Comments on: Firefox Malware?

By: airliebird58

airliebird58 — Sun, 21 Dec 2008 16:30:43 +0000

Thomas of post 16: This has just happened to me and it took me about 5 days to get rid of it. Every well known scanner I could think of was either blocked or would not update. So I tried to use a scanner that wasn’t so well known if that makes sense. 1st was called Norman Malware Cleaner, and the other was called Dr Web Cureit! both picked up nasties and it released my other scanners. I found both free progs at http://www.snapfiles.com/ Hope that helps you and it was ok to post the web site address here. I was on the verge of wiping everything and starting again! Good luck.

By: YoursTruly

YoursTruly — Sun, 21 Dec 2008 15:37:54 +0000

This does not sound like an “arbitrary” code executing on your machine. Fact is it has been designed to run in your browser specifically do that it knows when you are browsing banking sites, and then it can steal passwords. Yes the browser could have been IE or Firefox.
I have a question, if companies can push updates/patches into there software running on usre’s machines, why cant they push warnings/alerts to users in same way. This issue is a good example, where this is needed. The issue is not with firefox, so no patching required, but Mozilla is still posting warnings/mitigations on their sites.

By: thomas

thomas — Thu, 18 Dec 2008 05:08:17 +0000

hi guys, i think i have been infected by a virus. This virus prevented me from visiting those anti-virus web sites and also prevented my current anti virus softward from getting updates. Any idea how to solve this? any advice would be much appreciated.
thanks
thomas

By: McGehee

McGehee — Fri, 12 Dec 2008 06:23:11 +0000

Re my question above, I found an explanation. Thanks anyway.

By: McGehee

McGehee — Thu, 11 Dec 2008 19:36:16 +0000

Out of curiosity, what does the “Mozilla Default Plug-In” do? I disabled that and managed to get it to not show on my plug-in list, and Firefox is working just fine so far.

By: Harald

Harald — Wed, 10 Dec 2008 23:59:17 +0000

“Use a browser with a solid security record and modern anti-malware defenses built in”

Roger that, I’ll stick with Opera..

By: Adamantium

Adamantium — Wed, 10 Dec 2008 00:08:41 +0000

@FACORAT / Mr. Lizard:
I disagree with your 2nd point. I actually use that feature.. helps to manage addons with multiple profiles. The best thing to do is not download programs unless you can assure they are absolutely safe. Having linux also helps .

By: Ted Mielczarek

Ted Mielczarek — Tue, 09 Dec 2008 21:54:21 +0000

@FACORAT / Mr. Lizard:

It makes no difference what Firefox does. If someone is running arbitrary executable code on your system, you have already lost. Firefox could jump through hoops to try to verify the extensions it loads, but malicious software could just patch Firefox itself if necessary and subvert those checks. There is *no way* to stop malware from inserting itself into Firefox once it is already running on your system.

By: Mr Lizard

Mr Lizard — Tue, 09 Dec 2008 19:59:45 +0000

@ FACORAT:

I agree with your second point.

In the case of the first point, I happen to think that users should only use the addons.mozilla site to source their addons.

Firefox encourages this, by disallowing 3rd party sites to install addons. To override this, the user has to click an ‘allow’ button, add the site to the whitelist, then click through another warning telling the user not to install addons from sources they do not trust

That sort of user is not going to care if an addon is signed or not. If it isn’t, they will still click through the warning dialogs regardless.

There’s only so much Mozilla can do here- the final decision to install something lies with the user.

Back to your second point, which is important. One of the benefits of Firefox (on Windows at least) is that it is seperate from the operating system, insofar as not sharing code like IE does (or did in IE5/6, I don’t know about 7)

That means even if a PC’s operating system has a security hole that allows someone else to slip in some unwanted malware, it shouldn’t compromise Firefox.

I don’t want Firefox using addons/plugins unless I’ve clicked through those warning dialogs.

If addons can be run just by plonking files in the extention folder, then Mozilla may as well remove all those warning dialogs telling people to be careful.

By: FACORAT Fabrice

FACORAT Fabrice — Tue, 09 Dec 2008 12:07:35 +0000

Sorry to sound negative, but the fact that Firefox will :
1. run untrusted and unsigned executable/extensions is a security issue.
2. run an extension just because it is located in the extension directory whereas this extension have never been installed by Firefox is also an issue. Firefox should only run extensions if they have been installed by firefox ( it means that Firefox should have an installation journal ).