Are Firefox Addons and Plugins Safe to Use?

Are you a fan of Firefox and other Mozilla products and enjoying every bit of what they offer? This will be an interesting question for you – Would you know if the add-ons or the plugins that you use for Firefox and other Mozilla products are safe to use?

What is that’s not so safe about them, you might ask. Here is a quick run down of some points worth considering that will tell you why those plugins and add-ons may not be safe to use.

  • The addons and plugins for many Mozilla products are not certified by Mozilla.
  • There is no central authority at Mozilla to scan through the plugins to check if the plugins and addons collect information from your system and pass it onto remote servers.
  • Plugins may not be malicious in nature but poorly coded plugins may indirectly create a security hole that can be exploited to steal information from your browser and computer.

What can you do to safeguard your information?

There are no definitive ways of doing it. You will have to use the plugins and add-ons at your own risk. Having said that, you may want to download plugins and addons from Mozilla’s Add-ons website and also search Google for any known security issues with the plugin before you choose to install them. You may also want to use anti-spyware and other such softwares to alert you when any malicious activity takes place in your computer. This will not help entirely but only mitigate the risk to certain extent and you will still be using the plugins at your own risk till someone actually detects any security issues with the plugins that you use today.

3 thoughts on “Are Firefox Addons and Plugins Safe to Use?

  1. Thats a good point. Fortunately it is possible to get the source of the plugins. Just rename the file to a zip extension (plugin.xpi becomes plugin.zip) and extract the source. Once you get the source, you can go thru it to make sure that there is no malicious stuff.

  2. Binny,
    Now that’s something you and me can do but not many others who don’t know coding ;) There are thousands of people with limited or no knowledge of any programming language but are big fans of Firefox. :) They may never be able to scan through the code to find any security issues. May be there is some other way out :) hhmm…

  3. I have been wondering about this very question and had trouble finding a definitive answer. (There should be a word for googling something incorrectly -misgoogling? ) There **should** be some central authority that passes/fails add-ons. I would think some group of people would be willing to step up and do this — there are plenty of people who volunteer their time to further the development of Linux distributions, why not this? For example: FireFTP. I’ve heard it’s decent, but how do I know some server out there doesn’t store my FTP usernames and passwords each time I use it? As Raj said, unless you know coding, you can’t verify it yourself.

    Thanks for the article.

Comments are closed.