Re: [funsec] FlashGot Firefox plugin, now spyware

Tue, 16 Feb 2010 02:07:29 -0800 

On 2/16/10 10:52 AM, Reed Loden wrote:
> On Tue, 16 Feb 2010 09:43:32 +0200
> Gadi Evron<[email protected]>  wrote:
>
>> FlashGot Firefox plugin, a long-time download assistant, now acts like
>> spyware.
>>
>> It gives you recommendations IN Google search to another search site,
>> according to your searches.
>
> Just to confirm, you're referring to FlashGot, as in
> https://addons.mozilla.org/en-US/firefox/addon/220 and
> http://flashgot.net, correct?
>
> There's also FlashGet (http://www.flashget.com), which is something
> completely different. The two get confused a lot, so just
> double-checking before I start poking some folks about your report.
>

Just to make sure we have the same terminology, as a friend of mine 
disagrees:
1. It adds content to web pages I visit (so far just Google) by 
suggesting tweaked searches, possibly (unconfirmed) by sending data 
about my searches, which would make it spyware.
2. When I click these suggested better searches for what I was looking, 
it sends me off to a different search engine, which I define as adware.

But none of which may be bad under your AUP.

The reason I feel decieved is that I have used flashgot for a long time 
now, and while true i didn't read the change log, neither do many others.

I have FlashGot, but it is a guess as to whether it is real or somehow I 
got a fake one. I got an update for it yesterday by automatic FireFox 
notification. So as far as I know I got it officially, but maybe the web 
site was hijacked or something.

        Gadi.



        Gadi.

> Note that you're always welcome to notify our add-ons team directly
> concerning such reports using the contact information at
> https://addons.mozilla.org/en-US/developers/docs/policies/contact, or
> if you want to contact the Mozilla Security Group specifically, you can
> e-mail [email protected]. We definitely want to do everything in our
> power to ensure our users are kept secure and their privacy protected.
>
> ~reed
> Mozilla Security Group
>
>
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.


-- 
Gadi Evron,
[email protected].

Blog: http://gevron.livejournal.com/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Reply via email to