←back to thread

Unknown Mozilla dev addon "Looking Glass 1.0.3" on browser

(support.mozilla.org)
757 points shak77 | 1 comments | 15 Dec 17 13:47 UTC | HN request time: 0s | source
Show context
blauditore ◴[15 Dec 17 16:23 UTC] No.15932880[source]
Many people seem to be shocked because Mozilla installed an add-on automatically. In my opinion, it doesn't really matter since the code is coming from Mozilla - they're building the whole browser, so they could introduce functionality anywhere. If someone distrusts their add-ons, why trust their browser at all?

The main question is what behavior is being introduced. I haven't researched deeply, but apparently the add-on does nothing until the user opts-in on studies.

replies(16): >>15932942 #>>15932953 #>>15932998 #>>15932999 #>>15933001 #>>15933342 #>>15933599 #>>15933649 #>>15933656 #>>15933806 #>>15933901 #>>15934475 #>>15934693 #>>15935133 #>>15935703 #>>15941934 #
geofft ◴[15 Dec 17 18:29 UTC] No.15933901[source]
> In my opinion, it doesn't really matter since the code is coming from Mozilla - they're building the whole browser, so they could introduce functionality anywhere. If someone distrusts their add-ons, why trust their browser at all?

An appropriate response here would be to decide that you no longer trust their browser at all.

It's hard to quantify trust exactly. I'm fine with trusting the partly-closed-source Google Chrome build, including the proprietary Chromecast, Hangouts, etc., plugins, because I believe that the people writing them are generally reasonable. I don't have a good formal proof that they're generally reasonable people, and I never will - that's why it's trust. If they start installing marketing gimmicks, certainly they have the technical ability to do that, but I will lose my trust that they're reasonable people.

Here's an analogy: I trust a small number of my friends with keys to my apartment because I think they'll make reasonable use of that access. If they decide to show up at 3 AM with a keg and three tubas without telling (let alone asking) in advance, I technically have no grounds to complain that they abused their access - but I'll certainly not be calling them friends any more.

replies(2): >>15933931 #>>15934436 #
nine_k ◴[15 Dec 17 19:43 UTC] No.15934436[source]
What do we know about marketing gimmicks hidden in Chrome? If they are not made in the form of add-ons, or if they are add-ons but Chrome has a way to hide them (as it hides Flash), we just never know. I bet Google's marketing gimmicks, if any, are not open-source either, and not included in Chromium.

Hence, as you said, the only way is to trust Google here, without much ability to verify.

replies(1): >>15934446 #
1. geofft ◴[15 Dec 17 19:44 UTC] No.15934446[source]
I have never seen marketing gimmicks in Chrome, apart from the choice of default search/new tab page.