All users of Mozilla Firefox should read the article provided in the link below.
http://www.zdnet.com/blog/security/rogu ... ions/11856" onclick="window.open(this.href);return false;
Gloria E
Beware of Firefox Rogue Extension
-
- 5StarLounger
- Posts: 800
- Joined: 26 Jan 2010, 15:09
- Location: Sicklerville, New Jersey
Beware of Firefox Rogue Extension
Life should not be a journey to the grave with the intention of arriving safely in an attractive & well preserved body, but rather to skid in sideways, chocolate in one hand, red wine in the other, body thoroughly used up. Totally worn out & screaming "Wow, Wee What a ride!
-
- Administrator
- Posts: 78631
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Beware of Firefox Rogue Extension
Thanks - it's always good to be careful (and even better not to visit shady sites...)
Best wishes,
Hans
Hans
-
- 3StarLounger
- Posts: 361
- Joined: 24 Jan 2010, 14:24
- Location: Buckinghamshire, England
Re: Beware of Firefox Rogue Extension
There are quite a few rogue extensions that pretend to be Flash Player, Java or other legitimate plugins or extensions. The rogue extensions get added to the Firefox block list when they are discovered. This one is on the block list which will stop Firefox from installing it.
Tony
-
- PlatinumLounger
- Posts: 3757
- Joined: 24 Jan 2010, 11:00
- Location: Lexington, KY, USA
Re: Beware of Firefox Rogue Extension
Whooee, way to go, Tony !!! (And Mozilla, of course!)
Edited to add: I should have added that, since I encountered one fairly recently, I happen to know where the list is: Blocked Add-ons
Edited to add: I should have added that, since I encountered one fairly recently, I happen to know where the list is: Blocked Add-ons
-
- 5StarLounger
- Posts: 800
- Joined: 26 Jan 2010, 15:09
- Location: Sicklerville, New Jersey
Re: Beware of Firefox Rogue Extension
On the rare occasions I look at Firefox's extension, I'm not familiar with the authors. How does an ordinary users know which authors are legit and which are not?HansV wrote:Thanks - it's always good to be careful (and even better not to visit shady sites...)
Life should not be a journey to the grave with the intention of arriving safely in an attractive & well preserved body, but rather to skid in sideways, chocolate in one hand, red wine in the other, body thoroughly used up. Totally worn out & screaming "Wow, Wee What a ride!
-
- 5StarLounger
- Posts: 800
- Joined: 26 Jan 2010, 15:09
- Location: Sicklerville, New Jersey
Re: Beware of Firefox Rogue Extension
Thanks Tony, that's good to know. I had not heard of this protection before. So, one doesn't have to be afraid to install extensions or have to know anything about their authors.TonyE wrote:There are quite a few rogue extensions that pretend to be Flash Player, Java or other legitimate plugins or extensions. The rogue extensions get added to the Firefox block list when they are discovered. This one is on the block list which will stop Firefox from installing it.
Life should not be a journey to the grave with the intention of arriving safely in an attractive & well preserved body, but rather to skid in sideways, chocolate in one hand, red wine in the other, body thoroughly used up. Totally worn out & screaming "Wow, Wee What a ride!
-
- 5StarLounger
- Posts: 800
- Joined: 26 Jan 2010, 15:09
- Location: Sicklerville, New Jersey
Re: Beware of Firefox Rogue Extension
Al, have you any idea why Flash Player is continually listed as Malware on that list, and why Java Plugin is listed as blocked.Bigaldoc wrote:Whooee, way to go, Tony !!! (And Mozilla, of course!)
Edited to add: I should have added that, since I encountered one fairly recently, I happen to know where the list is: Blocked Add-ons
Gloria E
Life should not be a journey to the grave with the intention of arriving safely in an attractive & well preserved body, but rather to skid in sideways, chocolate in one hand, red wine in the other, body thoroughly used up. Totally worn out & screaming "Wow, Wee What a ride!
-
- GoldLounger
- Posts: 3081
- Joined: 24 Jan 2010, 19:07
Re: Beware of Firefox Rogue Extension
There are couple of simple rules to stick to; making things like this more or less a non-issue. (Together with Hans’ advice above.)Gloria E wrote:On the rare occasions I look at Firefox's extension, I'm not familiar with the authors. How does an ordinary users know which authors are legit and which are not?
- Use as few extensions as possible. If an old one gets out of date, and there is a vulnerability it might be exploited. Not directly related to this, but still a good rule I think.
- Always update via the official channels; whether it's Mozilla’s site, built-in update mechanisms, such as Flash Player's CP applet, or from the authors’ sites.
- There is, in the absolute majority of cases, no need to update a commonly used extension because it "doesn't work with a site" - if one has the extension, it's probably something questionable going on. That is, maintain a healthy scepticism towards popups and other messages at different sites, especially if you already have the extension.
I'm not Al, but a comment on that as well. Presumably because they are faux versions of said software... It wouldn't make sense creating an extension purporting to be the Flash Player and call it "John Doe's Player", would it?Gloria E wrote:Al, have you any idea why Flash Player is continually listed as Malware on that list, and why Java Plugin is listed as blocked.
Byelingual When you speak two languages but start losing vocabulary in both of them.
-
- 3StarLounger
- Posts: 361
- Joined: 24 Jan 2010, 14:24
- Location: Buckinghamshire, England
Re: Beware of Firefox Rogue Extension
The ones called Flash Player on that list are not actually Adobe Flash Player but rogue extensions pretending to be the Flash Player.Gloria E wrote: have you any idea why Flash Player is continually listed as Malware on that list, and why Java Plugin is listed as blocked.
Some versions of Java have been blocked due to security concerns, the latest version of Java is allowed.
Tony
-
- PlatinumLounger
- Posts: 3757
- Joined: 24 Jan 2010, 11:00
- Location: Lexington, KY, USA
Re: Beware of Firefox Rogue Extension
And, I think Argus and ALL have pointed this out. I NEVER respond to a site telling me, whether popup or not, that I need to "update" something or other.
Whenever that happens, I back out as quickly as possible and (as suggested by Argus) I go to the legit site, such as Adobe or whomever.
I think the "healthy skepticism" is an excellent choice of words. For an old New Yorker like me, skepticism is a way of life...!!!
Whenever that happens, I back out as quickly as possible and (as suggested by Argus) I go to the legit site, such as Adobe or whomever.
I think the "healthy skepticism" is an excellent choice of words. For an old New Yorker like me, skepticism is a way of life...!!!
-
- 5StarLounger
- Posts: 800
- Joined: 26 Jan 2010, 15:09
- Location: Sicklerville, New Jersey
Re: Beware of Firefox Rogue Extension
I try not to use extensions or add-ons unless there's a compelling reason to do so. That's good advice, thank you so much.Argus wrote:There are couple of simple rules to stick to; making things like this more or less a non-issue. (Together with Hans’ advice above.)Gloria E wrote:On the rare occasions I look at Firefox's extension, I'm not familiar with the authors. How does an ordinary users know which authors are legit and which are not?
- Use as few extensions as possible. If an old one gets out of date, and there is a vulnerability it might be exploited. Not directly related to this, but still a good rule I think.
- Always update via the official channels; whether it's Mozilla’s site, built-in update mechanisms, such as Flash Player's CP applet, or from the authors’ sites.
- There is, in the absolute majority of cases, no need to update a commonly used extension because it "doesn't work with a site" - if one has the extension, it's probably something questionable going on. That is, maintain a healthy scepticism towards popups and other messages at different sites, especially if you already have the extension.
I'm not Al, but a comment on that as well. Presumably because they are faux versions of said software... It wouldn't make sense creating an extension purporting to be the Flash Player and call it "John Doe's Player", would it?Gloria E wrote:Al, have you any idea why Flash Player is continually listed as Malware on that list, and why Java Plugin is listed as blocked.
Life should not be a journey to the grave with the intention of arriving safely in an attractive & well preserved body, but rather to skid in sideways, chocolate in one hand, red wine in the other, body thoroughly used up. Totally worn out & screaming "Wow, Wee What a ride!
-
- 5StarLounger
- Posts: 800
- Joined: 26 Jan 2010, 15:09
- Location: Sicklerville, New Jersey
Re: Beware of Firefox Rogue Extension
That answers my question and I appreciate your replying. Maybe that's the reason my favorite game site (Pogo) will not work if I play using Internet Explorer, but works if I play using Chrome or Firefox. Pogo uses Java for it''s animation and I always used IE to play, until recently where I now get error messages and the games don't load (but that's another unrelated situation).TonyE wrote:The ones called Flash Player on that list are not actually Adobe Flash Player but rogue extensions pretending to be the Flash Player.Gloria E wrote: have you any idea why Flash Player is continually listed as Malware on that list, and why Java Plugin is listed as blocked.
Some versions of Java have been blocked due to security concerns, the latest version of Java is allowed.
Life should not be a journey to the grave with the intention of arriving safely in an attractive & well preserved body, but rather to skid in sideways, chocolate in one hand, red wine in the other, body thoroughly used up. Totally worn out & screaming "Wow, Wee What a ride!
-
- PlatinumLounger
- Posts: 5685
- Joined: 24 Jan 2010, 19:16
- Location: Cape Cod, Massachusetts,USA
Re: Beware of Firefox Rogue Extension
You can install Java for IE versions.Gloria E wrote:That answers my question and I appreciate your replying. Maybe that's the reason my favorite game site (Pogo) will not work if I play using Internet Explorer, but works if I play using Chrome or Firefox. Pogo uses Java for it''s animation and I always used IE to play, until recently where I now get error messages and the games don't load (but that's another unrelated situation).TonyE wrote:The ones called Flash Player on that list are not actually Adobe Flash Player but rogue extensions pretending to be the Flash Player.Gloria E wrote: have you any idea why Flash Player is continually listed as Malware on that list, and why Java Plugin is listed as blocked.
Some versions of Java have been blocked due to security concerns, the latest version of Java is allowed.
http://windows.microsoft.com/en-us/wind ... t-Explorer" onclick="window.open(this.href);return false;
BOB
______________________________________
If I agreed with you we'd both be wrong.
______________________________________
If I agreed with you we'd both be wrong.