Notebookcheck Logo

Mozilla in hot water after installing a browser add-on for some users without their permission

Teaser
Some Firefox users recently found an unwarranted add-on installed in their browsers. The add-on, which is a page tool tied to the popular online show "Mr. Robot," was installed for some users that are a part of Mozilla's Studies program. While not malicious, the add-on was installed without the users' knowledge and raised some alarm from fervent Mozilla fans.

Mozilla has long been an organization synonymous with internet privacy and security. Imagine the horror some users experienced, then, when they found an unknown and unwarranted add-on installed in their browser.

The add-on, dubbed "Looking Glass," is part of an "Alternate Reality Game" themed around the popular internet show Mr. Robot. The add-on is fairly innocuous and only seems to alter some specific websites by inverting a few lines of text, likely as clues to some of the mysteries in the plot of the show. However, the initial description of the add-on made no hint to any of this; when affected users found the add-on, the description read "MY REALITY IS DIFFERENT THAN YOURS," which is quite an ominous message in and of itself.

It seems that the add-on was slipped into the browsers of Firefox users that were part of Mozilla's Studies program, which is used to send usage statistics and other analytics to Mozilla in an effort to improve the browser. While the add-on itself is nothing much to worry about (it didn't collect any data or use system resources for other nefarious purposes), the installation is quite troubling. Users flocked to Reddit to voice their concerns, many of which centered around the privacy issues at hand.

This should be concerning for a few reasons. Firstly, it's now known that Mozilla has an undetectable backdoor into at least some users' browsers. Considering that affected users weren't notified of the installation of the add-on or that it was running in the background, a malicious add-on could operate without detection for a while. This backdoor could give a rogue developer or other clever third party access to a score of user information if exploited.

Secondly, this puts Mozilla at a branching path and may lead to a precedent of installing unwanted features without the users' knowledge in later iterations of Firefox. While this instance (and any like it that may occur in the future) doesn't violate any privacy statement or usage agreement on Mozilla's behalf, it could lead to an ugly road for a company that prides itself on internet security and privacy.

To their credit, Mozilla did respond to the outrage. However, the response feels hollow; in a statement about the add-on, Mozilla heavily implied that they installed the add-on to raise awareness of internet privacy and its importance today.

Source(s)

+ Show Press Release
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
Mail Logo
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2017 12 > Mozilla in hot water after installing a browser add-on for some users without their permission
Sam Medley, 2017-12-18 (Update: 2017-12-18)