Greasemonkey Insecurities

18 Jul 2005

Today's most interesting mailing list posting:

Uninstall Greasemonkey altogether. At this point, I don't trust having it on my computer at all. I would think that whoever is in charge of addons.mozilla.org should immediately remove the Greasemonkey XPI and post a large warning in its place advising people to uninstall it.

By the way, "Greasemonkey Hacks" is DEAD until we fix this. And I'm posting a big red blinking warning on every page of diveintogreasemonkey.org advising visitors to uninstall it, until all of these security holes are closed. This is why God invented the <blink> tag.

Posted on Monday, July 18, 2005 at 4:57 PM

Embed:

1 Comment

It is rather serious vulnerability which Mark found. I have blogged the details here.

Angsuman Chakraborty | July 19, 2005 9:55 AM | Reply

Leave a comment

I'm Anil Dash, and I've been blogging here since 1999, writing about how culture is made. Contact me at anil@dashes.com, at +1 646 833 8659, or at anildash on Twitter or IM. Find out more »

If you're new to the site, check out my Best Of and Most Popular things I've written in the past 10 years, or explore the full archives. Browse by month or year using the calendar below.

Powered by Hunch.com

1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009
  Jan Jan Jan Jan Jan Jan Jan Jan Jan Jan
  Feb Feb Feb Feb Feb Feb Feb Feb Feb Feb
  Mar Mar Mar Mar Mar Mar Mar Mar Mar Mar
  Apr Apr Apr Apr Apr Apr Apr Apr Apr Apr
  May May May May May May May May May May
  Jun Jun Jun Jun Jun Jun Jun Jun Jun Jun
Jul Jul Jul Jul Jul Jul Jul Jul Jul Jul Jul
Aug Aug Aug Aug Aug Aug Aug Aug Aug Aug Aug
Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep
Oct Oct Oct Oct Oct Oct Oct Oct Oct Oct Oct
Nov Nov Nov Nov Nov Nov Nov Nov Nov Nov Nov
Dec Dec Dec Dec Dec Dec Dec Dec Dec Dec