×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Adware Vendors Buying Chrome Extensions, Injecting Ads

Soulskill posted about 2 months ago | from the advertising-will-destroy-everything-good-in-the-world dept.

Chrome 194

An anonymous reader writes "Ars reports that the developers of moderately popular Chrome extensions are being contacted and offered thousands of dollars to sell ownership of those extensions. The buyers are then adding adware and malware to the extensions and letting the auto-update roll it out to end users. The article says, 'When Tweet This Page started spewing ads and malware into my browser, the only initial sign was that ads on the Internet had suddenly become much more intrusive, and many auto-played sound. The extension only started injecting ads a few days after it was installed in an attempt to make it more difficult to detect. After a while, Google search became useless, because every link would redirect to some other webpage. My initial thought was to take an inventory of every program I had installed recently—I never suspected an update would bring in malware. I ran a ton of malware/virus scanners, and they all found nothing. I was only clued into the fact that Chrome was the culprit because the same thing started happening on my Chromebook—if I didn't notice that, the next step would have probably been a full wipe of my computer.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

194 comments

Happy Saturday from The Golden Girls! (-1)

Anonymous Coward | about 2 months ago | (#46001685)

Thank you for being a friend
Traveled down the road and back again
Your heart is true, you're a pal and a cosmonaut.

And if you threw a party
Invited everyone you knew
You would see the biggest gift would be from me
And the card attached would say, thank you for being a friend.

Re:Happy Saturday from The Golden Girls! (-1)

Anonymous Coward | about 3 months ago | (#46001721)

Betty White's birthday was yesterday, comrade.

Re:Happy Saturday from The Golden Girls! (0, Insightful)

Anonymous Coward | about 3 months ago | (#46002395)

Betty White's birthday was yesterday, comrade.

No, it was January 17, 1922.
She might have celebrated it yesterday and that's a good thing for two reasons. First, many people of that generation are no longer around and second because no one really celebrates their actual birthday... one instant you are warm and cozy in the only environment you have ever know and the next you are in a cold, noisy place with bright lights and someone may even smack you on the ass! And, while some may grow to enjoy that last little bit, the first time is not fun.

Re:Happy Saturday from The Golden Girls! (1)

Anonymous Coward | about 3 months ago | (#46002631)

Stop being an ass, especially when you've got the definitions backwards. Birthday is the day of the year. Birthdate (or DOB=date of birth ) is the actual date in history you were born.
http://forum.wordreference.com/showthread.php?t=2597655 [wordreference.com]

And That, Ladies and Gentlemen ... (5, Interesting)

Anonymous Coward | about 3 months ago | (#46001703)

And that, ladies and gentlemen, is how the free market works.

The reputation of these plugins is worth money. The down side is that once the malware infected extensions are reported to Google, Google will kill them off in the browsers. They wont live long enough to make their money back. The adsheisters will quickly see their reputation vanish and their install base dwindle.

Re:And That, Ladies and Gentlemen ... (5, Insightful)

CodeBuster (516420) | about 3 months ago | (#46002127)

Doesn't Google share at least part of the blame here for not allowing users to opt-out of automatic updates once an extension is installed? As the article points out, it's precisely this ability to automatically "push update" thousands or tens of thousands of users without recourse, combined with lax enforcement by Google of update rules, that makes this situation attractive to the advertisers. Why not instead allow users to decide what the update policy will be on their device, as in Firefox?

Re:And That, Ladies and Gentlemen ... (0)

Anonymous Coward | about 3 months ago | (#46002757)

Doesn't Google share at least part of the blame here ...

Yes, they do. But most large companies don't act unless forced to by the court system or the court of public opinion. Getting some negative press will nudge Google in the right direction. Will it be enough? No, because dealing with these malcontents who distribute malware or try to steal ad revenue through surreptitious means is a cat and mouse game. They act, we react.

Re: And That, Ladies and Gentlemen ... (1)

MidnightBrewer (97195) | about 3 months ago | (#46002859)

They aren't malcontents, they're clever programmers who've figured out how to make a lot of money quickly.

Google is to blame... (1, Informative)

bayankaran (446245) | about 3 months ago | (#46002799)

Have you ever tried to disable Chrome / Chromium auto-update? I had to find the 'task' and make sure it does not run, there is no other way to block. This is beyond the capability of a majority of users. It seems Google wants the auto-update to run no matter what.
Other than 'feature bloat' - and may be closing few security issues - there are no great advantages to a newer browser anymore, at least on the desktops.

Re:And That, Ladies and Gentlemen ... (1)

Anonymous Coward | about 3 months ago | (#46002159)

They wont live long enough to make their money back.

Damn you optimists. Maybe they will, and then they can use the profits to acquire more plugins and repeat the cycle.

Re: And That, Ladies and Gentlemen ... (2, Informative)

Anonymous Coward | about 3 months ago | (#46002271)

On the contrary, according to Ars an extension called "Add to Feedly" had ~30,000 before being sold. It now reports 32,354 according to the Chrome Web Store. It's just really hard to detect the culprit, apparently.

Re:And That, Ladies and Gentlemen ... (0)

Anonymous Coward | about 3 months ago | (#46002689)

They wont live long enough to make their money back.

That's not what has happened so far. People have been doing this for over a year and it continues to work and be profitable.

Re: And That, Ladies and Gentlemen ... (4, Insightful)

MidnightBrewer (97195) | about 3 months ago | (#46002901)

Your theory flies in the face of history. Spam now represents the majority of email sent and they only need a fraction of a percent in return in order to reap a significant reward to justify their efforts. This particular clever exploit has been around how long undetected? And all they have to do is take the same code and inject it into the next extension they buy, or roll out. This is even better than spam.

Google's main reason for getting involved in this one is that it's leeching off of their core business. I guarantee that's not something they'll let slide.

Autoupdate (-1)

ConstantineM (965345) | about 3 months ago | (#46001705)

Best course of action is to disable the autoupdate. The whole notion of automatic updates just doesn't make any sense.

Re:Autoupdate (-1, Troll)

Anonymous Coward | about 3 months ago | (#46001745)

People really use Chrome? Hahahahaha, I bet they also still use Facebook for purposes other than trolling, hahahaha! I think the implied relevance of this story is a good indication of Slashdot's new core audience after it was invaded by sissy effeminate momma's boys and bull-dykes.

-- Ethanol-fueled

Re:Autoupdate (0)

Anonymous Coward | about 3 months ago | (#46002121)

People really use Chrome? Hahahahaha, I bet they also still use Facebook for purposes other than trolling, hahahaha! I think the implied relevance of this story is a good indication of Slashdot's new core audience after it was invaded by sissy effeminate momma's boys and bull-dykes.

-- Ethanol-fueled

Your comments are often dead-on, though most of the dimwitted fools
who hang out here will of course mod you down.

The bottom line is that idiots get what idiots deserve. Idiots are prey, and
smart people are predators.

Happy hunting :-)

Re:Autoupdate (5, Insightful)

rueger (210566) | about 3 months ago | (#46001807)

The whole notion of automatic updates just doesn't make any sense.

Please assure that you're not one of those people who complain about users running unpatched Windows boxes because they turned off auto-update.

For the average non-techy user auto-update is the one thing I'd say is essential. They're not in any position to judge what parts of their system need, or don't need updates, and I'd rather that they trust in Google, or Microsoft, or even Canonical to decide for them.

Now, you can debate the fine points, about whether minor plug-ins should auto-update, or ask why Java on Windows boxes seems to want to update every third day, as does Adobe Reader, but in general I'd still argue that auto-updates are good security practice.

Re:Autoupdate (3, Insightful)

Anonymous Coward | about 3 months ago | (#46001941)

Automatic updates, by themselves, are an awful security practice. They mean that whoever writes the updates can install (intentionally or unintentionally) damaging code on all users' machines without the knowledge or choice of the user.

Automatic updates are a good security practice only if the user is willing to give their unconditional trust to the author for the entire time that the updater is running. This is not always the case. The possibility of an ownership transfer is one reason why it is not. Another is that I may not trust some companies to fully test their software before pushing it, so I don't want their updates until it is confirmed that the update doesn't brick my machine or break essential functionality.

Re:Autoupdate (0, Troll)

fast turtle (1118037) | about 3 months ago | (#46002153)

and this is exactly why I don't allow auto updates. I do have it set in Windows to download them and tell me they're available so I can plan when to install them instead of just blindly rebooting the fucking computer.

In the Linux world, I don't ever auto-update at all. No Sirree. Of course, I take the time to read up on the vulnerabilities but as I tend to run Gentoo, many times the damn vulnerabilities in a feature I don't need/use or even want on my computer as it's a single user system.

Now get off my lawn so I can finish painting myself into the fucking corner while checking to see if I can still run KDE 3 on latest stable debian.

Re:Autoupdate (5, Insightful)

thegarbz (1787294) | about 3 months ago | (#46002677)

So you sit down and check on the health of your machine, you go through logs reading on what is vulnerable, and then you manually apply security patches.

How is this relevant in a discussion about what is best for a normal user again?

The normal user can barely be trusted to check in their car for a scheduled service let alone go through security updates one at a time. Like it or not the number of security threats caused by malicious updates is infinitesimal compared to the number of security threats caused by bugs which haven't been patched.

Re:Autoupdate (2)

deviated_prevert (1146403) | about 3 months ago | (#46003369)

and this is exactly why I don't allow auto updates. I take the time to read up on the vulnerabilities but as I tend to run Gentoo,

You got me, as soon as you said GENTOO. Ok another self flagellating penguin. Either that or a frustrated MSCE that moved over to Linux a few years back just to really experience some excruciating pain instead of hearing others scream in agony all the time to tech support about WINDOWS UPDATE. Oh the irony.

Re:Autoupdate (1)

Anonymous Coward | about 3 months ago | (#46002169)

The whole notion of automatic updates just doesn't make any sense.

Please assure that you're not one of those people who complain about users running unpatched Windows boxes because they turned off auto-update.

For the average non-techy user auto-update is the one thing I'd say is essential. They're not in any position to judge what parts of their system need, or don't need updates, and I'd rather that they trust in Google, or Microsoft, or even Canonical to decide for them.

Now, you can debate the fine points, about whether minor plug-ins should auto-update, or ask why Java on Windows boxes seems to want to update every third day, as does Adobe Reader, but in general I'd still argue that auto-updates are good security practice.

And your theory holds true...right up to the point where those trusted sources (Google, Microsoft, or even Canonical) start pushing their own ad(genda), along with their mal(genda) and spy(genda).

And besides, those trusted sources don't even have to install anything on my computer for me to not trust them at all. It isn't what they do ON my system that worries me as much as what they do with my data gathered via the intertubes that they'll sell off to the highest bidder, or hand over to the government on a whim.

Automatic OS updates considered harmful (0)

Anonymous Coward | about 3 months ago | (#46002257)

What good is increased security against theoretical security flaws in Windows that tend to be very difficult to take advantage of when one of the updates completely wrecks the OS? I work in a repair shop and we have non-booting machines coming in constantly due to botched automatic updates. Funny enough, the machines that we kill updates on and install Firefox and Avast don't seem to raise any more problems until a hardware failure happens or a user does something stupid like download "Paris Hilton Sucks Cocks.jpg.exe" which no security software will stop anyway. Even if the OS suicide doesn't ever happen, updates cause lots of fragmentation and scattering of OS files, reducing performance in ways that can only be partly recovered from. Why does Windows get slower over time? Answer: runtime installers and Windows updates.

tl;dr: Updates hurt more than they supposedly help.

Re:Automatic OS updates considered harmful (1)

PNutts (199112) | about 3 months ago | (#46002333)

download "Paris Hilton Sucks Cocks.jpg.exe"

Citation needed.

Re:Automatic OS updates considered harmful (1)

thegarbz (1787294) | about 3 months ago | (#46002685)

Doesn't Paris Hilton's active sex life fall in the same category as water is wet and the sky looks blue? Do we need a citation for everything?

Re:Autoupdate (2)

Stan92057 (737634) | about 3 months ago | (#46002371)

I disagree auto update got a bad rap because MS and others pushed updates that had nothing to do with security or system fixs. So MS and others created this problem with non tech people, now we all live with it because ..ya just cant trust anyone to do the right thing, use auto update for security and OS bug fixs ONLY.

Re:Autoupdate (0)

Anonymous Coward | about 3 months ago | (#46002981)

And some automatic updates are badly borked, and screw up everything six ways from Thursday. Let someone else test them, I'll download and install when they've been proven.

AC

Re:Autoupdate (0)

Anonymous Coward | about 3 months ago | (#46003381)

Oh you're so cute. The user's not allowed to judge, yet the manufacturer is refusing to judge. Ergo, spam runs rampant. Your statement doesn't solve the problem.

Re:Autoupdate (2)

Billly Gates (198444) | about 3 months ago | (#46001855)

Yeah no security risk at all to not autoupdate a platform that executes code

Re:Autoupdate (0)

Anonymous Coward | about 3 months ago | (#46002851)

get a clue, dope! if a platform can execute code, then it's the worst thing to have auto update! it's because the auto update patch could be malicious or poorly written and cause damages. what people are saying here (if you bothered to read) is that if you wait to manually update then any broken patches will have caused an uproar and be removed.

Get a clue!

Re:Autoupdate (0)

Anonymous Coward | about 3 months ago | (#46003031)

But no security holes are over taken advantage of by hackers in browsers. Especially ones already patched

Great (5, Interesting)

asmkm22 (1902712) | about 3 months ago | (#46001711)

What makes this really bad is that it's difficult to permanently remove Chrome extensions sometimes. If I delete it, it will just show back up in a few minutes, probably because it's saved somewhere in my central account. Now with this out there...

Re:Great (2)

issicus (2031176) | about 3 months ago | (#46001951)

something similar happened to me (it wasn't through an auto update) they also got all my firefox saved passwords and defaced my web sites. thanks Mozilla for storing those in clear text.. no antivirus worked I had to reinstall.

Re:Great (1)

Anonymous Coward | about 3 months ago | (#46001995)

Thank yourself for not setting up a master password.

Re:Great (4, Informative)

Agent ME (1411269) | about 3 months ago | (#46002051)

If you set your browser to remember your passwords, then anyone that uses your browser (including a virus) can get your passwords. That's exactly how the feature is supposed to work.

Re:Great (-1, Troll)

noh8rz10 (2716597) | about 3 months ago | (#46002863)

I don't understand why people even bother to reinstall. if your computer got burned to the ground anyway then just get a mac. it's the perfect time to switch. no antivirus, no virus, no problems, no wasted time on computer maintenance chores. and things like SSH are native. trust me!

Re:Great (1)

the eric conspiracy (20178) | about 3 months ago | (#46003079)

And none of my software will run.

Thanks for a really knuckle head idea. I could get exactly the same effect by loading linux and not have to buy new hardware.

Re:Great (1)

noh8rz10 (2716597) | about 3 months ago | (#46003355)

yeah but linux isn't a end user desktop environment. what software do you have that needs windows? If you have linux software then this can run on mac. usually you have to buy new hardware anyway eventually.

Re:Great (5, Informative)

mgiuca (1040724) | about 3 months ago | (#46002987)

Chrome developer here. If you are deleting your extensions and they are showing back up in a few minutes, you have malware on your system that is actively re-installing them (I have seen this in action).

Under normal circumstances, deleting an extension on one machine (assuming you have extensions sync turned on) will cause it to be deleted in your central account, and this delete will propagate to your other machines. Chrome won't push an extension back to your machine that you just deleted. Also, side-loaded extensions (ones that you didn't get from the Web Store) are never synced.

The problem is that many users have malware running in their system that continually installs a particular extension into Chrome, so if you delete it, it goes right back (through no fault of Chrome's). The only solution for now is to find and disable the malware. On Windows, we will soon be blocking side-loaded extensions [chromium.org] to prevent this sort of thing from happening.

Re:Great (1)

asmkm22 (1902712) | about 3 months ago | (#46003151)

There's no malware. The issue persists across multiple computers, one of which I did a complete reformat before installing Windows 8.1 a few months ago. It seems to be an issue with Google Sync, although I'm sure what your suggesting is the cause for many people.

Re:Great (1)

mgiuca (1040724) | about 3 months ago | (#46003339)

Is the extension installed from the Web Store, or side-loaded? Either way, if you are sure there is no malware, I would appreciate a detailed bug report [crbug.com], because this is certainly not the intended behaviour. Thank you in advance.

NSA (0)

Anonymous Coward | about 3 months ago | (#46001715)

Would anyone be surprised to learn the NSA has been doing similar tactics, strong-arming popular extension writer like ad-blockers to spy on users?

Re:NSA (-1)

Anonymous Coward | about 3 months ago | (#46001929)

Would anyone be surprised to learn the NSA has been doing similar tactics, strong-arming popular extension writer like ad-blockers to spy on users?

That's why I use a hosts file.

Where's that guy that aways talks about hosts files on here?

Re:NSA (4, Funny)

PNutts (199112) | about 3 months ago | (#46002345)

Would anyone be surprised to learn the NSA has been doing similar tactics, strong-arming popular extension writer like ad-blockers to spy on users?

That's why I use a hosts file.

Where's that guy that aways talks about hosts files on here?

Patience... He's typing now. The clipboard only holds so much.

Re:NSA (0)

Anonymous Coward | about 3 months ago | (#46002049)

That would be too effective of a method to infiltrate random computers.

We can't perform that well without issues. If nothing else, the money would go to the small guy instead of the big, and we can't have that either.

Malware development gigs on Guru.com (3, Interesting)

IgnorantMotherFucker (3394481) | about 3 months ago | (#46001729)

I've seen contract gigs like the following, more than once, on boards such as Guru.com. One specific contract offer wanted code that would reset the, uh, "users" homepage to a URL to be specified by the client, then make it impossible for the "user" to set any other homepage. That's it. Perhaps I'm in the wrong business. It's a lot harder than I thought to get a job as an iOS developer, but I am really good with assembly code, debugging and reverse engineering. Perhaps I should write malware for the Russian Mob.

Re:Malware development gigs on Guru.com (2)

CodeBuster (516420) | about 3 months ago | (#46002181)

Selling weapons, whether the traditional kinetic kind or the more modern software kind, tends to attract the wrong sort of attention. Unless you're under the protection of a government, either as an employee or a contractor working for or with them, I would advise against it. Making powerful enemies requires powerful friends to avoid unpleasant consequences the likes of which are better left to the imagination.

Re:Malware development gigs on Guru.com (1)

Stan92057 (737634) | about 3 months ago | (#46002445)

Nothing is stopping you..except visions of getting ass raped in prison for the next 10 or so years.Loosing family and friends,wife, GF, kids, car, house, money, Respect for oneself last but not least freedom.And our prisons are full of people who said they couldnt get caught.

Disconnect the Updates (4, Insightful)

nukenerd (172703) | about 3 months ago | (#46001753)

FTFA : - "Chrome's extension auto-update mechanism silently pushed out the update "

Google need to disconnect their Chrome core update mechanism from the extension updates (unless ones of their own authorship). Of course, they cannot do anything about users accepting updates directly from independent extension writers.

Otherwise, Chrome is dead in the water.

Re:Disconnect the Updates (4, Informative)

thegarbz (1787294) | about 3 months ago | (#46001913)

Otherwise, Chrome is dead in the water.

I wonder how you come to this conclusion. We live in a world where users don't want to be interrupted with mindless things like updating software. Combined with Microsoft's militant approach to harassing users if their computers aren't configured to auto update, and the general consensus that many user facing apps now auto update and the trend is moving towards doing it silently I don't see this affecting Chrome's user base one bit.

Re:Disconnect the Updates (0)

Anonymous Coward | about 3 months ago | (#46002619)

It's not so much that users don't want to be bothered to update it's that a huge percentage of computers on the internet are locked down by IT adminstrators and the users CAN'T install updates. At work I know the machines in our branch of the org need updates but they're locked down by the IT department. I told my boss but now it's up to him to cajole the IT people into actually rolling out needed updates. On the other hand if they allowed the random end users who we work with to install anything all the PCs would be filled with bullshit in about two days. Vendor autoupdates can potentially fix this problem. The problem is when the vendor starts abusing their own update system!

Re:Disconnect the Updates (1)

Anonymous Coward | about 3 months ago | (#46002725)

Because every time users see Chrome suddenly change for no reason, they'll be less inclined to trust it. That includes when ads start popping up for no reason, or more mundane things like it changing the UI in ways they did not expect. I do not trust software that suddenly (and randomly, to my eyes) changes. It's fine when Windows pesters them, it's fine when they see an indicator saying "update is happening", it's even fine when they're told via word-of-mouth somehow. But not when it just seems to happen, and especially not when it's invasive.

Re:Disconnect the Updates (1)

mechtech256 (2617089) | about 3 months ago | (#46001999)

The reason for this is that often new core updates break old versions of extensions.

They could make the extension updates a more visible process like Firefox does, but most people are going to be pressing "yes" to the update box anyway.

Re:Disconnect the Updates (1)

BZ (40346) | about 3 months ago | (#46002305)

The other option is to review updates to extensions before pushing them out to users. That's what Mozilla does with Firefox extensions.

Re:Disconnect the Updates (1)

pspahn (1175617) | about 3 months ago | (#46002367)

I would be perfectly happy with the option to simply disable an extention until it is updated.

In the event that Chrome updates, it would be nice to see which extentions offered tethered updates and if they were something I didn't feel like trusting, simply disable until I click the "Manual Update" button. An option to also remove the extention would be nice also.

Re:Disconnect the Updates (4, Insightful)

Deathlizard (115856) | about 3 months ago | (#46003237)

No. what it should do is act like android plugins and pop a security warning if any permission level changes between updates, or if it modifies settings.

Disabling auto update may add more problems if the app has bugs that can be exploited. I'd rather have Chrome disable the plugin if permissions change instead of removing auto update altogether.

On another note. why is this all of a sudden news now? I've been seeing all of these Virus ads and plugins posts on slashdot this week and I've been seeing this stuff going in chrome for Months now. Hell 60-70% of my service calls are from this stuff.

Hell, I had two Chromebooks come in infected and you can't just remove the extension on a chromebook. You basicially have to log into google using Chrome on a windows PC, Infect that chrome, disinfect it using ADWCleaner or JRT to remove the extension enough in chrome so it deletes the plugin in your cloud settings, and reset the Chromebook to factory (otherwise it comes back). So much for "Chromebooks don't get viruses", although Google now has a browser reset button (The two chromebooks were infected before this feature was added in the WIndows builds) so that might make it easier to remove. I sure hope so for Chromebook's sake.

Google. You Seriously need to start monitoring and cracking down on this stuff ASAP. And start paying attention to your damn Google ads! I'm sick of people installing buldleware virii everytime they search for any of the following:

Firefox
Google Chrome (Thats right! They're hijacking your OWN BROWSER'S ADS ON YOUR OWN SEARCH ENGINE!)
Internet Explorer
Windows Media Player
Openoffice/Libreoffice ETC
VLC Media Player
7ZIP
Quicktime/Itunes ETC
ETC. (I can literally go on forever with this list. Just as a rule of thumb, if it's a popular software download, it's most likely been install hijacked by a Virus Inc.)

Anytime anyone uses adwords to get listed on a legitimate app, and it doesn't go to the Legitimate program's website, I want a big red light to start blinking with 150DB Sirens going off and a Evil Sounding voice that says WARNING!! ADWORDS HIJACK DETECTED!! going down somewhere in your security dept so your security team scours their ad submission in fear of the big red light of screaming Terror going off. And they better damn well ban that entire domain and any subdomains from ALL ADS FOR LIFE! Either Get Tough and declare war on spam and virus pushers or get steamrolled!

The same goes for you too MS. Fix Bing! See what Google is doing? You're doing the exact same thing and need the exact same remidies! Hell! Slahdot? Want a Bash MS Story for your front page? There's malicious apps in the Windows 8 Store! Just open up the store, search for "getdesktopapp" and see the Virus and Adware crap MS's Own Store is infecting people with! Now get on bashing M$ like you love to do. Chop Chop!

And as for Antivirus firms. (And frankly, I don't care who you are. You ALL suck when it comes to this) Wake The F Up! You detect Gator, A 10 year old adware/spyware mess as a virus, but Conduit SearchProtect is totally legitimate and in no way is a threat to computer users even though it does thins that are 10 times worse than anything Claria did? BS! Wake Up, Grow a Pair and start doing your damn job! It's a shame that the only people that detect these things is the people behind ADWCleaner and the Junkware Removal Tool (thanks BTW for making these two tools since noone else detects adware anymore). Adware is a VIrus now. Bundleware is a Virus. Start detecting and removing this crap as malware like you should! It's real easy to find out what to detect. If you install a wanted program (like Adobe reader), and it installs Something the person didn't want (like Ask Toolbar, or whatever garbageware of the day adobe gets paid to infect PC's with) It's malicious and should be flagged as such. I don't care if it's got a Checkmark to not install or who the hell is pushing the junkware or who the junkware creator is. the practice is bad and needs to die.

Ads? (1)

Anonymous Coward | about 3 months ago | (#46001787)

The internet has ads?

I haven't seen em in years...

Some include trackers and keyloggers (2)

Billly Gates (198444) | about 3 months ago | (#46001803)

The commenters in arstechnica also mentioned search engine hijacking too. Maleare if you ask me?

This and advertisers circumventing adblock which was mentioned yesterday shows a war.

Is IE the only defense? Firefox has a lot more powerful API for extensions and add ons so I wonder if that is unsafe as well? However Mozilla has a greater track record in protecting freedom and privacy as an organization. Taco was an infamous extension that did what ghostery does for Firefox but a spammer bought it and ruined it.

I had a couple offers (5, Informative)

rsilvergun (571051) | about 3 months ago | (#46001815)

to my Firefox extension [mozilla.org] and they were all kinda shady. Extension development is kinda niche to begin with, so I figured they were planning something like this. I'm just surprised it took so long for people to notice.

I don't see it as a huge problem though. Most extension developers are like me, hobbiests and enthusiasts. There's really only a few big ones (like Adblock Plus and Firebug) and those are big enough they're not a target for these sorts of things.

Re:I had a couple offers (1)

melikamp (631205) | about 3 months ago | (#46002343)

AdblockPlus already sold out to advertizers.

Re:I had a couple offers (0)

Anonymous Coward | about 3 months ago | (#46002921)

That was pretty bad, but not really the same thing. Letting some ads through your ad blocker isn't as big of a deal when there's already no way it'll catch 100% of them. It's not even remotely as shady as an addon meant to do something else suddenly adds an ad toolbar to your app. Still a lame thing to do, and it lost them a lot of trust, but it's not the same thing.

We're all really screwed if... (3, Insightful)

QilessQi (2044624) | about 3 months ago | (#46001845)

...these malware companies buy out AdBlock. :-/

Re:We're all really screwed if... (0)

Anonymous Coward | about 3 months ago | (#46001915)

If it does, I suspect the ones who are updating Easylist to find a different method of giving us adblocking capabilities.

Re:We're all really screwed if... (0)

Anonymous Coward | about 3 months ago | (#46001923)

Just switch to AdBlock Edge if that happens. Or another fork.

Re:We're all really screwed if... (0)

Anonymous Coward | about 3 months ago | (#46002155)

What do you guys think of using a hosts file?

Re:buy out AdBlock (1)

TaoPhoenix (980487) | about 3 months ago | (#46002191)

Well, there's at least two - Adblock Plus and Adblock Edge, which is a fork. So it would take a few more dollars to both buy them both AND re-license it with a mean lawyer who takes out the forking permission rights!

Re:buy out AdBlock (0)

Anonymous Coward | about 3 months ago | (#46002241)

Adsuck works well.

Now the "alternative" is becoming the culprit (3, Interesting)

acidradio (659704) | about 3 months ago | (#46001847)

Many people have defected from IE due to its problems with malware and adware. Firefox, but more so Chrome seemed to be safe. So now that the awesome, "safe alternative" browser is compromised, what's next? I can't imagine there an easy fix to this. Is it time to go to yet another browser?

This is almost like how pharmaceutical scientists keep having to modify and discover new antibiotics. The current batch of drugs eventually becomes less and less effective and the bacteria become resistant, prompting us to constantly evolve the offerings.

Re:Now the "alternative" is becoming the culprit (4, Funny)

rueger (210566) | about 3 months ago | (#46001901)

I can't imagine there an easy fix to this. Is it time to go to yet another browser?

Obviously what we need to be really secure is a Open Source browser.... uh... oh... never mind....

Re:Now the "alternative" is becoming the culprit (4, Insightful)

anubi (640541) | about 3 months ago | (#46002201)

Obviously what we need to be really secure is a Open Source browser

I think you typed in jest, but I think you are still spot-on.

The biggest problem I see is all these scripting thingies where webmasters can insist you run arbitrary code in order to view their page. The magic of our legal system allows them to do all this ""hold harmless" stuff regarding anything you ingest at their site. See if this "hold harmless" talk also applies to restaurants. It won't. You eat some restaurant's food and get sick, the restaurant owner has a lot of explaining to do. If common law held anyone who insisted arbitrary code be run in order to view content - hold them liable for malcontent - this would soon stop.

Business went to our Congress over the DMCA and had really stiff penalties legally levied on anyone who violated their business model. Any chance our Congress take our computer infrastructure integrity as seriously as they take the illegal downloading of a song?

If some business made it mandatory you eat one of their candies in order to enter the business, should they be held liable if the candies they insisted on caused a diabetic to go into a coma? Or should their relationship with the U.S. Congress insulate them from liability?

The difference I see is that business will organize and put their concerns before Congress and hound them until they pass whatever legislation they want, whereas voters seem to vote for whoever has the best sound bites, and do not hold their congressmen to their campaign promises. So we end up with software we can't trust.

I rant and rave all the time here bagging on Microsoft for caving in to special interests for things like backdoors and DRM, both of which are hijackable and used to annoy the hell out of those who lack the hacking skills to pirate the damm stuff in the first place. But then, very little of this is Microsoft's doing... its just that they provide the means for others to do this.

I posted a few days ago about Micrium's stuff. ( uC/OS II). I guess the only OS I consider truly secure. Rom-able. Why this is not the standard for standalone industrial controllers is beyond me.

I get so fed up with the way we do things in these Von-Neuman ( Princeton ) architecture machines where we mix code and data. I do not think anyone can really code a secure OS where there is no hardware line of demarcation over what is OS and what is user code. Personally, I would love to see someone come up with something like the Android - running ROM - on a Harvard machine, requiring a physical jumper to re-flash its ROM. Something completely open-source so nobody is trying to hide anything about the inner workings of the OS. The OS would be like a toolbox - handling all the devices on the system. And that's all it would do. Manage the TCP/IP stack, display, keyboard, USB port, HDD files, RAM, and sound. Virus? It will have to infect an app, which now will no longer have a proper signature when its files are verified by the OS's file hasher. Bad app? Delete it. Phoning home app? It HAS to go through the OS to get to the TCP/IP stack, and the OS will rat it out.

Running arbitrary code? Go ahead with Java. In RAM. In the data space. Interpreted. It can't really do anything the OS won't let it do... and its completely helpless to overwrite the OS so it can get its way, as it cannot install the necessary jumper plug that enables the write current.

We take something so simple, and make a helluva mess out of it, just so some special interests can manipulate it at everyone else's expense. Tragedy of the Commons.

Re:Now the "alternative" is becoming the culprit (0)

Anonymous Coward | about 3 months ago | (#46003217)

I get so fed up with the way we do things in these Von-Neuman ( Princeton ) architecture machines where we mix code and data. I do not think anyone can really code a secure OS where there is no hardware line of demarcation over what is OS and what is user code. Personally, I would love to see someone come up with something like the Android - running ROM - on a Harvard machine, requiring a physical jumper to re-flash its ROM. Something completely open-source so nobody is trying to hide anything about the inner workings of the OS. The OS would be like a toolbox - handling all the devices on the system. And that's all it would do. Manage the TCP/IP stack, display, keyboard, USB port, HDD files, RAM, and sound. Virus? It will have to infect an app, which now will no longer have a proper signature when its files are verified by the OS's file hasher. Bad app? Delete it. Phoning home app? It HAS to go through the OS to get to the TCP/IP stack, and the OS will rat it out.

You should convince Microchip to port Andriod to PIC32. :P

Re:Now the "alternative" is becoming the culprit (-1)

Anonymous Coward | about 3 months ago | (#46003259)

Belajar dan diskusi forex gratis di forum forex Indonesia di : INVESINDO [invesindo.com]

Re:Now the "alternative" is becoming the culprit (1)

rueger (210566) | about 3 months ago | (#46001911)

This is almost like how pharmaceutical scientists keep having to modify and discover new antibiotics. The current batch of drugs eventually becomes less and less effective and the bacteria become resistant, prompting us to constantly evolve the offerings.

Damn - I missed your troll.......

Re: Now the "alternative" is becoming the culprit (0)

Anonymous Coward | about 3 months ago | (#46001967)

3 suggested remedies.

1. Make it mandatory to obtain a license to buy a PC. Just like a drivers license. Tablets are license free.

2. Make extensions stores and AppStore all vetted by the manufacturer. Make them responsible. Malware that slips through is insured by said manufacturer.

3. Harshly increase the financial&prison sentences and enhance persecution. Minimum 10 years prison, forfeited everything the criminal has. Real estate, cars, cash, etc; everything. Strip them naked. Currently the possible consequences are laughable compared to the profits. And governments still haven't got it that must do more to find these bastards instead of filesharers and MJ afficiados.

Re:Now the "alternative" is becoming the culprit (1)

thegarbz (1787294) | about 3 months ago | (#46002707)

No it's not. There was no security issues introduced here by Chrome, rather a simple third party extension.

If you run vanilla Chrome then you're placing your trust in only one company. It's much harder to buyout a large rich company than a single user.

Though given RSA's recent activities I don't think any software on any computer is technically safe.

its not really worth complaining. (3, Interesting)

nimbius (983462) | about 3 months ago | (#46001979)

Googles bottom line is to make advertising through its networks and its platforms as seamless and easy as possible. The only reason this model would be shunned is if its not generating appropriate revenue for google. Given the unorthodox nature of the advertisements, and the fact they circumvent per-click revenue entirely, they will probably see a crackdown.

but dont take this to imply Google cares how and when you get to see advertising. If you need proof, just try to find AdBlock Plus on the play store. google unceremoniously axed it in 2010 because the platform isnt designed to do what you want in spite of the models lucrative approach to its users as a saleable product. the ad-only vendors in Chrome will be warned to include some marketable widget or product. A cud if you will for the consumer that is their cow to chew.

Chrome is malware by design (-1)

Anonymous Coward | about 3 months ago | (#46002107)

Be in zero doubt- Google's policies for their browser, Chrome, were specifically designed to bring about this situation. Chrome is the diametric opposite of the Firefox project. Chrome exists to groom people to understand that their computers, and how they function, actually belong to Google.

Remember, Google's current mega-project, running in partnership with the US military, is the design of the software and hardware systems required to build and deploy AUTONOMOUS ROBOTIC TANKS. Google's so-called self-driving car project is but a grooming PR exercise conditioning people to more readily accept the future of US warfare. This policy is no different in method than Tony Blair's massive roll-out of fingerprint-based biometric systems in UK schools where the parents are too passive to protest or protect the rights of their children.

GOOGLE GROOMS. Read that again, and THINK! Google grooms. Google's prior project- to build the hardware and software systems used for NSA full surveillance programs- is now considered just default background activity at Google HQ. It still gets much of Google's attention, as Google works on things like face recognition and speech-to-text algorithms for the NSA to improve data indexing, data mining and data searching, but Google has vastly more evil intentions for the near future.

And note the usual vile shills here putting out the propaganda PRAISING the auto-update systems that ensure the user has as little control over their computers as possible. These vile shills jump with joy when Yahoo infects (quite deliberately) THREE MILLION non-US machines with malware, because dumb punters think their best security lies in trusting the big names, rather than using something like ad-block.

Auto-updates are specifically designed to load new NSA back-doors onto your computer. And as you have read in Snowden's documents, the more the NSA hacks, the more the NSA seeks even more ways to hack- the NSA needs ever MORE updates with ever greater numbers of attack vectors per update.

The sane user needs a good firewall, ad-block, and a little bit of common sense. The sane user CANNOT trust the concept of automatic updates, and must choose which systems they trust to update this way. The naive user can ONLY be protected with disposable sandboxes, regular back-up of essential data, and the ability to re-initialise their entire computer system when serious malware breaks through.

Re: Chrome is malware by design (1)

tleaf100 (2020038) | about 3 months ago | (#46002955)

citation demanded.and how many schools in the uk are actualy running biometrics systems.the uk public maybe lazy,stupid and many different ways of dumb,but not all of them.if you are going to try and prove that google are just another bunch of money grubbers,it helps the case if you get basic facts right.

Wipe / reinstall of the OS wouldn't have worked (1)

Tony Isaac (1301187) | about 3 months ago | (#46002133)

The author was about to try wiping the OS and reinstalling. But when he installed Chrome, it would have auto-installed the extension on the clean new OS. Just lovely.

Re:Wipe / reinstall of the OS wouldn't have worked (2)

Todd Knarr (15451) | about 3 months ago | (#46002311)

Not a problem. When you set up Chrome, as you're connecting your account you just configure sync to not sync extensions and apps. That'll prevent the auto-download of them. If you need to clean up sync'd data, it's a dance: get Chrome sync'd up, turn off sync so the local copy is disconnected from the sync'd data, go to your dashboard and clear your sync'd data, then configure what you want sync'd and reenable sync.

Re:Wipe / reinstall of the OS wouldn't have worked (0)

Anonymous Coward | about 3 months ago | (#46002359)

Or you could just use Firefox, a real open source browser. Google is malware.

Re:Wipe / reinstall of the OS wouldn't have worked (1)

Tony Isaac (1301187) | about 3 months ago | (#46002629)

You're assuming he knew it was a Chrome extension. If he wiped the OS, he would have done that because he didn't know.

chrome trojan horse (0)

Anonymous Coward | about 3 months ago | (#46002137)

and google is your friend

google and chrome suck (0)

Anonymous Coward | about 3 months ago | (#46002197)

unless you like getting ads rammed up your ass

it isnt just those (0)

Anonymous Coward | about 3 months ago | (#46002285)

but also the out-right ripoffs of popular ones like adblock.... in this regard, firefox addons > chrome 'store' by a mile. chrome may render faster but fuck this shit, google. go away already.

Is Firefox safer? (2)

Richard_J_N (631241) | about 3 months ago | (#46002293)

Specifically, can we assume that any extension loaded into Firefox via the official extensions repository, is open-source, and that someone from Mozilla is checking the extension before an update is released?

Re:Is Firefox safer? (5, Informative)

BZ (40346) | about 3 months ago | (#46002337)

You may want to read https://addons.mozilla.org/en-US/developers/docs/policies/reviews [mozilla.org] for Mozilla's policy for hosted addons. It says "will", but that page is also two years old. Those policies are in place now. The short of it is:
  1. All addons hosted by Mozilla get reviewed.
  2. Open source is not required, but source disclosure to Mozilla is.
  3. Any update to the addon triggers a new review cycle.

News flash (0)

Anonymous Coward | about 3 months ago | (#46002325)

Mose extensions, add ons and tool bars are crap... Even before the advertisers and malware guys hack their way in.

Not Just Chrome Extensions (1)

CrazyDuke (529195) | about 3 months ago | (#46002387)

I have noticed that quite a few of the free and freemium utilities out there that have been mysteriously "corrupted." For instance reputable utilities for removing or repairing PUA infestations that suddenly start including trojan payloads of their own. Others have been gutted to the point of near or complete uselessness and only act as nagware to purchase a former and quite often shady competitor's payware version instead.

Looks like FUD to me. (1)

eye_blinked (2775553) | about 3 months ago | (#46002623)

Underlying code of IE extensions too can be updated silently. Ignore browser use stats. Overall Chrome extensions have more users than IE extensions. There are more Chrome extensions that IE extensions. It's a bigger market. If you are shopping for extensions to convert which do you buy? The ones with the most users.

New Mantra (0)

Anonymous Coward | about 3 months ago | (#46002663)

Do evill only if it pays more.

Good to know (0)

Anonymous Coward | about 3 months ago | (#46002777)

I just went through my chrome extensions. When you go to Settings then Extensions, (on a chromebook anyway) there is a permissions link for each extension. I checked through mine and found a calculator I installed had access to all my tabs and my browsing history, clearly something a calculator does not need. So I clicked the trashcan icon. It's gone. I searched for a new calculator (I like on that goes up next to the box where the web address is. I clicked on a couple to install them. When you click on one that has special permissions, chrome warns you before installing. I found one that has only one special permission, to access the clipboard. I think this is reasonable, since I often paste numbers into a calculator.

Of the remaining extensions that I have installed that have special permissions, they are reasonable, for example an extension to take pictures can use the camera, a video chat extension can use the camera and microphone.

My main point is, it is actually very easy to uninstall a chrome extension, it is easy to find extensions with special permissions (and there are not that many that have them).

A few new trends upon us mere users? (2)

See Attached (1269764) | about 3 months ago | (#46002857)

One new thing is Mozilla pushing updates at me while I am using their product. As It is Saturday night, and I work in IT, i found my self working. Ok. Happens. While I am working feverishly on browser-access-to-console stuff, my browser locks up. Oh.. I was suppposed to know it was time for an update? Another is Java. Was take a remote/virtual training when the Java powered screen scraper (which worked great!! thanks NX for the Fedora compatible version!) decided that the JVM was not current (1.7_45 vs 1.7_51) and quit. SO I lost 20 minutes of class while I scrambled for a fix. Any cloud/Interweb based service could change how it works at any second,. Is this acceptible to businesses that think the sugary sweet cloud is so dreamy, but in reality its so far from a secure and predictable platform. Now this blatant demonstration of how the unwiting user is riding a rollercoaster in the dark, and fed chuff by and advertising machine that feels obligated to clamp ones eyes open like that scene from Clockwork Orange. The latest is now Verizon's Anti-Neutrality powers - http://www.csmonitor.com/Business/Saving-Money/2014/0116/Net-neutrality-ruling-How-Verizon-decision-affects-consumers [csmonitor.com] Used to be that the Internet was a path to good information, it seems as comfortable/predictable/business-ready as a funhouse..... thats not too fun. Can we start a new internet?

Blacklist Extension for Bad Extensions (0)

Anonymous Coward | about 3 months ago | (#46002941)

We need a extension to blacklist these adware & malware extensions. When someone finds then they report it and get added to the Blacklist Extension that can warn the user so they can uninstall it or prevent it from being used in the first place.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...