You are here

Ouch. How you get a virus from Firefox...

So I just now tried to download and install Firefox for my sister-in-law's computer. I did this by Googling "firefox windows download" and clicking on the first hit. The first hit was a sponsored link to "usfirefoxbrowser.com"; seemed a little strange, but what the heck. The page it took me to looked official enough at a half a glance, so I clicked on the prominent button…

Fortunately, the anti-virus software on the computer told me that there was malware in the image I was trying to run, and refused. I went to the official site at mozilla.org, installed the official Firefox after carefully checking its certificate, and was on my way. Horrible accident narrowly averted.

So what went wrong? Well, I was obviously way under-cautious. But my incaution was fueled by the fact that Google had accepted the link as a sponsored one! I can't believe they're taking money for "usfirefoxbrowser.com"; somebody has screwed up big time IMHO. It would also be nice for the Mozilla Corp. to more actively defend their trademark against this kind of thing. I hope this situation will be fixed as soon as possible, although I'm not sure exactly how to report it / who to complain to.

Once Firefox is up, it provides excellent resistance to web-borne viruses. Getting it up securely appears to be more of a bootstrap problem than I'd realized. Caveat Liberior, I guess. Fob

Group/Project: 

Comments

to blame Google. They can't accept advertising from pirates and hackers, but they do. Their claim of being altruistic was basically already destroyed before this happened. I am thinking about places like China as I write this. This is just laziness on their part - being truly good is very hard work and they would rather just get the advertising dollar.

Google, like any other large corporation, is not of a single mind on anything. The open source community has been the beneficiary of tens of millions of Google dollars over the last ten years, and I've been the grateful recipient of more than one hundred thousand, so I can't exactly condemn Google's lack of altruism.

The business unit that runs Google's advertising (aka where the money comes from), on the other hand, has made some pretty ethically questionable decisions recently, including their China policy. That said, my belief is that this is an honest screwup. As you say, that may imply "laziness" on Google's part—it would be nice if the first hit on "firefox windows download" was the mozilla.org download page—but I don't attribute it to any conscious attempt to take advertising dollars for virusware. Fob