• United States



Firefox users are ticked after Mozilla secretly installed Mr. Robot add-on

Dec 17, 20173 mins

Firefox users are angry, questioning if Mozilla can be trusted after the Mr. Robot add-on was installed in Firefox without asking permission.

firefox logo 2017
Credit: Mozilla

If you use Firefox instead of Chrome, do you do so because you prefer Mozilla’s stance on privacy? Some loyal Firefox users and even employees were up in arms after Mozilla surreptitiously installed the add-on Looking Glass last week. It didn’t happen to all Firefox users, but the ones affected did not give the browser permission to install it.

According to a screenshot, linked from the Firefox support forum, the only description originally provided for the Looking Glass extension was: “MY REALITY IS JUST DIFFERENT THAN YOURS.”

Its sudden appearance had the user asking if the add-on was malware. The post started a rant on Hacker News. Before long, the rant had spread to other social media sites.

Although the original description for Looking Glass was both vague and cryptic, it turned out the add-on was part of a promotional campaign for the TV series Mr. Robot.

In a post about the slippery-slope Firefox was on, Drew DeVault explained:

This extension was sideloaded into browsers via the “experiments” feature. Not only are these experiments enabled by default, but updates have been known to re-enable it if you turn it off. The advertisement add-on shows up like this on your add-on page, and was added to Firefox stable. If I saw this before I knew what was going on, I would think my browser was compromised! Apparently it was a mistake that this showed up on the addon page, though — it was supposed to be silently sideloaded into your browser!

DeVault added, “Mozilla, this is not okay. This is wrong on so many levels. Frankly, whoever was in charge should be fired over this — which is not something I call for lightly.”

“Looking Glass is a collaboration between Mozilla and the makers of Mr. Robot to provide a shared world experience,” Mozilla later explained after users’ outrage was hitting the fan. The add-on was part of an alternate reality game (ARG) meant “to further your immersion into the Mr. Robot universe.”

Explanation doesn’t satisfy Firefox users 

Many users were not placated by the explanation provided in an updated description of Looking Glass, which included a how-to for turning it off. Mozilla added:

The Mr. Robot series centers around the theme of online privacy and security. One of the 10 guiding principles of Mozilla’s mission is that individuals’ security and privacy on the internet are fundamental and must not be treated as optional. The more people know about what information they are sharing online, the more they can protect their privacy.

“How can we claim to be pro-privacy while surreptitiously installing software on people’s computers?” tweeted Mozilla developer Steve Klabnik. “More importantly, how did management not see this as a problem?”

Mozilla did not address the problem in its blog, instead telling media outlets that it has not compromised its privacy principles, since the add-on never collected or shared users’ data and had to be enabled first before users could play the game.

Yeah, well, that didn’t cut it with most folks who have taken to social media to vent about how Mozilla betrayed users’ trust. Then Mozilla said it planned to move Looking Glass to its add-on store so that only those who want to play, follow clues and solve the puzzle, can install the add-on. Additionally, Mozilla added the source code to a repository on GitHub.

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.