Norton claim that Mozilla forcing change in add-on behavior
-
- Posts: 29
- Joined: April 27th, 2014, 12:44 am
Norton claim that Mozilla forcing change in add-on behavior
I have long used Norton Internet Security, with its automatic (unless disabled) Toolbar add-on to Firefox (often called Identity Safe). While I would always hide the visible Toolbar in Firefox, I appreciated the fact that it would cause site-safety ratings show up next to each result in a Google search (green means safe, yellow means caution, red means unsafe, and grey means unknown). These were mostly based on known malware/phishing presence -- with specifics given for each "unsafe" rating, as opposed to the more-subjective, largely content-judging ratings of Web of Trust. The Norton site-safety ratings for Google search results was a VERY useful feature.
Well, with Firefox going to 57, Norton claims (link below), that the new Webextensions API required them to take a different approach, designing a "new" add-on called SafeWeb that will work with 57, but it will no longer attach site-safety ratings to Google search results. Instead, you have to do the search through SafeWeb's own interface (powered by the awful Ask.com). (And BTW, SafeWeb is hardly anything "new" as Norton is trying to present it -- it has been available to anyone as a Firefox add-on for years..which immediately brings the credibility of all of Norton's claims in this document into question.)
Bottom-line question: Is Norton credible when they claim (as implied in the document, and explicitly stated on Norton Forums) that Mozilla will no longer allow them to create an add-on that adds site-safety ratings to Google Searches in Firefox 57? NOTE THAT NORTON *DOES* STILL HAVE THIS FUNCTIONALITY WITH ITS CHROME EXTENSION. Maybe I'm wrong, but this sounds more like a ploy to get more revenue sharing with Ask under the guise of a false "this is the only way Mozilla will let us do it now" claim. Any thoughts (aside from "you shouldn't be using Norton or allowing Toolbars")? Thanks
https://support.norton.com/sp/en/us/hom ... file_en_us
Well, with Firefox going to 57, Norton claims (link below), that the new Webextensions API required them to take a different approach, designing a "new" add-on called SafeWeb that will work with 57, but it will no longer attach site-safety ratings to Google search results. Instead, you have to do the search through SafeWeb's own interface (powered by the awful Ask.com). (And BTW, SafeWeb is hardly anything "new" as Norton is trying to present it -- it has been available to anyone as a Firefox add-on for years..which immediately brings the credibility of all of Norton's claims in this document into question.)
Bottom-line question: Is Norton credible when they claim (as implied in the document, and explicitly stated on Norton Forums) that Mozilla will no longer allow them to create an add-on that adds site-safety ratings to Google Searches in Firefox 57? NOTE THAT NORTON *DOES* STILL HAVE THIS FUNCTIONALITY WITH ITS CHROME EXTENSION. Maybe I'm wrong, but this sounds more like a ploy to get more revenue sharing with Ask under the guise of a false "this is the only way Mozilla will let us do it now" claim. Any thoughts (aside from "you shouldn't be using Norton or allowing Toolbars")? Thanks
https://support.norton.com/sp/en/us/hom ... file_en_us
-
- Posts: 29
- Joined: June 21st, 2015, 7:28 pm
Re: Norton claim that Mozilla forcing change in add-on behav
Umm so, how is that related to this Firefox support section?
- malliz
- Folder@Home
- Posts: 43796
- Joined: December 7th, 2002, 4:34 am
- Location: Australia
Re: Norton claim that Mozilla forcing change in add-on behav
Norton/Symantec make a lot of claims one of which is they make a decent product. Any company that aligns itself to Ask has a very dubious business model.
Valid question we see a lot of Firefox problems caused by Norton/SymantecSugoi wrote:Umm so, how is that related to this Firefox support section?
Last edited by malliz on November 20th, 2017, 2:22 pm, edited 1 time in total.
What sort of man would put a known criminal in charge of a major branch of government? Apart from, say, the average voter.
"Terry Pratchett"
"Terry Pratchett"
-
- Posts: 188
- Joined: July 20th, 2017, 11:58 am
Re: Norton claim that Mozilla forcing change in add-on behav
The Firefox Webextension API can do most, but not all things that Chrome extensions can do. They are probably lying, with rewriting the extension or modifying their Chrome one, they probably could make a webextension that alters webpage results - adblockers are able to modify webpages so it should likely be possible. It would require a full rewrite or modifying the Chrome extension. But, accusing someone (Norton) who you want to do you a favor may not be successful in getting you what you want.
- the-edmeister
- Posts: 32249
- Joined: February 25th, 2003, 12:51 am
- Location: Chicago, IL, USA
Re: Norton claim that Mozilla forcing change in add-on behav
Extensions are no longer allowed to add a toolbar to the User Interface. Not directed towards a particular company or particular type of application or functionality (i.e., , towards Norton or security toolbars).Rick216 wrote: ...
Bottom-line question: Is Norton credible when they claim (as implied in the document, and explicitly stated on Norton Forums) that Mozilla will no longer allow them to create an add-on that adds site-safety ratings to Google Searches in Firefox 57? NOTE THAT NORTON *DOES* STILL HAVE THIS FUNCTIONALITY WITH ITS CHROME EXTENSION. Maybe I'm wrong, but this sounds more like a ploy to get more revenue sharing with Ask under the guise of a false "this is the only way Mozilla will let us do it now" claim. Any thoughts (aside from "you shouldn't be using Norton or allowing Toolbars")? Thanks
https://support.norton.com/sp/en/us/hom ... file_en_us
So, following the WebExtensions format as set forth by Mozilla, Norton has provided a "door-hanger" type of notification display that looks like when the cursor is 'on hover' over their toolbar button a notification panel appears. Seems to be logical solution, IMO.
A mind is a terrible thing to waste. Mine has wandered off and I'm out looking for it.
-
- Posts: 29
- Joined: April 27th, 2014, 12:44 am
Re: Norton claim that Mozilla forcing change in add-on behav
Thanks. Maybe there's something I'm failing to understand here, but wouldn't that also disallow WOT' (Web of Trust) from appending site ratings to Google search results? I understand that the WOT add-on still works with Firefox 57. (Although I suppose it's possible that WOT has moved to a "door-hanger" approach in Firefox 57? I can't test that possibility because I have Firefox 52.5ESR.)the-edmeister wrote:Extensions are no longer allowed to add a toolbar to the User Interface. Not directed towards a particular company or particular type of application or functionality (i.e., , towards Norton or security toolbars).Rick216 wrote: ...
Bottom-line question: Is Norton credible when they claim (as implied in the document, and explicitly stated on Norton Forums) that Mozilla will no longer allow them to create an add-on that adds site-safety ratings to Google Searches in Firefox 57? NOTE THAT NORTON *DOES* STILL HAVE THIS FUNCTIONALITY WITH ITS CHROME EXTENSION. Maybe I'm wrong, but this sounds more like a ploy to get more revenue sharing with Ask under the guise of a false "this is the only way Mozilla will let us do it now" claim. Any thoughts (aside from "you shouldn't be using Norton or allowing Toolbars")? Thanks
https://support.norton.com/sp/en/us/hom ... file_en_us
So, following the WebExtensions format as set forth by Mozilla, Norton has provided a "door-hanger" type of notification display that looks like when the cursor is 'on hover' over their toolbar button a notification panel appears. Seems to be logical solution, IMO.
BTW, thanks to everyone else for their replies as well.
- malliz
- Folder@Home
- Posts: 43796
- Joined: December 7th, 2002, 4:34 am
- Location: Australia
Re: Norton claim that Mozilla forcing change in add-on behav
To be brutally honest WOT is widely known by the name Web Of Trolls its efficacy is dubious at best due to the inaccuracy of its data
What sort of man would put a known criminal in charge of a major branch of government? Apart from, say, the average voter.
"Terry Pratchett"
"Terry Pratchett"
-
- Posts: 29
- Joined: April 27th, 2014, 12:44 am
Re: Norton claim that Mozilla forcing change in add-on behav
That said, if you or anyone else who has Firefox 57 would be willing to add WOT temporarily, and let us know whether or not it can/does still append ratings symbols next to Google search results, I would be most grateful!malliz wrote:To be brutally honest WOT is widely known by the name Web Of Trolls its efficacy is dubious at best due to the inaccuracy of its data
- Mark12547
- Posts: 327
- Joined: May 13th, 2017, 11:36 am
- Location: Oregon, United States, Earth
Re: Norton claim that Mozilla forcing change in add-on behav
I added Web Of Trust to my Nightly Test Profile and indeed on a Google search WOT added a little circle by each search result: green (good reputation), gray (not enough data), orange (caution), but I didn't hit any red circles in my quick test. Hovering the mouse over one of the WOT circles brought up more information.
So, yes, at least WOT is able to add stuff to the search results page, at least in Nightly where I tested it.
So, yes, at least WOT is able to add stuff to the search results page, at least in Nightly where I tested it.
- Mark12547
- Posts: 327
- Joined: May 13th, 2017, 11:36 am
- Location: Oregon, United States, Earth
Re: Norton claim that Mozilla forcing change in add-on behav
Oh, 57. Yes, WOT works also in Firefox 57 (Release Channel).
-
- Posts: 29
- Joined: April 27th, 2014, 12:44 am
Re: Norton claim that Mozilla forcing change in add-on behav
Thanks, Mark12547!
- therube
- Posts: 21714
- Joined: March 10th, 2004, 9:59 pm
- Location: Maryland USA
Re: Norton claim that Mozilla forcing change in add-on behav
LOL.which immediately brings the credibility of all of Norton's claims in this document into question
Oh, those. Didn't even realize they were there at first.
Fire 750, bring back 250.
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball CopyURL+ FetchTextURL FlashGot NoScript
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball CopyURL+ FetchTextURL FlashGot NoScript
- c627627
- Posts: 643
- Joined: April 3rd, 2005, 12:58 pm
- Location: Kansas City, Missouri
- Contact:
Re: Norton claim that Mozilla forcing change in add-on behav
Original poster, this may be informative for you enough to reconsider paying for/using Symantec products.:
1. There were 2017 news headlines about Symantec in yet-another dodgy digital certificate revocation scandal...
2. Google will distrust all Symantec certificates starting with Chrome 66.
Excerpts:
GOOGLE'S PROJECT ZERO security group has published details of what it describes as a series of critical vulnerabilities in Symantec's Norton Antivirus product that "are as bad as it gets".
"They don't require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption," said Project Zero's Tavis Ormandy...
Frightened? You should be. Symantec uses the same core engine across all its antivirus products, including:
Norton Security, Norton 360, and other legacy Norton products (all platforms)
Symantec Endpoint Protection (all versions, all platforms)
Symantec Email Security (all platforms)
Symantec Protection Engine (all platforms)
Symantec Protection for SharePoint Servers
Some of these products cannot be updated automatically, and administrators must take immediate action to protect their networks."
"Because Symantec uses a filter driver to intercept all system I/O, just emailing a file to a victim or sending them a link to an exploit is enough to trigger it. The victim does not need to open the file or interact with it in anyway," warned Ormandy.
"Because no interaction is necessary to exploit it, this is a wormable vulnerability with potentially devastating consequences to Norton and Symantec customers. An attacker could easily compromise an entire enterprise fleet using a vulnerability like this."
1. There were 2017 news headlines about Symantec in yet-another dodgy digital certificate revocation scandal...
2. Google will distrust all Symantec certificates starting with Chrome 66.
Excerpts:
GOOGLE'S PROJECT ZERO security group has published details of what it describes as a series of critical vulnerabilities in Symantec's Norton Antivirus product that "are as bad as it gets".
"They don't require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption," said Project Zero's Tavis Ormandy...
Frightened? You should be. Symantec uses the same core engine across all its antivirus products, including:
Norton Security, Norton 360, and other legacy Norton products (all platforms)
Symantec Endpoint Protection (all versions, all platforms)
Symantec Email Security (all platforms)
Symantec Protection Engine (all platforms)
Symantec Protection for SharePoint Servers
Some of these products cannot be updated automatically, and administrators must take immediate action to protect their networks."
"Because Symantec uses a filter driver to intercept all system I/O, just emailing a file to a victim or sending them a link to an exploit is enough to trigger it. The victim does not need to open the file or interact with it in anyway," warned Ormandy.
"Because no interaction is necessary to exploit it, this is a wormable vulnerability with potentially devastating consequences to Norton and Symantec customers. An attacker could easily compromise an entire enterprise fleet using a vulnerability like this."
Open the pod bay doors, Cortana.
-
- Posts: 4480
- Joined: March 19th, 2005, 10:51 am
Re: Norton claim that Mozilla forcing change in add-on behav
a big big green from my side. this has to come and it had come ^^Norton claim that Mozilla forcing change in add-on behavior
this exactly points out which attitude Norton and other antivirus vendors have in general
"we have the longest d**k, so b**w us"
i had hope that quantum will drive them all dead, for some it happend.
at anytime norton and kaspersky, also for avira, those "developers" never could manage to release their extension right in time, or make them bugfree.
in fact there NEVER was need to develop such crappy extension, the general code should have done it at all.
at least they had like anyone else 1 year to develop a webextension from scratch, now they have no luck.
and that's what customers pay for? (not note: for being incompatible, buggy and always too late)
PS WOT is not that bad, its supposed to warn for malicious sites and its performing well.
nevertheless the past showed us that they gathered personal data, i dont know if it still do.
as a long time user for uBlock it has similar or better function to warn for such bad sites and more.
BTW https://addons.mozilla.org/en-US/firefo ... tity-safe/
PS a further toolbar is planned, but there exist no date. anyone is waiting for.
-
- Posts: 29
- Joined: April 27th, 2014, 12:44 am
Re: Norton claim that Mozilla forcing change in add-on behav
Interesting. I'm not at all committed to Norton, especially if they don't add back the safety icons to Google search. (If you had asked 3+ years ago I was happy as could be with them and would have said otherwise, especially after bad experiences with other AV's including BitDefender and NOD32 -- and the older, bring-your-system-to-its-knees versions of Norton.)c627627 wrote:Original poster, this may be informative for you enough to reconsider paying for/using Symantec products.:
1. There were 2017 news headlines about Symantec in yet-another dodgy digital certificate revocation scandal...
2. Google will distrust all Symantec certificates starting with Chrome 66.
Excerpts:
BTW, my brother is a mortgage broker for a mid-sized regional bank that uses Symantec and keeps integrating it deeper and deeper into its security systems. The bank removed his Firefox installation, saying Firefox is a security risk because it is open-source. They allow IE and Chrome.
Last edited by Rick216 on November 21st, 2017, 12:31 pm, edited 3 times in total.