Firefox add-on exposes users browsing history
We have received reports that a Firefox add-on is potentially exposing the full web-browsing history of its users to its back-end service. This is an issue because user data being sent is over an non-encrypted connection. The add-on in question is the popular ShowIP, which is used by hundreds of thousands. Its primary function is to show the IP address of the current website, but it also gathers other information like the hostnames, and keeps a history of the visited sites.
Naked Security has written about the security flaw after being alerted by Rob Sanders who realized that ShowIP was sending the full URL of the sites he visited to a web server at api.ip2info.org based in Germany, including secure sites using HTTPS.
“I suspect it’s the work of a very naive developer, but who knows nowadays. What bothers me most is how this code managed to get approved by the Mozilla add-on site (not once, but twice) and how it’s still there 12 days later,” Sanders said.
You May Also Like
Popular Right Now
- First Shutdown of Niagara Falls in 12,000 Years: A Rare Sight to Behold
- Former Google Engineer claims that humans will achieve immortality soon
- Romotow: The Foldable Camping Trailer Inspired By A USB Flash Drive
- LYRA: Swiss Startup Unveils AR Smart Glasses for Office Work, City Life, And Traveling
- Man Caught in China Smuggling $46K Worth of Intel CPUs Wrapped Around His Waist
- iPhone 15 Pro Max may bring thinner bezels than Xiaomi and Samsung’s latest flagships
- OpenAI's new GPT-4 with a "human-level performance" scored up to 93% on SAT exams
- iPhone SE 4 could be Apple's secret weapon to 'steal' budget customers from Samsung
- Lenovo Launches New Workstations, With Aston Martin DNA
- Ubergizmo’s Best of Mobile World Congress 2023
- TCL NXTPAPER 11 Tablet With Paper-like Screen Experience
- Nothing Phone 2 Coming To The U.S. In Late 2023
- Ubergizmo’s Best Of K-Startup @ CES
- Intel Core i9-13900T Shows Extraordinary Efficiency In Early Benchmarks
- Ubergizmo’s Top 3 MIK Products @ CES 2023
- Three LG gram Laptops For 2023. The Lightest Got Even Lighter