Closed Bug 354899 Opened 18 years ago Closed 15 years ago

Fx should make it obvious to users that it is protecting them from ActiveX-based spyware

Categories

(Toolkit :: Safe Browsing, enhancement)

Product:
Toolkit
Component:
Safe Browsing
Platform:
x86
Windows XP
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: jasonspiro4, Unassigned)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7

Every time you visit a website which would have loaded a rogue ActiveX control, Firefox should increment an internal counter. The contents of this counter should be shown in the Help > About dialog box:

"Firefox prevented 3 pieces of malware from infecting your computer today. Thank you for using Firefox - the safer browser."

Reproducible: Always
This would require that we be able to understand ActiveX and implement some sort of heuristic for determining whether a control is "rogue" or not. All for something that doesn't provide any real benefit and increases the browser's attack surface.
This sounds like a niche for an extension to fill to me.
Status: UNCONFIRMED → RESOLVED
Closed: 18 years ago
Resolution: --- → WONTFIX
Version: unspecified → 1.5.0.x Branch
Why would we need to be able to understand ActiveX? Certain controls are known-bad controls. I bet the authors of anti-spyware IE plugins could provide us with a list. I assume we would then just have scan the first 3-4 KB of each page to see if the URLs of any of these controls were mentioned.

And this feature would provide a benefit to our users. Many of our users use multiple PCs. By proving that Firefox is safer, this feature would encourage them to install it on all their PCs. So, it would keep our users more spyware-free. Plus, it would also encourage our users to spread the word of Firefox, which would help users' friends keep their PCs spyware-free. This would make our users happy.
Status: RESOLVED → UNCONFIRMED
Component: General → English US
Product: Firefox → Tech Evangelism
Resolution: WONTFIX → ---
Version: 1.5.0.x Branch → unspecified
Assignee: nobody → english-us
QA Contact: general → english-us
Why is this in TE? This has nothing to do with evangelising sites not to use ActiveX or anything else that TE covers. This is an RFE for the Firefox product. Moving it over there.
Assignee: english-us → nobody
Component: English US → Phishing Protection
Product: Tech Evangelism → Firefox
QA Contact: english-us → phishing.protection
I agree w/rflint, this is extension-fodder. Keeping track of this would just slow pageload down so we could brag a little? Bad karma.
Status: UNCONFIRMED → RESOLVED
Closed: 18 years ago15 years ago
Resolution: --- → WONTFIX
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.