Mozilla has removed Avast and AVG products from the extension directory due to spying on users


Photo: palant.de   Mozilla decided to remove four extensions from its Firefox catalog that Avast and its daughter AVG created. Avast Online Security, AVG Online Security, Avast SafePrice and AVG SafePrice were deleted because they collected user data.   In addition, these extensions allowed you to view your browsing history in a browser.   Avast Online Security and AVG Online Security check sites loaded by the user. They warn the user that the resource may endanger security. Avast SafePrice and AVG SafePrice also help you make purchases on the Internet by comparing the prices of goods on different resources. In addition, they feature discount coupons.   Vladimir Palanta, who created AdBlock Plus, based on the analysis of all these products, concluded that they collect much more data than is required for work. Moreover, these extensions collect information about browsing history, and this directly contradicts the rules of Mozilla and Google. Detailed browsing profiles are uploaded to uib.ff.avast.com.   “Tracking the identifiers of the tabs and windows, as well as your actions, allows Avast to create an almost accurate reconstruction of your browser behavior: how many tabs you have open, which websites you visit and when, how much time you spend reading / viewing the content you click on and when you switch to another tab. All this allows Avast to recognize up to a unique identifier, ”he wrote.   Palanta recalled that Mozilla had been discussing about ten years ago whether security extensions really needed to collect all website addresses; the company decided that it was enough for them to simply send a hostname or hash.   Meanwhile, Avast’s privacy policy says that the company reserves the right to use the data in almost any way convenient for them, including transferring it to unnamed third parties for “trend analysis”.   Palanta points out that in 2013 Avast bought Jumpshot, a resource that collects “click data.” It offers clickthrough data from 100 million global online shoppers and 20 million global app users. Thus, through the resource, you can track what users were looking for, how they interacted with a particular brand or product, and what they bought in the end.   Avast said they were working with Mozilla to solve the problem. “The Avast Online Security extension is a security tool that protects users on the Internet, including from malicious sites and phishing attacks. For this service, you need to collect a history of visited URLs to provide the expected functionality. The necessary data is collected without saving user identifiers. We have already made a number of changes to our products to meet Mozilla requirements. Upgraded versions of extensions are being prepared for launch, which fully meet the requirements and will be more transparent for users, ”the company representative explained.   In the Chrome browser directory, products are still available to users.   Mozilla previously announced that Firefox 72 will add an option to block the collection of fingerprints to protect users from snooping. A stable browser version with this feature will be available on January 7th. The fingerprint is generated from information about the browser used, screen resolution, language, location, font, time zone and version of the device’s operating system. Blocking the collection may lead to incorrect operation of some sites. In this case, the company promised to abandon the default fingerprint blocking.   Another innovation for the browser will be the disabling of push notifications by default. Instead, an indicator appears in the address bar of Firefox 72, clicking on which you can read the notification in full.   Firefox 74 will stop supporting third-party update downloads.