Hacker News new | past | comments | ask | show | jobs | submit login

So now the malware edits the firefox shortcut to start it with that argument and then installs its malicious addons. That doesn't help at all.



Yeah, exactly. Malware could also just delete vanilla firefox and replace it with the developer edition. Just overlay ads over the browser window itself. Or anything else really.

Trying to protect against hostile code already running on the same computer as the browser is futile. At best, it should warn the user if suspicious modifications were made.

And it comes at such a high cost for such a narrow measure of protection.


That's a pretty weak argument. If you already have malware on your computer with enough privilege to change shortcuts then it's game over already.

This is about preventing the naïve from being tricked into manually installing malicious add-ons by a third party.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: