Unknown addon. Any details ?
(addons.mozilla.org)
from Alb087@lemmy.ml to privacy@lemmy.ml on 28 Jul 2024 04:46
https://lemmy.ml/post/18487949
from Alb087@lemmy.ml to privacy@lemmy.ml on 28 Jul 2024 04:46
https://lemmy.ml/post/18487949
A unknown addon in firefox addon store with 4.5+ rating.
(From, most of the comments it’s seems like this addon is suspicious and don’t have enough proof or evidence to trust it with our data. So please everyone avoid using this addon. A better one is “UBLOCK ORIGIN”).
threaded - newest
Why not DNS level AdBlock?
I hope dns level blocking is less effective that browser level. Also dns level blocking cant apply cosmetic filters and give a clean view of webpages.
@Alb087 @TheBigBrother yeah DNS level is pretty limited.
I use both DNS and browser, and I prefer DNS level.
@TheBigBrother Why's that? I mean DNS has the benefit of being able to do at network level and if I could I'd do it, but I do usually keep ublock origin in my browser.
I use both cos it’s easier to use on multiple devices and it’s system-wide. So you only have to set it up in the router and you should be fine, if you are outside the home network you can always use private DNS option in android.
@Alb087 why not use something more... trusted and probably better? ublock origin is the best around.
@Alb087 this mascot is giving me the creeps.
.
I know. But i need to know is this addon safe or not as it have more users and rating. Don’t know it based on which adblocker syntax.
@Alb087 i don't see it having more users, or ratings? ublock origin has 7m users, this has 1m. Plus, the websites to this ad blocker you mention seem like commercial. non-open-source software, I wouldn't doubt that this is spyware.
@Alb087 like look at this and tell me this doesn't scream commercial, about to steal your data?
https://adblockultimate.net/
But it is under GNU general public licence. Me too doubt it a spyware or not as the source code is not found anywhere.
(Am not promoting or supporting this addon in anyway).
Users and ratings can be bought, so reputation is important.
Even if a piece of software is open source (which this supposedly is), it needs to be well known enough so that professionals are checking the code for vulnerabilities/ bad behaviour.
addons.mozilla.org/en-US/…/ublock-origin/
Ublock Origin has 7 times the number of users anyways?
Okay you asked the question, got the answer, and are clearly not listening to what people are saying and still trying to get people to agree this one is just as good…
Scrap this shitty freemium copycat add on and just use ublock origin.
It seriously is not that complicated.
They will use popups asking you to upgrade to a premium version:
adblockultimate.net/pricing
Which is kinda silly when they seem to mostly copy the work of others:
github.com/mozilla/addons/issues/1078
I second the uBlock Origin recommendation.
Well that’s shady
If you’re using Mozilla’s level of endorsement as a metric, note this prominent disclaimer on the addon’s page:
ublock origin does not have this disclaimer. It works well and is widely trusted.
Localcdn, I still don’t care about cookies like addons have this warning too…
@Alb087 @tavu yes, it doesn't automatically mean it's unsafe, but this is shady software none the less.
I use a few extensions which also have this warning but I do because I trust them
Pretty much everyone here is just recommending ublock origin, so just use that.
Check the licence.
If it’s not any open source licence then fundamentally not trustable.
Why below firefox shows it under GNU GPL ?
Why not use uBlock? Widely used and gets job done
I didn’t say no ublock. Just asked about this one
Why
I imagine because he is curious about using something other than the default option that everyone else is using?
Just because most people are basics doesn’t mean everyone is.
I’m not going to tell you what to use instead, but how you make the judgement for yourself: audit the code yourself
The source code is linked right there, and you don’t need trusting someone to make the call. You’re making the call. Mind you, the actual add-on installed from Mozilla Add-Ons might contains different code then what shown in the repo. I never release any add-ons so that is just a wild guess and a hint possibility this could happen.
To give you an head start: look for URLs and any encoded strings in all files, be it Base64 or something else. And follow them to find out why there it is there, how is it triggered, etc. Same goes for encoded strings with the added question: what was encoded within.
Still, that is just the basic, and I’m not too into JavaScript but there could be other ways of hiding information, like in an image file via steganography.
@umami_wasbi @Alb087 auditing code is complicated, not everyone will know how to do that, and even the people who do can miss a lot
Yes, but we are not auditing security or cryptography implementation.
Instead, the goal is get a sense how it works, and look for suspicious codes or have if parts hidden (encoded) and doesn’t want people to know. That’s relatively way easier than a serious audit.
I think you greatly overestimate the average person’s ability to understand even the most basic code. Let alone in multiple languages.
Really? Maybe I got too used to it.