Mozilla Wrongly Accused Sothink Addon of Malware

eldavojohn writes "Mozilla has admitted to wrongly accusing Sothink of distributing a video downloader with a trojan virus as a Firefox addon. From their official blog: 'We've worked with security experts and add-on developers to determine that the suspected trojan in Version 4.0 of Sothink Video Downloader was a false positive and the extension does not include malware.' Before you go download that addon, however, keep in mind that Sothink has come under fire before for GPL violations and dishonesty."

Re:

[Anonymous Coward]

The qualifier was added only in the summary. The quoted part is just: 'We've worked with security experts and add-on developers to determine that the suspected trojan in Version 4.0 of Sothink Video Downloader was a false positive and the extension does not include malware.'

Re:

[BhaKi]

No, Linus is the reason why we have Linux. It could've been any other license.

Then it would have died a quick death. See the answer to second question in this Linus Torvalds interview. [archive.org]

Re:

[Eraesr]

Yes, let's make a special case for GPL, because we have no moral issue at all with stealing software from people who earn money working on proprietary (closed) software and feed themselves and their families with it. Damn them for earning money with writing software!

Re:

[BhaKi]

I understand your point about piracy. Pirates are committing a crime by not paying for the software they use. GPL violators, OTOH, are making money without writing code and without giving anything in return. They neither negotiate development sponsorships like RedHat nor pay royalties nor give credit. Which is a more serious crime?

Re:

[canajin56]

This is the USA, son. Committing copyright violation and selling a million illegal copies of somebody else's software is good for the economy! Pirating even one thing is you refusing your duty as a consumer! Easily 1000x as serious.

Re:

[Sancho]

GPL violators may not be making money. Pirates may make money. The whole thing is a class of violations called "copyright infringement." While making money off of the infringement may increase its severity, it's all pretty well under the same umbrella.

Within copyright infringement is the idea of the value of a work. That is, the amount that it costs to purchase or otherwise legally acquire the software. Penalties are usually assessed keeping the value of the work in mind. Proprietary software usually

Re:

[vadim_t]

It depends on how you see things.

One position is all about money. Depriving people of money is bad, if they're not earning money it's not a big deal. I strongly disagree with this one.

Another is if you see it as that copyright gives authors the ability to dictate how their work should be used, and any terms they come up with are equally valid, then all violations are bad, and both regular copyright infringement and GPL infringement are equally serious. It's not about money, it's about doing what the author

Re:

[Lunix Nutcase]

Many people voluntarily contribute to GPL'd projects without receiving anything in return.

That might be true for many of the irrelevant apps. But things like the kernel, GCC, libc, KDe, GNOME, etc are all mostly developed and maintained by people who are receiving something in return for doing so — a paycheck.

Re:

[Ardx]

It's all well and nice to apologize, but adding the qualifier makes it sound very insincere. While the company may be guilty of GPL violations, maybe it might be a smidge more tactful and graceful to remind that on a different day.

Missed the nested quotes, my bad. Thank god I don't code at this time of the morning anymore. :D

Bad news is bad news.

[geekmux]

It's all well and nice to apologize, but adding the qualifier makes it sound very insincere. While the company may be guilty of GPL violations, maybe it might be a smidge more tactful and graceful to remind that on a different day.

Yes, I'm certain the tactic of half-truth would work well on the showroom floor at Toyota dealerships.

"Hey, this guy wants to buy a new Camry. Should we tell him about the recall?"

"Nah. Wait until next week, after we get the sale and he's put enough miles on the car. Hopefully he won't have a problem with the pedals."

Sorry, but I'd rather have ALL the information up front to make a fully educated decision.

Re:

[Linuxmonger]

Sorry, but I'd rather have ALL the information up front to make a fully educated decision.

Bullshit

If you had ALL of the information to make an educated decision, you'd spend years reading the tracking information on the product, then the product wouldn't be available anymore.

I bought an EMC Clarion once, it came with hundreds of pages of documentation, which I skimmed. Two years later, we lost a couple drives, EMC replaced them, problem solved, turns out that one of the chips on the drives had a known failure, but it wasn't known at the time of manufacture.

There are hundreds of chips in your P

Re:

[Anonymous Coward]

No, not every chip, but it might be worth it to check that your computer doesn't have the components that are most likely to fail. I currently warn customers against the following components: -known defective nvidia chipsets (especially on laptops since they are on the motherboard) -seagate hard-drives that have the perpendicular writing tech (extremely high failure rate) -list of motherboards with known bad capacitors -hp home products (office are fine, but the home products are such crud that they inevit

Re:

[RebelWebmaster]

The qualifier was put in by the submitter, not TFA.

ie *

[MrShaggy]

Ms has also have been found guilty of misleading customers.

Re:

[The MAZZTer]

Intentionally misleading and making a mistake are two different things.

Trojan Virus?

[Anarke_Incarnate]

Not more of this shit again.... A Trojan Horse is NOT a virus. It IS malware, but a virus tends to replicate and trojan horses do not, on their own. A trojan horse is just a program is the infection (In that it does something other than wanted or specified, and does so intentionally)

Re:Trojan Virus?

[mamer-retrogamer]

You are waging a losing battle my friend. Just as the distinction between the terms "hacker" and "cracker" has been lost upon wider usage, "virus" has now come to mean any type of malware.

Re:

[multisync]

And "computer" is the monitor, and "hard drive" is the box on the floor, and "download" is anything you do on the computer (as in "I downloaded my printer to my hard drive but I still couldn't make a program").

Pointing out that malware can be a trojan or a virus but normally isn't both seems like a fair enough comment to make on Slashdot. I'm frankly surprised eldavojohn would use that phrase; maybe he hadn't had his coffee yet ;)

Re:Trojan Virus?

[Low Ranked Craig]

All I know is the Internet is that little blue roundish e thing on my desktop.

Re:

[commodoresloat]

that little blue roundish e thing on my desktop.

That's an ecstasy tab, dude! Paaaarty at Low Ranked Craig's place!!!!

Re:

[Anonymous Coward]

Perhaps but when I talk to my family guess what THEY DONT CARE about the distinction. They know their computer is screwed up and that a 'virus' did it. Because after the fact the results are the same to them. Their computer is messed up. They do not care that they did it or someone other program did it automatically. I then tell them if they did it to themselves or not and how to avoid it in the future. It is my job to make the distinction. You need to talk their lingo to figure out what happened if

Re:

[Hurricane78]

What gave you the idea, that we care what the general public thinks about our area of expertise?
Are you so weak, that you bow to a stream of loud idiots saying that 2+2=5?

We define what a virus is. We define what a cracker and a hacker is. Like professionals in any other profession.
There is no battle, so we can’t lose. I’m still calling anyone calling a cracker a hacker somebody who got no fuckin’ clue. Including you, if you do so. Period.

Re:

[Idiomatick]

True, but if you use words properly whilst knowing the people you are addressing will completely misunderstand you then you are being plain stubborn. ie. I doubt you'd put that you do lots of linux hacking in your spare time on a resume...

Re:

[AmberBlackCat]

I think it helps to call them all viruses. Having a thousand different names just makes things inefficient and confusing. It also helps antivirus makers sell you an antivirus and an antispyware, when there should just be one product.

Re:

[HungryHobo]

combined with the fact that trojans can be just a layer.
Simple trojan infects a machine, on it's own it does nothing but execute arbitrary code on the target.
Trojan downloads code from it's controller which is an actual virus or code for a botnet etc etc...

it's not really an important distinction since the lines have become more blured as virus writers have tended towards hybrids or outsourced different parts of the infection process to others.

Re:

[Alwin Henseler]

a virus tends to replicate and trojan horses do not, on their own.

How weird... I recently dealt with an infected system where a trojan (2 different ones, in fact) copied itself onto an USB stick, without user intervention.

IIRC a virus usually tries to replicate itself without user action, or the user noticing. A trojan OTOH 'rides along' with another program that is intentionally run by a user. So the virus may come in on its own, the trojan arrives in 'useful' program+trojan packages. After infection, the trojaned program may place executables on the system that behave l

Re:Trojan Virus?

[Spad]

These days you've got malware that is a trojan (to get onto your machine) and a virus (to spread itself to all your facebook friends, email contacts & embed itself on your USB key) and a worm (to spread itself around your LAN), which will zombie your machine to send spam and conduct DDoS attacks, keylog to steal your bank and WoW credentials and try to get you to buy fake AV software to get both your cash and personal info.

To say the lines between trojans, viruses, worms and spyware are blurry is a serious understatement.

Re:

[cerberusss]

These days you've got malware that is a trojan and a virus and a worm, which will zombie your machine.

At the risk of sounding like a Linux/Apple fanboy, "I couldn't care less".

Re:

[Anonymous Coward]

At the risk of sounding like a Linux/Apple fanboy, "I couldn't care less".

At the risk of sounding like the voice of reason, "It's still possible to get rooted by a worm on a Linux/OSX box"

Re:

[Mister Whirly]

Yes, pretending nothing could possibly happen to your machine is the very best security model I have ever heard. Run, don't walk, to the patent office and patent your idea immediately. I suggest calling it the "Ostrich Method of Securing a Computer System".

Keep your head buried down in that sand man! Ignorance is bliss!

Re:

[HellYeahAutomaton]

Whoa whoa whoa. Stealing WoW credentials is enough to get even the most complacent geek to take notice.

Re:Trojan Virus?

[Ihmhi]

In my day, a trojan horse was a goddamned wooden tank full of angry ninja soldiers.

Re:

[thetoadwarrior]

I don't care what people call it just as long as they start taking better care to protect themselves from any vulnerability.

Re:

[Shoe Puppet]

New? He's got a 0-digit ID -- as do you!

Offtopic, but regarding the tagline at the bottom

[clone53421]

In spite of everything, I still believe that people are good at heart. -- Ann Frank

Her name is Anne Frank.

Re:

[Mister Whirly]

The Nazis hauled away her "e" in the middle of the night. Nobody has heard from it since.

Re:

[arth1]

Her name is Anne Frank.

Still offtopic, but her name was Annelies Frank.
Ann Frank and Anne Frank are both valid spellings of her pet name, although we know her by the latter.

Re:

[clone53421]

Ann Frank and Anne Frank are both valid spellings of her pet name, although we know her by the latter.

Jonathon can be “Jon” or “John”. Brooklyn can be either “Brook” or “Brooke”. Annelies can be “Ann”, “Anne”, or “Annie”.

Having multiple ways to spell a nickname doesn’t make all of them correct. As far as I know, Anne Frank spelled it with the e at the end.

Still might be Malware!

[canajin56]

Whenever you use the downloader, it goes to their website to display a "Download Started" page, and passes the URL you downloaded as a parameter. Do they have logs enabled on their webserver? I dunno. Better safe than sorry though. Just use FlashGot, the GPL plugin they stole all their code from.

The False Positive problem

[ElmoGonzo]

It's even worse when a major anti-virus/internet protection application named after a pioneer of MS-DOS utilities throws a false positive and declares your CSS to be malware.