Thursday, November 3, 2011

Don't Use Firefox--UPDATED

Anonymous took a break from hacking police, government, and video game companies and hacked child porn servers. Unfortunately, instead of giving the data quietly to law enforcement, they just dumped it on the Internet, for the LULZ. And who knows how much of that data waa faked, fingering innocent people? The attackers already admitted that they falsely added th3j35t3r to the list of pedophiles.

But there's something new this time:
3) We secretly contacted our friends at The Mozilla Foundation™, Developers of Firefox™, for them to authorize a developer signer certificate for "The Honey Pawt", a TorButton that we Anon created to funnel all ORIGINATING traffic to our forensic logger.

That is line 24 of this announcemnt:

http://pastebin.com/hquN9kg5

If true, that makes Mozilla Anonymous' first corporate sponsor.

Don't use Firefox! When you put on your next update, you could very well be placing your computer under the control of Anonymous, or whoever else tells Mozilla an exciting story.

Mozilla has some explaining to do.

UPDATE: Mozilla has responded:
We haven't been contacted by Anonymous or received any add-on submissions matching that description. While Firefox add-ons can be digitally signed for extra security, Mozilla does not issue signing certificates to do so. All add-ons submitted to our official gallery are reviewed for security and privacy concerns, as described in our policies: https://addons.mozilla.org/en-US/developers/docs/policies/reviews

http://pastebin.com/MS2d6gAT

4 comments:

  1. Have we not yet learned that Anonymous fabricate 'stories' all the time. For example '#opcartel' - they claim a member of anonymous was kidnapped by the cartels. However they cant provide a name of the victim.

    It's clear that it's people like Barrett Brown who coincidentally has a book about anonymous coming out, simply trying to garner more attention and publicity around baseless claims, in order to sell more copies.

    ReplyDelete
  2. Official Statement:

    We haven't been contacted by Anonymous or received any add-on submissions matching that description. While Firefox add-ons can be digitally signed for extra security, Mozilla does not issue signing certificates to do so. All add-ons submitted to our official gallery are reviewed for security and privacy concerns, as described in our policies: https://addons.mozilla.org/en-US/developers/docs/policies/reviews

    ReplyDelete
  3. Given the update from Mozilla shouldn't this story be significantly updated? Although the title says "Updated" that doesn't adequately imply that the entire pretense of the original story was wrong.

    ReplyDelete
  4. Pretty good post. I just stumbled upon your blog and wanted to say that I have really enjoyed reading your blog post.
    Mozilla Firefox Technical Support

    ReplyDelete