1518140 - FF internal files protection (from malware or cryptomining exploit or whatever else...)

Status: RESOLVED WORKSFORME

(Firefox :: Untriaged, defect)

Description

[­]

Attachment: mosaic.jpg

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:64.0) Gecko/20100101 Firefox/64.0

Steps to reproduce:

Normal browsing... (or plz check my posts at https://support.mozilla.org/el/questions/1241324?fpa=1).


Actual results:

As you can see in my posts at the Mozilla Support thread:
1)Extremely high CPU usage, FF/PC hangs and TDR kernel resets along with
2)Bunch (...tons!) of raw data inside prefs*.js,webappsstore.sqlite,places.sqlite etc.
3)Thousands-WOW of pending FF crash reports/over 2300 (currently submitting) and
4)HUGE mess in my life (just like loss of my job/occupation, mental instability and many more).
*)Furthermore, I want to mention that this damn thing (issue) merely damaged my CGI board sub-system, now causing real trouble whenever I want to run a demanding 3D graphics application.


Expected results:

...or maybe, what YOU (developers) should do:
Please, somehow elevate security permissions to FF internal file system (profile files plus Program Files) so as not to be manipulated easily that way by add-ons, extensions, web pages or whatever else...
Or at least, warn the [user] that "Hey, this <file> has ...extra-terrestrial size and it is modified! Should I allow it?"
-->Just like Opera browser which blocks scripts that compromise your security when visiting a website with cryptomining or malware scripts (sorry for mentioning that).

Thank you (and please kindly forgive me for my tension),

Comment 1

[Liviu Seplecan]

Please follow those scenario:

1. Please download Firefox Nightly from here: https://nightly.mozilla.org/ and retest the problem.

..if the problem still occur, do bellow:

2. capture a performance profile - You can get more info on how to install and use the Cleopatra add-on (that helps you get the performance profile) by going to:
   https://developer.mozilla.org/en-US/docs/Mozilla/Performance/Profiling_with_the_Built-in_Profiler
   https://perf-html.io/

Note: You need to use Nightly version of Firefox in order to use Cleopatra Add-On.

Comment 2

[­]

Hello honorable,

Thank you very much for your immediate feedback & response.

I have been a <beta/alpha> tester-insider for Nightly builds for about 8 years or so...
Of course, the same issue persisted in the particular Nightly builds as well, but not anymore (thus I cannot reproduce it), since I managed to fix it (on FF Quantum+Nightly) by clearing all my history, cookies, prefs.js and so on (I know - a personal "disaster" since I have lost everything for the past 8 years-->THIS SHOULD NEVER but NEVER HAPPEN to anyone, WTF!!! :-(
Everything is back to normal again, but with a VERY HIGH "PRICE"!

Furthermore, as I have already checked on FF tasks management [about:performance] I do not notice any issues, so there is no real need to install the "Web app for Firefox performance analysis"/Cleopatra Add-On (for the time being) - thank you very much for your suggestion, though.

Anyways, to the point, as I have stated the FF Developers Team should elevate the security level of the aforementioned files (or whatever), so that no one lives what I have passed through last year...

Of course I will keep you informed to any further updates on my issue.

Thank you,

Comment 3

[Liviu Seplecan]

Thanks for your feedback, I will close this as rfm. Please feel free to reopen if the issue will reappear.

Comment 4

[­]

OK dude, no prob.
FF works like a charm for the time being!
Will keep ya up to date, of course..
Keep up da good work :-)

Thanks,