Linked by Kroc Camen on Sat 17th Oct 2009 05:27 UTC
Whilst it's not okay in Microsoft's eyes for Google to install a plugin into Internet Explorer, increasing the potential surface area of attack, when Microsoft do it to Firefox, it's a different matter. Now a security hole has been found in a plugin that Microsoft have been silently installing into Firefox.
Permalink for comment 389767
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2005-12-15
I think the problem here is that these malware authors are very tricky. They figure out ways to slip things in without users noticing. I think Mozilla should add as much as possible, but I am wondering whether the issue at hand is not as much that the plugin is installed (it's a concern yes), but what the plugin can do.
Why not focus on controlling / auditing what the plugins do at the user level. For example, if it tries to write to disk alert the user, if it tries to remotely connect to a website, alert the user.
Control not only getting the plugin in the browser, but also add safe-guards to what it does once it's there.