Language Selection

English French German Italian Portuguese Spanish

Silent installs of add-ons still possible in Firefox

Filed under
Moz/FF

A security researcher has demonstrated how it is still possible to silently install extensions, or as Mozilla calls them add-ons, for the open source Firefox web browser. In a blog post, Julian Sobrier of ZScaler detailed the process, which makes use of the fact that Firefox uses an Sqlite3 database to maintain information about which add-ons are installed and, of those, which ones have been approved by the user.

This feature, introduced in Firefox 8, was designed to stop toolbars and other applications adding in their own add-ons without informing the user. Sobrier's technique shows though that the mechanism is relatively easy to overcome. Add-ons have privileged access to the browser and therefore a malicious add-on could do anything including stealing the user's history, modifying pages' contents or disabling security features in the browser.

rest here




More in Tux Machines

Ubuntu 15.04 Vivid Vervet Final Beta Available For Download

Ubuntu 15.04 Vivid Vervet final beta was released today, bringing quite a few changes, like locally integrated menus (LIM) by default, upstart was replaced with systemd by default as well as various other improvements and fixes. Let's take a look at what's new! Read more Also: Kubuntu Vivid Beta 2

The Changing Cost of Open Source

At one time higher ed wanted community-built software because of the $0 price tag; now many universities are paying somebody else to keep open source projects moving forward. Read more

Allwinner Continues Jerking Around The Open-Source Community

While Allwinner has been caught violating the (L)GPL and resulted in obfuscating their code and playing around with their advertised licenses, now this ARM vendor is taking things a step further. Read more Also: Allwinner Plays Around With Licenses On Its Media Codec

OS X 10.10 vs. Ubuntu 15.04 vs. Fedora 21 Tests: Linux Sweeps The Board

With having a new Apple Mac Mini in our testing labs this week, I ran some basic benchmarks comparing Mac OS X 10.10.2 to Ubuntu 15.04 to Fedora 21 in a few different configurations. Read more