Firefox angers users with alarming Mr Robot plugin

The opt-out extension led many users to believe they had been hacked

Firefox has faced backlash over its handling of a Mr Robot-themed plugin that was automatically installed on its browser over the weekend, causing concern among some users that they were being spied on by hackers.

Reddit users reported over the weekend that a mysterious extension called "Looking Glass" had been installed on their browsers without their permission, which added text to certain websites, including phrases such as "My Reality is Different Than Yours".

Unsurprisingly, this alarmed many users who suspected the extension was some type of malicious code, particularly as they were given no indication that it had been installed, nor any information as to its function.

"I just opened my add-ons tab and found an extension called "Looking Glass"," said one Reddit user. "I have no idea what it is or where it came from. I freaked out bit and uninstalled it immediately." [sic]

However, according to Firefox, the "Looking Glass" plugin was actually a collaborative effort with the team behind the Mr Robot TV series, designed as a "shared experience to further your immersion into the Mr Robot universe".

"The Mr. Robot series centres around the theme of online privacy and security," the company added, in a statement explaining the extension. "One of the 10 guiding principles of Mozilla's mission is that individuals' security and privacy on the internet are fundamental and must not be treated as optional. The more people know about what information they are sharing online, the more they can protect their privacy."

The plugin only appeared for users who had allowed Firefox to install Shield Studies, Mozilla's preferred method for testing new features ahead of a full release. Once installed, the plugin would tweak websites, such as the placement of obscure messages, to act as clues for people playing a Mr Robot-themed puzzle game.

Unfortunately, the plugin hasn't had the desired effect across the board, with some users claiming it's an example of a company abusing its position.

"In the past I was fine with Mozilla's approach to telemetry and studies, making my browser available for occasional testing/experimenting/data collection to track down bugs or measure improvements or whatever is fine," said another Reddit user.

"This is not doing any of those things. This is an advertisement. This is an abuse of the telemetry and shield studies program. If I cannot trust Mozilla to use these tools responsibly I will have to disable them and recommend my friends and coworkers do the same."

The mysterious plugin also seems to have also taken some of Mozilla's employees by surprise, as software Dan Callahan tweeted that the "Looking Glass" plugin is a "fantastic" idea, "so long as it's opt-in".

Firefox has said the extension will now be moved to its add-on store in an effort to make it clear exactly what it does, and will no longer automatically download to browsers.

Jascha Kaykas-Wolff, Mozilla's chief marketing officer, said in a statement to Gizmodo: "Real engagement also means listening to feedback. And so while the web extension/add-on that was sent out to Firefox users never collected any data, and had to be explicitly enabled by users playing the game before it would affect any web content, we heard from some of our users that the experience we created caused confusion."

"As a result we will be moving the Looking Glass add-on to our add-on store within the next 24 hours so Mr Robot fans can continue to solve the puzzle and the source can be viewed in a public repository."

Javvad Malik, security advocate at AlienValut, said that "forcefully installing ads, or enabling plugins is a big no-no" for companies like Mozilla. "While advertising is a given in today's day and age, when it comes to the authority or actions of software, ultimately the user should be able to decide."

Photo by JeanLuz / CC BY 2.0

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Leading the data race

The trends driving the future of data science

Download now

How to create 1:1 customer experiences at scale

Meet the technology capable of delivering the personalisation your customers crave

Download now

How to achieve daily SAP releases

Accelerate the pace of SAP change to support your digital strategy

Download now

Recommended

Chrome vs Firefox vs Microsoft Edge
web browser

Chrome vs Firefox vs Microsoft Edge

23 Sep 2020
Your essential guide to internet security
Security

Your essential guide to internet security

23 Sep 2020
How to enable private browsing on any device
privacy

How to enable private browsing on any device

22 Sep 2020
Third-party apps are tracking your WhatsApp activity
social media

Third-party apps are tracking your WhatsApp activity

21 Sep 2020

Most Popular

Unilever adopts Google Cloud’s complex data processing for conservation drive
big data analytics

Unilever adopts Google Cloud’s complex data processing for conservation drive

22 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020