Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Mozilla Privacy The Internet IT Technology

Mozilla Removes Avast and AVG Extensions From Add-on Portal Over Snooping Claims (zdnet.com) 26

Mozilla today removed four Firefox extensions made by Avast and its subsidiary AVG after receiving credible reports that the extensions were harvesting user data and browsing histories. From a report: The four extensions are Avast Online Security, AVG Online Security, Avast SafePrice, and AVG SafePrice. The first two are extensions that show warnings when navigating to known malicious or suspicious sites, while the last two are extensions for online shoppers, showing price comparisons, deals, and available coupons. Mozilla removed the four extensions from its add-ons portal after receiving a report from Wladimir Palant, the creator of the AdBlock Plus ad-blocking extension. Palant analyzed the Avast Online Security and AVG Online Security extensions in late October and found that the two were collecting much more data than they needed to work -- including detailed user browsing history, a practice prohibited by both Mozilla and Google.
This discussion has been archived. No new comments can be posted.

Mozilla Removes Avast and AVG Extensions From Add-on Portal Over Snooping Claims

Comments Filter:
  • Thank you Mozilla (Score:5, Insightful)

    by 110010001000 ( 697113 ) on Tuesday December 03, 2019 @11:16AM (#59480560) Homepage Journal

    For keeping us safe.

  • by RyanFenton ( 230700 ) on Tuesday December 03, 2019 @11:30AM (#59480622)

    I can empathize, at least in terms of accounting with what the folks at AVG/Avast are doing - they provide what they see as important services that people need, and are part of a moving ecosystem of exploits and vulnerabilities, on the 'white hat' side.

    Of course, folks are going to be increasingly blind to this, the same way that people are blind to the value of the highway system they drive on and do business with.

    But advertisers are still hungry. Google sells data to them all the time, anonymized, to better target their spending. The same as billboards on the highway, and the tools used to test the success of that.

    The trick is keeping that data gathering anonymous. Keeping your vulnerability protection tool from being a sort of vulnerability itself.

    In that circumstance, you have to be VERY up-front with exactly what you're making your money on.

    I gave up on AVG because they were becoming a really nasty form of nagware, and pushing more and more third party crap in their update installers. I didn't want to have to scour forum threads every update to make sure there wasn't yet another thing I had to remove or registry tweak or hack to remove some nag from their user interface.

    This selling data is yet another one of those - but I do understand their pressures. But they will lose much more if they don't REALLY clarify this one.

    If they just put out one of those bullshit marketing videos talking AROUND what they sell, just providing empty assurances or sideways explanations, then they fail at their basic task of being trustworthy here.

    No, they have to tell us, in a full video form, what is in every packet sent to them, what is in the database data they sell in aggregate, why they get paid for their anonymous data, and how it hires folks that keep doing important work.

    Otherwise, they go from white hat to dark grey hat security researchers. They have to see that.

    Ryan Fenton

    • by Blymie ( 231220 )

      Thing is, there's no such thing as anonymized data.

      Google a bit, search a bit, but it is startling easy to re-link data to a person post-anonymization. Essentially?

      Any data collection means? No privacy!

  • They used to provide a slim, efficient anti-virus service.
    • Avast is joining the gold rush. The money is not in the products and services they offer -- it's in the data we provide them.

      Like you, I've noticed the changes across the board where the core quality is sacrificed for the mining efforts.

      • From what I see, Avast is advertising upgrades for its own products. Useless stuff too like CCleaner. It's not great to be sure, but at least they're not showing you ads for beer, soap, and autos.

  • I found the truth about it guys: https://i.redd.it/y059nwkfhbw3... [i.redd.it]

  • It wouldn't take a rocket scientist to determine that they were and Mozilla wouldn't take such a drastic step against such popular anti-virus vendors unless they were sure they were.
  • by Anonymous Coward

    Given a lot of viruses and malware come from supposed "anti-virus" companies how could this be?

    Oh and Mozilla, that's some great consistency you've got there. What exactly do you think extensions like Honey [mozilla.org] do?

The truth of a proposition has nothing to do with its credibility. And vice versa.

Working...