Closed
Bug 1152966
Opened 9 years ago
Closed 9 years ago
Blocklist bad versions of Ad Limiter
Categories
(Toolkit :: Blocklist Policy Requests, defect)
Toolkit
Blocklist Policy Requests
Tracking
()
RESOLVED
FIXED
2015-04
People
(Reporter: jorgev, Assigned: jorgev)
References
()
Details
(Whiteboard: [qa-])
It looks like there are a bunch of bogus versions for the Ad Limiter add-on (https://addons.mozilla.org/addon/ad-limiter/). We should block everything about version 100.0.
Comment 1•9 years ago
|
||
Please provide some info on where these bogus versions are coming from. Not finding anything in Google. Is it being called something else? Thanks.
Flags: needinfo?(jorge)
Comment 2•9 years ago
|
||
Trying to get add-on version stats. The stats page https://addons.mozilla.org/en-US/firefox/addon/ad-limiter/statistics/usage/versions/?last=30 is failing with Firefox errors, because there are so many different bogus versions that the stats page blows up: SyntaxError: JSON.parse: unexpected end of data at line 1 column 444723 of the JSON data stats-min.js:6:15278 SyntaxError: JSON.parse: unexpected end of data at line 1 column 446675 of the JSON data stats-min.js:6:15278 Looking at the raw data, each bogus version seems to have a semi-random version. All valid versions are in the range 1.3 to 2.0. Bogus versions range from 2.17.71 to 1009.99.992. All bogus versions have three-number versions, while all legitimate versions have two-number versions. So please block everything below 1.3 and above 2.2 (so I can release new versions), which should get things under control until extension signing goes live. Thanks. (John Nagle/Ad Limiter). I still want to see the malware.
Assignee | ||
Comment 3•9 years ago
|
||
(In reply to John Nagle from comment #2) > Trying to get add-on version stats. The stats page > https://addons.mozilla.org/en-US/firefox/addon/ad-limiter/statistics/usage/ > versions/?last=30 > is failing with Firefox errors, because there are so many different bogus > versions that the stats page blows up: > > SyntaxError: JSON.parse: unexpected end of data at line 1 column 444723 of > the JSON data stats-min.js:6:15278 > SyntaxError: JSON.parse: unexpected end of data at line 1 column 446675 of > the JSON data stats-min.js:6:15278 I ran into the same problem and filed bug 1152965 for that. > Looking at the raw data, each bogus version seems to have a semi-random > version. All valid versions are in the range 1.3 to 2.0. Bogus versions > range from 2.17.71 to 1009.99.992. All bogus versions have three-number > versions, while all legitimate versions have two-number versions. So please > block everything below 1.3 and above 2.2 (so I can release new versions), > which should get things under control until extension signing goes live. > Thanks. (John Nagle/Ad Limiter). Okay. > I still want to see the malware. The only evidence I have of it existing are the stats. Malware is distributed in ways that can be hard to detect or reproduce, so I can't really help you on that front.
Flags: needinfo?(jorge)
Comment 4•9 years ago
|
||
Are any other add-ons showing a similar attack, with large numbers of bogus versions? That's worth a check of Mozilla's logging data. Select for any add-on with more than, say, 100 versions. A more detailed check is to check for known add-ons with versions not known to AMO. If you have that data in an SQL database, it's one SELECT statement.
Assignee | ||
Comment 5•9 years ago
|
||
Yes, there are multiple add-ons with that problem. There's no easy fix, though, and malware developers will eventually resort to using more valid-looking version numbers. The real solution to this problem is extension signing, which we will deploy later this year.
Assignee | ||
Comment 6•9 years ago
|
||
Blocked: https://addons.mozilla.org/en-US/firefox/blocked/i890 I ended up blocking 2.3 and above, to give you a bit more space.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Whiteboard: [qa-]
Target Milestone: --- → 2015-04
Comment 7•9 years ago
|
||
They got Flashblock, too. Check out the raw JSON for version usage statistics. https://addons.mozilla.org/en-us/firefox/addon/flashblock/statistics/versions-day-20150409-20150411.json Hundreds of 1000.xxx.xxx version number entries. About 5,000 installs.
Updated•8 years ago
|
Product: addons.mozilla.org → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•