Jump to content
Login new information ×
Giveaway Contest ×
Login new information
Giveaway Contest

Web of Trust (WOT) Add-on taken down by Google and Mozilla after reports of selling Users browsing history

steven36

By steven36
in Security & Privacy News

Recommended Posts

steven36

steven36

Posted
Posted

Web of Trust (WOT) Add-on taken down by Google and Mozilla after reports of selling Users browsing history

 

 

 

It doesn’t take long for Google and Mozilla to remove Web of Trust (WOT) add-on from Chrome and Mozilla add-on stores after reports surfaced in the German media that the company of add-on is selling add-on users browsing history without even anonymising it. WOT add-on has been installed and trusted by millions of users around the world for protection in Chrome and Firefox web browsers to see safety ratings for websites.

Web of Trust add-on removed

The extension has been silently removed and no longer available in the Chrome Web Store for download, same has been the case with Firefox’s version, but a bug has been submitted about the add-on being malicious citing German news sites report as source, after evidence found and analysis behind it disclosed by Rob that add-on can able to remotely execute arbitrary commands on any page, Firefox browser vendor has blacklisted the WOT

 

Rob is a Security Technology student and active contributor to open-source software projects and who is volunteer AMO editor working on Firefox WebExtensions.

This damage could be even worse for users as revelations found WOT can do anything ranging from stealing banking credentials to installing malware on the user’s computer, luckily that did not happened.

 

 

WOT add-on analysis Summary

The WOT add-on can execute arbitrary code on any page, including privileged browser pages.

 

Impact and severity: Critical. If WOT wants to, they can do anything ranging from stealing banking credentials to installing malware on the user’s computer.

At the time of analysis, this functionality was not abused.

Source: 

http://techdows.com/2016/11/web-of-trust-add-on-removed.html

Sidenote: its Pesado Security based on user opinion and i never use such services  as a addon 

 

 

Your_opinion_matters.jpg

 

 

Quote

No product with the word "trust" in it can be trusted.

When someone TELLS you to trust them it always gets 2 responses.

  1. Your a good friend and that statement is based on years of our interaction. I'll just go with it because I know and already trust you.

  2. You're not a good friend and trusting you is exactly what I shouldn't be doing in this situation.

 

 

 

     

    Link to comment
    Share on other sites
    • Replies 6
    • Views 714
    • Created
    • Last Reply
    Petrovic

    Petrovic

    Posted
    Posted

    The popular browser extension Web of Trust is no longer available on the Firefox add-on repository or the Google Chrome Web Store.

     

    Mozilla and Google have pulled the extension from their stores after a report aired on German national television that the company was selling the browsing history of its users.

    The browser extension, designed to inform users about security or privacy issues on sites they visit, is currently not available for download.

     

    Users who try to open the add-on site on Mozilla's Firefox add-ons site get a "we're sorry, but we can't find what you're looking for" error message currently.

     

    wot add-on

     

    Google's Chrome Web Store merely states that "the requested URL was not found on this server".

     

    google wot

     

    Information is scarce at this point as both Mozilla and Google have not openly released information about the removal.

     

    The German newspaper FAZ managed to get a statement from Mozilla about the removal. According to the statement, Web of Trust was pulled because it violated add-on guidelines, and specifically transparency in regards to the add-on's collection of user data.

     

    According to Web of Trust, which Faz got a statement from as well, this was caused by the company's latest privacy policy published on the company website not being made available on the Firefox add-on site.

     

    If you check out the privacy policy on the Web of Trust website, you will notice that it collects the following information: IP address, geographic location, type of device, operating system and browser, date and time, browsing usage including visited web pages, clickstream date or web address accessed, browser identifier and user ID.

    Users who have Web of Trust installed in the browser won't be affected by the pulling of the add-on.

     

    According to research posted on Bugzilla@Mozilla, the tracking that is been discussed in German media has been added to the extension back in 2015.

    So what is going to happen now?

    The most likely cause of action is the following one. Web of Trust updates the privacy policy on the store pages of the add-on to better highlight the data collecting of the add-on. Mozilla and Google will then re-enable the extension on their Stores so that users can download and install it again.

     

    It is unclear right now whether WOT is asked to modify code of its extension in regards to user tracking, or if the simple highlighting of the fact that the add-on collects user data is enough for restoration.

    Article source

    Link to comment
    Share on other sites
    • Administrator
    DKT27

    DKT27

    Posted
    • Administrator
    Posted
    On 6/11/2016 at 3:20 AM, UnknownOne said:

    who actually used it anyway.. lol

     

    You will be surprised how many bad websites did it keep away from me. Does not mean I would not check the reason behind the ratings though.

     

    Why it was important one may ask. Thing is, Google Safesearch, which is implemented in most browsers, is complete crap. It blocks good sites with fixes and allows sites known to spread bad files. This is where this addon came. It gave power to the users, letting the users decide what is right and what it is not. Not relying on any company to decide what is right for you, but letting the crowd recommend with their experience. While you could get angry at those rating earning bots, but they could be easily noticed from the human users. While the idea behind it was not new, it's execution was better and it did not come from a big company with a agenda.

     

    The last line is important here. When we the users trust a company, the company should maintain the trust. I know, making this addon profitable with such a big amount of resources required is not easy. But giving away user data like this is highly disappointing for the users. Infact, I can say this is against the principal behind the addon - to protect the user security and privacy.

     

    It's not only this addon, but similarly, some other addons engage in shady practices too. I personally myself cannot easily get rid of it though.

    Link to comment
    Share on other sites

    Archived

    This topic is now archived and is closed to further replies.

    Go to topic listing

    • Recently Browsing   0 members

      • No registered users viewing this page.
    ×
    ×
    • Create New...