-
August 2nd, 2010, 07:36 AM
#11
Sorry to get back to the original thread Hybrid
How can people submit malicious addons and become immediately availble even before someone from Mozilla will test it. This is surely a huge flaw?
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
August 2nd, 2010, 10:38 AM
#12
hey Cider..
when browsing the addons area https://addons.mozilla.org/en-US/firefox you will notice that when the addons are approved there is a Green "Add to Firefox" button, if the "Add to Firefox" button is Yellow and has something along the lines of "Hasn't been approved by Mozilla" and caries a warning about un-signed extensions can be harmful etc etc
when there yellow it means they haven't been reviewed by Mozilla so alot of malware/spware writers are using this Timeframe to upload a malicious addon thay may or maynot work and to get as many people to install the addon before it get's Reviewed and removed from the addon site.
-
August 3rd, 2010, 04:00 PM
#13
Junior Member
-
August 4th, 2010, 07:42 AM
#14
Originally Posted by HYBR|D
hey Cider..
when browsing the addons area https://addons.mozilla.org/en-US/firefox you will notice that when the addons are approved there is a Green "Add to Firefox" button, if the "Add to Firefox" button is Yellow and has something along the lines of "Hasn't been approved by Mozilla" and caries a warning about un-signed extensions can be harmful etc etc
when there yellow it means they haven't been reviewed by Mozilla so alot of malware/spware writers are using this Timeframe to upload a malicious addon thay may or maynot work and to get as many people to install the addon before it get's Reviewed and removed from the addon site.
Thanks for the clarification.
Good ol opensource
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
August 4th, 2010, 08:30 PM
#15
Hmmm,
Good ol opensource
As the saying goes: "caveat emptor" (let the buyer beware).
The way I look at it, running unchecked plugins is a bit like running alpha and beta software in a production environment?................a wise person doesn't do it.
That's why we have standalone "labrats" or "crash test dummies" Load them up to their gizzards with AV and antimalware, firewall and either a sandbox or VM. Personally, as I tend to use older hardware, I go for the sandbox, as VM tends to be rather resource demanding.
-
August 8th, 2010, 09:42 PM
#16
Agreed but the home user doesnt know whats happening :P
I suppose they should read the disclaimer
I get so irratated when supporting "old people" because they want to READ everything which I suppose is the correct way.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
Similar Threads
-
By cheyenne1212 in forum Miscellaneous Security Discussions
Replies: 7
Last Post: February 1st, 2012, 02:51 PM
-
By Cider in forum Operating Systems
Replies: 10
Last Post: March 21st, 2006, 09:30 PM
-
By SDK in forum The Security Tutorials Forum
Replies: 2
Last Post: December 8th, 2005, 12:02 PM
-
By mohaughn in forum Microsoft Security Discussions
Replies: 1
Last Post: August 9th, 2005, 07:37 PM
-
By mohaughn in forum Microsoft Security Discussions
Replies: 2
Last Post: October 13th, 2004, 04:31 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|