MozillaZine

WOT (Web of Trust) accused of stealing private data

User Help for Mozilla Firefox
trolly
Moderator

User avatar
 
Posts: 39908
Joined: August 22nd, 2005, 7:25 am

Post Posted November 1st, 2016, 1:54 pm

According to a German TV news show WOT sends private data to data aggregators without really anonymizing them.
As consequence the surfer can be identified.
Among these data are:
Date, time, location, URLs and a user id.

The reporters were able to identify several people including people of public interest.

http://www.ndr.de/nachrichten/netzwelt/ ... tz100.html

Update: How it was done:
https://www.kuketz-blog.de/wot-addon-wi ... ausspaeht/
Think for yourself. Otherwise you have to believe what other people tell you.
A society based on individualism is an oxymoron. || Freedom is at first the freedom to starve.
Constitution says: One man, one vote. Supreme court says: One dollar, one vote.

makaiguy

User avatar
 
Posts: 16862
Joined: November 18th, 2002, 6:44 pm
Location: Somewhere in SE USA

Post Posted November 1st, 2016, 2:03 pm

Oh, the irony ...
Doug Wilson, "The Makai Guy"
Win10 (64bit): FF 78.0.1 (64bit), TB 68.10.0 (32-bit) ║ Android 10/7.1.1: FF Mobile 68.9.0, No TB for Android available, dammit!
What a fool believes he sees, no wise man has the power to reason away - Doobie Brothers

Virtual_ManPL

User avatar
 
Posts: 2038
Joined: July 24th, 2008, 5:52 am

Post Posted November 2nd, 2016, 8:25 am

Yea... collecting non-personal non-identifiable information like IP, seems logical and legit :---)

But whatever, mostly of these things were already written in their TOS, so in the end it's your fault for using this botnet. :vamp:
https://www.mywot.com/en/privacy/privacy_policy
Non-Personal Information:

The information we collect is aggregated, non-personal non-identifiable information which may be made available or gathered via the users’ use of the WOT Utilities ("Non-Personal Information"). We are not aware of the identity of the user from which the Non-Personal Information is collected. We may disclose or share this information with third parties as specified below and solely if applicable. We collect the following Non-Personal Information from you when you install or use the Product or use the WOT Platform:

Your Internet Protocol Address;
Your geographic location (e.g., France, Canada, etc.);
The type of device, operating system and browsers you use;
Date and time stamp;
Browsing usage, including visited web pages, clickstream data or web address accessed;
Browser identifier and user ID;
Virtualfox persona

Tired of constant Firefox UI changes?
XUL extensions are not working anymore?
Try SeaMonkey, Waterfox Classic, Pale Moon.

trolly
Moderator

User avatar
 
Posts: 39908
Joined: August 22nd, 2005, 7:25 am

Post Posted November 2nd, 2016, 12:00 pm

In the added link above it is shown that the data includes email addresses and other very private information.
Think for yourself. Otherwise you have to believe what other people tell you.
A society based on individualism is an oxymoron. || Freedom is at first the freedom to starve.
Constitution says: One man, one vote. Supreme court says: One dollar, one vote.

toolong
 
Posts: 913
Joined: December 24th, 2011, 10:29 am

Post Posted November 2nd, 2016, 3:31 pm

trolly wrote:In the added link above it is shown that the data includes email addresses and other very private information.



I would pass this around to some friends but none of us reads German. Is there a link to this article in English?

trolly
Moderator

User avatar
 
Posts: 39908
Joined: August 22nd, 2005, 7:25 am

Post Posted November 3rd, 2016, 12:56 am

I found this translation:

http://www.ghacks.net/2016/11/01/browsing-history-sold/

An excerpt from the second link:
Every URL I visited appears in the data including the session id.

You know what you can do with a session id.
Think for yourself. Otherwise you have to believe what other people tell you.
A society based on individualism is an oxymoron. || Freedom is at first the freedom to starve.
Constitution says: One man, one vote. Supreme court says: One dollar, one vote.

Virtual_ManPL

User avatar
 
Posts: 2038
Joined: July 24th, 2008, 5:52 am

Post Posted November 3rd, 2016, 4:35 am

Some follow up on Bugzilla - Bug 1314332 - Web of TrusT (WOT) Addon is malicious according to news reports,
with nice analysis included.
Virtualfox persona

Tired of constant Firefox UI changes?
XUL extensions are not working anymore?
Try SeaMonkey, Waterfox Classic, Pale Moon.

toolong
 
Posts: 913
Joined: December 24th, 2011, 10:29 am

Post Posted November 3rd, 2016, 10:43 am

trolly wrote:I found this translation:

http://www.ghacks.net/2016/11/01/browsing-history-sold/

An excerpt from the second link:
Every URL I visited appears in the data including the session id.

You know what you can do with a session id.



Thank you for the link. That was most helpful.

MirceaKitsune
 
Posts: 4
Joined: November 3rd, 2016, 8:44 am
Location: Romania, Bucharest

Post Posted November 3rd, 2016, 12:54 pm

Good thing I disabled WoT, mostly due to performance reasons. The bad news is, I only did so earlier today, after using it for over two years. I don't really see what it could have to do with tracking, but things like this happening in general is sadly unsurprising.

kukla
 
Posts: 849
Joined: December 30th, 2008, 3:59 pm

Post Posted November 3rd, 2016, 2:21 pm

Any good alternatives for Mac (10.11) Firefox 45 ESR?

RobertJ
Moderator

User avatar
 
Posts: 10858
Joined: October 15th, 2003, 7:40 pm
Location: Chicago IL/Oconomowoc WI

Post Posted November 10th, 2016, 11:15 am

kukla wrote:Any good alternatives for Mac (10.11) Firefox 45 ESR?


WOT was really never a "good" thing. It relied on "opinions" from users rather than actual vetted information.

.
FF 78.0.1 - FF 79b1 - FF 80a - TB 68.10 - Mac OSX 10.13.6

Reflective

User avatar
 
Posts: 2283
Joined: February 15th, 2007, 11:13 am

Post Posted January 28th, 2017, 7:00 am

I think it's worth mentioning here that anyone running Windows 10 is giving away volumes of data for free to Microsoft who is also selling it on to third parties such as advertisers: https://senk9.wordpress.com/2015/08/02/ ... vate-data/

trolly
Moderator

User avatar
 
Posts: 39908
Joined: August 22nd, 2005, 7:25 am

Post Posted January 28th, 2017, 7:35 am

The problem is/was that individual users could be identified from the sold data.
Think for yourself. Otherwise you have to believe what other people tell you.
A society based on individualism is an oxymoron. || Freedom is at first the freedom to starve.
Constitution says: One man, one vote. Supreme court says: One dollar, one vote.

chrisroald
 
Posts: 2
Joined: January 29th, 2017, 4:54 am

Post Posted January 29th, 2017, 5:17 am

From a win10 laptop mobile bb dongle uploaded 2gb's 'data' in a day! Could this have been the o/s or an addon of ff?

Return to Firefox Support


Who is online

Users browsing this forum: No registered users and 4 guests