What to do about Junk Firefox Ad-Ons??

Discussion of general topics about Mozilla Firefox
Locked
old zmanzero
Posts: 0
Joined: December 31st, 1969, 5:00 pm

Post by old zmanzero »

just thinking, read the bug report, if these things are going to be available from amo they should have BIG RED LETTERS saying they collect data. any addon that collects data on the user and sends it to a server should have that. mandatory BIG RED LETTERS. "spyware" or not, it is transmitting information from the users computer and anyone installing this stuff should have that indelibly smacked into their eyeballs. the authors' claims of "no spyware!" etc. is not sufficent. there is a commercial aspect to these addons which is counter to the "spirit" of what this browser is about. imo.

i suggest "COLLECTS AND TRANSMITS USER DATA" in red caps right next to the download button, possibly with a link to what data is collected. if these things are going to be allowed they are going to sprout like mushrooms after a rain, call it the "developer in a box" phenomena.
dk70
Posts: 115
Joined: December 14th, 2004, 12:41 am

Post by dk70 »

I think they already do. Have any of them been approved without stating there is usage collection going on? They copy and paste the same text from HQ "*Please note: The xxxxxx Toolbar collects anonymous usage data but it DOES NOT spy on your browsing habits. This is 100% guaranteed. Please see our privacy policy here:" and so on. Even if that is true, and I think it is, toolbar is still not an extension submitted by an author. Submitter have no clue of source code what so ever so how can he be author? The whole setup is wrong and reviewer should reject all of them at the door.
User avatar
J-Mac
Posts: 282
Joined: July 4th, 2004, 5:07 pm

Post by J-Mac »

dk70 wrote:...Symantec calls it trackware which is true but tracking does not have to be bad if user know details. Also it track clicks not really what you clicked....


This may be true, but the fact is that the capability is there, and any change would not necessarily be known to most users.

Hyperwords is great https://addons.mozilla.org/firefox/1941/ but also tracks usage, now optional. "Hyperwords™ tracks usage statistics including what commands are use, but not including what page it was used on nor on what text and also never on who uses Hyperwords™. On version 1.3.3 and up this can be turned off in Preferences." Try go back in comments pages - Im sure you will see SPYWARE warnings. Very similar to Conduit.


My opinions on this extend also then to Hyperwords, AvantGo, and any other addon that passes itself as an extension. Of course some may argue that while those also track usage they also act as a somewhat useful tool. Would you contend that the Conduit toolbar addons provide utility in proportion to their data mining?

To me it is apparent that these addons have but one purpose - to gather data for sale or rent to others. The facade of utility they offer is simply a sales tool meant to trick Fx users into installing them. Again, my never-quite-so-humble opinion only. :)
J-Mac

Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/4.0.1
User avatar
J-Mac
Posts: 282
Joined: July 4th, 2004, 5:07 pm

Post by J-Mac »

dk70 wrote:I think they already do. Have any of them been approved without stating there is usage collection going on? They copy and paste the same text from HQ "*Please note: The xxxxxx Toolbar collects anonymous usage data but it DOES NOT spy on your browsing habits. This is 100% guaranteed. Please see our privacy policy here:" and so on. Even if that is true, and I think it is, toolbar is still not an extension submitted by an author. Submitter have no clue of source code what so ever so how can he be author? The whole setup is wrong and reviewer should reject all of them at the door.


Guaranteed? So what? That's one of the most overrused words in the English language. Has any of these ever paid out on a gurantee? How do they determine whether a guarantee should come into play in any particular case? What does the guarantee do? Pay money? Give someone their privacy back? 100% of.....What??

I can guarantee you 100% that I will not type "OK" in this post. OK? Oops! So what exactly can you collect on my guarantee? If I don't define the terms specifically, then I guess I will never have to do anything about my guarantee.

What specific performance do the Conduit addons guarantee? What is warranted? What recovery of any kind can a user expect to receive? Their money back?

Come on, get real. Snake oil talk, in my opinion.
J-Mac

Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/4.0.1
User avatar
Thumper
Posts: 8037
Joined: November 4th, 2002, 5:42 pm
Location: Linlithgow, Scotland
Contact:

Post by Thumper »

J-Mac wrote:Let them know my opinion?

That's tantamount to writing to spyware companies and telling them my opinion of their malware. Do you really think either would take my opinions seriously, Thumper? What a BS reply that was!


I have no reason to believe that you have any former experience of reporting Mozilla-related issues to the appropriate authorities, so either this is sheer ignorance or you're getting confused with what I'm suggesting. Instead of people whining around here about how toolbar companies are taking over AMO, they could open a bug on the AMO component at Bugzilla requesting that any reviewed addon which obviously generates direct revenue for the author should be [removed / labelled / forced to donate back to Kerz's bandwidth costs / whatever]. To my knowledge nobody has actually done this yet. I'm not suggesting writing to the toolbar authors, which would indeed be a waste of time.

- Chris
VanillaMozilla
Posts: 13808
Joined: November 7th, 2005, 11:26 am

Post by VanillaMozilla »

Even curmudgeons can be right sometimes. Folks, I suggest a bug report, like the man says. Of course, you may have to wait 3 years for a resolution, but you could get lucky. Keep your pitchforks just in case. :)
User avatar
Frank Lion
Posts: 21173
Joined: April 23rd, 2004, 6:59 pm
Location: ... The Exorcist....United Kingdom
Contact:

Post by Frank Lion »

VanillaMozilla wrote: Folks, I suggest a bug report, like the man says...

Are you suggesting that the people at Addons are now so far divorced from normal human communication, that they can only interact with the outside world via bug reports?

Mrs Addons : "Good morning Addy, we are out of milk"

Mr Addons : "Yeah whatever, file a bug report."

If so, these guys need to get out more, like Thumper should :)
"The only thing necessary for the triumph of evil, is for good men to do nothing." - Edmund Burke (attrib.)
.
User avatar
Thumper
Posts: 8037
Joined: November 4th, 2002, 5:42 pm
Location: Linlithgow, Scotland
Contact:

Post by Thumper »

It is just about possible that the people working at AMO treat it as their day job rather than wanting to chat about it informally. Due to the fact that it is their day job, "getting out a bit more" would probably involve not actively soliciting comment on said system through informal channels. But whatever, keep alluding to your seekrit ties all you want.

- Chris
User avatar
Frank Lion
Posts: 21173
Joined: April 23rd, 2004, 6:59 pm
Location: ... The Exorcist....United Kingdom
Contact:

Post by Frank Lion »

Thumper wrote:It is just about possible that the people working at AMO treat it as their day job rather than wanting to chat about it informally.

Yes, and in the business world people discuss things via professional business letters or Emails or even, imagine this! in person. .

Hence my comment about you getting out more. Because, little chap, however much you allude to otherwise, you actually know bugger all and it's about time that you learnt how the other 95% of the business world operates.
Last edited by Frank Lion on September 20th, 2006, 12:37 pm, edited 1 time in total.
"The only thing necessary for the triumph of evil, is for good men to do nothing." - Edmund Burke (attrib.)
.
VanillaMozilla
Posts: 13808
Joined: November 7th, 2005, 11:26 am

Post by VanillaMozilla »

I don't know what anybody at Mozilla responds to, Frank. I figured it couldn't hurt to speak their native language (Bugzilla). But now that you mention it, maybe that would be a signal to treat the matter very, very slowly. :lol: So somebody give them a call and see what happens. If you are captured, eat this note. :)
dk70
Posts: 115
Joined: December 14th, 2004, 12:41 am

Post by dk70 »

Addon site still require those words J-Mac, even if just words. If you assume the worst those are useless. If you want to see ghost where none have been found that is your choice. I dont really see anything hidden or evil about Conduit toolbars. That they are based on a certain businessmodel is obvious, they dont say anything else. Call it what it is and stay off the spyware claims until you have actual proof. Tracking how many times a certain toolbar element is clicked or using unique ID for that and other functional reasons does not necessarily make it spyware.

You have to remember there are different oppinions about what is ok or not. The idea of hiding your person/IP/clicks, never to leave any tracks is gone on internet - also on Addon site. Subject is their official policy towards every extension, not your personal preferences. No one forces you to install, they dont sneak up on you in any way.

I block most ads and consider the 9 out 10 tears for "support" and "donation" BS. Why does every crappy blog need ads? Couldnt care less if Google know my searchwords though. Trust, calculated risk, perhaps even logic! Anyway, I dont support or care for Conduit but their toolbar can certainly be USEFUL - powerful and feature rich believe it or not. You can even put in your own scripts (speaking of security...) I suggest you make one. Beats Yahoo easy. So not your cup of tea but dont say it pointless. Any idiot can make quite an advanced toolbar by point and click.

Connecting code/policy directly with "author" is what will hurt - see links I gave to their forum. Addon reviewer rejected both those 2 mentioned. Poor "author" runs off to forum and ask for help. Reviewer make some claims I doubt he are convinced about but his point is by connecting "author" to his creation he show there is no knowledge or control of extension and so he cant be author = no approval.
VanillaMozilla
Posts: 13808
Joined: November 7th, 2005, 11:26 am

Post by VanillaMozilla »

On second thought, Frank, I see that you <i>have</i> already made contact. I won't ask what they said, but I suppose it might have been either (1)"File a bug report." or (2) "Mmff hhmmff ggrrmmft." Not wanting to take away from the seriousness of this. My own opinion, of course, is to get rid of all extensions (those of present company excepted, of course), starting with spyware. But you'd better not mention that. They might be a little touchy about that, you know.
meatus
Posts: 5
Joined: September 19th, 2006, 12:40 pm

Post by meatus »

Check out this one user's review of the Torrent Search bar. Unbelievable!!

<img src="http://ogghelp.com/review.jpg">

False gods and idols :(
User avatar
anderzen
Posts: 106
Joined: September 7th, 2006, 5:38 pm
Location: In front of computer

wow !

Post by anderzen »

If you are concerned about extensions collecting user data don't use them if you use one that does and didn't know it well thats life we cant expect people to spend their time flagging everything that does it would be like walking down the street and expecting muggers and thieves
to be wearing shirts that say warning "mugger or thieve" the Internet is a sick place that isn't getting any healthier until it does you will have to watch your own backs.....
User avatar
J-Mac
Posts: 282
Joined: July 4th, 2004, 5:07 pm

Post by J-Mac »

@dk70: I didn't call any of the toolbars spyware; I did certainly imply that these particular pieces of code are capable of being exploited more like malware (adware and/or spyware) than other extensions, as well as not having much of a useful purpose other than benefitting the so-called authors financially. Just look at Conduit's site. They basically are saying that any idiot can use these toolbars to make money without knowing a thing about creating useful addons. The kind of people they are attrating are, IMO, more likely to look for a way to exploit anything they can if it has a financial benefit attached - for them, that is.

@Thumper: Sorry, but Bugzilla, IMO, is for bug-reporting primarily. Problems with code and/or functionality. I have never used it for complaining about addons of a questionable purpose, and I would not advocate using it for that. If that is how AMO sees Bugzilla then things are worse than I thought!

@Anderzen: Me? I don't need for muggers to wear their intentions on their shirts! I handle them in my own way. But, contrary to your views, I believe that if this code is being distributed with Mozilla's blessing then Mozilla deserves to give up a part of this "more secure than thou" attitude they project. No one here would happily or blindly accept this from a Microsoft application without whining and crying. Well these toolbars are distributed to users directly from a Mozilla.org website and Mozilla should have concerns about that. It cannot help them but does have some potential to bite them at some point.
J-Mac

Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/4.0.1
Locked