Warning: file_put_contents(/srv/users/serverpilot/apps/bitupdateus/public/wp-content/plugins/bulk-post-0.4-1/cache/sessions//crKRj1pxtCa86L7uqjv7qy7U6w9fezErrpxx8qHl): failed to open stream: No space left on device in /srv/users/serverpilot/apps/bitupdateus/public/wp-content/plugins/stupidpie-1.8.3-1/vendor/illuminate/filesystem/Filesystem.php on line 122
  Firefox extension "Photobucket Hotlink Fix" spied on users | Bit Updates
Home » bitcoin updates » Firefox extension "Photobucket Hotlink Fix" spied on users

Firefox extension "Photobucket Hotlink Fix" spied on users

Wednesday, February 7th, 2018 | bitcoin updates

          
    
    
    (Image: Screenshot / Andreas Bielawski)
                
            
             The Firefox extension "Photobucket Hotlink Fix" repairs image links – and sent each URL called to an external server. This has now stopped Mozilla. But the example shows that users should not blindly trust browser add-ons.
            

        

        Andreas Bielawski was surprised: Why did the Firefox extension "Photobucket Hotlink Fix" send every requested URL unencrypted to an external server? Absolutely necessary this behavior is not, because the add-on repairs only picture links of Photobucket. The service had almost overnight introduced a new payment model, whereupon millions of photos from eBay, Amazon and many other websites disappeared. "Photobucket Hotlink Fix" makes the disappeared images visible again, completely free and convenient.

  

          
          The network tool Fiddler shows how the add-on "Photobucket Hotlink Fix" sends the URL to an external server with the IP 79.137.79.108 for each page request.
        
    Actually a fine thing that thrilled the users: "Works perfectly! I can finally see the pictures in old forum posts!", Writes one in the add-on directory of Firefox. Bielawski also typed a rating – and hooked up: "[Das Add-on] calls an external IP on EVERY page view". Why that was so, Bielawski wanted to know. Using the Fiddler network tool, he also found that a POST request was being made to a server with IP 79.137.79.108, "the full URL is in the POST body." In other words, the author of the add-on captures the complete browsing history of the user.
Add-on developer "BridgeTroll" responded to the review and stated, "[Das Add-on] checks via our server if the fix is ​​allowed on the visited site." There are website owners who do not want the add-on to fix the photobucket links on their pages.

  

          
          A brief privacy policy indicates the connection to the server. However, the author conceals that every URL called is transmitted. In addition, the Firefox directory is missing a link to the explanation.
        
    Hidden Privacy StatementThe statement did not convince Bielawski. Why should the add-on take into account the sensitivities of the site operators? After all, an ad blocker would not ask every page to filter banners. "In addition, [im Add-on-Verzeichnis] lacks a privacy policy," criticizes Bielawski.
Urgently necessary is the contact to the external server not, in other versions of the add-on missing the POST request. The Chrome version, for example, does not contact the external server, even though it "has significantly more users," Bielawski wonders. (Nearly 33,000 users have the add-on installed.) On GitHub there is a version of the add-on "without the server connection and without [das] Amazon stuff, but with active Google Analytics code".
In the description of the Chrome add-on, after all, a concise privacy policy ("Privacy Policy"), which also mentions the contact to the external server – but not the transmission of the URL. However, the Chrome version does not contact the server at all.

  

          
          The Chrome version of "Photobucket Hotlink Fix" searches for websites for Amazon promotional links and exchanges the included ID. So apparently the add-on programmer receives the commissions.
        
    Add-On Exchanges Amazon Promotional Links The Chrome version does other curious things: It changes referrer links from Amazon, so apparently the developer of the add-on receives all advertising money. So if such a promotional link is included in a website, the add-on unquestioningly removes its ID and uses the suspected ID of the developer. For the exchange only a few lines of code are needed, as a look in the JS file of the add-on shows (see screenshot). Amazon explicitly does not allow such backlighting.
In the Firefox version of the add-on, the Amazon code also exists, but there it is commented out and thus inactive, as Bielawski noted. (The Amazon ID exchange had already "Akamaru" discovered and described in his blog.) His conclusion: "Really a pity that you can trust in fewer and fewer plug-ins.")
Mozilla reacts: Now there is silence once again summarized: The Firefox add-on "Photobucket Hotlink Fix" sent in the background each URL called to an external server with the IP 79.137.79.108. The developer of the add-on should have covered the complete browsing history of the users. Currently, nearly 6000 Firefox users have installed the add-on.
Andreas Bielawski refers his observations to version 1.3.14, which is now no longer available. Mozilla said on request from heise online: "We removed the recent update of the add-on 'Photobucket Hotfix Link' on February 5 as a result of our review process." The currently available version is not affected by the issue. " The Add-ons directory now lists version 1.3.12 (as of November 22, 2017). This older version will not contact the external server, as confirmed by a re-test with Fiddler.
Mozilla also said, "We take the users' sovereignty and privacy very seriously, and we require that all add-ons hosted on addons.mozilla.org follow our review guidelines and ensure that users make informed choices can, whether he wants to use an add-on or not. "
In the Chrome version, the URL transfer did not seem to take place, instead, the add-on exchanged the Amazon IDs from the affiliate program. In the Opera version (890 users) is activated according to Bielawski Google Analytics; a link to the privacy policy is missing. This is only linked to the Chrome Web Store and is extremely scarce. In addition, she conceals the possible transmission of the URL.
All of these are pretty good reasons to be more cautious the next time you install an add-on. For security, we also recommend uninstalling "Photobucket Hotlink Fix" – as practical as the add-on is.

(DBE)

      

Related

Adobe Research: Photoshop

                                       At Adobe Max 2017, the software producer gave insights

2018 Winter Olympics: Rus

The horror of the Olympics exclusion of many top stars is huge, but

VW CEO Andreas Renschler:

 Mr. Renschler, have you missed Martin Winterkorn and Ferdinand Piëch at the IAA?

Microsoft Manager: No New

                         (Picture: dpa / Kay Nietfeld)                                            Microsoft founder Bill