMO and Chrome webstore sites) that track their users as well, but because I don't have a platform, nothing got done. For example, https://github.com/uBlock-LLC/uBlock violates the rules of all the extension stores. I tried reporting it to no avail for a few days and nothing happened, so I reported it on various places on the web, it finally got picked up on soylentnews.org and someone there put it on reddit, and then one of the core devs for AMO saw it and removed it (it was still available on Chrome store). Of course, uBlock became available again on AMO on the next push, despite still being in violation, but no one seems to care as my reports go nowhere. Sure, there are way worse offenders than uBlock, but they are the most obvious, widely used, and public example. As far as I'm concerned, AMO doesn't care about the garbage available on their website until they are caught, in public, with their pants down.

Re:OK But What About Going Forward?

[AHuxley]

A browser testing to see what data flows back from the add on other than a version number update?

We need an app

[hcs_$reboot]

We need an app that snoops on apps snooping on users.

Re:We need an app

[hcs_$reboot]

You, sir, have to much free time!

Re:We need an app

[AHuxley]

A powerful software firewall?

what about

[sakono]

The honey app that's being promoted by youtubers now? It was known in the past for being spyware and some reports of it changing ads on pages to comprimised ads.

Re:what about

What about Hillary Clinton, Benghazi and her email server?

Addons=inferior/inefficient/faulty vs. hosts

Hosts protect when addons can't (or as well):

Bad sites (past ads)
Botnet C&Cs
DNS down/poisoned
Trackers (dns logs/ads/transparent ISP proxy)
Dns blocks
Spam/phish payload
Ads in videostreams
Slowdown 2 ways: adblocks & hardcodes
Hosts = Ez edit.

AB+ 151mb https://www.google.com/search?q=Adblock+memory+consumption&btnG=Search&hl=en&gbv=1/

UBlock 64MB https://www.google.com/search?q=UBlock+memory+consumption&btnG=Search&hl=en&gbv=1/

Hosts~6mb

Addons = ClarityRay defeatable & crippled http://www.businessinsider.com/google-microsoft-amazon-taboola-pay-adblock-plus-to-stop-blocking-their-ads-2015-2/

NoScript tag parses. Hosts block script prior to it!

No 1 addon does as much.

Stacked addons slowup.

ADDONS = EXPLOITABLE https://news.slashdot.org/comments.pl?sid=11166303&cid=55266729/

APK

P.S.=> APK Hosts File Engine 2.0++ 64-bit for Linux & BSD h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r L i n u x . z i p

Registered /.ers review of the Win64 model

Your software is just fine - well written, functional... I'm going to continue using the Host File Engine by mmell February 17, 2017

Your premise that hostfiles are a good way to deal with advertising and malvertising is quite valid - by JazzLad April 20, 2016

his hosts program is actually pretty good by xenotransplant August 10 2015

his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg September 25 2015

I like your host file system by Karmashock September 09 2015

that APK guy, I use his host file by rogoshen1 Tuesday March 03, 2015

I personally use a HOSTS file blocker produced from a genius called APK by 110010001000 October 27 2017

Linux model = faster/more efficient

APK

P.S.=> APK Hosts File Engine 9.0++ SR-1 32/64-bit for Windows https://www.google.com/search?...

Misleading summary

[mysidia]

which was at the center of a controversy this week after it was caught sending users' browsing histories to a server located in Germany.

The AddOn's description and privacy policy are very clear.... It's a cloud-based security AddOn that queries a realtime database on somebody else's server to help decide if a URL is malicious, therefore the addon naturally has to send a request to the server with the URL.

Whoever is describing the Add-On as "Spying" because of functioning as it is documented to function is being extremely disengenuous (IMO) --- Perhaps they work for another antivirus or security company and would prefer more users be infected to bolster sales?

2. Non-personally identifiable information that is collected automatically by Creative Software Solutions GmbH:

When the user opens the pages, used by Web Security, the following information gets processed to assure the successful operation of Web Security: the web pages that the user opens or the operating web server, the name of the internet service provider of the user and the website from which the user came from and the sub-pages the user opened. Otherwise, the user might not be warned of harmful sites. No personal information is collected by Creative Software Solutions GmbH automatically. The date and duration of the individual page visits will be stored by Creative Software Solutions GmbH in an anonymous form and checked against a database operated by Creative Software Solutions GmbH to alert the user about malicious sites, so that the purpose of the contract is fulfilled.

Re:Misleading summary

Sounds like we found an employee of this malware company.

Re:Misleading summary

[higuita]

bullshit talk or they do not understand enough about security to have a security add-on!

You do not need to send user url to a remote server, you hash the full url (or HOST and URI if you want both data) and send the hash. the remote server compare if that hash is in their DB or not and report back to the user about the result.

Sending the user data directly is either laziness, ignorance or malicious. Most of the time this happens is malicious, is to gather tracking info about users (even if anonymous, profiling on what people access is valued info for marketing)

Re:Misleading summary

[mysidia]

you hash the full url ... and send the hash. the remote server compare if that hash is in their DB or not and report back to the user about the result.

No..... that is an architecture choice. A hash is pretty useless for scanning the URL if the URL is not found in their current database.
Many web filtering solutions query the full domain and URI to a remote server; (or rather, a Base64-encoded version of the same).

This is fundamentally no different than Proofpoint's method which scans all incoming e-mail and replaces URLs with an encoded version that
forwards through .URLDefense.proofpoint.com which does a 302 REDIRECT either to the original URL in the e-mail
message if nothing suspicious is found. Or else a 302 REDIRECT to a block page.

The security provider's servers check a cache if the URL is known good or known bad, and takes the proper action.
If the URL is in Neither database ---- then their servers won't know a hash for that URL, Before returning a reply to
the client, the security provider runs a scan of the URL from their servers, using their patterns and proprietary rules, possibly augmented with some 3rd party databases, and returns back either a Good or Suspicious Site response. Note that a hash is not adequate for any of this process.

Re:Misleading summary

[higuita]

Again, that is the lazy solution, you can create a blocklist rule for more complex rules and send it to the client, you can break the url in blocks and hash then and again use the hash against your internal rules. Even if really needed, the host can always be a hash (break it if needed) and send only the plain uri without query-strings. This way user site access is protected and query-string data is protected. URI without those is less critical (but still can give lot of info on what the user is doing)

Yes, protecting the user privacy make things harder, but sending the full URL is very bad and can break trust, if not even illegal, as it can catch protected info that would be hidden via https. There are checks that must never be in the server side, that must be in the client side so the user privacy and data is protected.

Re:Misleading summary

Does the German company really provide security filtering services, or do they just forward it to the free Microsoft or Google services etc.? Then sit on their databases obtained from doing nothing. It could be security laundering.

Does the company have employees?
Did they do these : https://www.isthisfilesafe.com/company/Creative%20Software%20Solutions%20GmbH_details.aspx
Random crap .exe file including fraudulent VLC media players (a great classic on porn and streaming sites, albeit these days there are plenty "legit" porn sites all on HTML5 video)

Re:Misleading summary

[mysidia]

Yes, protecting the user privacy make things harder, but sending the full URL is very bad and can break trust

No... Respecting that they need the information sent to them to do what they do and have a Privacy policy restricting their use of information is called
TRUSTing them. "Break"ing trust is suggesting some crazy scheme where the security provider will only have hashes based on URLs and Postdata,
because you don't personally trust them to adhere to their privacy policy regarding data they admit to collect.
Besides.... Have you considered that even if you Hash URL components, that doesn't technically assure privacy?

With enough wasted computation power: All the hashes can be reversed by brute force or dictionary scan; especially if you know that
all the names are short PostData components or DNS names --- only uncommon hostnames would be at all resilient.

Your "hashing" solution to a Non-Problem is essentially flawed at its fundamental level: The result of a hashing algorithm is not a zero-trust proof; Cryptographic hashes were not designed by any means for the application that you are proposing ------ Seems like you're basically trying to suggest security solutions providers misuse hashing algorithms and roll their own flawwed crypto, which is a big security no-no, and a waste of time and developer resources, anyways.

Even if really needed, the host can always be a hash (break it if needed) and send only the plain uri without query-strings. This way user site access is protected and query-string data is protected.

No.. You are making assumptions about the filtering methods that will be used. Despite your suggestion to the contrary, the
query-strings and other data are very necessary for the security provider to have for some of the most effective methods.
These are actually necessary for the security provider's servers to accurately simulate the URL being accessed by a client, As they are part of the environment data passed to the webpage: and if the URL data were missing -- this can tip off the Javascript code or exploit attempt that someone is running their script inside a malware detection/analysis sandbox or other dynamic evaluation environment on a headless remote server before the real browser is allowed to see it.

Again, that is the lazy solution

Not really... It is potentially the method a proper solution should use.

you can break the url in blocks and hash then and again use the hash against your internal rules

No malicious URL detection mechanism worth its salt is based solely on a fixed blacklist or whitelist that can be looked up by hashes of URL components.
Contextual information within page documents, where a link appears, the type of content, type and reputation of the HTTP referrer, whether the URL appears to contain malformed objects, obfuscated code, Or known code snippets from a large library are very relevant, and those are things the server needs to pull and find in order to return a response + optionally Update private reputation data that will be used to quickly recognize a bad URL in the future.

you can create a blocklist rule for more complex rules and send it to the client

You're referring to a specific kind of blocking system.
By their very nature different filtering solutions work by different means and have Pros and Cons.
Systems that rely on only the client to make complex "detection" decisions tend to be greatly inferior from a security
and reliability standpoint, because of the design constraints that using client-side decisionmaking imposes.

Implementing blocking logic on the server VS the client is totally a software architecture choice.
Both choices are legitimate, and server-based blocking precludes concealing information from the
server by hashing it. The server is going to do the analysis and make a decision for the whole gro

Ohh good for you!

Off good for you!
Mr. InstallShitOnMySystemForAnAdStunt .... fucking cunts!

The real WTF

"These add-ons are no longer available at AMO and [have been] disabled in the browsers of users who installed them," Wu said.

How the hell was that done Mr. Wu.

Re:The real WTF

[Desler]

How do you think? The browser was told to disable the add-ons by the Mozilla Add-On site.

Re:The real WTF

[Shikaku]

There's an addon blacklist file. Just like there's a URL blacklist file. Former: http://kb.mozillazine.org/Bloc... Latter: http://kb.mozillazine.org/Urlc...

Tamper data?

This addon was great for testing security and just noticed it missing yesterday

APK is a lying retard

Sorry retard APK, you are proven to be a lying retard who can't backup your claims. Your retarded ass got destroyed because your work is shit. No one should take your security advise as you even provide evidence from security experts saying that your methods don't work. I'm sure you will throw a fit again because I am exposing to everyone that you are a loser but when your failure is this great everyone needs to know to steer clear of your work if they want actual security.

ANSWER 2 QUESTIONS troll

Answer 2 questions. Do hosts stop threats served by hostname (which are the way it's done most) by blocking them? Yes. Do hosts speed you up 2 ways in adblocking, preventing more infection/tracking/slowdown AND via hardcoded favorite sites resolving faster + protecting vs. dns down or redirect poisoned? Yes.

My hosts program's the only 1 that does the latter & only 1 of its kind on Linux/BSD in easy to use flexible configuration GUI form.

I also did that latter part LONG before the Chinese & 1st http://theregister.co.uk/2017/...

* Have you done work that is that effective doing far more for far less faster in kernelmode speed (cpu priority)? No.

APK

P.S.-> You really are JEALOUS "Jowie" as he calls you and it shows! apk

Impersonating me AGAIN? Ok then... apk

1st: ENJOY your downmod. Others know you're NOT I (& wish you were by impersonating me (poor imitation)) & I'm NOT here to win a "popularity contest": I'm here to WIN so EVERYONE DOES & be faster/safer/more reliably connected online.

Your CRAP's what I PUT UP W/ if one's "World-Class" (like ME): STALKERS stalking u by UNIDENTIFIABLE ac (everyone sees it happening & I suspect it's INFERIOR competitors, webmasters & advertisers (mostly) & malware makers (as my hosts engine affects 'em adversely & gives users of it more SPEED/SECURITY/RELIABILITY & more anonymity online)).

* GROW UP & GET ON TOPIC!

APK

P.S.=> 3 things show I do it right:

1st = User praise my hosts engine https://tech.slashdot.org/comm...

2nd "ATTACKS" I GET (from UNIDENTIFIABLE ac as Elon Musk got https://tech.slashdot.org/stor... )

3rd BEING IMITATED = "Imitation = sincerest form of flattery" https://linux.slashdot.org/com... ... apk

Software freedom combats proprietary malware

[jbn-o]

What's to stop snooping add-ons going forward?

Software freedom; the freedom to run, inspect, modify, and share published computer software plus user's vigilance and not installing stuff one really doesn't need.

Is there a mechanism in place to ensure no malware makes it into Firefox add-ons that are published on the Mozilla site?

We know of no perfect defense against malware. As this essay points out, "We who present free software as a defense against malware do not say it is a perfect defense. No perfect defense is known. We don't say the community will deter malware without fail.". The best defense we have is to run only free software and to support software freedom for its own sake, as a good unto itself. This is a big part of the reason why Firefox (which can be made free) is so important a browser and why other popular browsers (regardless of their developmental claims) aren't trustworthy. Other popular browsers are nonfree, user-subjugating, proprietary software and there's a lot of proprietary malware.

Fuck you

[Mats+Svensson]

We value your privacy

We and our partners use technology such as cookies on our site to personalise content and ads, provide social media features, and analyse our traffic. Click below to consent to the use of this technology across the web. You can change your mind and change your consent choices at anytime by returning to this site.

Change consent

Powered by
Quantcast - GDPR Consent Solution

Well, fuck you too!

Retard APK lost again

To your first one the answer is only some and only from those that are well known long after they became a threat, but there are many solutions that do a better job of stopping that. The other options allow better options for block as one can block all machines in a domain at once instead of having to create an entry for each one. Also hosts can only ever stop outbound connections instead other tools can stop connections in both directions. So looks like you've been out done here.

To your second question no it doesn't' speed you up, especially when you are dealing with a file the size of yours, even if it does run in kernel mode. A linear search is all that can be done because it can't be assumed that hosts is sorted. Given that, it means that anything else that operates off of a sorted list will be faster. Add in the huge file you deal with and you really start seeing slow performance because string comparisons are expensive so the goal should be to reduce the number done, not maximize it like you seem to want to do. Also there are plenty of other tools that do a better job of stopping crap, like NoScript for example that stops all scripts thus providing more of a speedup than your work ever could. NoScript also manages to stop an entire broad category of attacks always instead of your work which can only stop attacks from well known sources that happen to be dependent on the client machine doing a DNS lookup. If I were worried about DNS outages or poisoning I would run something like dnsmasq either locally or on my network. This would handle all that, operates faster, and provide more security than your silly toy solutions.

We've been over this before about the Chinese but you can't seem to understand that it is more likely that they came up with the same stupid simplistic obvious idea independently. You keep asserting that they copied you but can provide no evidence beyond your own uninformed speculations.

You are right that I haven't done work that is as ineffective as your hosts file engine stupidity. This is because I actually have never created something as defective and then claimed it provides security. The software I work on and create actually requires that I be able to prove it provides security and the code goes through a formal verification and validation process. This process isn't a code review, but instead a team gets together and validates everything for correctness starting with the assertions that were made before coding began, and works their way up from there. This requires doing mathematical proofs and then validating that the code correctly implements the math which is something you don't comprehend. This is an expensive and time consuming process that none of your work has gone through and never will.

The problem you have is that you started with the false premise that hosts provides good security. The truth is that hosts is a black list and black lists are the worst way of doing that. They are better than nothing but when it comes to provable security they provide none. Black lists can never enumerate all possible entries, are always out of date, are easily circumvented, and require constant maintenance. You are a failure and no one should listen to your advise.

No, you lose vs. me as always... apk

What "so-called 'solution'" does MORE for less resource use & complexity leading to its exploitation? DNS or AntiVirus or addons?? All security issue riddled resource hogs!

Wildcards lead to FALSE POSITIVES GALORE (hosts specifics do not & are easy to edit by anyone) - whitelists are maintenance nightmares even moreso!

Hosts SPEED YOU UP 2 ways:Hardcoded favorite sites avoiding slower security issue riddled DNS & blocking ads alone offsets any parse & THE ONLY PARSE THAT HAS TO BE FAST is your FAVORITE SITES you spend MOST TIME @ online @ TOP of hosts cached in RAM operating in kernelmode!

NoScript has to PARSE ads script src tags etc.: Hosts don't & OPERATE LONG BEFORE NoScript does on 3rd party scripts (the most dangerous ones) in kernelmode speed making NoScript REDUNDANT SLOWER USELESS!

APK

P.S.=> You are just (& yes, I've gotta say it) "too, Too, TOO EASY - just '2ez'" to BLOW AWAY as always, lol... apk

Stop lying illeterate retard APK

Maybe you should actually read any of the writings of the security experts you post links to. They are listed there and stated as being better more effective solutions.

You have plenty of false negatives but don't even know about them. Even ignoring that having wildcards to block everything under a higher level domain provides greater security than anything you offer even if it does ensnare an innocent but even there it would be a rare occurrence. As far as whitelisting goes maintenance wise it is at worst no more difficult than blacklists, and once set can actually be forgotten about unlike your offering which needs continual attention. Now backup your claim that white lists are worse for maintenance than blacks lists, you made it and as always can't support it because everything one can say about one it can be said about the other in regards to this.

You really don't understand how things work. The cache you refer to has nothing to do with your hosts file but instead has to do with what look-ups you have done most recently. It would function the same if hosts was empty or if it had 23 billion entries. After that all that matters is the searching ability and you apparently don't understand algorithms since you would understand just how wrong you are since a linear search is dog slow and gets worse when doing string comparisons. It doesn't matter if that search runs in kernelmode as all that means is that it is slightly less likely to get preempted than code in user space, but it is still stuck doing that slow linear search with tons of expensive string comparisons.

You really are retarded. The parsing still needs to be done by the browser so there is no speed difference. Unfortunately for you most scripts are embedded in other first party scripts that source them in. This means that NoScript will block them earlier and will result in fewer resources being consumed. Also NoScript still stops an entire broad category of attacks while your false solution can't make any such claim.

The only thing you blew was your own credibility as you fail to refute criticism of what you say and instead just keep repeating your same old tired lies. You keep trying to deflect from your failure while failing counter anything others say. You also appear to suffer from some mental disorder as you are always laughing at your own statements.

Since you can't actually make a point or even support your ramblings we are done here. Come back when you actually have accumulated some knowledge and wisdom as you appear to have none. Until then expect me to continue exposing you and linking back to your failures when you start spamming them.

DNS/Antivirus/Addons = security flaws+slowup

DNS/Antivirus/Addons = security flaws+slowup - no questions asked vs. hosts & they use more resources by FAR! Some 'solution' for security when they themselves INTRODUCE security issues (or don't work by default like Adblock) & SLOWUP - hosts speed you up 2 ways by comparison.

Wildcards PRODUCE false positives like MAD - hosts specifics don't & any end user can EASILY edit hosts too!

I make maintaining hosts EASY via my program.

Hosts files get CACHED by any OS' caching subsystem - fast in kernelmode (vs. slower/less cpu prioritized usermode "solutions" you speak of messagepassing overheads GALORE & resource use like mad - for what? DOING LESS THAN HOSTS DOES by itself (does more for less vs. ANY other 'competitor' by far)). The IP stack & hosts do the resolutions of fav sites + blocked ones (& should BE the ONLY THING that does).
APK

P.S.=> I blew my credibility? LOL - I know now - I just BLEW YOU AWAY easily, again... apk

Shut your lying shit bag mouth APK

I don't threaten vs. a NOBODY

Shut your fucking pie hole you lying sack of shit.
You threaten people all the time and when called on it you hide in the fucking corner and piss yourself.
So come on pussycake post your fucking address.

LOL! Says pusscake ANTIFA anonymous

Yes, you truly ARE a nobody & it shows in FAR MORE than just your UNIDENTIFIABLE stalkings of me (chickenshit bitch you are) - it shows in you being a DO-NOTHING "ne'er-do-well" UNSKILLED & UNDEREDUCATED waste of life LOSER too, lol!

* By the way: Make me you shitbrain punk (newsflash - you can't & I don't obey a NOBODY like you or "your kind" (wastes of life)).

(You & yours? DISGUSTING little weezils, nothing more)

APK

P.S.=> ... & you KNOW it (+ constantly PROVE it too) - FACT: Bugs Bunny has more REAL IDENTITY than you do - so in threatening a punk that hides like you STALKING, IMPERSONATING & even THREATENING ME (1st)? I literally am NOT threatening anyone real - A NOBODY (you, for real & in more ways than 1, see above) So - you LOSE, stupid, always, vs. me - accept it... apk