Tech talk, social media, blogging, computing tips and tricks

Remove Firefox Addons, Improve Security

June 4th, 2007 by David Bradley >> 15 Comments

Firefox logoUsing certain Firefox addons, such as the popular Google, Facebook, and LinkedIn addons, could leave your computer open to hackers, according to security expert and Indiana University graduate student in informatics Christopher Soghoian. Thankfully, tools such as NoScript, Greasemonkey, and AdBlock Plus are safe. Problems can arise, says Soghoian, because of the way the likes of the Facebook addon is updated via an external server rather than Firefox’s parent system Mozilla.

Addons affected by the security vulnerability include:

  • Google Toolbar and Google Browser Sync
  • Yahoo Toolbar
  • Del.icio.us Extension
  • Facebook Toolbar
  • AOL Toolbar
  • Ask.com Toolbar
  • LinkedIn Browser Toolbar
  • Netcraft Anti-Phishing Toolbar
  • PhishTank SiteChecker

“Users are vulnerable and are at risk of an attacker silently installing malicious software on their computers. This possibility exists whenever the user cannot trust their domain name server (DNS) or network connection. Examples of this include public wireless networks, and users connected to compromised home routers,” says Soghoian on his slight paranoia blogspot.

Reading between the lines, however, Soghoian’s suggestion that we all remove these “commercial” addons at once, is perhaps a little over the top. If you can trust your DNS, never use public wireless access and have enough understanding of your router setup to ensure you are not compromised through that method (simply ensure you set a new password and never use the default!), then you should be perfectly safe.

Soghoian’s claims millions of users are at risk, and could be victim to malicious software being installed on your computer that could hijack e-banking sessions, steal emails, send spam from your machine. He adds that, “Only those [addons] that have been downloaded from the official Firefox Add-Ons page are safe.

Other, mainly commercial, extensions are also afflicted says Soghoian, who recommends user uninstall all these addons pending the release of security patches that preclude the issues.

Having been told how powerful and safe Firefox would be compared with other highly susceptible browsers, perhaps the tide is now turning. Maybe it is time to strip back our browsers and run with a minimalist approach – no addons, no tweaks, no plugins. It could become very boring, very quickly. So, instead, be very aware of the problem, make sure you are security-enabled whenever you connect wirelessly or through a DNS that is not provided by your ISP (OpenDNS is a better alternative than the DNS offered by an access point.) But, most of all, do not leave your router running with the default passwords. Lists of default passwords are available across the web to wouldbe criminals. Better safe than sorry.

In case you were curious as to where you had heard the name Christopher Soghoian before, he was infamously raided by the FBI in 2006 for posting information about airport security that allegedly jeopardized homeland security. Hence the odd photo of him on his site in orange overalls being rubber-gloved by an officer of the law, presumably.

For a quick run through of removing Firefox addons check out this post. And, if you want to be really secure, disconnect your internet connection and uninstall Firefox altogether and maybe taking up gardening instead.


Leave a comment ↓

  • David Bradley // Jun 4, 2007 at 12:17 pm

    By the way, if you run your Windows machine under a limited user account to help protect you from malicious installs, then don’t think you are safe from this exploit in Firefox. Firefox will update and install addons regardless of the status of the logged in user (a bit of a bummer in terms of security, really).

  • Wayne Smallman // Jun 5, 2007 at 8:16 pm

    “This possibility exists whenever the user cannot trust their domain name server (DNS) or network connection. Examples of this include public wireless networks, and users connected to compromised home routers,” says Soghoian…”

    As you mention, the implications here are immense. Quite sobering, in fact.

    Good job I’m on OpenDNS, as well.

    Additionally, this could be the very tip of a whole new class of Internet fraud…

  • David Bradley // Jun 5, 2007 at 10:21 pm

    Yep, readers should check out the review of OpenDNS on this site and Wayne’s earlier review of OpenDNS

  • Hsien Lei // Jun 6, 2007 at 9:01 am

    UGH. Another thing to worry about. The other day, I went to a site I visit frequently and my Google Desktop told me there was potential malware on it. Turned out it was one of the ads being served and probably only to users in W. Europe and Asia. @#!

  • David Bradley // Jun 6, 2007 at 10:53 am

    It is the way of the world Hsien, I’m afraid. Even more bad news from Poland via zdnet yesterday – apparently numerous security holes have been opened up in the fully patched versions of Internet Explorer and Firefox.

  • Tom // Jun 6, 2007 at 12:20 pm

    Rumors abound that Firefox 3 will have an antimalicious streak.

  • Wayne Smallman // Jun 6, 2007 at 11:33 pm

    I say let’s start a Neo-Luddite commune in, err .. Doncaster, and get back to basics!

  • David Bradley // Jun 7, 2007 at 8:11 am

    Sunny Donny, hey? Or, Nottingham, even… ;-)

  • Tom // Aug 3, 2007 at 7:43 pm

    Fuzzers poke at programs in search of vulnerabilities that can arise when an application receives data it doesn’t expect. Now, Mozilla (producers of Firefox) are unleashing these hacker tools on to the net in the hope that the community will spot security loopholes before hackers/crackers and alert other users and Mozilla itself before such problems become serious.

    http://blogs.pcworld.com/staffblog/archives/005059.html

    Tom

  • mack // Aug 23, 2007 at 10:20 pm

    1) how can firefox addons be DELETED?

    2) why does all typing, now, since the installation of firefox show a series of small red dots under everything in email?

    3) this new install has taken over everything – 40% of the screen =- and is a nuisance!

  • David Bradley // Aug 24, 2007 at 8:35 am

    mack, removing firefox addons is relatively easy. go into the Tools menu, slide down the menu and click Addons. A box will appear with those you have installed. Simply select the ones you no longer which to run and hit the Uninstall button. Restart FF and they will be gone.

    As to the red dots…are they spelling errors?

    To what new install are you referring? The latest version of Firefox or an Addon? Have you tried cascading or tiling your windows from the toolbar (assuming you’re on XP) and then resizing them to your preference?

    db

  • Wardriving coming to a Wi-Fi hub near you! // Oct 8, 2007 at 10:09 pm

    [...] further than my news feeds. So I do today as I did yesterday. And on this occassion, I happen upon an interesting topic over on David Bradley’s Science Text concerning Firefox security issues: “Using certain Firefox addons, such as the popular Google, Facebook, and LinkedIn Add-Ons, could [...]

  • David Bradley // Oct 4, 2008 at 6:47 pm

    For anyone looking to remove the ask.com toolbar from Firefox, the Mozilla site has the full skinny:

    http://kb.mozillazine.org/Uninstalling_toolbars

  • PepeMex // Oct 7, 2009 at 4:13 am

    Surely there could be a “safe mode” way of browsing, which could be used when accessing internet banking or other such services that we want 100% private and secure. Something like a Firefox “cone of silence” that would disable (not remove) addons at certain times, only to be used when I feel I want to be 100% secure.

  • David Bradley // Oct 7, 2009 at 7:52 am

    @PepeMex That’s a good idea. And, of course, there is a safe mode for Firefox that allows you to launch the browser without any addons:

    Start Firefox in Safe Mode by clicking Start, selecting Run (or use the Start Search box in Windows Vista) and then entering the following in the text field:

    “%PROGRAMFILES%\Mozilla Firefox\firefox.exe” -safe-mode

    You will get a dialog box offering you various startup options.