It has been revealed that a marketing stunt has left many Firefox users thinking their computers had been hacked. An add-on, called “Looking Glass 1.0.3″, has been officially installed with recent builds of Firefox. It’s an AR game that lets people play along using clues from the hit TV show Mr Robot. But it’s also a warning to software developers to not let marketing teams get too cute.
As reported at Business Insider, the add-on has a suspicious-looking description, “MY REALITY IS JUST DIFFERENT THAN YOURS”, and little other information.
The trouble is, today’s world is one where dodgy software is used by threat actors. And it’s important to note that users don’t like “bonus” software or content that is sneakily installed without their permission. Apple learned this lesson a few years ago when they added a new U2 album to everyone’s iTunes library without permission. And it could be argued that this act by the Firefox team is even worse as there was no notification and the information provided with the add-on looked dicey.
A member of the Firefox development team made this statement:
this is how this damages mozilla; actions speak louder than words pic.twitter.com/gouUhdX5Ly
— Some(@steveklabnik) (@steveklabnik) December 15, 2017
Which was later followed up with:
(╯°□°)╯︵ ┻━┻) pic.twitter.com/OiWIREd2OO
— Some(@steveklabnik) (@steveklabnik) December 15, 2017
While these sorts of things might seem like a good idea in a meeting, they rarely stand up to any close scrutiny. Software should never be installed without the knowledge of the user. Every application, no matter how well-written it is, has the potential to expand the threat surface you can be attacked through.
I think the Mozilla team breached the trust of their users in this case. What do you think?
Leave a Reply
You must be logged in to post a comment.