In the thread in French, shokin was reporting in his first post that "the address of *almost* any page that his browser was loading would have, after 1-2 seconds, a # appended to it". The example he gave was a page accessed through HTTPS. He then added, in this message, that "the problem was disappearing when unchecking the box that activates Javascript". The similarities with what you described are obvious.

In that subsequent message, I suggested shokin to deactivate, one by one, the GreaseMonkey scripts he installed. Quantumgravity wrote that it was indeed a good idea because he had solved this same problem by deactivating Linterna Mágica. Finally, shokin humorously confirmed that this lantern was indeed doing the dark magic on his computer. It was as well on your system. That is obvious. That *is* the answer.

The French thread is "normal". In particular, nobody ever suggests that the computer could have been compromised. Such a conclusion makes no sense: as I wrote earlier, a computer that is compromised does not behave in a weird way.

As a conclusion, it was completely unjustified to "alert everyone" (your words) that "TRISQUEL MIGHT HAVE BEEN COMPROMISED" (because Firefox has known vulnerabilities... even if none of them matches the issue), that you "clearly" suffered "an attack to spy on [your] connections", that " Trisquel WAS compromised in [your] pc", etc.

And just to be clear: I am certain that Linterna Mágica is not malware. This script, written by ivaylo (a Trisquel user), must simply malfunction in an environment ivaylo never tested. Probably, in conjunction with HTTPS Everywhere since you mentioned that you had this other add-on installed (and that the issue was occurring on pages accessed through HTTPS).

Reply via email to