Re: FlashGot Firefox plugin, now spyware

[Reed Loden <reed () reedloden com>]

On Tue, 16 Feb 2010 11:47:48 +0200
Gadi Evron <ge () linuxbox org> wrote:

> Just to make sure we have the same terminology, as a friend of mine 
> disagrees:
> 1. It adds content to web pages I visit (so far just Google) by 
> suggesting tweaked searches, possibly (unconfirmed) by sending data 
> about my searches, which would make it spyware.
> 2. When I click these suggested better searches for what I was looking, 
> it sends me off to a different search engine, which I define as adware.

Thanks for the information. I can confirm that the latest version of
FlashGot does include code that adds "search refinements" via
"Surf Canyon" to all Google, Bing, and Yahoo! search result pages. This
new "feature" was added in the most recent version of FlashGot
(v1.2.1.13), is enabled by default, and can be disabled by modifying
the "flashgot.surfcanyon" preference in about:config to "false". As far
as I can find, the only place where this change is mentioned is a
one-line entry on http://flashgot.net/changelog.

I can't speak for our AMO admins, but I'll definitely be following-up
with them to see what our current policies are concerning such things
and whether this change/addition violates any of those policies.
Thanks again for the report.

~reed
Mozilla Security Group

-- 
Reed Loden - <reed () reedloden com>

Attachment: _bin
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.