[funsec] FlashGot Firefox plugin, now spyware
Reed Loden
reed at reedloden.com
Tue Feb 16 10:29:03 CST 2010
On Tue, 16 Feb 2010 11:47:48 +0200
Gadi Evron <ge at linuxbox.org> wrote:
> Just to make sure we have the same terminology, as a friend of mine
> disagrees:
> 1. It adds content to web pages I visit (so far just Google) by
> suggesting tweaked searches, possibly (unconfirmed) by sending data
> about my searches, which would make it spyware.
> 2. When I click these suggested better searches for what I was looking,
> it sends me off to a different search engine, which I define as adware.
Thanks for the information. I can confirm that the latest version of
FlashGot does include code that adds "search refinements" via
"Surf Canyon" to all Google, Bing, and Yahoo! search result pages. This
new "feature" was added in the most recent version of FlashGot
(v1.2.1.13), is enabled by default, and can be disabled by modifying
the "flashgot.surfcanyon" preference in about:config to "false". As far
as I can find, the only place where this change is mentioned is a
one-line entry on http://flashgot.net/changelog.
I can't speak for our AMO admins, but I'll definitely be following-up
with them to see what our current policies are concerning such things
and whether this change/addition violates any of those policies.
Thanks again for the report.
~reed
Mozilla Security Group
--
Reed Loden - <reed at reedloden.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://linuxbox.org/pipermail/funsec/attachments/20100216/ae58444b/attachment.pgp
More information about the funsec
mailing list