Unreputable browser add-ons

[polhallen]

Hi all, I latest version of it but enjoyable avast antivirus alert my that cookie quick manager is a "bad reputation" add-on

I attached a screenshot

thanks

Pol

[ysard]

Hi, thank you for your report.

You can find the Avast quality charter on this link:
https://support.avast.com/en-ww/article/228/#artTitle

I challenge anyone to find a rule in this list that justifies the blacklisting of this addon.

Except maybe this one:

Installation Process:
Any software that includes third party components or software therein must provide appropriate disclosure to end users.

I use the very common Jquery and Bootstrap libraries as well as some plugins for menus and treeview.

The license is free, under GPLv3, i. e. a license that guarantees the following four fundamental rights to users:

• the freedom to execute the program, for all uses;
• the freedom to study how the program works and adapt it to their needs;
• the freedom to redistribute copies of the program;
• the freedom to improve the program and distribute these improvements to the public for the benefit of the entire community.

This addon is also compliant with the requirements of the addons.mozilla.org platform.

Personal indictment

I have been working in computer science for years and this particular software has always been a source of problems for me and for the people I help. In addition to the slowdowns caused (fortunately you can buy an SSD and a few GB of RAM to have Avast at home on a usable Windows), and the many advertising requests for the paying versions, the major problem has always been the many false positives.

This type of bloatware protects your computer from your actions, not really from external threats.

The situation is of deep concern to me when I consider that using GNU/Linux distributions would be enough to put an end to this very lucrative business of fear.

Here, it is simply a unilateral choice not based on any technical justification other than "your software is not in our whitelist". Fearing that their software will let threats pass, they prefer to block everything.

The addon is therefore by default filtered and rated (by whom?) without any audit.

If the rating is given by the simple feedback of users, then it is a huge joke since people would be asked to assess at a glance whether or not an application is secure.
However, the majority of users do not have the slightest notion of security in applications, only experts/developers are able to judge this.
Avast should therefore not have the role of a platform for rating sites or addons; however, they do that (too).

Fantastic. Avast.

Addendum & cynicism of the situation

I would add that Avast prides itself on protecting the interests of users.
This is probably why they are implementing a number of commonly used advertising tracking techniques on their own sites.

I quote from this page: https://www.avast.com/privacy-policy#f

Our websites use cookies to acquire data that may be used to determine your physical location [...], or to acquire basic information about the computer, tablet, or mobile phone that you use to visit us.

We use common information-gathering tools, such as cookies, pixel tags and Web beacons, to collect information about your general internet usage.[...]Technologies such as: cookies, beacons, tags and scripts are used by us and our marketing partners, affiliates, or analytics or service providers.
[...]
These technologies are used in analyzing trends, administering the site, tracking your movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis. You authorize us and agree that we may place cookies or tracking technologies on your device.

Here is also the edifying list of the agencies that can be found on their pages:

Google API Functionality 3 Google
Analytics analytics & tracking 1 us
AdWords retargeting 3 Google
DCM retargeting 3 Google
Optimize analytics & tracking 1 us
Hotjar analytics & tracking 1 us
Optimizely analytics & tracking 1 us
Visual Website Optimizer analytics & tracking 1 us
Facebook retargeting 3 Facebook
LinkedIn retargeting 3 LinkedIn
My Target retargeting 3 VKontakte
Outbrain retargeting 3 Outbrain
A8Fly affiliate 1 us
AXM retargeting 3 MediaMath
Commision Junction affiliate 1 us
Bing retargeting 3 Microsoft
Captera retargeting 3 Captera
Criteo retargeting 3 Criteo
Ginga retargeting 3 Signal
Softonic retargeting 3 Softonic International
SalesForce retargeting 3 salesforce.com
Sklik retargeting 3 Seznam
Hubspot CMS 1 us
Twitter retargeting 3 Twitter
SoundCloud podcasts 3 SoundCloud
Iron Source retargeting 3 Ironsource
apex__avastLocale locale switcher 1 us
apex__avgLocale locale switcher 1 us
hidemyassComLocale locale switcher 1 us
apex__language locale switcher 1 us
avgLocale locale switcher 1 us
geoip locale switcher 1 us
sat_track analyticst & tracking 1 us
consentAccepted cookie consent accepted by user 1 us

Is it really necessary to make a comment?

[ysard]

You should recheck if the alert is still present, most files (except the license and font file) have been "audited" by Avast and declared healthy (...).